ZebOS Network Platform NSM Command Reference Guide - AskF5

Download PDF
12 downloads 716 Views 1MB Size Report
Comment
Mar 6, 2013 ... Command Line Interface Reference Guide. Version 7.8.4 ..... Common Privileged Executive Mode Commands. ...... NSM MPLS Commands .
BIG-IP® Advanced Routing

Network Services Manager Command Line Interface Reference Guide Version 7.8.4

Publication Date This document was published on March 6, 2013.

Legal Notices Copyright Copyright 2001-2013, F5 Networks, Inc. All rights reserved. F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5 assumes no responsibility for the use of this information, nor any infringement of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent, copyright, or other intellectual property right of F5 except as specifically described by applicable user licenses. F5 reserves the right to change specifications at any time without notice.

Trademarks 3DNS, Access Policy Manager, Acopia, Acopia Networks, Advanced Client Authentication, Advanced Routing, APM, Application Security Manager, ARX, AskF5, ASM, BIG-IP, Cloud Extender, CloudFucious, CMP, Data Manager, DevCentral, DevCentral [DESIGN], DNS Express, DSC, DSI, Edge Client, Edge Gateway, Edge Portal, EM, Enterprise Manager, F5, F5 [DESIGN], F5 Management Pack, F5 Networks, F5 World, Fast Application Proxy, Fast Cache, FirePass, Global Traffic Manager, GTM, IBR, Intelligent Browser Referencing, Intelligent Compression, IPv6 Gateway, iApps, iControl, iHealth, iQuery, iRules, iRules OnDemand, iSession, IT agility. Your way., L7 Rate Shaping, LC, Link Controller, Local Traffic Manager, LTM, Message Security Module, MSM, Netcelera, OneConnect, Packet Velocity, Protocol Security Module, PSM, Real Traffic Policy Builder, ScaleN, SSL Acceleration, StrongBox, SuperVIP, SYN Check, TCP Express, TDR, TMOS, Traffic Management Operating System, TrafficShield, Transparent Data Reduction, VIPRION, vCMP, WA, WAN Optimization Manager, WANJet, WebAccelerator, WOM, and ZoneRunner, are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries, and may not be used without F5's express written consent. All other product and company names herein may be trademarks of their respective owners.

Patents This product may be protected by U.S. Patents 6,327,242; 6,374,300; 6,473,802; 6,970,733; 7,051,126; 7,102,996; 7,197,661; 7,287,084; 7,916,728; 7,916,730; 7,783,781; 7,774,484; 7,975,025; 7,996,886; 8,004,971; 8,010,668. This list is believed to be current as of November 15, 2011.

Export Regulation Notice This product may include cryptographic software. Under the Export Administration Act, the United States government may consider it a criminal offense to export this product from the United States.

RF Interference Warning This is a Class A product. In a domestic environment this product may cause radio interference, in which case the user may be required to take adequate measures.

FCC Compliance This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This unit generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case the user, at his own expense, will be required to take whatever measures may be required to correct the interference. Any modifications to this device, unless expressly approved by the manufacturer, can void the user's authority to operate this equipment under part 15 of the FCC rules.

i

Canadian Regulatory Compliance This Class A digital apparatus complies with Canadian ICES-003.

Standards Compliance This product conforms to the IEC, European Union, ANSI/UL and Canadian CSA standards applicable to Information Technology products at the time of manufacture.

Acknowledgments This product includes software developed by Bill Paul. This product includes software developed by Jonathan Stone. This product includes software developed by Manuel Bouyer. This product includes software developed by Paul Richards. This product includes software developed by the NetBSD Foundation, Inc. and its contributors. This product includes software developed by the Politecnico di Torino, and its contributors. This product includes software developed by the Swedish Institute of Computer Science and its contributors. This product includes software developed by the University of California, Berkeley and its contributors. This product includes software developed by the Computer Systems Engineering Group at the Lawrence Berkeley Laboratory. This product includes software developed by Christopher G. Demetriou for the NetBSD Project. This product includes software developed by Adam Glass. This product includes software developed by Christian E. Hopps. This product includes software developed by Dean Huxley. This product includes software developed by John Kohl. This product includes software developed by Paul Kranenburg. This product includes software developed by Terrence R. Lambert. This product includes software developed by Philip A. Nelson. This product includes software developed by Herb Peyerl. This product includes software developed by Jochen Pohl for the NetBSD Project. This product includes software developed by Chris Provenzano. This product includes software developed by Theo de Raadt. This product includes software developed by David Muir Sharnoff. This product includes software developed by SigmaSoft, Th. Lockert. This product includes software developed for the NetBSD Project by Jason R. Thorpe. This product includes software developed by Jason R. Thorpe for And Communications, http://www.and.com. This product includes software developed for the NetBSD Project by Frank Van der Linden. This product includes software developed for the NetBSD Project by John M. Vinopal. This product includes software developed by Christos Zoulas. This product includes software developed by the University of Vermont and State Agricultural College and Garrett A. Wollman. This product includes software developed by Balazs Scheidler ([email protected]), which is protected under the GNU Public License. This product includes software developed by Niels Mueller ([email protected]), which is protected under the GNU Public License. In the following statement, This software refers to the Mitsumi CD-ROM driver: This software was developed by Holger Veit and Brian Moore for use with 386BSD and similar operating systems. Similar operating systems includes mainly non-profit oriented systems for research and education, including but not restricted to NetBSD, FreeBSD, Mach (by CMU). This product includes software developed by the Apache Group for use in the Apache HTTP server project (http://www.apache.org/). This product includes software licensed from Richard H. Porter under the GNU Library General Public License (© 1998, Red Hat Software), www.gnu.org/copyleft/lgpl.html.

ii

This product includes the standard version of Perl software licensed under the Perl Artistic License (© 1997, 1998 Tom Christiansen and Nathan Torkington). All rights reserved. You may find the most current standard version of Perl at http://www.perl.com. This product includes software developed by Jared Minch. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young ([email protected]). This product contains software based on oprofile, which is protected under the GNU Public License. This product includes RRDtool software developed by Tobi Oetiker (http://www.rrdtool.com/index.html) and licensed under the GNU General Public License. This product contains software licensed from Dr. Brian Gladman under the GNU General Public License (GPL). This product includes software developed by the Apache Software Foundation (http://www.apache.org/). This product includes Hypersonic SQL This product contains software developed by the Regents of the University of California, Sun Microsystems, Inc., Scriptics Corporation, and others. This product includes software developed by the Internet Software Consortium. This product includes software developed by Nominum, Inc. (http://www.nominum.com). This product contains software developed by Broadcom Corporation, which is protected under the GNU Public License. This product contains software developed by MaxMind LLC, and is protected under the GNU Lesser General Public License, as published by the Free Software Foundation. This product includes software developed by the Computer Systems Engineering Group at Lawrence Berkeley Laboratory. Copyright ©1990-1994 Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. All advertising materials mentioning features or use of this software must display the following acknowledgement: This product includes software developed by the Computer Systems Engineering Group at Lawrence Berkeley Laboratory. 4. Neither the name of the University nor of the Laboratory may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This product includes software developed by Sony Computer Science Laboratories Inc. Copyright © 1997-2003 Sony Computer Science Laboratories Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

iii

THIS SOFTWARE IS PROVIDED BY SONY CSL AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL SONY CSL OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. This product includes the GeoPoint Database developed by Quova, Inc. and its contributors. This product includes software developed by Ian Gulliver ©2006, which is protected under the GNU General Public License, as published by the Free Software Foundation. A portion of this reference guide is copyrighted by IP Infusion, Inc. ZebOS is a registered trademark, and IP Infusion and the ipinfusion logo are trademarks of IP Infusion. All other trademarks are trademarks of their respective companies. This documentation is subject to change without notice. The software described in this document and this documentation are furnished under a license agreement or nondisclosure agreement. The software and documentation may be used or copied only in accordance with the terms of the applicable agreement. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchaser's internal use without the written permission of IP Infusion Inc. F5 Networks, Inc. (F5) believes the information it furnishes to be accurate and reliable. However, F5 assumes no responsibility for the use of this information, nor any infringement of patents or other rights of third parties which may result from its use. No license is granted by implication or otherwise under any patent, copyright, or other intellectual property right of F5 except as specifically described by applicable user licenses. F5 reserves the right to change specifications at any time without notice. All other product and company names herein may be trademarks of their respective owners.

iv

Table of Contents

CHAPTER 1 ZebOS Command Line Interface Environment . . . . . . . . . . . . . . . . . . 1 Command Line Interface Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Command Line Interface Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Command Completion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Typographic Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3 Format used for Command Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Command Negation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Variable Parameter Expansion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4 Show Command Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Output Modifiers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5 Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 Common Command Mode Tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Common Executive Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Common Privileged Executive Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9 Common Configure Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

CHAPTER 2 Commands Common to Multiple Protocols . . . . . . . . . . . . . . . . . . . . 13 access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 access-list WORD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 access-list (Extended Ranges). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 access-list (Standard Ranges) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 access-list zebos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 clear ip prefix-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 copy running-config startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30 exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31 exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .32 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33 hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34 ip policy route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35 ip prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36 ip remote-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37 ip unnumbered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38 ipv6 access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39 ipv6 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .40

iii

Table of Contents

ipv6 access-list zebos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 prefix-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 unnumbered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . line vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log record-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log stdout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match extcommunity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip address prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip next-hop prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 address prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match origin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match route-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service advanced-vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service password-encryption. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service terminal-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set aggregator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set atomic-aggregate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set comm-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set extcommunity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ip next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ipv6 next-hop. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set local-preference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set metric-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set origin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set originator-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set vpnv4 next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

iv

41 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88

Table of Contents

set weight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 show access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90 show cli . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .91 show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92 show ip prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93 show list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .94 show memory all. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .95 show memory free . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .97 show memory lib. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98 show memory summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .99 show route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100 show running-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101 show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102 show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103 terminal length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104 terminal monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105 who . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .106 write file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107 write memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 write terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109 CHAPTER 3 NSM Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111 admin-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113 arp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 clear ip route kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 clear ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 debug nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 debug nsm mcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 debug nsm mcast6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120 debug nsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 duplex. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 fib retain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 if-arbiter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125 ip access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126 ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 ip forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128 ip proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129 ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 ipv6 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131 ipv6 forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 ipv6 nd current-hoplimit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133 ipv6 nd link-mtu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134 ipv6 nd managed-config-flag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135 ipv6 nd minimum-ra-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136 ipv6 nd other-config-flag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137

v

Table of Contents

ipv6 nd prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd ra-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd ra-lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd reachable-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd retransmission-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 nd suppress-ra . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . maximum-paths. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show debugging nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip interface brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip route database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 neighbors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 route database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show nsm client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show router-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . undebug nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . undebug nsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 157 158 159 160 161 162 163 164 165 166 167

CHAPTER 4 NSM VPN Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 ip route vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 ip vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 ip vrf forwarding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 show ip route vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 show ip vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 CHAPTER 5 NSM MPLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 label-switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 mpls admin-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178 mpls disable-all-interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179 mpls egress-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 mpls enable-all-interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181 mpls ftn-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182 mpls ilm-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 mpls ingress-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 mpls l2-circuit (Configure Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 mpls-l2-circuit (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186

vi

Table of Contents

mpls l2-circuit-fib-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187 mpls l2-circuit-ftn-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188 mpls l2-circuit-ilm-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189 mpls local-packet-handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190 mpls log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191 mpls lsp-model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192 mpls lsp-tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193 mpls map-route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .194 mpls max-label-value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195 mpls min-label-value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196 mpls propagate-ttl. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197 mpls vrf-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198 show mpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199 show mpls admin-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .200 show mpls cross-connect-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201 show mpls forwarding-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202 show mpls ftn-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .203 show mpls ilm-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .204 show mpls in-segment-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .205 show mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .206 show mpls l2-circuit-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .207 show mpls log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .208 show mpls mapped-routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .209 show mpls out-segment-table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .210 show mpls vc-table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 show mpls vrf-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .212 CHAPTER 6 MPLS OAM Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 ping mpls ipv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .214 ping mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .215 ping mpls l3vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .216 ping mpls ldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .217 ping mpls rsvp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218 ping mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219 trace mpls ipv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220 trace mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221 trace mpls l3vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222 trace mpls ldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223 trace mpls rsvp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224 trace mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225 CHAPTER 7 NSM GMPLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 gmpls capability-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228 gmpls encoding-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229 gmpls interface-type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230 gmpls link-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231 gmpls local-interface-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232 gmpls min-lsp-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

vii

Table of Contents

gmpls max-lsp-size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gmpls protection-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gmpls remote-interface-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gmpls risk-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . gmpls sdh-indication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

234 235 236 237 238

CHAPTER 8 TE Link Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239 admin-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 data-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 disable-te-link-local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 enable-te-link-local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244 label-switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245 remote-link-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246 risk-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247 show bi-lsp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248 show te-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250 te-flooding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 te-link . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 te-metrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 CHAPTER 9 Control Channel Mode Commands . . . . . . . . . . . . . . . . . . . . . . . . . 255 binding interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 control-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258 show control-channel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260 CHAPTER 10 Control Adjacency Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 control-adjacency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 262 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263 show control-adjacency . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264 CHAPTER 11 IGMP Multicast Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 clear ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267 clear ip igmp group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268 clear ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 clear ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 debug igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 ip igmp access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 ip igmp immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 ip igmp join-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275 ip igmp last-member-query-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 ip igmp last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 ip igmp limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 ip igmp mroute-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 ip igmp offlink. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280

viii

Table of Contents

ip igmp proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281 ip igmp proxy-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282 ip igmp querier-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283 ip igmp query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284 ip igmp query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285 ip igmp ra-option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286 ip igmp robustness-variable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287 igmp snooping (configure mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288 ip igmp snooping (interface mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289 ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290 ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291 ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292 ip igmp snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293 ip igmp ssm-map enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294 ip igmp ssm-map static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .295 ip igmp startup-query-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .296 ip igmp startup-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297 ip igmp static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .298 ip igmp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .299 ip igmp vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300 show debugging igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301 show ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302 show ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303 show ip igmp proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .304 show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305 show ip igmp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306 CHAPTER 12 MLD Multicast Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 clear ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308 clear ipv6 mld group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309 clear ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310 debug mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312 ipv6 mld access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313 ipv6 mld immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .314 ipv6 mld last-member-query-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315 ipv6 mld last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316 ipv6 mld limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317 ipv6 mld mroute-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318 ipv6 mld proxy-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 ipv6 mld querier-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320 ipv6 mld query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321 ipv6 mld query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322 ipv6 mld robustness-variable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323 ipv6 mld snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324 ipv6 mld snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 ipv6 mld snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326

ix

Table of Contents

ipv6 mld snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld ssm-map enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld ssm-map static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 mld groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 mld snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ipv6 mld snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

327 328 329 330 331 332 333 334 335 336

CHAPTER 13 NSM Multicast Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337 clear ip mroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 clear ip mroute statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 clear ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340 clear ipv6 mroute statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 debug nsm mcast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343 ip multicast route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344 ip multicast ttl-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345 ip multicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 ipv6 multicast route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 ipv6 multicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349 show ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350 show ip mvif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352 show ip rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 show ipv6 mif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 show ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 show ipv6 rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356 CHAPTER 14 NSM Traffic Engineering Commands . . . . . . . . . . . . . . . . . . . . . . . 357 reservable-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358 CHAPTER 15 NSM DiffServ Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359 mpls class-to-exp-bit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360 mpls support-diffserv-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361 show mpls diffserv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362 show mpls diffserv class-to-exp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363 show mpls diffserv configurable-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364 show mpls diffserv supported-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 CHAPTER 16 NSM DiffServ-TE Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367 bandwidth-constraint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368 bc-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369 mpls class-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370 mpls te-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371 show mpls dste . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372 show mpls dste class-type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373

x

Table of Contents

show mpls dste te-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .374 CHAPTER 17 NSM LACP Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 channel-group mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376 port-channel load-balance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .377 show etherchannel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .378 show static-channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379 static-channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .380 CHAPTER 18 NSM VPLS Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 mpls vpls (Configure Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .382 mpls-vpls (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .383 show mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384 vpls-description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .386 vpls fib-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .387 vpls-mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .388 vpls-peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389 vpls-vc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .390 CHAPTER 19 Tunneling Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 dmac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .392 interface tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .393 tunnel checksum. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .394 tunnel destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .395 tunnel mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .396 tunnel path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .397 tunnel source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .398 tunnel tos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .399 tunnel ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .400 CHAPTER 20 Remote Monitoring Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . 401 rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402 rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403 rmon collection stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .404 rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405 show rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .406 show rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407 show rmon history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408 show rmon statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409 CHAPTER 21 Interpeak Security Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412 clear crypto isakmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .413 clear crypto sa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .414 clear crypto sa entry. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415 clear crypto sa map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .416 clear crypto sa peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417 crypto ipsec security-association lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .418 crypto ipsec transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419 crypto isakmp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .420

xi

Table of Contents

crypto isakmp keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . crypto isakmp key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . crypto isakmp policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . crypto map (Configure Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . crypto map (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . crypto map local-address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . hash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set security-association lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set session-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show crypto ipsec sa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show crypto ipsec transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show crypto isakmp policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show crypto isakmp sa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441

CHAPTER 22 QoS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443 class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 445 class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446 ip-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447 mac-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 448 match access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449 match ip-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450 match ip-precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451 match layer4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 452 match mpls exp-bit topmost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453 match vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454 match vlan-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455 mls qos (Configure Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456 mls qos (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458 mls qos aggregate-police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460 mls qos frame-type-priority-override . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461 mls qos map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462 mls qos dscp-cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 mls qos dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464 mls qos map dscp-cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465 mls qos map dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 mls qos min-reserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467 mls qos strict . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468 mls qos trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469 police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470

xii

Table of Contents

police-aggregate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .471 policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472 service-policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .473 set algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .474 set cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475 set drr-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .476 set ip-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .477 set ip-precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .478 set mpls exp-bit topmost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .479 set vlan-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .480 show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481 show mls qos aggregator-policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .482 show mls qos interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .483 show mls qos maps dscp-cos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .484 show mls qos maps dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .485 show policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .486 show qos-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .487 wrr-queue bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488 wrr-queue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .489 wrr-queue dscp-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .490 wrr-queue min-reserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .491 wrr-queue queue-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .492 wrr-queue random-detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .493 wrr-queue threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .494 CHAPTER 23 NSM Firewall Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495 access-list ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .496 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .497 firewall group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .498 firewall group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499 show firewall rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .500 CHAPTER 24 NSM Broadcom Stacking Commands. . . . . . . . . . . . . . . . . . . . . . . 501 show stacking db all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .502 show stacking dump db . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .503 show stacking local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .504 show stacking master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .505 show stacking numCPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506 stacking masterdev . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .507 CHAPTER 25

NSM Broadcom Tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 509

tunnel dmac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .509

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Index - 1

xiii

Table of Contents

xiv

CHAPTER 1

ZebOS Command Line Interface Environment

Network administrators and application developers who install and configure ZebOS® IP routing software should use this Command Line Interface (CLI) reference guide. This guide includes contains the following information: •

An overview of the ZebOS Command Line Interface



An overview of the Integrated Management Interface (IMI), including a description of both basic access and of the shell commands



A complete reference of the CLI commands used for Network Services Module (NSM) configurations

Users can launch either a TELNET or SSH session to issue the commands described in this guide.

Command Line Interface Overview The ZebOS® Command Line Interface (CLI) is a text-based facility conforming to industry standards. Many of the commands can be used in scripts to automate configuration tasks. Each CLI command is usually associated with a specific function or a common function performing a specific task. The Integrated Management Interface (IMI) Shell, or IMISH, gives users and administrators the ability to issue commands to several daemons using a single TELNET session.

Command Line Interface Help The ZebOS CLI contains a text-based help facility. Access this help by typing in a full or partial command string then typing a question mark “?”. The ZebOS CLI displays the command keywords or parameters along with a short description. For example, at the CLI command prompt, type ZebOS> show ?

(CLI does not display the question mark).

The CLI displays this keyword list with short descriptions for each keyword:

ZebOS# show debugging history ip memory route-map running-config startup-config version

Debugging functions (see also 'undebug') Display the session command history IP information Memory statistics route-map information running configuration Contents of startup configuration Displays ZebOS version

If the ? is typed in the middle of a keyword, the ZebOS CLI displays help for that keyword only. ZebOS> show de? (CLI does not display the question mark). debugging Debugging functions (see also 'undebug') If the ? is typed in the middle of a keyword, but the incomplete keyword matches several other keywords, ZebOS displays help for all matching keywords. ZebOS> show i? (CLI does not display the question mark). interface Interface status and configuration

1

ZebOS Command Line Interface Environment

ip isis

IP information ISIS information

Command Completion The ZebOS CLI can complete the spelling of a command or a parameter. Begin typing the command or parameter, then press the TAB key. For example, at the CLI command prompt type sh:

ZebOS> sh Press TAB. The CLI displays:

ZebOS> show If the command or parameter partial spelling is ambiguous, the ZebOS CLI displays the choices that match the abbreviation. Type show i and press TAB. The CLI displays: ZebOS> show i interface ip isis ZebOS> show i The CLI displays the interface and ip keywords. Type n to select interface and press TAB. The CLI displays: ZebOS> show in ZebOS> show interface Type ? and the CLI displays the list of parameters for the show interface command. ZebOS> show interface IFNAME Interface name | Output modifiers > Output redirection The CLI displays the only parameter associated with this command, the IFNAME parameter. Note:

For more information about output modifiers and output redirection, see the Show Command Tokens section.

Command Abbreviations The ZebOS CLI accepts abbreviations for commands. For example,

sh in eth0 is an abbreviation for the show interface command.

Command Line Errors Any unknown spelling variation causes the command line parser to display the error Unrecognized command in response to the ?. The parser re-displays the command as last entered. When the user presses the Enter key after typing an invalid command, the parser displays: ZebOS(config)#router ospf here ^ % Invalid input detected at '^' marker. where the ^ points to the first character in error in the command. If a command is incomplete, it displays the following message:

ZebOS> show % Incomplete command. Some commands are too long for the display line and can wrap in mid-parameter or mid-keyword, as shown below:

2

ZebOS Command Line Interface Environment

area 10.10.0.18 virtual-link 10.10.0.19 authent ication-key 57393

Definitions The following table defines the terms used in this document. Table 1: Definition of Terms Term

Description

token

A token is a non-character, non-numeric symbol: {}, {}, (), , |, ?, >, ., =

parameter

A parameter is an UPPERCASE term for which the user substitutes input.

keyword

A keyword is a lowercase term that the user types exactly as shown.

line

A line is the user input of any text string, including spaces. No other parameters may be entered after input for this token.

word

A word is the user input of any contiguous text string (excluding spaces).

Typographic Conventions The following table describes the typographic conventions that are used in this guide. Table 2: .Typographic Conventions Convention

Name

Description

Example

Monospaced font

Command

Represents command strings entered on a command line and sample source code.

show ip ospf

UPPERCASE

Variable parameter

Indicates user input. Enter values according to the description. Each uppercase token expands into one or more other tokens.

area AREAID range ADDRESS

lowercase

Keyword parameter

Indicates keywords. Enter values exactly as displayed in the command description.

show ip ospf

|

Vertical bar

Limits the choices. Select one from the list. Do not enter the bar as part of the command.

A.B.C.D|

()

Parentheses

Encloses optional parameters. Select one. Do not enter the parentheses as part of the command.

(A.B.C.D|)

{ }

Braces

Encloses optional parameters. Select none, one or more than one. Do not enter the brace as part of the command.

{priority | poll-interval }

[]

Square brackets

Encloses optional parameters. Select one. Do not enter the bracket as part of the command.

[parm2|parm2|parm3]

< >

Angle brackets

Encloses a numeric range, endpoints inclusive. Do not enter the bracket as part of the command.



=

Equal sign

Separates the variable from explanatory text. Do not enter the equal sign as part of the command.

PROCESSID =

3

ZebOS Command Line Interface Environment

Convention

Name

Description

Example

A.B.C.D

IP address

An IPv4-style address

10.0.11.123

X:X::X:X

IP address

An IPv6-style address

3ffe:506::1 where the:: is all the zeros for address components not explicitly given.

Format used for Command Description The following describes the format used when describing each command in this document. Table 3: Command Description Formats Format

Description

Command Name

Describes the command, what the command does and when should it be used

Command Syntax

Displays the syntax of each command

Parameters

Defines parameters and options within each command syntax

Default

Displays the status of the command before it is executed

Command Mode

Displays the name of the command mode in which this command is used. Examples include Exec or Configure modes

Example

Displays an example of the command being executed and the complexities of the command syntax

Related Commands

Lists the commands that are of immediate importance

Command Negation Many commands can be negated using the no keyword. Depending on the command or the parameters, some command negation can disable one feature or a feature for a specific ID, interface, address or other identifier. However, some negation is for the base command only; thus, the negated form does not take a parameter.

Variable Parameter Expansion For some commands, an IP address or a number in a given range can replace a parameter. For example: area AREAADDRESSID virtual-link ROUTERID (AUTHENTICATE|MSGD|INTERVAL) AREAADDRESSID=A.B.C.D| Therefore, the following is the minimum command for the ROUTERID by an IP address:

area 10.10.0.11 virtual-link 10.10.0.12 Users can only choose an optional parameter in the string [AUTHENTICATE|MSGD|INTERVAL]. In addition, users can replace a parameter by a keyword or parameter. For example, the following string replaces the MD5 parameter: MD5= [message-digest-key md5 MD5_KEY] with MD5_KEY replaced by a 1-16 character string.

4

ZebOS Command Line Interface Environment

Show Command Tokens Users can use two tokens to modify the output of a show command. Enter a question mark to display these tokens: ZebOS# show users ? | Output modifiers > Output redirection

Output Modifiers Users can type the | (vertical bar character) to use output modifiers. For example: ZebOS>show rsvp | ? begin exclude include redirect

Begin with the line that matches Exclude lines that match Include lines that match Redirect output

Begin Parameter The begin parameter displays the output beginning with the first line containing a token matching the input string (everything typed after the begin token). For example: ZebOS# show run | begin eth1 ...skipping interface eth1 ipv6 address fe80::204:75ff:fee6:5393/64 ! interface eth2 ipv6 address fe80::20d:56ff:fe96:725a/64 ! line con 0 login ! end

Exclude Parameter The exclude parameter excludes all lines of output that contain the input string. In the following output example, all lines containing the word “include” are excluded: ZebOS# show interface eth1 | exclude input Interface eth1 Scope: both Hardware is Ethernet, address is 0004.75e6.5393 index 3 metric 1 mtu 1500 VRF Binding: Not bound Label switching is disabled No Virtual Circuit configured Administrative Group(s): None DSTE Bandwidth Constraint Mode is MAM inet6 fe80::204:75ff:fee6:5393/64 output packets 4438, bytes 394940, dropped 0

5

ZebOS Command Line Interface Environment

output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0

Include Parameter The include parameter includes only those lines of output that contain the input string. In the output below, all lines containing the word “input” are included: ZebOS# show interface eth1 | include input input packets 80434552, bytes 2147483647, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 1, missed 0

Redirect Parameter The redirect parameter puts the lines of output into the indicated file. ZebOS# show history | redirect /var/frame.txt In addition, the output redirection token (>) allows the user to specify a target file for the lines of output. ZebOS# show history >/var/frame.txt Note:

To modify the lines displayed for any Show command in this guide, use the | (vertical bar) output modifier token; to save the output to a file, use the > (right arrow) output redirection token.

Command Modes Commands available for each protocol separate into several modes (or nodes) and are arranged in a hierarchy. Each mode has its own special commands. Table 4: Command Modes Name

Description

Exec Mode

Also called the View mode, this mode the first mode to appear after logging in to the CLI. It is a base mode from where users can perform basic commands, such as show, exit, quit, help, list, and enable.

Privileged Exec Mode

Also called the Enable mode, it allows users to run additional basic commands, such as debug, write (for saving and viewing the configuration) and show commands.

Configure Mode

Also called Configure Terminal mode, it allows users to run configuration commands and to serve as a gateway into the Interface, Router, Line, Route Map, Key Chain and Address Family modes.

Interface Mode

Is used to configure protocol-specific settings for a particular interface. Any attribute configured in this mode overrides an attribute configured in the Router mode.

Line Mode

Is used to make the access-class commands available.

6

ZebOS Command Line Interface Environment

Common Command Mode Tree The diagram displays the common command mode tree.

Figure 1: Common Command Mode Tree

Common Executive Mode Commands The following are the common Executive Mode commands across multiple protocol daemons. Refer to the ZebOS Network Platform NSM Command Reference for information about using these commands. Table 5: Common Exec Mode commands Command Name

Use this command to

clear

resist the functionality of a variety of modules

debug

debug a variety of modules

enable

enter the Privileged Exec mode

exit

leave the current mode, or logout of the session

hardware

display the register value from the register

help

display online text assistance

logout

exit from the ZebOS CLI

7

ZebOS Command Line Interface Environment

Command Name

Use this command to

ping

send a ping request

quit

leave the current mode

route-map

enter the route-map mode and to permit or deny match/set operations

reset

reset log-related command

rmon

set the remote monitoring debugging feature

show application-priority

display Application-Priority interface information

show arp

display Internet Protocol (IP)

show cli

display the CLI tree of the current mode

show dot1x

display IEEE 802.1X Port-Based Access Control

show list

display a list of all commands in the current mode

show history

display all commands used in a session

show ip protocols

display the IP routing protocol process parameters and statistics

show privilege

display the current privilege level

show rmon

display the Remote Monitoring Protocol (RMON) information

show route-id

display the route-ID information

show users

display information about terminal lines

show user-priority

display the default user priority associated with the layer2 interface

show version

display the current ZebOS version

terminal length

set the number of lines in a terminal display

terminal monitor

display debugging information on a monitor

traceroute

enable the traceroute commands

undebug

disable the debugging feature

8

ZebOS Command Line Interface Environment

Common Privileged Executive Mode Commands The following are the common Privileged Executive Mode commands across multiple protocol daemons. Enter this mode by typing enable from the Executive mode. See the ZebOS Network Platform Command Line Interface Reference Guide for information about using these commands. Table 6: Common Privileged Exec Mode Commands Command Name

Use this command to

clear ip prefix-list

clear the IP prefix-list

configure terminal

enter the Configure Terminal mode. You must me in the Privilege Executive mode to issue this command

copy running-config startup-config

copy the current running configuration to the startup configuration file

disable

exit Privileged Exec mode

end

leave the current mode

exit

leave the current mode, or logout of the session

hardware

display the register value from the register

help

display online text assistance

login

Login to a particular virtual router context

logout

exit from the ZebOS CLI

mstat

show the statistics after multiple multicast traceroutes

mtrace

trace a multicast path from source to destination

ping

send a ping request

quit

leave the current mode

reset

reset the log related command

rmon

set the remote monitoring debugging feature

show access-list

display the list of IP access lists

show application-priority

display the Application-Priority interface information

show arp

display the Internet Protocol (IP)

show cli

display the CLI tree of the current mode

show dot1x

display the IEEE 802.1X Port-Based Access Control

show faults

display the recorded faults

show list

display a list of all commands in the current mode

show history

display all commands used in a session

9

ZebOS Command Line Interface Environment

Command Name

Use this command to

show ip prefix-list

display the prefix list entries

show ip protocols

display the IP routing protocol process parameters and statistics

show privilege

display the current privilege level

show rmon

display the Remote Monitoring Protocol (RMON) information

show route-id

display the route-ID information

show route-map

display user readable route-map information

show running-config

display the current configuration

show startup-config

display the startup configuration (from storage)

show users

display information about terminal lines

show user-priority

display the default user priority associated with the layer2 interface

show version

display the current ZebOS version

telnet

open a TELNET connection

terminal length

set the number of lines in a terminal display

terminal monitor

display debugging on a monitor

trace

enable the trace commands

traceroute

enable the traceroute commands

undebug

disable the debugging feature

write file

write the current configuration file

write memory

write the current configuration file to non-volatile memory

write terminal

display current configurations to the VTY terminal

Common Configure Mode Commands The following are the common Configure Mode commands across multiple protocol daemons. Enter this mode by typing configuration terminal from the Privileged Executive mode. Refer to the ZebOS Network Platform NSM Command Line Interface Reference Guide for information about using these commands. Table 7: Common Configure Mode Commands

Command Name

Use this command to

access-list

configure an access-list for filtering packets

arp

configure an address resolution protocol

10

ZebOS Command Line Interface Environment

Command Name

Use this command to

banner

toggle the display of the banner text

clear ip prefix-list

clear the IP prefix-list

do

run an exec-level command from the config mode

enable password

change the password for the enable command

exit

leave the current mode, or logout of the session

help

display online text assistance

hostname

set or change network server name

ip prefix-list

create an entry for a prefix list

ipv6 access-list

configure an access-list for filtering frames

ipv6 prefix-list

create an entry for an IPv6 prefix list

line vty

enter Line mode

list

list all commands for a mode

log file

specify the file that collects logging information

log record-priority

specify the logging of the priority of a message

log stdout

begin logging information to the standard output

log syslog

begin logging information to the system log

log trap

limit logging to a specified level or type

mac

configure a MAC access list

mac-access-list

configure a MAC access list for QOS (quality of service)

mac-address-table

configure spanning tree group commands

max-fib-routes

set the maximum number of FIB (forwarding information base) routes

max-static-routes

set the maximum number of static routes

maximum-access-list

set the maximum number of access-list entries

maximum-paths

set the multipath numbers installed to FIB

ospf

set the Open Shortest Path First (OSPF) commandoes

radius-server

set the RADIUS server configuration commands

rip

set the Routing Information Protocol (RIP) commands

rmon

set the remote Monitoring Protocol (RMON) commands

route-map

enter the route-map mode and to permit or deny match/set operations

router-id

set the router identifier for this system

11

ZebOS Command Line Interface Environment

Command Name

Use this command to

rsvp-bypass

set the Bypass Tunnel for the RSVP

service advanced-vty

set the VTY session to Privileged Exec mode instead of the Exec mode (which is the default)

service password-encryption

specify encryption of passwords

service terminal-length

set the terminal length for VTY sessions

set port

set the port information for a Layer2 interface

show access-list

display the list of IP access lists

show cli

display the CLI tree of the current mode

show list

displays a list of all commands in the current mode

show running-config

display the current configuration

snmp

configure SNMP information

undebug

disable the debugging feature

username

establish the user name authentication

virtual-router

set a virtual-router configuration

vlan

configure VLAN parameters

12

CHAPTER 2

Commands Common to Multiple Protocols

This chapter provides an alphabetized reference of all the commands common to multiple NSM protocols. It includes the following commands: •

access-class on page 16



access-list WORD on page 17



access-list (Extended Ranges) on page 18



access-list (Standard Ranges) on page 19



access-list zebos on page 20



banner on page 22



clear ip prefix-list on page 23



configure terminal on page 24



copy running-config startup-config on page 25



description on page 26



disable on page 27



enable on page 28



enable password on page 29



end on page 30



exec-timeout on page 31



exit on page 32



help on page 33



hostname on page 34



ip policy route-map on page 35



ip prefix-list on page 36



ip remote-address on page 37



ip unnumbered on page 38



ipv6 access-class on page 39



ipv6 access-list on page 40



ipv6 access-list zebos on page 41



ipv6 prefix-list on page 43



ipv6 unnumbered on page 44



line vty on page 45



log file on page 46



log record-priority on page 47



log stdout on page 48



log syslog on page 49



log trap on page 50

13

Commands Common to Multiple Protocols

14



login on page 51



match as-path on page 52



match community on page 53



match interface on page 55



match ip address on page 56



match ip address prefix-list on page 57



match ip next-hop on page 58



match ip next-hop prefix-list on page 59



match ipv6 address on page 60



match ipv6 address prefix-list on page 61



match ipv6 next-hop on page 62



match metric on page 63



match origin on page 64



match route-type on page 65



match tag on page 66



password on page 67



route-map on page 68



service advanced-vty on page 69



service password-encryption on page 70



service terminal-length on page 71



set aggregator on page 72



set as-path on page 73



set atomic-aggregate on page 74



set comm-list on page 75



set community on page 76



set dampening on page 77



set extcommunity on page 78



set ip next-hop on page 79



set ipv6 next-hop on page 80



set level on page 81



set local-preference on page 82



set metric on page 83



set metric-type on page 84



set origin on page 85



set originator-id on page 86



set tag on page 87



set vpnv4 next-hop on page 88



set weight on page 89



show access-list on page 90

Commands Common to Multiple Protocols



show cli on page 91



show history on page 92



show ip prefix-list on page 93



show list on page 94



show memory all on page 95



show memory free on page 97



show memory lib on page 98



show memory summary on page 99



show route-map on page 100



show running-config on page 101



show startup-config on page 102



show version on page 103



terminal length on page 104



terminal monitor on page 105



who on page 106



write file on page 107



write memory on page 108



write terminal on page 109

15

Commands Common to Multiple Protocols

access-class Use this command to filter a connection, based on an IP access list for IPv4 networks. Use this command after configuring the access-list. Note:

This command is unavailable to ZebOS Network Platform customers using the IMISH (IMI shell) for CLI management. To control access from the network/ hosts, IMISH administrators must change system files, such as, /etc/host.allow and /etc/hosts.deny.

Command Syntax access-class LIST

Parameter LIST

IP access-list.

Command Mode Line mode

Example ZebOS#configure terminal ZebOS(config)#line vty 23 55 ZebOS(config-line)#access-class myclass1 Related Commands access-list, ipv6 access-class

16

Commands Common to Multiple Protocols

access-list WORD Use the access-list command to configure an access-list name to filter packets. This command controls the transmission of packets on an interface and restricts the contents of routing updates. The switch stops checking the access list after a match occurs. When using this command from a TELNET session, be sure to TELNET to the relevant protocol daemon (for example, isisd); unpredictable results can occur if this command is used in a TELNET session with the NSM daemon. The priority of an access-list is based on the order in which the access-list command was configured. For example: •

If the user configures the Prefix ACL as “deny,” the label does not advertise to any peer.



If the user configures the Prefix ACL as “no-match,” then it applies the next advert-list. This is interpreted as continue.



If the user configures the Prefix ACL as “permit” and there is a peer ACL, then the label advertises to all peers permitted by the peer ACL.



If the user configures the Prefix ACL as “permit,” but the peer prefix is “none,” then the label advertises to all peers.

Use the no parameter to remove a specified access-list.

Command Syntax access-list WORD [deny|permit] [a.b.c.d/m|any|exact-match|remark LINE] no access-list WORD [deny|permit] [a.b.c.d/m|any|exact-match|remark LINE]

Parameters WORD

IP ZebOS access-list name

deny

Specify route to reject.

permit

Specify route to permit.

A.B.C.D/M

An IP address and mask specifying which part of the IP address will be ignored.

any

Allows any IP address or prefix to match.

exact-match Specify an exact matching of prefixes. remark LINE

Access list entry comment. Multi-line, access-list entry comment up to 100 characters.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#access-list mylist deny 10.10.0.72/24 exact-match ZebOS(config)#access-list mylist permit any Validation Commands show running-config, show ip access-list, show ipv6 access-list

17

Commands Common to Multiple Protocols

access-list (Extended Ranges) Use this command with the extended ranges to configure an access list for filtering packets. When using this command from a TELENT session, be sure to TELENT to the relevant protocol daemon (for example, isisd); unpredictable results can occur if this command is used in a TELNET session with the NSM daemon. The priority of an access-list is based on the order in which the access-list command was configured. For example: •

If the user configures the Prefix ACL as “deny,” the label does not advertise to any peer.



If the user configures the Prefix ACL as “no-match,” then it applies the next advert-list. This is interpreted as continue.



If the user configures the Prefix ACL as “permit” and there is a peer ACL, then the label advertises to all peers permitted by the peer ACL.



If the user configures the Prefix ACL as “permit,” but the peer prefix is “none,” then the label advertises to all peers.

Use the no parameter to remove a specified access-list.

Command Syntax access-list [|] [deny|permit] IP [A.B.C.D|any|host|remark LINE] no access-list [|] [deny|permit] IP [A.B.C.D|any|host|remark LINE]

Parameters

IP extended access list.



IP extended access list (expanded range).

deny

Specify route to reject.

permit

Specify route to permit.

IP

Specify any Internet Protocol. A.B.C.D

An IP address and mask specifying which part of the IP address will be ignored.

any

Allows any IP address or prefix to match.

host

Specify a single source host.

remark LINE

Access list entry comment. Multi-line, access-list text entry up to 100 characters.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#access-list 134 deny ip 1.1.1.0 0.0.0.255 any ZebOS(config)#access-list 1340 deny 1.1.1.0 0.0.0.255

Validation Commands show running-config, show ip access-list, show ipv6 access-list

18

Commands Common to Multiple Protocols

access-list (Standard Ranges) Use this command with the standard ranges to configure an access list for filtering packets. When using this command from a TELENT session, be sure to TELENT to the relevant protocol daemon (for example, isisd); unpredictable results can occur if this command is used in a TELNET session with the NSM daemon. The priority of an access-list is based on the order in which the access-list command was configured. For example: •

If the user configures the Prefix ACL as “deny,” the label does not advertise to any peer.



If the user configures the Prefix ACL as “no-match,” then it applies the next advert-list. This is interpreted as continue.



If the user configures the Prefix ACL as “permit” and there is a peer ACL, then the label advertises to all peers permitted by the peer ACL.



If the user configures the Prefix ACL as “permit,” but the peer prefix is “none,” then the label advertises to all peers.

Use the no parameter to remove a specified access-list.

Command Syntax access-list [|] [deny|permit] IP [A.B.C.D|any|host|remark LINE] no access-list [|] [deny|permit] IP [A.B.C.D|any|host|remark LINE]

Parameters

IP standard access list



IP standard access list (expanded range).

deny

Specify route to reject.

permit

Specify route to permit.

A.B.C.D

An IP address and mask specifying which part of the IP address will be ignored.

any

Allows any IP address or prefix to match.

host

Specify a single source host.

remark LINE

Access list entry comment. Multi-line, access-list entry comment up to 100 characters.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#access-list 67 deny 1.1.1.0 0.0.0.255 ZebOS(config)#access-list 13 permit any Validation Commands show running-config, show ip access-list, show ipv6 access-list

19

Commands Common to Multiple Protocols

access-list zebos Use this command to configure an access list for filtering frames that permit or deny multiple IANA protocols. An access list controls the transmission of packets on an interface, and restricts the content of routing updates. The switch stops checking the access list when a match is encountered. Some protocols are identified by name, such as IP, GRE, or TCP packets. Other are identified by a number in the range of . Use a mask to specify a subset of addresses. Use the any option to allow all packets. The priority of an access-list is based on the order in which the access-list command was configured. For example: •

If the user configures the Prefix ACL as “deny,” the label does not advertise to any peer.



If the user configures the Prefix ACL as “no-match,” then it applies the next advert-list. This is interpreted as continue.



If the user configures the Prefix ACL as “permit” and there is a peer ACL, then the label advertises to all peers permitted by the peer ACL.



If the user configures the Prefix ACL as “permit,” but the peer prefix is “none,” then the label advertises to all peers.

Use the no option with any of the access-list zebos command variants to remove a specified access-list.

Command Syntax access-list ZebOS (WORD)) [deny|permit] [ip|gre|igmp|pim|rsvp|ospf|vrrp|ipcomp|icmp icmp-type|any|] [A.B.C.D/M|any] [A.B.C.D|M/any] [label |precendence |tos |range |pkt-size lt|gt |range ] [fragments|log|interface] [in|out] udp [et|lt|gt|ne] no access-list ZebOS (WORD)) [deny|permit] [ip||gre|igmp|pim|rsvp|ospf|vrrp|ipcomp |icmp Icmp-type|any|] [A.B.C.D/M|any] [A.B.C.D|M/any] [label |precendence |tos |range |pkt-size lt|gt |range ] [fragments|log|interface] [in|out] udp [et|lt|gt|ne]

Parameters WORD

ZebOS access-list name.

deny

Specify route to deny.

permit

Specify route to permit.



Use a number that identifies a protocol other than one of the named protocol.

any

Specify any packet.

gre

Specify GRE packet.

icmp

Specify ICMP packet.

icmp-type Specify ICMP type.

20

igmp

Specify Internet Group Management Protocol packet.

ip

Specify IP packet.

ipcomp

Specify ICOMP packet.

ospf

Specify Open Shortest Path First packet.

pim

Specify Protocol Independent Multicast packet.

Commands Common to Multiple Protocols

rsvp

Specify Resource ReserVation Protocol packet.

vrrp

Specify Virtual Router Redundancy Protocol packet.

A.B.C.D

Source IP address.

A.B.C.D/M

Source IP address and mask.

any

Source any local address.

A.B.C.D

Destination IP address.

A.B.C.D/M

Destination IP address and mask.

any

Destination any local address.

fragments

Access-list command applies to non-initial fragment of packet.

interface

Name of the input or output interface.

label

User-defined value that identifies an application.

log

Log the results.

pkt-size

Packet size.

precedence

Packet filter precedence level .

tos

Type of service (ToS) value; also used to filter packets. Enter either a value of or a range of values .

lt|gt

Packet size less than or greater than specified value.

range

A range of type of service values. The first value is the beginning of the range and the second value is the end of the range .

in|out

When the log option is selected, specify input or output interface. UDP packet

udp et

Source and destination port numbers equal to the given value. Only used with UDP.

lt

Source and destination port numbers less than the given value. Only used with UDP.

gt

Source and destination port numbers greater than the given value. Only used with UDP.

ne

Source and destination port numbers not equal to the given value. Only used with UDP.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#access-list zebos tk deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log

21

Commands Common to Multiple Protocols

banner Use the banner command to display the banner motive of the day on login. When using the banner command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new banner) is not available when you log into IMISH the next time. By default, the following banner is displayed on logging.

Hello, this is ZebOS(version 4.0051502-Main). Copyright 2001, 2002 IP Infusion Inc. Use the no parameter to disable this function.

Command Syntax banner motd default no banner motd

Parameters motd

Sets the message of the day banner

LINE

Specify a custom string.

default

Specify a default string.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#banner motd default ZebOS#configure terminal ZebOS(config)#no banner motd

22

Commands Common to Multiple Protocols

clear ip prefix-list Use this command to reset the hit count to zero in the prefix-list entries.

Command Syntax clear ip prefix-list (WORD) (A.B.C.D/M)

Parameters WORD

Specify the name of the prefix-list.

A.B.C.D/M

IP prefix and length.

Command Mode Configure mode

Example ZebOS#clear ip prefix-list List1

23

Commands Common to Multiple Protocols

configure terminal Use the configure terminal command to enter the Configure command mode.

Command Syntax configure terminal

Parameters None

Command Mode Privileged Exec mode

Example The following example shows the use of the configure terminal command to enter the Configure command mode (note the change in the command prompt).

ZebOS#configure terminal ZebOS(config)#

24

Commands Common to Multiple Protocols

copy running-config startup-config Use the copy running-config startup-config to write configurations to the file to be used at startup. This is the same as the write memory command.

Command Syntax copy running-config startup-config

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#copy running-config startup-config Building configuration... [OK] ZebOS#

25

Commands Common to Multiple Protocols

description Use this command to provide an interface-specific description. Use the no parameter to disable this function.

Command Syntax description LINE no description

Parameter LINE

Characters describing the specific interface.

Command Mode Interface mode

Examples The following example provides information about the connecting router for interface eth1.

Router#configure terminal Router(config)#interface eth1 Router(config-if)#description Connected to Zenith's fas2/0

Validation Commands show running-config

26

Commands Common to Multiple Protocols

disable Use this command from to exit the Privileged Exec mode and return to the Exec mode. This is the only command that allows a user to go back to the Exec mode. Using the exit or quit command from the Privileged Exec mode ends the session; they do not go back to the Exec mode.

Command Syntax disable

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#disable ZebOS> Related Commands enable, end, exit

27

Commands Common to Multiple Protocols

enable Use the enable command to enter the Privileged Exec command mode.

Command Syntax enable

Parameters None

Command Mode Exec mode

Example The following example shows the use of the enable command to enter the Privileged Exec mode (note the change in the command prompt).

ZebOS>enable ZebOS#

Related Commands disable, exit, quit

28

Commands Common to Multiple Protocols

enable password Use the enable password command to modify or create a password to be used when entering the Enable mode. There are three methods to enable a password:

Plain Password The plain password is a clear text string that appears in the configuration file as configured.

Encrypted Password An encrypted password encrypts a password. First, use the enable password command to create a password. Then, use the service encrypted-password command to encrypt the specified string. An encrypted password does not display in the configuration file; instead, it displays the encrypted string. Note:

See service password-encryption on page 70 for more information on hidden passwords

Hidden Password A hidden password also encrypts a password; however, you do not need the service password-encryption command for this method. Use this method if you know the encrypted string of the plain text string that you want to use as a password. The output in the configuration file displays only the encrypted string and not the text string Note:

When using the enable password command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new password) is not available when you log into IMISH the next time.

