![]() |
COMMAND DESCRIPTION 13/190 82-CRA 119 1170/1-V1 Uen D | ![]() |
Copyright
© Ericsson AB 2009–2010. All rights reserved. No part of this document may be reproduced in any form without the written permission of the copyright owner.
Disclaimer
The contents of this document are subject to revision without notice due to continued progress in methodology, design and manufacturing. Ericsson shall have no liability for any error or damage of any kind resulting from the use of this document.
Trademark List
SmartEdge | is a registered trademark of Telefonaktiebolaget LM Ericsson. |
Commands starting with “o” through commands starting with “po” are included.
oam fault-monitor end-to-end
{no | default} oam fault-monitor
Enables alarm indication signal (AIS) and remote defect indication (RDI) fault monitoring for any Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC) that references this profile and is not cross-connected.
end-to-end |
Specifies that the fault monitoring is end to end. |
Fault monitoring is disabled.
Use the oam fault-monitor command to enable AIS and RDI fault monitoring of any ATM PVC that references this profile.
In compliance with the ITU standard, AIS is used to report faults in the upstream (forward) direction; RDI is used to report faults in the downstream (backward) direction.
If you reference this profile when configuring an ATM PVC that is later cross-connected, this command is disabled (ignored) in the profile.
Use the no or default form of this command to disable fault monitoring.
The following example shows how to enable fault monitoring for an ATM profile, oam:
[local]Redback(config)#atm profile oam [local]Redback(config-atm-profile)#oam fault-monitor end-to-end
oam manage end-to-end [heartbeat [backwards] | auto-loopback [down-retry-count retries] [regular-timeout interval] [retry-timeout interval] [up-retry-count retries]]
no oam manage [end-to-end [heartbeat [backwards] | auto-loopback [down-retry-count retries] [regular-timeout interval] [retry-timeout interval] [up-retry-count retries]]]
default oam manage end-to-end {heartbeat | auto-loopback}
Enables the operational state of any Asynchronous Transfer Mode (ATM) permanent virtual circuit (PVC) that is not cross-connected and that references this profile to be controlled by the state of its remote defect indication (RDI) and alarm indication signal (AIS) state at the F5 level.
ATM profile configuration
end-to-end |
Specifies that the operations, administration, and maintenance (OAM) management is end to end. |
heartbeat |
Optional. Specifies continuity monitoring. |
backwards |
Optional. Specifies downstream continuity monitoring. |
auto-loopback |
Optional. Causes the system to detect and clear the RDI and AIS state. |
down-retry-count retries |
Optional. Number of unsuccessful retries before declaring the connection to be Down. The range of values is 0 to 10; the default value is 3 retries. |
regular-timeout interval |
Optional. Loopback interval in seconds when connectivity is stable. The range of values is 1 to 300; the default value is 30 seconds. |
retry-timeout interval |
Optional. Loopback interval in seconds when connectivity is changing. The range of values is 1 to 30; the default value is 3 seconds. |
up-retry-count retries |
Optional. Number of successful retries before declaring the connection to be up. The range of values is 0 to 10; the default value is 2 retries. |
OAM management is disabled.
Use the oam manage command to enable the operational state of any ATM PVC that references this profile to be controlled by the state of its RDI and AIS state at the F5 level. If the F5 RDI and AIS state is active, the operational state of the ATM PVC is down; if F5 RDI and AIS state is not active, the operational state is up.
If you reference this profile when configuring an ATM PVC that is later cross-connected, this command is disabled (ignored) in the profile.
Use the heartbeat keyword to enable continuity monitoring. Cells are issued repetitively with a periodicity of one cell each second independently of user cell traffic. After enabling continuity monitoring, if the PVC does not receive any monitoring cell within a time interval of 3.5 seconds, with a margin of ±.5 seconds, from a peer that is configured with continuity checking (heartbeat backward), the system declares a VP-AIS or a virtual circuit (VC)-AIS (or both) state due to a loss of continuity.
Use the auto-loopback keyword to cause the system to detect and clear the RDI/AIS state by using OAM F4 and F5 loopback cells to be periodically transmitted and its response cells monitored when appropriate.
If you specify either the heartbeat or the auto-loopback keyword, the operational state is controlled by both RDI/AIS, and either continuity check cells or ATM OAM loopback cells.
If you specify neither the heartbeat nor the auto-loopback keyword, OAM management is enabled with only the fault monitoring function.
In every case, the system monitors and reacts to an RDI/AIS state by declaring the ATM PVC down and sending an Simple Network Management Protocol (SNMP) trap.
Use the no or default form of this command to disable OAM management of any ATM PVC that references this profile.
To display the values of the auto-loopback parameters and the ATM PVC status, enter the show atm pvc command (in any mode).
The following example shows how to enable the operational state of any ATM PVC that references the oam profile to be controlled by both the state of its RDI/AIS and by OAM loopback:
[local]Redback(config)#atm profile oam [local]Redback(config-atm-profile)#oam manage end-to-end auto-loopback regular-timeout 45
oam xc end-to-end {[loopback] [heartbeat] [ais/rdi]}
{no | default} oam xc
Enables operations, administration, and maintenance (OAM) cells received on one of a pair of cross-connected Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs) that reference this profile to be forwarded to and transmitted on the other ATM PVC.
end-to-end |
Specifies that the operations, administration, and maintenance (OAM) management is end to end. |
loopback |
Optional. Specifies that the OAM loopback cells are to be forwarded. |
heartbeat |
Optional. Specifies continuity monitoring; the OAM continuity check cells are forwarded. |
ais/rdi |
Optional. Specifies that the OAM alarm indication signal (AIS) and remote defect indication (RDI) fault monitoring cells are to be forwarded. |
No OAM cells are forwarded
Use the oam xc command to enable the OAM cells received on one of a pair of cross-connected ATM PVCs that reference this profile to be forwarded to and transmitted on the other ATM PVC.
If you reference this profile when configuring an ATM PVC that is not cross-connected, this command is disabled (ignored) in the profile; if the profile is also configured with either the oam fault-monitor or oam manage command (in ATM profile configuration mode), that command is enabled instead. If the ATM PVC is cross-connected at a later time, this command in the profile is enabled and either the oam fault-monitor or oam manage command is disabled.
Use the no or default form of this command to disable the forwarding of all OAM cells.
The following example selectively disables the heartbeat option:
[local]Redback(config)#atm profile oam-xc [local]Redback(config-atm-profile)#oam xc end-to-end loopback ais/rdi
The following example shows how to enable all OAM cells to be forwarded across the cross-connection of two ATM PVCs on ATM OC ports:
[local]Redback(config)#atm profile oam-xc [local]Redback(config-atm-profile)#oam xc end-to-end loopback heartbeat ais/rdi [local]Redback(config-atm-profile)#exit [local]Redback(config)#port atm 3/1 [local]Redback(config-atm-oc)#atm pvc 100 100 profile oam-xc encapsulation raw [local]Redback(config)#port atm 4/1 [local]Redback(config-atm-oc)#atm pvc 100 100 profile oam-xc encapsulation raw [local]Redback(config-atm-oc)#exit [local]Redback(config)#xc 3/1 vpi-vci 100 100 to 4/1 vpi-vci 100 100
offer-lease-time seconds
no offer-lease-time seconds
Specifies the offer lease time for this internal Dynamic Host Configuration Protocol (DHCP) server or one of its subnets.
seconds |
Length of time for the default lease. The range of values is 60 (one minute) to 360 (one hour). |
The default value for the offer lease time is two minutes.
Use the offer-lease-time command to specify the offer lease time for the DHCP server or one of its subnets. When entered in DHCP server configuration mode, specifies the offer lease time for the server and all its subnets; when entered in DHCP subnet configuration mode, specifies offer lease time for that subnet. The value specified for a subnet overrides the global value for the server.
Use the no form of this command to specify the default value for the offer lease time.
The following example specifies an offer lease time of 5 minutes (300) for the DHCP server and all its subnets:
[local]Redback(config)#context dhcp [local]Redback(config-ctx)#dhcp server policy [local]Redback(config-dhcp-server)#offer-lease-time 300
offset-list pl-name {in | out} offset
no offset-list pl-name {in | out} offset
Configure a Routing Information Protocol (RIP) offset list.
RIP router configuration
pl-name |
IP prefix list name. |
in |
Adds offset to incoming RIP updates. |
out |
Adds offset to outgoing RIP updates. |
offset |
Offset value. The range of values is 1 to 16. |
No RIP offset list is configured.
Use the offset-list command to configure a RIP offset list. A RIP offset list adds to the cost metric of inbound or outbound routes learned or advertised by RIP. RIP offset lists provide a method for adding to the cost metric of routes, which moves the routing switch’s route selection away from those routes.
The RIP offset list adds the offset value to the cost metric of all routes that match the specified prefix list.
Use the no form of this command to remove the RIP offset list.
The following example configures a RIP offset list to add 8 to the cost metric for all routes that match the IP prefix list, foo23:
[local]Redback(config-ctx)#router rip rip001 [local]Redback(config-rip)#offset-list foo23 in 8
oif-interface interface
no oif-interface
Identifies an interface connected to the subscriber device in a PIM-Dual Join implementation.
pim-dual configuration mode
interface |
Interface connected to the subscriber device. |
None
Use the oif-interface command to identify an interface connected to the subscriber device in a PIM-Dual Join implementation.
Use the no form of this command to identify the interface previously set.
The following example shows how to identify the interface int1 as the interface connected to the subscriber device in a PIM-Dual Join implementation:
[local]Redback#configure [local]Redback(config)#context local [local]Redback(config-ctx)#pim dual-join group 225.100.1.1 source 192.110.30.6 [local]Redback(config-pim-dual)#oif-interface int1
on-demand-diagnostic
no on-demand-diagnostic
Places an I/O carrier card, services card, or line card in the on-demand diagnostics (ODD) state.
This command has no keywords or arguments.
None
Use the on-demand-diagnostic command to place a carrier, line or services card in the ODD state.
This command is available only for the SmartEdge® 100 I/O carrier card in slot 2 and the following SmartEdge line cards:
Low-density versions of these line cards are also supported, but only the enabled ports are tested.
You must place the carrier card or line card in the out-of-service state with the shutdown command in ATM OC, ATM DS-3, or port configuration mode before you can enter this command. Specify slot 2 when you shut down the carrier card to shut down the I/O functions.
Use the no form of this command to remove the carrier card or line card from the ODD state.
The following example places the I/O carrier card (slot 2) in the ODD state:
[local]Redback(config)#card carrier 2 [local]Redback(config-card)#shutdown [local]Redback(config-card)#on-demand-diagnostic [local]Redback(config-card)#end
The following example places the Ethernet line card in slot 3 in the ODD state:
[local]Redback(config)#card ether-12-port 3 [local]Redback(config-card)#shutdown [local]Redback(config-card)#on-demand-diagnostic [local]Redback(config-card)#end
optimize replication
no optimize replication
Enables packet mesh ASIC (PMA)-based traffic replication on the current line card to the destination line cards. When not enabled, packet replication is performed in the ingress packet processing ASICs (iPPAs).
Use the optimize replication command to efficiently support high-bandwidth multicast services such as IPTV.
Card configuration
This command has no arguments.
Packet replication is performed in the ingress PPA. Use the no form of this command to return the card to the default condition.
[local]redback#card 10ge-4-port [local]redback(config-card)# optimize replication
option {opt-num | opt-name} opt-arg1 [opt-arg2 [opt-arg3 [opt-arg4]]]
no option {opt-num | opt-name}
Specifies an option for this internal Dynamic Host Configuration Protocol (DHCP) server or one of its subnets.
opt-num |
DHCP option number; the range of values is 1 to 125. Table 1 to Table 7 list the option numbers. |
opt-name |
|
opt-arg1 |
First argument for the DHCP option. Table 1 to Table 7 list the arguments for the DHCP options. |
opt-arg2 ... opt-arg4 |
Optional. Additional values for a DHCP option with an IP address argument. If opt-arg1 is an IP address, you can specify up to three additional IP addresses. |
No DHCP options are specified for the DHCP server or for any of its subnets.
Use the option command to specify an option for this internal DHCP server or for one of its subnets. When you enter this command in DHCP server configuration mode, it specifies the DHCP option for the server and all its subnets; when you enter it in DHCP subnet configuration mode, it specifies the option for that subnet. The value specified for a subnet overrides the global value for the server.
You can enter this command multiple times to specify as many different DHCP options as you require. Succeeding entries for the same DHCP option overwrite any previously entered value.
You can specify up to four IP addresses for a DHCP option that requires an IP address. If the DHCP option also requires an netmask argument in addition to the IP address, you can specify up to two IP addresses and their netmask arguments.
RFC 2132, DHCP Options and BOOTP Vendor Extensions, Section 3 through Section 9 describe the option numbers, names, and arguments. Table 1 to Table 7 list this data for the options in each section; options are listed by code within each table.
Use the no form of this command to remove the option from the internal DHCP server or subnet configuration.
Option Code Name |
Argument |
Argument Description |
Option Description |
|
---|---|---|---|---|
1 |
subnet-mask |
netmask |
Netmask in the format E.F.G.H. |
Configure the subnet mask supplied to the client. |
2 |
time-offset |
seconds |
Signed integer; the range of values is –2,147,483,648 to +2,147,483,648. |
Configure the time offset value. |
3 |
router |
ip-addr |
IP address in the format A.B.C.D. |
Configure the router that the client can use. |
4 |
time-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the time server. |
5 |
ien116-name-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the IEN116 name server. |
6 |
domain-name-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the domain name server. |
7 |
log-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the log server. |
8 |
cookie-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the cookie server. |
9 |
lpr-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the line printer (LPR) server. |
10 |
impress-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the impress server. |
11 |
resource-location-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the resource location server. |
12 |
host-name |
name |
Name of the host. |
Configure the hostname, which can include its domain name. |
13 |
boot-size |
size |
File size in 512-octet blocks; the range of values is 0 to 65,535. |
Configure the size of the boot file. |
14 |
merit-dump |
path |
Path, including the filename. |
Configure the path to the merit dump file. |
15 |
domain-name |
dom-name |
Domain name; must be “redback.com” (without quotes). |
Configure the domain name. |
16 |
swap-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the swap server. |
17 |
root-path |
path |
Path to the root disk. |
Configure the path to the root disk. |
18 |
extensions-path |
path |
Path to the extensions. |
Option Num Name |
Argument |
Argument Description |
Description |
|
---|---|---|---|---|
26 |
interface-mtu |
mtu |
The range of values is 0 to 65,535. |
Configure the interface MTU. |
27 |
all-subnets-local |
boolean-flag |
|
Configure all subnets are local. |
28 |
broadcast-address |
ip-addr |
IP address in the format A.B.C.D. |
Configure the broadcast IP address. |
29 |
perform-mask-discovery |
boolean-flag |
|
Configure mask discovery. |
30 |
mask-supplier |
boolean-flag |
|
Configure the mask supplier. |
31 |
router-discovery |
boolean-flag |
|
Configure router discovery. |
32 |
router-solicitation-address |
ip-addr |
IP address in the format A.B.C.D. |
Configure the router solicitation IP address. |
33 |
static-route |
ip-addr netmask |
|
Option Num Name |
Argument |
Argument Description |
Description |
|
---|---|---|---|---|
34 |
trailer-encapsulation |
boolean-flag |
|
Configure trailer encapsulation. |
35 |
arp-cache-timeout |
seconds |
The range of values is 0 to 4,294,967,295. |
Configure the Address Resolution Protocol (ARP) cache timeout. |
36 |
ieee802-3-encapsulation |
boolean-flag |
Specify Ethernet encapsulation. |
(1) RFC 894, Standard
for the Transmission of IP Datagrams over Ethernet Networks
(2) RFC 1042, Standard
for the Transmission of IP Datagrams over IEEE 802 Ethernet Networks
Option Num Name |
Argument |
Argument Description |
Description |
|
---|---|---|---|---|
37 |
default-tcp-ttl |
seconds |
The range of values is 0 to 255. |
Configure the default Transmission Control Protocol (TCP) time-to-live value. |
38 |
tcp-keepalive-interval |
seconds |
The range of values is 0 to 4,294,967,295. |
Configure the TCP keepalive interval. |
39 |
tcp-keepalive-garbage |
boolean-flag |
|
Option Num Name |
Argument |
Argument Description |
Description |
|
---|---|---|---|---|
40 |
nis-domain |
dom-name |
NIS domain. |
Configure the Network Information Server (NIS) domain. |
41 |
nis-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the NIS server. |
42 |
ntp-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the Network Time Protocol (NTP) server. |
43 |
vendor-encapsulated-options |
Can be:
|
|
Configure a vendor-encapsulated option. |
44 |
netbios-name-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the NetBIOS name server. |
45 |
netbios-dd-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the NetBIOS datagram distribution (DD) server. |
46 |
netbios-node-type |
type |
The range of values is 0 to 255. |
Configure the NetBIOS node type. |
47 |
netbios-scope |
scope |
NetBIOS scope parameter. |
Configure the NetBIOS scope parameter, as specified in RFCs 1001(1) and 1002(2). |
48 |
font-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the font server. |
49 |
x-display-manager |
ip-addr |
IP address in the format A.B.C.D. |
Configure the X window system display manager. |
64 |
nisplus-domain |
dom-name |
NIS+ domain. |
Configure the NIS+ domain. |
65 |
nisplus-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the NIS+ server. |
68 |
mobile-ip-home-agent |
ip-addr |
IP address in the format A.B.C.D. |
Configure the mobile IP home agent. |
69 |
smtp-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the Simple Mail Transport Protocol (SMTP) server. |
70 |
pop-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the Post Office Protocol (POP3) server. |
71 |
nntp-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the Network News Transport Protocol (NNTP) server. |
72 |
www-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the WWW server. |
73 |
finger-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the finger server. |
74 |
irc-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the default Internet Relay Chat (IRC) server. |
75 |
streettalk-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the StreetTalk server. |
76 |
streettalk-directory-assistance-server |
ip-addr |
IP address in the format A.B.C.D. |
Configure the StreetTalk directory assistance (STDA) server. |
(1) RFC 1001, Protocol Standard for a
NetBIOS Service on a TCP/UDP transport: Concepts and Methods
(2) RFC 1002, Protocol Standard
for a NetBIOS Service on a TCP/UDP transport: Detailed Specifications
Option Num Name |
Argument |
Argument Description |
Description |
|
---|---|---|---|---|
66 |
tftp-server-name |
name |
TFTP server name. |
Configure the Trivial File Transfer Protocol (TFTP) server. |
67 |
bootfile-name |
name |
Boot filename. |
Configure the name of the boot loader image file. |
The following example specifies the options for an internal DHCP server (and its subnets), which are overridden by the options for the sub2 subnet:
[local]Redback(config)#context dhcp [local]Redback(config-ctx)#dhcp server policy ! Specify global options (these apply to all subnets) [local]Redback(config-dhcp-server)#option domain-name redback.com [local]Redback(config-dhcp-server)#option domain-name-server 10.1.1.254 ! Create a subnet; specify options for this subnet, which override the global settings [local]Redback(config-dhcp-server)#subnet 10.1.1.1/24 name sub2 [local]Redback(config-dhcp-subnet)#option router 10.1.1.1 [local]Redback(config-dhcp-subnet)#option domain-name hot.com
The following example adds a second IP address for the router option in the sub2 subnet configuration and includes option 21 (policy-filter) with two IP addresses and their netmasks:
[local]Redback(config)#context dhcp [local]Redback(config-ctx)#dhcp server policy [local]Redback(config-dhcp-server)#subnet 10.1.1.1/24 name sub2 [local]Redback(config-dhcp-subnet)#option router 10.1.1.1 10.1.1.2 [local]Redback(config-dhcp-subnet)#option 21 10.1.1.23 255.255.255.255 10.1.1.33 255.255.255.255
To specify the circuit agent ID, the syntax is:
option-82 circuit-id string [offset position] {ip-address ip-addr | max-addresses num-addr}
no option-82 circuit-id string [offset position] {ip-address ip-addr | max-addresses num-addr}
To specify the remote agent ID, the syntax is:
option-82 remote-id string [offset position] ip-address ip-addr
no option-82 remote-id string
Creates a static mapping between the Agent-Circuit-Id subfield or the Agent-Remote-Id subfield in the option 82 field and an IP address.
circuit-id string |
Circuit agent ID. A text string, with up to 255 printable characters; enclose the string in quotation marks (“ ”) if the string includes spaces. |
remote-id string |
Remote agent ID. A text string, with up to 255 printable characters; enclose the string in quotation marks (“ ”) if the string includes spaces. |
offset position |
Optional. Position of the starting octet in the option 82 subfield which is to be matched with the specified string argument, according to one of the following formats:
The default value is 1 (the first octet). You can also specify the first octet with a value of 0. |
ip-address ip-addr |
IP address to which the option 82 subfield is to be mapped. |
max-addresses num-addr |
Maximum number of IP addresses permitted for the specified circuit agent ID. |
No static mapping is created between an option 82 subfield and any IP address.