Use the no parameter to disable the password.

Command Syntax enable password [8|LINE] no enable password [LINE]

Parameters

Note:

8

Specify that a hidden password will follow.

line

Specify the hidden enable password string.

Password can be an alpha-numeric string up to 80-characters, including spaces. The string cannot begin with a number.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#enable password mypasswd ZebOS#configure terminal ZebOS(config)#enable password 8 fU7zHzuutY2SA

Related Commands service password-encryption

29

Commands Common to Multiple Protocols

end Use the end command to return to the Privileged Exec command mode from any other advanced command mode.

Command Syntax end

Parameters None

Command Mode All command modes

Example The following example shows the use of the end command to return to the Privileged Exec mode directly from Interface mode.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#end ZebOS#

Related Commands exit, disable, enable

30

Commands Common to Multiple Protocols

exec-timeout Use this command to set the interval the command interpreter waits for user input detected. That is, this sets the time a telnet session waits for an idle VTY session before it times out. A value of zero minutes and zero seconds (0 and 0) causes the telnet session to wait indefinitely. Use the no parameter to disable the wait interval.

Command Syntax exec-timeout [MINUTES|SECONDS] no exec-timeout

Parameters MINUTES

Indicate the timeout value in minutes .

SECONDS

Indicate the timeout value in seconds .

Command Mode Line mode

Example In the following example, the telnet session will timeout after 2 minutes, 30 seconds if there is no response from the user.

Router#configure terminal Router(config)#line vty 23 66 Router(config-line)#exec-timeout 2 30

Validation Commands show running-config

31

Commands Common to Multiple Protocols

exit Use the exit command to exit the current mode and return to the previous level. When used in Exec mode or Privilege Exec mode, this command terminates the session.

Command Syntax exit

Parameters None

Command Mode All command modes

Examples The following example shows the use of exit command to exit Interface mode, and return to Configure mode.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#exit ZebOS(config)#

Related Commands end, enable, disable

32

Commands Common to Multiple Protocols

help Use the help command to display a description of the ZebOS help system.

Command Syntax help

Parameters None

Command Mode All command modes

Example This is the sample output from the help command:

ZebOS#help ZebOS VTY provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. Two styles of help are provided: 1. Full help is available when you are ready to enter a command argument (e.g. 'show ?') and describes each possible argument. 2. Partial help is provided when an abbreviated argument is entered and you want to know what arguments match the input (e.g. 'show me?'.)

33

Commands Common to Multiple Protocols

hostname Use this command to set or change the network server name. ZebOS daemons use this name in system prompts and default configuration filenames. This command provides a hostname for login purposes, only. A hostname could be added for each remote system with which the local router communicates and from which it requires authentication. The other router must have a hostname entry for the local router. This entry must have the same password as the local router. This command is useful for defining host names for special privileges. For example, a hostname all requiring no password could be created allowing the users to connect to general information without a password. Setting a hostname using this command takes precedence over setting a hostname in the kernel. If you set the hostname using the CLI, and then set the hostname in the kernel, the hostname set using the CLI remains. Note:

When using the hostname command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new hostname) is not available when you log into IMISH the next time.

Use the no parameter to disable this function.

Command Syntax hostname WORD no hostname WORD

Parameter WORD

This network name for a system.

Command Mode All command modes

Example The following example sets the hostname to IPI, and shows the change in the prompt:

ZebOS#configure terminal ZebOS(config)#hostname IPI IPI(config)#

Validation Commands show running-config

34

Commands Common to Multiple Protocols

ip policy route-map Use this command to enable PBR on an interface for a given route-map Use no parameter with this command to disable PBR on an interface for a given route map.

Command Syntax ip policy route-map ROUTE-MAP-NAME no ip policy route-map ROUTE-MAP-NAME

Parameter ROUTE-MAP-NAME Specifies name of the route-map

Command Mode Interface mode

Example In the following configuration example is used to forward packets to different routes based on the source IP address:

ZebOS(config)#interface eth0 ZebOS(config-if)#ip address 172.1.2.1.255.255.255.0 ZebOS(config-if)#exit ZebOS(config)#interface eth1 ZebOS(config-if)#ip address 172.1.1.1.255.255.255.0 ZebOS(config-if)#ip policy route-map policy_1 ZebOS(config-if)#exit ZebOS(config)#access-list 10 permit ip host 172.1.1.10 any ZebOS(config)#access-list 11 permit ip host 172.1.1.11 any ZebOS(config)#route-map policy_1 permit 10 ZebOS(config-route-map)#match ip address 10 ZebOS(config-route-map)#set ip next-hop 172.1.2.10 ZebOS(config-route-map)#exit ZebOS(config)#route-map policy_1 permit 11 ZebOS(config-route-map)#match ip address 11 ZebOS(config-route-map)#set ip next-hop 172.1.2.11

35

Commands Common to Multiple Protocols

ip prefix-list Use this command to create an entry for a prefix list. A router starts to match prefixes from the top of the prefix list and stops whenever a match or deny occurs. To promote efficiency, use the seq parameter and place common matches or denials towards the top of the list. The sequence values are generated in the sequence of 5. Use the parameters GE and LE specify the range of the prefix length to be matched. When setting these parameters, set LE to be less than 32 and GE to be less than LE value. Use the no parameter with this command to delete the prefix-list entry.

Command Syntax ip prefix-list [seq |WORD|description (LINE)|deny|permit|IPPREFIX (le |ge |any)] no prefix-list [seq |WORD|description (LINE)|deny|permit|IPPREFIX (le |ge |any)]

Parameters seq

The sequence number of the prefix list .

WORD

Specify the name of a prefix list.

description

Prefix-list specific description.

LINE

Up to 80 characters describing this prefix-list

deny

Specify that packets are to be rejected.

permit

Specify that packets are to be accepted.

IPPREFIX

The IP address mask and length of the prefix list mask (A.B.C.D/M).

le

Maximum prefix length to be matched .

ge

Minimum prefix length to be matched .

any

Takes all packets of any length. This parameter is the same as using 0.0.0.0/0 le 32 for IPPREFIX.

Command Mode Configure mode

Examples In this configuration, the ip prefix-list command matches all, but denies the IP address range, 76.2.2.0.

ZebOS#router bgp 100 ZebOS(config-router)#network 172.1.1.0 ZebOS(config-router)#network 172.1.2.0 ZebOS(config-router)#ZebOS(config-router)# ZebOS(config-router)#neighbor 10.6.5.3 remote-as 300 ZebOS(config-router)#neighbor 10.6.5.3 prefix-list mylist out ZebOS(config-router)#exit ZebOS(config)#ip prefix-list mylist seq 5 deny 76.2.2.0/24 ZebOS(config)#ip prefix-list mylist seq 10 permit 0.0.0.0/0

36

Commands Common to Multiple Protocols

ip remote-address Use this command to set the remote address (far end) on a point-to-point non multi-access link. This command can be used only on unnumbered interfaces. When a new remote-address is configured, the old address gets overwritten. Use the no parameter to disable this function.

Command Syntax ip remote-address [A.B.C.D/M] no ip remote-address [A.B.C.D/M]

Parameter A.B.C.D/M

IP address and prefix length of the link remote address.

Command Mode Interface mode

Example ZebOS(config)#interface ppp0 ZebOS(config-if)#ip unnumbered eth1 ZebOS(config-if)#ip remote-address 1.1.1.1/32 Validation Commands show running-config, show interface

37

Commands Common to Multiple Protocols

ip unnumbered Use this command to enable IP processing without an explicit address on a point-to-point non multi-access link. Moreover, this command lets an interface borrow the IP address of a specified interface to enable IP processing on a point-to-point interface without assigning it an explicit IP address. In this way, the IP unnumbered interface can borrow the IP address of another interface already configured on the router to conserve network and address space. Use the no parameter with this command to unconfigure this feature on an interface.

Command Syntax ip unnumbered IFNAME no ip unnumbered IFNAME

Parameter IFNAME

A string that specifies the interface.

Command Mode Interface mode

Examples The following example creates a tunnel on Router 1 (eth1). On Router 1

ZebOS(config)#interface lo ZebOS(config-if)#ip address 127.0.0.1/8 ZebOS(config-if)#ip address 33.33.33.33/32 secondary ZebOS(config-if)#exit ZebOS(config)#interface eth1 ZebOS(config-if)#ip address 10.10.10.145/24 ZebOS(config-if)#exit ZebOS(config)#interface Tunnel0 ZebOS(config-if)#tunnel source 10.70.0.145 ZebOS(config-if)#tunnel destination 10.70.0.77 ZebOS(config-if)#tunnel ttl 255 ZebOS(config-if)#tunnel path-mtu-discovery ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#ip unnumbered eth1 ZebOS(config-if)#exit ZebOS(config)#router ospf ZebOS(config-router)#network 10.10.10.0/24 area 0

38

Commands Common to Multiple Protocols

ipv6 access-class Use this command to filter a connection based on an IP access list for IPv6 networks. Use this command in conjunction with the IP access list to set permissions for VTY session users for ipv6 address family. Note:

This command is unavailable to ZebOS Network Platform customers using the IMISH for CLI management. To control access from the network/ hosts, IMISH administrators are required to change system files, such as / etc/host.allow and /etc/hosts.deny.

Command Syntax ipv6 access-class LIST

Parameter LIST

A string that specifies the list.

Command Mode Line mode

Example ZebOS#configure terminal ZebOS(config)#line vty 12 77 ZebOS(config-line)#ipv6 access-class mylist1 Related Commands access-list

39

Commands Common to Multiple Protocols

ipv6 access-list Use this command to configure an access list for filtering frames. Use access lists to control the transmission of packets on an interface, and restrict contents of routing updates. The switch stops checking the access list after a match occurs. Use the no parameter to remove a specified access-list.

Command Syntax ipv6 access-list [WORD|DENY|PERMIT (X:X::X:X/M|any|exact-match)|REMARK (LINE)] no ipv6 access-list [WORD|DENY|PERMIT (X:X::X:X/M|any|exact-match)|REMARK (LINE)]

Parameters WORD

IP ZebOS access-list name

DENY

Specify route to reject.

PERMIT

Specify route to permit.

X:X::X:X/M

An IP address and mask specifying which part of the IP address will be ignored.

any

Allows any IP address or prefix to match.

exact-match Specify an exact matching of prefixes. REMARK LINE

Access list entry comment. Multi-line, access-list entry comment up to 100 characters.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ipv6 access-list mylist deny 3ffe:506::/32 exact-match ZebOS(config)#ipv6 access-list mylist permit any Validation Commands show running-config, show ipv6 access-list

40

Commands Common to Multiple Protocols

ipv6 access-list zebos Use this command to configure an access list for filtering frames that permit or deny multiple IANA protocols. An access list controls the transmission of packets on an interface, and restrict the content of routing updates. The switch stops checking the access list when a match is encountered. Some protocols are identified by name, such as IP, GRE, or TCP packets. Other are identified by a number in the range of . Use mask to specify a subset of addresses. Use any to allow all packets. Use the no option with any of the access-list zebos command variants to remove a specified access-list.

Command Syntax access-list ipv6 access-list access-list ZebOS(WORD) [deny|permit] [ip|gre|igmp |pim|rsvp|ospf|vrrp|ipcomp|icmp (icmp-type)|any|] [A.B.C.D/M|any] [A.B.C.D/M|any] [label |precendence |tos |range |pkt-size lt|gt |range ] [fragments|log |interface] [in|out] udp (et|lt|gt|ne) no ipv6 access-list access-list ZebOS(WORD) [deny|permit] [ip|gre|igmp|pim|rsvp |ospf|vrrp|ipcomp|icmp (icmp-type)|any|] [A.B.C.D/M|any] [A.B.C.D/M|any] [label |precendence |tos |range |pkt-size lt|gt |range ] [fragments|log|interface] [in|out] udp (et|lt|gt|ne)

Parameters WORD

ZebOS access-list name.

deny

Specify route to deny.

permit

Specify route to permit.



Use a number that identifies a protocol other than one of the named protocol.

any

Specify any packet.

gre

Specify GRE packet.

icmp

Specify ICMP packet.

icmp-type Specify ICMP type. igmp

Specify Internet Group Management Protocol packet.

ip

Specify IP packet.

ipcomp

Specify ICOMP packet.

ospf

Specify Open Shortest Path First packet.

pim

Specify Protocol Independent Multicast packet.

rsvp

Specify Resource ReserVation Protocol packet.

vrrp

Specify Virtual Router Redundancy Protocol packet.

A.B.C.D

Source IP address.

A.B.C.D/M

Source IP address and mask.

any

Source any local address.

A.B.C.D

Destination IP address.

41

Commands Common to Multiple Protocols

A.B.C.D/M

Destination IP address and mask.

any

Destination any local address.

fragments

Access-list command applies to non-initial fragment of packet.

interface

Name of the input or output interface.

label

User-defined value that identifies an application.

log

Log the results.

pkt-size

Packet size.

precedence

Packet filter precedence level .

tos

Type of service (ToS) value; also used to filter packets. Enter either a value of or a range of values . lt|gt

Packet size less than or greater than specified value.

range

A range of type of service values. The first value is the beginning of the range and the second value is the end of the range .

in|out

When the log option is selected, specify input or output interface. UDP packet

udp et

Source and destination port numbers equal to the given value. Only used with UDP.

lt

Source and destination port numbers less than the given value. Only used with UDP.

gt

Source and destination port numbers greater than the given value. Only used with UDP.

ne

Source and destination port numbers not equal to the given value. Only used with UDP.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ipv6 access-list zebos TK deny tcp 2::2/64 eq 14 3::4/64 lt 12 log

42

Commands Common to Multiple Protocols

ipv6 prefix-list Use this command to create an entry for an ipv6 prefix-list. Router starts to match prefixes from the top of the prefix list, and stops whenever a match or deny occurs. To promote efficiency, use the seq parameter and place common matches or denials towards the top of the list. The sequence values are generated in the sequence of 5. The parameters GE and LE specify the range of the prefix length to be matched. Use the no parameter with this command to delete the prefix-list entry.

Command Syntax ipv6 prefix-list [seq )|WORD|description (LINE)|deny|permit|(IPPREFIX (le |ge )|any)] no prefix-list seq )|WORD|description (LINE)|deny|permit|[IPPREFIX (le |ge )|any]

Parameters seq

The sequence number of the prefix list .

WORD

Specify the name of a prefix list.

description

Prefix-list specific description.

LINE

Up to 80 characters describing this prefix-list

deny

Specify that packets are to be rejected.

permit

Specify that packets are to be accepted.

IPPREFIX

The IP address mask and length of the prefix list mask (X:X::X:X/M).

le

Maximum prefix length to be matched .

ge

Minimum prefix length to be matched .

any

Takes all packets of any length. This parameter is the same as using 0.0.0.0/0 le 32 for IPPREFIX.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ipv6 prefix-list mylist seq 12345 deny 3ffe:345::/16 le 22 ge 14

43

Commands Common to Multiple Protocols

ipv6 unnumbered Use this command to enable IPv6 processing without an explicit address, on a point-to-point non multi-access link. This command lets an interface borrow the IPv6 address of a specified interface to enable IPv6 processing on a pointto-point interface without assigning it an explicit IPv6 address. In this way, the IPv6 unnumbered interface can borrow the IPv6 address of another interface already configured on the router to conserve network and address space. Use the no parameter with this command to unconfigure this feature on an interface.

Command Syntax ipv6 unnumbered IFNAME no ipv6 unnumbered IFNAME

Parameter IFNAME

A string that specifies the interface.

Command Mode Interface mode

Example The following example creates a tunnel on Router 1 (eth1): On Router 1

ZebOS#configure terminal ZebOS(config)#interface lo ZebOS(config-if)#ipv6 address::1/128 ZebOS(config-if)#exit ZebOS(config)#interface eth1 ZebOS(config-if)#ipv6 address fe80::20e:cff:fe6e:56dd/64 ZebOS(config-if)#exit ZebOS(config)#interface Tunnel0 ZebOS(config-if)#tunnel source 10.70.0.145 ZebOS(config-if)#tunnel destination 10.70.0.77 ZebOS(config-if)#tunnel ttl 255 ZebOS(config-if)#tunnel path-mtu-discovery ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#ipv6 unnumbered eth1 ZebOS(config-if)#ipv6 router ospf area 0 tag 1 ZebOS(config-if)#exit ZebOS(config)#router ipv6 ospf 1 ZebOS(config-router)#router-id 10.70.0.145

44

Commands Common to Multiple Protocols

line vty Use the line vty command to move or change to VTY mode. This command is used to telnet to the NSM or any protocol daemons. This configuration is necessary for any telnet session. This configuration should be in the daemon's config file before starting the daemon. Use the no parameter to disable this command.

Command Syntax line vty | no line vty |

Parameters

Specify the first line number.



Specify the last line number.

Command Mode Configure mode

Example The following example shows the use of the line command to enter the Line command mode (note the change in the prompt).

ZebOS#configure terminal ZebOS(config)#line vty 9 ZebOS(config-line)#

Validation Commands show running-config

45

Commands Common to Multiple Protocols

log file Use this command to specify the log file controls and where to save the logs in a configuration file. This command enables writing of debug output to the disk file. If not specified, the system uses a default filename. The default directory for all VR log files is /var/local/zebos/log/. Log output can also be written to default log file, which is usually usr/local/sbin. Use option no to cancel writing to a specific log file.

Command Syntax log file (FILENAME) no log file (FILENAME)

Parameter FILENAME

Specify the name of the log file.

Command Mode Configure router mode

Examples This command is used to log the debug messages of a particular protocol daemon to the specified file.

Router#configure terminal Router(config)#log file /usr/local/sbin/bgpd.log Router(config)#log file /var/local/zebos/log/vrname

Validation Commands show running-config

46

Commands Common to Multiple Protocols

log record-priority Use the log record-priority command to include the priority of the message within the entry in the log file. Use the no parameter to exclude the priority from the entry.

Command Syntax log record-priority no log record-priority

Parameters None

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#log record-priority Validation Commands show running-config

47

Commands Common to Multiple Protocols

log stdout Use the log stdout command to begin the logging of information to a standard output device, and set the level to debug. Use the trap parameter and its sub-parameters to set the logging to a different level. Use the no parameter to disable logging to the stdout.

Command Syntax log stdout no log stdout

Parameters None

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#log stdout Validation Commands show running-config

48

Commands Common to Multiple Protocols

log syslog Use this command to begin logging of information to the system log and set the level to debug. Syslog enables centrally logging and analyzing of configuration events and system error messages. This helps monitor interface status, security alerts, and CPU process overloads. It also allows real-time capturing of client debug sessions. The command instructs the VLOGD daemon to forward all PVR debug output from all active terminal monitor sessions to the syslog file. Use the no parameter to disable logging to the system log.

Command Syntax log syslog no log syslog

Parameters None

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#log syslog

49

Commands Common to Multiple Protocols

log trap Use the log trap command with the log file to specify system message logging levels. Use the no parameter to include all levels of logging.

Command Syntax log trap (emergencies|alerts|critical|errors|warnings|notifications|informational| debugging) no log trap

Parameters emergencies

Turns on logging of only the most severe messages.

alerts

Turns on logging of the above plus this level.

critical

Turns on logging of the above plus this level.

errors

Turns on logging of the above plus this level.

warnings

Turns on logging of the above plus this level.

notifications

Turns on logging of the above plus this level.

informational

Turns on logging of the above plus this level.

debugging

Turns on logging of the above plus this level. This level of logging is the most comprehensive.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#log trap alerts ZebOS(config)#log trap critical ZebOS(config)#log trap informational Validation Commands show running-config

Related Commands log file

50

Commands Common to Multiple Protocols

login Use this command to set a password prompt before entering the configuration mode, and enable password checking. Use the no login command allows users to connect directly to the Privileged Exec mode skipping the password verification prompt. After using the no login command, if the user changes to the login command again, the system uses the password used earlier, unless the user specifies a password in the configure mode. Note:

Password can be an alpha-numeric string up to 80-characters, including spaces. The string cannot begin with a number.

Command Syntax login [local] no login [local]

Parameters local

Local password checking

Default Enabled

Command Mode Line mode

Examples The following examples show the use of login and no login command. In this example, a password pass is set (in configure mode) before using the login command.

ZebOS#configure terminal ZebOS(config)#line vty 1 ZebOS(config-line)#no login ZebOS#configure terminal ZebOS#(config)#password pass ZebOS#(config)#line vty 1 ZebOS#(config-line)#login local

51

Commands Common to Multiple Protocols

match as-path Use this command to match an autonomous system path access list. This command specifies the autonomous system path to be matched. If there is a match for the specified AS path, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met then the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note:

This command is valid only for BGP.

Use the no parameter with this command to remove a path list entry.

Command Syntax match as-path WORD no match as-path WORD

Parameter WORD

Specify an autonomous system path access list name.

Default Enabled

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map myroute deny 34 ZebOS(config-route-map)#match as-path myaccesslist Related Commands match metric, match ip address, match community, set as-path, set community

52

Commands Common to Multiple Protocols

match community Use this command to specify the community to be matched. Communities are used to group and filter routes. They are designed to provide the ability to apply policies to large numbers of routes by using match and set commands. Community lists are used to identify and filter routes by their common attributes. This command allows the matching based on community lists. The values set by the match community command overrides the global values. The route that does not match at least one match clause is ignored. Note:

This command is valid only for BGP.

Use the no parameter with this command to remove the community list entry.

Command Syntax match community WORD no match community WORD

Parameters WORD

Specify the community-list name.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#match community mylist Related Commands match ip address, match as-path, set as-path, set community, match metric

53

Commands Common to Multiple Protocols

match extcommunity Use this command to match BGP external community list Communities are used to group and filter routes. They are designed to provide the ability to apply policies to large numbers of routes by using match and set commands. Community lists are used to identify and filter routes by their common attributes. This command allows the matching based on community lists. The values set by this command overrides the global values. The route that does not match at least one match clause is ignored. Note:

This command is valid only for BGP.

Use the no parameter with this command to remove the community list entry.

Command Syntax match extcommunity [||WORD] no match extcommunity [||WORD]

Parameters

Standard community-list number.



Expanded community-list number

WORD

Name of the Community-list.

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#match extcommunity mylist

54

Commands Common to Multiple Protocols

match interface Use this command to define the interface match criterion. This command specifies the next-hop interface name of a route to be matched. Use the no parameter with this command to remove the specified match criterion.

Command Syntax match [interface (IFNAME)] no match interface

Parameter IFNAME

A string that specifies the interface for matching.

Default Disabled

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map mymap1 permit 10 ZebOS(config-route-map)#match interface eth0 Related Commands match tag, match route-type external

55

Commands Common to Multiple Protocols

match ip address Use this command to specify the match address of route. If there is a match for the specified IP address, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified then the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Use the no parameter with this command to remove the match ip address entry.

Command Syntax match ip address [WORD||] no match ip address [WORD||]

Parameters WORD

The name of IP access-list.



The IP access-list number.



The IP access-list number (expanded range).

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#match ip address List1 Related Commands match community, match as-path, set as-path, set community, match metric

56

Commands Common to Multiple Protocols

match ip address prefix-list Use this command to match entries of prefix-lists. If there is a match for the specified prefix-list entries, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Use the no parameter with this command too disable this function

Command Syntax match ip address prefix-list WORD no match ip address prefix-list WORD

Parameter WORD

Specify the IP prefix list name.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#match ip address prefix-list mylist

57

Commands Common to Multiple Protocols

match ip next-hop Use this command to specify a next-hop address to be matched in a route-map. If there is a match for the specified next-hop address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Use the no parameter with this command to disable this function.

Command Syntax match ip next-hop (WORD|||PREFIXLIST) no match ip next-hop (WORD|||PREFIXLIST)

Parameters WORD

The IP access-list name



The IP access-list number



The IP access-list number (expanded range)

PREFIXLIST

Match entries of prefix-lists

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#match ip next-hop mylist Related Commands match community, match as-path, set as-path, set community, match metric

58

Commands Common to Multiple Protocols

match ip next-hop prefix-list Use this command to specify the next-hop IP address match criterion, using the prefix-list. This command matches the next-hop IP address of a route. Use the no parameter with this command to remove the specified match criterion.

Command Syntax match ip next-hop prefix-list WORD no match ip next-hop prefix-list WORD

Parameter WORD

A string specifying the prefix-list name.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map mymap permit 3 ZebOS(config-route-map)#match ip next-hop prefix-list list1 Related Commands match metric, match interface, match ip next-hop

59

Commands Common to Multiple Protocols

match ipv6 address Use this command to specify the match address of route. If there is a match for the specified IPv6 address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Use the no parameter with this command to remove the match ip address entry. Note:

This command is valid for BGP, OSPFv3, and RIPng only.

Command Syntax match ipv6 address WORD no match ipv6 address WORD

Parameter WORD

Specify the IPv6 access list name.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map ipi deny 1 ZebOS(config-route-map)#match ipv6 address ipi

60

Commands Common to Multiple Protocols

match ipv6 address prefix-list Use this command to specify the entries of prefix-lists to be matched. If there is a match for the specified prefix-list entries, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note:

This command is valid for BGP, OSPFv3, and RIPng only.

Use the no parameter with this command to disable this function

Command Syntax match ipv6 address prefix-list WORD no match ipv6 address prefix-list WORD

Parameter WORD

Specify the IPv6 access list name.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#match ipv6 address prefix-list mylist

61

Commands Common to Multiple Protocols

match ipv6 next-hop Use this command to specify the next-hop address to be matched. If there is a match for the specified next-hop address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note:

This command is valid for BGP and IS-IS only.

Use the no parameter with this command to disable this function

Command Syntax match ipv6 next-hop [WORD|X:X::X:X|prefix-list] no match ipv6 next-hop [WORD|X:X::X:X|prefix-list]

Parameters WORD

Specify the IPv6 access list name.

X:X::X:X

Specify the IPv6 address of the next-hop.

prefix-list

Specify the match entries of prefix-lists.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#match ipv6 next-hop 3ffe::1

62

Commands Common to Multiple Protocols

match metric Use this command to match a metric of a route. If there is a match for the specified metric, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note:

This command is valid for BGP, OSPF, RIP, and IS-IS only.

Use the no parameter with this command to disable this function

Command Syntax match metric no match metric

Parameters METRIC

Specify the metric value .

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#match metric 888999 Related Commands match community, match as-path, set as-path, set community, match ip next-hop

63

Commands Common to Multiple Protocols

match origin Use this command to match origin code. The origin attribute defines the origin of the path information. The egp parameter is indicated as an e in the routing table, and it indicates that the origin of the information is learned via EGP (Exterior Gateway Protocol). The igp parameter is indicated as an i in the routing table, and it indicates the origin of the path information is interior to the originating AS. The incomplete parameter is indicated as a question mark (?) in the routing table, and indicates that the origin of the path information is unknown or learned through other means. If a static route is redistributed into BGP, the origin of the route is incomplete. This command specifies the origin to be matched. If there is a match for the specified origin, and permit is specified when you created the route-map, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note:

This command is valid only for BGP.

Use the no parameter with this command to disable this matching.

Command Syntax match origin (egp|igp|incomplete) no match origin (egp|igp|incomplete)

Parameters egp

Remote exterior gateway protocol.

igp

Local internal gateway protocol.

incomplete

Unknown heritage.

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map myroute deny 34 ZebOS(config-route-map)#match origin egp

64

Commands Common to Multiple Protocols

match route-type Use this command to match specified external route type. AS-external LSA is either Type-1 or Type-2. External type-1 matches only Type 1 external routes and external type-2 matches only Type 2 external routes. Use the no parameter with this command to turn off the matching.

Command Syntax match route-type [external (type-1|type-2)] no match route-type [external (type-1|type-2)]

Parameters external

External route type.

type-1

Match OSPF External Type 1 metric.

type-2

Match OSPF External Type 2 metric.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map mymap1 permit 10 ZebOS(config-route-map)#match route-type external type-1 Related Commands match tag, match route-type external

65

Commands Common to Multiple Protocols

match tag Use this command to match the specified tag value. Use the no parameter with this command to turn off the declaration.

Command Syntax match tag no match tag

Parameters external

External route type.

type-1

Match OSPF External Type 1 metric.

type-2

Match OSPF External Type 2 metric.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map mymap1 permit 10 ZebOS(config-route-map)#match tag 100 Related Commands match metric, match route-type external

66

Commands Common to Multiple Protocols

password Use the password command to specify a network password. Note:

This command is unavailable to ZebOS Network Platform customers using the IMISH for CLI management.

Command Syntax password [8|PLAIN|password] no password [8|PLAIN|password]

Parameters 8

Specify that hidden password will follow.

PLAIN

Specify the hidden enable password string.

password

Specify a password. Password can be an alpha-numeric string up to 80-characters, including spaces. The string cannot begin with a number.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#password 8 hiddenpassword ZebOS(config)#password plainpassword Related Commands enable

Validation Commands show running-config

67

Commands Common to Multiple Protocols

route-map Use this command to enter the route-map mode and to permit or deny match/set operations. This command controls and modifies routing information to allow redistribution of routes. It has a list of match and set commands associated with it. The match commands specify the conditions under which redistribution is allowed, and the set commands specify the particular redistribution actions to be performed if the criteria enforced by match commands are met. Route maps are used for detailed control over route distribution between routing processes. Route maps also allow policy routing, and might route packets to a different route than the obvious shortest path. Use the no parameter with this command to turn off the declaration. Note:

Password can be an alpha-numeric string up to 80-characters, including spaces. The string cannot begin with a number.

Command Syntax route-map [WORD deny|permit SEQ ] no route-map [WORD deny|permit]

Parameters WORD

Identify the route.

deny

Route map denies set operations. If the deny parameter is specified, and the match criteria are met, the route is not redistributed, and any other route maps with the same map tag are not examined.

permit

Route map permits set operations. If the permit parameter is specified, and the match criteria are met, the route is redistributed as specified by set actions. If the match criteria are not met, the next route map with the same tag is tested.

Command Mode Configure mode

Example The following example shows the use of the route-map command to enter the route-map mode (note the change in the prompt), and the use of this mode in match and set commands.

ZebOS#configure terminal ZebOS(config)#route-map route1 permit 1 ZebOS(config-route-map)#

68

Commands Common to Multiple Protocols

service advanced-vty Use this command to set multiple options to be listed when the Tab key is pressed after completing a command. This feature applies to commands with more than one option. Use the no parameter to set no options to be listed when the Tab key is pressed, after completing a command.

Command Syntax service advanced-vty no service advanced-vty

Parameters None

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#service advanced-vty

69

Commands Common to Multiple Protocols

service password-encryption Use this command to specify encryption of passwords. Encryption helps prevent observers from reading passwords. Note:

When using the service password-encryption command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (encryption) is not available when you log into IMISH the next time. See write file on page 107 for more information.

Use the no parameter to disable this feature. Note:

Password can be an alpha-numeric string up to 80-characters, including spaces. The string cannot begin with a number.

Command Syntax service password-encryption no service password-encryption

Parameters None

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#enable password mypasswd ZebOS(config)#service password-encryption Validation Commands enable password

70

Commands Common to Multiple Protocols

service terminal-length Use this command to set the terminal length for VTY sessions. Use the no parameter to disable this feature.

Command Syntax service terminal-length no service terminal-length

Parameters

Number of lines of VTY (0 means no line control).

Command Mode Configure mode

Example In the following configuration, the terminal length for VTY sessions will be set to 60, making 60 the number of terminal lines for any telnet session.

ZebOS#configure terminal ZebOS(config)#service terminal-length 60

Validation Commands show running-config

71

Commands Common to Multiple Protocols

set aggregator Use this command to set the AS number for the route map and router ID. An Autonomous System (AS) is a collection of networks under a common administration sharing a common routing strategy. It is subdivided by areas, and is assigned a unique 16-bit number. Use the set aggregator command to assign an AS number for the aggregator. To use the set aggregator command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to disable this function

Command Syntax set aggregator [as||A.B.C.D] no set aggregator [as]

Parameters as

AS number of aggregator.



Specify the AS number of aggregator.

A.B.C.D

Specify the IP address of aggregator.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#set aggregator as 43 10.10.0.3

72

Commands Common to Multiple Protocols

set as-path Use this command to modify an autonomous system path for a route. By specifying the length of the AS-Path, the router influences the best path selection by a neighbor. Use the prepend parameter with this command to prepend an AS path string to routes increasing the AS path length. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to disable this function.

Command Syntax set as-path [prepend|] no set as-path [prepend|]

Parameters prepend

Prepends the autonomous system path.



ZebOS prepends this number to the AS path.

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map myroute permit 3 ZebOS(config-route-map)#set as-path prepend 8 24

73

Commands Common to Multiple Protocols

set atomic-aggregate Use this command to set an atomic aggregate attribute. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to disable this function

Command Syntax set atomic-aggregate no set atomic-aggregate

Parameters None

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set atomic-aggregate

74

Commands Common to Multiple Protocols

set comm-list Use this command to delete the matched communities from the community attribute of an inbound or outbound update when applying route-map. Use the no parameter with this command to disable this feature.

Command Syntax set comm-list (||WORD) delete no set comm-list (||WORD) delete

Parameters

Standard community-list number.



Expanded community-list number

WORD

Name of the community-list.

delete

Delete the community-list

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map ipi permit 3 ZebOS(config-route-map)#set comm-list 34 delete

75

Commands Common to Multiple Protocols

set community Use this command to set the communities attribute. and group destinations in a certain community, as well as apply routing decisions according to those communities. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to delete the entry.

Command Syntax set community [AA:NN|internet|local-AS|no-advertise|no-export](additive) no set community [AA:NN|internet|local-AS|no-advertise|noexport](additive)

Parameters

Community number

AA:NN

The community number in aa:nn format.

internet

Specify the Internet.

local-AS

Specify no sending outside the local AS (well-known community).

no-advertise

Specify no advertisement of this route to eBGP peers

no-export

Specify no advertisement of this route to any peer.

none

Removes the community attribute from the prefixes that pass the route-map.

additive

Adds to the existing community.

Command Mode Route-map mode

Examples The following examples show the use of the set community command with different parameters.

ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set community no-export no-advertise ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set community no-advertise ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set community 10:01 23:34 12:14 no-export

76

Commands Common to Multiple Protocols

set dampening Use this command to enable route-flap dampening and set parameters. Set the unreachability half-life time to be equal to, or greater than, reachability half-life time. The suppress-limit value must be greater than or equal to the reuse limit value. Use the no parameter with this command to delete the entry.

Command Syntax set dampening no set dampening

Parameters

Specify the reachability half-life time in minutes. The time for the penalty to decrease to one-half of its current value. The default is 15 minutes.



Specify the reuse-limit value. When the penalty for a suppressed route decays below the reuse value, the routes become unsuppressed. The default reuse limit is 750.



Specify the suppress-limit value. When the penalty for a route exceeds the suppress value, the route is suppressed. The default suppress limit is 2000.



Specify the max-suppress-time. Maximum time that a dampened route is suppressed. The default max-suppress value is 4 times the half-life time (60 minutes).



Specify the unreachability half-life time for penalty, in minutes. The default value is 15 minutes.

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map R1 permit 24 ZebOS(config-route-map)#set dampening 20 333 534 30

77

Commands Common to Multiple Protocols

set extcommunity Use this command to set an extended community attribute. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process Use the no parameter with this command to disable this function

Command Syntax set extcommunity [rt|soo ASN:NN] no set extcommunity [rt|soo ASN:NN]

Parameters rt

Specify the route target of the extended community.

soo

Specify the site-of-origin of the extended community.

ASN:NN

VPN extended community

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set extcommunity rt 06:01 ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set extcommunity rt 0.0.0.6:01 ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set extcommunity soo 06:01 ZebOS#configure terminal ZebOS(config-route-map)#route-map rmap1 permit 3 ZebOS(config-route-map)#set extcommunity soo 0.0.0.6:01

78

Commands Common to Multiple Protocols

set ip next-hop Use this command to set the specified next-hop value. Use the no parameter with this command to turn off the setting. Note:

This command is valid for BGP, OSPF, and RIP only.

Command Syntax set ip next-hop A.B.C.D no set ip next-hop

Parameter A.B.C.D

Specify the IP address of the next-hop.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map mymap permit 3 ZebOS(config-route-map)#set ip next-hop 10.10.0.67 Related Commands set metric

79

Commands Common to Multiple Protocols

set ipv6 next-hop Use this command to set a next hop-address. Use the no parameter with this command to delete an entry. Note:

This command is valid for BGP and OSPFv3 only.

Command Syntax set ipv6 next-hop [X:X::X:X|local IPADDRESS] no set ipv6 next-hop [X:X::X:X|local IPADDRESS]

Parameters X:X::X:X

Specify the global ipv6 address of next hop.

local

Specify the IPv6 local address.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set ipv6 next-hop local fe80::203:47ff:fe97:66dc

80

Commands Common to Multiple Protocols

set level Use this command to set the IS-IS level to export a route. Use the no parameter with this command to disable this function.

Command Syntax set level [level-1|level-2|level-1-2] no set level

Parameters level-1

Export into a level-1 area.

level-2

Export into a level-2 sub-domain.

level-1-2

Export into level-1 and level-2.

Default Disabled

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set level level-1

81

Commands Common to Multiple Protocols

set local-preference Use this command to set the BGP local preference path attribute. Use the no parameter with this command to disable this function.

Command Syntax set local-preference no set local-preference

Parameters Specify the tag value for destination routing protocol.

Default Disabled

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set local-preference 12

82

Commands Common to Multiple Protocols

set metric Use this command to set a metric value for a route and influence external neighbors about the preferred path into an Autonomous System (AS). The preferred path is the one with a lower metric value. A router compares metrics for paths from neighbors in the same ASs. To compare metrics from neighbors coming from different ASs, use the bgp always-compare-med command. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to disable this function.

Command Syntax set metric [|] no set metric [|]

Parameters

Adds or subtracts a metric.

Specify a metric value

Command Mode Route-map mode

Examples ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set metric 600

83

Commands Common to Multiple Protocols

set metric-type Use this command to set the metric type for the destination routing protocol. Select a type to be either Type-1 or Type2 in the AS-external-LSA when the route-map matches the condition. Note:

This command is for OSPF, OSPFv3, or IS-IS only.

Use the no parameter with this command to return to the default.

Command Syntax set metric-type [external|internal|type-1|type-2] no set metric-type [external|internal|type-1|type-2]

Parameters external

Specify an IS-IS external metric type.

internal

Specify an IS-IS internal metric type.

type-1

Specify an OSPF external type 1 metric.

type-2

Specify an OSPF external type 2 metric

Command Mode Route-map mode

Command Mode Route-map mode

Example In this example the metric type of the destination protocol is set to OSPF external Type 1.

ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set metric-type 1

Related Commands redistribute, default-information

84

Commands Common to Multiple Protocols

set origin Use this command to set the BGP origin code. The origin attribute defines the origin of the path information. The three parameters with this command indicate three different values. IGP is interior to the originating AS. This happens if IGP is redistributed into the BGP. EGP is learned through an Exterior Gateway Protocol. Incomplete is unknown or learned through some other means. This happens when static route is redistributed in BGP and the origin of the route is incomplete. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to delete an entry.

Command Syntax set origin [egp|igp|incomplete] no set origin [egp|igp|incomplete]

Parameters egp

Specify a remote EGP (Exterior Gateway Protocol) system.

igp

Specify a local IGP (Internal Gateway Protocol) system.

incomplete

Specify a system of unknown heritage.

Command Mode Route-map mode

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set origin egp

85

Commands Common to Multiple Protocols

set originator-id Use this command to set the originator ID attribute. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Use the no parameter with this command to disable this function

Command Syntax set originator-id (A.B.C.D) no set originator-id (A.B.C.D)

Parameter A.B.C.D

Specify the IP address of originator.

Command Mode Route-map mode

Example ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set originator-id 1.1.1.1

86

Commands Common to Multiple Protocols

set tag Use this command to set a specified tag value. The Tag parameter is the route tag that is labeled by another routing protocol (BGP or other IGP when redistributing), because AS-external-LSA has a route-tag field in its LSAs. In addition, when using route-map, ZebOS can tag the LSAs with the appropriate tag value. Sometimes the tag matches with using route-map, and sometimes, the value may be used by another application. Use the no parameter with this command to return to the default.

Command Syntax set tag no set tag

Parameter Specify the tag value for destination routing protocol.

Command Mode Route-map mode

Example In the following example the tag value of the destination routing protocol is set to 6:

ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set tag 6

Related Commands redistribute, default-information

87

Commands Common to Multiple Protocols

set vpnv4 next-hop Use this command to set a VPNv4 next-hop address. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note:

This command is valid for BGP, only

Use the no parameter with this command to disable this function

Command Syntax set vpnv4 next-hop [A.B.C.D] no set vpnv4 next-hop [A.B.C.D]

Parameter A.B.C.D

Specifies the IP address of originator.

Command Mode Route-map mode

Command History Command introduced

Example ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#set vpnv4 next-hop 6.6.6.6

88

Commands Common to Multiple Protocols

set weight Use this command to set weights for the routing table. The weight value is used to assist in best path selection. It is assigned locally to a router. When there are several routes with a common destination, the routes with a higher weight value are preferred. To use this command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. Note:

This command is valid only for BGP.

Use the no parameter with this command to delete an entry.

Command Syntax set weight no set weight

Parameter Specify the weight value.

Command Mode Route-map mode

Examples In the following configuration, all routes that apply to access-list 10 will have the weight set at 400. If the packets do not match any of the defined criteria, they are routed through the normal routing process.

ZebOS#configure terminal ZebOS(config)#route-map rmap1 permit 3 ZebOS(config-route-map)#match as-path 10 ZebOS(config-route-map)#set weight 400

Related Commands match as-path

89

Commands Common to Multiple Protocols

show access-list Use this command to display a list of IP access lists.

Command Syntax show access-list

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#show access-list Standard IP access list 13 permit any Standard IP access list 67 deny 1.1.1.0, wildcard bits 0.0.0.255 Extended IP access list 134 deny ip 1.1.1.0 0.0.0.255 any ZebOS IP access list 1111 deny 1.1.1.1/1 exact-match Standard IP access list 1340 deny 1.1.1.0, wildcard bits 0.0.0.255 Extended IP access list 2001 deny ip 1.1.1.0 0.0.0.255 any ZebOS extended IP access list TK deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log ZebOS IP access list mylist deny 10.10.0.72/24 exact-match permit any ZebOS extended IP access list new deny icmp any any ZebOS extended IP access list tk deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log ZebOS#

90

Commands Common to Multiple Protocols

show cli Use this command to display the CLI tree of the current mode.

Command Syntax show cli

Parameters None

Command Mode All command modes

Example This is a section of the sample output of the show cli command executed at the Exec mode.

ZebOS#show cli Exec mode: +-clear +-arp-cache [clear arp-cache] +-ethernet +-cfm +-errors +-domain +-DOMAIN_NAME [clear ethernet cfm errors (domain DOMAIN_NAME|level LEV EL_ID) (bridge |)] +-bridge +- [clear ethernet cfm errors (domain DOMAIN_NAME|level LEVE L_ID) (bridge |)] +-level +-LEVEL_ID [clear ethernet cfm errors (domain DOMAIN_NAME|level LEVEL_ ID) (bridge |)] +-bridge +- [clear ethernet cfm errors (domain DOMAIN_NAME|level LEVE L_ID) (bridge |)] +-maintenance-points +-remote +-domain +-DOMAIN_NAME [clear ethernet cfm maintenance-points remote(domain D --More--

91

Commands Common to Multiple Protocols

show history Use the show history command to list the commands entered in the current session. The history buffer is cleared automatically upon reboot.

Command Syntax show history

Parameters None

Command Mode Exec mode and Privileged Exec mode

Examples Two sample results from the show history command:

ZebOS#show history 1 en 2 show ru 3 con t 4 route-map er deny 3 5 exit 6 ex 7 di Though some modes do not have the show history command, commands entered in those modes are listed from the Privileged mode. All command line entries are listed, even erroneous commands. ZebOS#show history 1 show ip protocols 2 show ip protocols rip 3 show history 4 enable 5 config terminal 6 show his 7 interface eth0 8 show history 9 router rip 10 end 11 list 12 con t 13 router rip 14 show history 15 show history 16 end

92

Commands Common to Multiple Protocols

show ip prefix-list Use this command to display the prefix list entries.

Syntax Description show ip prefix-list [WORD (A.B.C.D/M|seq)|detail|summary]

Parameters WORD

Name of a prefix list.

A.B.C.D/M

IP prefix / (for example, 35.0.0.0/8).

seq

Sequence number of an entry.

detail

Detail of prefix lists.

summary

Summary of prefix lists.

Command Mode Privileged Exec mode

Example The following is a sample output of the show ip prefix-list command showing prefix-list entries.

ZebOS#show ip prefix-list ip prefix-list ipi1: 3 entries seq 5 permit 172.1.1.0/16 seq 10 permit 173.1.1.0/16 seq 15 permit 174.1.1.0/16

93

Commands Common to Multiple Protocols

show list Use this command to display a list of all the commands relevant to the current mode.

Command Syntax show list

Parameters None

Command Mode All command modes.

Example This is a section of the sample output of the show list command executed at the Configure mode.

ZebOS(config)#show list clear arp-cache clear bgp * clear bgp * in clear bgp * in prefix-filter clear bgp * out clear bgp * soft clear bgp * soft in clear bgp * soft out clear bgp clear bgp in clear bgp in prefix-filter clear bgp out clear bgp soft clear bgp soft in clear bgp soft out clear bgp (A.B.C.D|X:X::X:X) clear bgp (A.B.C.D|X:X::X:X) in clear bgp (A.B.C.D|X:X::X:X) in prefix-filter clear bgp (A.B.C.D|X:X::X:X) out clear bgp (A.B.C.D|X:X::X:X) soft clear bgp (A.B.C.D|X:X::X:X) soft in clear bgp X:X::X:X soft out --more--

94

Commands Common to Multiple Protocols

show memory all Use this command to display memory statistics about all protocols and the ZebOS library. Note:

This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax show memory all

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example owing is an output of this command displaying memory statistics about all protocols:

Zebos#show memory all Memory type Alloc cells Alloc bytes =================================== ============= =============== Temporary memory : 17759 1732336 Hash : 16 1280 Hash index : 16 58368 Hash bucket : 61 4880 Thread master : 8 8576 Thread : 71 7952 Link list : 148 11840 ... Buffer data : 3 3216 Prefix : 4 320 ... Host config password : 7 560 VTY master : 8 640 VTY : 4 17600 VTY history : 16 1280 VTY if : 49 14896 VTY connected : 112 8960 ... Patricia tree node : 22 1760 Message entry : 7 560 Message handler : 8 896 Host : 8 1408 Log information : 16 1280 Context : 16 3072 ----------------------------------- ------------- --------------NSM Client Handler : 7 229712 NSM Client : 7 14672 NSM server entry : 7 229712 NSM server client : 7 560 NSM server : 1 2096 NSM Route table : 12 960 NSM Route node : 15 1680 NSM Master : 1 112

95

Commands Common to Multiple Protocols

NSM RIB : ... IGMP interface info : NSM IPv6 Mcast entry : NSM IPv6 Mcast Client entry : NSM IPv6 Mcast Stat block entry : MLD Top : MLD interface : --------------------------------------------------------------------OSPFv3 structure : OSPFv3 area : OSPFv3 interface : OSPFv3 neighbor : OSPFv3 vertex : ... OSPFv3 prefix map : OSPFv3 packet : OSPFv3 FIFO : OSPFv3 if params : OSPFv3 description : ----------------------------------BGP structure : BGP VR structure : BGP global structure : BGP peer : BGP as list master : Community list handler : BGP Damp Reuse List Array : BGP table : ----------------------------------PIM-DM Global : PIM-DM VR : PIM-DM VRF :

96

15

1200

1 176 1 560 2 160 2 8288 1 176 6 1056 ------------- --------------------------- --------------1 304 1 176 1 304 3 912 1 80 1 80 681 105328 1 80 2 224 4 320 ------------- --------------1 1072 1 112 1 112 1 2096 1 80 1 80 1 2096 37 2960 ------------- --------------1 176 1 80 1 176

Commands Common to Multiple Protocols

show memory free Use this command to display memory statistics about free memory for every protocol. Note:

This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax show memory free

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is an output of this command displaying the total free size and the number of available free blocks:

ZebOS#show memory free Freed memories for IMI Block size Total bytes =============== =============== 32 80 64 257152 128 1421904 256 1214784 Freed memories for NSM Block size Total bytes =============== =============== 32 80 64 257152 128 1421904 256 1214784 512 1127840 1024 1055920 2048 1031232 Freed memories for RIPng Block size Total bytes =============== =============== 32 0 64 257040 128 1421904 256 1214784 512 1127840 1024 1054848

Block count ============== 1 2296 8079 3996 Block count ============== 1 2296 8079 3996 2014 985 492 Block count ============== 0 2295 8079 3996 2014 984

97

Commands Common to Multiple Protocols

show memory lib Use this command to display library memory statistics. Note:

This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax show memory lib

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output for this command showing the memory usage by library in different protocols.