Use the option-82 command to create a static mapping between the Agent-Circuit-Id subfield or the Agent-Remote-Id subfield in the option 82 field and an IP address. The option 82 field is sent in the DHCP discover packet.
The value for the ip-addr argument must be an IP address within this subnet, but not within any range of IP addresses that you have specified using the range command (in DHCP subnet configuration mode).
You can specify the remote agent ID and the circuit agent ID in vendor-specific attributes (VSAs) 96 and 97, respectively, using the radius attribute calling-station-id and radius attribute nas-port-id commands (in context configuration mode). vendor VSAs provided by Ericsson AB are described in RADIUS Attributes.
Use the no form of this command to delete the static mapping.
The following example creates a static mapping between option 82 Agent-Circuit-Id subfield, 4:1 vlan 102, and the 12.1.1.11 IP address:
[local]Redback(config)#context dhcp [local]Redback(config-ctx)#dhcp server policy [local]Redback(config-dhcp-server)#subnet 12.1.1.0/24 name sub2 [local]Redback(config-dhcp-subnet)#range 12.1.1.50 12.1.1.100 [local]Redback(config-dhcp-subnet)#mac-address 02:12:34:56:78:90 ip-address 12.1.1.10 [local]Redback(config-dhcp-subnet)#option-82 circuit-id “4:1 vlan 102” offset 3 ip-address 12.1.1.11
option domain-name-server server-address
no option domain-name-server
In a DHCPv6 server policy, specifies the IP address of the DNS name server to be used by clients for DNS host name resolution.
DHCPv6 server policy configuration
DHCPv6 server policy subnet configuration
server-address |
Configures an IPv6 address for the DNS name server. |
No DNS name server is specified in the DHCPv6 profile.
Use the option domain-name-server command to specify the IPv6 address of the DNS name server to be used by IPv6 clients for DNS host name resolution.
Use the no version of this command to remove a DNS name server from a DHCPv6 profile.
The following example configures a DHCPv6 server policy to direct clients to use the DNS name server on the IPv6 address 2005:db8:b:3f::2 for DNS host name resolution:
[local]BRAS(config-ctx)#dhcpv6 server [local]Redback(config-dhcpv6-server)#option domain-name-server 2005:db8:b:3f::2
option domain-search domain-name
no option domain-search
In a DHCPv6 server policy, specifies the domain name that a host appends to a hostname for DNS host name resolution.
DHCPv6 server policy configuration
DHCPv6 server policy subnet configuration
domain-name |
Specifies a domain name to be appended to a hostname for DNS resolution. |
No DNS name server is specified in the DHCPv6 server policy.
Use the option domain-search command to specify the domain name that a host appends to a hostname for DNS host name resolution.
Use the no version of this command to remove a specified domain name from a DHCPv6 server policy.
The following example configures the domain search option in a DHCPv6 server policy. In this example, the domain name SJ1.com is appended to host names queried for DNS resolution:
[local]BRAS(config-ctx)#dhcpv6 server [local]Redback(config-dhcpv6-server)#option domain-search SJ1.com
option information-refresh-time seconds
no option information-refresh-time
In a DHCPv6 server policy, configures the number of seconds a client waits before refreshing the configuration information received from DHCPv6 server.
DHCPv6 server policy configuration
seconds |
Number of seconds a client waits before refreshing the configuration information received from DHCPv6 server. Range is from 600 through 4294967295 seconds. |
The number of seconds a client waits before refreshing the configuration information received from DHCPv6 server is not specified.
Use the option information-refresh-time command to configure the number of seconds a client waits before refreshing the configuration information received from DHCPv6 server.
Use the no version of this command to return the DHCPv6 server policy refresh time attribute to the default configuration, where the number of seconds a client waits before refreshing the configuration information received from DHCPv6 server is not specified.
The following example configures the refresh time attribute in a DHCPv6 server policy to be 3000000 seconds. This means clients of this server refresh the configuration information received from this server every 3000000 seconds:
[local]BRAS(config-ctx)#dhcpv6 server [local]Redback(config-dhcpv6-server)#option information-refresh-time 3000000
option preference integer
no option preference
In a DHCPv6 server policy, configures the preference value for a DHCPv6 server.
DHCPv6 server policy configuration
integer |
Preference value for a DHCPv6 server. Servers with a lower value take precedence over servers configured with a higher value. Range is from 0 through 255. |
The preference value for a DHCPv6 server is not specified.
Use the option preference command to configure the preference value for a DHCPv6 server.
A DHCPv6 server configured with a lower value is preferred over a server configured with a higher value.
When a client requests an IPv6 prefix, that client typically accepts the first IPv6 prefix it receives. However, you can configure a DHCPv6 server to be preferred so that the client accepts IPv6 prefixes from that server over any other DHCPv6 server.
Use the no version of this command to return the DHCPv6 server preference attribute to the default value.
The following example configures the preference attribute for a DHCPv6 server to be 5:
[local]Redback(config-ctx)#dhcpv6 server
[local]Redback(config-dhcpv6-server)#option preference 5
option rapid-commit
no option rapid-commit
Enables RAPID COMMIT in a DHCPv6 server policy (for faster IPv6 prefix delegation).
DHCPv6 server policy configuration
This command has no keywords or arguments.
RAPID COMMIT is disabled.
Use the option rapid-commit command to enable RAPID COMMIT in a DHCPv6 server policy (for faster IPv6 prefix delegation).
Use the no version of this command to disable RAPID COMMIT in a DHCPv6 server policy.
The following example enables RAPID COMMIT in a DHCPv6 server policy:
[local]Redback(config-ctx)#dhcpv6 server [local]Redback(config-dhcpv6-server)#option rapid-commit
optional-checksums [level-1 | level-2]
no optional-checksums [level-1 | level-2]
Enables optional Intermediate System-to-Intermediate System (IS-IS) checksums on the interface.
IS-IS interface configuration
level-1 |
Optional. Enables checksums for IS-IS level 1 routing independently. |
level-2 |
Optional. Enables checksums for IS-IS level 2 routing independently. |
The command is disabled.
Use the optional-checksums command to enable optional IS-IS checksums on the interface.
Use the no form of this command to disable optional IS-IS checksums.
The following example enables optional checksums on the fa4/1 interface:
[local]Redback(config-ctx)#router isis ip-backbone [local]Redback(config-isis)#interface fa4/1 [local]Redback(config-isis-if))#optional-checksums
originate-default {always | route-map map-name} [metric metric] [metric-type type]
no originate-default
Originates the default route advertisement in the Open Shortest Path First (OSPF) or OSPF Version 3 (OSPFv3) routing domain.
always |
Always originates a default route. |
route-map map-name |
Route map name. Originates the default route when all conditions in the specified route map are met and when the route exists in the Route Information Base (RIB). |
metric metric |
Optional. Metric value for the default route. The range of values is 1 to 16,777,214; the default value is 1. |
metric-type type |
Optional. External route metric type for a Type 5 default link-state advertisement (LSA). The type argument specifies one of the following metric types:
|
No default route is originated. When this command is used to originate a default route, the metric value is 1.
Use the originate-default command to originate the default route advertisement in the OSPF or OSPFv3 routing domain.
Use the no form of this command to remove the default route.
The following example configures the OSPF instance to originate a default route when there is a route in the RIB for routes matching the rmap01 route map:
[local]Redback(config-ospf)#originate-default route-map rmap01
originating-rp if-name
no originating-rp if-name
Configures an interface as the originating rendezvous point (RP) address.
MSDP router configuration
if-name |
Name of the interface whose IP address is to be used as the originating RP address. |
None
Use the originating-rp command to configure an interface as the originating RP address. The IP address of the interface is used as the RP address in all source active (SA) messages originated by the router.
Use the no form of this command to remove the interface’s IP address for the originating RP address.
The following example configures the interface, ToLan04, to be used as the RP address:
[local]Redback(config-msdp)#originating-rp ToLan04
originating-rp sa-filter acl-name
no originating-rp sa-filter acl-name
Configures an access control list (ACL) to filter incoming source active (SA) messages learned from the local rendezvous point (RP).
MSDP router configuration
acl-name |
Name of the ACL used to filter incoming SA messages. |
None
Use the originating-rp sa-filter command to configure an ACL to filter incoming SA messages learned from the local RP.
Use the no form of this command to remove the ACL.
The following example configures ACL 320 to filter incoming SA messages:
[local]Redback(config-ctx)#router msdp [local]Redback(config-msdp)#originating-rp sa-filter 320
out-label out-label-num
Configures the outgoing label number for a static label-switched path (LSP).
MPLS static LSP configuration
out-label-num |
Number of the outgoing label. The range of values is 16 to 1,024. |
None
Use the out-label command to configure the outgoing label number for a static LSP.
The following example configures the outgoing label for the LSP, test14, to the value of 20:
[local]Redback(config-ctx)#router mpls-static [local]Redback(config-mpls-static)#lsp test14 [local]Redback(config-mpls-static-lsp)#out-label 20
output-delay delay
{no | default} output-delay
Adds a delay time between packets sent in multipacket Routing Information Protocol (RIP) or RIP next generation (RIPng) updates.
delay |
Amount of delay, in milliseconds, added between packets. The range is of values is 1 to 50. |
Packets are sent without a delay.
Use the output-delay command to add a delay time between packets in multipacket RIP or RIPng updates.
Use the no or default form of this command to disable the delay.
The following example adds a delay time of 15 milliseconds between the sending of updates for the RIP instance, rip001:
[local]Redback(config-ctx)#router rip rip001 [local]Redback(config-rip)#output-delay 15
over-subscription-factor percent
no over-subscription-factor
For Constrained Shortest Path First (CSPF), specifies the factor by which the bandwidth can exceed the subscribed amount for Resource Reservation Protocol (RSVP)-enabled interfaces.
percent |
Percentage by which the bandwidth may exceed the subscribed amount for RSVP-enabled interfaces. The range of values is 1 through 4294967295. |
100 percent.
Use the over-subscription-factor command to specify the factor by which the bandwidth can exceed the subscribed amount for RSVP-enabled interfaces. This factor is multiplied by the available bandwidth to reserve the oversubscription amount. For example, if the hardware bandwidth for a Fast Ethernet port is 100 mbps and the oversubscription factor is 150 percent, the reserved bandwidth is 150 mbps. If you do not specify a bandwidth, the reserved bandwidth (the default value) is available. If bandwidth has been explicitly reserved (using the bandwidth command in RSVP interface configuration mode), that setting overrides this calculation.
To undersubscribe RSVP-enabled interfaces, set a value below 100 percent. To oversubscribe RSVP-enabled interfaces, set a value above 100 percent.
Use the no form of this command to remove the oversubscription-factor bandwidth value.
The following example shows how to configure the oversubscription-factor on an interface to 110 percent:
[local]Redback#configure [local]Redback(config)#context local [local]Redback(config-ctx)#router rsvp [local]Redback(config-rsvp)#over-subscription-factor 110
over-subscription-rate rate
no over-subscription-rate
default fault over-subscription-rate
Specifies the over-subscription rate allowed on an Asynchronous Transfer Mode (ATM) OC port or an ATM DS-3 port.
rate |
Over-subscription rate as a percentage. The range of values is 0 to 10,000%; the default value is unlimited. |
The default rate is unlimited.
Use the over-subscription-rate command to specify the over-subscription rate allowed on an ATM OC port or ATM DS-3 port.
A rate of 0% allows permanent virtual circuits (PVCs) to be created on the port up to the bandwidth of the port; a rate of 1,000% allows PVCs to be created on the port up to the bandwidth of the port +1000%.
Use the no form of this command to specify a rate of 0%.
Use the default form of this command to specify the default rate.
The following example shows how to specify an over-subscription rate of 100% for port 1 of the ATM OC-3c/STM-1c line card in slot 4:
[local]Redback(config)#port atm 4/1 [local]Redback(config-atm-oc)#over-subscription-rate 100
With framing bits taken into account, the ATM OC-3c/STM-1c port has a bandwidth of 149.76 Mbps. With an over-subscription rate of 100%, PVCs can be created up to a bandwidth of 299.52 Mbps on this port.
p2p-port
no p2p-port
Treats the associated port as always connected to a point-to-point link.
This command has no keywords or arguments.
Depending on the type of port, the port is treated as either a full-duplex or half-duplex link.
Use the p2p-port command to treat the associated port as always connected to a point-to-point link; that is, enable the port for full-duplex operation.
The following example illustrates how the spanning-tree profile command creates the spanning-tree profile womp and enables it for point-to-point linking. In the second part of the example, an Ethernet port is assigned the spanning-tree profile womp and, therefore, is enabled for point-to-point linking:
[local]Redback(config)#spanning-tree profile womp [local]Redback(config-stp-prof)#p2p-port [local]Redback(config-stp-prof)#exit [local]Redback(config)#port ethernet 1/1 [local]Redback(config-port)#spanning-tree profile womp
packet-interval packet-interval
no packet-interval packet-interval
Specifies the sampling interval for packets.
flow IP sampling configuration
packet-interval |
Rate at which packets are sampled. Range is from 1 to 16383 packets. |
None.
Use the packet-interval command to specify the sampling interval for packets. When random sampling is enabled with the sampling command, statistics are gathered for packets based on the packet interval. For example, if you configured the packet interval to be 9, then statics are gathered for one random packet out of every nine packets. The sampling counter restarts when the ninth packet is processed.
The following example shows how to use the packet-interval command to configure the sampling interval to be 100. In this example, statistics are gathered for one random packet out of every 100 packets:
local]Redback# configure [local]Redback(config)# flow ip sampling [local]Redback(config-flow-ip-sampling)# packet-interval 100
To specify a field that can have a single value in the definition of an attribute, the syntax is:
parameter value param-name [default-value]
no parameter param-name
To specify a field that can have multiple values, the syntax is:
parameter list param-name [default-value[, default-value-2[,....]]]
no parameter param-name
Specifies a field in a service condition that can be dynamically changed.
value |
Specifies that the field has a single value |
param-name |
Name of a field in a service condition. The Remote Authentication Dial-In User Service (RADIUS) server specifies this name when it configures the service condition for the subscriber on the RADIUS server. The param-name can also be any one of the following predefined parameter names that is used to support dynamic class assignment:
|
default-value |
Optional. The default value for an optional field in a service condition. Not specified if the field is mandatory. |
list |
Specifies that an array of values is possible for this field. |
default-value-n,... |
Optional. Additional default values separated by commas (,). |
No fields are defined in a service profile.
Use the parameter command to specify a field in a service condition that can be dynamically changed. You can also use the parameter command to specify one of the predefined parameter names that is used to support dynamic class assignment. The maximum number of parameter instances in a service profile is 16; a parameter instance is each occurrence of the command in service profile configuration mode and each occurrence of the command for an array of parameter values in parameter array loop configuration mode.
For example, if the parameter value command appears twice in service profile configuration mode and once in parameter array loop configuration mode for a parameter with four values, the number of parameter instances is six.
Specify a value for each default-value argument if the subscriber configuration on the RADIUS server need not include this field. If the field is mandatory (the value must be specified in the subscriber configuration on the RADIUS server), do not specify a default value.
Use the attribute command (in service profile configuration mode) to specify the attribute that includes the field. If the field can have multiple values, use the foreach command (in service profile configuration mode) followed by the attribute command.
Use the no form of this command to remove the field from the service profile.
The following example specifies a mandatory redirect URL field for the HTTP redirect service condition; the field is defined in the HTTP-Redirect-URL VSA, using the attribute command (in service profile configuration mode):
[local]Redback(config-ctx)#radius service profile redirect [local]Redback(config-svc-profile)#parameter value redirect-url [local]Redback(config-svc-profile)#
The following example specifies a mandatory TCP port number field that can have an array of values; the field is defined using the attribute command within a loop initiated by the foreach command (in service profile configuration mode):
[local]Redback(config-ctx)#radius service profile redirect [local]Redback(config-svc-profile)#parameter list tcp-port [local]Redback(config-svc-profile)#
The following example specifies default values for the TCP port number field; in this case, the TCP port number is optional and need not be specified by the RADIUS server:
[local]Redback(config-ctx)#radius service profile redirect [local]Redback(config-svc-profile)#parameter list tcp-port www, 443, 8080 [local]Redback(config-svc-profile)#
The following example predefines classes “D1 D2 D4 D5” using the parameter %dynamic_class_qos_in and creates a reference to the predefined classes using the class_bearer variable:
[local]Redback(config-ctx)#radius service profile dyn-service [local]Redback(config-svc-profile)#parameter value %dynamic_class_qos_in “D1 D2 D4 D5” [local]Redback(config-svc-profile)#parameter value class_bearer %dynamic_class_qos_in
parent-class class-name
no parent-class class-name
Maps a specific child class to a parent class.
class-name |
An alphanumeric string of up to 39 characters that specifies the name of a parent class. |
The mapping of a child class to a parent class is not specified.
Use the parent-class command to map a metering or policing policy class to a class specified in another metering or policing policy. The class mapping configuration is employed when applying a hierarchical metering or policing policy to traffic on a child circuit that has its own metering and policing policy. Using the class mapping, the SmartEdge router determines the parent policy class for treating the child class traffic when enforcing the parent metering or policing policy. For more information about the mapping of the ACL class or a class-definition map class to a parent policy class, see Mapping a Child Policy Class to a Parent Class in Configuring Rate-Limiting and Class-Limiting.
Use the no form of this command to remove the mapping of the child class to the parent class.
The following example shows how to map a child class to a parent class. In this example, the child class voip is mapped to the parent class high and the child class data is mapped to the parent class low:
[local]Redback(config)#qos policy child-pol metering [local]Redback(config-policy-metering)#access-group child-acl local [local]Redback(config-policy-group)#class voip [local]Redback(config-policy-group-class)#parent-class high [local]Redback(config-policy-group-class)#rate 50 burst 100 [local]Redback(config-policy-class-rate)#class data [local]Redback(config-policy-group-class)#parent-class low [local]Redback(config-policy-group-class)#rate 20 burst 40
partition name [size size_value] [disk disk_num] [non-mirror]
no partition name
SSE group configuration
name |
Name of the partition. |
size size_value |
Configures the size of the partition, in gigabytes (GB). Required when creating a new partition. Range: 1 to 4,294,967,295. |
disk disk_num |
Disk number on the SSE card. Values: 1 or 2. Assigns the partition to an SSE disk when operated independently. Applies to network-redundant SSE groups only, where raid-0 is not configured. Required when creating a new partition on a network-redundant SSE group. |
non-mirror |
By default, partition data is mirrored to the standby. The non-mirror keyword specifies that the partition should not mirror the data to the standby if redundancy is set. Applies to network-redundant SSE groups only. |
No partition is configured.
Creates the partition and enters SSE partition configuration mode. You can create multiple partitions. The partition name must be unique in the SSE group.
The disk and non-mirror keywords apply only to network-redundant SSE groups. For other operational settings, the command is rejected if these keywords are specified.
Any partition configured must be fully allocated on the SSE disk for it to be operational.
The no form of the command removes the partition from the SSE group. The partition still exists on the SSE disk and data is maintained. Use the delete partition sse slot disk_num partition_name command in exec mode to remove the partition and all data.
[local]Redback(config)#sse group sse_group_1 [local]Redback(config-SE-group)#partition p01 size 5 disk 1
passive
{no | default} passive
When entered in OSPF area configuration mode, sets all interfaces configured in the specified Open Shortest Path First (OSPF) area to passive mode.
When entered in OSPF interface or OSPF3 interface configuration mode, sets an OSPF or OSPF Version 3 (OSPFv3) interface to passive mode.
This command has no keywords or arguments.
No interfaces are in passive mode.
Use the passive command in OSPF area configuration mode to set all interfaces configured in the specified OSPF area to passive mode.
Setting all interfaces in an OSPF area to passive mode is useful for large, pure edge aggregation applications, where there may be hundreds, or perhaps thousands, of customer-facing circuits. To distribute routes for the customer-facing interfaces to the upstream routers, you can enable OSPF on the customer-facing interfaces, and then set them all to passive mode using the passive command in OSPF area configuration mode.
Use the passive command in OSPF interface or OSPF3 interface configuration mode to set an OSPF or OSPFv3 interface to passive mode.
Use the no or default form of this command to return the interface, or all interfaces within an OSPF area, to the default state.