ZebOS#show memory lib Library MTYPEs for NSM Memory type Alloc cells ============================== ============ Hash : 1 Hash index : 1 Hash bucket : 6 Thread master : 1 Thread : 11 Link list : 10 Link list node : 18 Buffer : 0 Buffer bucket : 0 Buffer data : 0 Buffer IOV : 0 Config handle : 0 Temporary memory : 2039 Access list : 0 Access list str : 0 Access filter : 0 Prefix list : 0 Prefix list str : 0 Prefix list entry : 0 Route map : 0 Route map name : 0 Route map index : 0 Bit map : 3 Bit map block : 3 Bit map block array : 3

98

Commands Common to Multiple Protocols

show memory summary Use this command to display the summary of memory statistics. Note:

This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax show memory summary

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example Following is a sample output of the show memory summary command:

ZebOS#show memory summary Memory summary for IMI Total preallocated memory size: Total preallocated memory overhead: Total preallocated memory blocks:

10485760 3141024 65438

Total on demand allocated memory size: Total on demand allocated memory overhead: Total on demand allocated memory count:

913824 388368 8091

Requested ZebOS memory size: Allocated ZebOS memory size: Allocated ZebOS memory blocks:

2048768 6393904 55301

Total memory left in the free pool: Total blocks left in the free pool:

8535072 18228

Memory summary for NSM Total preallocated memory size: Total preallocated memory overhead: ... Total on demand allocated memory overhead: Total on demand allocated memory count:

10485760 3141024 388368 8091

99

Commands Common to Multiple Protocols

show route-map Use this command to display user readable route-map information.

Command Syntax show route-map

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show route-map command.

ZebOS#show route-map route-map ipi, permit, sequence 1 Match clauses: metric 200 Set clauses: metric 60

100

Commands Common to Multiple Protocols

show running-config Use the show running-config command to display the current configuration file.

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The display for the show running-config command is bracketed by Current configuration and end.

ZebOS#show running-config Current configuration: ! hostname ripd password zebra log stdout ! debug rip events debug rip packet ! interface lo ! interface cipcb0 ! interface sit0 ! interface eth0 ! interface eth1 ip rip send version 2 ip rip receive version 2 ip rip authentication string !!!! ! interface dummy0 ! interface ip6tnl0 ! interface ip6tnl1 ! ! router rip network eth0 network eth1 end

101

Commands Common to Multiple Protocols

show startup-config Use the show startup-config command to display the startup configuration.

Command Syntax show startup-config

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show startup-config command displaying the configuration at startup.

ZebOS#show startup-config ! ZebOS configuration saved from vty ! 2001/04/21 11:38:52 ! hostname ripd password zebra log stdout ! debug rip events debug rip packet ! interface lo ! interface eth0 ip rip send version 1 2 ip rip receive version 1 2 ! interface eth1 ip rip send version 1 2 ip rip receive version 1 2 ! router rip redistribute connected network 10.10.10.0/24 network 10.10.11.0/24 ! line vty exec-timeout 0 0

102

Commands Common to Multiple Protocols

show version Use the show version command to display the version of ZebOS currently running.

Command Syntax show version

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is an output from the show version command.

ZebOS#show version ZebOS SRS 6.1 (i686-pc-linux-gnu) 12172003 Copyright 2001-2003 IP Infusion Inc. NET-SNMP SNMP agent software (c) 1989, 1991, 1992 by Carnegie Mellon University; (c) 1996, 1998-6.10 The Regents of the University of California. All Rights Reserved; (c) 6.11, Networks Associates Technology, Inc. All rights reserved; (c) 6.11, Cambridge Broadband Ltd. All rights reserved. RSA Data Security, Inc. MD5 Message-Digest Algorithm (c) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. Libedit Library (c) 1992, 1993 The Regents of the University of California. All rights reserved. OpenSSL Library Copyright (C) 1998-6.12 The OpenSSL Project. All rights reserved. Original SSLeay License Copyright (C) 1995-1998 Eric Young ([email protected])

103

Commands Common to Multiple Protocols

terminal length Use the terminal length command to set number of lines displayed on a terminal.

Command Syntax terminal length [LENGTH]

Parameters LENGTH

The number of lines on a terminal. The default length is 25 lines .

Command Mode Exec mode and Privileged Exec mode

Examples The following example sets the terminal length to 30 lines.

ZebOS#terminal length 30

104

Commands Common to Multiple Protocols

terminal monitor Use this command to enable viewing debug messages on the terminal. When the command is used without either of the optional parameters, it may be used by a PVR user or non-PVR user and enables debug output on the terminal for the current VR context. When used with either parameter, it may be used only by a PVR user.

Command Syntax terminal monitor [WORD|all]

Parameters WORD

(Optional) Used in the PVR context, and contains the VR name to be included in the debugging session.

all

(Optional) Used the PVR context to include all VR in a PVR debugging session.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#terminal monitor Related Commands All debug commands

105

Commands Common to Multiple Protocols

who Use the who command to display all other VTY connections. Note:

This command is unavailable to ZebOS Network Platform customers using the IMISH for CLI management. This command is only available on the Linux platform.

Command Syntax who

Parameters None

Command Mode Privileged Exec mode

Example The following is an output from the who command displaying all other VTY connections. The entry “*” marks the connection with the configuration rights.

ZebOS#who vty[8] connected from 127.0.0.1. *vty[9] connected from 127.0.0.1. vty[10] connected from 10.10.0.74

106

Commands Common to Multiple Protocols

write file Use the write memory command to write configuration data to a file.

Command Syntax write file

Parameters None

Command Mode Privileged Exec mode

Example The following is an output from the write terminal command displaying current configuration on the terminal.

ZebOS#write file Building configuration... ZebOS#

Related Commands show running-config, write memory, write terminal

107

Commands Common to Multiple Protocols

write memory Use the write memory command to write configuration data to a file.

Command Syntax write memory

Parameters None

Command Mode Privileged Exec mode

Example The following is an output from the write terminal command displaying current configuration on the terminal.

ZebOS#write memory Building configuration... [OK]

Related Commands show-running-config, write file, write terminal

108

Commands Common to Multiple Protocols

write terminal Use the write terminal command to display current configurations to the VTY terminal.

Command Syntax write terminal

Parameters None

Command Mode Privileged Exec mode

Example The following is an output from the write terminal command displaying current configuration on the terminal.

ZebOS#write terminal Current configuration: ! hostname ripd password zebra log stdout ! debug rip events debug rip packet ! interface lo ! interface eth0 ip rip send version 1 2 ip rip receive version 1 2 ! interface eth1 ip rip send version 1 2 ip rip receive version 1 2 ! ! router rip network 10.10.10.0/24 network 10.10.11.0/24 redistribute connected ! line vty exec-timeout 0 0

Related Commands show-running-config, write file, write memory

109

Commands Common to Multiple Protocols

110

CHAPTER 3

NSM Commands

This chapter provides an alphabetized reference for each of the NSM CLI commands. It includes the following commands: •

admin-group on page 113



arp on page 114



bandwidth on page 115



clear ip route kernel on page 116



clear ipv6 neighbors on page 117



debug nsm on page 118



debug nsm mcast on page 119



debug nsm mcast6 on page 120



debug nsm packet on page 121



duplex on page 122



fib retain on page 123



if-arbiter on page 124



interface on page 125



ip access-group on page 126



ip address on page 127



ip forwarding on page 128



ip proxy-arp on page 129



ip route on page 130



ipv6 address on page 131



ipv6 forwarding on page 132



ipv6 nd current-hoplimit on page 133



ipv6 nd link-mtu on page 134



ipv6 nd managed-config-flag on page 135



ipv6 nd minimum-ra-interval on page 136



ipv6 nd other-config-flag on page 137



ipv6 nd prefix on page 138



ipv6 nd ra-interval on page 139



ipv6 nd ra-lifetime on page 140



ipv6 nd reachable-time on page 141



ipv6 nd retransmission-time on page 142



ipv6 nd suppress-ra on page 143



ipv6 neighbor on page 144



ipv6 route on page 145

111

NSM Commands



maximum-paths on page 146



mtu on page 147



multicast on page 148



router-id on page 149



show debugging nsm on page 150



show interface on page 151



show ip access-list on page 152



show ip forwarding on page 153



show ip interface brief on page 154



show ip route on page 155



show ip route database on page 157



show ipv6 forwarding on page 158



show ipv6 interface on page 159



show ipv6 neighbors on page 160



show ipv6 route on page 161



show ipv6 route database on page 162



show nsm client on page 163



show router-id on page 164



shutdown on page 165



undebug nsm on page 166



undebug nsm packet on page 167

112

NSM Commands

admin-group Use this command to create an administrative group to be used for links. Each link can be a member of one or more, or no administrative groups. When used in the interface mode, this command adds a link between an interface and a group. The name is the name of the group previously configured. There can be multiple groups per interface. The group is created in the Configure mode, then interfaces are added to the group in the Interface mode. Use the no parameter with this command to disable this command. Note:

This command is unavailable to ZebOS Network Platform customers using the IMISH for CLI management.

Command Syntax admin-group [NAME] no admin-group [NAME]

Parameters NAME

Specify the name of the admin group to be added.



Specify the number of groups per system. This parameter is only from the Configure mode.

Command Mode Interface mode

Example In the following example, the interface eth0 has been added to the group ipi:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#admin-group ipi

113

NSM Commands

arp Use this command to create a static group ARP entry. Use the no parameter to remove the static group ARP entry.

Command Syntax arp [A.B.C.D (MAC|alias)] no arp [A.B.C.D]

Parameters A.B.C.D

Specify the IP address of the ARP entry.

MAC

Specify the MAC (hardware) address of the ARP entry in HHHH.HHHH.HHHH format.

alias

Specify the response to ARP requests for the IP address.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#arp 10.10.10.10 0010.2355.4566 alias

114

NSM Commands

bandwidth Use this command to specify the maximum bandwidth to be used for each interface. The bandwidth value is in bits, and can also accept units. Use the no parameter to remove the maximum bandwidth.

Command Syntax bandwidth [BANDWIDTH] no bandwidth

Parameter BANDWIDTH

Specify either k or m for 1 to 999 kilobits or megabits. Specify g for 1 to 10 gigabits.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#bandwidth 100m Related Commands reservable-bandwidth

Validation Commands show running-config, show interface

115

NSM Commands

clear ip route kernel Use this command to clear IPv4 stale kernel routes from NSM RIB and FIB.

Command Syntax clear ip route kernel

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#clear ip route kernel Related Commands clear ipv6 route kernel, fib retain

116

NSM Commands

clear ipv6 neighbors Use this command to clear all dynamic IPv6 neighbor entries.

Command Syntax clear ipv6 neighbors

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#clear ipv6 neighbors

Related Commands clear ipv6 route kernel, fib retain

117

NSM Commands

debug nsm Use this command to specify a set of debug options for NSM events, kernel, and packets. Use the no parameter with this command to disable all NSM debugging.

Command Syntax debug nsm [all|nsm|ha|kernel|mcast|mcast6|packet] no debug nsm [all|nsm|ha|kernel|mcast|mcast6|packet]

Parameters all

Enable all debugging.

events

Enable debugging of NSM events.

ha

Enable debugging of NSM High Availability.

kernel

Enable debugging of NSM kernel.

mcast

Enable debugging of IPv4 multicast (see debug nsm mcast on page 119)

mcast6

Enable debugging of IPv6 multicast (see debug nsm mcast6 on page 120)

packet

Enable debugging of NSM packets (see debug nsm packet on page 121).

Command Mode Exec mode, Privileged Exec mode, and Configure mode

Example ZebOS#debug nsm

118

NSM Commands

debug nsm mcast Use this command to specify the set of debug options for the IPv4 multicast option for NSM. Use the no parameter with this command to disable NSM debugging of IPv4 mcast.

Command Syntax debug nsm mcast [all|fib-msg|mrt|mtrace|mtrace-detail|register|stats|vif|vrf] no debug nsm mcast [all|fib-msg|mrt|mtrace|mtrace-detail|register|stats|vif|vrf]

Parameters all

Enable all IPv4 multicast debugging.

fib-msg

Enable debugging of multicast FIB messages.

mrt

Enable debugging of multicast route.

mtrace

Enable debugging of multicast traceroute.

mtrace-detail

Enable debugging of multicast traceroute detailed debugging.

register

Enable debugging of multicast PIM Register messages.

stats

Enable debugging of multicast statistics.

vif

Enable debugging of multicast interface.

vrf

VPN Routing/Forwarding instance.

Command Mode Exec mode, Privileged Exec mode, and Configure mode

Example ZebOS#debug nsm mcast all

119

NSM Commands

debug nsm mcast6 Use this command to specify the set of debug options for the IPv6 multicast option for NSM. Use the no parameter with this command to disable NSM debugging of IPv6 mcast.

Command Syntax debug nsm mcast6 (all|fib-msg|mif|mrt|register|stats|vrf) no debug nsm mcast6 (all|fib-msg|mif|mrt|register|stats|vrf)

Parameters all

Enable all IPv4 multicast debugging.

fib-msg

Enable debugging of multicast FIB messages.

mif

Enable debugging of multicast interface.

mrt

Enable debugging of multicast route.

register

Enable debugging of multicast PIM Register messages.

stats

Enable debugging of multicast statistics.

vrf

VPN Routing/Forwarding instance.

Command Mode Exec mode, Privileged Exec mode, and Configure mode

Example ZebOS#debug nsm mcast6 all

120

NSM Commands

debug nsm packet Use this command to specify the debug option-set for the nsm packet. Use the no parameter with this command to disable NSM debugging of packets.

Command Syntax debug nsm packet (recv|send)(detail) no debug nsm packet (recv|send)(detail)

Parameters recv

Specify the debug option-set for receive packet.

send

Specify the debug option-set for send packet.

detail

Sets the debug option set to detailed information.

Command Mode Exec mode, Privileged Exec mode, and Configure mode

Example ZebOS#debug nsm packet ZebOS#debug nsm packet recv detail Validation Commands show debugging nsm

121

NSM Commands

duplex Use this command to set the duplex mode for each interface. Use the no parameter to remove the duplex mode.

Command Syntax duplex [auto|full|half] no duplex

Parameter auto

Set the interface to auto-negotiate

full

Set the interface to full-duplex

half

Set the interface to half-duplex

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#duplex auto ZebOS(config-if)#no duplex

122

NSM Commands

fib retain Use this command to modify the retain time for stale routes in the Forwarding Information Base (FIB) during NSM restart. Use the no parameter with this command to revert to default; that is, it does not retain NSM routes in the FIB when NSM is killed. Note:

NSM still retains the stale routes for 60 seconds when it restarts.

Command Syntax fib retain (forever|time) no fib retain (forever|time)

Parameters Forever

Specify an infinite retain time for stale routes.

time

Specify the retain time for stale routes. The default retain time is 60 seconds.

Default NSM routes are cleared from the FIB when NSM is killed. However, when NSM restarts, stale routes are retained for 60 seconds.

Command Mode Configure mode

Usage NSM reads the Forwarding Information Base (FIB) and treats previously self-installed routes as stale routes. You can display stale routes by running the show ip route database command (see show ip route database on page 157). All routes preceded by the symbol p are stale routes. When protocol modules restart, NSM overrides these stale routes with routes reinstalled by protocol modules. The behavior of NSM routes when NSM is killed is as follows: •

no fib retain (default) Cleans up NSM routes from the FIB, but retains stale routes for 60 seconds when restarted.



fib retain Does not clear routes from the FIB and retains stale routes for 60 seconds when restarted.



fib retain forever Does not clear routes and retains stale routes forever.



fib retain time Does not clear routes and retains stale routes for the specified seconds.

Note:

You can remove stale routes at any time by using the clear ip route kernel command (see clear ip route kernel on page 116).

Examples ZebOS#configure terminal ZebOS(config)#fib retain time 180

123

NSM Commands

if-arbiter Use this command to discover new interfaces recently added to the kernel and add them to the ZebOS database. This command starts the arbiter to check interface information periodically. ZebOS dynamically finds any new interfaces added to the kernel. If an interface is loaded dynamically into the kernel when ZebOS is already running, this command polls and updates the kernel information periodically. Use the no parameter with this command to revert to default.

Command syntax if-arbiter [interval ] no if-arbiter

Parameter interval

Specify the interval (in seconds) after which NSM sends query to kernel .

Default By default, if-arbiter is disabled. When interface-related operations are performed outside of ZebOS (for example, when using OS ifconfig), enable if-arbiter for a transient time to complete synchronization. When synchronization is complete, disable it using the if-arbiter CLI.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#if-arbiter interval 5 Validation Commands show running-config

124

NSM Commands

interface Use this command to select an interface to configure, and to enter the Interface command mode.

Command Syntax interface IFNAME

Parameter IFNAME

Specify the name of the interface.

Command Mode Configure mode

Example This example shows the use of this command to enter the Interface mode (note the change in the prompt).

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#

125

NSM Commands

ip access-group Use this command to set the access-group in a Broadcom platform. This command configures an access list to filter incoming, outgoing, or forwarded packets. Use the no parameter with this command to disable the IP access group.

Command Syntax ip access-group [WORD] (forward|in|out) no ip access-group [WORD] (forward|in|out)

Parameters WORD

Specify an access list name.

forward

Specify to filter forwarded packets.

in

Specify to filter incoming packets.

out

Specify to filter outgoing packets.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#access-list 1 permit 225.2.2.2 0.0.0.0 ZebOS(config)#interface 0 ZebOS(config-if)#ip access-group 1 forward ZebOS(config)#interface 0 ZebOS(config-if)#no ip access-group 1 forward

126

NSM Commands

ip address Use this command to set the IP address of an interface. If the secondary parameter is not specified, this command overwrites the primary IP address. If the secondary parameter is specified, this command adds a new IP address to the interface. The secondary address cannot be configured in the absence of a primary IP address. The primary address cannot be removed when a secondary address is present. Use the no parameter with this command to remove the IP address from an interface.

Command Syntax ip address [A.B.C.D/M|dhcp (client-id|hostname)label|secondary] no ip address [A.B.C.D/M|dhcp (client-id|hostname)label|secondary]

Parameters A.B.C.D/M

Specify the IP address and prefix length of an interface.

dhcp

Specify the DHCP Client to obtain IP address for this interface.

client-id

Specify the client identifier (IFNAME) for DHCP.

hostname

Specify the hostname only for DHCP.

label

Specify the label of this address.

secondary

Specify the IP address as secondary.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip address 10.10.10.50/24 ZebOS(config-if)#ip address 10.10.11.50/24 secondary ZebOS(config-if)#ip address dhcp client-id eht1 hostname new Validation commands show running-config, show interface, show ip interface brief

127

NSM Commands

ip forwarding Use this command to turn on IP forwarding. Use the no parameter with this command to turn off IP forwarding.

Command Syntax ip forwarding no ip forwarding

Parameters None

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ip forwarding

128

NSM Commands

ip proxy-arp Use this command to enable the proxy ARP feature on an interface. Use the no parameter to disable the proxy ARP feature on an interface.

Command Syntax ip proxy-arp no ip proxy-arp

Parameters None

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip proxy-arp

129

NSM Commands

ip route Use this command to establish the distance for static routes of a subnet mask. Use the no form of this command to disable the distance for static routes of a subnet mask.

Command Syntax ip route [A.B.C.D|A.B.C.D/M|vrf|A.B.C.D|A.B.C.D||INTERFACE|description| fall-over|tag] no ip route [A.B.C.D|A.B.C.D/M|vrf|A.B.C.D|A.B.C.D||INTERFACE|description |fall-over|tag]

Parameters A.B.C.D

Specify the IP destination prefix.

A.B.C.D/M

Specify the IP destination prefix and a mask length.

vrf

Specify the VPN Routing/Forwarding instance.

A.B.C.D

Specify the IP destination prefix mask.

A.B.C.D

Specify the IP gateway address.



Specify the distance value for the route.

INTERFACE

Specify the name of the interface.

description

Specify a description of the static route.

fall-over

Specify a fall-over detection (BFD).

tag

Specify a tag for this route .

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#ip route 192.168.3.0 255.255.255.0 2.2.2.2 128 ZebOS(config)#ip route 1.1.1.0/24 eth0 32 ZebOS(config)#ip route vrf new 1.1.1.1/1 1.1.1.1 eth1 description new tag 1 Validation Commands show ip route, show running-config

130

NSM Commands

ipv6 address Use this command to set the IPv6 address of an interface. Use the no form of this command to disable this function.

Command Syntax ipv6 address [X:X::X:X/M (anycast)] no ipv6 address [X:X::X:X/M (anycast)]

Parameters X:X::X:X/M

Specify the IP destination prefix and a mask length .

anycast

Specify the anycast flag.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 address 3ffe:506::1/64 Validation Commands show running-config, show interface, show ipv6 route

131

NSM Commands

ipv6 forwarding Use this command to turn on IPv6 forwarding. Use the no parameter with this command to turn off IPv6 forwarding.

Command Syntax ipv6 forwarding no ipv6 forwarding

Parameters None

Command Mode Command mode

Example ZebOS#configure terminal ZebOS(config)#ipv6 forwarding

132

NSM Commands

ipv6 nd current-hoplimit Use this command to set an advertised hop limit for the interface. Use the no option with the command to remove the current hop limit.

Command Syntax ipv6 nd current-hoplimit no ipv6 nd current-hoplimit

Parameter

Set a hop limit within this range.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd current-hoplimit 10 ZebOS(config-if)#no ipv6 nd current-hoplimit

133

NSM Commands

ipv6 nd link-mtu Use this command to set an advertised MTU option. Use the no option with the command to reset the MTU option to the default statute.

Command Syntax ipv6 nd link-mtu no ipv6 nd link-mtu [default]

Parameters default

Reset the MTU option to the default state.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd link-mtu ZebOS(config-if)#no ipv6 nd link-mtu

134

NSM Commands

ipv6 nd managed-config-flag Use this command to set the managed address configuration flag in the Router Advertisement to be used for the IPv6 address auto-configuration. Use the no parameter with this command to reset the value to default.

Command Syntax ipv6 nd managed-config-flag no ipv6 nd managed-config-flag

Parameters None

Default Unset

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd managed-config-flag ZebOS(config-if)#no ipv6 nd suppress-ra Related Commands ipv6 nd suppress-ra, ipv6 nd prefix, ipv6 nd other-config-flag

135

NSM Commands

ipv6 nd minimum-ra-interval Use this command to set a minimum Router Advertisement (RA) interval for the interface. Use the no option with the command to remove the minimum RA interval.

Command Syntax ipv6 nd minimum-ra-interval no ipv6 nd minimum-ra-interval

Parameter

Minimum router advertisement interval (in seconds).

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd minimum-ra-interval 500 ZebOS(config-if)#no ipv6 nd minimum-ra-interval

136

NSM Commands

ipv6 nd other-config-flag Use this command to set the other stateful configuration flag in Router Advertisement to be used for IPv6 address autoconfiguration. Use no parameter with this command to reset the value to default.

Command Syntax ipv6 nd other-config-flag no ipv6 nd other-config-flag

Parameters None

Default Unset

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd other-config-flag ZebOS(config-if)#no ipv6 nd suppress-ra Related Commands ipv6 nd suppress-ra, ipv6 nd prefix, ipv6 nd managed-config-flag

137

NSM Commands

ipv6 nd prefix Use this command to specify the IPv6 prefix information that is advertised by the Router Advertisement for IPv6 address auto-configuration. Use no parameter with this command to reset the IPv6 prefix.

Command Syntax ipv6 nd prefix [X:X::X:X/M|no-autoconfig|off-link|preferred-lifetime |valid-lifetime ] no ipv6 nd prefix [X:X::X:X/M|no-autoconfig|off-link|preferred-lifetime |valid-lifetime ]

Parameters X:X::X:X/M

Specify the IPv6 prefix.

Range of values for valid lifetime in seconds. Range of values for valid lifetime in seconds. no-autoconfig

Specify the IPv6 prefix no autoconfiguration flag.

off-link

Specify the IPv6 prefix off-link flag.

preferred-lifetime Specify the IPv6 prefix preferred lifetime . Range of values for preferred lifetime in seconds. valid-lifetime Specify theIPv6 prefix valid lifetime . Range of values for valid lifetime in seconds.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd prefix 2001:ffff::/64 ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd prefix no-autoconf ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd prefix preferred-lifetime 55000000

138

NSM Commands

ipv6 nd ra-interval Use this command to specify the interval between IPv6 Router Advertisements (RA). Use no parameter with this command to reset the value to default.

Command Syntax ipv6 nd ra-interval no ipv6 nd ra-interval

Parameter

The RA interval in milliseconds.

Default 600 seconds

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd ra-interval 60 ZebOS(config-if)#ipv6 nd prefix 3ffe:ffff:ffff::/64 ZebOS(config-if)#no ipv6 nd suppress-ra Related Commands ipv6 nd suppress-ra, ipv6 nd prefix

139

NSM Commands

ipv6 nd ra-lifetime Use this command to specify the Router Advertisement (RA) lifetime of this router enabling it to act as a default gateway for the network. Use no parameter with this command to reset the value to default.

Command Syntax ipv6 nd ra-lifetime no ipv6 nd ra-lifetime

Parameter

The RA lifetime duration in milliseconds.

Default 1800 seconds

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd ra-lifetime 9000 ZebOS(config-if)#no ipv6 nd suppress-ra Related Commands ipv6 nd suppress-ra, ipv6 nd prefix

140

NSM Commands

ipv6 nd reachable-time Use this command to specify the reachable time in the Router Advertisement to be used for detecting unreachability of the IPv6 neighbor. Use the no parameter with this command to reset the value to default.

Command Syntax ipv6 nd reachable-time no ipv6 nd reachable-time

Parameter

The retransmission time in milliseconds.

Default Zero (0) milliseconds

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd reachable-time 1800000 ZebOS(config-if)#no ipv6 nd suppress-ra Related Commands ipv6 nd suppress-ra, ipv6 nd prefix

141

NSM Commands

ipv6 nd retransmission-time Use this command to establish an IPv6 advertised retransmission time for the current interface. Use the no form of the command to remove the retransmission time.

Command Syntax ipv6 nd retransmission-time no ipv6 nd retransmission-time

Parameter The retransmission time in milliseconds

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd retransmission-time 1200 ZebOS(config-if)#no ipv6 nd retransmission-time

142

NSM Commands

ipv6 nd suppress-ra Use this command to control IPv6 Router Advertisement (RA) transmission for the current interface. Router Advertisement is used for IPv6 stateless auto-configuration. Use no parameter with this command to enable Router Advertisement transmission.

Command Syntax ipv6 nd suppress-ra no ipv6 nd suppress-ra

Parameters None

Default Suppressed

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 nd suppress-ra Related Commands ipv6 nd ra-interval, ipv6 nd prefix

143

NSM Commands

ipv6 neighbor Use this command to add an IPv6 neighbor entry. Use the no form of this command to an IPv6 neighbor entry.

Command Syntax ipv6 neighbor [X:X::X:X|INTERFACE|MAC ] no ipv6 neighbor [X:X::X:X|INTERFACE]

Parameters X:X::X:X

Specify the neighbor’s IPv6 address.

INTERFACE

Specify the name of the interface.

MAC

Specify the MAC hardware address .

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ipv6 neighbor 1:1::1:1 eth1 1111.1111.1111 ZebOS(config)#no ipv6 neighbor 1:1::1:1 eth1

144

NSM Commands

ipv6 route Use this command to establish the distance for static routes of a subnet mask. Use the no form of this command to disable the distance for static routes of a subnet mask.

Command Syntax ipv6 route [X:X::X:X/M|vrf|X:X::X:X|INTERFACE|] no ipv6 route [X:X::X:X/M|vrf|X:X::X:X|INTERFACE|]

Parameters X:X::X:X/M

Specify the IP destination prefix and a mask length .

vrf

Specify the VPN Routing/Forwarding instance.

X:X::X:X

Specify the IP gateway address.

INTERFACE

Specify the name of the interface.



Specify the distance value for the route.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ipv6 route 3ffe:506::1 128 ZebOS(config)#ipv6 route 3ffe:506::1/128 myintname 32 Validation Commands show running-config, show ipv6 route

145

NSM Commands

maximum-paths Use this command to enable multipath support on ZebOS, and to set the maximum number of paths to be installed in the FIB (Forward Information Base). Use the no parameter with this command to revert to default. Note:

Currently, this command is available on Linux systems only.

Command Syntax maximum-paths no maximum-paths

Parameter

Specify the maximum number of paths to be installed in the FIB.

Default By default, the maximum number of paths is set to 4.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#maximum-paths 5

146

NSM Commands

mtu Use this command to set the Maximum Transmission Unit (MTU) size of an interface. Use the no parameter with this command to revert to default.

Command Syntax mtu no mtu

Parameter

Specify the size of MTU in bytes.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#mtu 120

147

NSM Commands

multicast Use this command to set the multicast flag to an interface. Use the no form of this command to disable this function.

Command Syntax multicast no multicast

Parameters None

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#multicast Validation Commands show running-config

148

NSM Commands

router-id Use this command to add a router identifier for this system. Use the no form of this command to disable this function.

Command Syntax router-id (no) router-id

Parameters A.B.C.D

Specifies the router identifier in IP address format for this system.

Command Mode configure mode

Examples ZebOS#configure terminal ZebOS(config)#router-id 123.12.3.123 ZebOS(config)#

149

NSM Commands

show debugging nsm Use this command to display debugging information for the ZebOS routing manager. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show debugging nsm (mcast|mcast6)

Parameters mcast

Displays IPv4 multicast information.

mcast6

Displays IPv6 multicast information

Command Mode Exec mode and Privileged Exec mode

Examples The following is a sample output of the show debugging nsm command displaying the NSM debugging status.

ZebOS#show debugging nsm NSM debugging status: NSM event debugging is on NSM packet debugging is on NSM kernel debugging is on ZebOS# The following is a sample output of the show debugging nsm command using the mcast parameter. ZebOS#show debugging nsm mcast Debugging status: NSM multicast vif debugging is on NSM multicast route debugging is on NSM multicast route statistics debugging is on NSM multicast PIM Register message debugging is on NSM multicast traceroute debugging is on NSM multicast traceroute detailed debugging is on ZebOS#

150

NSM Commands

show interface Use this command to display interface configuration and status. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show interface IFNAME

Parameter IFNAME

(Optional) Displays the name of a specific interface for which status and configuration.

Command Mode Exec mode and Privileged Exec mode

Example The following is what this command displays when the interface is added:

ZebOS#show interface eth0 Interface eth0 Scope: both Hardware is Ethernet Current HW addr: 000e.0c83.3727 Physical:000e.0c83.3727 Logical:(not set) index 2 metric 1 mtu 1500 duplex-full arp ageing timeout 25 VRF Binding: Not bound Label switching is disabled No Virtual Circuit configured Administrative Group(s): None Bandwidth 100m DSTE Bandwidth Constraint Mode is MAM DHCP client is disabled. inet 10.1.2.40/24 broadcast 10.1.2.255 VRRP Master of : VRRP is not configured on this interface. inet6 fe80::20e:cff:fe83:3727/64 input packets 793985, bytes 331458888, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 0, missed 0 output packets 1286681, bytes 144320654, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 ZebOS#

151

NSM Commands

show ip access-list Use this command to display a IP access lists. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ip access-list [||(expanded range)| (expanded range)|WORD]

Parameters

Display an IP standard access list.



Display an IP extended access list.



Display an IP standard access list (expanded range).



Display an IP extended access list (expanded range).

WORD

Display an IP ZebOS access-list name.

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show ip access-list command showing the IP access-list entries.

ZebOS#show ip access-list Standard IP access list 13 permit any Standard IP access list 67 deny 1.1.1.0, wildcard bits 0.0.0.255 Extended IP access list 134 deny ip 1.1.1.0 0.0.0.255 any ZebOS IP access list 1111 deny 1.1.1.1/1 exact-match Standard IP access list 1340 deny 1.1.1.0, wildcard bits 0.0.0.255 Extended IP access list 2001 deny ip 1.1.1.0 0.0.0.255 any ZebOS extended IP access list TK deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log ZebOS IP access list mylist deny 10.10.0.72/24 exact-match permit any ZebOS extended IP access list new deny icmp any any ZebOS extended IP access list tk deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log ZebOS#

152

NSM Commands

show ip forwarding Use this command to display the IP forwarding status. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ip forwarding

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show ip forwarding command displaying the IP forwarding status.

ZebOS#show ip forwarding IP forwarding is on ZebOS#

153

NSM Commands

show ip interface brief Use this command to display brief information about interfaces and the IP addresses assigned to them. To display information about a specific interface, specify the interface name with the command. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ip interface [IFNAME] brief

Parameters IFNAME

Display the name of the interface.

brief

Brief summary of IP status and configuration.

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output from the show ip interface brief command:

ZebOS#show ip interface brief Interface IP-Address lo 127.0.0.1 gre0 unassigned eth0 10.10.0.142 eth1 10.10.11.123 eth2 unassigned eth3 unassigned sit0 unassigned tun24 unassigned tunl0 unassigned

Related Commands show ipv6 interface brief

154

Status up administratively up up administratively administratively administratively administratively administratively

down down down down down down

Protocol up down up up down down down down down

NSM Commands

show ip route Use this command to display the IP routing table for a protocol or from a particular table. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv route (A.B.C.D|A.B.C.D/M|bgp|connected|database|isis|kernel|ospf|rip |static|summary|static)

Parameters A.B.C.D

Display network in the IP routing table.

A.B.C.D/M

Display IP prefix /, e.g., 35.0.0.0/8.

bgp

Display Border Gateway Protocol (BGP) information.

connected

Display connected information.

database

Display IPv6 routing table database information

isis

Display ISO IS-IS information.

kernel

Display kernel information.

ospf

Display Open Shortest Path First (OSPF) information.

rip

Display Routing Information Protocol (RIP) information.

static

Display static routes.

summary

Display a summary of all routes

vrf

Display routes from a VPN Routing/Forwarding instance

Command Mode Exec mode and Privileged Exec mode

Examples When multiple entries are available for the same prefix, NSM uses an internal route selection mechanism based on protocol administrative distance and metric values to choose the best route. All best routes are entered into the FIB and can be viewed using this command. To display all routes (selected and not selected), use the show ip route database command (see show ip route database on page 157). The following show output for the best routes.

ZebOS#show ip route Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default O C C O IA K

1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:00:10 2.2.2.0/24 is directly connected, eth2 3.3.3.0/24 is directly connected, eth1 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:00:10 10.10.0.0/24 via 10.70.0.1, eth0

155

NSM Commands

C C C K ZebOS

10.70.0.0/24 is directly connected, eth0 33.33.33.33/32 is directly connected, lo 127.0.0.0/8 is directly connected, lo 169.254.0.0/16 is directly connected, eth0

The following is the output of this command with the ospf parameter, which displays only the selected OPSF routes learned by NSM:

ZebOS#show ip route ospf O 1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:00:44 O IA 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:00:44 ZebOS# The following is the output of this command with the summary parameter.

ZebOS#show ip route summary IP routing table name is Default-IP-Routing-Table(0) IP routing table maximum-paths is 4 RouteSourceNetworks kernel1 connected5 ospf2 Total8 FIB2

Related Commands show ip route database

156

NSM Commands

show ip route database Use this command to display the database entries known by NSM. When multiple entries are available for the same prefix, NSM uses an internal route selection mechanism based on protocol administrative distance and metric values to choose the best route. The best routes are entered into the FIB and can be viewed using show ip route. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ip route database (bgp|connected|isis|kernel|ospf|rip|static)

Parameters bgp

Display Border Gateway Protocol (BGP) information.

connected

Display connected information.

isis

Display ISO IS-IS information.

kernel

Display kernel information.

ospf

Display Open Shortest Path First (OSPF) information.

rip

Display Routing Information Protocol (RIP) information.

static

Display static routes.

Command Mode Exec mode and Privileged Exec mode

Examples The following is an output of this command displaying the database routes learned by NSM. This output shows selected as well as non elected routes.

ZebOS#show ip route database Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area > - selected route, * - FIB route, p - stale info K *> 0.0.0.0/0 via 10.1.2.1, eth0 C *> 4.4.4.40/32 is directly connected, lo C *> 10.1.2.0/24 is directly connected, eth0 C *> 23.0.0.0/8 is directly connected, eth4 C *> 34.0.0.0/24 is directly connected, eth2 C *> 80.0.0.0/24 is directly connected, eth2 C *> 127.0.0.0/8 is directly connected, lo K *> 169.254.0.0/16 is directly connected, eth0 C *> 192.168.23.0/24 is directly connected, eth4 S *> 192.168.201.1/32 [1/0] via 34.0.0.41, eth2

157

NSM Commands

show ipv6 forwarding Use this command to display IPv6 forwarding status. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv6 forwarding

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show ipv6 forwarding command displaying the IPv6 forwarding status.

ZebOS#show ipv6 forwarding ipv6 forwarding is on ZebOS#

158

NSM Commands

show ipv6 interface Use this command to display brief information about interfaces and the IPv6 address assigned to them. To display information about a specific interface, specify the interface name with the command. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv6 interface [IFNAME] brief

Parameters IFNAME

Display the name of the interface.

brief

Brief summary of IPv6 status and configuration.

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output from the show ipv6 interface brief command:

ZebOS#show ipv6 interface brief lo [up/up] ::1 gre0 [administratively eth0 [up/up] 3ffe:abcd:104::1 3ffe:abcd:103::1 fe80::2e0:29ff:fe6f:cf0 eth1 [up/up] fe80::260:97ff:fe20:f257 eth2 [administratively eth3 [administratively sit0 [administratively tun24 [administratively tunl0 [administratively

down/down]

unassigned

down/down] down/down] down/down] down/down] down/down]

unassigned unassigned unassigned unassigned unassigned

Related Commands show ip interface brief

159

NSM Commands

show ipv6 neighbors Use this command to display all IPv6 neighbors. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv6 neighbors

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show ipv6 neighbors IPv6 Address ZebOS#

160

MAC Address

Interface

Type

NSM Commands

show ipv6 route Use this command to display the IP routing table for a protocol or from a particular table. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv6 route (X:X::X:X|X:X::X:X/M|bgp|connected|database|isis|kernel|ospf|rip |static|summary|static)

Parameters X:X::X:X

Display network in the IP routing table.

X:X::X:X/M

Display IP prefix /, e.g., 35.0.0.0/8.

bgp

Display Border Gateway Protocol (BGP) information.

connected

Display connected information.

database

Display IPv6 routing table database information (see show ipv6 route database on page 162)

isis

Display ISO IS-IS information.

kernel

Display kernel information.

ospf

Display Open Shortest Path First (OSPF) information.

rip

Display Routing Information Protocol (RIP) information.

static

Display static routes.

summary

Display a summary of all routes

vrf

Display routes from a VPN Routing/Forwarding instance

Command Mode Exec mode and Privileged Exec mode

Examples The following is a sample output of the show ipv6 route command displaying the IPv6 routing table.

ZebOS#show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv3, I - IS-IS, B - BGP, > - selected route, * - FIB route, p - stale info. C> * ::1/128 is directly connected, lo C> * 3ffe:1::/48 is directly connected, eth1 C> * 3ffe:2:2::/48 is directly connected, eth2 C * fe80::/10 is directly connected, eth1 C * fe80::/10 is directly connected, eth2 C * fe80::/10 is directly connected, eth3 C> * fe80::/10 is directly connected, eth0 ZebOS#

161

NSM Commands

show ipv6 route database Use this command to display the database entries known by NSM. When multiple entries are available for the same prefix, NSM uses an internal route selection mechanism based on protocol administrative distance and metric values to choose the best route. The best routes are entered into the FIB and can be viewed using show ipv6 route. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show ipv6 route database (bgp|connected|isis|kernel|ospf|rip|static)

Parameters bgp

Display Border Gateway Protocol (BGP) information.

connected

Display connected information.

isis

Display ISO IS-IS information.

kernel

Display kernel information.

ospf

Display Open Shortest Path First (OSPF) information.

rip

Display Routing Information Protocol (RIP) information.

static

Display static routes.

Command Mode Exec mode and Privileged Exec mode

Examples The following is an output of this command displaying the database routes learned by NSM. This output shows selected as well as non-selected routes.

ZebOS#show ipv6 route database IPv6 Routing Table Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, I - IS-IS, B - BGP > - selected route, * - FIB route, p - stale info Timers: Uptime C*> ::1/128 via ::, lo, 03:27:18 C* fe80::/64 via ::, eth2, 03:27:18 C* fe80::/64 via ::, eth4, 03:27:18 C > fe80::/64 via ::, eth0, 03:27:18 K*> ff00::/8 via ::, eth4, 03:27:18 K* ff00::/8 via ::, eth3 inactive, 03:27:18 K* ff00::/8 via ::, eth2, 03:27:18 K* ff00::/8 via ::, eth0, 03:27:18 ZebOS#

162

NSM Commands

show nsm client Use this command to display NSM client information. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show nsm client

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example This command displays the details of currently connected NSM clients, including the services requested by the protocols, statistics and the connection time.

ZebOS#show nsm client NSM client ID: 1 NSM client ID: 19 IMI, socket 23 Service: Interface Service, Router ID Service, VRF Service Message received 1, sent 58 Connection time: Thu Jul 22 11:03:12 2010 Last message read: Service Request Last message write: Link Up NSM client ID: 25 ONMD, socket 24 Service: Interface Service, Bridge service, VLAN service Message received 2, sent 74 Connection time: Thu Jul 22 11:03:15 2010 Last message read: OAM LLDP msg Last message write: Link Up ZebOS#

163

NSM Commands

show router-id Use this command to display the Router ID of the current system. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show router-id

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show router-id Router ID: 10.55.0.2 (automatic)

164

NSM Commands

shutdown Use this command to shut down the selected interface. Use the no form of this command to disable this function.

Command Syntax shutdown no shutdown

Parameters None

Command Mode Interface mode

Examples The following example shows the use of the shutdown command to shut down the interface called eth0.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#shutdown

165

NSM Commands

undebug nsm Use this command to disable all NSM debugging.

Command Syntax undebug nsm [all|events|ha|kernel|packet]

Parameters all

Disable all debugging.

events

Disable debugging for NSM events.

ha

Disable debugging for NSM High Availability.

kernel

Disable debugging for NSM kernel.

packet

Disable debugging for NSM packets (see undebug nsm packet on page 167)

Command Mode Exec mode and Privileged Exec mode

Examples ZebOS#undebug nsm all ZebOS#undebug nsm events ZebOS#undebug nsm kernel

166

NSM Commands

undebug nsm packet Use this command to disable the debugging option for the nsm packet.

Command Syntax undebug nsm packet (recv|send)(detail)

Parameters recv

Disable the debugging option for receive packet.

send

Disable the debugging option for send packet.

detail

Disable the debugging option for detailed information.

Command Mode Exec mode and Privileged Exec mode

Examples ZebOS#undebug nsm packet ZebOS#undebug nsm packet recv detail

167

NSM Commands

168

CHAPTER 4

NSM VPN Commands

This chapter provides an alphabetized reference for each of the NSM VPN CLI commands. It includes the following commands: •

ip route vrf on page 170



ip vrf on page 171



ip vrf forwarding on page 172



show ip route vrf on page 173



show ip vrf on page 174

169

NSM VPN Commands

ip route vrf This command creates a new static entry for the VRF on an interface. The interface should be associated with VRF beforehand and an output interface should be specified. Use the no parameter with this command to delete static route entry.

Command Syntax ip route vrf (NAME) [A.B.C.D/M (A.B.C.D|INTERFACE)|description|tag|] no ip route vrf (NAME) [A.B.C.D/M (A.B.C.D|INTERFACE)|description|tag|]

Parameters vrf

A name used to identify a VRF.

A.B.C.D/M

Route prefix for destination. A.B.C.D/M format.

A.B.C.D

Nexthop address for the destination. A.B.C.D format

INTERFACE

Output interface name for the destination.

description

Set description of the static route.

tag

Set tag for this route

Tag value.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ip route vrf VRF_A 10.10.10.0/24 10.10.0.1 eth0 Related Commands ip vrf, ip vrf forwarding,

170

NSM VPN Commands

ip vrf This command creates a VRF RIB, assigns a VRF-ID, and switches command mode to VRF mode on the ZebOS daemon. Use the no parameter with command to remove a VRF RIB.

Command Syntax ip vrf (WORD) no ip vrf (WORD)

Parameter WORD

A name used to identify a VRF.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ip vrf IPI ZebOS(config-vrf)# Related Commands ip route vrf, ip vrf forwarding

171

NSM VPN Commands

ip vrf forwarding This command associates an interface with a VRF. Use the no parameter with this command to unbind an interface.

Command Syntax ip vrf forwarding (WORD) no ip vrf forwarding (WORD)

Parameter WORD

Name of the VRF created using the ip vrf command in the configure mode (see ip vrf on page 171 command).

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#ip vrf IPI ZebOS(config)#interface eth1 ZebOS(config-if)#ip vrf forwarding IPI Note:

When the ip vrf forwarding command is issued from within the Interface Configuration or Subinterface Configuration mode of the parent VR, the IP address and other attributes of the interface are deleted from the interface. After issuing the command, the IP attributes must then be configured in the context of the VRF.

Related Commands ip route vrf, ip vrf

172

NSM VPN Commands

show ip route vrf This command shows a routing table of the VRF.

Command Syntax show ip route vrf (WORD) Parameter WORD

Displays a name used to identify a VRF.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show ip route vrf VRF_A Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, B - BGP, > - selected route, * - FIB route S> 10.10.10.0/24 [1/0] via 10.10.0.1, eth1 C> * 10.10.0.0/24 is directly connected, eth1 Note: FIB flag might not correct for VRF routing information.

Related Commands show ip vrf

173

NSM VPN Commands

show ip vrf This command shows the routing information of the VRF.

Command Syntax show ip vrf (WORD) Parameter WORD

Displays a name used to identify a VRF.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show ip vrf IPI VRF IPI; (id=1); default RD 1:2 Interfaces: eth2 Export VPN route-target communities RT:100:1 Import VPN route-target communities RT:100:1 No import route-map Related Commands show ip route vrf

174

CHAPTER 5

NSM MPLS Commands

This chapter provides an alphabetized reference for each NSM MPLS command. It includes the following commands: •

label-switching on page 177



mpls admin-groups on page 178



mpls disable-all-interfaces on page 179



mpls egress-ttl on page 180



mpls enable-all-interfaces on page 181



mpls ftn-entry on page 182



mpls ilm-entry on page 183



mpls ingress-ttl on page 184



mpls l2-circuit (Configure Mode) on page 185



mpls-l2-circuit (Interface Mode) on page 186



mpls l2-circuit-fib-entry on page 187



mpls l2-circuit-ftn-entry on page 188



mpls l2-circuit-ilm-entry on page 189



mpls local-packet-handling on page 190



mpls log on page 191



mpls lsp-model on page 192



mpls lsp-tunneling on page 193



mpls map-route on page 194



mpls max-label-value on page 195



mpls min-label-value on page 196



mpls propagate-ttl on page 197



mpls vrf-entry on page 198



show mpls on page 199



show mpls admin-groups on page 200



show mpls cross-connect-table on page 201



show mpls forwarding-table on page 202



show mpls ftn-table on page 203



show mpls ilm-table on page 204



show mpls in-segment-table on page 205



show mpls l2-circuit on page 206



show mpls l2-circuit-group on page 207



show mpls log on page 208



show mpls mapped-routes on page 209

175

NSM MPLS Commands



show mpls out-segment-table on page 210



show mpls vc-table on page 211



show mpls vrf-table on page 212

176

NSM MPLS Commands

label-switching Use this command to either enable label-switching on an interface or to modify the label-space to which this interface is bound. Use the no parameter and this interface is bound to the platform-wide (zero) label-space.

Command Syntax label-switching no label-switching

Parameter

Specify the label space value.

Command Mode Interface mode

Example This example shows the enabling of label switching on the eth0 interface.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#label-switching 654

177

NSM MPLS Commands

mpls admin-groups Use this command to create a name-to-value binding for an administrative group. Note:

Only 32 administrative groups can be configured at one time.

Use the no parameter with this command to remove the specified administrative group.

Command Syntax mpls admin-group [NAME] no mpls admin-group [NAME]

Parameters NAME

Specify name of administrative group to be deleted.