The following example sets the ospf1 interface to passive mode:
[local]Redback(config-ospf-area)#interface ospf1 [local]Redback(config-ospf-if)#passive
passive-interface
no passive-interface
Configures the Intermediate System-to-Intermediate System (IS-IS) instance to advertise the interface’s IP address without actively running IS-IS on the interface.
IS-IS interface configuration
This command has no keywords or arguments.
Passive mode is disabled.
Use the passive-interface command to configure the IS-IS instance to advertise the interface’s IP addresses without actively running IS-IS on the interface.
When an IS-IS interface is configured in passive mode, IS-IS packets are sent and no adjacency is formed on the interface. IS-IS advertises the interface’s IP address in its link-state protocol data units (LSPs).
The default metric value for a passive interface is 1. To change the metric value, use the metric command in IS-IS interface configuration mode.
Use the no form of this command to disable this option.
The following example configures the fa4/1 interface as a passive IS-IS interface:
[local]Redback(config-ctx)#router isis ip-backbone [local]Redback(config-isis)#interface fa4/1 [local]Redback(config-isis-if)#passive-interface
password password
no password
Specifies the authentication password that the subscriber enters when initiating a Point-to-Point Protocol (PPP) session.
subscriber configuration
password |
Alphanumeric text string. Control characters are not allowed. |
None
Use the password command to specify the authentication password that the subscriber enters when initiating a PPP session. When using Challenge Handshake Authentication Protocol (CHAP) Password Authentication Protocol (PAP), the password obtained from the subscriber must match the password configured in the corresponding subscriber record. This command is available for individual subscriber records, but not for a default subscriber record.
You can enter a password with embedded spaces by enclosing the entire password in double quotes; for example, “This is a Password With Spaces.”
Use the no form of this command to remove the password from the subscriber’s record.
The following example configures a password of DontTellAnyone:
[local]Redback(config-sub)#password DontTellAnyone
password password
no password
Configures an encrypted Message Digest 5 (MD5) password for the Border Gateway Protocol (BGP) neighbor or peer group.
password |
Alphanumeric string consisting of up to 80 characters. |
None
Use the password command to assign an encrypted MD5 password for the BGP neighbor or peer group.
Use the no form of this command to remove an assigned password from the BGP neighbor or peer group.
The following example assigns the password secret to the external BGP (eBGP) neighbor at IP address 10.10.1.1:
[local]Redback(config-bgp)#neighbor 10.10.1.1 external [local]Redback(config-bgp-neighbor)#password secret
path-trace {length length | message text}
no path-trace message
Specifies either the maximum length of the message or the text string to be traced on an administrative unit-3 (AU-3) or an AU-4 on a channelized STM-1 port.
length length |
Maximum length of the message, in bytes, according to one of the following keywords:
|
message text |
Text string with up to 62 ASCII characters. |
The length is 16 and the message is Redback.
Use the path-trace command to specify either the maximum length of the text or the text string to be traced on an AU-3 or AU-4 on a channelized STM-1 port.
If you enter the aug-mapping au3 command (in STM-1 configuration mode), the path-trace command is no longer available in STM-1 configuration mode; it is available in AU-3 configuration mode.
The first byte in a 16-character message is reserved for the results of a CRC7 calculated on the message.
The final two characters in a 64-character message are reserved for the CR/LF (0x0D/0x0A).
Use the no form of this command to set the maximum length to 16, and the message text to Redback. You cannot disable the path trace feature for channelized STM-1 ports.
The following example shows how to specify a path trace with a maximum message length of 64 and the text string for port 1 of the channelized STM-1 line card in slot 2; the port is mapped with the default administrative unit group (AUG) mapping, AU-4:
[local]Redback(config)#port channelized-stm1 2/1 [local]Redback(config-stm1)#path-trace length 64 [local]Redback(config-stm1)#path-trace this is a test of an extended length message.
path-trace message text
{no | default} path-trace message
Specifies the text string to be traced on a Packet over SONET/SDH (POS), second-generation Asynchronous Transfer Mode (ATM) OC, or Ethernet WAN-PHY port.
message |
Specifies that a text string follows. |
text |
Text string with up to 62 ASCII characters, depending on the type of port:
|
The transmitted text string is Redback.
Use the path-trace command to specify the text string to be on a Packet over SONET/SDH (POS), second-generation Asynchronous Transfer Mode (ATM) OC, or Ethernet WAN-PHY port.
The actual message length is 16 or 64 bytes, with one additional byte required for framing for a 15-character message and two additional bytes required for a 62-character message.
You cannot disable the path trace feature for Ethernet WAN-PHY or second-generation ATM OC line cards; to disable the path trace feature for ports on POS line cards, you must enter the no form for the sonet-eu command (in card configuration mode).
Use the show port detail command (in any mode) to display the path trace length and message.
Use either the no or default form of this command to specify the default text string.
The following example shows how to enable path trace and specify the text string, this is a test, for port 1 on the POS line card in slot 9:
[local]Redback(config)#card oc48-1-port 9 [local]Redback(config-card)#sonet-eu [local]Redback(config-card)#exit [local]Redback(config)#port pos 9/1 [local]Redback(config-port)#path-trace this is a test
The following example shows how to enable path trace and specify the text string, this is a test, for port the 10ge-1-port line card that has been configured to operate in WAN-PHY mode (slot 2, port 1:
[local]Redback(config)#card 10ge-1-port 2 [local]Redback(config-card)#exit [local]Redback(config)#port wan-phy 2/1 Note: Creating a port may cause the card to reload. Commit to continue; abort to exit without change [local]Redback(config)#commit [local]Redback(config-port)#path-trace this is a test
pe-type {hub | spoke}
{no | default} pe-type
Specifies the connection type used between the local and remote provider edge (PE) devices.
VPLS profile neighbor configuration
hub |
Hub connection type. This connection type is used if the Virtual Private LAN Services (VPLS) topology is enabled using a full mesh of pseudowire. Packets received on a hub link pseudowire are not forwarded on other hub connections (split horizon). |
spoke |
Spoke connection type. This connection type is used for enabling hierarchical VPLS topologies between multitenant unit switch (MTU-s) and PE routers (PE-rs), or when a full mesh of pseudowires is not used. Forwarding in unrestricted on spoke links. |
The hub connection type is used.
Use the pe-type command to specifies the connection type used between the local and remote PE devices. Currently, hub and spoke connection types are supported. For proper VPLS peering, both ends of the peer must be configured with the same connection type.
Use the no or default form of this command to specify the default connection type.
The following example sets the connection type to spoke:
[local]Redback#config [local]Redback(config)#vpls profile foo [local]Redback(config-vpls-profile)#neighbor 10.10.10.1 [local]Redback(config-vpls-profile-neighbor)#pe-type spoke [local]Redback(config-vpls-profile-neighbor)#
peer-as {asn | nn:nn}
no peer-as {asn | nn:nn}
Configures a peer’s autonomous system number (ASN).
MSDP peer configuration
asn |
Autonomous system number, in integer format, of the autonomous system that includes the peer. The range of values is 1 to 65,535. The subrange 64,512 to 65,535 is reserved for private autonomous systems. |
nn:nn |
Optional. ASN, in 4-byte integer format, that includes the peer. With 4-byte integer format, the first nn indicates the two higher-order bytes, and the second nn denotes the two lower-order bytes. |
None
Use the peer-as command to configure a peer’s ASN.
Use the no form of this command to delete the source active (SA) number from the peer’s configuration.
The following example configures a peer’s SA number to 37:
[local]Redback(config-msdp)#peer 192.168.1.1 local-tcp-source ToWan12 [local]Redback(config-msdp-peer)#peer-as 37
peer-end-point local loc-ip-addr [remote rem-ip-addr] [context ctx-name]
no peer-end-point
Assigns IP addresses to the tunnel endpoints.
tunnel configuration
local loc-ip-addr |
IP address of the local end of the tunnel. The format is A.B.C.D. |
remote rem-ip-addr |
Optional. IP address of the remote end of the tunnel. Required except when you have created an overlay tunnel for which you have specified that the system assign the remote IP address. The format is A.B.C.D. |
context ctx-name |
Optional. Name of the context that contains the interface to the local end of the tunnel. If no context is specified, the interface to the local end of the tunnel is assumed to be in the local context. |
None
Use the peer-end-point command to assign IP addresses to the tunnel endpoints. This command creates the tunnel between the two endpoints.
The remote IP address at one end of the tunnel is the same as the local IP address at the other end of the tunnel. If the remote IP address is not adjacent to the local IP address, and the remote site cannot be reached with a routing protocol, you must also enter the ip route command in context configuration mode.
If you create an overlay tunnel using the tunnel command with the ipv6v4-auto keyword, the system assigns an IP address to the remote endpoint. In this case, you do not include the remote rem-ip-addr construct when you enter this command.
The local loc-ip-addr construct must match the IP address of an interface.
If you are creating more than one tunnel, they can use the same IP address for the local endpoint (the IP address assigned to the interface) as long as the remote IP addresses are all different.
To use an interface and its local IP address for more than one tunnel, you must specify the loopback keyword with the interface command (in context configuration mode) when you create the interface for the tunnels. The loopback keyword allows you to reuse the IP address for more than one tunnel.
Use the no form of this command to delete this tunnel and any associated parameters that have been specified in tunnel configuration mode. The keywords are not available for the no form of this command.
The following example shows how to create an interface, toDenver, with a public IP address of 172.16.1.1; then it creates an overlay tunnel, DenverTnl, with a remote IP address of 172.16.1.2 and a local IP address of 172.16.1.1:
[local]Redback(config)#context local [local]Redback(config-ctx)#interface toDenver [local]Redback(config-if)#ip address 172.16.1.1/30 [local]Redback(config-if)#exit [local]Redback(config-ctx)#exit [local]Redback(config)#tunnel ipv6v4-manual DenverTnl [local]Redback(config-tunnel)#peer-end-point local 172.16.1.1 remote 172.16.1.2
The following example shows how to create two overlay tunnels each using an interface, LocalEnd. Both tunnels use the same local IP address; it is assumed that the remote IP address for Tun2 can be reached with a routing protocol, so the ip route command in context configuration mode is not needed:
[local]Redback(config)#context local [local]Redback(config-ctx)#interface LocalEnd loopback [local]Redback(config-if)#ip address 172.16.1.1/32 [local]Redback(config-if)#exit [local]Redback(config-ctx)#tunnel Tunl [local]Redback(config-tunnel)#peer-end-point local 172.16.1.1 remote 172.16.1.2 [local]Redback(config-tunnel)#no shutdown [local]Redback(config-tunnel)#exit [local]Redback(config-ctx)#tunnel Tun2 [local]Redback(config-tunnel)#peer-end-point local 172.16.1.1 remote 172.20.1.2 [local]Redback(config-tunnel-peer)#no shutdown [local]Redback(config-tunnel-peer)#end
For BGP router configuration mode, the command syntax is:
peer-group group-name {external | internal}
no peer-group group-name {external | internal}
For BGP neighbor configuration and BGP neighbor address family configuration modes, the command syntax is:
peer-group group-name
no peer-group group-name
When entered in BGP router configuration mode, configures an internal Border Gateway Protocol (iBGP) or external BGP (eBGP) peer group and enters BGP peer group configuration mode.
When entered in BGP neighbor configuration or BGP neighbor address family configuration mode, applies the attributes of a configured peer group to a BGP neighbor or BGP neighbor address family.
group-name |
Name of the peer group. |
external |
Configures an eBGP peer group. |
internal |
Configures an iBGP peer group. |
There are no preconfigured peer groups. Once a peer group is configured, it is enabled.
Use the peer-group command in BGP router configuration mode to configure an iBGP or eBGP peer group and enter BGP peer group configuration mode.
Peer groups are helpful in cases where many BGP neighbors are configured with the same outbound update policies. Grouping a large number of neighbors into one or more peer groups simplifies modifications to a configuration, and more importantly, makes BGP update generation more efficient. The use of peer groups is strongly recommended when there are a large number of peers.
You can apply attributes to BGP neighbors or BGP address families. Attributes that are not configurable for peer groups are those set by the following commands in BGP neighbor configuration mode: accept prefix-filter, local-as, and remote-as.
Use the peer-group command in BGP neighbor configuration mode to apply the characteristics of a peer group to one or more BGP neighbors. A neighbor can be assigned to a peer group only if the neighbor and the peer group is of the same type—external or internal BGP. If a neighbor belongs to a particular peer group, it cannot be configured to belong to another peer group. The previous peer group membership must first be explicitly deleted before the peer membership can be reconfigured.
Attributes are inherited from the peer group to which a neighbor is assigned. The following BGP neighbor configuration mode commands represent attributes that cannot be customized per neighbor when the neighbor is assigned to a peer group: advertisement-interval, ebgp-multihop, local-as, send community, and timers. Attributes inherited from a peer group that can be customized per neighbor include those set by the following commands: description, password, send prefix, shutdown, and update-source.
Use the peer-group command in BGP neighbor address family configuration mode to apply the characteristics of a peer group to one or more BGP neighbor address families. A BGP neighbor address family can belong to more than one peer group and can be modified to belong to a different peer group without having to delete the previous peer group association first.
Attributes are inherited from the peer group to which a BGP neighbor address family is assigned. The following commands in BGP neighbor address family configuration mode represent attributes that cannot be customized per address family once it is assigned to a peer group: as-path-list out, prefix-list out, remove-private-as, and route-map out. Attributes inherited from a peer group that can be customized per neighbor address family include those set by the following commands: as-path-list in, default-originate, maximum-prefix, prefix-list in, and route-map in.
By default, a configured peer group is automatically enabled. To disable a peer group, enter the shutdown command in BGP peer group configuration mode.
Use the no form of this command to remove a peer group.
The following example assigns the BGP neighbor at IP address 10.1.1.1 to the peer group pgrp-101. The BGP neighbor at IP address 10.1.1.1 inherits all of its configuration from peer group pgrp-101. The configuration also assigns the BGP neighbor at IP address 10.2.2.2 to the peer group pgrp-200. The BGP neighbor at IP address 10.2.2.2 inherits all outbound routing policies and the properties of the remove-private-AS command from peer group pgrp-200, but does not inherit the group’s inbound policies or description information:
[local]Redback(config-ctx)#router bgp 101 [local]Redback(config-bgp)#peer-group pgrp-101 internal [local]Redback(config-bgp-peer-group)#description config IBGP neighbors [local]Redback(config-bgp-peer-group)#password encrypted 8F733D8CD3F98AE0 [local]Redback(config-bgp-peer-group)#update-source interface1 [local]Redback(config-bgp-peer-group)#next-hop-self [local]Redback(config-bgp-peer-group)#address-family ipv4 unicast [local]Redback(config-bgp-peer-af)#maximum prefix 20000 [local]Redback(config-bgp-peer-af)#exit [local]Redback(config-bgp-peer-group)#exit [local]Redback(config-bgp)#peer-group pgrp-200 external [local]Redback(config-bgp-peer-group)#ebgp-multihop 10 [local]Redback(config-bgp-peer-group)#address-family ipv4 unicast [local]Redback(config-bgp-peer-af)#as-path-list aspath-in in [local]Redback(config-bgp-peer-af)#as-path-list aspath-out out [local]Redback(config-bgp-peer-af)#remove-private-AS [local]Redback(config-bgp-peer-af)#exit [local]Redback(config-bgp-peer-group)#exit [local]Redback(config-bgp)#neighbor 10.1.1.1 internal [local]Redback(config-bgp-neighbor)#peer-group pgrp-101 [local]Redback(config-bgp-neighbor)#address-family ipv4 unicast [local]Redback(config-bgp-neighbor)#exit [local]Redback(config-bgp)#neighbor 10.2.2.2 external [local]Redback(config-bgp-neighbor)#peer-group pgrp-200 [local]Redback(config-bgp-neighbor)#remote-as 200 [local]Redback(config-bgp-neighbor)#description neighbor at corpA [local]Redback(config-bgp-neighbor)#address-family ipv4 unicast [local]Redback(config-bgp-peer-af)#as-path-list as-in in [local]Redback(config-bgp-peer-af)#as-path-list as-out out [local]Redback(config-bgp-peer-af)#route-map rtmap-out out
peer id peer-name
no peer id peer-name
Filters incoming new neighbor connections using the sender name of the incoming Access Node Control Protocol (ANCP) neighbor peer.
peer-name |
Name of an ANCP neighbor peer. |
If a peer name is not specified for this profile, there is no restriction on the sender name in a received General Switch Management Protocol (GSMP) adjacency protocol message from an ANCP neighbor peer.
Use the peer id command to filter incoming new neighbor connections using the sender name of the incoming ANCP neighbor peer. The sender name is in the GSMP adjacency protocol message from the ANCP neighbor peer.
Use the no form of this command to specify the default condition.
The following example specifies a name for an ANCP neighbor peer:
[local]Redback(config-ancp-neighbor)#peer id 01:02:03:04:05:06
peer ip-address ip-addr
no peer ip-address ip-addr
Filter incoming new neighbor connections using the IP address of the incoming Access Node Control Protocol (ANCP) neighbor peer.
ip-addr |
IP address of an ANCP neighbor peer. |
If an IP address is not specified for this profile, there is no restriction on the IP address in a received General Switch Management Protocol (GSMP) adjacency protocol message from an ANCP neighbor peer.
Use the peer ip-address command to filter incoming new neighbor connections using the IP address of the incoming ANCP neighbor peer. The incoming IP address is matched against the specified IP address and the connection rejected if there is no match.
Use the no form of this command to specify the default condition.
The following example specifies IP address for an ANCP neighbor peer:
[local]Redback(config-ancp-neighbor)#peer ip-address 30.100.1.20
peer name l2tp-peer-name {preference priority | weight weight}
no peer name l2tp-peer-name
Adds an existing peer to the current Layer 2 Tunneling Protocol (L2TP) group.
L2TP group configuration
name l2tp-peer-name |
Name of the peer to be added to the current L2TP group. |
preference priority |
Priority for the priority algorithm when assigning sessions to this peer. |
weight weight |
Weight for the weighted-round-robin algorithm when assigning sessions to this peer. |
No peer is added to the current L2TP group.
Use the peer command to add an existing peer to an L2TP group. The l2tp-peer-name argument is the peer name specified in the l2tp-peer command in context configuration mode or its domain alias, specified by the domain command in L2TP peer configuration mode.
Use the preference priority construct to override the implicit priority for the peer, if you have specified the priority keyword in the algorithm command (in L2TP group configuration mode). Otherwise, the implicit priority is the order in which the peer commands are run, with the first peer entered having the highest priority.
If you have specified the weighted-round-robin keyword in the algorithm command (in L2TP group configuration mode), use the weight weight construct to assign a weight for the peer to be used in the calculation of the priority.
This command takes effect immediately, but does not affect Point-to-Point Protocol (PPP) sessions that are already established; only future PPP sessions.
Use the no form of this command to remove the named peer from the group.
The following example shows how to select (or create) an L2TP group, add three L2TP peers to the group, sets the algorithm to strict priority, and set the deadtime to 5 minutes:
[local]Redback(config-ctx)#l2tp-group name group1 [local]Redback(config-l2tp-group)#algorithm priority [local]Redback(config-l2tp-group)#peer name sweet1 preference 10 [local]Redback(config-l2tp-group)#peer name sweet2 preference 20 [local]Redback(config-l2tp-group)#peer name sweet3 preference 30 [local]Redback(config-l2tp-group)#default deadtime
peer peer-addr
Specify the IP address of the peer router that can be reached through the LSPs on the current router and enter L2VPN profile peer configuration mode.
peer-addr |
IP address of the peer router. |
none.
Use the peer command to specify the IP address of the peer router that can be reached through the LSPs on the current router and enter L2VPN profile peer configuration mode.
The following example shows how to specify the IP address of the peer router in an L2VPN profile called pr1:
[local]Redback(config)#l2vpn profile pr1 Redback(config-l2vpn-xc-profile)peer 111.111.111.111 Redback(config-l2vpn-xc-profile-peer)
peer peer-addr local-tcp-source if-name
no peer peer-addr local-tcp-source if-name
Configures an Multicast Source Discovery Protocol (MSDP) peer and enters MSDP peer configuration mode.
MSDP router configuration
peer-addr |
IP address of the router that is to be the MSDP peer. |
local-tcp-source if-name |
Name of the interface whose address becomes the source IP address for Transmission Control Protocol (TCP) connection. |
None
Use the peer command to configure an MSDP peer and enter MSDP peer configuration mode for peer-specific configurations.
Use the no form of this command to delete an MSDP peer.
The following example configures a router with an IP address of 192.168.1.1 to be an MSDP peer that uses the ToWan12 interface for the TCP connection:
[local]Redback(config-ctx)#router msdp [local]Redback(config-msdp)#peer 192.168.1.1 local-tcp-source ToWan12 [local]Redback(config-msdp-peer)#
peer ip-addr [prefer] [source if-name] [version num]
{no | default} peer ip-addr [prefer] [source if-name] [version num]
Configures an NTP peer for a context.
NTP server configuration
ip-addr |
IP address of the NTP peer. |
prefer |
Configures this peer as preferred to provide synchronization. |
source if-name |
Interface name for outgoing NTP messages; the interface connected to the subnet for NTP broadcasting. The default is the outgoing interface. |
version num |
NTP version number to be used; can be 1-3. The default is 3. |
There is no NTP peer enabled in the context.
To configure the system clock to synchronize a peer or to be synchronized by a peer, enable an NTP server in a context with the peer command.
To disable the NTP server, use the no form of the command.
The following example configures an NTP peer in the isp202 context:
[local]Redback(config)#context isp202 [local]Redback(config-ctx)#ntp-mode [local]Redback(config-ntp-server)#peer 1.1.1.5 version 3 source ntp
periodic day... hh:mm to hh:mm {{permit | deny} | class class-name}
no periodic day... hh:mm to hh:mm
Creates a periodic time access control list (ACL) condition statement.
ACL condition configuration
day... |
One or more days of the week in which the ACL condition is applied. |
hh:mm |
Hour and minute, for each specified day of the week, to start the ACL condition. |
to hh:mm |
Hour and minute, for each specified day of the week, to stop the ACL condition. |
permit |
Applies permit action, during the specified time ranges, to all ACL statements that reference the ACL condition. |
deny |
Applies deny action, during the specified time ranges, to all ACL statements that reference the ACL condition. Used only with IP ACLs. |
class class-name |
Name of the class assigned to policy ACL statements that reference the ACL condition. Used only with policy ACLs. |
None
Use the periodic command to create a periodic time ACL condition statement that permits or denies packets, or assigns packets to a class, based on specific date and time ranges. A periodic time ACL condition is referenced by either an IP ACL statement or a policy ACL statement.
Each ACL condition statement can include up to seven absolute or periodic time statements in any combination.
Use the no form of this command to delete the periodic time ACL condition statement.
The following example creates a periodic ACL condition statement for the ACL condition, 55, which is referenced by the policy ACL, policy_acl_2, such that the Bar003 class name is applied every Wednesday from 9:00 p.m. to 11:00 p.m (21:00 to 23:00 in 24-hour format) to packets assigned to the Bar003 class:
[local]Redback(config-ctx)#policy access-list policy_acl_2 [local]Redback(config-access-list)#condition 55 time-range [local]Redback(config-acl-condition)#periodic wednesday 21:00 to 23:00 class Bar003
Statements in IPv4 and IPv6 ACLs can contain different criteria; for syntax for statements for IPv6 ACLs, see permit (IPV6 ACL).
permit [protocol] {src src-wildcard | any | host src} [{cond port | range port end-port}] [max-sessions limit] [min-sessions limit] [dest dest-wildcard | any | host dest] [cond port | range port end-port] [length {cond length | range length end-length}] [icmp-type icmp-type [icmp-code icmp-code]] [igmp-type igmp-type] [dscp eq dscp-value] [established | setup | invalid-tcp-flags] [precedence prec-value] [tos tos-value] [[fragments] | [ip-options]] [class class-name] [condition cond-id]
{no | default} permit src src-wildcard
Creates an IP or policy access control list (ACL) statement to allow packets that meet the specified criteria.
access control list configuration
protocol |
Optional. Number indicating a protocol as specified in RFC 1700, Assigned Numbers. The range of values is 0 to 255 or one of the keywords listed in Table 8. |
src |
Source address to be included in the permit or deny criteria. An IP address in the form A.B.C.D. |
src-wildcard |
Indication of which bits in the source argument are significant for purposes of matching. Expressed as a 32-bit quantity in a 4-byte dotted-decimal format. Any zero-bits in the src-wildcard argument must be matched by the corresponding bits in the src argument. For any one-bits in the src-wildcard argument, the corresponding bits in the src argument are ignored. |
any |
Specifies a completely wildcarded source or destination IP address indicating that IP traffic to or from all IP addresses is to be included in the permit or deny criteria. Identical to 0.0.0.0 255.255.255.255. |
host source |
Address of a single-host source with no wild-card address bits. The host source construct is identical to the src src-wildcard construct if the wildcard address indicates that all bits should be matched (0.0.0.0). |
cond |
Optional. Matching condition for the port or length argument, according to one of the keywords listed in Table 9. |
port |
Optional. Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) source or destination port. This argument is only available if you specified TCP or UDP as the protocol. The range of values is 1 to 65,535 or one of the keywords listed in Table 10 and Table 11. |
range port end-port |
Optional if you specify the TCP or UDP protocol. Beginning and ending TCP or UDP source or destination ports that define a range of port numbers. A packet’s port must be within the specified range to match the criteria. The range of values is 1 to 65,535 or one of the keywords listed in Table 10 and Table 11. |
max-sessions limit |
Optional. Maximum number of sessions allowed for the specified IP address or IP subnet. This construct is only available for TCP. Use the ip access-list command with the ssh-and-telnet-acl keyword to apply an IP ACL to packets associated with an Secured Shell (SSH) or a Telnet server. The range of values is 1 to 32. |
min-sessions limit |
Optional. Minimum number of sessions allowed for the specified IP address or IP subnet. This construct is only available if you specify TCP as the protocol in this command and use the ip access-list command with the ssh-and-telnet-acl keyword to apply an IP ACL to packets associated with an SSH or a Telnet server. The range of values is 0 to 32. The sum of values specified for the min-sessions limit construct for all specified IP addresses or IP subnets must not exceed 32. |
dest |
Optional. Destination address to be included in the permit or deny criteria. An IP address in the form A.B.C.D. |
dest-wildcard |
Indication of which bits in the dest argument are significant for purposes of matching. Expressed as a 32-bit quantity in a 4-byte dotted-decimal format. Any zero-bits in the dest-wildcard argument must be matched by the corresponding bits in the dest argument. For one-bits in the dest-wildcard argument the corresponding bits in the dest argument are ignored. |
length |
Optional. Indicates that packet length is to be used as a filter. The packet length is the length of the network-layer packet, beginning with the IP header, regardlessof the specified protocol. |
length |
Packet length. The range of values is 20 to 65,535. |
range length end-length |
Packets that fall into the range of specified lengths. Each value (length and end-length) can be from 20 to 65,535. |
host dest |
Address of a single-host destination with no wildcarded address bits. The host dest construct is identical to the dest dest-wildcard construct, if the wildcard address indicates that all bits should be matched (0.0.0.0). |
icmp-type icmp-type |
Optional. Type of Internet Control Message Protocol (ICMP) packet to be matched. The range of values is 0 to 255 or one of the keywords listed in Table 12. This argument is only available if you specify the ICMP protocol. |
icmp-code icmp-code |
Optional if you use the icmp-type icmp-type construct. A particular ICMP message code to be matched. The range of values is 0 to 255. This argument is only accepted if you specified icmp as the protocol argument. |
igmp-type igmp-type |
Optional. Type of Internet Group Management Protocol (IGMP) packet to be matched. This argument is only accepted if you specified igmp as the protocol argument The range of values is 0 to 15 or one of the keywords listed in Table 13. |
dscp eq dscp-value |
Optional. Packet’s Differentiated Services Code Point (DSCP) value must be equal to the value specified in the dscp-value argument to match the criteria. The range of values is 0 to 63 or one of the keywords listed in Table 14. |
established |
Optional. Specifies that only established connections are to be matched. This keyword is only available if you specified tcp for the protocol argument. |
invalid-tcp-flags |
Optional. Specifies that TCP packets with flag combinations other than the following are a match:
Only the lower-order 6 bits (for example, FIN, SYN, RST, PSH, ACK, and URG) in the TCP Flags field are considered for validation. The higher order 6-bits (ECN bits defined by RFC 3168, The Addition of Explicit Congestion Notification (ECN) to IP, and the reserved bits) are ignored. This keyword is only available if you specify tcp for the protocol argument. |
setup |
Optional. Specifies that TCP packets with SYN set and ACK not set in the Flags field are a match. This keyword is only available if you specify tcp for the protocol argument. |
precedence prec-value |
Optional. Precedence value of packets to be considered a match. The range of values is 0 to 7, 7 being the highest precedence, or one of the keywords listed in Table 15. |
tos tos-value |
Optional. Type of service (ToS) to be considered a match. The range of values is 0 to 15 or one of the keywords listed in Table 16. |
fragments |
Optional. Allows packet to be permitted or denied based on whether the packet is fragmented. This keyword matches packets where the More-Fragments field is equal to 1 or the IP-Offset field is not equal to 0. |
ip-options |
Optional. Specifies that IPv4 packets with the IP Header Length field is greater than 20 are a match. |
class class-name |
Optional. Policy-based class name. Available for policy ACLs only. |
condition cond-id |
Optional. ACL condition ID in integer or IP address format. The ID range of values is 1 to 4,294,967,295. |
None
Use the permit command to create an IP or policy ACL statement to allow packets that meet the specified criteria.
To explicitly set the order of the statement in an ACL, use the seq permit command instead of this command.
In IPv4 statements, follow these guidelines:
Use the no form of this command to delete the statement with the specified sequence number from the ACL.
Table 8 lists the valid keyword values for the protocol argument:
Keyword |
Definition |
---|---|
ahp |
Authentication Header Protocol. |
esp |
Encapsulation Security Payload. |
gre |
Generic Routing Encapsulation. |
host |
Host source address. |
icmp |
Internet Control Message Protocol. |
igmp |
Internet Group Management Protocol. |
ip |
Any IP protocol. |
ipinip |
IP-in-IP tunneling. |
ospf |
Open Shortest Path First. |
pcp |
Payload Compression Protocol. |
pim |
Protocol Independent Multicast. |
tcp |
Transmission Control Protocol. |
udp |
User Datagram Protocol. |
Table 9 lists the valid keyword values for the cond argument.
Keyword |
Description |
---|---|
eq |
Equal to |
gt |
Greater than |
lt |
Less than |
neq |
Not equal to |
Table 10 lists the valid keyword values for the port argument when it is used to specify a TCP port.
Keyword |
Definition |
Corresponding Port Number |
---|---|---|
bgp |
Border Gateway Protocol (BGP) |
179 |
chargen |
Character generator |
19 |
cmd |
Remote commands (rcmd) |
514 |
daytime |
Daytime |
13 |
discard |
Discard |
9 |
domain |
Domain Name System |
53 |
echo |
Echo |
7 |
exec |
Exec (rsh) |
512 |
finger |
Finger |
79 |
ftp |
File Transfer Protocol |
21 |
ftp-data |
FTP data connections (used infrequently) |
20 |
gopher |
Gopher |
70 |
hostname |
Network interface card (NIC) hostname server |
101 |
ident |
Identification protocol |
113 |
irc |
Internet Relay Chat |
194 |
klogin |
Kerberos login |
543 |
kshell |
Kerberos Shell |
544 |
login |
Login (rlogin) |
513 |
lpd |
Printer service |
515 |
nntp |
Network News Transport Protocol |
119 |
pim-auto-rp |
Protocol Independent Multicast Auto-RP |
496 |
pop2 |
Post Office Protocol Version 2 |
109 |
pop3 |
Post Office Protocol Version 3 |
110 |
shell |
Remote command shell |
514 |
smtp |
Simple Mail Transport Protocol |
25 |
ssh |
Secure Shell |
22 |
sunrpc |
Sun Remote Procedure Call |
111 |
syslog |
System logger |
514 |
tacacs |
Terminal Access Controller Access Control System |
49 |
talk |
Talk |
517 |
telnet |
Telnet |
23 |
time |
Time |
37 |
uucp |
UNIX-to-UNIX Copy Program |
540 |
whois |
Nickname |
43 |
www |
World Wide Web (HTTP) |
80 |
Table 11 lists the valid keyword values for the port argument when it is used to specify a UDP port.
Keyword |
Definition |
Corresponding Port Number |
---|---|---|
biff |
Biff (Mail Notification, Comsat) |
512 |
bootpc |
Bootstrap Protocol client |
68 |
bootps |
Bootstrap Protocol server |
67 |
discard |
Discard |
9 |
dnsix |
DNSIX Security Protocol Auditing |
195 |
domain |
Domain Name System |
53 |
echo |
Echo |
7 |
isakmp |
Internet Security Association and Key Management Protocol (ISAKMP) |
500 |
mobile-ip |
Mobile IP Registration |
434 |
nameserver |
IEN116 Name Service (obsolete) |
42 |
netbios-dgm |
NetBIOS Datagram Service |
138 |
netbios-ns |
NetBIOS Name Service |
137 |
netbios-ss |
NetBIOS Session Service |
139 |
ntp |
Network Time Protocol |
123 |
pim-auto-rp |
Protocol Independent Multicast Auto-RP |
496 |
rip |
Router Information Protocol (router, in.routed) |
520 |
snmp |
Simple Network Management Protocol |
161 |
snmptrap |
SNMP Traps |
162 |
sunrpc |
Sun Remote Procedure Call |
111 |
syslog |
System logger |
514 |
tacacs |
Terminal Access Controller Access Control System |
49 |
talk |
Talk |
517 |
tftp |
Trivial File Transfer Protocol |
69 |
time |
Time |
37 |
who |
Who Service (rwho) |
513 |
xdmcp |
X Display Manager Control Protocol |
177 |
Table 12 lists the valid keyword values for the icmp-type argument.
Keyword |
Description |
---|---|
administratively-prohibited |
Administratively prohibited |
alternate-address |
Alternate address |
conversion-error |
Datagram conversion |
dod-host-prohibited |
Host prohibited |
dod-net-prohibited |
Net prohibited |
echo |
Echo (ping) |
echo-reply |
Echo reply |
general-parameter-problem |
General parameter problem |
host-isolated |
Host isolated |
host-precedence-unreachable |
Host unreachable for precedence |
host-redirect |
Host redirect |
host-tos-redirect |
Host redirect for ToS |
host-tos-unreachable |
Host unreachable for ToS |
host-unknown |
Host unknown |
host-unreachable |
Host unreachable |
information-reply |
Information replies |
information-request |
Information requests |
log |
Log matches against this entry |
log-input |
Log matches against this entry, including input interface |
mask-reply |
Mask replies |
mask-request |
Mask requests |
mobile-redirect |
Mobile host redirects |
net-redirect |
Network redirect |
net-tos-redirect |
Network redirect for ToS |
net-tos-unreachable |
Network unreachable for ToS |
net-unreachable |
Network unreachable |
network-unknown |
Network unknown |
no-room-for-option |
Parameter required but no room |
option-missing |
Parameter required but not present |
packet-too-big |
Fragmentation needed and DF set |
parameter-problem |
All parameter problems |
port-unreachable |
Port unreachable |
precedence |
Match packets with given precedence value |
precedence-unreachable |
Precedence cutoff |
protocol-unreachable |
Protocol unreachable |
reassembly-timeout |
Reassembly timeout |
redirect |
All redirects |
router-advertisement |
Router discovery advertisement |
router-solicitation |
Router discovery solicitation |
source-quench |
Source quenches |
source-route-failed |
Source route failed |
time-exceeded |
All time exceeded messages |
time-range |
Specify a time-range |
timestamp-reply |
Timestamp replies |
timestamp-request |
Timestamp requests |
tos |
Match packets with given type of service (ToS) value |
traceroute |
Traceroute |
ttl-exceeded |
TTL Exceeded |
unreachable |
All unreachables |
Table 13 lists the valid keyword values for the igmp-type argument.
Keyword |
Description |
---|---|
dvmrp |
Specifies Distance-Vector Multicast Routing Protocol. |
Host-query |
Specifies host query. |
Host-report |
Specifies host report. |
pim |
Specifies Protocol Independent Multicast. |
Table 14 lists the valid keyword values for the dscp-value argument.
Keyword |
Definition |
---|---|
af11 |
Assured Forwarding—Class 1/Drop precedence 1 |
af12 |
Assured Forwarding—Class 1/Drop precedence 2 |
af13 |
Assured Forwarding—Class 1/Drop precedence 3 |
af21 |
Assured Forwarding—Class 2/Drop precedence 1 |
af22 |
Assured Forwarding—Class 2/Drop precedence 2 |
af23 |
Assured Forwarding—Class 2/Drop precedence 3 |
af31 |
Assured Forwarding—Class 3/Drop precedence 1 |
af32 |
Assured Forwarding—Class 3/Drop precedence 2 |
af33 |
Assured Forwarding—Class 3/Drop precedence 3 |
af41 |
Assured Forwarding—Class 4/Drop precedence 1 |
af42 |
Assured Forwarding—Class 4/Drop precedence 2 |
af43 |
Assured Forwarding—Class 4/Drop precedence 3 |
cs0 |
Class Selector 0 |
cs1 |
Class Selector 1 |
cs2 |
Class Selector 2 |
cs3 |
Class Selector 3 |
cs4 |
Class Selector 4 |
cs5 |
Class Selector 5 |
cs6 |
Class Selector 6 |
cs7 |
Class Selector 7 |
df |
Default Forwarding (same as cs0) |
ef |
Expedited Forwarding |
Table 15 lists the valid keyword values for the prec-value argument.
Keyword |
Description |
---|---|
tine |
Specifies routine precedence (value=0). |
priority |
Specifies priority precedence (value=1). |
immediate |
Specifies immediate precedence (value=2). |
flash |
Specifies flash precedence (value=3). |
flash-override |
Specifies flash override precedence (value=4). |
critical |
Specifies critical precedence (value=5). |
internet |
Specifies internetwork control precedence (value=6). |
network |
Specifies network control precedence (value=7). |
Table 16 lists the valid keyword values for the tos-value argument.
Keyword |
Description |
---|---|
max-reliability |
Specifies maximum reliable ToS (value=2). |
max-throughput |
Specifies maximum throughput ToS (value=4). |
min-delay |
Specifies minimum delay ToS (value=8). |
min-monetary-cost |
Specifies minimum monetary cost ToS (value=1). |
normal |
Specifies normal ToS (value=0). |
The following example specifies that all IP traffic from subnet 10.25/16 is to be allowed. All other traffic is dropped because of the implicit deny any any statement at the end of the ACL:
[local]Redback(config-ctx)#ip access-list protect201 [local]Redback(config-access-list)#permit ip 10.25.0.0 0.0.255.255 any
Statements in IPv4 and IPv6 ACLs can contain different criteria; for syntax for statements for IPv4 ACLs, see permit (IPV4 ACL).
permit[protocol] {src-ipv6-addr/prefix-length | any } [cond ] [range port end-port] [dest-ipv6-addr/prefix-length | any ] [icmp-type icmp-type] [icmp-code icmp-code]] [established] [traffic-class eq traffic-class-value] [condition cond-id]
no seq seq-num
Creates an IPv6 access control list (ACL) statement that allows packets that meet the specified criteria.
access control list configuration
protocol |
Optional. Number indicating a supported protocol as specified in RFC 1700, Assigned Numbers. The range of values is 0 to 255 or one of the keywords listed in: For statements in IPv6 ACLs, see Table 17. |
src-ipv6-address/prefix-length |
The traffic source to add to the statement criteria. The src-ipv6-address argument is in the format A:B:C:D::E/prefix-length, where the prefix length can be from 0 to 128. |
any |
Indicates that IP traffic to or from all IP addresses is to be included in the permit criteria. |
cond |
Required if you specify the TCP or UDP protocol. Matching condition according to one of the keywords listed in Table 18. |
range port end-port |
Optional if you specify the TCP or UDP protocol. Beginning and ending TCP or UDP source or destination ports that define a range of port numbers. A packet’s port must be within the specified range to match the criteria. The range of values is 1 to 65,535 or one of the keywords listed in Table 19 and Table 20. |
dest-ipv6-addr/prefix-length |
The traffic destination to be matched. The src-ipv6-address/prefix-length argument is in the format A:B:C:D::E/prefix-length, where the range of values for the prefix-length can be from 0 to 128. |
icmp-type icmp-type |
Optional. Type of ICMP packet to be matched. The range of values is 0 to 255 or one of the keywords listed in Table 21. This argument is only available if you specify icmp for the protocol argument. |
icmp-code icmp-code |
Optional if you use the icmp-type icmp-type construct. A particular ICMP message code to be matched. The range of values is 0 to 255. |
established |
Optional with the TCP protocol. Specifies that only established TCP port connections are to be matched. This keyword is only available if you specify tcp for the protocol argument. |
traffic eq traffic-class-value |
Optional. Type of traffic class to be matched. The traffic-class-value argument is a DSCP; the range of values is from 0 to 63 or one of the DSCP keywords in Table 22. |
condition cond-id |
Optional. Matching ACL condition ID, in integer or IP address format. The ID range of values is 1 to 4,294,967,295. Not supported with IPv6 administrative ACLs. |
None
Use the permit command to create an IP ACL statement to allow packets that meet the specified criteria. This command does not set the order of the statement in the ACL; the SmartEdge OS does this automatically. To explicitly set the order of the statements in the ACL, use the seq permit command.