Specify the value of the administrative group to be added.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls admin-group mygroup 3

178

NSM MPLS Commands

mpls disable-all-interfaces Use this command to disable all interfaces for MPLS. This command completely stops all signaling on the router. When issued, all signaling protocols are made aware of this change, which stops all MPLS-specific processing.

Command Syntax mpls disable-all-interfaces

Parameters None

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls disable-all-interfaces

179

NSM MPLS Commands

mpls egress-ttl Use this command to specify a Time to Live (TTL) value for LSPs for which this LSR is the egress. Use the no parameter with this command to unset the custom TTL value.

Command Syntax no mpls egress-ttl no mpls egress-ttl

Parameter

Specify the TTL value to be used.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls egress-ttl 45 Related Commands mpls ingress-ttl

180

NSM MPLS Commands

mpls enable-all-interfaces Use this command to enable all interfaces for MPLS. This command enables all interfaces on a router for labelswitching. This is helpful on router with many interfaces. Note:

Executing this command does not enable any signaling protocol interaction via all the interfaces. Each protocol needs to be explicitly enabled per interface.

Command Syntax mpls enable-all-interfaces

Parameters None

Default All interfaces are disabled by default.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls enable-all-interfaces Related Commands mpls disable-all-interfaces

181

NSM MPLS Commands

mpls ftn-entry Use this command to create FTN entries in the FTN table in the MPLS Forwarder. For all incoming IP packets on an MPLS-enabled router, a best-match lookup is done in the FTN table based on the incoming IP packet's destination address. If a match is found, the packet is labeled, and switched. Use the no parameter with this command to delete the entry.

Command Syntax mpls ftn-entry [tunnel-id A.B.C.D|A.B.C.D/M|A.B.C.D|LABEL|A.B.C.D NEXTHOP| IFNAME|(INDEX|primary|secondary)] no mpls ftn-entry [tunnel-id A.B.C.D|A.B.C.D/M|A.B.C.D|LABEL|A.B.C.D NEXTHOP|IFNAME|(INDEX|primary|secondary)]

Parameters tunnel-id

Specify a tunnel ID .

A.B.C.D

Specify a forwarding equivalence class.

A.B.C.D/M

Specify a forwarding equivalence class with mask.

A.B.C.D

Specify a mask for forwarding equivalence class.

LABEL

Specify an outgoing label .

A.B.C.D

Specify a Next hop IPv4 address.

IFNAME

Specify a Name of the outgoing interface.

INDEX

FTN index update. Optional. If issued, the FTN entry is updated. If not issued, a new FTN entry is created.

primary

primary LSP. Optional. Default is primary.

secondary

secondary LSP. Optional. Default is primary.

Default All interfaces are disabled by default.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls ftn-entry 2 10.10.0.0/24 16 1.2.3.4 eth1 secondary

182

NSM MPLS Commands

mpls ilm-entry Use this command to create an ILM entry in the ILM table to which the incoming interface specified is bound. Upon receipt of a labeled packet on an MPLS-enabled router, a lookup is done based on the incoming label in the ILM table. If a match is found, the packet may either be label-switched downstream, or popped and passed over IP. In a pop operation, an outgoing label is not needed as is either accepted or forwarded over IP. The nexthop option is also not mandatory because the FEC IP address could be a local IP address. Use the no option with the command to delete an ILM entry. If there is no match, an error message displays.

Command Syntax mpls ilm-entry [LABEL|IFNAME(pop|swap|vpnpop)|LABEL |(IFNAME|A.B.C.D)|A.B.C.D|A.B.C.D/M|] no mpls ilm-entry [LABEL|IFNAME(pop|swap|vpnpop)|LABEL |(IFNAME|A.B.C.D)|A.B.C.D|A.B.C.D/M|]

Parameters LABEL

Incoming label value .

IFNAME

Incoming interface name

pop

pop incoming label

swap

Swap incoming label

vpnpop

Pop incoming label and forward VPN packet

LABEL

Outgoing label, including:

0

Indicate explicit null.

3

Indicate implicit null.

16-1048575 Indicate a label. IFNAME

Specify outgoing interface name.

A.B.C.D

Specify a Next hop IPv4 address.

A.B.C.D

Specify an FEC for which this ILM entry is being created

A.B.C.D/M

Specify an FEC for which this ILM entry is being created, plus mask

A.B.C.D

Specify a mask for forwarding equivalence class mask.



(Optional). ILM index update. If used, an ILM entry is updated. If not used, a new ILM entry is created.

Command Mode Configure mode

Examples zebos#configure terminal zebos(config)#mpls ilm-entry 100 eth0 pop eth1 1.2.3.4 10.10.0.0/24 zebos(config)#mpls ilm-entry 100 eth0 pop zebos(config)#mpls ilm-entry 100 eth0 swap 200 eth1 1.2.3.4 10.10.0.0/24

183

NSM MPLS Commands

mpls ingress-ttl Use this command to specify a Time to Live (TTL) value for LSPs for which this LSR is the ingress. Use the no parameter with this command to unset the custom TTL value being used for LSPs for which this LSR is the ingress.

Command Syntax mpls ingress-ttl no mpls ingress-ttl

Parameter

Specify the TTL value to be used.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls ingress-ttl

184

NSM MPLS Commands

mpls l2-circuit (Configure Mode) Use this command in the Configure mode to create an instance of an MPLS Layer-2 Virtual Circuit, without specifying a group to which the VC belongs. A Layer-2 MPLS Virtual Circuit instance may be bound to any interface on the router; however, only one interface may be bound to a Layer-2 circuit at a time. Use the no parameter with this command to delete an instance of an MPLS Layer-2 Virtual Circuit.

Command Syntax mpls l2-circuit (NAME) [|A.B.C.D|GROUPNAME (group-id|)| control-word|manual|] no mpls l2-circuit (NAME) [|A.B.C.D|GROUPNAME (group-id|)|control-word|manual|]

Parameters NAME

Specify a string identifying the MPLS Layer-2 Virtual Circuit.

Specify a 32-bit identifier to which the specified name is to be mapped. A.B.C.D

Specify the IPv4 address for the MPLS L-2 Virtual Circuit end-point.

GROUPNAME

Specify the group name identifier

group-id

Specifics a group ID.

Identify a value for group ID. control-word

Specify the use of control-word.

manual

Specify manually set up the Virtual Circuit; no signaling is used to set up the Virtual Circuit.

tunnel-id

Specify the ID of the MPLS LSP (or Layer-2 tunnel) to be used for this Virtual Circuit .



Tunnel-Identifier - Is obtained only after the tunnel is configured

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls l2-circuit mycircuit 45678 1.2.3.4 Related Commands mpls-l2-circuit (Interface mode)

185

NSM MPLS Commands

mpls-l2-circuit (Interface Mode) Use this command on the Interface mode to bind an interface to a MPLS Layer-2 Virtual Circuit created on the Configure mode. Use the no parameter with this command to delete this instance.

Command Syntax mpls-l2-circuit [NAME] [ethernet|hdlc|ppp|primary|secondary|vlan] no mpls-l2-circuit [NAME] [ethernet|hdlc|ppp|primary|secondary|vlan]

Parameters NAME

Specify a string identifying the MPLS Layer-2 Virtual Circuit.

ethernet

Indicate this as Ethernet.

hdlc

Indicate this as Hdlc.

ppp

Indicate this as point-to-point.

primary

Indicate this as primary link.

secondary

Indicate this as the secondary. That is, link is not be activated unless primary fails.

vlan

Indicate this as Ethernet VLAN

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#mpls-l2-circuit mycircuit ethernet Related Commands mpls l2-circuit

186

NSM MPLS Commands

mpls l2-circuit-fib-entry Use this command to add a static Layer-2 MPLS Virtual Circuit FIB entry. Use the no parameter with this command to delete a Layer-2 MPLS Virtual Circuit FIB entry.

Command Syntax mpls l2-circuit-fib-entry [VC-ID|LABEL|LABEL|A.B.C.D|IFNAME|IFNAME] no mpls l2-circuit-fib-entry [VC-ID]

Parameters VC-ID

Virtual Circuit ID.

LABEL

Incoming label .

LABEL

Outgoing label .

A.B.C.D

Nexthop IPv4 address.

IFNAME

Provider facing interface name.

IFNAME

Access interface name.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls l2-circuit-fib-entry 10 100 200 10.10.10.10 eth1 eth2 Validation Commands show mpls vc-table

187

NSM MPLS Commands

mpls l2-circuit-ftn-entry Use this command to add a Layer-2 MPLS Virtual Circuit FTN entry. Note:

This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax mpls l2-circuit-ftn-entry [VC-ID|LABEL|NEXTHOP|IFNAME_IN|IFNAME_OUT| PUSH_AND_LOOKUP_FOR_VC|PUSH_FOR_VC]

Parameters VC-ID

Virtual circuit identifier

LABEL

Outgoing label

A.B.C.D

Specifies the nexthop IPv4 address

IFNAME

Incoming interface name

IFNAME

Outgoing interface name

PUSH_AND_LOOKUP_FOR_VC Do second lookup in global FTN table for labels PUSH_FOR_VC

Only one label should be pushed

Command Mode Configure mode

Usage Use this command to create an MPLS Layer-2 Virtual Circuit FTN entry for an interface. Note:

The interface must be bound to the Virtual Circuit ID specified before this command is executed

Examples ZebOS#configure terminal ZebOS(config)#mpls l2-circuit-ftn-entry rt 345 2.2.2.2 eth0 eth1 PUSH_FOR_VC

188

NSM MPLS Commands

mpls l2-circuit-ilm-entry Use this command to create an ILM entry in the ILM table to which the incoming interface specified is bound. Upon receipt of a labeled packet on an MPLS-enabled router, a lookup is done based on the incoming label in the ILM table. If a match is found, the packet may either be label-switched downstream, or popped and passed over IP. Note:

This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax mpls l2-circuit-ilm-entry [VC-ID|LABEL|IFNAME_IN|IFNAME_OUT|NEXTHOP]

Parameters VC-ID

Virtual Circuit identifier

LABEL

Incoming label

IFNAME_IN

Incoming interface name

IFNAME_OUT

Outgoing interface name

NEXTHOP

Nexthop IPv4 address

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls l2-circuit-ilm-entry rt 16 eth0 eth1 1.2.3.4

189

NSM MPLS Commands

mpls local-packet-handling Use this command to enable the labeling of locally generated TCP packets. All other locally generated packets are not looked at by the MPLS Forwarder Use the no parameter with this command to disable labeling of locally generated TCP packets.

Command Syntax mpls local-packet-handling no mpls local-packet-handling

Parameters None

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls local-packet-handling

190

NSM MPLS Commands

mpls log Use this command to exercise logging control. This command interacts with the Linux kernel. When using the kernel logging utility - klogd - it needs to be enabled to a logging level that allows for the requested log messages to be printed. Use the no parameter with this command to stop logging messages in the MPLS Forwarder.

Command Syntax mpls log [all|debug|error|notice|warning] no mpls log [all|debug|error|notice|warning]

Parameters all

Logs all messages in MPLS Forwarder.

debug

Logs all messages in MPLS Forwarder.

error

Logs all messages in MPLS Forwarder.

notice

Logs all messages in MPLS Forwarder.

warning

Logs all messages in MPLS Forwarder.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls log error

191

NSM MPLS Commands

mpls lsp-model Use this command to configure the MPLS LSP model as Pipe. Use the no parameter with this command to configure the MPLS LSP model as uniform.

Command Syntax mpls lsp-model [pipe] no mpls lsp-model [pipe]

Parameter pipe

Specify the model to be configured.

Default Uniform is the default model configuration.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls lsp-model pipe ZebOS#configure terminal ZebOS(config)#no mpls lsp-model pipe

192

NSM MPLS Commands

mpls lsp-tunneling Use this command to choose the transit LSP and a locally configured LSP tunnel for carrying the transit LSP. Use the no parameter with this command to disable this configuration.

Command Syntax mpls lsp-tunneling [IFNAME|||A.B.C.D/M] no mpls lsp-tunneling [IFNAME]

Parameters IFNAME

Name of the incoming interface.



Label used to identify incoming transit LSP traffic.



Transit LSP Label distributed by tunnel LSP egress node to its upstream node.

Note:

Tunnel egress node should have platform wide label space configured.

A.B.C.D/M

Prefix used to identify tunnel LSP.

Command Mode Configure mode

Command Example ZebOS#configure terminal ZebOS(config)#mpls lsp-tunneling eth0 16 30 1.2.2.4/16

193

NSM MPLS Commands

mpls map-route Use this command to map a prefix to a Forwarding Equivalence Class (FEC). Use the no parameter with this command to disable this configuration.

Command Syntax mpls map-route [A.B.C.D|A.B.C.D/M|A.B.C.D|A.B.C.D/M|A.B.C.D|A.B.C.D] no mpls map-route [A.B.C.D|A.B.C.D/M|A.B.C.D|A.B.C.D/M|A.B.C.D|A.B.C.D]

Parameters A.B.C.D

Specify the IPv4 prefix to be mapped.

A.B.C.D/M

Specify the IPv4 prefix to be mapped, plus mask.

A.B.C.D

Specify the mask for IPv4 address to be mapped.

A.B.C.D/M

Specify the mask for IPv4 address to be mapped, plus mask.

A.B.C.D

Specify the IPv4 Forwarding Equivalence Class for route to be mapped.

A.B.C.D

Specify the mask for IPv4 Forwarding Equivalence Class.

Command Mode Configure mode

Examples In the following examples 5.6.7.8/32 is the FEC for an LSP, and 1.2.3.4 is the prefix to be mapped.

ZebOS#configure terminal ZebOS(config)#mpls map-route 1.2.3.4/32 5.6.7.8/32 ZebOS#configure terminal ZebOS(config)#mpls map-route 1.2.3.4 255.255.255.255 5.6.7.8 255.255.255.255

194

NSM MPLS Commands

mpls max-label-value Use this command to specify a maximum label value. After setting a maximum label value for a label space, make sure to bind the label space to an interface. Use the no parameter with this command to use the default maximum label value for all the label pools. Note:

The system allows label-space range (maximum and minimum label values) changes for interface-specific label spaces only. The platform-wide label-space range cannot be modified.

Command Syntax mpls max-label-value [|label-space ] no mpls max-label-value [|label-space ]

Parameters

Maximum size for all label pools.

label-space

(Optional). Label space for which maximum value needs to be modified .

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls max-label-value 55 label-space 4456

195

NSM MPLS Commands

mpls min-label-value Use this command to specify a minimum label value. After setting the minimum label value for a label space, make sure to bind the label space to an interface. Use the no parameter with this command to use the default minimum label value for all label pools. Note:

The system allows label space range (maximum and minimum label values) changes for interface-specific label spaces only. Platform-wide label-space range cannot be modified.

Command Syntax mpls min-label-value [|label-space ] no mpls min-label-value [|label-space ]

Parameters

Maximum size for all label pools.

label-space

(Optional). Label space for which maximum value needs to be modified .

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls min-label-value 556 label-space 2342

196

NSM MPLS Commands

mpls propagate-ttl Use this command to enable TTL propagation. Enabling TTL propagation causes the TTL value in the IP header to be copied onto the TTL field in the shim header, at the LSP ingress. Use the no parameter with this command to disable TTL propagation.

Command Syntax mpls propagate-ttl no mpls propagate-ttl

Parameters None

Default TTL propagation is enabled by default.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls propagate-ttl ZebOS#configure terminal ZebOS(config)#no mpls propagate-ttl

197

NSM MPLS Commands

mpls vrf-entry Use this command to add a VRF entry to the VRF table with the name (VRF-NAME). To use this command, the VRF table must already exist. Use the no parameter with this command to disable this configuration. Note:

This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax mpls vrf-entry (VRF-NAME) [A.B.C.D|A.B.C.D/M||A.B.C.D|IFNAME DLVR_TO_IP|PUSH|PUSH_AND_LOOKUP] no mpls vrf-entry (VRF-NAME) [A.B.C.D|A.B.C.D/M||A.B.C.D|IFNAME DLVR_TO_IP|PUSH|PUSH_AND_LOOKUP]

Parameters VRF-NAME

Specify the VRF identifier.

A.B.C.D

Forwarding Equivalence Class (FEC).

A.B.C.D/M

Forwarding Equivalence Class (FEC), with mask.

A.B.C.D

Mask for Forwarding Equivalence Class.

A.B.C.D/M

Forwarding Equivalence Class, with mask.



Outgoing label.

A.B.C.D

Next hop IPv4 address.

IFNAME

Name of the outgoing interface.

DLVR_TO_IP

Forward over IP.

PUSH

Only one label should be pushed.

PUSH_AND_LOOKUP Do second lookup in global FTN table for label.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mpls vrf-entry myVRF 10.10.0.0/24 100 1.2.3.4 eth1 PUSH Related Commands ip vrf NAME

198

NSM MPLS Commands

show mpls Use this command to display all label data.

Command Syntax show mpls

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls Minimum label configured: 16 Maximum label configured: 1048575 Per label-space information: Label-space 0 is using minimum label: 16 and maximum label: 1048575 Label-space 2342 is using minimum label: 556 and maximum label: 1048575 Custom ingress TTL configured: none Custom egress TTL configured: none Log message detail: none Admin group detail: none Packets dropped IP:115167, dropped MPLS:0 sent to IP:490943, labeled:0, switch d:0 MPLS Differentiated Services Supported Classes data: CLASS DSCP_value be 000000 MPLS Differentiated Services CLASS to EXP mapping data: CLASS DSCP_value EXP_value be 000000 0 ZebOS#

199

NSM MPLS Commands

show mpls admin-groups Use this command to display all administrative groups configured.

Command Syntax show mpls admin-groups

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls admin-groups Admin group detail: Value of 0 associated with Value of 1 associated with Value of 2 associated with Value of 4 associated with ZebOS#

200

admin admin admin admin

group group group group

'a' 'b' 'c' 'd'

NSM MPLS Commands

show mpls cross-connect-table Use this command to display detailed information of all the entries created in the MPLS cross-connect table.

Command Syntax show mpls cross-connect-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show mpls cross-connect-table

ZebOS#show mpls cross-connect-table Cross connect ix: 3, in intf: -, in label: 0, out-segment ix: 3 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 3, owner: RSVP, out intf: eth1, out label: 16 Nexthop addr: 10.10.20.80, cross connect ix: 3, op code: Push Cross connect ix: 6, in intf: -, in label: 0, out-segment ix: 6 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 6, owner: RSVP, out intf: eth1, out label: 17 Nexthop addr: 10.10.20.80, cross connect ix: 6, op code: Push

201

NSM MPLS Commands

show mpls forwarding-table Use this command to display all LSPs originating from this router. It also displays codes indicating the selected FTN (FEC to Next-Hop-Label-Forwarding-Entry).

Command Syntax show mpls forwarding-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following output shows the code explanations, FEC, Nexthop, and outgoing interfaces and labels.

ZebOS#show mpls forwarding-table Codes: > - selected FTN, B - BGP FTN, C - CR-LDP FTN, K - CLI FTN, L - LDP FTN, R - RSVP-TE FTN, S - SNMP FTN, U - unknown FTN Code FEC Nexthop Out-Label Out-Intf R> 10.10.26.63/32 10.10.20.80 16 eth1 R> 192.168.0.63/32 10.10.20.80 17 eth1 ZebOS#

202

NSM MPLS Commands

show mpls ftn-table Use this command to display information of all the entries created in the MPLS FTN (FEC to Next-Hop-LabelForwarding-Entry) table.

Command Syntax show mpls ftn-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls ftn-table Primary FTN entry with FEC: 10.10.26.63/32, ix 3, row status: Active Owner: RSVP, Action-type: Redirect to Tunnel, Exp-bits: 0x0 Description: t1 Cross connect ix: 3, in intf: -, in label: 0, out-segment ix: 3 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 3, owner: RSVP, out intf: eth1, out label: 16 Nexthop addr: 10.10.20.80, cross connect ix: 3, op code: Push Primary FTN entry with FEC: 192.168.0.63/32, ix 4, row status: Active Owner: RSVP, Action-type: Redirect to Tunnel, Exp-bits: 0x0 Description: t2 Cross connect ix: 6, in intf: -, in label: 0, out-segment ix: 6 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 6, owner: RSVP, out intf: eth1, out label: 17 Nexthop addr: 10.10.20.80, cross connect ix: 6, op code: Push ZebOS#

203

NSM MPLS Commands

show mpls ilm-table Use this command to display summarized information of the ILM (Incoming Label Map) table.

Command Syntax show mpls ilm-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls ilm-table Code In-Label Out-Label In-Intf Out-Intf Nexthop FEC Type > 52480 3 eth2 eth3 6.6.6.93 LSP_DEFAULT > 52481 3 eth2 eth3 6.6.6.93 LSP_DEFAULT ZebOS# Examples ZebOS#show mpls ilm-table

204

ILM-ID LSP11.11.11.11/32

9

22.22.22.22/32 10

NSM MPLS Commands

show mpls in-segment-table Use this command to display detailed information of all entries in the Incoming Label Map (also known as in-segment) table.

Command Syntax show mpls in-segment-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls in-segment-table In-segment entry with in label: 16, in intf: eth1, row status: Active Owner: RSVP, #of pops: 1, fec: 10.10.26.63/32 Cross connect ix: 1, in intf: eth1, in label: 16, out-segment ix: 1 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 1, owner: RSVP, out intf: eth0, out label: 3 Nexthop addr: 10.10.24.63, cross connect ix: 1, op code: Swap In-segment entry with in label: 17, in intf: eth1, row status: Active Owner: RSVP, #of pops: 1, fec: 192.168.0.63/32 Cross connect ix: 1, in intf: eth1, in label: 17, out-segment ix: 1 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 1, owner: RSVP, out intf: eth0, out label: 3 Nexthop addr: 10.10.24.63, cross connect ix: 1, op code: Swap ZebOS#

205

NSM MPLS Commands

show mpls l2-circuit Use this command to display MPLS Layer-2 Virtual Circuit data.

Command Syntax show mpls l2-circuit

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show mpls l2-circuit command displaying Virtual Circuit data.

ZebOS#show mpls l2-circuit ipi MPLS Layer-2 Virtual Circuit: ipi, id: 1000 Endpoint: 192.168.0.80 Control Word: 0 MPLS Layer-2 Virtual Circuit Group: none Bound to interface: eth2 Virtual Circuit Type: Ethernet ZebOS#

206

NSM MPLS Commands

show mpls l2-circuit-group Use this command to display MPLS Layer-2 Virtual Circuit group data.

Command Syntax show mpls l2-circuit-group

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls l2-circuit-group

207

NSM MPLS Commands

show mpls log Use this command to display logging information configured for MPLS.

Command Syntax show mpls log

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls log Log message detail: none ZebOS#

208

NSM MPLS Commands

show mpls mapped-routes Use this command to display all configured mapped MPLS routes.

Command Syntax show mpls mapped-routes

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls mapped-routes

209

NSM MPLS Commands

show mpls out-segment-table Use this command to display detailed information of all entries in the out-segment (also known as NHLFE) table.

Command Syntax show mpls out-segment-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls out-segment-table

210

NSM MPLS Commands

show mpls vc-table Use this command to display summarized information of all Virtual Circuit FTN (FEC to Next-Hop-Label-ForwardingEntry) entries. Note:

This command is available only if --enable-mpls-vc configuration option is enabled in the configure script.

Command Syntax show mpls vc-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls vc-table

211

NSM MPLS Commands

show mpls vrf-table Use this command to display detailed information of all the configured VRF entries. Specify the name of the VRF to display information about a specific VRF entry. Note:

This command is available only if --enable-vrf configuration option is enabled in the configure script.

Command Syntax show mpls vrf-table

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mpls vrf-table

212

CHAPTER 6

MPLS OAM Commands

MPLS Operation, Administration, and Maintenance (OAM) provides an external ability to detect data plan failures that cannot be detected by the protocols. MPLS OAM provides ping and trace-route facilities for the data plane with which end-to-end connectivity can be tested. This chapter includes the following commands: •

ping mpls ipv4 on page 214



ping mpls l2-circuit on page 215



ping mpls l3vpn on page 216



ping mpls ldp on page 217



ping mpls rsvp on page 218



ping mpls vpls on page 219



trace mpls ipv4 on page 220



trace mpls l2-circuit on page 221



trace mpls l3vpn on page 222



trace mpls ldp on page 223



trace mpls rsvp on page 224



trace mpls vpls on page 225

213

MPLS OAM Commands

ping mpls ipv4 Use this command to initiate sending MPLS echo request packets in the specified static LSP of the MPLS cloud.

Command Syntax ping mpls ipv4 [A.B.C.D/M (destination A.B.C.D)(detail) (flags) (force-explicitnull) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters A.B.C.D/M

IPv4 Prefix address

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Optional. Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#ping mpls ipv4 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

214

MPLS OAM Commands

ping mpls l2-circuit Use this command to initiate sending MPLS echo request packets in the specified Layer-2 Virtual Circuit (VC) of the MPLS cloud.

Command Syntax ping mpls l2-circuit [(destination A.B.C.D)(detail) (flags) (forceexplicit-null) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters

Layer-2 VC ID.

A.B.C.D/M

IPv4 Prefix address

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#ping mpls l2-circuit 3 reply-mode 2 flags destination 127.1.3.4 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

215

MPLS OAM Commands

ping mpls l3vpn Use this command to initiate sending MPLS echo request packets in the specified VPN instance of the MPLS cloud.

Command Syntax ping mpls [NAME] l3vpn [A.B.C.D/M (destination A.B.C.D)(detail) (flags) (forceexplicit-null) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters NAME

VPN Instance Name.

A.B.C.D/M

VPN Prefix address.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Optional. Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#ping mpls l3vpn vrfa 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

216

MPLS OAM Commands

ping mpls ldp Use this command to initiate sending MPLS echo request packets in the specified LDP LSP of the MPLS cloud. ping mpls ldp [A.B.C.D/M (destination A.B.C.D)(detail) (flags) (force-explicitnull) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters A.B.C.D/M

LDP FEC prefix Address

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Optional. Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Examples ZebOS#ping mpls ldp 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

217

MPLS OAM Commands

ping mpls rsvp Use this command to initiate sending MPLS echo request packets in the specified RSVP-TE LSP of the MPLS cloud. ping mpls rsvp [egress (A.B.C.D)|tunnel-name (NAME) (destination A.B.C.D)(detail) (flags) (force-explicit-null) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters egress

RSVP egress.

A.B.C.D

RSVP tunnel egress address.

tunnel-name

RSVP tunnel name.

NAME

Tunnel name string.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Optional. Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Examples ZebOS#ping mpls rsvp egress 1.2.3.5 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

ZebOS#ping mpls rsvp tunnel-name tun1 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

218

MPLS OAM Commands

ping mpls vpls Use this command to initiate sending MPLS echo request packets in the specified VPLS instance of the MPLS cloud.

Command Syntax ping mpls vpls [ peer (A.B.C.D/M)(destination A.B.C.D)(detail) (flags) (force-explicit-null) (interval )(repeat ) (reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters

VPLS instance ID.

peer

VPLS peer.

A.B.C.D/M

VPLS peer address.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. interval

Optional. Interval in milliseconds between MPLS ping packets . Default is 2.

repeat

Number of ping packets to be sent . Default is 5.

reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#ping mpls vpls 2 peer 10.10.0.0 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicit-null

219

MPLS OAM Commands

trace mpls ipv4 Use this command to initiate tracing the route traversed by the specified IPv4 static LSP echo request packet in the MPLS cloud.

Command Syntax trace mpls ipv4 [A.B.C.D/M (destination A.B.C.D)(detail) (flags) (force-explicitnull)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters A.B.C.D/M

IPv4 Prefix address.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#trace mpls ipv4 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

220

MPLS OAM Commands

trace mpls l2-circuit Use this command to initiate tracing the route traversed by the specified Layer-2 VC echo request packet in the MPLS cloud.

Command Syntax trace mpls l2-circuit [ (destination A.B.C.D)(detail) (flags) (forceexplicit-null)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters

L2 Circuit ID.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#trace mpls l2-circuit 3 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

221

MPLS OAM Commands

trace mpls l3vpn Use this command to initiate tracing the route traversed by the specified VPN instance echo request packet in the MPLS cloud.

Command Syntax trace mpls l3vpn [(NAME) (A.B.C.D/M)(destination A.B.C.D)(detail) (flags) (forceexplicit-null)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters NAME

VPN instance name

A.B.C.D/M

VPN prefix



L2 Circuit ID.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#trace mpls l3vpn vrfa 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

222

MPLS OAM Commands

trace mpls ldp Use this command to initiate tracing the route traversed by the specified LDP LSP echo request packet in the MPLS cloud.

Command Syntax trace mpls ldp [(A.B.C.D/M)(destination A.B.C.D)(detail) (flags) (force-explicitnull)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters A.B.C.D/M

LDP FEC prefix Address



L2 Circuit ID.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Example ZebOS#trace mpls ldp 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

223

MPLS OAM Commands

trace mpls rsvp Use this command to initiate tracing the route traversed by the specified RSVP-TE LSP echo request packet in the MPLS cloud.

Command Syntax trace mpls rsvp [egress (A.B.C.D)|(tunnel-name NAME)(destination A.B.C.D)(detail) (flags) (force-explicit-null)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters egress

RSVP egress.

A.B.C.D

RSVP tunnel egress address.

tunnel-name

RSVP tunnel name.

NAME

Tunnel name string.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Examples ZebOS#trace mpls rsvp egress 1.2.3.5 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

ZebOS#trace mpls rsvp tunnel-name tun1 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

224

MPLS OAM Commands

trace mpls vpls Use this command to initiate tracing the route traversed by the specified VPLS instance echo request packet in the MPLS cloud.

Command Syntax trace mpls vpls [ (peer A.B.C.D/M)(destination A.B.C.D)(detail) (flags) (force-explicit-null)(reply-mode 1|2) (source A.B.C.D) (timeout ) (ttl )]

Parameters

VPLS instance ID.

peer

VPLS peer.

A.B.C.D/M

VPLS peer address.

destination

Destination IPv4 address field in the UPD ping packet. Must be from the range 127/8 excluding the default local loopback address.

detail

Print a detailed output of the ping command.

flags

Received LSR must do an FEC stack validation. Default is disabled.

force-explicit-null Force Explicit NULL label. reply-mode

Reply modes defined in RFC.

1

Reply with IP UDP packet (default)

2

Reply with IP UDP packet with router alert.

source

Source IPv4 address field in the UPD packet. Default is the router ID.

timeout

Time to wait in seconds before rejecting the sent probe as a failure Default is 60.

ttl

Ping packet time-to-live value in seconds . Default is 225.

Command Mode Privileged Exec mode

Examples ZebOS#trace mpls vpls 2 peer 10.10.0.0/24 reply-mode 2 flags destination 127.1.2.3 source 10.10.0.1 ttl 226 timeout 65 detail force-explicit-null

225

MPLS OAM Commands

226

CHAPTER 7

NSM GMPLS Commands

This chapter provides an alphabetized reference for each of the NSM GMPLS CLI commands. It includes the following commands: •

gmpls capability-type on page 228



gmpls encoding-type on page 229



gmpls interface-type on page 230



gmpls link-id on page 231



gmpls local-interface-id on page 232



gmpls min-lsp-bandwidth on page 233



gmpls max-lsp-size on page 234



gmpls protection-type on page 235



gmpls remote-interface-id on page 236



gmpls risk-group on page 237



gmpls sdh-indication on page 238

227

NSM GMPLS Commands

gmpls capability-type Use this command to specify the Generalized MPLS (GMPLS) interface switching capability-type. It also triggers advertisement of the interface switching capability type as GMPLS extensions by Interior Gateway Protocol (IGP). It is possible to configure one or more capability types on an interface. Use the no parameter to disable this configuration.

Command Syntax gmpls capability-type [fsc|l2sc|lsc|psc1|psc2|psc3|psc4|tdm] no gmpls capability-type [fsc|l2sc|lsc|psc1|psc2|psc3|psc4|tdm]

Parameters fsc

Fiber-Switch Capable (FSC).

l2sc

Layer-2 Switch Capable (L2SC).

lsc

Lambda-Switch Capable (LSC)

psc1

Packet-Switch Capable-1 (PSC-1)

psc2

Packet-Switch Capable-2 (PSC-2)

psc3

Packet-Switch Capable-3 (PSC-3)

psc4

Packet-Switch Capable-4 (PSC-4)

tdm

Time-Division-Multiplex Capable (TDM)

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls capability-type psc1 Related Commands gmpls link-id, gmpls protection-type, gmpls risk-group

228

NSM GMPLS Commands

gmpls encoding-type Use this command to specify the GMPLS interface LSP (Label Switched Path) encoding type. To advertise this information by IGP, specify at least one switching capability type using the gmpls capability-type command (see gmpls capability-type on page 228). Use the no parameter to disable the configuration.

Command Syntax gmpls encoding-type [packet|ethernet|pdh|sdh|digital|lambda|fiber|fiber-channel] no gmpls encoding-type [packet|ethernet|pdh|sdh|digital|lambda|fiber|fiber-channel]

Parameters digital

Specify digital wrapper.

ethernet

Specify Ethernet.

fiber

Specify fiber.

fiber-channel

Specify fiber channel.

lambda

Specify lambda (photonics)

packet

Specify packet.

pdh

Specify ANSI/ETSI PDH.

sdh

Specify SDH ITU-T G.707 / SONET ANSI T1.105.

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls encoding-type packet Related commands gmpls capability-type, gmpls min-lsp-bandwidth, gmpls sdh-indication

229

NSM GMPLS Commands

gmpls interface-type Use this command to configure a type for each physical interface. When an interface type is configured as data, the interface is used only in the data plane. When it is configured as control, it is used only in the control plane. When it is configured as data-control, it is used in both the data plane and in the control plane. Use the no option with this command to reset the physical interface to its default state.

Command Syntax gmpls interface-type [data|control (numbered)|data-control] (no) gmpls interface-type [data|control (numbered)|data-control]

Parameters data

Interface type is for GMPLS in the data plane only

control

Interface type is for GMPLS in the control plane only

numbered data-control

Indicate the control is numbered Interface type is for GMPLS in both the data and control planes

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#gmpls interface-type data ZebOS(config-if)#gmpls interface-type data-control

230

NSM GMPLS Commands

gmpls link-id Use this command to advertise link local/remote identifiers by IGP. This command triggers an advertisement of link local/remote identifiers as GMPLS extensions by IGP. Use the no parameter to disable the configuration.

Command Syntax gmpls link-id no gmpls link-id

Parameters None

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls link-id

Related commands gmpls protection-type, gmpls capability-type, gmpls risk-group

231

NSM GMPLS Commands

gmpls local-interface-id Use this command to configure a local interface ID for the default data link of the physical interface. Interface-type must be set to data or data-control before local interface-id can be set. Use the no parameter to disable the configuration.

Command Syntax gmpls local-interface-id [A.B.C.D] no gmpls local-interface-id [A.B.C.D]

Parameter A.B.C.D

Local interface ID in IPv4 address format

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#gmpls interface-type data ZebOS(config-if)#gmpls local-interface-id 2 Related Commands gmpls interface-type

232

NSM GMPLS Commands

gmpls min-lsp-bandwidth Use this command to specify the minimum LSP bandwidth of an interface. To advertise this information by IGP, specify the switching capability type to PSC1, PSC2, PSC3, PSC4, or TDM using the gmpls capability-type command (see gmpls capability-type on page 228). Use the no parameter to disable the configuration.

Command Syntax gmpls min-lsp-bandwidth (BANDWIDTH ) no gmpls min-lsp-bandwidth

Parameters BANDWIDTH

Specify bandwidth bits, expressed in kilobits (k), megabits (m), or giga bits (g) .

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls min-lsp-bandwidth 1g

Related commands gmpls capability-type, gmpls encoding-type, gmpls sdh-indication

233

NSM GMPLS Commands

gmpls max-lsp-size Use this command to configure the maximum LSP Bandwidth that can be carried on any data-link associated with a physical interface. Use the no option with this command to reset the bandwidth to its default value.

Command Syntax gmpls max-lsp-size [BANDWIDTH] no gmpls max-lsp-size [BANDWIDTH]

Parameter BANDWIDTH

Specify the bits, expressed in [k|m|g] for kilobits, megabits, or gigabits. Range is .

Command Mode Interface mode

Default Link bandwidth

Examples ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#gmpls max-lsp-size 1000 ZebOS(config-if)#no gmpls max-lsp-size 1000 Related Commands gmpls interface-type, bandwidth, min-lsp-bandwidth

234

NSM GMPLS Commands

gmpls protection-type Use this command to specify the link protection type of an interface. It also triggers an advertisement of link protection type as GMPLS extensions by IGP. Use the no parameter to disable the configuration.

Command Syntax gmpls protection-type (dedicated-1plus1|decicated-1to1|enhanced|extratraffic|shared|unprotected) no gmpls protection-type (dedicated-1plus1|decicated-1to1|enhanced|extratraffic|shared|unprotected)

Parameters dedicated-1plus1 Specify link type as dedicated 1+1. dedicated-1to1 Specify link type as dedicated 1:1. enhanced

Specify link type as enhanced.

extra-traffic

Specify link type as extra traffic.

shared

Specify link type as shared.

unprotected

Specify link type as unprotected.

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls protection-type extra-traffic

Related commands gmpls link-id, gmpls capability-type, gmpls risk-group

235

NSM GMPLS Commands

gmpls remote-interface-id Use this command to specify remote interface id for physical interface, provided link type for physical link is configured as data or data-control.

Command Syntax (no) gmpls remote-interface-id [A.B.C.D|] A.B.C.D Remote interface ID in IPv4 address format Remote interface ID in integer format

Command Mode Interface mode

Default 0

Usage This command is used to configure a remote interface ID for the default data link of the physical interface. Interfacetype must be set to data or data-control and local-interface-id must be set before remote-interfaceid can be set.

Example ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#gmpls interface-type data ZebOS(config-if)#gmpls local-interface-id 2 ZebOS(config-if)#gmpls remote-interface-id 3 Related Commands gmpls interface-type, gmpls local-interface-id

236

NSM GMPLS Commands

gmpls risk-group Use this command to specify the GMPLS Shared Risk Link Group (SRLG) value. It also triggers an advertisement of Shared Risk Link Group (SRLG) information as GMPLS extensions by IGP. Use the no parameter to disable the configuration.

Command Syntax gmpls risk-group no gmpls risk-group

Parameters Specify Shared Risk Link Group value.

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls risk-group 200 Related commands gmpls link-id, gmpls protection-type, gmpls capability-type

237

NSM GMPLS Commands

gmpls sdh-indication Use this command to specify the GMPLS SONET/SDH indication. To advertise this information by IGP, also specify the switching capability type to Time Division Multiplexing (TDM), using the gmpls capability-type command (see gmpls capability-type on page 228). Use the no parameter to disable the configuration.

Command Syntax gmpls sdh-indication [arbitrary|standard] no gmpls sdh-indication

Parameters arbitrary

Specify arbitrary SONET/SDH.

standard

Specify a standard SONET/SDH.

Default Disabled

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#gmpls sdh-indication standard

Related commands gmpls capability-type, gmpls encoding-type, gmpls min-lsp-bandwidth

238

CHAPTER 8

TE Link Commands

The commands in this chapter are executed in TE link mode. It includes the following commands: •

admin-group on page 240



data-link on page 241



description on page 242



disable-te-link-local on page 243



enable-te-link-local on page 244



label-switching on page 245



remote-link-id on page 246



risk-group on page 247



show bi-lsp on page 248



show te-link on page 249



shutdown on page 250



te-flooding on page 251



te-link on page 252



te-metrics on page 253

239

TE Link Commands

admin-group Use this command to create an administrative group to be used for links. Each link can be a member of one or more administrative groups. Use the no parameter with this command to remove an administrative link. Note:

Links do not have to be assigned to administrative groups.

Command Syntax admin-group [NAME]

Parameter NAME

Name of the admistrative group

Command Mode TE Link mode

Example ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id ZebOS(config-te)#admin-group temp

240

TE Link Commands

data-link Use this command to associate data links with TE links. Only data-links can be associated to a TE link. Attempting to map multiple data links to the same TE link returns an error. Use the no parameter with this command to remove an existing data link from a TE link.

Command Syntax data link [IFNAME] (no) data [IFNAME]

Parameter IFNAME

Indicate the interface name

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#data-link eth1 ZebOS(config-te)#no data-link eth1 ZebOS(config-te)#data-link eth2

Related Commands te-link

241

TE Link Commands

description Use this command to provide a TE Link-specific description. Use the no parameter with this command to remove the description.

Command Syntax description [LINE] no description

Parameters LINE

Text describing the specific interface.

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#description This is for Testing

242

TE Link Commands

disable-te-link-local Use this command to disable the TE link local exchange. Use the enable-te-link-local command to enable the TE link local exchange (see enable-te-link-local on page 244).

Command Syntax disable-te-link-local

Parameters None

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#disable-te-link-local

243

TE Link Commands

enable-te-link-local Use this command to enable the TE link local exchange. Use the disable-te-link-local command to disable the TE link local exchange (see disable-te-link-local on page 243).

Command Syntax enable-te-link-local

Parameters None

Command Mode TE Link mode

Example ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#enable-te-link-local

244

TE Link Commands

label-switching Use this command to enable label-switching on a TE link. Use the no parameter with this command to disable label-switching on a TE link.

Command Syntax label-switching (no) label-switching

Parameters None

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#label-switching

245

TE Link Commands

remote-link-id Use this command to configure remote link id for each TE link. Use the no option with this command to remove the remote link ID from a TE link.

Command Syntax remote-link-id [A.B.C.D] no remote-link-id [A.B.C.D]

Parameters A.B.C.D

Remote link ID in IPv4 address format

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#remote-link-id 172.1.2.3 Related Commands te-link

246

TE Link Commands

risk-group Use this command to specify the GMPLS Shared Risk Link Group (SRLG) value. It also triggers an advertisement of SRLG information as GMPLS extensions by IGP. Use the no option with this command to remove the set value.

Command Syntax risk-group no risk-group

Parameter Indicate a shared risk link group (SRLG) value in the range

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#risk-group 200 Related Commands te-link, remote-link-id

247

TE Link Commands

show bi-lsp Use this command to display the status and configuration of a bidirectional LSP.

Command Syntax show bi-lsp BINAME

Parameter BINAME

Command Mode Exec mode

Example ZebOS#show bi-lsp

248

Bidirectional LSP name

TE Link Commands

show te-link This command is used to display the properties for a particular TE link.

Command Syntax show te-link [TLNAME]

Parameter TLNAME

Name of a TE link

Command Mode Exec mde

Example The following example is sample output for this command:

ZebOS#show te-link te1 te-link te1 description test Data-link: eth1 Local link-id: 2.3.4.5 Remote-link-id: 3 IP address: 10.10.10.50/24 Remote IP address: 10.10.10.51/24 Index 2 mtu 1500 Control Adjacency: Rtr2 Link ID: 22.2.2.2 Administrative Group(s): None TE Metric 20 Bandwidth 100m Maximum reservable bandwidth 70m DSTE Bandwidth Constraint Mode is MAM Bandwidth Constraint for Class Type default is 70m Available b/w for TE-CLASS 0 {a2, 5} is 0 Maximum LSP b/w at Priority 0 is 0 Maximum LSP b/w at Priority 1 is 0 Maximum LSP b/w at Priority 2 is 70m Maximum LSP b/w at Priority 3 is 70m Maximum LSP b/w at Priority 4 is 70m Maximum LSP b/w at Priority 5 is 70m Maximum LSP b/w at Priority 6 is 70m Maximum LSP b/w at Priority 7 is 70m Minimum LSP Bandwidth is 10m Switching Capability: PSC1 Encoding Type: Packet Protection: 1:1 risk-group 2, 3 mtu: 1500

249

TE Link Commands

shutdown Use this command to shut down the selected interface. Use the no form of this command to disable this function.

Command Syntax shutdown no shutdown

Parameters None

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#shutdown

250

TE Link Commands

te-flooding Use this command to enable TE-flooding. Use the no option with this command to disable TE-flooding.

Command Syntax te-flooding [ospf||area||A.B.C.D] no te-flooding [ospf||area||A.B.C.D]

Parameters ospf

Specify an OSPF instance



Specify an OSPF instance ID

area

Specify an OSPF area

Specify an OSPF area ID as a decimal value A.B.C.D

Specify anOSPF area ID in IP address format

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#te-flooding ospf 12345 area 172.1.2.3

251

TE Link Commands

te-link Use this command to create a TE (traffic engineering) link and set its local-link-id. Use the no option with this command to delete an existing TE link.

Command Syntax te-link [TLNAME|local-link-id|A.B.C.D|numbered] no te-link [TLNAME|local-link-id|A.B.C.D|numbered]

Parameters TLNAME

Name of the TE link

local-link-id

Local link Identifier

A.B.C.D

Local interface ID expressed in IPv4 address format

numbered

The data link type is numbered

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 1.2.3.4 ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 1.2.3.4 numbered

252

TE Link Commands

te-metrics Use this command to configure OSPF TE metric information. Use the no option with this command to remove OSPF TE metric information..

Command Syntax te-metrics no te-metrics

Parameters

Specify a TE Metric value

Command Mode TE Link mode

Examples ZebOS#configure terminal ZebOS(config)#te-link te1 local-link-id 172.1.1.1 ZebOS(config-te)#te-metric 112 ZebOS(config-te)#no te-metric

253

TE Link Commands

254

CHAPTER 9

Control Channel Mode Commands

The commands in this chapter are issued in the Control Channel mode. It includes the following commands: •

binding interface on page 256



control-channel on page 257



description on page 258



show control-channel on page 259



shutdown on page 260

255

Control Channel Mode Commands

binding interface Use this command to bind a control channel to a particular interface. Use the no parameter with this command to remove the bound interface.

Command Syntax binding interface [IFNAME] no binding interface [IFNAME]

Parameters IFNAME

Text string that describes the interface.

Command Mode Control Channel mode

Example ZebOS#configure terminal ZebOS(config)#control-channel cc1 peer-address 4.4.4.4 ZebOS(config-cc)#binding interface eth1 Related Commands control-channel, local-address

256

Control Channel Mode Commands

control-channel Use this command to create a new Control Channel. It is also used to identify a control-channel ID (cc-id), and designate the local and remote addresses used by the control channel. Use the no parameter with this command to delete an existing Control Channel.

Command Syntax control-channel [CCNAME|cc-id||local-address|A.B.C.D|peer-address |A.B.C.D] (no) control-channel [CCNAME|cc-id||local-address|A.B.C.D|peeraddress |A.B.C.D]

Parameters CCNAME

Control channel name

cc-id

Control channel parameters

Control channel ID value in integer format local-address

Control channel local address

A.B.C.D

Control channel local address in IPv4 address format

peer-address

Control Adjacency Parameters

A.B.C.D

Control channel peer address in IPv4 address format

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#control-channel cc1 cc-id 22 local-address 2.2.2.2 peer-address 4.4.4.4 ZebOS(config-cc)#

257

Control Channel Mode Commands

description Use this command to provide a Control Channel-specific description. Use the no parameter with this command to remove the description.

Command Syntax description [LINE] (no) description

Parameter LINE

Characters that contain a text description of the control channel

Command Mode Control Channel mode

Examples ZebOS#configure terminal ZebOS(config)#control-channel cc1 peer-address 4.4.4.4 ZebOS(config-cc)#description This is for Testing

258

Control Channel Mode Commands

show control-channel Use this command to display the status and configuration of a Control Channel.

Command Syntax show control-channel [CCNAME]

Parameter CCNAME

Name of the control channel

Command Mode Exec mode

Example The following example is sample output for this command:

ZebOS#show control-channel cc1 Control-channel cc1 description test local-address 2.2.2.2 peer-address 3.3.3.3 Control Channel ID: 2 interface Binding: eth1 index 2 Control Adjacency: Rtr2 Last Time Down: 1 hour 20 minutes ago

259

Control Channel Mode Commands

shutdown Use this command to shut down the selected Control Channel. Use the no parameter with this command to disable this function.

Command Syntax shutdown no shutdown

Parameters None

Command Mode Control Channel mode

Example ZebOS#configure terminal ZebOS(config)#control-channel cc1 peer-address 4.4.4.4 ZebOS(config-cc)#shutdown

260

CHAPTER 10

Control Adjacency Commands

The commands in this chapter are issued in the Control Adjacency mode. It includes the following commands: •

control-adjacency on page 262



description on page 263



show control-adjacency on page 264

261

Control Adjacency Commands

control-adjacency Use this command to create a new Control Adjacency with a neighbor router. The command also configures a peer address for the control adjacency, and provides the option to specify whether it is statically configured or should be managed using LMP. Use the no option with this command to remove an existing control adjacency.