In IPv6 statements, a total of 100 rules can be added to an ACL.
IPv6 administrative ACLs (in contexts) automatically enable IPv6 Neighbor Discovery.
Use the no form of this command to delete the statement with the specified sequence number from the ACL.
Table 17 lists the valid keyword values for the protocol argument:
icmp |
ICMP version 6; requires the IPv6 source prefix in the format 1:2:3:4:5:6:7::8/48 or the any keyword. |
ipv6 |
Any IPv6 Protocol (excluding IPv6 extension headers). Requires the IPv6 source prefix in the format 1:2:3:4:5:6:7::8/48 or the any keyword. |
ospf |
Open Shortest Path First. |
pcp |
Payload Compression Protocol |
pim |
Protocol Independent Multicast. |
tcp |
Transmission Control Protocol. |
udp |
User Datagram Protocol. |
Table 18 lists the valid keyword values for the cond argument.
Keyword |
Description |
---|---|
eq |
Equal to |
gt |
Greater than |
lt |
Less than |
neq |
Not equal to |
Table 19 lists the valid keyword values for the port argument when it is used to specify a TCP port.
Keyword |
Definition |
Corresponding Port Number |
---|---|---|
bgp |
Border Gateway Protocol (BGP) |
179 |
chargen |
Character generator |
19 |
cmd |
Remote commands (rcmd) |
514 |
daytime |
Daytime |
13 |
discard |
Discard |
9 |
domain |
Domain Name System |
53 |
echo |
Echo |
7 |
exec |
Exec (rsh) |
512 |
finger |
Finger |
79 |
ftp |
File Transfer Protocol |
21 |
ftp-data |
FTP data connections (used infrequently) |
20 |
gopher |
Gopher |
70 |
hostname |
Network interface card (NIC) hostname server |
101 |
ident |
Identification protocol |
113 |
irc |
Internet Relay Chat |
194 |
klogin |
Kerberos login |
543 |
kshell |
Kerberos Shell |
544 |
login |
Login (rlogin) |
513 |
lpd |
Printer service |
515 |
nntp |
Network News Transport Protocol |
119 |
pim-auto-rp |
Protocol Independent Multicast Auto-RP |
496 |
pop2 |
Post Office Protocol Version 2 |
109 |
pop3 |
Post Office Protocol Version 3 |
110 |
shell |
Remote command shell |
514 |
smtp |
Simple Mail Transport Protocol |
25 |
ssh |
Secure Shell |
22 |
sunrpc |
Sun Remote Procedure Call |
111 |
syslog |
System logger |
514 |
tacacs |
Terminal Access Controller Access Control System |
49 |
talk |
Talk |
517 |
telnet |
Telnet |
23 |
time |
Time |
37 |
uucp |
UNIX-to-UNIX Copy Program |
540 |
whois |
Nickname |
43 |
www |
World Wide Web (HTTP) |
80 |
Table 20 lists the valid keyword values for the port argument when it is used to specify a UDP port.
Keyword |
Definition |
Corresponding Port Number |
---|---|---|
biff |
Biff (Mail Notification, Comsat) |
512 |
bootpc |
Bootstrap Protocol client |
68 |
bootps |
Bootstrap Protocol server |
67 |
discard |
Discard |
9 |
dnsix |
DNSIX Security Protocol Auditing |
195 |
domain |
Domain Name System |
53 |
echo |
Echo |
7 |
isakmp |
Internet Security Association and Key Management Protocol (ISAKMP) |
500 |
mobile-ip |
Mobile IP Registration |
434 |
nameserver |
IEN116 Name Service (obsolete) |
42 |
netbios-dgm |
NetBIOS Datagram Service |
138 |
netbios-ns |
NetBIOS Name Service |
137 |
netbios-ss |
NetBIOS Session Service |
139 |
ntp |
Network Time Protocol |
123 |
pim-auto-rp |
Protocol Independent Multicast Auto-RP |
496 |
rip |
Router Information Protocol (router, in.routed) |
520 |
snmp |
Simple Network Management Protocol |
161 |
snmptrap |
SNMP Traps |
162 |
sunrpc |
Sun Remote Procedure Call |
111 |
syslog |
System logger |
514 |
tacacs |
Terminal Access Controller Access Control System |
49 |
talk |
Talk |
517 |
tftp |
Trivial File Transfer Protocol |
69 |
time |
Time |
37 |
who |
Who Service (rwho) |
513 |
xdmcp |
X Display Manager Control Protocol |
177 |
Table 21 lists the valid keyword values for the icmp-type argument.
Keyword |
Description |
---|---|
destination-unreachable |
Destination-unreachable message |
echo-reply |
Echo reply message |
echo-request |
Echo request message |
mipv6 |
Mobile IPv6 message; can be:
|
mld |
Multicast Listener Discovery |
nd |
Neighbor Discovery message; can be:
|
packet-too-big |
Fragmentation needed and DF set |
parameter-problem |
All parameter problems |
renumbering |
Router renumbering message |
send |
Secure Neighbor Discovery messages; can be:
|
time-exceeded |
All time exceeded messages |
Table 22 lists the valid keyword values for the traffic-class-value argument.
Keyword |
Definition |
---|---|
af11 |
Assured Forwarding—Class 1/Drop precedence 1 |
af12 |
Assured Forwarding—Class 1/Drop precedence 2 |
af13 |
Assured Forwarding—Class 1/Drop precedence 3 |
af21 |
Assured Forwarding—Class 2/Drop precedence 1 |
af22 |
Assured Forwarding—Class 2/Drop precedence 2 |
af23 |
Assured Forwarding—Class 2/Drop precedence 3 |
af31 |
Assured Forwarding—Class 3/Drop precedence 1 |
af32 |
Assured Forwarding—Class 3/Drop precedence 2 |
af33 |
Assured Forwarding—Class 3/Drop precedence 3 |
af41 |
Assured Forwarding—Class 4/Drop precedence 1 |
af42 |
Assured Forwarding—Class 4/Drop precedence 2 |
af43 |
Assured Forwarding—Class 4/Drop precedence 3 |
cs0 |
Class Selector 0 |
cs1 |
Class Selector 1 |
cs2 |
Class Selector 2 |
cs3 |
Class Selector 3 |
cs4 |
Class Selector 4 |
cs5 |
Class Selector 5 |
cs6 |
Class Selector 6 |
cs7 |
Class Selector 7 |
df |
Default Forwarding (same as cs0) |
ef |
Expedited Forwarding |
The following example denies TCP traffic with the prefix 22:1:1::2/128 with default forwarding (DSCP code df) and all UDP traffic from port 80 or 81, and permits all IPv6 traffic:
[local]Redback(config-ctx)#ipv6 access-list listmgt [local]Redback(config-access-list)#deny tcp 22:1:1::2/128 any traffic-class eq df [local]Redback(config-access-list)#deny udp any any range 80 81 [local]Redback(config-access-list)#permit ipv6 any any
{permit | deny} {reg-exp | any} | {community-num | ext-community-num | local-as | no-advertise | no-export | any | reg-exp reg-exp} | {{ip-addr/prefix-length | ipv6-addr/prefix-length} [{eq eq-value | ge ge-value | [le le-value]}] | any}:
seq seq-num {permit | deny} {reg-exp | any} | {community-num | ext-community-num | local-as | no-advertise | no-export | any | reg-exp reg-exp} | {ip-addr/prefix-length [{eq eq-value | ge ge-value | [le le-value]}] | any}
no seq seq-num
Permits or denies routes matching the specified criteria.
AS path list configuration mode:
reg-exp |
AS path regular expression. |
any |
Wildcard that matches on any AS path list number. |
community-num |
Community number, which can be specified only when configuring a community list. It can be expressed in either of the following formats:
You can specify a single community number or multiple community numbers separated by a space. (All numbers must match a community in the route being tested in order for the statement to match.) |
ext-community-num |
Extended community number, which can be specified only when configuring an extended community list. It can be expressed in either of the following formats:
You can specify a single extended community number or multiple extended community numbers separated by a space. (All numbers must match an extended community in the route being tested in order for the statement to match.) |
local-as |
Propagates this route to peers in other subautonomous systems within the confederation. Does not advertise this route to an external Border Gateway Protocol (eBGP) peer. |
no-advertise |
Does not advertise this route to any peer (internal or external). |
no-export |
Does not advertise this route out of the confederation, or out of the local AS, if this peer is not part of a confederation. |
reg-exp reg-exp |
Regular expression used to match the ASCII representation of the route’s community attribute. The ASCII representation of the community attributes includes all the communities in aa:nn format. Each entry must be separated by a space. |
any |
Wildcard that matches on any community number. |
IP prefix list configuration mode:
ip-addr |
IP address in the form A.B.C.D. |
prefix-length |
Prefix length. The range of values is 0 to 32. |
eq eq-value |
Optional. Equal to value. The eq-value argument specifies a value to which a route’s prefix length must match; the eq keyword indicates that the route’s prefix length must exactly match the eq-value. The range of values for the eq-value argument is 1 to 32. |
ge ge-value |
Optional. Greater than or equal to value. The ge-value argument specifies a value to which a route’s prefix length must match; the ge keyword indicates that the route’s prefix length must be greater than or equal to the ge-value to match. The range of values for the ge-value argument is 1 to 32. |
le le-value |
Optional. Less than or equal to value. The le-value argument specifies a value to which a route’s prefix length must match; the le keyword indicates that the route’s prefix length must be less than or equal to the le-value to match. The range of values for the le-value argument is 1 to 32. |
any |
Wildcard that matches on any prefix. |
IPv6 prefix list configuration mode:
ipv6-addr |
IP Version 6 (IPv6) address in the form A:B:C:D:E:F:G:H. |
prefix-length |
Prefix length. The range of values is 0 to 128. |
eq eq-value |
Optional. Equal to value. The eq-value argument specifies a value to which a route’s prefix length must match; the eq keyword indicates that the route’s prefix length must exactly match the eq-value. The range of values for the eq-value argument is 1 to 128. |
ge ge-value |
Optional. Greater than or equal to value. The ge-value argument specifies a value to which a route’s prefix length must match; the ge keyword indicates that the route’s prefix length must be greater than or equal to the ge-value to match. The range of values for the ge-value argument is 1 to 128. |
le le-value |
Optional. Less than or equal to value. The le-value argument specifies a value to which a route’s prefix length must match; the le keyword indicates that the route’s prefix length must be less than or equal to the le-value to match. The range of values for the le-value argument is 1 to 128. |
any |
Wildcard that matches on any prefix. |
None
Use the {permit | deny} command to permit or deny any routes matching the specified criteria.
Use the seq seq-num form of this command to specify the sequence number of the statement you are creating. If you do not use the seq seq-num construct, the system automatically assigns sequence numbers in increments of 10. The range of values is 1 to 4,294,967,295.
Use the no seq seq-num form of this command to delete a specific sequence number from the AS path list, community list, extended community list, IP prefix list, or IPv6 prefix list.
The following example ensures that the BGP neighbor at IP address 10.1.1.1 is not sent advertisements about any path to or from the adjacent autonomous system 3:
[local]Redback(config-ctx)#as-path-list aspath-1 [local]Redback(config-as-path-list)#seq 5 deny _3_ [local]Redback(config-ctx)#as-path-list 10 seq 10 permit .* [local]Redback(config-ctx)#route-map drop-asp-3 permit 10 [local]Redback(config-route-map)#match as-path-list 10 . . . [local]Redback(config-ctx)#router bgp 65015 [local]Redback(config-group)#neighbor 10.1.1.1 [local]Redback(config-peer)#route-map drop-asp-3 out
The following example configures community list permit_local to propagate routes to peers within the local autonomous system (local-AS):
[local]Redback(config-ctx)#community-list permit_local [local]Redback(config-community-list)#seq 10 [local]Redback(config-community-list)#permit local-AS
pim accept-rp rp-addr [acl-name]
no pim accept-rp rp-addr
Accepts an IP address as being a valid rendezvous point (RP) address for a specific Internet Group Management Protocol (IGMP) group.
context configuration
rp-addr |
IP address of the RP. |
acl-name |
Optional. Name of the access control list (ACL) used to filter RP addresses. |
None
Use the pim accept-rp command to accept an IP address as being a valid RP address for a specific IGMP group.
To determine if the RP should be accepted, the router checks the Group-to-RP mapping cache for a matching entry for the group. If there is a matching entry, the RP is accepted.
Use the acl-name argument to compare the RP address to the specified ACL to determine if the filter permits the RP address.
Use the no form of this command to remove an accepted RP address.
The following example configures the router to accept or reject the RP address, 192.168.100.1, as a valid RP:
[local]Redback(config)#context isp1 [local]Redback(config-ctx)#pim accept-rp 192.168.100.1
pim anycast-rp anycast-addr rp-addr
no pim anycast-rp anycast-addr rp-addr
Configures anycast rendezvous point (RP) functionality on a Protocol Independent Multicast-Sparse Mode (PIM-SM) router.
context configuration
anycast-addr |
IP address of the anycast RP set. This is the IP address used by the multicast groups or sources to join or register. |
rp-addr |
IP address of the router configured with anycast RP. This is the IP address to where the Register messages are forwarded. |
Anycast RP is not configured on the router.
Use the pim anycast-rp command to configure anycast RP functionality on a PIM-SM router.
Use the no form of this command to disable anycast RP functionality on a PIM-SM router.
The following example configures the IP address for the anycast RP to 10.10.10.20, and the IP address of the router to 192.168.20.34:
[local]Redback(config-ctx)#pim anycast-rp 10.10.10.20 192.160.20.34
pim bfd
{no | default} pim bfd
Enables BFD for a PIM interface that has BFD disabled.
interface configuration.
This command has no keywords or arguments.
BFD is automatically enabled on an interface when PIM is enabled on that interface.
Use the pim bfd command to enable BFD on a PIM interface that has BFD disabled. PIM interfaces that have BFD disabled do not receive BFD status updates from neighbors.
Use the show pim interface command to see if BFD is enabled or disabled on an interface.
Use the no form of this command to disable BFD on a PIM interface. Use the default form of this command to reenable BFD on a PIM interface that has BFD disabled.
The following example shows how to disable BFD on a PIM interface:
[local]Redback(config-ctx)#interface foo [local]Redback(config-if)#no pim bfd
The following example shows how to reenable BFD on a PIM interface that has BFD disabled:
[local]Redback(config-ctx)#interface foo [local]Redback(config-if)#pim bfd
pim bsr-border
no pim bsr-border
Configures the router to neither send nor receive bootstrap router (BSR) messages.
interface configuration
This command has no keywords or arguments.
None
Use the pim bsr-border command to configure the router to neither send nor receive BSR messages.
Use the no form of this command to resume the flow of BSR messages to and from the router.
The following example configures the router to neither send nor receive BSR messages:
[local]Redback(config-ctx)#interface enet01 [local]Redback(config-if)#pim bsr-border
pim bsr-candidate if-name hash-mask-len priority
no pim bsr-candidate if-name hash-mask-len priority
Configures a router to begin serving as a candidate bootstrap router (C-BSR).
context configuration
if-name |
Unicast rendezvous point (RP) address corresponding to the IP address of the interface to be used by the BSR. |
hash-mask-len |
Value contained in BSR messages that will be used by all routers to hash (map) to an RP. It is recommended to use a value between 24 and 30. |
priority |
Value used to specify the BSR election priority among different candidate BSRs. A larger value wins over a smaller value. |
None
Use the pim bsr-candidate command to configure a router to begin serving as a C-BSR. and participate in the BSR election process. If this router wins the BSR election, all candidate RPs advertise their candidacy to this router. The BSR caches and advertises the RP sets via the Protocol Independent Multicast (PIM) bootstrap messages to the entire PIM domain.
Use the no form of this command to decline the router’s BSR candidacy.
The following example configures a router to begin serving as a C-BSR using the interface, intfe1/1, with a hash mask length of 27 and a priority of 12:
[local]Redback(config)#context isp01 [local]Redback(config-ctx)#pim bsr-candidate intfe1/1 27 12
pim dense-mode
{no | default} pim dense-mode
Enables Protocol Independent Multicast-Dense Mode (PIM-DM).
interface configuration
This command has no keywords or arguments.
None
Use the pim dense-mode command to enable PIM-DM on an interface.
Use the no or default form of this command to disable PIM-DM on an interface.
The following example enables PIM-DM on the interface, southpoint:
[local]Redback(config-ctx)#interface southpoint [local]Redback(config-if)#pim dense-mode
pim dr-priority priority
{no | default} pim dr-priority priority
Specifies the election priority value for a designated router (DR).
interface configuration
priority |
Value used in the DR election process. The router with the highest priority value is elected as the DR. |
The default priority value is 1.
Use the pim dr-priority command to specify the election priority value for a DR.
Use the no or default form of this command to set the election priority to the default value of 1.
The following example sets the election priority value to 3:
[local]Redback(config-ctx)#interface enet1 [local]Redback(config-if)#pim dr-priority 3
pim dual-join group ip_addr source ip_addr
no pim dual-join group ip_addr source ip_addr
Enables pim-dual configuration mode
context configuration
group ip_addr |
Specifies the IP address of the multicast group of the current PIM-Dual join session. The range of addresses is 224.0.0.0 to 239.255.255.255. |
sourceip_addr |
Specifies the unicast IP address of multicast server for the current PIM-Dual join session. The range of addresses is 224.0.0.0 to 239.255.255.255. |
None
Use the pim dual-join command to enable pim-dual configuration mode.
Use the no form of this command to disable pim-dual configuration mode.
The following example show how to enable pim-dual join mode on the local context and create a group with an IP address of 225.100.1.1:
[local]Redback#configure [local]Redback(config)#context local [local]Redback(config-ctx)#pim dual-join group 225.100.1.1 source 192.110.30.6 [local]Redback(config-pim-dual)#
pim graceful-restart
no pim graceful-restart
default fault pim graceful-restart
Enables Protocol Independent Multicast (PIM) graceful restart on the specified context.
context configuration
This command has no keywords or arguments.
PIM graceful restart is enabled.
Use the pim graceful-restart command to enable PIM graceful restart on the specified context. PIM graceful restart allows the SmartEdge router and its neighbors to continue forwarding multicast packets without disrupting network traffic. Because neighboring routers assist, the SmartEdge router can quickly restart the PIM process without having to recalculate algorithms from scratch.
A generation ID (GenID), used in Hello messages, is generated randomly when the PIM process initially starts, or restarts after a crash. PIM uses the GenID to establish neighbor relationships with other PIM routers in the network. All neighbors that support graceful restart acknowledge the new GenID by sending multicast updates to the restarting neighbor.
The SmartEdge router stores the GenID of every PIM neighbor, and when it detects a new GenID for a neighbor, it performs one of the following functions:
If PIM graceful restart is enabled, the show configuration pim verbose command displays pim graceful restart in the configuration; however, if it is disabled, the show configuration pim command (non-verbose) displays no pim graceful restart in the configuration. For more information about the show configuration pim and show configuration pim verbose commands, see Configuring IP Multicast.
Use the no form of this command to disable PIM graceful restart.
Use the default form of this command to return to the default PIM graceful restart state, which is enabled.
The following example enables PIM graceful restart on the context, foo, where PIM graceful restart had been previously disabled:
[local]Redback(config)#context foo [local]Redback(config-ctx)#pim graceful-restart
pim hello-interval interval
{no | default} pim hello-interval interval
Sets the Protocol Independent Multicast Version 2 (PIMv2) Hello interval.
interface configuration
interval |
Interval, in seconds, at which PIMv2 Hello messages are
sent. |
The default PIM Hello interval is 30 seconds.
Use the pim hello-interval command to set the PIMv2 Hello interval.
Use the no or default form of this command to set the Hello interval to the default value.
The following example sets the PIM Hello interval to 65 seconds:
[local]Redback(config-ctx)#interface enet1 [local]Redback(config-if)#pim hello-interval 65
pim neighbor-filter acl-name
no pim neighbor-filter
Filters Protocol Independent Multicast (PIM) messages from neighbors.
interface configuration
acl-name |
Name of the access control list (ACL) used to filter PIM messages from neighbors. |
None
Use the pim neighbor-filter command to filter PIM messages from neighbors. PIM messages are accepted only if the neighbor’s IP address is permitted by the ACL.
Use the no form of this command to accept all PIM messages from neighbors.
The following example filters PIM messages from neighbors using the Neighbors44 ACL:
[local]Redback(config-ctx)#interface enet1 [local]Redback(config-if)#pim neighbor-filter Neighbors44
pim operation-mode {standard | legacy}
Sets the protocol parameters to be compatible with Protocol Independent Multicast Sparse-Mode (PIM-SM) specifications, or to be compatible with legacy implementations.
context configuration
standard |
Configures compatibility with PIM-SM specifications. |
legacy |
Configures compatibility with legacy implementations. |
The protocol parameters are compatible with legacy implementations.
Use the pim operation-mode command to set the protocol parameters to be compatible with PIM-SM specifications, or to be compatible with legacy implementations, such as traditional Cisco implementations.
The following example sets the protocol parameters to be compatible with PIM-SM specifications:
[local]Redback(config)#context local [local]Redback(config-ctx)#pim operation-mode standard
pim rp-address rp-addr [acl-name]
no pim rp-address rp-addr
Configures a router with the rendezvous point (RP) address.
context configuration
rp-addr |
IP address of the RP. |
acl-name |
Optional. Name of the access control list (ACL) used to filter multicast groups using the RP. |
None
Use the pim rp-address command to configure a router with the RP address for all Internet Group Management Protocol (IGMP) group addresses permitted by an ACL. If an ACL is not specified, this RP address is used for the entire multicast address space.
The pim rp-address command is generally used on simple Protocol Independent Multicast sparse mode (PIM-SM) networks where the RP address is manually configured on each router in the network. More complicated networks should use the PIM Version 2 (PIMv2) bootstrap router (BSR) feature, which allows routers on a network to dynamically learn the RP address.
Use the no form of this command to remove the RP address from the router.
The following example configures a router with the RP address of 192.168.200.20:
[local]Redback(config)#context isp1 [local]Redback(config-ctx)#pim rp-address 192.168.200.20
pim rp-candidate if-name [group-list acl-name]
no pim rp-candidate if-name
Configures a candidate rendezvous point (C-RP) on an interface.
context configuration
if-name |
Name of the interface to be used by the C-RP. |
group-list acl-name |
Optional. Name of the access control list (ACL) used to filter Internet Group Management Protocol (IGMP) group IP addresses. |
None
Use the pim rp-candidate command to configure a C-RP on an interface for group address ranges permitted by an ACL. If an ACL is not specified, this RP address is used for the entire multicast address space.
Use the no form of this command to decline the C-RP’s candidacy from the interface.
The following example configures a C-RP on the interface, loopback22:
[local]Redback(config)#context isp1 [local]Redback(config-ctx)#pim rp-candidate loopback22
pim sparse-mode [passive]
no pim sparse-mode [passive]
Enables Protocol Independent Multicast Sparse-Mode (PIM-SM).
interface configuration
passive |
Optional. Specifies that no PIM messages are exchanged out of the interface, but the interface, or circuits belonging to the interface, can be populated in a multicast forwarding entry by receiving an Internet Group Management Protocol (IGMP) report or a data packet. |
None
Use the pim sparse-mode command to enable PIM-SM on an interface.
PIM-SM is not supported on multibind interfaces. If you are configuring a multibind interface, you must use the pim sparse-mode passive command in interface configuration mode to prevent PIM messages from being exchanged on the egress interface, while allowing the interface and its circuits to be populated in a multicast forwarding entry by receiving an IGMP report or a data packet.
Consider the following restrictions when configuring multicast for subscribers:
Use the no form of this command to disable PIM-SM on an interface.
The following example enables PIM-SM on the interface, Northpoint:
[local]Redback(config-ctx)#interface Northpoint [local]Redback(config-if)#pim sparse-mode
pim spt-threshold infinity [group-list acl]
no pim spt-threshold infinity [group-list acl]
Enables a Protocol Independent Multicast-Sparse Mode (PIM-SM) leaf router to continue using a shared tree, instead of switching to a shortest-path tree (SPT).
context configuration
group-list acl |
Optional. Groups permitted by the access control list (ACL) to stay on the shared tree. If the group-list acl construct is not used, or if the acl value is 0, the threshold applies to all groups. |
The SPT threshold is set to 0, and the switchover occurs immediately after the initial transmission has been established.
Use the pim spt-threshold infinity command to enable a PIM-SM leaf router to continue using a shared tree, instead of switching to an SPT.
A multicast source initially sends traffic using the shared tree; however, after transmitting a certain number of bits (the SPT threshold), the PIM-SM router switches from using the shared tree to using the SPT. Using the pim spt-threshold infinity command sets the SPT threshold infinitely high, making it impossible for the switchover to occur.
Use the no form of this command to allow a PIM-SM leaf router to switch from a shared tree to an SPT.
The following example enables a PIM-SM leaf router to continue using a shared tree:
[local]Redback(config-ctx)#pim spt-threshold infinity
pim ssm {default | range acl-name}
no pim ssm {default | range acl-name}
Enables source-specific multicast (SSM) routing on the specified context.
context configuration
default |
Specifies a default SSM address range of 232.0.0.0/8. |
range acl-name |
Access control list (ACL) used to specify the SSM address range. |
The default SSM address range is 232.0.0.0/8.
Use the pim ssm command to enable SSM routing on the specified context.
The SSM feature is an extension of multicast routing where traffic is forwarded to receivers from only those multicast sources to which the receivers have explicitly joined. For multicast groups configured to use SSM, only source-specific multicast distribution trees are created, and not shared trees.
Protocol Independent Multicast-SSM (PIM-SSM) is the routing protocol that supports the implementation of SSM and is derived from PIM sparse mode (PIM-SM). SSM is supported by the Internet Group Management Protocol Version 3 (IGMPv3).
The address range 232.0.0.0 to 232.255.255.255 is reserved for SSM applications and protocols. Existing IP multicast receivers cannot receive traffic when trying to use addresses in a defined SSM range, unless they are SSM enabled.
For more information on SSM routing, see the Internet Draft, Source-Specific Multicast for IP, draft-ietf-ssm-arch-00.txt.
Use the no form of this command to disable SSM routing on an interface.
The following example enables SSM routing on the local context using the default address range of 232.0.0.0/8:
[local]Redback(config)#context local [local]Redback(config-ctx)#pim ssm default
pim state-refresh origination-interval [interval]
{no | default} pim state-refresh origination-interval [interval]
Enables the origination (sending) of Protocol Independent Multicast-Dense Mode (PIM-DM) State Refresh control messages.
interface configuration
interval |
Optional. Interval between PIM-DM State Refresh control messages. The range of values, in seconds, is 4 to 100; the default value is 60. |
The origination of PIM-DM State Refresh messages is disabled.
Use the pim state-refresh origination-interval command to enable the origination of PIM-DM State Refresh control messages.
The PIM-DM State Refresh feature keeps pruned branches from being automatically restored to the PIM-DM network by periodically forwarding control messages down the broadcast tree. The control messages refresh the prune state on the outgoing interfaces of each router in the broadcast tree. Enabling this feature is useful in situations in which restoring previously pruned branches consumes too much bandwidth by reflooding unwanted traffic over the PIM-DM network.
Use the no or default form of this command to disable the origination of the PIM-DM State Refresh control messages.
The following example enables the origination of PIM-DM State Refresh control messages and configures an interval of 60 seconds between control messages:
[local]Redback(config)#context local [local]Redback(config-ctx)#interface foo [local]Redback(config-if)#pim state-refresh origination-interval 60
pim static group group-addr [oif if-name | source ip-addr [oif if-name | register | send-join]]
no pim static group group-addr [oif if-name | source ip-addr [oif if-name | register | send-join]]
Creates a static multicast route, (*,G) or (S,G), with the specified interface as the outgoing interface (OIF).
context configuration
group-addr |
Multicast group IP address. |
oif if-name |
Optional. OIF name. |
register |
Optional. Enables the first-hop router to send register messages to the rendezvous point (RP). |
source ip-addr |
Optional. Multicast source IP address. |
send-join |
Optional. Sends a join message to the reverse path forwarding (RPF) neighbor. |
No static multicast routes are created.
Use the pim static group command to create a static multicast route, (*,G) or (S,G), with the specified interface as the OIF.
An OIF is an outgoing circuit that receives traffic destined for a given multicast group. For this command, the OIF is a regular interface. For multibind interface OIFs, configure the static-group command in an Internet Group Management Protocol (IGMP) service profile that is bound to a subscriber (default) profile.
Use the register keyword to configure multicast static groups on the first-hop router, which is the router directly connected to the multicast source, so that this router can send register messages to the RP.
Use the no form of this command to delete the static multicast route.
The following example creates a static multicast route, 224.1.1.1, with fxp1 as its OIF:
[local]Redback(config)#context local [local]Redback(config-ctx)#pim static group 224.1.1.1 oif fxp1
ping {ip-addr} [number-of-packets] [df] [flood] [numeric] [pattern hex-pattern] [preload] [quiet] [record] [silent] [size bytes] [src ip-addr] [timeout seconds] [tos] [ttl] [verbose]
Tests whether the host is reachable.
ip-addr |
IP address of the host. |
number-of-packets |
Optional. Number of ping packets to send. The range of values is 1 to 214,748,364; the default value is 5. |
df |
Optional. Indicates that the packet should not be fragmented in the IP header. |
flood |
Optional. Floods ping packets. |
numeric |
Optional. Specifies numeric output only. |
pattern hex-pattern |
Optional. Hexadecimal pattern to fill in Internet Control Message Protocol (ICMP) packets. The range of values is 0x0 to 0xffffffff. |
preload |
Optional. Sends packets as quickly as possible. |
quiet |
Optional. Suppresses ICMP error messages. |
record |
Optional. Specifies that the RECORD_ROUTE option is to be included in the ECHO_REQUEST packet. |
silent |
Optional. Displays only summary lines at start up. |
size bytes |
Optional. Size, in bytes, of the IP datagram. The range of values is 10 to 2,000; the default value is 56. |
src ip-addr |
Optional. Source IP address. |
timeout seconds |
Optional. Interval, in seconds, that the system waits for a response for each ping packet. The range of values is 1 to 120; the default value is 1. |
tos |
Optional. Specifies the type of service (ToS) in hexadecimal. The range of values is 0x0 to 0xff; the default value is 0. |
ttl |
Optional. Specifies the time-to-live (TTL) value. The range of values is 1 to 255; the default value is 255. |
verbose |
Optional. Enables all possible output. |
Sends 56-byte packets to the specified host, using a timeout value of one second.
Use the ping command (in exec mode) to test whether the host is reachable.
Press Ctrl+C to stop a ping test.
The ping and traceroute commands (in exec mode) can have vastly different output, depending on the context in which the commands are issued. In particular, an IP address that can be reached by the ping or traceroute command in one context might not be reachable from another context. Use the context command (in exec mode) to switch between contexts.
Use the ping atm command (in exec mode) to test Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs) by sending operations, administration, and maintenance (OAM) loopback cells. This command tests the reachability of a neighboring ATM switch or the end of an ATM connection.
The SmartEdge router does not allow multiple administrators to ping the same ATM PVC at the same time. If one administrator has issued the ping command on an ATM PVC, no other administrators are able to do so until the first is finished.
Use the ping ancp command (in exec mode) to test digital subscriber line (DSL) circuits by sending a port management message to the ANCP neighbor peer to test the peer.
Table 23 lists the characters for the ICMP errors that can be displayed in the output and the error descriptions.
Character |
ICMP Error and Message Code Description |
---|---|
! |
No error |
? |
Unknown error code |
a |
Host access prohibited |
A |
Network access prohibited |
c |
Precedence cutoff |
C |
Communication prohibited |
d |
Router solicitation |
D |
Router Advertisement |
F |
Unreachable because packet requires fragmentation, but “Don’t Fragment” bit is set |
F |
Time-to-live exceeded in reassembly |
h |
Host isolated |
H |
Host unknown |
i |
Information reply |
I |
Information request |
L |
Time-to-live exceeded in transmission |
m |
Timestamp reply |
M |
Timestamp |
n |
Network unknown |
N |
Network unreachable |
p |
Port unreachable |
P |
Protocol unreachable |
Q |
Packet lost due to traffic congestion |
r |
Redirected by host |
R |
Redirected by network |
S |
Unreachable because source route failed |
t |
Bad ToS for host |
t |
Redirected by host because of ToS |
T |
Bad ToS for network |
T |
Redirected by network because of ToS |
U |
Host unreachable |
V |
Host precedence violation |
x |
Address mask reply |
X |
Address mask request |
Z |
ICMP parameter problem |
The following example sends five ping packets to host 10.1.1.1 from 10.1.1.2:
[local]Redback>ping 10.1.1.1
PING 10.1.1.1 (10.1.1.1): source 10.1.1.2, 56 data bytes, timeout is 1 second .!!!! ----10.1.1.1 PING Statistics---- 5 packets transmitted, 4 packets received, 20.0% packet loss round-trip min/avg/max/stddev = 0.000/0.000/0.000/0.000 ms
ping ancp {agent-circuit-id | subscriber | circuit} string [count num [timeout interval]]
Sends an Access Node Control Protocol (ANCP) General Switch Management Protocol (GSMP) port management message to the ANCP neighbor peer to test the peer.
agent-circuit-id string |
Circuit agent ID. A text string, with up to 255 printable characters; enclose the string in quotation marks (“ ”) if the string includes spaces. |
subscriber string |
Subscriber name. A text string in the format sub-name@ctx-name with the @ the default separator character. |
circuit string |
Circuit ID. A text string in the format slot/port [circuit-id], where the circuit-id argument is one of the following constructs:
The range of values for any VLAN tag value is 1 to 4,095. |
count num |
Number of operations, administration, and maintenance (OAM) loopback cells the neighbor peer (the digital subscriber line [DSL] access multiplexer [DSLAM]) is to use to test the line. The range of values is 1 to 32; the default value is 5. |
timeout interval |
Maximum number of seconds the DSLAM must wait for the command to finish transmitting. The range of values is 0 to 255; the default value is 10. |
None
Use the ping ancp command to send an ANCP GSMP port management message to the ANCP neighbor peer to test the peer.
When entered with the subscriber string construct, the ping ancp command limits the search to the context in which you are working. Before entering the ping ancp command, ensure that you are working in the context to which the subscriber is bound.
The SmartEdge router holds the CLI prompt until either a result is received from the DSLAM or the timeout (plus one second) occurs. Any reply from the DSLAM is displayed by the CLI if it is received by the SmartEdge router before the timeout occurs; if the reply is received after the timeout, it is written to the log as an informational message.
Table 24 lists the code field values.
Code Field Value |
Description |
---|---|
0x500 |
Specified access line does not exists |
0x501 |
Loopback test timed out |
0x502 |
Reserved |
0x503 |
DSL line status showtime |
0x504 |
DSL line status idle |
0x505 |
DSL line status silent |
0x506 |
DSL line status training |
0x507 |
DSL line integrity error |
0x508 |
Access Node resource not available |
0x509 |
Invalid test parameter |
The following example sends 10 OAM cells in an GSMP port management message to the ANCP neighbor peer, using the circuit for subscriber joe@isp1 with a timeout interval of 15 seconds:
[local]Redback#ping ancp subscriber joe@isp1 count 10 timeout 15
ping arp dest-ip-address bridge bridge-name [context context_name] source source-ip-address [retries number-of-retries] [timeout seconds]
Initiates an ARP request from the PE to all access circuits (ACs) and PWs that are configured between the source PE and the destination CPE.
exec
dest-ip-address |
Specifies the destination IP address to use for the ping in the format A.B.C.D. |
bridge bridge-name |
Name of the bridge that contains the MAC address. |
context context-name |
Optional. Name of the context that contains the bridge. |
source source-ip-address |
Specifies the source IP address to use for the ping in the format A.B.C.D. |
retries number-of-retries |
Optional. Specifies the number of times ARP can be unresponsive before the ping fails. The default number of retries is 4. |
timeout seconds |
Optional. Specifies the number of seconds to wait for an ARP response from the CPE before the ping fails. The default number of seconds is 1. |
None
Use the ping arp command to initiate an ARP request from the PE to all access circuits (ACs) and PWs that are configured between the source PE and the destination CPE.
Consider the following restrictions before using the ping arp command to troubleshoot problems in a bridging domain:
The following example shows what happens when a CPE ping is aborted because the PE does not receive an ARP response from the CPE:
[local]Redback#ping arp 1.0.0.10 1.0.0.8 bridge br1 PING 1.0.0.10 (1.0.0.10): source 1.0.0.8 ARP Timeout!
ping atm {channel | path} {end-to-end | segment} slot/port [vpi] vpi [[vci] vci] [count number] [timeout seconds]
Tests Asynchronous Transfer Mode (ATM) permanent virtual circuits (PVCs) by sending operation, administration, and maintenance (OAM) loopback cells.
channel |
Sends F5 OAM loopback cells. |
path |
Sends F4 OAM loopback cells. |
end-to-end |
Sends OAM loopback cells to the end of the connection where ATM cells are terminated. |
segment |
Sends OAM loopback cells to a neighbor switch. |
slot |
Chassis slot number of the ATM line card with the port to be tested. |
port |
Port number of the ATM port to be tested. |
start-vpi |
Optional. Starting virtual path identifier (VPI). The range of values is 0 to 255. |
through end-vpi |
Optional. Last VPI in the range. |
start-vci |
Optional. Starting virtual circuit identifier (VCI). The range of values is 1 to 65535. By convention, values 1 to 30 are reserved for system use. |
end-vci |
Optional. Last VCI in the range. |
count number |
Optional. Number of OAM cells to send. The range of values is 1 to 10000; the default value is 5. |
timeout seconds |
Optional. Time in seconds that the SmartEdge router waits for a response for each OAM ping and the interval between which OAM ping packets are sent. The range of values is 1 to 100; the default value is 1. |
Sends 5 OAM cells every 12 seconds over the specified VP.
Use the ping atm command to test ATM PVCs by sending OAM loopback cells. This command tests the reachability of a neighboring ATM switch or the end of an ATM connection.
The SmartEdge router does not allow multiple administrators to ping the same ATM PVC at the same time. When one administrator is running a ping on an ATM PVC, no other administrators are able to run a ping on that same PVC until the first is finished. The following error message is issued if you are trying to ping an ATM PVC that is running the ping of another administrator: Outstanding ping is in progress on this pvc, ping not available.
Use the path keyword to send F4 OAM loopback cells; use the channel keyword to send F5 OAM loopback cells.
The ! character in the output of the ping command indicates a successful packet; a period (.) indicates a failed one.
The following example shows how to send 16 end-to-end F5 cells on VPI:VCI 2:47 on ATM port 1 in slot 5:
[local]Redback>ping atm channel end-to-end 5/1 vpi 2 vci 47 count 16
Sending 16, end-to-end F5 cells on 5/1, 2:47, timeout is 2 seconds: !!!!!!!!!!!!!!!! Success rate is 100 percent (16/16)
ping cpe [ number-of-pings] dest-ip-address source-ip-address bridge bridge-name [arp-retries number-of-retries] [arp-timeout seconds] [context context_name] [icmp-timeout seconds] [maxs max-sweep-size] [mins mins-sweep-size] [pattern hex-pattern}] [size datagram-size] [ttl ttl-value] [verbose]
Initiates a (CPE) ping to a CPE to troubleshoot problems in the VPLS network and determine the CPE host location.
exec
number-of-pings |
Optional. Specifies the number of pings to transmit. The default number of pings transmitted is 4. |
dest-ip-address |
Specifies the destination IP address to use for the ping in the format A.B.C.D. |
source-ip-address |
Specifies the source IP address to use for the ping in the format A.B.C.D. |
bridge bridge-name |
Name of the bridge that contains the MAC address. |
arp-retries number-of-retries |
Optional. Specifies the number of times ARP can be unresponsive before the ping fails. The default number of retries is 4. |
arp-timeout seconds |
Optional. Specifies the number of seconds to wait for an ARP response from the CPE before the ping fails. The default number of seconds is 1. |
context context-name |
Optional. Name of the context that contains the bridge. |
icmp-timeout seconds |
Optional. Number of seconds to wait for an ICMP response from the CPE before the ping fails. The default is 1 second. |
maxs max-sweep-size |
Optional. Minimum range of packet sizes to send, in bytes. |
mins mins-sweep-size |
Optional. Maximum range of packet sizes to send, in bytes. |
pattern hex-pattern |
Optional. Hexadecimal pattern to use for filling in the ICMP packet. |
size datagram-size |
Optional. Size of the ICMP datagram. |
ttl ttl-value |
Optional. Time-to-live (TTL) value for the IP packet. Normally, the IP packet TTL is propagated to the MPLS label header at the ingress of the LSP. The TTL value also places an upper limit on the number of pseudo-wires that are traversed to trace a MAC address. The default TTL is 64. |
verbose |
Optional. Displays more detailed output. |
None
Use the ping cpe command troubleshoot problems in the VPLS network and determine the CPE host location.