Command Syntax control-adjacency [CADJNAME|peer-address|A.B.C.D (static|using-lmp)] no control-adjacency [CADJNAME|peer-address|A.B.C.D (static|using-lmp)]

Parameters CADJNAME

Control adjanceny name in text format

A.B.C.D

Control adjaceny peer address in IPv4 address format

peer-address

Control Adjacency Parameters

static

Static configuration of control adjacency

using-lmp

Control adjacency is managed using Link Management Protocol (LMP)

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#control-adjacency rtr2 peer-address 4.4.4.4 static ZebOS(config-ca)# Related Commands control-channel, te-link

262

Control Adjacency Commands

description Use this command to provide a Control Adjacency-specific description. Use the no option with this command to remove the description.

Command Syntax description [LINE] no description

Parameter LINE

Text that describe the control adjacency

Commaand Mode Control Adjacency mode

Examples ZebOS#configure terminal ZebOS(config)#control-adjacency rtr2 peer-address 4.4.4.4 static ZebOS(config-ca)#description This is for Testing

263

Control Adjacency Commands

show control-adjacency This command is used to display the properties for a particular Control Adjacency. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show control-adjacency [CANAME]

Parameter CANAME

Name of the control adjacency

Command Mode Exec Mode

Example The following example is sample output for this command:

ZebOS#show control-adjacency ca2 Control-channel Rtr2 description test Control Channels: cc1, cc2 Primary Control Channel : cc1 TE Links: te1, te2 peer-address 3.3.3.3 index 2 LMP is in USE

264

CHAPTER 11

IGMP Multicast Commands

This chapter lists in alphabetical order the CLI commands related to the Internet Group Management Protocol (IGMP) module, which includes the IGMP proxy service and IGMP snooping. This chapter includes the following commands: •

clear ip igmp on page 267



clear ip igmp group on page 268



clear ip igmp interface on page 269



clear ip igmp on page 270



debug igmp on page 271



ip igmp on page 272



ip igmp access-group on page 273



ip igmp immediate-leave on page 274



ip igmp join-group on page 275



ip igmp last-member-query-count on page 276



ip igmp last-member-query-interval on page 277



ip igmp limit on page 278



ip igmp mroute-proxy on page 279



ip igmp offlink on page 280



ip igmp proxy on page 281



ip igmp proxy-service on page 282



ip igmp querier-timeout on page 283



ip igmp query-interval on page 284



ip igmp query-max-response-time on page 285



ip igmp ra-option on page 286



ip igmp robustness-variable on page 287



igmp snooping (configure mode) on page 288



ip igmp snooping (interface mode) on page 289



ip igmp snooping fast-leave on page 290



ip igmp snooping mrouter on page 291



ip igmp snooping querier on page 292



ip igmp snooping report-suppression on page 293



ip igmp ssm-map enable on page 294



ip igmp ssm-map static on page 295



ip igmp startup-query-count on page 296



ip igmp startup-query-interval on page 297



ip igmp static-group on page 298

265

IGMP Multicast Commands



ip igmp version on page 299



show debugging igmp on page 301



show ip igmp groups on page 302



show ip igmp interface on page 303



show ip igmp proxy on page 304



show ip igmp snooping mrouter on page 305



show ip igmp snooping statistics on page 306

266

IGMP Multicast Commands

clear ip igmp Use this command to clear all IGMP local-memberships on all interfaces. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Command Syntax clear ip igmp

Parameters None

Command Mode Privileged Exec mode

Example ZebOS#clear ip igmp Related Commands clear ip igmp group, clear ip igmp interface

267

IGMP Multicast Commands

clear ip igmp group Use this command to clear IGMP specific local-membership(s) on all interfaces. This command applies to groups learned by IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Command Syntax clear ip igmp group (*|A.B.C.D)

Parameters *

Clears all groups on all interfaces. This is an alias to the clear ip igmp command.

A.B.C.D

Specify the group address’s local-membership to be cleared from all interfaces.

Command Mode Privileged Exec mode

Examples ZebOS#clear ip igmp group * ZebOS#clear ip igmp group 224.1.1.1 Related Commands clear ip igmp, clear ip igmp interface

268

IGMP Multicast Commands

clear ip igmp interface Use this command to clear IGMP interface entries. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Command Syntax clear ip igmp [interface (IFNAME)]

Parameter IFNAME

Specify name of the interface; all groups learned from this interface are deleted.

Command Mode Privileged Exec mode

Example ZebOS#clear ip igmp interface eth1 Related Commands clear ip igmp, clear ip igmp group

269

IGMP Multicast Commands

clear ip igmp Use this command to clear IGMP local-memberships on VRF interfaces. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Command Syntax clear ip igmp (vrf NAME) [group (*|A.B.C.D)|interface]

Parameters vrf

Optional. Specify the VRF name.

group

Deletes IGMP group cache entries

*

Clears all groups on all interfaces. This is an alias to the clear ip igmp command.

A.B.C.D

Specify the group address’s local-membership to be cleared from all interfaces.

interface

Specify name of the interface; all groups learned from this interface are deleted.

Command Mode Privileged Exec mode

Examples ZebOS#clear ip igmp vrf VRF_A ZebOS#clear ip igmp vrf new group * ZebOS#clear ip igmp vrf new interface eth1 Related Commands clear ip igmp group, clear ip igmp interface

270

IGMP Multicast Commands

debug igmp Use this command to enable debugging of all IGMP, or a specific component of IGMP. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to disable all IGMP debugging, or debugging of a specific component of IGMP.

Command Syntax debug igmp [all|decode|events|fsm|tib|vrf] no debug igmp [all|decode|events|fsm|tib|vrf]

Parameters all

Debug all IGMP.

decode

Debug IGMP decoding.

encode

Debug IGMP encoding.

events

Debug IGMP events.

fsm

Debug IGMP Finite State Machine (FSM).

tib

Debug IGMP Tree Information Base (TIB).

vrf

Debug VPN Routing/Forwarding instance.

Command Mode Privileged Exec mode and Configure mode

Example ZebOS#configure terminal ZebOS(config)#debug igmp all

271

IGMP Multicast Commands

ip igmp Use this command to enable the IGMP protocol operation on an interface. This command enables IGMP protocol operation in stand-alone mode, and can be used to learn local-membership information prior to enabling a multicast routing protocol on the interface. This command will has no effect on interfaces configured for IGMP Proxy. Use the no parameter with this command to return all IGMP related configuration to the default (including IGMP snooping or IGMP proxy service).

Command Syntax ip igmp no ip igmp

Parameters None

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp

272

IGMP Multicast Commands

ip igmp access-group Use this command to control the multicast local-membership groups learnt on an interface. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to disable this access control.

Command Syntax ip igmp access-group [|WORD] no ip igmp access-group

Parameters

Access-list number.

WORD

Standard IP access-list name.

Default No access list configured

Command Mode Interface mode

Examples In the following example, hosts serviced by Ethernet interface 0 can only join the group 225.2.2.2:

ZebOS#configure terminal ZebOS(config)#access-list 1 permit 225.2.2.2 0.0.0.0 ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp access-group 1

273

IGMP Multicast Commands

ip igmp immediate-leave In IGMP version 2, use this command to minimize the leave latency of IGMP memberships. This command is used when only one receiver host is connected to each interface. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. To disable this feature, use the no parameter with this command.

Command Syntax ip igmp immediate-leave [group-list (||WORD)] no ip igmp immediate-leave

Parameters group-list

Standard access-list name or number that defines multicast groups in which the immediate leave feature is enabled. Access-list number.

Access-list number (expanded range). WORD

Standard IP access-list name.

Default Disabled

Command Mode Interface mode

Examples The following example shows how to enable the immediate-leave feature on an interface for a specific range of multicast groups. In this example, the router assumes that the group access-list consists of groups that have only one host membership at a time per interface:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp immediate-leave group-list 34 ZebOS(config-if)#exit ZebOS(config)#access-list 34 permit 225.192.20.0 0.0.0.255

Related Commands ip igmp last-member-query-interval

274

IGMP Multicast Commands

ip igmp join-group Use this command to join a multicast group. Use the no parameter with this command to disable this access control.

Command Syntax ip igmp join-group [A.B.C.D |source |A.B.C.D] no ip igmp join-group [A.B.C.D |source |A.B.C.D]

Parameters A.B.C.D

Multicast IPv4 address to be joined.

source

Static source to be joined.

A.B.C.D

Source IPv4 address to be joined.

Command Mode Interface mode

Examples In the following example, hosts serviced by Ethernet interface 0 can only join the group 225.2.2.2:

ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp join-group 1.1.1.1 source 1.1.1.2 ZebOS(config)#interface 0 ZebOS(config-if)#no ip igmp join-group 1.1.1.1 source 1.1.1.2

275

IGMP Multicast Commands

ip igmp last-member-query-count Use this command to set the last-member query-count value. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to return to the default value on an interface.

Command Syntax ip igmp last-member-query-count no ip igmp last-member-query-count

Parameter

Specify the last member query count value.

Default The default last member query count value is 2.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp last-member-query-count 3

276

IGMP Multicast Commands

ip igmp last-member-query-interval Use this command to configure the frequency at which the router sends IGMP group-specific host query messages. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to set this frequency to the default value.

Command Syntax ip igmp last-member-query-interval no ip igmp last-member-query-interval

Parameter

Frequency (in milliseconds) at which IGMP group-specific host query messages are sent.

Default 1000 milliseconds

Command Mode Interface mode

Example The following example changes the IGMP group-specific host query message interval to 2 seconds:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp last-member-query-interval 2000

Related Commands ip igmp immediate-leave

277

IGMP Multicast Commands

ip igmp limit Use this command to configure the limit on the maximum number of group membership states, at either the router level, or for the specified interface. Once the specified number of group memberships is reached, all further localmemberships will be ignored. Optionally, an exception access-list can be configured to specify the group-address(es) to be excluded from being subject to the limit. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. When configured for IGMP Snooping, this command can be issued on only VLAN interfaces. The limit applies, individually, to each of its constituent interfaces. Use the no parameter with this command to unset the limit and any specified exception access-list.

Command Syntax ip igmp (vrf NAME) [limit||except WORD] no ip igmp (vrf NAME) [limit]

Parameters NAME

Optional. Specify the VRF name.



Maximum number of group membership states.

except

Number or name that defines multicast groups which are exempted from being subject to configured limit.



Access-list number.



Access-list number (expanded range).

WORD

Standard IP access-list name.

Command Mode Configure mode and Interface mode

Examples The following example configures an IGMP limit of 100 group-membership states across all interfaces on which IGMP is enabled, and excludes group 224.1.1.1 from this limitation:

ZebOS#configure terminal ZebOS(config)#access-list 1 permit 224.1.1.1 0.0.0.0 ZebOS(config)#ip igmp limit 100 except 1 The following example configures an IGMP limit of 100 group-membership states on eth0: ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp limit 100

278

IGMP Multicast Commands

ip igmp mroute-proxy Use this command to specify the IGMP Proxy service (upstream host-side) interface with which to be associated. IGMP router-side protocol operation is enabled only when the specified upstream proxy-service interface is functional. Note:

This command should not be used when configuring interfaces enabled for IGMP in association with a multicast routing protocol, otherwise the behavior will be undefined.

Use the no parameter with this command to remove the association with the proxy-service interface.

Command Syntax ip igmp mroute-proxy (IFNAME) no ip igmp mroute-proxy

Parameter IFNAME

Specify an interface name.

Command Mode Interface mode

Example The following example configures the eth0 interface as the upstream proxy-service interface for the downstream router-side interface, eth1.

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#ip igmp mroute-proxy eth0

279

IGMP Multicast Commands

ip igmp offlink Use this command to specify the IGMP proxy service (upstream host-side) interface with which an offlink condition. Use the no parameter with this command to remove the offlink association from the interface.

Command Syntax ip igmp offlink no ip igmp offlink

Parameter None

Command Mode Interface mode

Example The following example configures the eth0 interface as an offlink interface.

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#ip igmp offlink

280

IGMP Multicast Commands

ip igmp proxy Use this command to designate an interface as an IGMP proxy (upstream host-side) interface. Use the no parameter with this command to remove the designation of the interface as a proxy interface.

Command Syntax ip igmp proxy no ip igmp proxy

Parameter unsolicited-report-interval Specifies an interface with an unsolicited report interval. Specifies the unsolicited report interval value in millisecond (Default: 1000 ms).

Command Mode Interface mode

Example The following example designates the eth0 interface as the upstream proxy-service interface.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp proxy unsolicited-report-interval 1000 ZebOS(config)#interface eth0 ZebOS(config-if)#no ip igmp proxy unsolicited-report-interval

281

IGMP Multicast Commands

ip igmp proxy-service Use this command to designate an interface to be the IGMP proxy-service (upstream host-side) interface, thus enabling IGMP host-side protocol operation on this interface. All associated downstream router-side interfaces will have their memberships consolidated on this interface, according to IGMP host-side functionality. Note:

This command should not be used when configuring interfaces enabled for IGMP in association with a multicast-routing protocol, otherwise the behavior will be undefined.

Use the no parameter with this command to remove the designation of the interface as an upstream proxy-service interface.

Command Syntax ip igmp proxy-service no ip igmp proxy-service

Parameter None

Command Mode Interface mode

Example The following example designates the eth0 interface as the upstream proxy-service interface.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp proxy-service

282

IGMP Multicast Commands

ip igmp querier-timeout Use this command to configure the timeout period before the router takes over as the querier for the interface after the previous querier has stopped querying. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. To restore the default value, use the no parameter with this command.

Command Syntax ip igmp querier-timeout no ip igmp querier-timeout

Parameter

Number of seconds that the router waits after the previous querier has stopped querying before it takes over as the querier.

Default 255 seconds

Command Mode Interface mode

Example The following example configures the router to wait 120 seconds from the time it received the last query before it takes over as the querier for the interface:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp querier-timeout 120

Related Commands ip igmp query-interval

283

IGMP Multicast Commands

ip igmp query-interval Use this command to configure the frequency of sending IGMP host query messages. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. To return to the default frequency, use the no parameter with this command.

Command Syntax ip igmp query-interval no ip igmp query-interval

Parameter

Frequency (in seconds) at which IGMP host query messages are sent.

Default Default query interval is 125 seconds.

Command Mode Interface mode

Example The following example changes the frequency of sending IGMP host-query messages to 2 minutes:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp query-interval 120

284

IGMP Multicast Commands

ip igmp query-max-response-time Use this command to configure the maximum response time advertised in IGMP queries. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to restore the default value.

Command Syntax ip igmp query-max-response-time no ip igmp query-max-response-time

Parameter

Maximum response time (in seconds) advertised in IGMP queries.

Default 10 seconds

Command Mode Interface mode

Example The following example configures a maximum response time of 8 seconds:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp query-max-response-time 8

285

IGMP Multicast Commands

ip igmp ra-option Use this command to configure the interface with the IGMP for strict RA (Router Advertisement) option validation. Use the no parameter with this command to restore the default value.

Command Syntax ip igmp ra-option no ip igmp ra-option

Parameter None

Command Mode Interface mode

Example The following example configures an interface with the ra option:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp ra-option

286

IGMP Multicast Commands

ip igmp robustness-variable Use this command to change the robustness variable value on an interface. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. To return to the default value on an interface, use the no parameter with this command.

Command Syntax ip igmp robustness-variable no ip igmp robustness-variable

Parameter

Specify the robustness variable value.

Default Default robustness variable value is 2.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp robustness-variable 3

287

IGMP Multicast Commands

igmp snooping (configure mode) Use this command to enable IGMP Snooping. When this command is given in the Configure mode, IGMP Snooping is enabled at the switch level. Use the no parameter with this command to globally disable IGMP snooping.

Command Syntax ip igmp (vrf NAME) snooping no ip igmp (vrf NAME) snooping

Parameter vrf

(Optional). Specify the VRF name.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ip igmp snooping ZebOS#configure terminal ZebOS(config)#ip igmp vrf new snooping

288

IGMP Multicast Commands

ip igmp snooping (interface mode) Use this command to enable IGMP snooping. When this command is given at the VLAN interface level, IGMP snooping is enabled for that VLAN. Note:

IP IGMP snooping can only be configured on VLAN interfaces.

Use the no parameter with this command to globally disable IGMP snooping or for a VLAN interface.

Command Syntax ip igmp snooping no ip igmp snooping

Parameter None

Default IGMP Snooping is enabled.

Command Mode Interface mode for a VLAN interface

Examples ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ip igmp snooping ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config)#no ip igmp snooping

289

IGMP Multicast Commands

ip igmp snooping fast-leave Use this command to enable IGMP Snooping fast-leave processing. Fast-leave processing is analogous to immediateleave processing; the IGMP group-membership is removed, as soon as an IGMP leave group message is received without sending out a group-specific query. Note:

This IGMP Snooping command can only be configured on VLAN interfaces.

Use the no parameter with this command to disable fast-leave processing.

Command Syntax ip igmp snooping fast-leave no ip igmp snooping fast-leave

Parameters None

Default IGMP Snooping fast-leave processing is disabled.

Command Mode Interface mode for VLAN interface

Example This example shows how to enable fast-leave processing on a VLAN.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ip igmp snooping fast-leave

290

IGMP Multicast Commands

ip igmp snooping mrouter Use this command to statically configure the specified VLAN constituent interface as a multicast router interface for IGMP Snooping in that VLAN. Note:

This IGMP Snooping command can only be configured on VLAN interfaces.

Use the no parameter with this command to remove the static configuration of the interface as a multicast router interface.

Command Syntax ip igmp snooping mrouter [interface (IFNAME)] no ip igmp snooping mrouter [interface (IFNAME)]

Parameter IFNAME

Specify the name of the interface.

Default IGMP Snooping fast-leave processing is disabled.

Command Mode Interface mode for VLAN interface

Example This example shows interface fe8 statically configured to be a multicast router interface.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ip igmp snooping mrouter interface fe8

291

IGMP Multicast Commands

ip igmp snooping querier Use this command to enable IGMP querier operation on a subnet (VLAN) when no multicast routing protocol is configured in the subnet (VLAN). When enabled, the IGMP Snooping querier sends out periodic IGMP queries for all interfaces on that VLAN. The IGMP Snooping querier uses the 0.0.0.0 source IP address, because it only masquerades as a proxy IGMP querier for faster network convergence. It does not start, or automatically cease, the IGMP Querier operation if it detects query message(s) from a multicast router. It restarts as the IGMP Snooping querier if no queries are seen within the other querier interval. Note:

This command can only be configured on VLAN interfaces.

Use the no parameter with this command to disable IGMP querier configuration.

Command Syntax ip igmp snooping querier no ip igmp snooping querier

Parameters None

Command Mode Interface mode for VLAN interface

Example ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ip igmp snooping querier

292

IGMP Multicast Commands

ip igmp snooping report-suppression Use this command to enable report suppression for IGMP versions 1 and 2. Report suppression does not apply to IGMPv3; moreover, it is turned off by default for IGMPv1 and IGMPv2 reports. Note:

This command can only be configured on VLAN interfaces.

Use the no parameter with this command to disable report suppression.

Command Syntax ip igmp snooping report-suppression no ip igmp snooping report-suppression

Parameters None

Command Mode Interface mode for VLAN interface

Example This example shows how to enable report suppression for IGMPv2 reports.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ip igmp version 2 ZebOS(config-if)#ip igmp snooping report-suppression

293

IGMP Multicast Commands

ip igmp ssm-map enable Use this command to enable SSM mapping on the router. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to disable SSM mapping.

Command Syntax ip igmp (vrf NAME) ssm-map enable no ip igmp (vrf NAME) ssm-map enable

Parameter vrf

(Optional). Specify the VRF name.

Command Mode Configure mode

Example This example shows how to configure SSM mapping on the router.

ZebOS#configure terminal ZebOS(config)#ip igmp ssm-map enable

Related Commands ip igmp ssm-map static

294

IGMP Multicast Commands

ip igmp ssm-map static Use this command to specify the static mode of defining SSM mapping. SSM mapping statically assigns sources to IGMPv1 and IGMPv2 groups to translate such (*,G) groups’ memberships to (S,G) memberships for use with PIMSSM. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to remove the SSM map association.

Command Syntax ip igmp (vrf NAME) ssm-map static [WORD) A.B.C.D] no ip igmp (vrf NAME) ssm-map static [WORD) A.B.C.D]

Parameters vrf

(Optional). Specify the VRF name.



Access-list number.



Access-list number (expanded range).

WORD

Standard IP access-list name.

A.B.C.D

Source address to use for static map group.

Command Mode Configure mode

Examples This example shows how to configure an SSM static mapping for group-address 224.1.1.1.

ZebOS#configure terminal ZebOS(config)#ip igmp ssm-map static 1 1.2.3.4 ZebOS(config)#access-list 1 permit 224.1.1.1 0.0.0.0

Related Commands ip igmp ssm-map enable

295

IGMP Multicast Commands

ip igmp startup-query-count Use this command to configure an IGMP startup query count. Use the no parameter with this command to disable the IGMP startup query count.

Command Syntax ip igmp startup-query-count no ip igmp startup-query-count

Parameters

Specify the startup query count value (Default: 2).

Command Mode Interface mode

Example This example shows how to enable and then disable IGMP startup query count:

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#ip igmp startup-query-count 5 ZebOS(config)#interface eth1 ZebOS(config-if)#no ip igmp startup-query-count

296

IGMP Multicast Commands

ip igmp startup-query-interval Use this command to configure an IGMP startup query interval. Use the no parameter with this command to disable the IGMP startup query interval.

Command Syntax ip igmp startup-query-interval no ip igmp startup-query-interval

Parameters

Specify the startup query interval value (Default: 31 seconds).

Command Mode Interface mode

Example This example shows how to enable and then disable IGMP startup query interval:

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#ip igmp startup-query-interval 12345 ZebOS(config)#interface eth1 ZebOS(config-if)#no ip igmp startup-query-interval

297

IGMP Multicast Commands

ip igmp static-group Use this command to statically configure group membership entries on an interface. To statically add only a group membership, do not specify any parameters. This command applies to IGMP operation on a specific interface to statically add group and/or source records; or to IGMP Snooping on a VLAN interface to statically add group and/or source records. Use the no parameter with this command to delete static group membership entries.

Command Syntax ip igmp static-group [A.B.C.D|interface (IFNAME)] (source (A.B.C.D)|ssm-map (interface [IFNAME]) no ip igmp static-group A.B.C.D interface (IFNAME)|source (A.B.C.D)|ssm-map (interface [IFNAME])

Parameters A.B.C.D

Standard IP Multicast group address to be configured as a static group member.

interface

Physical interface name.

source

Static source to be joined.

A.B.C.D

Standard IP source address to be configured as a static source from where multicast packets originate.

ssm-map

Mode of defining SSM mapping. SSM mapping statically assigns sources to IGMPv1 and IGMPv2 groups to translate these (*, G) groups' memberships to (S, G) memberships for use with PIM-SSM.

interface

Optional. Physical interface. Use this parameter on VLAN interfaces when static configuration is required for IGMP snooping. If used, static configuration is applied to the physical interface specified in IFNAME. If not used, static configuration is applied on all VLAN constituent interfaces.

Command Mode Configure mode

Examples The following examples show how to statically add group and/or source records for IGMP:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp static-group 226.1.2.3 ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp static-group 226.1.2.4 source 1.2.3.4 ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp static-group 226.1.2.5 source ssm-map

298

IGMP Multicast Commands

ip igmp version Use this command to set the current IGMP protocol version on an interface. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to return to the default version.

Command Syntax ip igmp version no ip igmp version

Parameters

Specify IGMP protocol version number.

Default The default IGMP protocol version number is 3.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp version 2

299

IGMP Multicast Commands

ip igmp vrf Use this command to set the current IGMP protocol version on an interface. This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. Use the no parameter with this command to return to the default version.

Command Syntax ip igmp version no ip igmp version

Parameters

Specify IGMP protocol version number.

Default The default IGMP protocol version number is 3.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ip igmp version 2

300

IGMP Multicast Commands

show debugging igmp Use this command to display the status of the debugging of the IGMP system, or a specific VRF in the IGMP system.

Command Syntax show debugging igmp

Parameters None

Command Mode Exec and Privileged Exec mode

Examples ZebOS#show debugging igmp IGMP IGMP IGMP IGMP IGMP ZebOS#

Decoder debugging is on Encoder debugging is on Events debugging is on FSM debugging is on Tree-Info-Base (TIB) debugging is on

301

IGMP Multicast Commands

show ip igmp groups Use this command to display the multicast groups with receivers connected to the router and learned through IGMP.

Command Syntax show ip igmp (vrf NAME) groups (A.B.C.D|IFNAME|detail)

Parameters NAME

(Optional). Specify the VRF name.

A.B.C.D

Address of multicast group.

IFNAME

The name of the VLAN interface.

detail

IGMPv3 source information

Command Mode Exec and Privileged Exec mode

Examples The following command displays local-membership information for all interfaces:

ZebOS#show ip igmp groups IGMP Connected Group Membership Group Address Interface 224.0.1.1 eth2 224.0.1.24 eth2 224.0.1.40 eth2 224.0.1.60 eth2 224.100.100.100 eth2 228.5.16.8 eth2 228.81.16.8 eth2 228.249.13.8 eth2 235.80.68.83 eth2

Uptime 00:00:09 00:00:06 00:00:09 00:00:05 00:00:11 00:00:11 00:00:05 00:00:08 00:00:12

Expires 00:04:17 00:04:14 00:04:15 00:04:15 00:04:13 00:04:16 00:04:15 00:04:17 00:04:15

The following command displays local-membership details for a specific group:

ZebOS#show ip igmp groups 224.1.1.1 detail Interface: eth1 Group: 224.1.1.1 Uptime: 00:00:42 Group mode: Include Last reporter: 192.168.50.111 TIB-A Count: 2 TIB-B Count: 0 Group source list: (R - Remote, M - SSM Mapping) Source Address Uptime v3 Exp Fwd Flags 192.168.55.55 00:00:42 00:03:38 Yes R

302

Last Reporter 10.10.0.82 10.10.0.84 10.10.0.91 10.10.0.7 10.10.0.91 10.10.0.91 10.10.0.91 10.10.0.91 10.10.0.40

IGMP Multicast Commands

show ip igmp interface Use this command to display the state of IGMP, IGMP Proxy service, and IGMP Snooping for a specified interface, or all interfaces.

Command Syntax show ip igmp (vrf NAME) [interface (IFNAME)] Parameters NAME

(Optional). Specify the VRF name.

IFNAME

The name of the VLAN interface

Command Mode Exec and Privileged Exec mode

Example The following command displays the IGMP interface status on all interfaces enabled for IGMP.

ZebOS#show ip igmp interface Interface vlan1.1 (Index 4294967295) IGMP Active, Non-Querier, Version 3 (default) IGMP querying router is 0.0.0.0 IGMP query interval is 125 seconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds| IGMP Snooping is globally enabled| IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled ZebOS#

303

IGMP Multicast Commands

show ip igmp proxy Use this command to display the state of IGMP Proxy services for a specified interface or for all interfaces.

Command Syntax show ip igmp (vrf NAME) proxy [groups (A.B.C.D|IFNAME|detail)]

Parameters NAME

(Optional). Specify the VRF name.

groups

IGMP proxy group membership information.

A.B.C.D

Address of multicast group.

IFNAME

The name of the VLAN interface.

detail

IGMPv3 source information

Command Mode Exec and Privileged Exec mode

Example ZebOS#show ip igmp proxy groups detail

304

IGMP Multicast Commands

show ip igmp snooping mrouter Use this command to display the multicast router interfaces, both configured and learned, in a VLAN.

Command Syntax show ip igmp (vrf NAME) snooping mrouter [interface (IFNAME)]

Parameters NAME

(Optional). Specify the VRF name.

IFNAME

The name of the VLAN interface

Command Mode Exec and Privileged Exec mode

Example The following command displays the multicast router interfaces in VLAN 1.1.

ZebOS#show ip igmp snooping mrouter vlan1.1 VLAN Interface 1 ge9 1 ge11

305

IGMP Multicast Commands

show ip igmp snooping statistics Use this command to display IGMP Snooping statistics data.

Command Syntax show ip igmp (vrf NAME) snooping statistics interface (IFNAME)

Parameters vrf

(Optional). Specify the VRF name.

IFNAME

The name of the VLAN interface

Command Mode Exec and Privileged Exec mode

Example The following displays IGMPv3 statistical information for bridge 2.

ZebOS#show ip igmp snooping statistics interface vlan1.1 IGMP Snooping statistics for ge9 Interface: ge10 Group: 225.0.0.1 Uptime: 00:00:09 Group mode: Exclude (Expires: 00:04:10) Last reporter: 4.4.4.5 Source list is empty

306

CHAPTER 12

MLD Multicast Commands

This chapter lists in alphabetical order the CLI commands related to the Multicast Listener Discovery (MLD) module, which includes MLD proxy service and MLD snooping. Some commands have commonalities and restrictions. This chapter includes the following commands: •

clear ipv6 mld on page 308



clear ipv6 mld group on page 309



clear ipv6 mld interface on page 310



debug mld on page 311



ipv6 mld on page 312



ipv6 mld access-group on page 313



ipv6 mld immediate-leave on page 314



ipv6 mld last-member-query-count on page 315



ipv6 mld last-member-query-interval on page 316



ipv6 mld limit on page 317



ipv6 mld mroute-proxy on page 318



ipv6 mld proxy-service on page 319



ipv6 mld querier-timeout on page 320



ipv6 mld query-interval on page 321



ipv6 mld query-max-response-time on page 322



ipv6 mld robustness-variable on page 323



ipv6 mld snooping on page 324



ipv6 mld snooping fast-leave on page 325



ipv6 mld snooping mrouter on page 326



ipv6 mld snooping querier on page 327



ipv6 mld snooping report-suppression on page 328



ipv6 mld ssm-map enable on page 329



ipv6 mld ssm-map static on page 330



ipv6 mld static-group on page 331



ipv6 mld version on page 332



show ipv6 mld groups on page 333



show ipv6 mld interface on page 334



show ipv6 mld snooping mrouter on page 335



show ipv6 mld snooping statistics on page 336

307

MLD Multicast Commands

clear ipv6 mld Use this command to clear all MLD local-memberships on all interfaces. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Command Syntax clear ipv6 mld (vrf NAME)

Parameter vrf

(Optional). Specify the VRF name.

Command Mode Privileged Exec mode

Example ZebOS#clear ipv6 mld vrf VRF_A Related Commands clear ipv6 mld groups, clear ipv6 mld interface

308

MLD Multicast Commands

clear ipv6 mld group Use this command to clear MLD specific local-membership(s) on all interfaces. This command applies to groups learned by MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Command Syntax clear ipv6 mld group [*|X:X::X:X (IFNAME)]

Parameters *

Clears all groups on all interfaces. This is an alias to the clear ip MLD command.

X:X::X:X

Specify the group address’s local-membership to be cleared from all interfaces.erfaces.

IFNAME

Specify an interface name.

Command Mode Privileged Exec mode

Example ZebOS#clear ipv6 mld group * ZebOS#clear ipv6 mld group 224.1.1.1 Related Commands clear ipv6 mld, clear ipv6 mld interface

309

MLD Multicast Commands

clear ipv6 mld interface Use this command to clear MLD interface entries. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Command Syntax clear ipv6 mld interface (IFNAME)

Parameters IFNAME

Specify a name of the interface; all groups learned from this interface are deleted.

Command Mode Privileged Exec mode

Example ZebOS#clear ipv6 mld interface eth1 Related Commands clear ipv6 mld, clear ipv6 mld groups

310

MLD Multicast Commands

debug mld Use this command to enable debugging of all MLD, or a specific component of MLD. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to disable all MLD debugging or debugging of a specific component of MLD.

Command Syntax debug mld (vrf NAME) [all|decode|events|fsm|tib] no debug mld (vrf NAME) [all|decode|events|fsm|tib]

Parameters all

Debug all MLD.

decode

Debug MLD decoding.

encode

Debug MLD encoding.

events

Debug MLD events.

fsm

Debug MLD Finite State Machine (FSM).

tib

Debug MLD Tree Information Base (TIB).

vrf

Debug VPN Routing/Forwarding instance.

Command Mode Privileged Exec mode and Configure mode

Example ZebOS#configure terminal ZebOS(config)#debug mld all

311

MLD Multicast Commands

ipv6 mld Use this command to enable the MLD protocol operation on an interface. This command enables MLD protocol operation in stand-alone mode, and can be used to learn local-membership information prior to enabling a multicast routing protocol on the interface. This command will has no effect on interfaces configured for MLD Proxy. Note:

This command can only be issued on VLAN interfaces.

Use the no parameter with this command to return all MLD related configuration to the default (including MLD Snooping or MLD Proxy service).

Command Syntax ipv6 mld no ipv6 mld

Parameters None

Default Disabled

Command Mode Interface mode for VLAN interface

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ipv6 mld

312

MLD Multicast Commands

ipv6 mld access-group Use this command to control the multicast local-membership groups learnt on an interface. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Note:

This command can only be issued on VLAN interfaces.

Use the no parameter with this command to disable this access control.

Command Syntax ipv6 mld access-group WORD no ipv6 mld access-group

Parameter WORD

Standard IPv6 access-list name.

Default No access list configured.

Command Mode Interface mode for VLAN interface

Examples In the following example, hosts serviced by Ethernet interface 0 can join the group ff0e::1/128 only:

ZebOS#configure terminal ZebOS(config)#ipv6 access-list Group1 permit ff0e::1/128 ZebOS(config)#interface fxp0 ZebOS(config-if)#ipv6 mld access-group Group1

Related Commands None

313

MLD Multicast Commands

ipv6 mld immediate-leave Use this command to minimize the leave latency of MLD memberships. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use this command when only one receiver host is connected to each interface. Use the no parameter with this command to disable this feature.

Command Syntax ipv6 mld immediate-leave [group-list (WORD)] no ipv6 mld immediate-leave

Parameter group-list

Standard IPv6 access-list name that defines multicast groups in which the immediate leave feature is enabled.

Default Disabled

Command Mode Interface mode for VLAN interface

Examples The following example shows how to enable the immediate-leave feature on an interface for a specific range of multicast groups. In this example, the router assumes that the group access-list consists of groups that have only one node membership at a time per interface:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld immediate-leave v6grp ZebOS(config-if)#exit

Related Commands ipv6 mld last-member-query-interval

314

MLD Multicast Commands

ipv6 mld last-member-query-count Use this command to set the last-member query-count value. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to return to the default value on an interface.

Command Syntax ipv6 mld last-member-query-count no ipv6 mld last-member-query-count

Parameters

Specify a last-member query-count value.

Default The default last-member query-count value is 2.

Command Mode Interface mode for VLAN interface

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ipv6 mld last-member-query-count 3

315

MLD Multicast Commands

ipv6 mld last-member-query-interval Use this command to configure the frequency at which the router sends MLD group-specific host query messages. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to set this frequency to the default value.

Command Syntax ipv6 mld last-member-query-interval no ipv6 mld last-member-query-interval

Parameter

Specify a last member query interval value.

Default The default last-member query-count value is 1000 ms.

Command Mode Interface mode for VLAN interface

Example The following example changes the MLD group-specific host query message interval to 2 seconds:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld last-member-query-interval 2000

Related Commands ipv6 mld immediate-leave

316

MLD Multicast Commands

ipv6 mld limit Use this command to configure the limit on the maximum number of group membership states at either the router level, or for the specified interface. Once the specified number of group memberships is reached, all further localmemberships will be ignored. Optionally, an exception access-list can be configured to specify the group-address(es) to be excluded from being subject to the limit. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. When configured for MLD Snooping, this command can be issued on only VLAN interfaces, and the limit applies individually to each of its constituent interfaces. Use the no parameter with this command to unset the limit and any specified exception access-list.

Command Syntax ipv6 mld (vrf NAME) limit (except) no ipv6 mld (vrf NAME) limit

Parameters vrf

(Optional). Specify the VRF name.



Maximum number of group membership states.

except

Standard IPv6 access-list name that defines multicast groups which are exempted from being subject to the configured limit.

Default The default last-member query-count value is 1000 ms.

Command Mode Configure mode and Interface mode

Examples The following example configures an MLD limit of 100 group-membership states across all interfaces on which MLD is enabled, and excludes group 224.1.1.1 from this limitation:

ZebOS#configure terminal ZebOS(config)#ipv6 mld limit 100 except v6grp The following example configures an MLD limit of 100 group-membership states on eth0: ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld limit 100

Related Commands ipv6 mld immediate-leave

317

MLD Multicast Commands

ipv6 mld mroute-proxy Use this command to specify the MLD Proxy service (upstream host-side) interface with which to be associated. MLD router-side protocol operation is enabled only when the specified upstream proxy-service interface is functional. This command should not be configured on interfaces enabled for MLD in association with a multicast routing protocol; otherwise, the behavior will be undefined. Use the no parameter with this command to remove the association with the proxy-service interface.

Command Syntax ipv6 mld mroute-proxy (vrf NAME) [IFNAME] no ipv6 mld mroute-proxy (vrf NAME)

Parameters vrf

(Optional). Specify the VRF name.

IFNAME

Specify the interface name.

Command Mode Interface mode

Example The following example configures the eth0 interface as the upstream proxy-service interface for the downstream router-side interface, eth1.

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#ipv6 mld mroute-proxy eth0

318

MLD Multicast Commands

ipv6 mld proxy-service Use this command to designate an interface to be the MLD proxy-service (upstream host-side) interface, thus enabling MLD host-side protocol operation on this interface. All associated downstream router-side interfaces will have their memberships consolidated on this interface, according to MLD host-side functionality. This command should not be used when configuring interfaces enabled for MLD in association with a multicast-routing protocol, otherwise the behavior will be undefined. Use the no parameter with this command to remove the designation of the interface as an upstream proxy-service interface.

Command Syntax ipv6 mld proxy-service no ipv6 mld proxy-service

Parameters None

Command Mode Interface mode

Example The following example designates the eth0 interface as the upstream proxy-service interface.

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld proxy-service

319

MLD Multicast Commands

ipv6 mld querier-timeout Use this command to configure the timeout period before the router takes over as the querier for the interface after the previous querier has stopped querying. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to restore the default value.

Command Syntax ipv6 mld querier-timeout no ipv6 mld querier-timeout

Parameter

Number of seconds that the router waits after the previous querier has stopped querying before it takes over as the querier.

Default 255 seconds

Command Mode Interface mode

Example The following example configures the router to wait 120 seconds from the time it received the last query before it takes over as the querier for the interface:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld querier-timeout 120

Related Commands ipv6 mld query-interval

320

MLD Multicast Commands

ipv6 mld query-interval Use this command to configure the frequency of sending MLD host query messages. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to return to the default frequency.

Command Syntax ipv6 mld query-interval no ipv6 mld query-interval

Parameter

Frequency (in seconds) at which MLD host query messages are sent.

Default 125 seconds.

Command Mode Interface mode

Example The following example changes the frequency of sending MLD host-query messages to 2 minutes:

ZebOS#configure terminal ZebOS(config)#interface fxp0 ZebOS(config-if)#ipv6 mld query-interval 120

Related Commands ipv6 mld querier-timeout

321

MLD Multicast Commands

ipv6 mld query-max-response-time Use this command to configure the maximum response time advertised in MLD queries. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to restore the default value.

Command Syntax ipv6 mld query-max-response-time no ipv6 mld query-max-response-time

Parameter

Maximum response time (in seconds) advertised in MLD queries.

Default 10 seconds

Command Mode Interface mode

Example The following example configures a maximum response time of 8 seconds:

ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ipv6 mld query-max-response-time 8

322

MLD Multicast Commands

ipv6 mld robustness-variable Use this command to change the robustness variable value on an interface. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to return to the default value on an interface.

Command Syntax ipv6 mld robustness-variable no ipv6 mld robustness-variable

Parameter

Specify a robustness variable value in seconds.

Default Default robustness value is 2 seconds.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ipv6 mld robustness-variable 3

323

MLD Multicast Commands

ipv6 mld snooping Use this command to enable MLD Snooping. When this command is given in the Configure mode, MLD Snooping is enabled at the switch level. When this command is given at the VLAN interface level, MLD Snooping is enabled for that VLAN. Note:

This MLD Snooping command can only be configured on VLAN interfaces.

Use the no parameter with this command to globally disable MLD Snooping, or for the specified interface.

Command Syntax ipv6 mld (vrf NAME) snooping no ipv6 mld (vrf NAME) snooping

Parameter vrf

(Optional). Specify the VRF name.

Default MLD Snooping is enabled.

Command Mode Configure mode and Interface mode for VLAN interface

Example ZebOS#configure terminal ZebOS(config)#ipv6 mld snooping ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld snooping

324

MLD Multicast Commands

ipv6 mld snooping fast-leave Use this command to enable MLD Snooping fast-leave processing. Fast-leave processing is analogous to immediateleave processing; the MLD group-membership is removed, as soon as an MLD leave group message is received without sending out a group-specific query. Note:

This MLD Snooping command can only be configured on VLAN interfaces.

Use the no parameter with this command to disable fast-leave processing.

Command Syntax ipv6 mld snooping fast-leave no ipv6 mld snooping fast-leave

Parameters None

Default MLD Snooping fast-leave processing is disabled.

Command Mode Interface mode for VLAN interface

Example This example shows how to enable fast-leave processing on a VLAN.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld snooping fast-leave

325

MLD Multicast Commands

ipv6 mld snooping mrouter Use this command to statically configure the specified VLAN constituent interface as a multicast router interface for MLD Snooping in that VLAN. Note:

This MLD Snooping command can only be configured on VLAN interfaces.

Use the no parameter with this command to remove the static configuration of the interface as a multicast router interface.

Command Syntax ipv6 mld snooping mrouter [interface (IFNAME)] no ipv6 mld snooping mrouter [interface (IFNAME)]

Parameters interface

Specify the name of the interface.

Command Mode Interface mode for VLAN interface

Example This example shows how to specify the next-hop interface to the multicast router.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld snooping mrouter interface fe8

326

MLD Multicast Commands

ipv6 mld snooping querier Use this command to enable MLD querier operation on a subnet (VLAN) when no multicast routing protocol is configured in the subnet (VLAN). When enabled, the MLD Snooping querier sends out periodic MLD queries for all interfaces on that VLAN. The MLD Snooping querier uses the 0.0.0.0 source IP address, because it masquerades as a proxy MLD querier for faster network convergence. It does not start or automatically cease the MLD querier operation if it detects a query message from a multicast router. It restarts as MLD snooping querier if no queries are seen within another querier interval. Note:

This command can only be configured on VLAN interfaces.

Use the no parameter with this command to disable MLD querier configuration.

Command Syntax ipv6 mld snooping querier no ipv6 mld snooping querier

Parameters None

Command Mode Interface mode for VLAN interface

Example ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld snooping querier

327

MLD Multicast Commands

ipv6 mld snooping report-suppression Use this command to enable report suppression for MLD version 1. Note:

This MLD Snooping command can only be configured on VLAN interfaces.

Use the no parameter to disable report suppression.

Command Syntax ipv6 mld snooping report-suppression no ipv6 mld snooping report-suppression

Parameters None

Default Report suppression does not apply to MLDv2, so it is turned off by default for MLDv1 reports.

Command Mode Interface mode for VLAN interface

Example This example shows how to enable report suppression for MLDv1 reports.

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld version 1 ZebOS(config-if)#ipv6 mld snooping report-suppression

328

MLD Multicast Commands

ipv6 mld ssm-map enable Use this command to enable SSM mapping on the router. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to disable SSM mapping.

Command Syntax ipv6 mld (vrf NAME) ssm-map enable no ipv6 mld (vrf NAME) ssm-map enable

Parameter vrf

(Optional). Specify the VRF name.

Command Mode Interface mode for VLAN interface

Example This example shows how to enable MLD SSM mapping on the router.

ZebOS#configure terminal ZebOS(config)#ipv6 mld ssm-map enable

Related Commands ipv6 mld ssm-map static

329

MLD Multicast Commands

ipv6 mld ssm-map static Use this command to specify the static mode of defining SSM mapping. SSM mapping statically assigns sources to MLDv1 groups to translate such (*,G) groups’ memberships to (S,G) memberships for use with PIM-SSM. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to remove the SSM map association.

Command Syntax ipv6 mld (vrf NAME) ssm-map static (WORD) [X:X::X:X] no ipv6 mld (vrf NAME) ssm-map static (WORD) [X:X::X:X]

Parameters vrf

(Optional). Specify the VRF name.

WORD

Specify IPv6 named standard access-list.

X:X::X:X

Specify IPv6 address.

Command Mode Interface mode for VLAN interface

Example This example shows how to configure an SSM static mapping for group-address ff0e::1/128.

ZebOS#configure terminal ZebOS(config)#ipv6 mld ssm-map static v6grp 2006::3 ZebOS(config)#ipv6 access-list v6grp permit ff0e::1/128

Related Commands ipv6 mld ssm-map enable

330

MLD Multicast Commands

ipv6 mld static-group Use this command to statically configure IPv6 group membership entries on an interface. To statically add only a group membership, do not specify any parameters. This command applies to MLD operation on a specific interface to statically add group and/or source records; or to MLD Snooping on a VLAN interface to statically add group and/or source records. Use the no parameter with this command to delete static group membership entries.

Command Syntax ipv6 mld static-group (vrf NAME) [X:X::X:X (interface IFNAME)(source {Y:Y::Y:Y|ssmmap})] no ipv6 mld static-group (vrf NAME) [X:X::X:X (interface IFNAME)(source {Y:Y::Y:Y |ssm-map})]

Parameters vrf

(Optional). Specify the VRF name.

X:X::X:X

Standard IPv6 Multicast group address to be configured as a static group member.

interface

(Optional).Physical interface. Use this parameter on a VLAN when a static configuration is required for MLD snooping. If used, static configuration is applied to the physical interface. If not used, static configuration is applied on all VLAN constituent interfaces.

IFNAME source

Physical interface name. (Optional).Static Source to be Joined

Y:Y::Y:Y

Standard IPv6 source address to be configured as a static source from where multicast packets originate.

ssm-map

Mode of defining SSM mapping. SSM mapping statically assigns sources to MLDv1 groups to translate these (*,G) groups' memberships to (S,G) memberships for use with PIM-SSM.

Command Mode Interface mode for VLAN interface

Examples The following examples show how to statically add group and/or source records for MLD Snooping:

ZebOS#configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld static-group ff1e::10 ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld static-group ff1e::10 source fe80::2fd:6cff:fe1c:b ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld static-group ff1e::10 source ssm-map ZebOS(config)#interface vlan1.1 ZebOS(config-if)#ipv6 mld static-group ff1e::10 interface eth0

331

MLD Multicast Commands

ipv6 mld version Use this command to set the current MLD protocol version on an interface. This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use the no parameter with this command to return to the default version on an interface.

Command Syntax ipv6 mld version no ipv6 mld version

Parameter

Specify a MLD protocol version number.

Default Default MLD protocol version number is 2.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface 0 ZebOS(config-if)#ipv6 mld version 1

332

MLD Multicast Commands

show ipv6 mld groups Use this command to display the multicast groups with receivers directly connected to the router, and learned through MLD.

Command Syntax show ipv6 mld (vrf NAME) groups (X:X::X:X|IFNAME|detail)

Parameters vrf

(Optional). Specify the VRF name.

X:X::X:X

Address of the multicast group.

IFNAME

Interface name for which to display local information.

detail

MLDv2 source information

Command Mode Exec mode and Privileged Exec mode

Example The following command displays local-membership information for all interfaces:

ZebOS#show ipv6 mld groups MLD Connected Group Membership Group Address Interface Uptime ff1e::10 ge10 00:03:16

Expires 00:01:09

Last Reporter fe80::202:b3ff:fef0:79d8

333

MLD Multicast Commands

show ipv6 mld interface Use this command to display the state of MLD, MLD Proxy service, and MLD Snooping for a specified interface, or all interfaces.

Command Syntax show ipv6 mld (vrf NAME) [interface (IFNAME)]

Parameters vrf

(Optional). Specify the VRF name.

IFNAME

Interface name for which to display local information.

Command Mode Exec mode and Privileged Exec mode

Example The following displays MLD interface status on all interfaces enabled for MLD.

ZebOS#show ipv6 mld interface Interface eth1 (Index 2) MLD Enabled, Active, Querier, Version 2 (default) Internet address is fe80::2fd:6cff:fe1c:b MLD interface has 0 group-record states MLD activity: 0 joins, 0 leaves MLD query interval is 125 seconds MLD querier timeout is 255 seconds MLD max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds

334

MLD Multicast Commands

show ipv6 mld snooping mrouter Use this command to display the multicast router interfaces, both configured and learned, in a VLAN.