The ping cpe command can be used to perform the following tasks:
Consider the following restrictions before using the ping cpe command to troubleshoot problems in a bridging domain:
The following example shows how to initiate a CPE ping to discover an IP host address and troubleshoot the data path to the host. In this example, the CPE ping is successful, and there are no duplicate IP addresses configured in the system:
[local]Redback#ping cpe 1.0.0.10 1.0.0.8 bridge br1 PING 1.0.0.10 (1.0.0.10): source 1.0.0.8 CPE MAC 22:6a:43:00:22:01 36 data bytes, timeout is 1 second !!!!! ----1.0.0.10 PING Statistics---- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 0.900/1.224/1.762/0.440 ms
The following example shows what happens when a CPE ping is aborted because the PE does not receive an ARP response from the CPE:
[local]Redback#ping cpe 1.0.0.10 1.0.0.8 bridge br1 PING 1.0.0.10 (1.0.0.10): source 1.0.0.8 ARP Timeout!
ping mpls ldp endpoint-ip-addr/prefix-length [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [ttl ttl-value] [verbose]
Initiates a Multiprotocol Label Switching (MPLS) ping across a Label Distribution Protocol (LDP) label-switched path (LSP).
exec
ldp endpoint-ip-addr/prefix-length |
IP address of the egress LSR (in the form A.B.C.D) and prefix length, separated by the slash (/) character. The range of values for the prefix-length argument is 0 to 32. |
count |
Optional. Number of times that the ping is to be repeated. |
exp exp-bits |
Optional. IP precedence for the IP packet. Normally, the IP precedence is propagated to the MPLS label experimental (EXP) bits. |
interval interval |
Optional. Interval, in milliseconds, between ping requests; the default value is 0. |
pad hex-pad |
Optional. Hexadecimal pattern used to fill the echo request to the packet size; the default value is 0xacee. |
pad-reply-mode |
Optional. Specifies whether the echo reply is returned with the hexadecimal pattern used to fill the echo request. |
copy |
Specifies that the echo reply should include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is copied from the echo request to the echo reply. |
drop |
Specifies that the echo reply should not include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is dropped. |
reply-mode |
Optional. Specifies how the LSP echo reply is returned. |
router-alert |
Sends the echo reply as an IP User Datagram Protocol (UDP) packet, with the router alert option preceding the IP header. |
udp |
Sends the echo reply as an IP UDP packet, with no router alert option preceding the IP header. |
size packet-size |
Optional. Packet size for the ping request. The ping request is filled using the Pad type-length-value (TLV) to satisfy the request; the default value is 100 bytes. |
sweep |
Optional. Specifies the range of packet sizes to send. The value of the count argument specifies the number of times the entire range of packet sizes is to be sent. |
start-size |
Initial sweep packet size, in bytes. |
end-size |
Final sweep packet size, in bytes. |
increment |
Packet size increase, in bytes, between packet sends. The packet size is incremented until the value of the end-size argument is either met or would be exceeded by an additional increment. |
source ip-addr |
Optional. Source IP address to use for the ping. If no IP address is specified, an IP interface address is selected. |
source-port |
Optional. Specifies the source UDP port for the LSP ping request. By default, port 3503 is used as the source UDP port. |
any |
Uses an unused UDP source port, selected from the reserved range of ports, as the source UDP port. |
mpls-ping |
Uses port 3503 as the source UDP port. |
udp-port |
Source UDP port specified within the non-reserved range of ports. The range of non-reserved ports is from 1,024 to 65,535. |
timeout interval |
Optional. Interval, in seconds, to wait for an LSP ping response. The default value is 1 second. |
ttl ttl-value |
Optional. Time-to-live (TTL) value for the IP packet. Normally, the IP packet TTL is propagated to the MPLS label header at the ingress of the LSP. |
verbose |
Optional. Displays more detailed output. |
None
Use the ping mpls command to initiate a MPLS ping across an LDP LSP.
Enter the command on the ingress label-switched router (LSR) for the LSP being tested, with the egress LSR as the target. (The endpoint IP address is typically the loopback address where the LSP terminates.)
An MPLS ping tests the connectivity of the MPLS LSP data plane, and verifies that the information in the control plane is consistent with the data plane.
MPLS Echo Request and MPLS Echo Reply messages are used to accomplish the MPLS ping. An MPLS Echo Request message, which follow the same data path that normal MPLS traffic would traverse, is sent from the LSP ingress to the LSP egress LSR. The egress LSR replies with an echo request, which, because LSPs are unidirectional, takes the routed IP path.
The following example sends an MPLS ping across an LDP LSP with the endpoint 100.1.1.3/32 to be sent once:
[local]Redback#ping mpls ldp 100.1.1.3/32 1 Sending 5 100-byte MPLS echos to LDP 100.1.1.3/32, source 100.1.1.3, timeout is 1 second, send interval is 0 msec: !!!!!
The following example sends an MPLS ping across an LDP LSP with endpoint 3.3.3.3/32. Verbose output is requested:
[local]Redback#ping mpls ldp 3.3.3.3/32 verbose Sending 5 100-byte MPLS echos to LDP 3.3.3.3/32, source 3.3.3.1, timeout is 1 second, send interval is 0 msec: Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 5.193/6.800/11.491/2.670 ms
ping mpls mac-address mac-addr bridge bridge-name [context context-name] [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [trace] [ttl ttl-value] [verbose]
Initiates a MPLS ping or a trace to a medium access control (MAC) address in a Virtual Private LAN Services (VPLS) network.
exec
mac-addr |
MAC address of the host in the form nn:nn:nn:nn:nn:nn. |
bridge bridge-name |
Name of the bridge that contains the MAC address. |
context context-name |
Name of the context that contains the bridge. |
count |
Optional. Number of times that the ping is to be repeated. |
exp exp-bits |
Optional. IP precedence for the IP packet. Normally, the IP precedence is propagated to the MPLS label experimental (EXP) bits. |
interval interval |
Optional. Interval, in milliseconds, between ping requests; the default value is 0. |
padhex-pad |
Optional. Hexadecimal pattern used to fill the echo request to the packet size; the default value is 0xacee. |
pad-reply-mode |
Optional. Specifies whether the echo reply is returned with the hexadecimal pattern used to fill the echo request. |
copy |
Specifies that the echo reply should include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is copied from the echo request to the echo reply. |
drop |
Specifies that the echo reply should not include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is dropped. |
reply-mode |
Optional. Specifies how the LSP echo reply is returned. |
router-alert |
Sends the echo reply as an IP User Datagram Protocol (UDP) packet, with the router alert option preceding the IP header. |
udp |
Sends the echo reply as an IP UDP packet, with no router alert option preceding the IP header. |
size packet-size |
Optional. Packet size for the ping request. The ping request is filled using the Pad type-length-value (TLV) to satisfy the request; the default value is 100 bytes. |
sweep |
Optional. Specifies the range of packet sizes to send. The value of the count argument specifies the number of times the entire range of packet sizes is to be sent. |
start-size |
Initial sweep packet size, in bytes. |
end-size |
Final sweep packet size, in bytes. |
increment |
Packet size increase, in bytes, between packet sends. The packet size is incremented until the value of the end-size argument is either met or would be exceeded by an additional increment. |
source ip-addr |
Optional. Source IP address to use for the ping. If no IP address is specified, an IP interface address is selected. |
source-port |
Optional. Specifies the source UDP port for the LSP ping request. By default, port 3503 is used as the source UDP port. |
any |
Uses an unused UDP source port, selected from the reserved range of ports, as the source UDP port. |
mpls-ping |
Uses port 3503 as the source UDP port. |
udp-port |
Source UDP port specified within the non-reserved range of ports. The range of non-reserved ports is from 1,024 to 65,535. |
timeout interval |
Optional. Interval, in seconds, to wait for an LSP ping response. The default value is 1 second. |
trace |
Optional. Requires all intermediate nodes in a multihop topology to reply to the MPLS ping request. |
ttl ttl-value |
Optional. Time-to-live (TTL) value for the IP packet. Normally, the IP packet TTL is propagated to the MPLS label header at the ingress of the LSP. The TTL value also places an upper limit on the number of pseudo-wires that are traversed to trace a MAC address. |
verbose |
Optional. Displays more detailed output. |
None
Use the ping mpls mac-address command to initiate an MPLS ping or a trace to a MAC address in a VPLS network.
Performing an MPLS MAC ping helps to verify whether a specific MAC address has been learned over an access circuit attached to a VPLS network. The VPLS provider edge (PE) router that hosts the MAC’s attachment circuit replies to the MPLS MAC ping request.
The MAC address and the VPLS Bridge instance name must be specified for an MPLS MAC ping request.
When issuing this command, the MAC address and the VPLS bridge name must be specified; the context name is required if the VPLS bridge instance resides in a different context.
The implementation of this command supports the following proprietary features that do not support customer premise equipment (CPE) interoperability:
The following example initiates an MPLS ping to MAC address, 00:00:c0:01:01:42, on the VPLS bridge, BridgeName1:
[local]Redback#ping mpls mac-address 00:00:c0:01:01:42 bridge BridgeName1 Sending 5 100-byte MPLS echos to 2.2.2.2 for MAC 00:00:c0:01:01:42 LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 0 msec: !!!!! ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 4.744/5.263/6.382/0.641 ms [local]puppy# ping mpls mac-address 00:00:c0:01:01:42 bridge BridgeName1 trace interval 15 Sending 5 100-byte MPLS echos to 2.2.2.2 for MAC 00:00:c0:01:01:42 LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 15 msecs: !!!!! ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 4.277/5.431/8.598/1.789 ms [local]puppy# ping mpls mac-address 00:00:c0:01:01:42 bridge BridgeName1 trace sweep 100 500 10 Sending 5 [100-500]-byte MPLSechos to 2.2.2.2 for MAC 00:00:c0:01:01:42 LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 0 msec: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! ---- MPLS PING Statistics---- 205 packets transmitted, 205 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 3.953/5.070/31.873/2.043 ms
The following example initiates an MPLS ping to MAC address, 00:00:c0:01:01:42, on the VPLS bridge, BridgeName1, and requests a reply in a verbose (detailed) format:
[local]Redback#ping mpls mac-address 00:00:c0:01:01:42 bridge BridgeName1 verbose MAC info Context Bridge Group MAC Circuit local BridgeName1 00:00:c0:01:01:42 VPLS 2 VPLS peer (bridge/ip:pwid): BridgeName1/2.2.2.2:1 Oper State : Up Context name : local Admin State : Enable Circuit id : VPLS 2 Peer Flags : active, pw-up Bridge id : 0x2 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131072 PW encap type : Ethernet PW Out label : 131075 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Sending 5 100-byte MPLS echos to 2.2.2.2 for MAC 00:00:c0:01:01:42 LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 0 msec: Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up MAC info Context Bridge Group MAC Circuit 0x40080001 BridgeName1 00:00:c0:01:01:42 9/3:1023:63/1/1/483 Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up MAC info Context Bridge Group MAC Circuit 0x40080001 BridgeName1 00:00:c0:01:01:42 9/3:1023:63/1/1/483 Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up MAC info Context Bridge Group MAC Circuit 0x40080001 BridgeName1 00:00:c0:01:01:42 9/3:1023:63/1/1/483 Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up MAC info Context Bridge Group MAC Circuit 0x40080001 BridgeName1 00:00:c0:01:01:42 9/3:1023:63/1/1/483 Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up MAC info Context Bridge Group MAC Circuit 0x40080001 BridgeName1 00:00:c0:01:01:42 9/3:1023:63/1/1/483 ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 8.028/9.090/11.353/1.352 ms
To ping a specific virtual circuit (VC) that is associated with an Label Distribution Protocol (LDP) Layer 2 VPN (L2VPN) cross-connection:
ping mpls pw vc-id vc-id peer ip-addr [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [send-mode {control-plane | data-plane] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [ttl ttl-value] [verbose]
To ping a pseudowire (PW) using the inner label that is associated with a static L2VPN cross-connection:
ping mpls pw vpn-label label-num peer ip-addr [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [ttl ttl-value] [verbose]
To ping a specific PW:
ping mpls pw pw-id pw-num peer ip-addr [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [send-mode {control-plane | data-plane}] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [ttl ttl-value] [verbose]
Tests the status of a PW.
exec
vc-id vc-id |
Virtual circuit (VC) ID associated with the LDP L2VPN cross-connection. The range of the vc-id argument value is 0 to 4,294,967,295. |
vpn-label label-num |
Inner label associated with the static L2VPN cross-connection. The range of the label-num argument values is 4,096 to 65,535. |
pw-id pw-num |
Pseudo-wire ID. The value of the pw-num argument is a 4-byte number. The range of the pw-num argument value is 0 to 4,294,967,295. |
peer ip-addr |
Remote provider edge (PE) router’s IP address in the form A.B.C.D. |
count |
Optional. Number of times that the ping is to be repeated. |
exp exp-bits |
Optional. IP precedence for the IP packet. Normally, the IP precedence is propagated to the MPLS label experimental (EXP) bits. |
interval interval |
Optional. Interval, in milliseconds, between ping requests; the default value is 0. |
pad hex-pad |
Optional. Hexadecimal pattern used to fill the echo request to the packet size; the default value is 0xacee. |
pad-reply-mode |
Optional. Specifies whether the echo reply is returned with the hexadecimal pattern used to fill the echo request. |
copy |
Specifies that the echo reply should include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is copied from the echo request to the echo reply. |
drop |
Specifies that the echo reply should not include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is dropped. |
reply-mode |
Optional. Specifies how the LSP echo reply is returned. |
router-alert |
Sends the echo reply as an IP User Datagram Protocol (UDP) packet, with the router alert option preceding the IP header. |
udp |
Sends the echo reply as an IP UDP packet, with no router alert option preceding the IP header. |
send-mode |
Optional. Specifies whether the ping is sent over the control plane or data plane. By default, the ping is sent over the data plane. |
control-plane |
Sends the ping over the control plane. |
data-plane |
Sends the ping over the data plane. This setting is the default. |
size packet-size |
Optional. Packet size for the ping request. The ping request is filled using the Pad type-length-value (TLV) to satisfy the request; the default value is 100 bytes. |
sweep |
Optional. Specifies the range of packet sizes to send. The value of the count argument specifies the number of times the entire range of packet sizes is to be sent. |
start-size |
Initial sweep packet size, in bytes. |
end-size |
Final sweep packet size, in bytes. |
increment |
Packet size increase, in bytes, between packet sends. The packet size is incremented until the value of the end-size argument is either met or would be exceeded by an additional increment. |
source ip-addr |
Optional. Source IP address to use for the ping. If no IP address is specified, an IP interface address is selected. |
source-port |
Optional. Specifies the source UDP port for the LSP ping request. By default, port 3503 is used as the source UDP port. |
any |
Uses an unused UDP source port, selected from the reserved range of ports, as the source UDP port. |
mpls-ping |
Uses port 3503 as the source UDP port. |
udp-port |
Source UDP port specified within the non-reserved range of ports. The range of non-reserved ports is from 1,024 to 65,535. |
timeout interval |
Optional. Interval, in seconds, to wait for an LSP ping response. The default value is 1 second. |
ttl ttl-value |
Optional. Time-to-live (TTL) value for the IP packet. Normally, the IP packet TTL is propagated to the MPLS label header at the ingress of the LSP. |
verbose |
Optional. Displays more detailed output. |
None
Use the ping mpls pw command to test the status of a pseudo-wire.
The remote PE router replies to a MPLS pseudo-wire ping message with its local information about the pseudo-wire. You can use this information for troubleshooting purposes to compare the state and attributes at the two ends of a pseudo-wire.
The IP address of the remote PE router and the VC ID, inner label, or pseudo-wire ID must be specified for an MPLS pseudo-wire ping request. An MPLS pseudo-wire ping is initiated only if a pseudo-wire with the specified attributes exists.
The implementation of this command supports the following proprietary features that do not support customer premise equipment (CPE) interoperability:
The following example shows how to test the pseudo-wire with the 1 pseudo-wire ID and request that the remote PE router with the 2.2.2.2 IP address reply with its local information about the pseudowire:
[local]Redback#ping mpls pw pw-id 1 peer 2.2.2.2 Sending 5 100-byte MPLS echos to 2.2.2.2 for LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 0 msec: !!!!! ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 3.791/4.206/5.043/0.485 ms
The following example shows how to test the pseudo-wire with the 1 pseudo-wire ID and request that the remote PE router with the 2.2.2.2 IP address reply with its local information about the pseudowire in a verbose (detailed) format:
[local]Redback#ping mpls pw pw-id 1 peer 2.2.2.2 verbose VPLS peer (bridge/ip:pwid): BridgeName1/2.2.2.2:1 Oper State : Up Context name : local Admin State : Enable Circuit id : VPLS 2 Peer Flags : active, pw-up Bridge id : 0x2 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131072 PW encap type : Ethernet PW Out label : 131075 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Sending 5 100-byte MPLS echos to 2.2.2.2 for LDP PWID 1, source 1.1.1.1, timeout is 1 second, send interval is 0 msec: Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up Received MPLS ping reply - None VPLS peer (bridge/ip:pwid): BridgeName1/1.1.1.1:1 Oper State : Up Context name : 0x40080001 Admin State : Enable Circuit id : 255/21:1023:63/0/1/8 Peer Flags : active, pw-up Bridge id : 0x3 Context id : 0x40080001 PE peering type : Hub PE local mode : PE-rs Prev state : Down Profile name : test1 Prev event : pw-up Last error : no error Peer up/down cnt : 1 Peer state changes : 2 Peer reset cnt : 0 Peer config changes : 0 Peer restart cnt : 0 Peer proc restarts : 0 MAC flush sent : 0 MAC flush received : 0 Circ up/down cnt : 0 Circ cfg changes : 1 Circ error cnt : 0 Circ delete cnt : 0 PW state : Up, Active PW up/down cnt : 0 PW signaling type : LDP PW error cnt : 0 PW restart cnt : 1 PW In label : 131075 PW encap type : Ethernet PW Out label : 131072 PW Exp bits : 0x0 PW local MTU : 1500 PW remote MTU : 1500 PW flags : in-rib, in-lblmap, in-ldp, from-ldp, from-cfg peer-up ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 7.311/8.758/9.851/1.185 ms
ping mpls rsvp lsp-name [count] [exp exp-bits] [interval interval] [pad hex-pad] [pad-reply-mode {copy | drop}] [reply-mode {router-alert | udp}] [size packet-size | sweep start-size end-size increment] [source ip-addr] [source-port {any | mpls-ping | udp-port}] [timeout interval] [ttl ttl-value] [verbose]
Initiates a MPLS ping across a Resource Reservation Protocol (RSVP) label-switched path (LSP) or a Label Distribution Protocol (LDP) LSP.
exec
lsp-name |
Name of the RSVP LSP to be pinged; an LSP that originates on your router and ends on another node (the number of transit hops is not important). The local router must be the LSP ingress router. |
count |
Optional. Number of times that the ping is to be repeated. |
exp exp-bits |
Optional. IP precedence for the IP packet. Normally, the IP precedence is propagated to the MPLS label experimental (EXP) bits. |
interval interval |
Optional. Interval, in milliseconds, between ping requests; the default value is 0. |
pad hex-pad |
Optional. Hexadecimal pattern used to fill the echo request to the packet size; the default value is 0xacee. |
pad-reply-mode |
Optional. Specifies whether the echo reply is returned with the hexadecimal pattern used to fill the echo request. |
copy |
Specifies that the echo reply should include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is copied from the echo request to the echo reply. |
drop |
Specifies that the echo reply should not include the hexadecimal pattern used to fill the echo request. The hexadecimal pattern is dropped. |
reply-mode |
Optional. Specifies how the LSP echo reply is returned. |
router-alert |
Sends the echo reply as an IP User Datagram Protocol (UDP) packet, with the router alert option preceding the IP header. |
udp |
Sends the echo reply as an IP UDP packet, with no router alert option preceding the IP header. |
size packet-size |
Optional. Packet size for the ping request. The ping request is filled using the Pad type-length-value (TLV) to satisfy the request; the default value is 100 bytes. |
sweep |
Optional. Specifies the range of packet sizes to send. The value of the count argument specifies the number of times the entire range of packet sizes is to be sent. |
start-size |
Initial sweep packet size, in bytes. |
end-size |
Final sweep packet size, in bytes. |
increment |
Packet size increase, in bytes, between packet sends. The packet size is incremented until the value of the end-size argument is either met or would be exceeded by an additional increment. |
source ip-addr |
Optional. Source IP address to use for the ping. If no IP address is specified, an IP interface address is selected. |
source-port |
Optional. Specifies the source UDP port for the LSP ping request. By default, port 3503 is used as the source UDP port. |
any |
Uses an unused UDP source port, selected from the reserved range of ports, as the source UDP port. |
mpls-ping |
Uses port 3503 as the source UDP port. |
udp-port |
Source UDP port specified within the non-reserved range of ports. The range of non-reserved ports is from 1,024 to 65,535. |
timeout interval |
Optional. Interval, in seconds, to wait for an LSP ping response. The default value is 1 second. |
ttl ttl-value |
Optional. Time-to-live (TTL) value for the IP packet. Normally, the IP packet TTL is propagated to the MPLS label header at the ingress of the LSP. |
verbose |
Optional. Displays more detailed output. |
None
Use the ping mpls rsvp command to initiate an MPLS ping across an RSVP LSP.