Command Syntax show ipv6 mld (vrf NAME) snooping mrouter [interface (IFNAME)]

Parameters vrf IFNAME

(Optional). Specify the VRF name. The name of the VLAN interface

Command Mode Exec mode and Privileged Exec mode

Example The following displays the multicast router interfaces in VLAN 1.1

ZebOS#show ipv6 mld snooping mrouter vlan1.1 VLAN Interface 1 ge9 1 ge11

335

MLD Multicast Commands

show ipv6 mld snooping statistics Use this command to display MLD Snooping statistics data.

Command Syntax show ipv6 mld (vrf NAME) snooping statistics [interface (IFNAME)]

Parameters vrf IFNAME

(Optional). Specify the VRF name. The name of the VLAN interface

Command Mode Exec mode and Privileged Exec mode

Example The following displays MLDv2 statistical information for the ge10 interface.

ZebOS#show ipv6 mld snooping statistics ge10 Interface: ge10 Group: ff1e::10 Uptime: 00:00:13 Group mode: Include Last reporter: fe80::202:b3ff:fef0:79d8 Group source list: (R - Remote, M - SSM Mapping) Source Address Uptime v2 Exp Fwd Flags 7ffe::4 00:00:13 00:04:06 Yes R

336

CHAPTER 13

NSM Multicast Commands

This chapter contains NSM Multicast related commands in alphabetical order. For IGMP and MLD specific Multicast commands, see Chapter11, IGMP Multicast Commands. This chapter includes the following commands: •

clear ip mroute on page 338



clear ip mroute statistics on page 339



clear ipv6 mroute on page 340



clear ipv6 mroute statistics on page 341



debug nsm mcast on page 342



ip mroute on page 343



ip multicast route-limit on page 344



ip multicast ttl-threshold on page 345



ip multicast-routing on page 346



ipv6 mroute on page 347



ipv6 multicast route-limit on page 348



ipv6 multicast-routing on page 349



show ip mroute on page 350



show ip mvif on page 352



show ip rpf on page 353



show ipv6 mif on page 354



show ipv6 mroute on page 355



show ipv6 rpf on page 356

337

NSM Multicast Commands

clear ip mroute Use this command to delete entries from the IP multicast routing table. When this command is used, the MRIB clears the multicast route entries in its multicast route table, and removes the entries from the multicast forwarder. The MRIB sends a clear message to the multicast protocols. Each multicast protocol has its own clear multicast route command. The protocol-specific clear command clears multicast routes from the protocol and clears the routes from the MRIB.

Command Syntax clear ip mroute (*|A.B.C.D|A.B.C.D|pim|sparse-mode) vrf

Parameters *

Deletes all multicast routes.

A.B.C.D

Group IP address.

A.B.C.D

Source IP address.

pim

Protocol Independent Multicast (PIM).

sparse-mode

Sparse Mode (PIM-SM).

vrf

(Optional). Specify the VRF name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#clear ip mroute vrf VRF_A 225.1.1.1 3.3.3.3

338

NSM Multicast Commands

clear ip mroute statistics Use this command to delete multicast route statistics entries from the IP multicast routing table.

Command Syntax clear ip mroute (*|A.B.C.D|A.B.C.D) vrf

Parameters *

Deletes all multicast routes.

A.B.C.D

Group IP address.

A.B.C.D

Source IP address.

vrf

(Optional). Specify the VRF name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#clear ip mroute statistics 225.1.1.2 4.3.4.4

339

NSM Multicast Commands

clear ipv6 mroute Use this command to delete entries from the IPv6 multicast routing table. When this command is used, the MRIB clears the multicast route entries in its multicast route table, and removes the entries from the multicast forwarder. The MRIB sends a clear message to the multicast protocols. Each multicast protocol has its own clear multicast route command.

Command Syntax clear ipv6 mroute (*|X:X::X:X|X:X::X:X|pim|sparse-mode) vrf

Parameters *

Deletes all multicast routes.

X:X::X:X

Group IP address.

X:X::X:X

Source IP address.

pim

Protocol Independent Multicast (PIM).

sparse-mode

Sparse Mode (PIM-SM).

vrf

(Optional). Specify the VRF name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#clear ipv6 mroute ff1e::10 3ffe::1

340

NSM Multicast Commands

clear ipv6 mroute statistics Use this command to delete multicast route statistics entries from the IPv6 multicast routing table.

Command Syntax clear ipv6 mroute statistics (*|X:X::X:X|X:X::X:X) vrf

Parameters *

Deletes all multicast routes.

X:X::X:X

Group IP address.

X:X::X:X

Source IP address.

vrf

(Optional). Specify the VRF name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#clear ipv6 mroute ff1e::100 3ffe::3

341

NSM Multicast Commands

debug nsm mcast Use this command to debug events in the multicast RIB. Use the no parameter with this command to disable all MLD debugging or debugging of a specific component.

Command Syntax debug nsm mcast (vrf [NAME]) (all|fib-msg|mrt|mtrace|mtrace-detail|register|stats |vif) no debug nsm mcast (vrf [NAME]) (all|fib-msg|mrt|mtrace|mtrace-detail|register |stats|vif)

Parameters NAME

Debug VPN Routing/Forwarding instance.

all

Debug all IGMP.

fib-msg

Debug multicast FIB messages.

mrt

Debug multicast routes.

mtrace

Debug multicast traceroute

mtrace-detail

Debug multicast traceroute detailed debugging.

register

Debug multicast PIM register messages.

stats

Debug multicast statistics.

vif

Debug multicast interface.

Command Mode Privileged Exec mode and Configure mode

Example ZebOS#configure terminal ZebOS(config)#debug nsm mcast register

342

NSM Multicast Commands

ip mroute Use this command to create a multicast static route. Use the no form of this command to clear the route. Multicast static routes are unicast routes which allow multicast and unicast topologies to be incongruous. These routes are used by multicast routing protocols to perform reverse-path forwarding (RPF) checks. Use the no form of this command to clear the route.

Command Syntax ip mroute [vrf (NAME)|A.B.C.D/M|A.B.C.D|INTERFACE|bgp|isis|ospf|rip|static (A.B.C.D |INTERFACE) ] no ip mroute [vrf (NAME)|A.B.C.D/M|A.B.C.D|INTERFACE|bgp|isis|ospf|rip|static (A.B.C.D|INTERFACE) ]

Parameters NAME

(Optional) Specify the VRF name for the static route.

A.B.C.D/M

Specify multicast source IP address and mask

A.B.C.D

RPF address for the multicast route. The host IP address can be a directly connected system or a remote system. For remote systems, a recursive lookup is done from the unicast routing table to find a directly connected system. Recursive lookup is done up to only one level.

INTERFACE

Incoming interface name. Can only be specified for non-broadcast interfaces.

bgp

Specify the Border Gateway Protocol (BGP).

isis

Specify the Intermediate system to intermediate system (IS-IS) protocol.

ospf

Specify the Open Shortest Patch First (OSPF) protocol.

rip

Specify the Routing Information Protocol (RIP) protocol.

static

Specify a static route.

A.B.C.D

Specify Reverse path forwarding (RPF) neighbor address or route.

INTERFACE

Specify Reverse path forwarding (RPF) interface or pseudo interface.



Specify whether a unicast route or multicast static route is used for the RPF lookup. Lower distances have preference. If the multicast static route has the same distance as the other RPF sources, the multicast static route takes precedence. Default is 0.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#ip mroute 10.10.10.50/1 255.255.255.0 1 ZebOS#configure terminal ZebOS(config)#ip mroute vrf VRF_A 10.10.10.50/1 255.255.255.0 1

343

NSM Multicast Commands

ip multicast route-limit Use this command to limit the number of multicast routes that can be added to a multicast routing table. It generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Note:

The mroute warning threshold must not exceed the mroute limit.

Use the no parameter with this command to disable this configuration.

Command Syntax ip multicast (vrf [NAME]) [route-limit |] no ip multicast (vrf [NAME]) [route-limit]

Parameters NAME

(Optional). Specify the VRF name.

Number of routes. Threshold at which to generate a warning message.

Default The default limit and threshold value is 2147483647.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ip multicast route-limit 34 24

344

NSM Multicast Commands

ip multicast ttl-threshold Use this command to configure the time-to-live (TTL) threshold of packets being forwarded out of an interface. Only multicast packets with a TTL value greater than the threshold are forwarded out of the interface. Use the no parameter with this command to return to the default TTL threshold.

Command Syntax ip multicast ttl-threshold no ip multicast ttl-threshold

Parameters

The time-to-live threshold.

Default The default TTL value is 1.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip multicast ttl-threshold 34

345

NSM Multicast Commands

ip multicast-routing Use this command to turn on/off multicast routing on the router; when turned off, the multicast protocol daemon remains present, but does not perform multicast functions. When multicast routing is enabled, the MRIB re-creates tunnels, and starts processing any VIF addition/deletion requests, MRT addition/deletion requests, and any multicast forwarding events. Use the no parameter with this command to disable this function. When the no parameter is used, the MRIB releases all VIFs and tunnels, cleans up MRTs, stops IGMPv2 operation and stops relaying multicast forwarder events to multicast protocols.

Command Syntax ip multicast-routing (vrf [NAME]) no ip multicast-routing (vrf [NAME])

Parameter NAME

(Optional). Specify the VRF name.

Default By default, multicast routing is on.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ip multicast-routing

346

NSM Multicast Commands

ipv6 mroute Use this command to create a multicast static route. Use the no form of this command to clear the route. Multicast static routes are unicast routes which allow multicast and unicast topologies to be incongruous. These routes are used by multicast routing protocols to perform reverse-path forwarding (RPF) checks. Use the no form of this command to clear the route.

Command Syntax ipv6 mroute [vrf (NAME)|X:X::X:X/M|X:X::X:X|INTERFACE|bgp|isis|ospf|rip|static (X:X::X:X|INTERFACE) ] no ippv6 mroute [vrf (NAME)|X:X::X:X/M|X:X::X:X|INTERFACE|bgp|isis|ospf|rip|static (X:X::X:X|INTERFACE) ]

Parameters NAME

(Optional) Specify the VRF name for the static route.

X:X::X:X/M

Specify multicast source IP address and mask

X:X::X:X

RPF address for the multicast route. The host IP address can be a directly connected system or a remote system. For remote systems, a recursive lookup is done from the unicast routing table to find a directly connected system. Recursive lookup is done up to only one level.

INTERFACE

Incoming interface name. Can only be specified for non-broadcast interfaces.

bgp

Specify the Border Gateway Protocol (BGP).

isis

Specify the Intermediate system to intermediate system (IS-IS) protocol.

ospf

Specify the Open Shortest Patch First (OSPF) protocol.

rip

Specify the Routing Information Protocol (RIP) protocol.

static

Specify Static routes.

X:X::X:X

Specify Reverse path forwarding (RPF) neighbor address or route.

INTERFACE

Specify Reverse path forwarding (RPF) interface or pseudo interface.



Specify whether a unicast route or multicast static route is used for the RPF lookup. Lower distances have preference. If the multicast static route has the same distance as the other RPF sources, the multicast static route takes precedence. Default is 0.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ipv6 mroute 10:10::10:50/1 255.255.255.0 1 ZebOS#configure terminal ZebOS(config)#ipv6 mroute vrf VRF_A 10:10::10:50/1 255.255.255.0 1

347

NSM Multicast Commands

ipv6 multicast route-limit Use this command to limit the number of IPv6 multicast routes that can be added to a multicast routing table. It generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Note:

The mroute warning threshold must not exceed the mroute limit.

Use the no parameter with this command to disable this configuration.

Command Syntax ipv6 multicast route-limit (vrf [NAME]) | no ipv6 multicast route-limit (vrf [NAME]) |

Parameters NAME

(Optional). Specify the VRF name.

Number of routes. Threshold at which to generate a warning message.

Default The default limit and threshold value is 2147483647.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ipv6 multicast route-limit 34 34

348

NSM Multicast Commands

ipv6 multicast-routing Use this command to turn on/off IPv6 multicast routing on the router; when turned off, the multicast protocol daemon remains present, but does not perform multicast functions. When multicast routing is enabled, the MRIB re-creates tunnels, and starts processing any VIF addition/deletion requests, MRT addition/deletion requests, and any multicast forwarding events. Use the no parameter with this command to disable this function. When the no parameter is used, the MRIB releases all VIFs and tunnels, cleans up MRTs, stops IGMPv2 operation and stops relaying multicast forwarder events to multicast protocols.

Command Syntax ipv6 multicast-routing (vrf NAME) no ipv6 multicast-routing (vrf NAME)

Parameter NAME

(Optional). Specify the VRF name.

Default By default, multicast routing is enabled.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#ipv6 multicast-routing

349

NSM Multicast Commands

show ip mroute Use this command to display the contents of the IP multicast routing (mroute) table.

Command Syntax show ip mroute [A.B.C.D|count|dense|sparse|summary|vrf NAME]

Parameters A.B.C.D

Source or Group IP address.

count

Route and packet count data.

dense

Show dense multicast routes.

sparse

Show sparse multicast routes.

summary

Provide abbreviated display.

NAME

(Optional). Specify the VRF name.

Command Mode Exec and Privileged Exec mode

Example The following is a sample output of this command displaying the IP multicast routing table, with and without specifying the group and source IP address:

ZebOS#show ip mroute IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:00:31, stat expires 00:02:59 Owner PIM-SM, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (1) ZebOS#show ip mroute 10.10.1.52 224.0.1.3 IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:03:24, stat expires 00:01:28 Owner PIM-SM, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (1) The following is a sample output of this command displaying the packet count from the IP multicast routing table: ZebOS#show ip mroute count IP Multicast Statistics Total 1 routes using 132 bytes memory

350

NSM Multicast Commands

Route limit/Route threshold: 2147483647/2147483647 Total NOCACHE/WRONGVIF/WHOLEPKT recv from fwd: 1/0/0 Total NOCACHE/WRONGVIF/WHOLEPKT sent to clients: 1/0/0 Immediate/Timed stat updates sent to clients: 0/0 Reg ACK recv/Reg NACK recv/Reg pkt sent: 0/0/0 Next stats poll: 00:01:10 Forwarding Counts: Pkt count/Byte count, Other Counts: Wrong If pkts Fwd msg counts: WRONGVIF/WHOLEPKT recv Client msg counts: WRONGVIF/WHOLEPKT/Imm Stat/Timed Stat sent Reg pkt counts: Reg ACK recv/Reg NACK recv/Reg pkt sent (10.10.1.52, 224.0.1.3), Forwarding: 2/19456, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0 The following is a sample output for this command displaying the IP multicast routing table in an abbreviated form: ZebOS#show ip mroute summary IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), 00:01:32/00:03:20, PIM-SM, Flags: TF

351

NSM Multicast Commands

show ip mvif Use this command to display the contents of the MRIB VIF table.

Command Syntax show ip mvif (vrf NAME) (IFNAME)

Parameters IFNAME

(Optional). Specify the interface name.

NAME

(Optional). Specify the VRF name.

Command Mode Exec and Privileged Exec mode

Example The following are sample outputs of this command displaying the contents for the MRIB VIF table, both with and without the interface parameter specified:

ZebOS#show ip mvif Interface Vif Owner Idx Module wm0 0 PIM-SM Register 1 wm1 2 PIM-SM ZebOS#show ip mvif wm0 Interface Vif Owner Idx Module wm0 0 PIM-SM

352

TTL 1 1 1 TTL 1

Local Address 192.168.1.53 192.168.1.53 192.168.10.53 Local Address 192.168.1.53

Remote Address 0.0.0.0 0.0.0.0 0.0.0.0 Remote Address 0.0.0.0

Uptime 00:04:26 00:04:26 00:04:25 Uptime 00:05:17

NSM Multicast Commands

show ip rpf Use this command to display RPF information for the specified source address.

Command Syntax show ip rpf [A.B.C.D|vrf NAME]

Parameters A.B.C.D

IP address of multicast source.

vrf

(Optional). Specify the VRF name.

Command Mode Exec and Privileged Exec mode

Example ZebOS#show ip rpf 10.10.10.50 RPF information for 10.10.10.50 RPF interface: eth0 RPF neighbor: 10.1.2.1 RPF route: 0.0.0.0/0 RPF type: unicast (kernel) RPF recursion count: 0 Doing distance-preferred lookups across tables Distance: 0 Metric: 0 ZebOS#

353

NSM Multicast Commands

show ipv6 mif Use this command to display the contents of the MRIB VIF table.

Command Syntax show ipv6 mif (vrf NAME) (IFNAME)

Parameters IFNAME

Interface name

NAME

(Optional). Specify the VRF name

Command Mode Exec and Privileged Exec mode

Example The following are sample outputs of this command displaying the MRIB VIF table, with and without the interface parameter:

ZebOS#show ipv6 mif Interface Mif Idx wm0 0 Register 1 wm1 2

Owner Module PIM-SMv6 PIM-SMv6

ZebOS#show ipv6 mif wm0 Interface Mif Owner Idx Module wm0 0 PIM-SMv6

354

Uptime 00:17:18 00:17:18 00:17:18 Uptime 00:19:06

NSM Multicast Commands

show ipv6 mroute Use this command to display the contents of the IPv6 multicast routing (mroute) table.

Command Syntax show ipv6 mroute [X:X::X:X|count|dense|sparse|summary|vrf NAME]

Parameters X:X::X:X

Source or Group IP address.

count

Route and packet count data.

dense

Show dense multicast routes.

sparse

Show sparse multicast routes.

summary

Provide abbreviated display.

NAME

(Optional). Specify the VRF name.

Command Mode Exec and Privileged Exec mode

Example The following is a sample output for this command displaying the IPv6 multicast routing table:

ZebOS#show ipv6 mroute IPv6 Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (3ffe:10:10:1::96, ff1e::10), uptime 00:00:09, stat expires 00:03:21 Owner PIM-SMv6, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (3ffe:10:10:1::96, ff1e::12), uptime 00:00:02, stat expires 00:03:28 Owner PIM-SMv6, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 ZebOS#

355

NSM Multicast Commands

show ipv6 rpf Use this command to display RPF information for the specified source address.

Command Syntax show ipv6 rpf [X:X::X:X|vrf NAME]

Parameters X:X::X:X

IP address of multicast source.

vrf

(Optional). Specify the VRF name.

Command Mode Exec and Privileged Exec mode

Example ZebOS#show ipv6 rpf 10:10::10:50 RPF information for 10.10.10.50 RPF interface: eth0 RPF neighbor: 10.1.2.1 RPF route: 0.0.0.0/0 RPF type: unicast (kernel) RPF recursion count: 0 Doing distance-preferred lookups across tables Distance: 0 Metric: 0 ZebOS#

356

CHAPTER 14

NSM Traffic Engineering Commands

This chapter provides an alphabetized reference of the NSM Traffic Engineering (TE) command. It includes the following command: •

reservable-bandwidth on page 358

357

NSM Traffic Engineering Commands

reservable-bandwidth Use this command to specify the maximum reservable bandwidth per interface. This value can be a larger or smaller value than max-bandwidth. When no max-reservable-bandwidth is specified, the default is equal to the maxbandwidth. Use the no parameter to remove the maximum reservable, and use the maximum bandwidth. This command is available only when Traffic Engineering is enabled at build time. Use any of these switches to turn on TE: --enable te; --enable ospf-te; --enable cspf. Use the no parameter with this command to disable the configuration.

Command Syntax reservable-bandwidth [BANDWIDTH ] no reservable-bandwidth

Parameters BANDWIDTH

Specify a bandwidth within the range of 1 to 999 kilobits (k), megabits (m) or gigabits (g).

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#reservable-bandwidth 100m Related Commands bandwidth

358

CHAPTER 15

NSM DiffServ Commands

This chapter contains DiffServ commands in alphabetical order. It includes the following commands: •

mpls class-to-exp-bit on page 360



mpls support-diffserv-class on page 361



show mpls diffserv on page 362



show mpls diffserv class-to-exp on page 363



show mpls diffserv configurable-dscp on page 364



show mpls diffserv supported-dscp on page 365

359

NSM DiffServ Commands

mpls class-to-exp-bit Use this command to configure the node level PHB-EXP mapping. Use the no parameter with this command to remove the configuration of a PHB-EXP mapping.

Command Syntax mpls class-to-exp-bit [CLASS|] no mpls class-to-exp-bit [CLASS|]

Parameters CLASS

Diffserv class mapped to particular PHB. For example, be, ef, af11 etc.



EXP bit mapped to the specified PHB.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls class-to-exp-bit ef 3

360

NSM DiffServ Commands

mpls support-diffserv-class Use this command to configure the supported Diffserv class. Use the no parameter with this command to remove the configuration of the supported Diffserv class.

Command Syntax mpls support-diffserv-class [CLASS] no mpls support-diffserv-class [CLASS]

Parameter CLASS

Diffserv class mapped to particular PHB. For example, be, ef, af11 etc.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls support-diffserv-class af11

361

NSM DiffServ Commands

show mpls diffserv Use this command to display Diffserv configuration information.

Command Syntax show mpls diffserv

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The diffserv configuration information displayed by this command includes: •

All configurable Diffserv classes that can be used as PHB/PSC.



PHB/PSC supported by this node.



Node level PHB-EXP mapping.

Following is a sample output of the show mpls diffserv command showing diffserv configuration information.

ZebOS#show mpls diffserv MPLS Differentiated Services Configurable Classes list: DSCP Class: be, value: 000000 DSCP Class: cs1, value: 001000 DSCP Class: af11, value: 001010 DSCP Class: af12, value: 001100 DSCP Class: af13, value: 001110 DSCP Class: cs2, value: 010000 DSCP Class: af21, value: 010010 DSCP Class: af22, value: 010100 DSCP Class: af23, value: 010110 DSCP Class: cs3, value: 011000 DSCP Class: af31, value: 011010 DSCP Class: af32, value: 011100 DSCP Class: af33, value: 011110 DSCP Class: cs4, value: 100000 DSCP Class: af41, value: 100010 DSCP Class: af42, value: 100100 DSCP Class: af43, value: 100110 DSCP Class: cs5, value: 101000 DSCP Class: ef, value: 101110 DSCP Class: cs6, value: 110000 DSCP Class: cs7, value: 111000

362

NSM DiffServ Commands

show mpls diffserv class-to-exp Use this command to display the node level PHB-EXP mapping.

Command Syntax show mpls diffserv class-to-exp

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example Following is a sample output of the show mpls diffserv class-to-exp command showing PHB-EXP mapping at the node level.

ZebOS#show mpls diffserv class-to-exp MPLS Differentiated Services CLASS to EXP mapping data: CLASS DSCP_value EXP_value be 000000 0 be 000000 2 af12 001100 3

363

NSM DiffServ Commands

show mpls diffserv configurable-dscp Use this command to display all configurable DSCP values which can be used as PHB/PSC by this node.

Command Syntax show mpls diffserv configurable-dscp

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example Following is a sample output of the show mpls diffserv configurable-dscp command showing all configurable diffserv DSCP values.

ZebOS#show mpls diffserv configurable-dscp MPLS Differentiated Services Configurable Classes list: DSCP Class: be, value: 000000 DSCP Class: cs1, value: 001000 DSCP Class: af11, value: 001010 DSCP Class: af12, value: 001100 DSCP Class: af13, value: 001110 DSCP Class: cs2, value: 010000 DSCP Class: af21, value: 010010 DSCP Class: af22, value: 010100 DSCP Class: af23, value: 010110 DSCP Class: cs3, value: 011000 DSCP Class: af31, value: 011010 DSCP Class: af32, value: 011100 DSCP Class: af33, value: 011110 DSCP Class: cs4, value: 100000 DSCP Class: af41, value: 100010 DSCP Class: af42, value: 100100 DSCP Class: af43, value: 100110 DSCP Class: cs5, value: 101000 DSCP Class: ef, value: 101110 DSCP Class: cs6, value: 110000 DSCP Class: cs7, value: 111000

364

NSM DiffServ Commands

show mpls diffserv supported-dscp Use this command to display supported DSCP values that can be used as PHB/PSC by this node.

Command Syntax show mpls diffserv supported-dscp

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example Following is a sample output of the show mpls diffserv supported-dscp command showing the supported diffserv DSCP value.

ZebOS#show mpls diffserv supported-dscp MPLS Differentiated Services Supported Classes data: CLASS DSCP_value be 000000 af11 001010 af12 001100 cs5 101000

365

NSM DiffServ Commands

366

CHAPTER 16

NSM DiffServ-TE Commands

This chapter provides an alphabetized reference for each of the NSM DiffServ-TE CLI commands. It includes the following commands: •

bandwidth-constraint on page 368



bc-mode on page 369



mpls class-type on page 370



mpls te-class on page 371



show mpls dste on page 372



show mpls dste class-type on page 373



show mpls dste te-class on page 374

367

NSM DiffServ-TE Commands

bandwidth-constraint Use this command to configure the bandwidth constraint for a class type on the current interface. Use the no parameter with this command to remove the bandwidth constraint of a class type on the current interface.

Command Syntax bandwidth-constraint [CT-NAME|BANDWIDTH] no bandwidth-constraint [CT-NAME|BANDWIDTH]

Parameters CT-NAME

Specify the DS-TE class type name associated with the bandwidth.

BANDWIDTH

Specify the bandwidth constraint . Usable units include kilobit (k), megabit (m) or gigabits (g). The default value is 0.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#bandwidth-constraint a1 100m

368

NSM DiffServ-TE Commands

bc-mode Use this command to configure the bandwidth constraint mode for the current interface. There are three different modes available--MAM, RSDL and MAR.

Command Syntax bc-mode MODE

Parameter MODE

Specify the bandwidth constraint mode: MAM, RSDL or MAR. MAM is the default mode.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#bc-mode mam

369

NSM DiffServ-TE Commands

mpls class-type Use this command to configure the name for a class type. Defining the class type name enables and configures the class type on a particular node. Use the no parameter with this command to remove the class type configuration.

Command Syntax mpls class-type [CLASS-TYPE (ct0-ct)|CLASS-TYPE-NAME] no mpls class-type [CLASS-TYPE (ct0-ct)|CLASS-TYPE-NAME]

Parameters CLASS-TYPE

Class type to be configured (ct0-ct7).

CLASS-TYPE-NAME Name to be configured for the specified class type.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#mpls class-type ct1 a1

370

NSM DiffServ-TE Commands

mpls te-class Use this command to configure a TE class using the class type name and the preemption priority. Use the no parameter with this command to remove the TE class configuration.

Command Syntax mpls te-class (TE-CLASS) [CLASS-TYPE-NAME|] no mpls te-class (TE-CLASS) [CLASS-TYPE-NAME|]

Parameters CLASS-TYPE-NAME Specify class type name.

Preemption priority.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(configure)#mpls te-class te3 default 6

371

NSM DiffServ-TE Commands

show mpls dste Use this command to display the DS-TE configuration information on this node. It displays information about the configured class types and TE classes. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show mpls dste

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show mpls dste command displaying the DS-TE configuration information about the TE classes and class types.

ZebOS#show mpls dste te0: {a1, 4} te1: {a2, 5} te3: {default, 6} ct0: default ct1: a1 ct2: a2

372

NSM DiffServ-TE Commands

show mpls dste class-type Use this command to display configured DS-TE class types. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show mpls dste class-type command displaying the class types.

ZebOS#show mpls dste class-type ct0: default ct1: a1 ct2: a2

373

NSM DiffServ-TE Commands

show mpls dste te-class Use this command to display configured DSTE TE classes. To modify the lines displayed, use the | (output modifier token). To save the output to a file, use the > output redirection token.

Command Syntax show mpls dste te-class

Command Mode Exec mode and Privileged Exec mode

Example The following is a sample output of the show mpls dste te-class command displaying the TE classes.

ZebOS#show mpls dste te-class te0: {a1, 4} te1: {a2, 5} te3: {default, 6}

374

CHAPTER 17

NSM LACP Commands

This chapter provides an alphabetized reference for each of the NSM DiffServ-TE CLI commands. It includes the following commands: •

channel-group mode on page 376



port-channel load-balance on page 377



show etherchannel on page 378



show static-channel-group on page 379



static-channel-group on page 380

375

NSM LACP Commands

channel-group mode Use this command to add a port to a channel group specified by the channel group number (). This command enables link aggregation on a port, so that it may be selected for aggregation by the local system. Use the no parameter with this command to turn off link aggregation on a port.

Command Syntax channel-group mode (active|passive) no channel-group

Parameters

Specify a channel group number.

active

Enable initiation of LACP negotiation on a port.

passive

Disable initiation of LACP negotiation on a port.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#channel-group 4 mode active ZebOS#configure terminal ZebOS(config)#interface eht0 ZebOS(config-if)#no channel-group

376

NSM LACP Commands

port-channel load-balance Use this command to configure LACP port-channel load-balancing and set port selection criteria (PSC) on an interface. The load-balancing values map to macros on Broadcom, designated for specifying the port selection criteria (PSC). The Broadcom API bcmx_trunk_psc_set() is used to set the configured algorithm on the Broadcom box from the ZebOS. The Broadcom algorithm implementation decides which method to use to spread the traffic across the aggregated ports. Use the no parameter with this command to remove the load-balancing configuration and unset PSC.

Command Syntax port-channel load-balance [dst-mac|src-mac|src-dst-mac|dst-ip|src-ip|src-dstip|dst-port|src-port|src-dst-port] no port-channel load-balance

Parameters dst-ip

Destination IP address-based load balancing.

dst-mac

Destination MAC address-based load balancing.

dst-port

Destination TCP/UDP address-based load balancing.

src-dst-ip

Source and Destination IP address-based load balancing.

src-dst-mac

Source and Destination MAC address-based load balancing.

src-dst-port

Source and Destination TCP/UDP address-based load balancing.

src-ip

Source IP address-based load balancing.

src-mac

Source MAC address-based load balancing.

src-port

Source port address-based load balancing.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#port-channel load-balance src-dst-mac

377

NSM LACP Commands

show etherchannel Use this command to display information about an Ether channel specified by the channel-group number.

Command Syntax show etherchannel [|(detail)|load-balance|summary]

Parameters

Specify channel-group number.

detail

Specify detailed etherchannel information.

load-balance

Specify load balancing.

summary

Specify Etherchannel summary information.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show etherchannel 5 A sample of the output of the command follows the command example.

ZebOS#show etherchannel detail % Aggregator po1 1000003 % Mac address: 00:a0:bd:69:00:05 % Admin Key: 0001 - Oper Key 0001 % Receive link count: 1 - Transmit link count: 0 % Individual: 0 - Ready: 1 % Partner LAG- 0x8000,00-6a-3e-e7-00-03 % Link: fe3 (5003) sync: 1 % Link: fe4 (5004) sync: 1

378

NSM LACP Commands

show static-channel-group Use this command to display all configured static aggregators and their corresponding member ports.

Command Syntax show static-channel-group

Parameters None

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show static-channel-group % Static Aggregator: sa1 % Member: eth0 eth1 % Static Aggregator: sa2 % Member: eth2

379

NSM LACP Commands

static-channel-group Use this command to create a static aggregator, or add a member port to an already-existing static aggregator. This command adds the interface to the static aggregator with the specified key. If the aggregator does not exist, it is created, and the interface is added to it. The no prefix detaches the port from the static aggregator. If the port is the last member to be detached, the static aggregator is deleted. Use the no parameter with this command to detach the port from the static aggregator.

Command Syntax static-channel-group no static-channel-group

Parameter

Specify a channel group number.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#static-channel-group 2

380

CHAPTER 18

NSM VPLS Commands

This chapter provides an alphabetized reference for each of the NSM VPLS CLI commands. It includes the following commands: •

mpls vpls (Configure Mode) on page 382



mpls-vpls (Interface Mode) on page 383



show mpls vpls on page 384



vpls-description on page 386



vpls fib-entry on page 387



vpls-mtu on page 388



vpls-peer on page 389



vpls-vc on page 390

381

NSM VPLS Commands

mpls vpls (Configure Mode) Use this command to create an instance of Virtual Private LAN Service (VPLS). It also switches the command mode to VPLS mode. Use the no parameter to delete a VPLS instance.

Command Syntax mpls vpls [NAME]| no mpls vpls [NAME]|

Parameters NAME

Specify a string for identifying the VPLS instance.

Specify a 32-bit VPLS identifier value. This value must be specified for creating a new VPLS instance. It might not be specified if a pre-existing VPLS instance is being updated.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#mpls vpls test 34 ZebOS(config-vpls)#

382

NSM VPLS Commands

mpls-vpls (Interface Mode) Use this command to associate an interface with a VPLS instance. Use the no parameter to delete VPLS instance.

Command Syntax mpls-vpls [NAME] (vlan|) no mpls-vpls [NAME] (vlan|)

Parameters NAME

Specify a string for identifying the VPLS instance.

vlan

Specify an Ethernet VLAN.



Specify the VLAN identifier.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#mpls-vpls t1

383

NSM VPLS Commands

show mpls vpls Use this command to display all configured VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance.

Command Syntax show mpls vpls (NAME) [detail|mesh|spoke]

Parameters NAME

Specify the string identifying a VPLS instance.

detail

Show detailed VPLS information.

mesh

Show MPLS VPLS Mesh Forwarding information. Use this parameter to display information about all the core Virtual Circuit (VC) connections for all VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance.

spoke

Show MPLS VPLS Spoke Forwarding information. Use this parameter to display information about all the spoke VC connections for all VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance.

Command Mode Exec mode and Privileged Exec mode

Examples Using show mpls vpls command without parameters displays information about all VPLS instances. The following are two sample outputs displaying information about all VPLS instances and a specified instance.

ZebOS#show mpls vpls Name VPLS-ID Type t1 1 Ethernet VPLS t2 2 Ethernet VPLS

MPeers 2 2

SPeers 1 0

ZebOS#show mpls vpls t1 Virtual Private LAN Service Instance: t1, ID: 1 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0 Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up) Spoke Peers: t100 (Up) ZebOS# The following is a sample output of the show mpls vpls detail command displaying detailed information about all configured VPLS instances.

ZebOS#show mpls vpls detail Virtual Private LAN Service Instance: t1, ID: 1 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0 Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up) Spoke Peers: t100 (Up)

384

NSM VPLS Commands

Virtual Private LAN Service Instance: t2, ID: 2 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0 Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up) ZebOS# The following is a sample output of the show mpls vpls mesh command displaying information about all the core VC connections for all VPLS instances. ZebOS#show VPLS-ID 1 1 2 2

mpls vpls mesh Peer Addr 192.168.0.80 192.168.0.90 192.168.0.80 192.168.0.90

In-Intf eth0 eth1 eth0 eth1

In-Label 16 18 19 17

Out-Intf eth0 eth1 eth0 eth1

Out-Label Lkps/St 640 1/Up 642 1/Up 641 1/Up 643 1/Up

The following is a sample output of the show mpls vpls spoke displaying the spoke VC connection to the VPLS instance.

ZebOS#show mpls vpls spoke VPLS-ID Virtual Circuit In-Intf 1 t100 eth2

In-Label 20

Out-Intf eth2

Out-Label Lkps/St 640 1/Up

385

NSM VPLS Commands

vpls-description Use this command to add a description line for a VPLS instance. Use the no parameter to remove a VPLS description line.

Command Syntax vpls-description LINE no vpls-description LINE

Parameter LINE

Specify a description line for this VPLS.

Command Mode VPLS Mode

Example ZebOS#configure terminal ZebOS(config)#mpls vpls test 34 ZebOS(config-vpls)#vpls-description This is for testing

386

NSM VPLS Commands

vpls fib-entry Use this command to create a new static VPLS FIB entry. When a VPLS peer is configured manually, no signaling is done. Therefore, a VPLS static entry must be created for these manual nodes. Use the no option with this command to delete the static VPLS FIB entry.

Command Syntax vpls fib-entry VPLS-ID [peer A.B.C.D|spoke-name VC-NAME] (IN-LABEL|OUT-INTF|OUTLABEL) no vpls fib-entry VPLS-ID [peer A.B.C.D|spoke-name VC-NAME] (IN-LABEL|OUT-INTF |OUT-LABEL)

Parameters VPLS-ID

VPLS identifier.

peer

Mesh peer address VPLS identifier.

A.B.C.D spook-NAME VC-NAME

Peer IPv4 Address. Spoke VC name. Virtual Circuit Name.

IN-LABEL

Incoming label value in the range of .

OUT-INTF

Provider-facing interface.

OUT-LABEL

Outgoing label value in the range of .

Command Mode VPLS Mode

Examples The first example shows how to configure VPLS FIB entry 100 with mesh peer 97.97.97.97 for incoming label 50426, outgoing interface eth2 with outgoing label 50426:

ZebOS#configure terminal ZebOS(config)#vpls fib-entry 100 peer 97.97.97.97 50426 eth2 50426 The second example shows how to configure VPLS FIB entry 100 with spoke-vc t1 for incoming label 50426, outgoing interface eth2 with outgoing label 50426:

ZebOS#configure terminal ZebOS(config)#vpls fib-entry 100 spoke-vc t1 50426 eth2 50426

387

NSM VPLS Commands

vpls-mtu Use this command to set the Maximum Transmission Unit (MTU) size for a given VPLS instance. This size is signaled to peer VPLS routers. Use the no parameter to unset the MTU size.

Command Syntax vpls-mtu no vpls-mtu

Parameter

Allowed MTU size to be used for a given VPLS instance.

Command Mode VPLS Mode

Example ZebOS#configure terminal ZebOS(config)#mpls vpls test 34 ZebOS(config-vpls)#vpls-mtu 6506

388

NSM VPLS Commands

vpls-peer Use this command to create a VPLS virtual circuit with a core router. The VC ID is the same as the VPLS ID configured for this VPLS. At least one such peer configuration is required for every VPLS instance. Use the no parameter to delete the VPLS virtual circuit to a specified peer.

Command Syntax vpls-peer (A.B.C.D) [tunnel-id ] [manual] no vpls-peer (A.B.C.D) [tunnel-id ] [manual]

Parameters A.B.C.D

Specify the address of a VPLS peer node to which a mesh virtual circuit is to be created.

tunnel-id

Specify the tunnel-identifier.

manual

Specify the tunnel within this range. Signaling is not used to set up the virtual circuit.

Command Mode VPLS Mode

Examples ZebOS#configure terminal ZebOS(config)#mpls vpls test 100 ZebOS(config-vpls)#vpls-peer 97.97.97.97 manual ZebOS(config-vpls)#vpls-peer 97.97.97.97 tunnel-id 24 manual

389

NSM VPLS Commands

vpls-vc Use this command to bind an instance of MPLS Virtual Circuit to VPLS. Use the no parameter to unbind the specified Virtual Circuit from a VPLS instance.

Command Syntax vpls-vc [NAME] no vpls-vc [NAME]

Parameter NAME

Specify is a string identifying the MPLS Virtual Circuit to be added to this VPLS instance.

Command Mode VPLS Mode

Example ZebOS#configure terminal ZebOS(config)#mpls vpls test 34 ZebOS(config-vpls)#vpls-vc VC1

390

CHAPTER 19

Tunneling Commands

This chapter contains ZebOS commands related to IP tunneling. These commands are available only if tunneling configuration options are enabled when compiling the kernel (for example, IP:Tunneling under Networking Options). Refer to Configuring and Compiling the Linux Kernel appendix in the ZebOS Installation Guide for details. This chapter includes the following commands: •

dmac on page 392



interface tunnel on page 393



tunnel checksum on page 394



tunnel destination on page 395



tunnel mode on page 396



tunnel path-mtu-discovery on page 397



tunnel source on page 398



tunnel tos on page 399



tunnel ttl on page 400

391

Tunneling Commands

dmac Use this command to set a destination MAC address for tunneled packets. This command supports IP-in-IP tunneling on Broadcom. Use the no option with this command to remove the destination MAC address.

Command Syntax dmac [HHHH.HHHH.HHHH] no dmac [HHHH.HHHH.HHHH]

Parameter HHHH.HHHH.HHHH Destination address in MAC format.

Default If a specific MAC address is not set with this command, all tunneled packets are sent with a destination address of 0.

Command Mode Interface mode

Examples broadcom(config)#interface tunnel 7 broadcom(config-if)#dmac 1213.2322.123

392

Tunneling Commands

interface tunnel Use this command to create a new tunnel interface. Use the no parameter to destroy the tunnel interface.

Command Syntax interface tunnel no interface tunnel

Parameter

Specify a tunnel interface number.

Default Disabled

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#interface tunnel 100 ZebOS(config-if)#

Related Commands tunnel mode, tunnel source, tunnel destination

393

Tunneling Commands

tunnel checksum Use this command to enable a checksum feature for the tunnel. When configuring the tunnel checksum, make sure to: •

configure the tunnel checksum feature before configuring the tunnel source and destination.



configure the tunnel checksum on both ends of the tunnel.

Use the no parameter to disable the feature.

Command Syntax tunnel checksum no tunnel checksum

Parameters None

Default Disabled

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#tunnel checksum ZebOS(config-if)#tunnel source 192.168.1.1 ZebOS(config-if)#tunnel destination 192.168.254.2

Related Commands interface tunnel, tunnel mode, tunnel source, tunnel destination

394

Tunneling Commands

tunnel destination Use this command to specify a tunnel destination address in an IPv4 portion. Use the no parameter to undo the address.

Command Syntax tunnel destination [A.B.C.D] no tunnel destination

Parameter A.B.C.D

Specify a tunnel destination IPv4 address.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 200 ZebOS(config-if)#tunnel mode ipip ZebOS(config-if)#tunnel source 10.10.0.1 ZebOS(config-if)#tunnel destination 10.11.0.1

Related Commands Interface tunnel, tunnel mode, tunnel source

395

Tunneling Commands

tunnel mode Use this command to configure an IPv4 or IPv6 tunnel mode. This command specifies a tunnel encapsulation mode. Currently, GRE and IPIP mode are supported. The GRE tunnel mode is used for IPv4 to IPv4 tunneling, as well as, IPv6 to IPv4 tunneling. Use the no parameter to unconfigure the mode.

Command Syntax tunnel mode [gre|ipip|ipv6ip] (6to4|isatap) no tunnel mode [gre|ipip|ipv6ip] (6to4|isatap)

Parameters gre

Generic Routing Encapsulation (GRE) tunnel mode.

ipip

IPIP tunnel mode.

ipv6ip

IPv6 over IP encapsulation.

6to4

IPv6 automatic tunnelling using 6to4.

isatap

IPv6 automatic tunnelling using ISATAP.

Note:

Using the ipv6ip parameter without the 6to4 or isatap parameters specifies manual configuration mode.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 2 ZebOS(config-if)#tunnel source 192.168.1.1 ZebOS(config-if)#tunnel destination 192.168.2.1 ZebOS(config-if)#tunnel mode gre ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel source 10.10.1.1 ZebOS(config-if)#tunnel destination 10.10.2.1 ZebOS(config-if)#tunnel mode ipv6ip

Related Commands Interface tunnel, tunnel mode, tunnel source, tunnel destination

396

Tunneling Commands

tunnel path-mtu-discovery Use this command to enable path Maximum Transmission Unit (MTU) discovery in the underlying tunnel interface. Use the no parameter to disable this feature.

Command Syntax tunnel path-mtu-discovery no tunnel path-mtu-discovery

Parameters None

Default Disabled

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#tunnel source 192.168.0.1 ZebOS(config-if)#tunnel destination 10.0.0.1 ZebOS(config-if)#tunnel path-mtu-discovery

Related Commands Interface tunnel, tunnel mode, tunnel source, tunnel destination, tunnel ttl

397

Tunneling Commands

tunnel source Use this command to specify a tunnel source address in a IPv4 portion. Use the no parameter to undo the tunnel source address.

Command Syntax tunnel source [A.B.C.D] no tunnel source

Parameter A.B.C.D

IPv4 tunnel source address.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#tunnel destination 10.10.1.1 ZebOS(config-if)#tunnel source 10.11.2.1

Related Commands interface tunnel, tunnel mode, tunnel destination

398

Tunneling Commands

tunnel tos Use this command to specify a value of Type of Service (TOS) in the tunnel IPv4 encapsulation header. Use the no parameter to make 0 the default value.

Command Syntax tunnel tos no tunnel tos

Parameter

Specify a type of service integer.

Default The default TOS value is 0.

Command Mode Interface mode

Examples ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#tunnel destination 192.168.10.2 ZebOS(config-if)#tunnel source 192.168.11.1 ZebOS(config-if)#tunnel tos 10

Related Commands Interface tunnel, tunnel mode, tunnel source, tunnel destination

399

Tunneling Commands

tunnel ttl Use this command to specify a value of Time to Live (TTL) in the tunnel IPv4 encapsulation header. Enable the pathmtu-discovery before setting the TTL value. However, the first time you set the TTL value, and the path-mtudiscovery is not set, the system automatically enables the path-mtu-discovery. Use the no parameter to inheriting the underlying physical interface value by default.

Command Syntax tunnel ttl no tunnel ttl

Parameter

Specify a Time to Live integer.

Default By default, physical interface value is inherited.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface tunnel 0 ZebOS(config-if)#tunnel mode gre ZebOS(config-if)#tunnel destination 192.168.128.1 ZebOS(config-if)#tunnel source 192.168.0.1 ZebOS(config-if)#tunnel ttl 255

Related Commands tunnel path-mtu-discovery

400

CHAPTER 20

Remote Monitoring Commands

This chapter provides an alphabetized reference for each of the Remote Monitoring (RMON) CLI commands. It includes the following commands: •

rmon alarm on page 402



rmon collection history on page 403



rmon collection stats on page 404



rmon event on page 405



show rmon alarm on page 406



show rmon event on page 407



show rmon history on page 408



show rmon statistics on page 409

401

Remote Monitoring Commands

rmon alarm Use this command to configure alarm parameters, such as, alarm type, thresholds, and corresponding events on crossing the threshold for a particular variable. Use the no parameter with this command to remove the alarm configuration.

Command Syntax rmon alarm [|WORD|interval |SAMPLE_TYPE rising-threshold event falling-threshold event (owner)] no rmon alarm [WORD]

Parameters

Alarm entry index value.

WORD

Variable Object Identifier (OID) name to be monitored.

Range of values for polling interval, in seconds. delta

Alarm sample type of delta.

SAMPLE_TYPE

Alarm sample type.



Range of values for rising threshold value of the alarm entry.



Range of values for event corresponding to the alarm crossing the rising threshold value of the alarm entry.



Range of values for falling threshold value of the alarm entry.



Range of values for event corresponding to the alarm crossing the falling threshold value of the alarm entry.

owner

Owner name to identify entry.

Default No default alarm is created.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#rmon alarm 229 etherStatsEntry.1.5 interval 50 delta risingthreshold 400 event 70 falling-threshold 600 event 1 owner new

402

Remote Monitoring Commands

rmon collection history Use this command to configure a history statistics control group. History statistics parameters can be requested buckets, interval and owner name on a particular interface. The number of history statistics buckets, and the interval to collect them, can be specified. The system based on the available memory configures the granted buckets. The granted buckets are same as the requested buckets. Use the no form of this command to remove the history control configuration.

Command Syntax rmon collection history (buckets ) (interval ) (owner WORD) no rmon collection history

Parameters

Range of values for history index.



Range of values for polling interval, in seconds.



Range of values for number of requested buckets.

WORD

Owner name to identify entry.

Default No default alarm is created.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#rmon collection history 200 buckets 500 interval 600 owner herbert

403

Remote Monitoring Commands

rmon collection stats Use this command to configure an Ethernet statistics parameter, such as, index and owner name, on a particular interface. Use the no parameter with this command to remove the collection statistics configuration.

Command Syntax rmon collection stats [history |stats] (bucket |interval ) [owner (WORD)] no rmon collection stats [IF_INDEX ]

Parameters

Range of values for history commands/

stats

Specify Ethernet statistics



Specify buckets history index.



Range of polling interval,

WORD

Owner name to identify entry.

Default The default value of history index is 50. The default polling interval is 1800 seconds.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#rmon collection stats 200 owner herbert

404

Remote Monitoring Commands

rmon event Use this command to configure event parameters, such as, event type, description, and the community string corresponding to the trap if the event type is trap. The configured trap community does not take effect as the trap sending is handled by the SNMP daemon. Use the no parameter with this command to remove the event configuration.

Command Syntax rmon event TYPE (log|trap|description|log trap|owner] (WORD) no rmon event

Parameters

Event entry index value.

log

Log event type.

trap

Trap event type.

log trap

Log and trap event type.

description

Event entry description.

owner

Owner name to identify entry.

WORD

String corresponding to the trap.

Default No default event is created.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#rmon event 299 log description cond3 owner alfred

405

Remote Monitoring Commands

show rmon alarm Use this command to display the alarms and threshold configured for the RMON probe.

Command Syntax show rmon alarm

Parameters None

Command Mode Exec and Privileged Exec modes

Example ZebOS#show rmon alarm

406

Remote Monitoring Commands

show rmon event Use this command to display the events configured for the RMON probe.

Command Syntax show rmon event

Parameters None

Command Mode Exec and Privileged Exec modes

Example ZebOS#show rmon event

407

Remote Monitoring Commands

show rmon history Use this command to display the history Ethernet statistics collected on a particular interface.

Command Syntax show rmon history

Parameters None

Command Mode Exec and Privileged Exec modes

Example ZebOS#show rmon history

408

Remote Monitoring Commands

show rmon statistics Use this command to display the Ethernet statistics collected on a particular interface.

Command Syntax show rmon statistics

Parameters None

Command Mode Exec and Privileged Exec modes

Example ZebOS#show rmon statistics

409

Remote Monitoring Commands

410

CHAPTER 21

Interpeak Security Commands

This chapter provides an alphabetized reference for each of the Interpeak Security CLI commands. It includes the following commands: •

authentication on page 412



clear crypto isakmp on page 413



clear crypto sa on page 414



clear crypto sa entry on page 415



clear crypto sa map on page 416



clear crypto sa peer on page 417



crypto ipsec security-association lifetime on page 418



crypto ipsec transform-set on page 419



crypto isakmp enable on page 420



crypto isakmp keepalive on page 421



crypto isakmp key on page 422



crypto isakmp policy on page 423



crypto map (Configure Mode) on page 424



crypto map (Interface Mode) on page 425



crypto map local-address on page 426



encryption on page 427



group on page 428



hash on page 429



lifetime on page 430



match address on page 431



mode on page 432



set peer on page 433



set security-association lifetime on page 434



set session-key on page 435



set transform-set on page 436



show crypto ipsec sa on page 437



show crypto ipsec transform-set on page 438



show crypto isakmp policy on page 439



show crypto isakmp sa on page 440



show crypto map on page 441

411

Interpeak Security Commands

authentication Use this command in ISAKMP policy configuration mode to specify the authentication method within an IKE policy. IKE policies define a set of parameters to be used during IKE negotiation. The commands in this section are all entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode. Use the no form of this command to reset the authentication method to the default value.

Command Syntax authentication (pre-share|rsa-encr|rsa-sig) no authentication

Parameters pre-share

Preshared keys

rsa-encr

RSA encryption

Note:

If you specify RSA signatures, you must configure your peer routers to obtain certificates from a certification authority (CA).

rsa-sig Note:

RSA signatures

If you specify RSA encryption, you must ensure that each peer has the other peer's RSA public keys. (See the crypto key pubkey-chain rsa, addressed-key, named-key, address, and key-string (IKE) commands.)

Defaults RSA signatures

Command Mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS#authentication (pre-share|rsa-encr|rsa-sig)

412

Interpeak Security Commands

clear crypto isakmp Use this command to clear active IKE connections in Exec configuration mode.

Command Syntax clear crypto isakmp

Parameters None

Command Mode Exec mode

Example ZebOS#clear crypto isakmp

413

Interpeak Security Commands

clear crypto sa Use this command to clear and reinitialize (if appropriate) all IPSec security associations at the router. If the security associations are manually established, the security associations are deleted and reinstalled. If you make configuration changes that affect security associations, these changes will not apply to existing security associations but to negotiations for subsequent security associations. You can use this command to restart all security associations so they will use the most current configuration settings. In the case of manually established security associations, if you make changes that affect security associations you must use this command before the changes take effect.

Command Syntax clear crypto sa

Parameters None

Command Mode Exec mode

Example ZebOS#clear crypto sa

414

Interpeak Security Commands

clear crypto sa entry Use this command in global configuration mode to delete specific IPSec security associations with the specified address, protocol, and SPI. If you make configuration changes that affect security associations, these changes will not apply to existing security associations but to negotiations for subsequent security associations. You can use this command to restart all security associations so they will use the most current configuration settings. In the case of manually established security associations, if you make changes that affect security associations you must use this command before the changes take effect.

Command Syntax clear crypto sa entry [destination-address (A.B.C.D)|protocol (ah|esp|spi)]

Parameters destination-address Indicates the destination address A.B.C.D protocol

Destination address in IPv4 format. Indicates the protocol

ah

AH protocol

esp

ESP protocol

spi

SPI parameter Index of the SA to be reset

Command Mode Exec mode

Example ZebOS(config)#clear crypto sa entry destination-address A.B.C.D protocol esp

415

Interpeak Security Commands

clear crypto sa map Use this command in global configuration mode to delete specific IPSec security associations with the given name. If you make configuration changes that affect security associations, these changes will not apply to existing security associations but to negotiations for subsequent security associations. You can use this command to restart all security associations so they will use the most current configuration settings. In the case of manually established security associations, if you make changes that affect security associations you must use this command before the changes take effect.

Command Syntax clear crypto sa map [MAP_NAME]

Parameter MAP_NAME

Name of specific IP security associations.

Command Mode Exec mode

Example ZebOS(config)#clear crypto sa map MAP_NAME

416

Interpeak Security Commands

clear crypto sa peer Use this command in global configuration mode to delete specific IPSec security associations for the specified peer. If you make configuration changes that affect security associations, these changes will not apply to existing security associations but to negotiations for subsequent security associations. You can use this command to restart all security associations so they will use the most current configuration settings. In the case of manually established security associations, if you make changes that affect security associations you must use this command before the changes take effect.

Command Syntax clear crypto sa peer

Parameter

IP address of the peer.

Command Mode Exec mode

Example ZebOS(config)#clear crypto sa peer

417

Interpeak Security Commands

crypto ipsec security-association lifetime Use this command in global configuration mode to change global lifetime values used when negotiating IPSec security associations. IPSec security associations use shared secret keys. These keys and their security associations time out together. Assuming that the particular crypto map entry does not have lifetime values configured, when the router requests new security associations during security association negotiation, it will specify its global lifetime value in the request to the peer; it will use this value as the lifetime of the new security associations. When the router receives a negotiation request from the peer, it will use the smaller of the lifetime value proposed by the peer or the locally configured lifetime value as the lifetime of the new security associations. If you change a global lifetime, the change is only applied when the crypto map entry does not have a lifetime value specified. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command. The lifetime values are ignored for manually established security associations. Use the no form of the command to reset a lifetime to the default value.

Command Syntax crypto ipsec security-association lifetime (seconds|kilobytes) no crypto ipsec security-association lifetime (seconds|kilobytes)

Parameters seconds

Specify the number of seconds the security association will live before expiring.

kilobytes

Specify the volume of traffic (in kilobytes) that can pass between IPSec peers before the security association expires.

Defaults 3600 seconds (one hour) and 4,608,000 kilobytes (10 megabits per second for one hour).

Command Mode Configure mode

Example ZebOS(config)#crypto ipsec security-association lifetime (seconds|kilobytes) LIFETIME

418

Interpeak Security Commands

crypto ipsec transform-set Use this command in global configuration mode to define a transform set—an acceptable combination of security protocols and algorithms. A transform set is an acceptable combination of security protocols, algorithms and other settings to apply to IPSec protected traffic. During security association negotiation, peers use a transform set when protecting data flows. You can configure multiple transform sets and specify one or more of them in a crypto map entry. When IKE is not used to establish security associations, one transform st must be used. The transform set is not negotiated. Before a transform set can be included in a crypto map entry it must be defined using this command. A transform set specifies one or two IPSec security protocols (either ESP or AH or both) and specifies which algorithms to use with the selected security protocol. If one or more transforms are specified in the crypto ipsec transform-set command for an existing transform set, the specified transforms will replace the existing transforms for that transform set. If you change a transform set definition, the change is only applied to crypto map entries that reference the transform set. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command. Use the no parameter with this command to delete a transform set.

Command Syntax crypto ipsec transform-set [NAME] esp-auth (None|esp-md5|esp-sha1) esp-enc (espnull|esp-des|esp-3des|esp-aes|esp-blf|esp-cast) no crypto ipsec transform-set [NAME]

Parameters NAME

Name of the transform set.

ah-md5

AH with the MD5 (HMAC variant) authentication algorithm.

ah-sha1

AH with the MD5 (HMAC variant) authentication algorithm.

esp-null

Null encryption algorithm.

esp-des

ESP with the 56-bit encryption algorithm.

esp-3des

ESP with the 168-bit DES encryption algorithm (3DES or Triple DES).

esp-aes

Alternative AES algorithm.

esp-blf

Alternative Blowfish algorithm.

esp-cast

Alternative Cast algorithm.

Command Mode Configure mode

Example ZebOS(config)#crypto ipsec transform-set NAME esp-auth (None|esp-md5|esp-sha1) esp-enc (esp-null|esp-des|esp-3des|esp-aes|esp-blf|esp-cast)

419

Interpeak Security Commands

crypto isakmp enable Use this command to globally enable IKE (Internet Key Exchange) at your peer router in global configuration mode. If you do not want IKE to be used in your IPSec implementation, you can disable IKE at all your IPSec peers. If you disable IKE at one peer you must disable it at all your IPSec peers. Use the no parameter with this command to disable IKE at the peer.

Command Syntax crypto isakmp enable no crypto isakmp enable

Parameters None

Default IKE is enabled by default. IKE does not have to be enabled for individual interfaces, but is enabled globally for all interfaces at the router.

Command Mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS(config)#crypto isakmp enable

420

Interpeak Security Commands

crypto isakmp keepalive Use this command to send Internet Key Exchange (IKE) keepalive messages from one router to another router. It sends IKE keepalive messages, which detect the continued connectivity of an IKE security association (SA) between two peer points. Use the no parameter with this command to disable keepalives.

Command Syntax crypto isakmp keepalive SECS no crypto isakmp keepalive

Parameter SECS

Number of seconds between keepalive messages.

Command Mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS(config)#crypto isakmp keepalive SECS

421

Interpeak Security Commands

crypto isakmp key Use this command to configure a preshared authentication key in global configuration mode. You must configure this key whenever you specify preshared keys in an IKE policy and at both peers. If an IKE policy includes preshared keys as the authentication method, these preshared keys must be configured at both peers—otherwise the policy cannot be used (the policy will not be submitted for matching by the IKE process). The crypto isakmp key command is the second task required to configure the preshared keys at the peers. (The first task is accomplished with the crypto isakmp identity command.) Use the address keyword if the remote peer ISAKMP identity was set with its IP address. Use the no parameter with this command to remove the configuration.

Command Syntax crypto isakmp key (KEY) [A.B.C.D/M|X:X::X:X/M] no crypto isakmp key (KEY) [A.B.C.D/M|X:X::X:X/M]

Parameters KEY

Specify the preshared key. Us any combination of alphanumeric characters up to 128 bytes.

A.B.C.D/M

IPv4 address of peer.

X:X::X:X/M

IPv6 address of peer.

Command mode Configure mode

Example ZebOS(config)#crypto isakmp key KEY address A.B.C.D/M|X:X::X:X/MY

422

Interpeak Security Commands

crypto isakmp policy Use this command to define an IKE policy in global configuration mode. IKE policies define a set of parameters to be used during the IKE negotiation. These parameters are used to create the IKE security association [SA]. This command invokes the ISAKMP policy configuration (config-isakmp) mode. You can configure multiple IKE policies on each peer participating in IPSec. When the IKE negotiation begins, it tries to find a common policy configured on both peers, starting with the highest priority policies as specified on the remote peer. Use the no parameter with this command to delete an IKE policy.

Command Syntax crypto isakmp policy PRIORITY no crypto isakmp policy PRIORITY

Parameter PRIORITY

Uniquely identifies the IKE policy and assigns a priority to the policy.

Command mode Configure mode

Example ZebOS(config)#crypto isakmp policy PRIORITY

423

Interpeak Security Commands

crypto map (Configure Mode) Use this command in global configuration mode to create or modify a crypto map entry and enter the crypto map configuration mode. Once a crypto map entry has been created, you cannot change the parameters specified at the global configuration level because these parameters determine which of the configuration commands are valid at the crypto map level. For example, once a map entry has been created as ipsec-isakmp, you cannot change it to ipsec-manual or Cisco; you must delete and reenter the map entry. After you define crypto map entries, you can assign the crypto map set to interfaces using the crypto map (interface IPSec) command. Use the no parameter with this command to delete a crypto map entry or set.

Command Syntax crypto map [MAP-NAME] (SEQ-NUM) (ipsec-manual|ipsec-isakmp) no crypto map [MAP-NAME] (SEQ-NUM)

Parameters MAP-NAME

The name you assign to the crypto map set.

SEQ-NUM

The number you assign to the crypto map entry

ipsec-manual

Indicate that IKE will not be used to establish the IPSec security associations for protecting the traffic specified by this crypto map entry.

ipsec-isakmp

Indicate that IKE will be used to establish the IPSec security associations for protecting the traffic specified by this crypto map entry.

Command mode Configure mode

Example ZebOS(config)#crypto map MAP-NAME SEQ-NUM

424

Interpeak Security Commands

crypto map (Interface Mode) Use this command in interface configuration mode to apply a previously defined crypto map set to an interface. You must assign a crypto map set to an interface before that interface can provide IPSec services. Only one crypto map set can be assigned to an interface. If multiple crypto map entries have the same map-name but a different seq-num, they are considered to be part of the same set and will all be applied to the interface. The crypto map entry with the lowest seq-num is considered the highest priority and will be evaluated first. A single crypto map set can contain a combination of ipsec-isakmp, and ipsec-manual crypto map entries. Use the no parameter with this command to remove the crypto map set from the interface.

Command Syntax crypto map [MAP-NAME] no crypto map [MAP-NAME]

Parameter MAP-NAME

The name you assign to the crypto map set.

Command mode Interface mode

Example ZebOS(config)#interface eth1 ZebOS(config-if)#crypto map MAP-NAME

425

Interpeak Security Commands

crypto map local-address Use this command to specify and name an identifying interface to be used by the crypto map for IPSec traffic. If you apply the same crypto map to two interfaces and do not use this command, two separate security associations (with different local IP addresses) could be established to the same peer for similar traffic. If you are using the second interface as redundant to the first interface, it could be preferable to have a single security association (with a single local IP address) created for traffic sharing the two interfaces. Having a single security association decreases overhead and makes administration simpler. Use the no parameter with this command to remove this command from the configuration.

Command Syntax crypto map [MAP-NAME] local-address [INTERFACE-ID] no crypto map [MAP-NAME] local-address

Parameters MAP-NAME

The name that identifies the crypto map set.

INTERFACE-ID

Specify the identifying interface that should be used by the router to identify itself to remote peers.

Command mode Configure mode

Example ZebOS(config)#encryption des

426

Interpeak Security Commands

encryption Use this command to specify the encryption algorithm within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. This command is entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode. Use the no parameter with this command to reset the encryption algorithm to the default value.

Command Syntax encryption (1des|3des) no encryption

Parameters 1des

Specify 56-bit DES-CBC as the encryption algorithm.

3des

Specify 168-bit DES (3DES) as the encryption algorithm.

Command mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS(config)#encryption des

427

Interpeak Security Commands

group Use this command to specify the Diffie-Hellman group identifier within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. This command is entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode. Use the no parameter with this command to reset the Diffie-Hellman group identifier to the default value.

Command Syntax group (1|2) no group

Parameters 1

Indicate group number 1.

2

Indicate group number 2.

Defaults 768-bit Diffie-Hellman (group 1)

Command mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS(config)#group 1

428

Interpeak Security Commands

hash Use this command to specify the hash algorithm within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. This command is entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode. Use the no parameter with this command to reset the hash algorithm to the default SHA-1 hash algorithm.

Command Syntax hash (md5|sha) no hash

Parameters md5

Specify MD5 (HMAC variant) as the hash algorithm.

sha

Specify SHA-1 (HMAC variant) as the hash algorithm.

Default Default is the SHA-1 hash algorithm.

Command mode ISAKMP policy configuration mode (config-isakmp)

Example ZebOS(config)#hash md5

429

Interpeak Security Commands

lifetime Use the lifetime (IKE policy) command in ISAKMP policy configuration mode to specify the lifetime of an IKE security association (SA). The commands in this section are all entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode. When IKE begins negotiations, the first thing it does is agree upon the security parameters for its own session. The agreed-upon parameters are then referenced by an SA at each peer. The SA is retained by each peer until the SA's lifetime expires. Before an SA expires, it can be reused by subsequent IKE negotiations, which can save time when setting up new IPSec SAs. Before an SA expires, it can be reused by subsequent IKE negotiations, which can save time when setting up new IPSec SAs. New IPSec SAs are negotiated before current IPSec SAs expire. So, to save setup time for IPSec, configure a longer IKE SA lifetime. However, shorter lifetimes limit the exposure to attackers of this SA. The longer an SA is used, the more encrypted traffic can be gathered by an attacker and possibly used in an attack. Note that when your local peer initiates an IKE negotiation between itself and a remote peer, an IKE policy can be selected only if the lifetime of the remote peer's policy is longer than or equal to the lifetime of the local peer's policy. Then, if the lifetimes are not equal, the shorter lifetime will be selected. To restate this behavior: If the two peer's policies' lifetimes are not the same, the initiating peer's lifetime must be shorter and the responding peer's lifetime must be longer, and the shorter lifetime will be used. Use the no parameter with this command to reset the SA lifetime to the default value.

Command Syntax lifetime LIFETIME no lifetime

Parameter LIFETIME

Specify how many seconds each SA should exist before expiring.

Defaults The default lifetime value is 28 800 seconds/

Command mode ISAKMP policy configuration mode (config-isakmp)

Usage Example ZebOS(config)#lifetime LIFETIME

430

Interpeak Security Commands

match address Use this command in crypto map configuration mode to specify an extended access list for a crypto map entry. Use this command to assign an extended access list to a crypto map entry. You also need to define this access list using the access-list or ip access-list extended commands. The extended access list specified with this command will be used by IPSec to determine which traffic should be protected by crypto and which traffic does not need crypto protection. (Traffic that is permitted by the access list will be protected. Traffic that is denied by the access list will not be protected in the context of the corresponding crypto map entry.) Note that the crypto access list is not used to determine whether to permit or deny traffic through the interface. An access list applied directly to the interface makes that determination. The crypto access list specified by this command is used when evaluating both inbound and outbound traffic. Outbound traffic is evaluated against the crypto access lists specified by the interface's crypto map entries to determine if it should be protected by crypto and if so (if traffic matches a permit entry) which crypto policy applies. (If necessary, in the case of static IPSec crypto maps, new security associations are established using the data flow identity as specified in the permit entry; in the case of dynamic crypto map entries, if no SA exists, the packet is dropped.) After passing the regular access lists at the interface, inbound traffic is evaluated against the crypto access lists specified by the entries of the interface's crypto map set to determine if it should be protected by crypto and, if so, which crypto policy applies. (In the case of IPSec, unprotected traffic is discarded because it should have been protected by IPSec.) In the case of IPSec, the access list is also used to identify the flow for which the IPSec security associations are established. In the outbound case, the permit entry is used as the data flow identity (in general), while in the inbound case the data flow identity specified by the peer must be “permitted” by the crypto access list. Use the no parameter with this command to remove the extended access list from a crypto map entry.

Command Syntax match address (ACCESSLIST-ID|ACCESSLIST-NAME) no match address (ACCESSLIST-ID|ACCESSLIST-NAME)

Parameters Identify the extended access list by its number.

ACCESSLIST-ID ACCESSLIST-NAME

Identify the extended access list by its name.

Command mode Crypto map configuration mode

Example ZebOS(config)#match address ACCESSLIST-ID

431

Interpeak Security Commands

mode Use this command in crypto transform configuration mode to change the mode for a transform set. This setting is only used when the traffic to be protected has the same IP addresses as the IPSec peers (this traffic can encapsulate either in tunnel or transport mode). This setting is ignored for all other traffic (all other traffic encapsulates in tunnel mode). If you use this command to change the mode, the change will only affect the negotiation of subsequent IPSec security associations via crypto map entries which specify this transform set. (If you want the new settings to take effect sooner, you can clear all or part of the security association database. See the clear crypto sa command for more details. Use the no parameter with this command to reset the mode to the default value of tunnel.

Command Syntax mode (tunnel|transport) no mode

Parameters tunnel

Specify the tunnel mode for a transform set.

transport

Specify the transport mode for a transform set.

Command mode Crypto map configuration mode

Example ZebOS(config)#mode tunnel

432

Interpeak Security Commands

set peer Use this command in crypto map configuration mode.to specify an IPSec peer in a crypto map entry. For ipsec-isakmp crypto map entries, you can specify multiple peers by repeating this command. The peer that packets are actually sent to is determined by the last peer that the router heard from (received either traffic or a negotiation request from) for a given data flow. If the attempt fails with the first peer, IKE tries the next peer on the crypto map list. For ipsec-manual crypto entries, you can specify only one IPSec peer per crypto map. If you want to change the peer, you must first delete the old peer and then specify the new peer. Use the no parameter with this command to remove an IPSec peer from a crypto map entry.

Command Syntax set peer [A.B.C.D|X:X::X:X] no set peer [A.B.C.D|X:X::X:X]

Parameters A.B.C.D

IPv4 address of peer.

X:X::X:X

IPv6 address of peer.

Command mode Crypto map configuration mode

Example ZebOS(config)#set peer 1.1.1.1

433

Interpeak Security Commands

set security-association lifetime Use this command in crypto map configuration mode to override the global lifetime value for a particular crypto map entry. The global lifetime value is used when negotiating IPSec security associations. This command is only available for ipsec-isakmp crypto map entries and dynamic crypto map entries. IPSec security associations use shared secret keys. These keys and their security associations time out together. Assuming that the particular crypto map entry has lifetime values configured, when the router requests new security associations during security association negotiation, it will specify its crypto map lifetime value in the request to the peer; it will use this value as the lifetime of the new security associations. When the router receives a negotiation request from the peer, it will use the smaller of the lifetime value proposed by the peer or the locally configured lifetime value as the lifetime of the new security associations. There are two lifetimes: a “timed” lifetime and a “traffic-volume” lifetime. The session keys/security association expires after the first of these lifetimes is reached. Use the no parameter with this command to reset a crypto map entry’s lifetime value to the global value.

Command Syntax set security-association lifetime [seconds|kilobytes] no set security-association lifetime [seconds|kilobytes]

Parameters seconds

Specify the number of seconds a security association will live before expiring

kilobytes

Specify the volume of traffic (in kilobytes) that can pass between IPSec peers using a given security association before that security association expires

Defaults The crypto map’s security associations are negotiated according to the global lifetimes.

Command mode Crypto map configuration mode

Example ZebOS(config)#set session-key inbound esp SPI

434

Interpeak Security Commands

set session-key Use this command in crypto map configuration mode to manually specify the IPSec session keys within a crypto map entry. This command is only available for ipsec-manual crypto map entries. Use this command to define IPSec keys for security associations via ipsec-manual crypto map entries. (In the case of ipsec-isakmp crypto map entries, the security associations with their corresponding keys are automatically established via the IKE negotiation.) If the crypto map's transform set includes an AH protocol, you must define IPSec keys for AH for both inbound and outbound traffic. If the crypto map's transform set includes an ESP encryption protocol, you must define IPSec keys for ESP encryption for both inbound and outbound traffic. If your transform set includes an ESP authentication protocol, you must define IPSec keys for ESP authentication for inbound and outbound traffic. When you define multiple IPSec session keys within a single crypto map, you can assign the same security parameter index (SPI) number to all the keys. The SPI is used to identify the security association used with the crypto map. However, not all peers have the same flexibility in SPI assignment. You should coordinate SPI assignment with your peer's operator, making certain that the same SPI is not used more than once for the same destination address/ protocol combination. Security associations established via this command do not expire (unlike security associations established via IKE). Session keys at one peer must match the session keys at the remote peer. If you change a session key, the security association using the key will be deleted and reinitialized. Use the no parameter with this command to remove IPSec session keys from a crypto map entry.

Command Syntax set session-key (inbound|outbound) [esp|ah|spi] (HEX-KEY-DATA) no set session-key (inbound|outbound) [esp|ah]

Parameters inbound

Sets the inbound IPSec session key.

outbound

Sets the outbound IPSec session key.

ah

Sets the IPSec session key for the AH protocol.

esp

Sets the IPSec session key for the ESP protocol.

spi

Specify the security parameter index (SPI), a number that is used to uniquely identify a security association.

HEX-KEY-DATA Specify the session key; enter in hexadecimal format.

Command mode Crypto map configuration mode

Usage Example ZebOS(config)#set session-key inbound esp SPI

435

Interpeak Security Commands

set transform-set Use this command in crypto map configuration mode to specify which transform sets can be used with the crypto map entry. For an ipsec-isakmp crypto map entry, you can list multiple transform sets with this command. List the higher priority transform sets first. If the local router initiates the negotiation, the transform sets are presented to the peer in the order specified in the crypto map entry. If the peer initiates the negotiation, the local router accepts the first transform set that matches one of the transform sets specified in the crypto map entry. The first matching transform set that is found at both peers is used for the security association. If no match is found, IPSec will not establish a security association. The traffic will be dropped because there is no security association to protect the traffic. For an ipsec-manual crypto map entry, you can specify only one transform set. If the transform set does not match the transform set at the remote peer's crypto map, the two peers will fail to correctly communicate because the peers are using different rules to process the traffic. If you want to change the list of transform sets, re-specify the new list of transform sets to replace the old list. This change is only applied to crypto map entries that reference this transform set. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command. Any transform sets included in a crypto map must previously have been defined using the crypto ipsec transform-set command. Use the no parameter with this command to remove all transform sets from a crypto map entry.

Command Syntax set transform-set [NAME] no set transform-set [NAME]

Parameter NAME

The name that identifies the crypto map set

Command mode Crypto map configuration mode

Example ZebOS(config)#set transform-set new

436

Interpeak Security Commands

show crypto ipsec sa Use this command to view the settings used by current security associations. All security associations are displayed if a map name is not used.

Command Syntax show crypto ipsec sa map [MAP_NAME]

Parameters MAP_NAME

Display the name that identifies the crypto map set

Command mode Exec mode

Example ZebOS#show crypto ipsec sa map new

437

Interpeak Security Commands

show crypto ipsec transform-set Use this command to view all the configured transform sets or specific transform set.

Command Syntax show crypto ipsec transform-set (NAME)

Parameter NAME

Display the transform set name.

Command mode Exec mode

Example ZebOS#show crypto ipsec transform-set new

438

Interpeak Security Commands

show crypto isakmp policy Use this command to view the parameters for each IKE policy in Exec mode.

Command Syntax show crypto isakmp policy

Parameters None

Command mode Exec mode

Example ZebOS#show crypto isakmp policy

439

Interpeak Security Commands

show crypto isakmp sa Use this command to view all current IKE security associations (SAs) at a peer in Exec mode.

Command Syntax show crypto isakmp sa

Parameters None

Command mode Exec mode

Example ZebOS#show crypto isakmp sa

440

Interpeak Security Commands

show crypto map Use this command to view the crypto map configuration.

Command Syntax show crypto-map [interface (IFNAME)]

Parameter IFNAME

Display interface name.

Command mode Exec mode

Example ZebOS#show rmon statistics

441

Interpeak Security Commands

442

CHAPTER 22

QoS Commands

This chapter provides an alphabetized reference for each of the QoS CLI commands. It includes the following commands: •

class on page 445



class-map on page 446



ip-access-list on page 447



mac-access-list on page 448



match access-group on page 449



match ip-dscp on page 450



match ip-precedence on page 451



match layer4 on page 452



match mpls exp-bit topmost on page 453



match vlan on page 454



match vlan-range on page 455



mls qos (Configure Mode) on page 456



mls qos (Interface Mode) on page 458



mls qos aggregate-police on page 460



mls qos frame-type-priority-override on page 461



mls qos map on page 462



mls qos dscp-cos on page 463



mls qos dscp-mutation on page 464



mls qos map dscp-cos on page 465



mls qos map dscp-mutation on page 466



mls qos min-reserve on page 467



mls qos strict on page 468



mls qos trust on page 469



police on page 470



police-aggregate on page 471



policy-map on page 472



service-policy on page 473



set algorithm on page 474



set cos on page 475



set drr-priority on page 476



set ip-dscp on page 477



set ip-precedence on page 478



set mpls exp-bit topmost on page 479

443

QoS Commands



set vlan-priority on page 480



show class-map on page 481



show mls qos aggregator-policer on page 482



show mls qos interface on page 483



show mls qos maps dscp-cos on page 484



show mls qos maps dscp-mutation on page 485



show policy-map on page 486



show qos-access-list on page 487



wrr-queue bandwidth on page 488



wrr-queue cos-map on page 489



wrr-queue dscp-map on page 490



wrr-queue min-reserve on page 491



wrr-queue queue-limit on page 492



wrr-queue random-detect on page 493



wrr-queue threshold on page 494

444

QoS Commands

class Use this command to define a traffic classification. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to delete an existing class-map.

Command Syntax class [NAME] no class [NAME]

Parameter NAME

Name of the class map

Command Mode Policy Map mode

Examples The following example shows creating a policy map, and defining the traffic classification.

ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1

Related Commands class-map, policy-map

445

QoS Commands

class-map Use this command to create a class map. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to delete an existing class-map.

Command Syntax class-map [NAME] no class-map [NAME]

Parameter NAME

Name of the class map.

Command Mode Configure mode

Example The following example shows creating a class map.

ZebOS#configure terminal ZebOS(config)#class-map cmap1

Related Commands class, policy-map, show class-map

446

QoS Commands

ip-access-list Use this command to create an IP access-control list (ACL) based on the source address, or create an IP extended ACL based on the source and destination address. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to delete an IP or IP extended ACL.

Command Syntax The following syntax creates an IP ACL based on the source address: ip-access-list [||||ip|deny|permit|A.B.C.D| A.B.C.D|any|host] no ip-access-list [||||ip|deny|permit| A.B.C.D|A.B.C.D|any|host]

Parameters

Range for IP standard ACL.



Range for IP extended ACL.



Expanded range for IP standard ACL.



Expanded range for IP extended ACL.

ip

Any Internet Protocol for extended ACLs.

deny

Deny certain traffic if conditions matched.

permit

Permit certain traffic if conditions matched.

A.B.C.D

Address to match.

A.B.C.D

Wildcard bits.

any

Any source host.

host

A single source host for extended ACLs.

Command Mode Configure mode

Examples The following shows allowing access only for hosts on three specified networks. Wildcard bits correspond to the network address host portions. If a host has a source address that does not match the access list statements, it is rejected.

ZebOS#configure terminal ZebOS(config)#ip-access-list 1 permit 192.5.255.0 0.0.0.255 ZebOS(config)#ip-access-list 1 permit 128.88.0.0 0.0.255.255 ZebOS(config)#ip-access-list 1 permit 36.0.0.0 0.0.0.255

447

QoS Commands

mac-access-list Use this command to create a MAC ACL. Use the no parameter with this command to delete a MAC ACL. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to delete an IP or IP extended ACL.

Command Syntax The following syntax creates an IP ACL based on the source address: mac-access-list [|deny|destination(priority)|permit|source|MAC|MASK|MAC |MASK|any (priority|)] no mac-access-list [|deny|destination (priority)|permit|source|MAC|MASK |MAC|MASK|any (priority|)]

Parameters

Expanded range for IP extended ACL.

deny

Deny certain traffic if conditions matched.

destination

Specify packets with destination MAC address.

priority

Specify priority class .

permit

Permit certain traffic if conditions matched.

source

Specify packets with source MAC address

MAC

Specify the source MAC address; in HHHH.HHHH.HHHH format.

MASK

Specify which part of the MAC address will be ignored. In hexadecimal format.

MAC

Specify the destination MAC address; in HHHH.HHHH.HHHH format.

MASK

Specify which part of the MAC address will be ignored. In hexadecimal format.

any

Replace either the source MAC MASK pair or the corresponding destination MAC MASK pair, but not both pairs.

priority

Specify priority class .



Specify packet format. For example, 1 for Ethernet II, 2 for 802.3, 8 for LLC.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mac-access-list 2002 permit 2222.2222.2222 8 any 2 ZebOS#configure terminal ZebOS(config)#mac-access-list 2002 source 2222.2222.2222 priority 2

448

QoS Commands

match access-group Use this command to define match criterion for a class map. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to disable this configuration.

Command Syntax match access-group [NAME] no match access-group [NAME]

Parameters NAME

Name of the ACL.

Command Mode Class Map mode

Examples The following example shows configuring a class map named cmap1 with 1 match criterion: access list 103, which allows traffic from any source to any destination.

ZebOS#configure terminal ZebOS(config)#ip-access-list 103 permit ip any any ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match access-group 103

Related Commands class-map

449

QoS Commands

match ip-dscp Use this command to define the list to match against incoming packets. Note:

Enable QoS globally before issuing this command (see mls qos (Configure Mode) on page 456).

Use the no parameter with this command to disable this configuration.

Command Syntax match ip-dscp no match ip-dscp

Parameter

Specify a list to match against incoming packets. Up to eight IP DSCP values separated by a space can be entered.

Command Mode Class Map mode

Example The following example shows configuring a class map named cmap1 with criterion that matches IP DSCP 56.

ZebOS#configure terminal ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match ip-dscp 56

Related Commands class-map, match vlan-range

450

QoS Commands

match ip-precedence Use this command to identify IP precedence values as match criteria. Use the no parameter with this command to remove IP precedence values from a class map.

Command Syntax match ip-precedence no match ip-precedence

Parameter

Specify the exact value from 0 to 7 used to identify a precedence value. There may be up to 8 precedence values.

Command Mode Class Map mode

Example The following example shows configuring a class-map named cmap1 to evaluate all IPv4 packets for a precedence value of 5.

ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match ip-precedence 5 6 4 3

451

QoS Commands

match layer4 Use this command to identify UDP or TCP ports as the match criteria. Use the no parameter with this command to remove the match criteria.

Command Syntax match layer4 [source-port|destination-port ] no match layer4 [source-port|destination-port ]

Parameters source-port

Source UDP or TCP port.

destination-port Destination UDP or TCP port.

Range of values for source or destination port.

Command Mode Class Map mode

Example ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match layer4 source-port 20

452

QoS Commands

match mpls exp-bit topmost Use this command to define the match criterion of the MPLS experimental bit value in the topmost label for a class map. Use the no parameter with this command to remove this criterion from a class map.

Command Syntax match mpls exp-bit topmost no match mpls exp-bit topmost

Parameter

Experimental value. Can be up to 8 values

Command Mode Class Map mode

Example The following example shows configuring a class-map named cmap1 with criterion that matches MPLS experimental bit, 0 1 2 3 4 5 6 7.

ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match mpls exp-bit topmost 0 1 2 3 4 5 6 7

453

QoS Commands

match vlan Use this command to define the VLAN ID used as match criteria to classify a traffic class. Use the no parameter with this command to disable the VLAN ID used as match criteria.

Command Syntax match vlan no match vlan

Parameter

Specify a VLAN ID.

Command Mode Class Map mode

Example The following example shows configuring a class-map named cmap1 to include traffic from VLAN 3.

ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match vlan 3

454

QoS Commands

match vlan-range Use this command to specify the range of VLANs after defining the match criterion and creating a class map when classifying traffic on a per-port-per-VLAN basis.

Command Syntax match vlan-range [|to|]

Parameters

Specify a starting VLAN ID.

to

Specify a range.



Specify an ending VLAN ID.

Command Mode Class Map mode

Examples The following example shows configuring a class map named cmap1 with criterion that matches IP DSCP 56, with a VLAN range of 20 to 30.

ZebOS#configure terminal ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match ip-dscp 56 ZebOS(config-cmap)#match vlan-range 20 to 30

Related Commands class-map, match ip-dscp

455

QoS Commands

mls qos (Configure Mode) Use this command to globally enable QoS and define queueing from the Configure Mode. Use the no parameter with this command to globally disable QoS.

Command Syntax mls qos [()|aggregate-police|cos-queue()|dscp-queue ()|enable|frame-type-priority-override|map|min-reserve() |vlan-priority-override(VLANID )|bridge |wrr-weight ] no mls qos [()|aggregate-police|cos-queue()|dscp-queue ()|enable|frame-type-priority-override|map|min-reserve() |vlan-priority-override(VLANID )|bridge |wrr-weight ]

Parameters

Specify weight for queue. Zero (0) means strict priority. Specify a priority for the queue. Specify weight for queue 2; zero (0) means Strict Priority. Enter values of at least 16 integers.

aggregate-police Specify a policer for the classified traffic (see mls qos aggregate-police on page 460). cos-queue

Specify a COS-queue.



Specify a priority for the queue.



Specify a queue ID

dscp-queue

Specify a DSCP-to-queue.



Select a DSCP value.



Specify a queue ID .

enable

Enable QoS globally.

frame-type-priority-override Specify frame type priority (see mls qos frame-type-priority-override on page 461). map

Specify QoS maps (see mls qos frame-type-priority-override on page 461).

min-reserve

Configure the buffer size of min-reserve level



Specify level ID in Fast Ethernet



Specify holding packets in Fast Ethernet

vlan-priority-override Specify a VLAN priority override. VLANID

Select VLAN ID in the range of .

bridge

Bridge group commands



Select priority.

wrr-weight

456

Specify WRR weight.



Configure the queue id



Specify a weight.

QoS Commands

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mls QoS 1 0 2 1 3 2 4 3 5 4 6 5 7 6 0 7 ZebOS#(config)#mls qos wrr-weight 1 1 ZebOS#(config)#mls qos cos-queue 1 1 ZebOS#(config)#mls qos dscp-queue 1 3 ZebOS#(config)#mls qos enable % QoS is already enabled ZebOS#(config)# ZebOS(config)#no mls QoS 1 ZebOS#(config)#no mls qos wrr-weight 1 1 ZebOS#(config)#no mls qos cos-queue 1 1 ZebOS#(config)#no mls qos dscp-queue 1 3 ZebOS#(config)#

457

QoS Commands

mls qos (Interface Mode) Use this command to globally enable QoS, and define queueing from the Interface Mode. Use the no parameter with this command to disable QoS.

Command Syntax mls qos [cos||da-priority-override(both|cos|queue)|dscp-cos (NAME)|dscpmutation(NAME)|force-trust(cos)|strict|trust(both|cos|dscp)|vlan-priorityoverride(both|cos|queue)] no mls qos [cos||da-priority-override(both|cos|queue)|dscp-cos (NAME)|dscpmutation(NAME)|force-trust(cos)|strict|trust(both|cos|dscp)|vlan-priorityoverride(both|cos|queue)]

Parameters Specify a default CoS value (see mls qos dscp-cos on page 463).

cos

Specify the CoS value.

da-priority-override Specify a destination address priority override. both

Select both CoS and Queue values

cos

Select CoS.

queue

Select Queue.

dscp-cos NAME dscp-mutation NAME force-trust cos

Specify DSCP-to-CoS (see mls qos dscp-cos on page 463). Specify a DSCP-to-CoS map name. Specify a DSCP-to-DSCP mutation (see mls qos dscp-mutation on page 464). Specify the name of DSCP-to-DSCP mutation map. Configure a port trust state. Classify ingress packets with the packet CoS values.

strict

Specify a strict queue (see mls qos strict on page 468).

trust

Configure port trust state

both

Classify ingress packets with both values.

cos

Classify ingress packets with the packet CoS values.

dscp

Classify ingress packets with the packet DSCP values

vlan-priority-override Specify a VLAN priority override. both

Select both CoS and Queue values

cos

Select CoS.

queue

Select Queue.

Command Mode Interface mode

458

QoS Commands

Examples ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#mls qos cos 7 ZebOS(config-if)#no mls qos cos ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#mls qos da-priority-override both ZebOS(config-if)#no mls qos da-priority-override both ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#mls qos dscp-cos new ZebOS(config-if)#no mls qos dscp-cos new

459

QoS Commands

mls qos aggregate-police Use this command to specify policer parameters to apply to multiple traffic classes in the same policy map. Use the no parameter with this command to delete an aggregate policer.

Command Syntax mls qos aggregate-police [NAME]|||exceed-action|drop no mls qos aggregate-police [NAME]

Parameters NAME

Name of the aggregate policer.



Average traffic rate in bits per second (kbps).



Normal burst size in kilobytes (bytes).

exceed-action

Specify the action if exceed-action

drop

Drop the packet

Command Mode Configure mode

Examples The following example designates a policer with parameters of a traffic rate of 48000 bps and a burst size of 8000 kbps.

ZebOS#configure terminal ZebOS(config)#mls qos aggregate-police transmit1 48000 8000 ZebOS(config)#no mls qos aggregate-police transmit1

Related Commands police-aggregate, show mls qos aggregate policer

460

QoS Commands

mls qos frame-type-priority-override Use this command to specify a frame type priority Use the no parameter with this command to delete the priority.

Command Syntax mls qos frame-type-priority-override (bpdu-to-cpu|from-cpu|port-etype-match|ucastmgmt-to-cpu) no mls qos frame-type-priority-override (bpdu-to-cpu|from-cpu|port-etypematch|ucast-mgmt-to-cpu)

Parameters bpdu-to-cpu

Specify BPDU-to-CPU.

from-cpu

Specify from-CPU.

port-etype-match Specify port-etype-match. ucast-mgmt-to-cpu Specify ucast-mgmt-to-cpu.

Specify a queue ID.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mls qos frame-type-priority-override bpdu-to-cpu 1 ZebOS(config)#mls qos frame-type-priority-override bpdu-to-cpu

461

QoS Commands

mls qos map Use this command to specify a qos map. Use the no parameter with this command to delete this map.

Command Syntax mls qos map [dscp-cos|dscp-mutation|NAME||] no mls qos map [dscp-cos|dscp-mutation|NAME||]

Parameters dscp-cos

Modify DSCP-to-COS map.

dscp-mutation

Modify the DSCP mutation map.

NAME

Specify map name.



Specify an incoming DSCP value.



Specify an outgoing COS value.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#mls qos map dscp-cos new 1 to 1 ZebOS(config)#no mls qos map dscp-cos new

462

QoS Commands

mls qos dscp-cos Use this command to apply a DSCP-to-CoS map to a specified interface. Use this command to create a DSCP-to-CoS map, then use the mls qos dscp-cos command to apply the map to an interface (see mls qos map dscp-cos on page 465). Use the no parameter with this command to remove a DSCP-to-CoS map from an interface.

Command Syntax mls qos dscp-cos [NAME] no mls qos dscp-cos [NAME]

Parameter NAME

Specify the DSCP-to-CoS map created using the mls qos map dscp-cos command (see mls qos map dscp-cos on page 465).

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#mls qos map dscp-cos dc1 0 8 16 24 32 40 48 50 to 0 ZebOS(config)#interface fe0 ZebOS(config-if)#mls qos dscp-cos dc1 Related Commands mls qos map dscp-cos

463

QoS Commands

mls qos dscp-mutation Use this command to specify the name of a DSCP-to-DSCP mutation map, which was specified in the mls qos map dscp-mutation command, to an ingress DSCP port (see mls qos map dscp-mutation on page 466). Use the no parameter with this command to delete a DSCP-to-DSCP mutation map.

Command Syntax mls qos dscp-mutation (DSCP_MUTATION_NAME DSCP) no mls qos dscp-mutation (DSCP_MUTATION_NAME DSCP)

Parameter DSCP_MUTATION_NAME DSCP Specify mutation map name.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#mls qos dscp-mutation mutation1 Related Commands mls qos map dscp-mutation, show mls qos maps dscp-mutation

464

QoS Commands

mls qos map dscp-cos Use this command to create a DSCP-to-CoS map. Use the no parameter with this command to remove a configured DSCP-to-CoS mapping table.

Command Syntax mls qos map dscp-cos [NAME] (|to|) no mls qos map dscp-cos [NAME]

Parameters NAME

Specify the name of DSCP-to-CoS mapping table.



Specify up to 8 DSCP values, each separated by a space.

to

Specify a range. Specify DSCP values correspond to this value

Command Mode Configure mode

Examples The following example shows mapping DSCP values 0, 8, 16, 24, 32, 40, 48, and 50 to CoS value 0.

ZebOS#configure terminal ZebOS(config)#mls qos map dscp-cos dc1 0 8 16 24 32 40 48 50 to 0 ZebOS(config)#no mls qos map dscp-cos dc1

Related Commands mls qos dscp-cos, show mls qos maps dscp-cos

465

QoS Commands

mls qos map dscp-mutation Use this command to modify the DSCP-to-DSCP mutation map. Use the no parameter with this command to return to the default map.

Command Syntax mls qos map dscp-mutation [NAME]|| no mls qos map dscp-mutation [NAME]

Parameters NAME

Specify a DSCP mutation map name.



Specify 8 DSCP values separated by spaces; range is 0-63.



Specify a single DSCP value; range is 0-63.

Command Mode Configure mode

Examples The following example shows defining a DSCP-to-DSCP mutation map.

ZebOS#configure terminal ZebOS(config)#mls qos map dscp-mutation mutation1 ZebOS(config)#mls qos map dscp-mutation mutation1 ZebOS(config)#mls qos map dscp-mutation mutation1 ZebOS(config)#mls qos map dscp-mutation mutation1 ZebOS(config)#interface fe0 ZebOS(config-if)#mls qos dscp-mutation mutation1

Related Commands show mls qos maps dscp-mutation

466

1 2 3 4 5 6 7 to 0 8 9 10 11 12 13 to 10 20 21 22 to 20 30 31 32 33 34 to 30

QoS Commands

mls qos min-reserve Use this command to specify the minimum reserve-level and buffer size on all Ethernet ports. Use the no parameter with this command to return to the default minimum reserve buffer size.

Command Syntax mls qos min-reserve | no mls qos min-reserve

Parameters

Specify a minimum-reserve level.



Specify a minimum-reserve buffer size in packets.

Default The buffer size for all minimum-reserve levels is 0 packets.

Command Mode Configure mode

Examples The following example shows configuring minimum-reserve level 4 to 21 packets.

ZebOS#configure terminal ZebOS(config)#mls qos min-reserve 4 21 The following example shows configuring minimum-reserve level 4 to 21 packets, and assigning minimum-reserve level 4 to egress queue 2 on interface, fe1. ZebOS#configure terminal ZebOS(config)#mls qos min-reserve 4 21 ZebOS(config)#interface fe1 ZebOS(config-if)#wrr-queue min-reserve 2 4

Related Commands wrr-queue min-reserve

467

QoS Commands

mls qos strict Use this command to configure a queue or queues to be strict queue. Use the no parameter with this command to return to the default value.

Command Syntax mls qos strict [queue||all|none] no mls qos strict [queue|]

Parameters queue

Specify the queue configured as a strict queue.



Specify the queue ID of the strict queue.

all

Specify all queues to be strict.

none

Specify all queues to be WRR.

Command Mode Interface mode

Example The following example shows configuring minimum-reserve level 4 to 21 packets.

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config-if)#mls qos strict queue all ZebOS(config-if)#mls qos strict queue 1

468

QoS Commands

mls qos trust Use this command to specify ingress packets with the COS (Class of Service), DSCP (Differentiated Services Code Point), or with both DSCP and CoS packet values. Use the no parameter with this command to disable this function.

Command Syntax mls qos trust [both| cos | dscp] (no) mls qos trust [both| cos | dscp]

Parameters both

Classifies ingress packets with the packet both COS and DSCP values.

cos

Classifies ingress packets with the packet COS values.

dscp

Classifies ingress packets with the packet DSCP values.

Command Mode Interface mode

Default This is disabled by default.

Example The following are examples of this command using the various parameters.

ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config)#mls qos trust both ZebOS(config-if)# ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config)#mls qos trust cos ZebOS#configure terminal ZebOS(config)#interface eth1 ZebOS(config)#mls qos trust dscp

469

QoS Commands

police Use this command to specify a policer. Use the no parameter with this command to remove an existing policer.

Command Syntax police [|||exceed-action|drop|flowcontrol|reset-flow-control-mode|available-bucket-room|cbs|full] no police [|||exceed-action|drop|flowcontrol|reset-flow-control-mode|available-bucket-room|cbs|full]

Parameters

Specify average traffic rate in bps.



Specify normal burst size in bytes.



Specify an exceed burst size in (bytes) EBS.

exceed-action

Specify dropping the packet when rates are exceeded.

drop

Drop the frame.

flow-control

Send a pause frame and pass packet.

reset-flow-control-mode Specify to generate flow control. available-bucket-room Specify when to de-assert flow control. cbs

De-assert flow when bucket has enough room.

full

De-assert flow when bucket room is full.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#police 48000 8000 exceed-action drop ZebOS(config-pmap-c)#no police 48000 8000 exceed-action drop ZebOS(config-pmap-c)# Related Commands class, policy map, show policy-map

470

QoS Commands

police-aggregate Use this command to apply an aggregate policer named in the mls qos aggregate-police command to multiple classes in the same policy map (see mls qos aggregate-police on page 460). Use the no parameter with this command to delete an aggregate policer from a policy map.

Command Syntax police-aggregate [NAME] no police-aggregate [NAME]

Parameter NAME

Specify an aggregate-policer name.

Command Mode Class mode

Examples The following example shows creating an aggregate policer, and attaching it to multiple classes within a policy map. In this example, the IP ACLs allow traffic from network 10.1.0.0 and host 11.3.1.1. The traffic rate from network 10.1.0.0 and host 11.3.1.1 is policed. If the traffic exceeds a 48000-bps average traffic rate and a 8000-byte normal burst size, it is considered out of profile, and is dropped. The policy map is attached to an ingress interface.

ZebOS#configure terminal ZebOS(config)#ip-access-list 1 permit 10.1.0.0 0.0.255.255 ZebOS(config)#ip-access-list 2 permit 11.3.1.1 ZebOS(config)#mls qos aggregate-police transmit1 48000 8000 exceed-action drop ZebOS(config)#class-map cmap1 ZebOS(config-cmap)#match access-group 1 ZebOS(config-cmap)#exit ZebOS(config)#class-map map cmap2 ZebOS(config-cmap)#match access-group 2 ZebOS(config-cmap)#exit ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#police-aggregate transmit1 ZebOS(config-pmap-c)#exit ZebOS(config-pmap)#class cmap2 ZebOS(config-pmap-c)#set ip-dscp 56 ZebOS(config-pmap-c)#police-aggregate transmit1 ZebOS(config-pmap-c)#exit ZebOS(config-pmap)#exit ZebOS(config)#interface fe0 ZebOS(config-if)#service-policy input aggflow1

Related Commands class, policy map, mls qos aggregate-police

471

QoS Commands

policy-map Use this command to create a policy map. Use the no parameter with this command to delete an existing policy map.

Command Syntax policy-map [NAME] no policy-map [NAME]

Parameter NAME

Specify a name of the policy map.

Command Mode Configure mode

Example ZebOS#configure terminal ZebOS(config)#policy-map pmap1 Related Commands class, class-map, police, show policy-map

472

QoS Commands

service-policy Use this command to apply a policy map to the input of an interface. Use the no parameter with this command to remove a policy map and interface association.

Command Syntax service-policy [input|NAME] no service-policy [input|NAME]

Parameters input

Specify an ingress service policy.

NAME

Specify a policy input name.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#service-policy input pmap1 Related Commands policy-map

473

QoS Commands

set algorithm Use this command to set an algorithm for egress scheduling. Use the no parameter with this command to remove this value.

Command Syntax set algorithm (drr|drr-strict|strict) no set algorithm

Parameters drr

Specify a deficit round-robin (DRR) algorithm.

drr-strict

Specify a strict deficit round-robin (DRR) algorithm.

strict

Specify a strict algorithm.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set cos 2 Related Commands class, policy-map, set ip-dscp, set ip-precedence

474

QoS Commands

set cos Use this command to set a CoS value to assign to classified traffic, or enable copying of priority bit (pbit) from the inner VLAN to the outer VLAN, based on policy. Use the no parameter with this command to remove a CoS value, or disable pbit copying.

Command Syntax set cos [|cos-inner] no set cos

Parameters

CoS value to assign to classified traffic.

cos-inner

Copy pbit from the inner VLAN to the outer VLAN, based on policy.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set cos 2 Related Commands class, policy-map, set ip-dscp, set ip-precedence

475

QoS Commands

set drr-priority Use this command to set a deficit round-robin (DRR) priority. Use the no parameter with this command to remove this priority.

Command Syntax set drr-priority [|quantum|] no set drr-priority [|quantum|]

Parameters

Specify a DRR Priority Value.

quantum

Specify a DRR quantum.



Specify a DRR Quantum Value.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set cos 2 ZebOS(config-pmap-c)#set drr-priority 1 quantum 1 ZebOS(config-pmap-c)#no set drr-priority Related Commands class, policy-map, set ip-dscp, set ip-precedence

476

QoS Commands

set ip-dscp Use this command to set a DSCP value to assign to classified traffic. Use the no parameter with this command to remove a DSCP value.

Command Syntax set ip-dscp no set ip-dscp

Parameter

Specify a new IP-DSCP value.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map ZebOS(config-pmap)#class ZebOS(config-pmap-c)#set ZebOS(config-pmap-c)#set

pmap1 cmap1 ip-dscp 40 ip-dscp

Related Commands class, policy-map, set cos, set ip-precedence

477

QoS Commands

set ip-precedence Use this command to set an IP-precedence value to assign to classified traffic. Use the no parameter with this command to remove an IP-precedence value.

Command Syntax set cos ip-precedence no set cos ip-precedence

Parameter

Specify a new IP precedence value.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set ip-precedence 2 ZebOS(config-pmap-c)#no set ip-precedence Related Commands class, policy-map, set ip cos, set ip dscp

478

QoS Commands

set mpls exp-bit topmost Use this command to set the MPLS experimental-bit value in the topmost label for a policy map. Set a new MPLS experimental-bit value in a packet to classify MPLS traffic. Use the no parameter with this command to remove this setting from a policy map.

Command Syntax set mpls exp-bit topmost no set mpls exp-bit topmost

Parameter

Specify an experimental value.

Command Mode Policy Map Class mode

Examples The following example shows configuring a policy map named pmap1 for class map cmap 1, and setting the MPLS experimental-bit value to 7 in a packet.

ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set mpls exp-bit topmost 7 ZebOS(config-pmap-c)#no set mpls exp-bit topmost

479

QoS Commands

set vlan-priority Use this command to set a VLAN priority for the queues Use the no parameter with this command to remove this priority.

Command Syntax set cos vlan-priority no set vlan-priority

Parameters

Specify priority for queue. Enter at lease priorities for at least seven queues.

Command Mode Class mode

Examples ZebOS#configure terminal ZebOS(config)#policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set vlan-priority 1 1 1 1 1 1 1 1 ZebOS(config-pmap-c)#no set vlan-priority Related Commands class, policy-map, set ip-dscp, set ip-precedence

480

QoS Commands

show class-map Use this command to display the QoS class maps to define the match criteria to classify traffic.

Command Syntax show class-map [NAME]

Parameter NAME

Display the name of the class map.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show class-map cmap1 CLASS-MAP-NAME: cmap1 Set IP DSCP: 56 Match IP DSCP: 7 ZebOS# Related Commands class-map

481

QoS Commands

show mls qos aggregator-policer Use this command to display the aggregate policer configuration.

Command Syntax show mls qos aggregator-policer [NAME]

Parameter NAME

Display the name of the aggregate policer.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mls qos aggregator-policer agp1 AGGREGATOR-POLICER-NAME: agp1 Police: Average rate(1 kbps), burst size(1 bytes) ZebOS# Related Commands mls qos aggregate-police

482

Exceed-action drop

QoS Commands

show mls qos interface Use this command to display queueing and scheduling information for an interface.

Command Syntax show mls qos interface [IFNAME]

Parameter IFNAME

Display the interface name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mls qos interface fe0 Schedule mode: weighted round-robin The number of egress queue: 8 Weights (priority): 0(1), 0(1), 0(1), 0(1), 0(1), 0(1), 0(1), 0(1) ZebOS#s

483

QoS Commands

show mls qos maps dscp-cos Use this command to display DSCP-to-CoS mapping information.

Command Syntax show mls qos maps dscp-cos [NAME]

Parameter NAME

Display the name of the DSCP-to-CoS map.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mls qos maps dscp-cos dc1 DSCP-TO-COS-MAP: dc1 d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------0 : 4 4 4 4 4 4 4 4 1 1 1 : 1 1 1 1 1 1 2 2 2 2 2 : 2 2 2 2 3 3 3 3 3 3 3 : 3 3 4 4 4 4 4 4 4 4 4 : 5 5 5 5 5 5 5 5 6 6 5 : 6 6 6 6 6 6 7 7 7 7 6 : 7 7 7 7

484

QoS Commands

show mls qos maps dscp-mutation Use this command to display DSCP-to-DSCP mutation mapping information.

Command Syntax show mls qos maps dscp-mutation [NAME]

Parameter NAME

Display the name of the DSCP-to-DSCP mutation map.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show mls qos maps dscp-mutation dm1 DSCP-TO-DSCP-MUTATION-MAP: dm1 d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------0 : 0 1 2 3 4 5 6 7 8 9 1 : 4 4 4 4 4 4 4 17 18 19 2 : 20 21 22 23 24 25 26 27 28 29 3 : 30 31 32 33 34 35 36 37 38 39 4 : 40 41 42 43 44 45 46 47 48 49 5 : 50 51 52 53 54 55 56 57 58 59 6 : 60 61 62 63

485

QoS Commands

show policy-map Use this command to display QoS policy map information.

Command Syntax show policy-map [NAME]

Parameter Display the name of the policy map.

NAME

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show policy-map pmap1 POLICY-MAP-NAME: pmap1 State: detached CLASS-MAP-NAME: cmap1 Set IP DSCP: 56 Match IP DSCP: 7

486

QoS Commands

show qos-access-list Use this command to display IP and MAC ACLs.

Command Syntax show qos-access-list (ACCESS-LIST) [NUMBER| WORD]

Parameters NUMBER

Display access-list number.



Display a range for IP standard ACL.



Display a range for IP extended ACL.



Display an expanded range for IP standard ACL.



Display an expanded range for IP extended ACL.

WORD

Display an access-list name.

Command Mode Exec mode and Privileged Exec mode

Example ZebOS#show qos-access-list 1 Standard IP-QOS-ACCESS-LIST: 1 permit 11.11.11.50

487

QoS Commands

wrr-queue bandwidth Use this command to specify the bandwidth ratios of the transmit queues. Use the no parameter with this command to return to the default bandwidth.

Command Syntax wrr-queue bandwidth | no wrr-queue bandwidth |

Parameters

Weighted Round Robin (WRR) weights for the seven queues (separated by spaces).



Specify Qos queue ID to disable.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue bandwidth 1 300 400 200 600 800 700 1000 ZebOS(config-if)#no wrr-queue bandwidth 1 Related Commands wrr-queue, queue-limit

488

QoS Commands

wrr-queue cos-map Use this command to specify CoS values for a queue. A maximum of eight CoS values can be used to create the CoS map. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue cos-map no wrr-queue cos-map

Parameters

Specify a CoS values. Up to nine values (separated by spaces).

Command Mode Configure mode

Example The following example shows mapping CoS values 0 and 1 to queue 1.

ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue cos-map 1 0 1

489

QoS Commands

wrr-queue dscp-map Use this command to map the DSCP values to the Weighted Random Early Detection (WRED) thresholds of an egress queue. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue dscp-map | no wrr-queue dscp-map

Parameters

Specify a queue threshold ID.



Specify a DSCP values mapped to a threshold ID; each value separated by one space. A maximum of 8 DSCP values can be entered per command.

Command Mode Configure mode

Examples The following example shows mapping DSCP values 0 to 9 to threshold 1, and DSCP values 10 to 14 to threshold 2.

ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue dscp-map 1 0 1 2 3 4 5 6 7 ZebOS(config-if)#wrr-queue dscp-map 1 8 9 ZebOS(config-if)#wrr-queue dscp-map 2 10 11 12 13 14

Related Commands show mls qos interface, wrr-queue cos-map, wrr-queue threshold

490

QoS Commands

wrr-queue min-reserve Use this command to configure the buffer size of the minimum-reserve level for a specific queue. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue min-reserve | no wrr-queue

Parameters

Specify a queue ID.



Specify a minimum reserve level.

Command Mode Configure mode

Example The following example shows assigning a minimum reserve level of 5 to egress queue 1 on fe0.

ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue min-reserve 1 5

491

QoS Commands

wrr-queue queue-limit Use this command to configure the egress queue size ratios. Ratio should total 100 percent. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue queue-limit no wrr-queue queue-limit

Parameter

Queue weight ratio for up to seven queues.

Command Mode Configure mode

Example The following example shows configuring a 75:25 ratio for queues 1 and 2, respectively.

ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue queue-limit 5 25 1 1 1 1 1 1 ZebOS(config-if)#no wrr-queue queue-limit 5

492

QoS Commands

wrr-queue random-detect Use this command to configure the WRED drop threshold percentages for an egress queue. WRED values are a percentage of queue capacity. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue random-detect [max-threshold ||] no wrr-queue random-detect

Parameters

Specify a queue ID.



Specify a low WRED value, which is the number of weights in percent for threshold 1.



Specify a high WRED value, which is the number of weights in percent for threshold 2.

Command Mode Configure mode

Examples The following example shows configuring threshold percentage weights of 60 and 100 on queue 1.

ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue random-detect max-threshold 1 60 100 ZebOS(config-if)#no wrr-queue random-detect max-threshold 1

Related Commands wrr-queue random-detect max-threshold, wrr-queue queue-limit

493

QoS Commands

wrr-queue threshold Use this command to configure the tail-drop threshold percentages for a queue. Use the no parameter with this command to return to the default setting.

Command Syntax wrr-queue threshold || no wrr-queue threshold

Parameters

Specify a queue ID.



Specify a number of weights in percent for threshold 1.



Specify a number of weights in percent for threshold 2.

Command Mode Configure mode

Examples ZebOS#configure terminal ZebOS(config)#interface fe0 ZebOS(config-if)#wrr-queue threshold 1 60 100 ZebOS(config-if)#no wrr-queue threshold 1 Related Commands wrr-queue queue-limit

494

CHAPTER 23

NSM Firewall Commands

This chapter contains all NSM Firewall-related commands in alphabetical order. It includes the following commands: •

access-list ipv6 on page 496



access-list on page 497



firewall group on page 498



firewall group on page 499



show firewall rule on page 500

495

NSM Firewall Commands

access-list ipv6 Use this command to specify the ZebOS IPv6 extended access-list to be used for the rules for the specified firewall group. Use the no form of this command to disassociate the IPv6 access list from the group.

Command Syntax access-list ipv6 [NAME] no access-list ipv6 [NAME]

Parameters NAME

ZebOS IPv6 extended access-list name

Command Mode Firewall mode

Example ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#access-list AT

496

NSM Firewall Commands

access-list Use this command to specify the ZebOS extended access-list to be used for the rules for the specified firewall group. The rules in the specified access-list are used by the firewall module to configure the firewall rules at the kernel level. If a group is already applied to an interface, or applied globally, associating another access-list to the group adds the new access-list rules to the existing group, and in turn, directly updates the kernel rules. Disassociating an access list from a configured group results in deletion of the access-list rules from the kernel. Use the no form of this command to disassociate the access list from the group.

Command Syntax access-list [NAME] no access-list [NAME]

Parameter NAME

ZebOS extended access-list name.

Command Mode Firewall mode

Example ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#access-list AT

497

NSM Firewall Commands

firewall group Use this command to enter Firewall mode to configure or to reconfigure parameters of a firewall group. To configure a firewall group, use this command to create a firewall group with the specified number, then use the access-list command to specify the list containing the rules. The no keyword negates the group (deletes the rule if the rule is not already applied). To negate a group if the rules are already applied, use the no access-list command to negate the rules, then use the no firewall group command to negate the group. Use the no form of this command to negate a firewall group.

Command Syntax firewall group no firewall group

Parameter

Group number

Command Mode Configure mode

Example The following example shows specifying a firewall group.

ZebOS#configure terminal ZebOS(config)#firewall group 1 The following example shows configuring incoming traffic on firewall group 1, globally, to use the rule list, AT. ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#access-list AT ZebOS(config-ipfirewall)#exit ZebOS(config)#firewall enable group 1 in The following example shows deleting firewall group 1, globally, with rules already applied. ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#no access-list AT ZebOS(config-ipfirewall)#exit ZebOS(config)#no firewall group 1 ZebOS(config)#firewall disable group 1

498

NSM Firewall Commands

firewall group Use this command to apply the rules of a group to a particular interface. The in and out keywords specify whether to apply the rules on incoming or outgoing traffic. Use the no form of this command to negate a firewall group on a particular interface.

Command Syntax firewall group [ in|out] no firewall group [ in|out]

Parameters

Group number.

in

Incoming traffic.

out

Outgoing traffic.

Command Mode Interface mode

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#firewall group 1 in

499

NSM Firewall Commands

show firewall rule Use this command to display all firewall rules configured at the kernel level.

Command Syntax show firewall rule

Parameters None

Command Mode Exec modes

Example ZebOS#show firewall rule AF_INET @1 pass in log on eth0 proto icmp from 2.2.2.2/24 to 4.4.4.4/24 icmp_type 13group 1

500

CHAPTER 24

NSM Broadcom Stacking Commands

This chapter contains all Broadcom Stacking-related commands in alphabetical order. It includes the following commands: •

show stacking db all on page 502



show stacking dump db on page 503



show stacking local on page 504



show stacking master on page 505



show stacking numCPU on page 506



stacking masterdev on page 507

Note:

All show commands in this chapter work properly only when stacking is enabled in the SDK.

501

NSM Broadcom Stacking Commands

show stacking db all Use this command to display the CPU key (MAC address) of each CPU in the hardware stack.

Command Syntax show stacking db (all)

Parameter all

Display all information

Command Mode Exec and Privileged Exec mode

Example ZebOS#show stacking db -------------------------------------------STACKING DATABASE -------------------------------------------Total Number of CPU's = 2 MAC ADDRESSES (KEY) 12:34:23:45:34:56 ab:34:23:45:34:56 Related Commands show stacking db

502

NSM Broadcom Stacking Commands

show stacking dump db Use this command to display detailed information about each CPU in the hardware stack.

Command Syntax show stacking dump db

Parameters None

Command Mode Exec and Privileged Exec mode

Example ZebOS#show stacking dump db -------------------------------------------DETAILED STACKING DATABASE -------------------------------------------Total Number of CPU's = 1 Master CPU : 12:34:23:45:34:56 Local CPU : 12:34:23:45:34:56 MASTER: Total number of ports = 53 LOCAL : Total number of ports = 53 SYSTEM[1] KEY: 12:34:23:45:34:56 Num of units: 1 Master Pri: 0 StackPort[1]-> Unit: 0 Port: 23 Weight: 10000 Flags: 0 Info: Related Commands show stacking db

503

NSM Broadcom Stacking Commands

show stacking local Use this command to display the MAC address (CPU key) of the local CPU.

Command Syntax show stacking local

Parameters None

Command Mode Exec and Privileged Exec mode

Example ZebOS#show stacking local Local CPU: 12:34:23:45:34:56 Related Commands show stacking master

504

NSM Broadcom Stacking Commands

show stacking master Use this command to display the MAC address (CPU key) of the master CPU.

Command Syntax show stacking master

Parameters None

Command Mode Exec and Privileged Exec mode

Example ZebOS#show stacking master Local CPU: 12:34:23:45:34:56 Related Commands show stacking local, stacking masterdev

505

NSM Broadcom Stacking Commands

show stacking numCPU Use this command to display the number of CPUs in the hardware stack.

Command Syntax show stacking numCPU

Parameters None

Command Mode Exec and Privileged Exec mode

Example ZebOS#show stacking numCPU Number of CPU entries in the system 1 Related Commands stacking masterdev, show stacking local, show stacking master

506

NSM Broadcom Stacking Commands

stacking masterdev Use this command to set the MAC address of the master device in the stacking system.

Command Syntax stacking masterdev [MAC_ADDRESS]

Parameter MAC_ADDRESS

MAC (hardware) address of the CPU in HHHH.HHHH.HHHH format.

Command Mode Configure mode

Example ZebOS#Configure terminal ZebOS(config)#stacking masterdev 1234.2345.3456 CPU has been made the master CPU Related Commands show stacking local, show stacking master

507

NSM Broadcom Stacking Commands

508

CHAPTER 25

NSM Broadcom Tunneling

The commands in this chapter are used to support IP-in-IP tunneling on Broadcom.

tunnel dmac Use this command to set a destination MAC address for tunneled packets. Use the no option with this command to remove the destination MAC address.

Command Syntax (no) tunnel dmac HHHH.HHHH.HHHH HHHH.HHHH.HHHH. Destination address in MAC format

Command Mode Interface mode

Default If a specific MAC address is not set with this command, all tunneled packets are sent with a destination address of 0.

Examples broadcom(config)# interface tunnel 7 broadcom(config-if)# dmac 1213.2322.1231

509

NSM Broadcom Tunneling

510

Index

Symbols , meaning in command syntax notation 3 , meaning in command syntax notation 3 (), meaning in command syntax notation 3 |, meaning in command syntax notation 3

A abbreviated commands 2 access-class 16 access-list 17, 497 extended 18 see ZebOS NSM Command Reference standard 19 access-list ipv6 496 access-list zebos 20 add a vrf entry 198 admin-group 113, 242 angle brackets, meaning in command syntax notation 3 arp A.B.C.D MAC 114 authentication 428

B bandwidth 115 bandwidth-constraint 368 banner 22 banner motd see ZebOS NSM Command Reference bc-mode 369 begin 5 binding interface 256 braces, meaning in command syntax notation 3 Broadcom Stacking Commands show stacking db 502 show stacking dump db 503 show stacking local 504 show stacking master 505 show stacking numCPU 506 stacking masterdev 507 Broadcom tunneling commands tunnel dmac 509

C channel-group mode 376 class 445 class-map 446 clear crypto isakmp 413 clear crypto sa 414 clear crypto sa entry 415

clear crypto sa map 416 clear crypto sa peer 417 clear ip igmp 267, 270 clear ip igmp groups 268 clear ip igmp interface 269 clear ip mroute 338 clear ip mroute statistics 339 clear ip prefix-list 23 see ZebOS NSM Command Reference clear ip route kernel 116 clear ipv6 mld 308 clear ipv6 mld groups 309 clear ipv6 mld interface 310 clear ipv6 mroute 340 clear ipv6 mroute statistics 341 clear ipv6 neighbors 117 command abbreviation 2 command abbreviations 2 command completion 2 command description format 4 command line errors 2 command line help 1 command line interface syntax 2 command negation 4 command reference primer typographic conventions 3 commands common to multiple protocols 13 Commands Common to Protocols access-class 16 access-list 17 access-list extended 18 access-list standard 19 access-list zebos 20 banner 22 clear ip prefix-list 23 configure terminal 24 copy running-config startup-config 25 description 26 disable 27 enable 28 enable password 29 end 30 exec-timeout 31 exit 32 help 33 hostname 34 ip prefix-list 36 ip remote-address 37 ip unnumbered 38 ipv6 access-class 39 ipv6 access-list 40 ipv6 access-list zebos 41

Index - 1

Index

ipv6 prefix-list 43 ipv6 unnumbered 44 line vty 45 log file 46 log record-priority 47 log stdout 48 log syslog 49 log trap 50 login 51 match as-path 52 match community 53, 54 match interface 55 match ip address 56 match ip address prefix-list 57 match ip next-hop 58 match ip next-hop prefix-list 59 match ipv6 address 60 match ipv6 address prefix-list 61 match ipv6 next-hop 62 match metric 63 match origin 64 match route-type 65 match tag 66 password 67 route-map 68 service advanced-vty 69 service password-encryption 70 service terminal-length 71 set aggregator 72 set as-path 73 set atomic-aggregate 74 set comm-list delete 75 set community 76 set dampening 77 set extcommunity 78 set ip next-hop 79 set ipv6 next-hop 80 set level 81 set metric 83 set metric-type 84 set origin 85 set originator-id 86 set tag 87 set vpnv4 next-hop 88 set weight 89 show access-list 90 show cli 91 show history 92 show ip prefix-list 93 show list 94 show memory all 95 show memory free 97 show memory lib 98 show memory summary 99 show route-map 100 show running-config 101 show startup-config 102 show version 103 terminal length 104

Index - 2

terminal monitor 105 who 106 write terminal 109 common commands 13 see ZebOS NSM Command Reference access-list banner motd clear ip prefix-list configure terminal copy running-config startup-config disable enable enable password end exit help hostname ip prefix-list ipv6 access-list ipv6 prefix-list line-vty list log file log record-priority log sysout log trap login quit route-map service advanced-vty service password-encryption service terminal-length set aggregator show access-list show cli show history show ip prefix-list show list show route-map show running-config show startup-config show version terminal length terminal monitor write file write memory write terminal configure terminal 24 see ZebOS NSM Command Reference Configure, command mode definition 6 control-adjacency 228 control-channel 228 copy running-config start-config 25 copy running-config startup-config see ZebOS NSM Command Reference crypto ipsec security-association lifetime 418

Index

crypto ipsec transform-set 419 crypto isakmp enable 420 crypto isakmp keepalive 421 crypto isakmp key 422 crypto isakmp policy 423 crypto map 437 crypto map local-address 426

D data-link 241 Debug Commands debug igmp 271 debug mld 311 debug nsm events 119, 120 packet 121 no debug nsm events 150 undebug nsm all 166 undebug nsm packet 167 debug igmp 271 debug mld 311 debug nsm 118 events 119, 120 packet 121 debug nsm mcast 342 description 26 CA mode 263 CC mode 258 TE link mode 242 DiffServ Commands mpls class-to-exp-bit 360 mpls support-diffserv-class 361 show mpls diffserv 362 show mpls diffserv class-to-exp 363 show mpls diffserv configurable-dscp 364 show mpls diffserv supported-dscp 365 disable 27 see ZebOS NSM Command Reference display LSPs originating from router 202

E enable 28 see ZebOS NSM Command Reference enable password 29 see ZebOS NSM Command Reference encryption 428 end 30 see ZebOS NSM Command Reference equal sign, meaning in command syntax notation 3 Exec, command mode definition 6 exec-timeout 31 exit 32 see ZebOS NSM Command Reference extended access-list 18

F fib retain 123 Firewall Commands access-list 497 access-list ipv6 496 firewall group 498 firewall group in|out 499 show firewall rule 500 firewall group 498 firewall group in|out 499

G GMPLS Commands admin-group 242 binding interface 256 control-adjacency 228 control-channel 228 data-link 241 description CC mode 258 description TE link mode 242 description-CA mode 263 gmpls encoding-type 229 gmpls interface-type 230 gmpls link-id 231 gmpls max-lsp-size 234 gmpls min-lsp-bandwidth 233 gmpls protection-type 235 gmpls risk-group 237 gmpls sdh-indication 238 remote-interface-id 236 remote-link-id 246 risk-group 247 show bi-lsp 248 show control-adjacency 264 show running-config control-channel 249 show te-link 249 shutdown 250 shutdown-CC mode 260 te-link 251, 252, 253 GMPLS Commands In Support of NSM 239, 255, 261 GMPLS Commands in Support of NSM 239, 255, 261 gmpls encoding-type 229 gmpls interface-type 230 gmpls link-id 231 gmpls max-lsp-size 234 gmpls min-lsp-bandwidth 233 gmpls protection-type 235 gmpls risk-group 237 gmpls sdh-indication 238 group 428

H hash 429 help 33 see ZebOS NSM Command Reference hostname 34

Index - 3

Index

see ZebOS NSM Command Reference

I if-arbiter 124 IGMP Commands clear ip igmp 267, 270 clear ip igmp groups 268 clear ip igmp interface 269 debug igmp 271 ip igmp 272 ip igmp access-group 126, 273 ip igmp immediate-leave 274 ip igmp last-member-query-count 276 ip igmp last-member-query-interval 277 ip igmp limit 278 ip igmp mroute-proxy 279 ip igmp proxy-service 281, 282 ip igmp querier-timeout 283 ip igmp query-interval 284 ip igmp query-max-response-time 285, 286 ip igmp robustness-variable 287 ip igmp snooping fast-leave 290 ip igmp snooping mrouter 291 ip igmp snooping querier 292 ip igmp snooping report-suppression 293 ip igmp ssm-map enable 294 ip igmp ssm-map static 295 ip igmp static-group 298 ip igmp version 299, 300 show debugging igmp 301 show ip igmp groups 302 show ip igmp interface 303 show ip igmp snooping mrouter 305 show ip igmp snooping statistics 306 interface 125 interface tunnel 393 Interface, command mode definition 6 Interpeak Security Commands 411 authentication 428 clear crypto isakmp 413 clear crypto sa 414 clear crypto sa entry 415 clear crypto sa map 416 clear crypto sa peer 417 crypto ipsec security-association lifetime 418 crypto ipsec transform-set 419 crypto isakmp enable 420 crypto isakmp keepalive 421 crypto isakmp key 422 crypto isakmp policy 423 crypto map 437 crypto map local-address 426 encryption 428 group 428 hash 429 lifetime 430 match address 431 mode 432

Index - 4

set peer 433 set security-association lifetime 434 set session-key 435 set transform-set 436 show crypto ipsec sa 437 show crypto ipsec transform-set 438 show crypto isakmp policy 439 show crypto isakmp sa 440 show crypto map 441 ip address 127 ip forwarding 128 ip igmp 272 ip igmp access-group 126, 273 ip igmp immediate-leave 274 ip igmp last-member-query-count 276 ip igmp last-member-query-interval 277 ip igmp limit 278 ip igmp mroute-proxy 279 ip igmp proxy-service 281, 282 ip igmp querier-timeout 283 ip igmp query-interval 284 ip igmp query-max-response-time 285, 286 ip igmp robustness-variable 287 ip igmp snooping fast-leave 290 ip igmp snooping mrouter 291 ip igmp snooping querier 292 ip igmp snooping report-suppression 293 ip igmp ssm-map enable 294 ip igmp ssm-map static 295 ip igmp static-group 298 ip igmp version 299, 300 ip mroute 343 ip multicast route-limit command 344 ip multicast ttl-threshold 345 ip multicast-routing 346 ip prefix-list 36 see ZebOS NSM Command Reference ip proxy-arp 129 ip remote-address 37 ip route 130 ip route vrf 170 ip unnumbered 38 ip vrf 171 ip vrf forwarding 172 ip-access-list 447 ipv6 access-class 39 ipv6 access-list 40 see ZebOS NSM Command Reference ipv6 access-list zebos 41 ipv6 address 131 ipv6 forwarding 132 ipv6 mld 312 ipv6 mld access-group 313 ipv6 mld immediate-leave 314 ipv6 mld last-member-query-count 315 ipv6 mld last-member-query-interval 316 ipv6 mld limit 317 ipv6 mld mroute-proxy 318 ipv6 mld proxy-service 319

Index

ipv6 mld querier-timeout 320 ipv6 mld query-interval 321 ipv6 mld query-max-response-time 322 ipv6 mld robustness-variable 323 ipv6 mld snooping 324 ipv6 mld snooping fast-leave 325 ipv6 mld snooping mrouter 326 ipv6 mld snooping querier 327 ipv6 mld snooping report-suppression 328 ipv6 mld ssm-map enable 329 ipv6 mld ssm-map static 330 ipv6 mld static-group 331 ipv6 mld version 332 ipv6 mroute 347 ipv6 multicast route-limit 348 ipv6 multicast-routing 349 ipv6 nd current-hoplimit 133 ipv6 nd link-mtu 134 ipv6 nd managed-config-flag 135 ipv6 nd other-config-flag 137 ipv6 nd prefix 138 ipv6 nd ra-interval 139 ipv6 nd ra-lifetime 140 ipv6 nd reachable-time 141 ipv6 nd retransmission-time 142 ipv6 nd suppress-ra 143 ipv6 neighbor 144 ipv6 prefix-list 43 see ZebOS NSM Command Reference ipv6 route 145 ipv6 unnumbered 44

L label-switching 177 LACP Commands channel-group mode 376 show etherchannel 377 static-channel-group 380 LACP commands port-channel load-balance 377 lifetime 430 line vty 45 Line, command mode definition 6 LINE, meaning in command syntax notation 3 line-vty see ZebOS NSM Command Reference list see ZebOS NSM Command Reference log file 46 see ZebOS NSM Command Reference log record-priority 47 see ZebOS NSM Command Reference log stdout 48 log syslog 49 log sysout see ZebOS NSM Command Reference log trap 50 see ZebOS NSM Command Reference

login 51 see ZebOS NSM Command Reference lowercase, meaning in command syntax notation 3

M mac-access-list 448 match access-group 449 match address 431 Match and Set Commands match as-path 52 match community 53, 54 match interface 55 match ip address 56 match ip address prefix-list 57 match ip next-hop 58 match ip next-hop prefix-list 59 match ipv6 address 60 match ipv6 address prefix-list 61 match ipv6 next-hop 62 match metric 63 match origin 64 match route-type 65 match tag 66 set aggregator 72 set as-path 73 set atomic-aggregate 74 set comm-list delete 75 set community 76 set dampening 77 set extcommunity 78 set ip next-hop 79 set ipv6 next-hop 80 set level 81 set metric 83 set metric-type 84 set origin 85 set originator-id 86 set tag 87 set vpnv4 next-hop 88 set weight 89 match as-path 52 match command origin 64 match community 53, 54 match interface 55 match ip address 56 match ip address prefix-list 57 match ip next-hop 58 match ip next-hop prefix-list 59 match ip-dscp 450 match ip-precedence 451 match ipv6 address 60 match ipv6 address prefix-list 61 match ipv6 next-hop 62 match layer4 452 match metric 63 match mpls exp-bit topmost 453 match origin 64

Index - 5

Index

match route-type 65 match tag 66 match vlan 454 match vlan-range 455 maximum-paths 146 MLD Commands clear ipv6 mld 308 clear ipv6 mld groups 309 clear ipv6 mld interface 310 debug mld 311 ipv6 mld 312 ipv6 mld access-group 313 ipv6 mld immediate-leave 314 ipv6 mld last-member-query-count 315 ipv6 mld last-member-query-interval 316 ipv6 mld limit 317 ipv6 mld mroute-proxy 318 ipv6 mld proxy-service 319 ipv6 mld querier-timeout 320 ipv6 mld query-interval 321 ipv6 mld query-max-response-time 322 ipv6 mld robustness-variable 323 ipv6 mld snooping 324 ipv6 mld snooping fast-leave 325 ipv6 mld snooping mrouter 326 ipv6 mld snooping querier 327 ipv6 mld snooping report-suppression 328 ipv6 mld ssm-map enable 329 ipv6 mld ssm-map static 330 ipv6 mld static-group 331 ipv6 mld version 332 show ipv6 mld groups 333 show ipv6 mld interface 334 show ipv6 mld snooping mrouter 335 show ipv6 mld snooping statistics 336 mls qos 456, 458 mls qos aggregate-police 460, 461, 462 mls qos dscp-cos 463 mls qos dscp-mutation 464 mls qos map dscp-cos 465 mls qos map dscp-mutation 466 mls qos min-reserve 467, 468, 469 mode 432 monospaced font, meaning in command syntax notation 3 mpls admin-groups 178 mpls class-to-exp-bit 360 mpls class-type 370 MPLS commands ilm-entry 183 mpls disable-all-interfaces 179 mpls egress-ttl 180 mpls enable-all-interfaces 181 mpls ftn-entry 182 mpls ilm-entry 183 mpls ingress-ttl 184 mpls l2-circuit (No Group Name) 185 mpls l2-circuit-fib-entry 187 mpls l2-circuit-ilm-entry 189

Index - 6

mpls local-packet-handling 190 mpls lsp-model pipe 192 mpls lsp-tunneling 193 mpls map-route 194 mpls max-label-value 195 mpls min-label-value 196 mpls propagate-ttl 197 mpls support-diffserv-class 361 mpls te-class 371 mpls vpls 382 mpls vrf-entry 198 mpls-l2-circuit 186 mpls-vpls 383 mtu 147 multicast 148 Multicast Commands clear ip mroute 338 clear ip mroute statistics 339 clear ipv6 mroute 340 clear ipv6 mroute statistics 341 debug nsm mcast 342 ip mroute 343 ip multicast route-limit 344 ip multicast ttl-threshold 345 ip multicast-routing 346 ipv6 mroute 347 ipv6 multicast route-limit 348 ipv6 multicast-routing 349 multicast 148 show ip mroute 350 show ip mvif 352 show ip rpf 353 show ipv6 mif 354 show ipv6 mroute 355 show ipv6 rpf 356 multicast routing 346, 349

N no debug nsm events 150 no parameter, action of 4 NSM Broadcom Tunneling 509 NSM DiffServ-TE Commands bandwidth-constraint 368 bc-mode 369 mpls class-type 370 mpls te-class 371 show mpls dste 372 show mpls dste class-type 373 show mpls dste te-class 374 NSM MPLS Commands 213 NSM VPLS Commands mpls vpls 382 mpls-vpls 383 show mpls vpls 384 vpls fib-entry 387 vpls-description 386 vpls-mtu 388 vpls-peer 389

Index

vpls-vc 390

O other conventions 5

P parameter expansion 4 parenthesis not part of command 3 password 67 ping mpls ipv4 214 ping mpls l2-circuit 215 ping mpls l3vpn 216 ping mpls ldp 217 ping mpls rsvp 218 ping mpls vpls 219 police 470 police-aggregate 471 policy-map 472 port-channel load-balance 377 prefix-list 36 Privileged Exec, command mode definition 6

Q QoS commands class 445 class-map 446 ip-access-list 447 mac-access-list 448 match access-group 449 match ip-dscp 450 match ip-precedence 451 match layer4 452 match mpls exp-bit topmost 453 match vlan 454 match vlan-range 455 mls qos 456, 458 mls qos aggregate-police 460, 461, 462 mls qos dscp-cos 463 mls qos map dscp-cos 465 mls qos map dscp-mutation 466 mls qos min-reserve 467, 468, 469 mos qos dscp-mutation 464 police 470 police-aggregate 471 policy-map 472 service-policy input 473 set cos 475 set ip-dscp 477 set ip-precedence 478 set mpls exp-bit topmost 479 show class-map 481 show mls qos aggregator-policer 482 show mls qos interface 483 show mls qos maps dscp-cos 484 show mls qos maps dscp-mutation 485 show policy-map 486

show qos-access-list 487 wrr-queue bandwidth 488 wrr-queue cos-map 489 wrr-queue dscp-map 490 wrr-queue min-reserve 491 wrr-queue queue-limit 492 wrr-queue random-detect max-threshold 493 wrr-queue threshold 494 quit see ZebOS NSM Command Reference

R remote-interface-id 236 remote-link-id 246 reservable-bandwidth 358 risk-group 247 rmon alarm 402 rmon collection history 403 rmon collection stats 404 RMON Commands 401 rmon alarm 402 rmon collection history 403 rmon collection stats 404 rmon event 405 show rmon alarm 406 show rmon event 407 show rmon history 408 show rmon statistics 409 rmon event 405 route-map 68 see ZebOS NSM Command Reference Router Advertised Commands iipv6 nd current-hoplimit 133 iipv6 nd link-mtu 134 ipv6 nd managed-config-flag 135 ipv6 nd other-config-flag 137 ipv6 nd prefix 138 ipv6 nd ra-interval 139 ipv6 nd ra-lifetime 140 ipv6 nd reachable-time 141 ipv6 nd retransmission time 142 ipv6 nd suppress-ra 143

S Security Commands crypto map ipsec-manual 424 service advanced-vty 69 see ZebOS NSM Command Reference service password-encryption 70 see ZebOS NSM Command Reference service terminal-length 71 see ZebOS NSM Command Reference service-policy input 473 set aggregator 72 see ZebOS NSM Command Reference set as-path 73 set atomic-aggregate 74

Index - 7

Index

set comm-list delete 75 set community 76 set cos 475 set dampening 77 set extcommunity 78 set ip next-hop 79 set ip-dscp 477 set ip-precedence 478 set ipv6 next-hop 80 set level 81 set metric 83 set metric-type 84 set mpls exp-bit topmost 479 set origin 85 set originator-id 86 set peer 433 set security-association lifetime 434 set session-key 435 set tag 87 set transform-set 436 set vpnv4 next-hop 88 set weight 89 Shared Risk Link Group 237 show history 92 show access-list 90 see ZebOS NSM Command Reference show bi-lsp 248 show class-map 481 show cli 91 see ZebOS NSM Command Reference show command options 5 exclude 5 include 6 redirect 6 show command tokens 5 output modifiers 5 show control-adjacency 264 show crypto ipsec sa 437 show crypto ipsec transform-set 438 show crypto isakmp policy 439 show crypto isakmp sa 440 show crypto map 441 show debugging igmp 301 show debugging nsm 150 show etherchannel 377 show firewall rule 500 show history see ZebOS NSM Command Reference show interface 151 show ip access-list 152 show ip forwarding 153 show ip igmp groups 302 show ip igmp interface 303 show ip igmp snooping mrouter 305 show ip igmp snooping statistics 306 show ip interface brief 154 show ip mroute 350 show ip mvif 352

Index - 8

show ip prefix-list 93 see ZebOS NSM Command Reference show ip route 155 show ip route database 157 show ip route vrf 173 show ip vrf 174 show ipv6 forwarding 158 show ipv6 interface brief 159 show ipv6 mif 354 show ipv6 mld groups 333 show ipv6 mld interface 334 show ipv6 mld snooping mrouter 335 show ipv6 mld snooping statistics 336 show ipv6 mroute 355 show ipv6 neighbors 160 show ipv6 route 161 show ipv6 rpf 356 show list 94 see ZebOS NSM Command Reference show memory all 95 show memory free 97 show memory lib 98 show memory summary 99 show mls qos aggregator-policer 482 show mls qos interface 483 show mls qos maps dscp-cos 484 show mls qos maps dscp-mutation 485 show mpls 199 show mpls admin-groups 200 show mpls cross-connect-table 201 show mpls diffserv 362 show mpls diffserv class-to-exp 363 show mpls diffserv configurable-dscp 364 show mpls diffserv supported-dscp 365 show mpls dste 372 show mpls dste class-type 373 show mpls dste te-class 374 show mpls forwarding-table 202 show mpls ftn-table 203 show mpls ilm-table 204 show mpls in-segment-table 205 show mpls l2-circuit 206 show mpls l2-circuit-group 207 show mpls log 208 show mpls mapped-routes 209 show mpls out-segment-table 210 show mpls vc-table 211 show mpls vpls 384 show mpls vrf-table 212 show nsm client 163 show policy-map 486 show qos-access-list 487 show rmon alarm 406 show rmon event 407 show rmon history 408 show rmon statistics 409 show route-map 100 see ZebOS NSM Command Reference

Index

show router-id 164 show running-config 101 see ZebOS NSM Command Reference show running-config control-channel 249 show stacking db 502 show stacking dump db 503 show stacking local 504 show stacking master 505 show stacking numCPU 506 show startup-config 102 see ZebOS NSM Command Reference show te-link 249 show version 103 see ZebOS NSM Command Reference shutdown 165, 250 shutdown-CC mode 260 square brackets, meaning in command syntax notation 3 stacking masterdev 507 standard access-list 19 static-channel-group 380 syntax help command abbreviations 2 command completion 2 command line errors 2

T te-link 251, 252, 253 terminal length 104 see ZebOS NSM Command Reference terminal monitor 105 see ZebOS NSM Command Reference trace mpls ipv4 220 trace mpls l2-circuit 221 trace mpls l3vpn 222 trace mpls ldp 223 trace mpls rsvp 224 trace mpls vpls 225 tunnel checksum 394 tunnel destination 395 tunnel dmac 509 tunnel mode 396 tunnel path-mtu-discovery 397 tunnel source 398 tunnel tos 399 tunnel ttl 400 Tunneling Commands 391 interface tunnel 393 tunnel checksum 394 tunnel destination 395 tunnel mode 396 tunnel path-mtu-discovery 397 tunnel source 398 tunnel tos 399 tunnel ttl 400 typographic conventions 3

U undebug nsm all 166 undebug nsm packet 167 UPPERCASE, meaning in command syntax notation 3

V variable parameter expansion 4 VC Commands mpls l2-circuit-ilm-entry 189 mpls-l2-circuit 186 ping mpls l2-circuit 215 show mpls l2-circuit 206 show mpls l2-circuit-group 207 show mpls vc-table 211 trace mpls l2-circuit 221 vertical bar 3 vpls fib-entry 387 vpls-description 386 vpls-mtu 388 vpls-peer 389 vpls-vc 390 VPN Commands ip route vrf 170 ip vrf 171 ip vrf forwarding 172 show ip route vrf 173 show ip vrf 174

W who 106 WORD, meaning in command syntax notation 3 write file see ZebOS NSM Command Reference write memory see ZebOS NSM Command Reference write terminal 109 see ZebOS NSM Command Reference wrr-queue bandwidth 488 wrr-queue cos-map 489 wrr-queue dscp-map 490 wrr-queue min-reserve 491 wrr-queue queue-limit 492 wrr-queue random-detect max-threshold 493 wrr-queue threshold 494

Z ZebOS MPLS Commands egress-ttl 180 ftn-entry 182 ilm-entry 183 ingress-ttl 184 l2-circuit-ilm-entry 189 label-switching 177 local-packet-handling 190 lsp-tunneling 193

Index - 9

Index

map-route 194 max-label-value 195 min-label-value 196 mpls admin-groups 178 mpls disable-all-interfaces 179 mpls enable-all-interfaces 181 mpls l2-circuit (No Group Name) 185 mpls l2-circuit-fib-entry 187 mpls lsp-model pipe 192 mpls propagate-ttl 197 mpls-l2-circuit 186 show mpls 199 show mpls admin-groups 200 show mpls cross-connect-table 201 show mpls forwarding-table 202 show mpls ftn-table 203 show mpls ilm-table 204 show mpls in-segment-table 205 show mpls l2-circuit 206 show mpls l2-circuit-group 207 show mpls log 208 show mpls mapped-routes 209 show mpls out-segment-table 210 show mpls vc-table 211 show mpls vrf-table 212 vrf entry 198 ZebOS MPLS OAM Commands ping mpls ipv4 214 ping mpls l2-circuit 215 ping mpls l3vpn 216 ping mpls ldp 217 ping mpls rsvp 218 ping mpls vpls 219 trace mpls ipv4 220 trace mpls l2-circuit 221 trace mpls l3vpn 222 trace mpls ldp 223 trace mpls rsvp 224 trace mpls vpls 225 ZebOS NSM Commands admin-group 113 arp A.B.C.D MAC 114 bandwidth 115 clear ip route kernel 116 clear ipv6 neighbors 117

Index - 10

debug nsm 118 events 119, 120 packet 121 undebug nsm all 166 fib retain 123 if-arbiter 124 interface 125 ip address 127 ip forwarding 128 ip proxy-arp 129 ip route 130 ipv6 address 131 ipv6 forwarding 132 ipv6 nd managed-config-flag 135 ipv6 nd other-config-flag 137 ipv6 nd prefix 138 ipv6 nd ra-interval 139 ipv6 nd ra-lifetime 140 ipv6 nd reachable-time 141 ipv6 nd suppress-ra 143 ipv6 neighbor 144 ipv6 route 145 maximum-paths 146 mtu 147 multicast 148 no debug nsm no debug nsm events 150 show debugging nsm 150 show interface 151 show ip access-list 152 show ip forwarding 153 show ip interface brief 154 show ip route 155 show ip route database 157 show ipv6 forwarding 158 show ipv6 interface brief 159 show ipv6 neighbors 160 show ipv6 route 161 show nsm client 163 show router-id 164 shutdown 165 undebug nsm packet 167 ZebOS TE Commands reservable-bandwidth 358

Suggest Documents

ZebOS Network Platform OSPF Command Reference Guide - AskF5

ZebOS Network Platform OSPF Command Reference Guide - AskF5
Read more
Command Reference Guide (.pdf)

Command Reference Guide (.pdf)
Read more
Command Reference Guide (.pdf)

Command Reference Guide (.pdf)
Read more
Command Reference Guide (.pdf)

Command Reference Guide (.pdf)
Read more
Command Reference

Command Reference
Read more
NSM Administration Guide - Juniper.net

NSM Administration Guide - Juniper.net
Read more
RACADM Command Line Reference Guide - Dell

RACADM Command Line Reference Guide - Dell
Read more
ExtremeXOS Command Reference Guide for Release 15.4

ExtremeXOS Command Reference Guide for Release 15.4
Read more
Unix/Linux Command Reference

Unix/Linux Command Reference
Read more
HSPICE Command Reference

HSPICE Command Reference
Read more
DOS Command Reference

DOS Command Reference
Read more
Command Reference (.pdf)

Command Reference (.pdf)
Read more
Basic CLI Command Reference

Basic CLI Command Reference
Read more
Gretl Command Reference

Gretl Command Reference
Read more
OpenBoot Command Reference Manual

OpenBoot Command Reference Manual
Read more
IP Command Reference. Contents

IP Command Reference. Contents
Read more
TSO/E Command Reference

TSO/E Command Reference
Read more
AutoCAD reference command list

AutoCAD reference command list
Read more
DOS Command Reference

DOS Command Reference
Read more
Unix/Linux Command Reference

Unix/Linux Command Reference
Read more
NSM Installation Guide - Juniper Networks

NSM Installation Guide - Juniper Networks
Read more
Catalyst 3560 Switch Command Reference

Catalyst 3560 Switch Command Reference
Read more
Command Line Quick Reference Card

Command Line Quick Reference Card
Read more
Cisco IOS IPv6 Command Reference

Cisco IOS IPv6 Command Reference
Read more