Enter the command on the ingress label-switched router (LSR) for the LSP being tested. The name of the target LSP should be an LSP that originates on your node and ends on another node (the number of transit hops is not important). You cannot ping an egress or a transit RSVP LSP.
You can use the show rsvp lsp command to look up names of RSVP LSPs to ping.
An MPLS ping tests the connectivity of the MPLS LSP data plane, and verifies that the information in the control plane is consistent with the data plane.
MPLS Echo Request and MPLS Echo Reply messages are used to accomplish the MPLS ping. An MPLS Echo Request message, which follows the same data path that normal MPLS traffic would traverse, is sent through the LSP that leads to the LSP egress LSR. The egress LSR replies with an echo request, which, because LSPs are unidirectional, takes the routed IP path.
The following example sends an MPLS ping across RSVP LSP, lsp1:
[local]Redback#ping mpls rsvp lsp1
Sending 5 100-byte MPLS echos to lsp1, source 3.3.3.3, timeout is 1 second, send interval is 0 msec: !!!!! ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 2.223/3.125/3.853/0.676 ms
The following example sends an MPLS ping across RSVP LSP, pse_pe2. Verbose output is requested:
[local]Redback#ping mpls rsvp pse_pe2 verbose
Sending 5 100-byte MPLS echos to pse_pe2, source 3.3.3.3, timeout is 1 second, send interval is 0 msec: Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 Received MPLS ping reply - Replying router is an egress for FEC at level 1 ---- MPLS PING Statistics---- 5 packets transmitted, 5 packets received no error, 0.0% packet loss/error round-trip min/avg/max/stddev = 5.193/6.800/11.491/2.670 ms
policy access-list acl-name
no policy access-list acl-name
Creates or selects a policy access control list (ACL) and enters access control list configuration mode.
context configuration
acl-name |
Policy ACL name. |
None
Use the policy access-list command to create or select a policy ACL and to enter access control list configuration mode.
Use the no form of this command to remove the policy ACL.
The following example creates a policy ACL to define Web and VOIP traffic types on a circuit, and uses the policy ACL in a QoS metering policy, marking these packet types as DF and AF11, respectively. All other traffic is marked as DF also:
[local]Redback(config-ctx)#policy access-list QoSACL-1 [local]Redback(config-access-list)#permit tcp any any eq 80 class Web [local]Redback(config-access-list)#permit udp any any eq 1000 class VOIP [local]Redback(config-access-list)#permit any any class default [local]Redback(config-access-list)#exit [local]Redback(config-ctx)#exit [local]Redback(config)#qos policy PolicingAndMarking policing [local]Redback(config-policy-policing)#access-group QoSACL-1 [local]Redback(config-policy-group)#class Web [local]Redback(config-policy-group-class)#mark dscp DF [local]Redback(config-policy-group-class)#exit [local]Redback(config-policy-group)#class VOIP [local]Redback(config-policy-group-class)#mark dscp AF11 [local]Redback(config-policy-group-class)#exit [local]Redback(config-policy-group)#class default [local]Redback(config-policy-group-class)#mark dscp DF [local]Redback(config-policy-group-class)#exit [local]Redback(config-policy-group)#exit [local]Redback(config-policy-policing)#exit [local]Redback(config)#port ethernet 3/0 [local]Redback(config-port)#bind interface FromSubscriber local [local]Redback(config-port)#qos policy policing PolicingAndMarking
policy-refresh {username subscriber | agent-remote-id id} attribute name {value [parent] [remove]}
Modifies in real time a subscriber attribute in the specified subscriber record, using the command-line interface (CLI).
username subscriber |
Fully qualified subscriber name, in the format sub-name@ctx-name, for which the attribute is to be modified. |
agent-remote-id id |
Remote Authentication Dial-In User Service (RADIUS) remote agent ID, for which the attribute is to be modified. An alphanumeric string of up to 63 characters. |
attribute name |
Subscriber attribute to be updated. Table 25 lists the keyword names for the attributes and the related RADIUS standard attribute or vendor-specific attribute (VSA) provided by Ericsson AB. |
value |
New value for the subscriber attribute, according to the arguments, constructs, and parameter types listed in Table 25. If the value is to be remove, enclose it in double quotation marks (“ ”). |
remove |
Removes the subscriber attribute from the subscriber record. |
parent |
Optional. Applies the modification of a dynamic-qos-param attribute to the parent circuit of the subscriber session instead of the subscriber session. The remove keyword can also be specified with the parent keyword to remove the parent dynamic-qos-param attribute. |
Subscriber attributes are unchanged for the duration of the session, unless modified by the reauthorize command (in exec mode).
Use the policy-refresh command to modify in real time a subscriber policy attribute in the specified subscriber record, using the CLI. Policy refresh does not interrupt or drop the session of the subscriber.
To modify a dynamic-qos-param attribute of the parent circuit of the subscriber session, use the parent keyword with the policy-refresh configuration. The parent keyword enables dynamic QoS parameter support for parent circuits through subscriber sessions. Using this keyword, you can customize QoS configurations of a parent circuit of a subscriber session by using the policy-refresh command. When the subscriber session is specified in a policy-refresh command that includes the parent keyword, any specified modification is applied to the parent circuit instead of the subscriber session. The parent circuit of a subscriber session is considered to be the 802.1q VLAN or ATM PVC which encapsulates its traffic and under which the bind authentication or bind subscriber CLI configuration entry of the subscriber was specified. Modifications to the QoS configurations of the parent circuit may apply to all traffic (all subscriber sessions) that traverse the circuit depending on the configuration of the QoS policy binding of the parent. (for example, whether that binding is inherited by its children; see Policy Inheritance in Configuring QoS Rate-Limiting and Class- Limiting).
For predictable system behavior, the following rules apply:
The last dynamic QoS parameter (VSA 196) rate applied to the parent circuit or an applicable child using the parent flag takes precedence over the last applied VSA 156 or 157 rate applied to the parent circuit.
The final rate to be enforced is the lower of the last ANCP or TR-101 rate update received or the AAA (RADIUS or policy-refresh) rate specified, as determined by the preceding rule.
For more information about RADIUS and vendor VSAs provided by Ericsson AB, refer to Configuring RADIUS.
Table 25 lists the keywords and constructs, parameter types for the attribute keyword dynamic-qos-param and their range of values, for the subscriber attributes that this command supports.
Attribute Keyword |
Parameter Types |
Notes |
Related VSA # |
---|---|---|---|
bridge-profile |
String. Name of the bridge profile. |
102 | |
dhcp-max-leases |
Integer. Maximum number of DHCP addresses this subscriber can allocate to hosts; the range of values is 1 to 1,255. |
3 | |
dynamic-qos-param |
fwd-in-access-group |
String. Name of the forwarded access group in the access-group command (in forward policy configuration, metering, or policing mode). The format is: acl-name where acl-name is the name of the policy ACL created using the policy access-list command (in context configuration mode). This command supports a maximum of 10 ACLs. For example, the acl1:acl2:acl3 string references ACLs named ACL1, ACL2, and ACL3.(1) |
196 |
meter-circuit-burst |
String. Overrides the circuit burst parameter defined by a metering policy and set with the rate command. This attribute is used to configure the metering burst allowance for the specified circuit. The format is: meter-circuit-burst bytes where the bytes argument is the burst tolerance in bytes. The range of values is 1 to 4250000000. The meter-circuit-burst parameter is not accepted unless a rate and burst are configured in the metering policy of the target circuit. This attribute is used to configure the metering burst allowance for the subscriber circuit. The range of allowable values is from 1 to 4,250,000,000 bytes. meter-circuit-excess-burst <value |
196 | |
meter-circuit-conform |
String. Overrides the circuit conform parameters defined by a metering policy. This attribute is used to configure marking action for packets that conform to the circuit-level rate and burst allowance of a metering policy. The format is: meter-circuit-conform {{mark-dscp dscp-value} | {mark-precedence prec-value} | {mark-priority priority-value} | no-action} where:
This attribute is used to configure marking action for packets that conform to the metering policy’s circuit-level rate and burst allowance. meter-circuit-conform {{mark-dscp | mark-precedence | mark-priority} <0-7>} | no-action} |
196 | |
meter-circuit-exceed |
String. Overrides the circuit exceed parameters defined by a metering policy. This attribute is used to configure marking action for packets that exceed the circuit-level rate and burst allowance of a metering policy. The format is: meter-circuit-exceed {{mark-dscp dscp-value} | {mark-precedence prec-value} | {mark-priority priority-value} | {drop-qos-priority priority-value} | drop-all | no-action} where:
This attribute is used to configure marking action for packets that exceed the metering policy’s circuit-level rate and burst allowance. meter-circuit-exceed {{mark-dscp | mark-precedence | mark-priority} <0-7>} | drop-qos-priority-group | drop-all | no-action} |
196 | |
meter-circuit-excess-burst |
String. Overrides the circuit excess burst parameter defined by a metering policy and set with the rate command (in metering policy configuration mode). This attribute is used to configure the metering excess-burst allowance for the specified circuit. The format is: meter-circuit-excess-burst bytes where the bytes argument is the excess burst tolerance in bytes. The range of values is 1 to 4250000000. The meter-circuit-excess-burst parameter is not accepted unless a rate and excess-burst are configured in the metering policy of the target circuit. This attribute is used to configure the metering excess-burst allowance for the subscriber circuit. The range of allowable values is from 1 to 4,250,000,000 bytes. meter-circuit-excess-burst <value> |
196 | |
meter-circuit-mark |
String. Overrides the circuit mark parameter defined by a metering policy. This attribute is used to configure an unconditional marking action for packets subject to a metering policy. The format is: meter-circuit-mark {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} where:
This attribute is used to configure an unconditional marking action for packets subject to the metering policy. meter-circuit-mark {mark-dscp | mark-precedence | mark-priority} <0-7> The meter-circuit-mark parameter is not accepted if a rate is configured in the metering policy of the target circuit. |
196 | |
meter-circuit-rate |
String. Overrides the circuit rate parameter defined by a metering policy and set with the rate command. This attribute is used to configure the metering rate of the subscriber circuit. The format is: meter-circuit-rate rate-absolute rate-value where the rate-value argument is the kbps argument of the rate command (in metering policy configuration mode). The range of values is 5 to 10000000. The meter-circuit-rate parameter is not accepted unless a rate and burst are configured in the metering policy of the target circuit. This attribute is used to configure metering rate of the subscriber circuit. The range of allowable values is from 5 to 10,000,000 kbps. meter-circuit-rate <value> |
196 | |
meter-circuit-violate |
String. Overrides the circuit violate parameters defined by a metering policy. This attribute is used to configure marking action for packets that violate the circuit-level rate and excess-burst allowance of a metering policy. The format is: meter-circuit-violate {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} | drop-all | no-action} where:
This attribute is used to configure marking action for packets that violate the metering policy’s circuit-level rate and excess-burst allowance. meter-circuit-violate {{mark-dscp | mark-precedence | mark-priority} <0-7>} | drop-all | no-action} The meter-circuit-violate parameter is not accepted unless a rate and burst are configured in the metering policy of the target circuit. |
196 | |
meter-class-burst |
String. Overrides the class burst parameter defined by a metering policy. The format is: class-name burst bytes where class-name is the name of the class assigned to policy ACL statements that reference the ACL condition and the burst bytes construct is the burst tolerance in bytes. The range of values for the burst argument is 1 to 1250000000. |
196 | |
meter-class-conform |
String. Overrides the class conform values defined by a metering policy. The format is: class-name mark-dscp mark-precedence mark-priority no-action where:
|
196 | |
meter-class-exceed |
String. Overrides the class exceed parameters defined by a metering policy. The format is: class-name mark-dscp mark-precedence mark-priority drop-qos-priority drop-all no-action where:
|
196 | |
meter-class-excess-burst |
String. Overrides the class excess burst parameter defined by a metering policy set with the rate command (in metering policy configuration mode). The format is: class-name excess-burst bytes where the class-name argument is the name of the class assigned to policy ACL statements that reference the ACL condition, and the excess-burst bytes construct is the excess burst tolerance in bytes. The range of values for the bytes argument is 1 to 1250000000. |
196 | |
meter-class-mark |
String. Overrides the class mark parameter defined by a metering policy. The format is: class-name mark-dscp mark-precedence mark-priority where:
|
196 | |
meter-class-rate |
String. Overrides the class rate parameter defined by a metering policy. The format is: class-name rate-value where the class-name argument is the name of the class assigned to policy ACL statements that reference the ACL condition, and the rate-value argument is the kbps argument of the rate command (in metering policy configuration mode). |
196 | |
meter-class-violate |
String. Overrides the class violate parameters defined by a metering policy. The format is: class-name mark-dscp mark-precedence mark-priority [drop-all] [no-action] where:
|
196 | |
police-circuit-burst |
String. Overrides the circuit burst parameter defined by a policing policy. This attribute is used to configure the policing burst allowance for the subscriber circuit. The format is: police-circuit-burst bytes where the bytes argument is the burst tolerance in bytes. The range of values is 1 to 4250000,000. This attribute is used to configure the policing burst allowance for the subscriber circuit. The range of allowable values is from 1 to 4,250,000,000 bytes. police-circuit-burst <value> |
196 | |
police-circuit-conform |
String. Overrides the circuit conform parameters defined by a policing policy. This attribute is used to configure marking action for packets that conform to the circuit-level rate and burst allowance of the metering policy. The format is: police-circuit-conform {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} | no-action} where:
This attribute is used to configure marking action for packets that conform to the metering policy’s circuit-level rate and burst allowance. meter-circuit-conform {{mark-dscp | mark-precedence | mark-priority} <0-7>} | no-action} |
196 | |
police-circuit-exceed |
String. Overrides the circuit exceed parameters defined by a policing policy. This attribute is used to configure marking action for packets that exceed the circuit-level rate and burst allowance of the policing policy. The format is: police-circuit-exceed {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} | {drop-qos-priority priority-value} | drop-all | no-action} where:
This attribute is used to configure marking action for packets that exceed the policing policy’s circuit-level rate and burst allowance. police-circuit-exceed {{mark-dscp | mark-precedence | mark-priority} <0-7>} | drop-qos-priority-group | drop-all | no-action} |
196 | |
police-circuit-excess-burst |
String. Overrides the circuit excess burst parameter defined by a policing policy set with the rate command (in policing policy configuration mode). This attribute is used to configure the policing excess-burst allowance for the subscriber circuit. The format is: police-circuit-excess-burst bytes where the bytes argument is the excess burst tolerance in bytes. The range of values is 1 to 4250000000. This attribute is used to configure the policing excess-burst allowance for the subscriber circuit. The range of allowable values is from 1 to 4,250,000,000 bytes. police-circuit-excess-burst <value> |
196 | |
police-circuit-mark |
String. Overrides the circuit mark parameters defined by a policing policy. This attribute is used to configure an unconditional marking action for packets subject to the policing policy. The format is: police-circuit-mark {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} where:
This attribute is used to configure an unconditional marking action for packets subject to the policing policy. police-circuit-mark {mark-dscp | mark-precedence | mark-priority} <0-7> This attribute is used to configure an unconditional marking action for packets subject to the metering policy. meter-circuit-mark {mark-dscp | mark-precedence | mark-priority} <0-7> The police-circuit-mark parameter is not accepted if a rate is configured in the policing policy. |
196 | |
police-circuit-rate |
String. Overrides the circuit rate parameter defined by a policing policy. This attribute is used to configure policing rate of the subscriber circuit. The format is: police-circuit-rate rate-absolute rate-value where the rate-value argument is the kbps argument of the rate command (in policing policy configuration mode). The range of values is 5 to 10000000. This attribute is used to configure policing rate of the subscriber circuit. The range of allowable values is from 5 to 10,000,000 kbps. police-circuit-rate <value> |
196 | |
police-circuit-violate |
String. Overrides the circuit violate parameters defined by a policing policy. This attribute is used to configure marking action for packets that violate the circuit-level rate and excess-burst allowance of the policing policy. The format is: police-circuit-violate {mark-dscp dscp-value | mark-precedence prec-value | mark-priority priority-value} | drop-all | no-action} where:
This attribute is used to configure marking action for packets that violate the policing policy’s circuit-level rate and excess-burst allowance. police-circuit-violate {{mark-dscp | mark-precedence | mark-priority} <0-7>} | drop-all | no-action} |
196 | |
police-class-burst |
String. Overrides the class burst parameter defined by a policing policy. The format is: burst bytes where class-name is the name of the class assigned to policy ACL statements that reference the ACL condition and the burst bytes construct is the burst tolerance in bytes. The range of values is 1 to 1250000000. |
196 | |
police-class-conform |
String. Overrides the class conform values defined by a policing policy. The format is: class-name mark-dscp mark-precedence mark-priority no-action where:
|
196 | |
police-class-exceed |
String. Overrides the class exceed parameters defined by a policing policy. The format is: class-name mark-dscp mark-precedence mark-priority drop-qos-priority drop-all no-action where:
|
196 | |
police-class-excess-burst |
String. Overrides the class excess burst parameter defined by a policing policy set with the rate command (in policing policy configuration mode). The format is: class-name excess-burst bytes where the class-name argument is the name of the class assigned to policy ACL statements that reference the ACL condition and the bytes argument is the excess burst tolerance in bytes. The range of values is 1 to 1250000000. |
196 | |
police-class-mark |
String. Overrides the class mark parameter defined by a policing policy. The format is: class-name mark-dscp mark-precedence mark-priority where:
|
196 | |
|
police-class-rate |
String. Overrides the class rate parameter defined by a policing policy. The format is: class-name rate-value where class-name is the name of the class assigned to policy ACL statements that reference the ACL condition and the rate-value argument is either the rate kbps or rate percentage value construct of the rate command (in metering policy configuration mode). |
196 |
|
police-class-violate |
String. Overrides the class violate parameters defined by a policing policy. The format is: class-name mark-dscp mark-precedence mark-priority drop-all no-action where:
|
196 |
pwfq-circuit-rate-min |
String. Overrides the circuit rate minimum parameter defined by a PWFQ policy set with the rate minimum command (in PWFQ policy configuration mode). This attribute is used to modify the target minimum rate under congestion for a circuit with a PWFQ policy binding. The format is: pwfq-circuit-rate-minimum rate-value where the rate-value argument is the kbps argument of the rate minimum command (in PWFQ policy configuration mode). The range of values is 64 to 1000000. This attribute can be used to modify the target minimum rate under congestion for a TM L2 node; that is, a circuit with a PWFQ policy binding. It corresponds to and overrides the “rate minimum” command value configured in the PWFQ policy. The range of allowable values is from 64 kbps to 1,000,000 kbps. pwfq-circuit-rate-minimum <value>. The pwfq-circuit-rate-minimum and pwfq-circuit-weight dynamic QoS parameters are mutually exclusive. A circuit cannot have these two parameters configured simultaneously. |
196 | |
pwfq-circuit-rate-max |
String. Overrides the circuit rate maximum parameter defined by a PWFQ policy set with the rate maximum command (in PWFQ policy configuration mode). This attribute is used to modify the maximum allowed rate for a circuit with a PWFQ policy binding. The format is: pwfq-circuit-rate-maximum rate-value where the rate-value argument is the kbps argument of the rate maximum command (in PWFQ policy configuration mode). The range of values is 64 to 1000000. This attribute can be used to modify the maximum allowed rate for a TM L2 node; that is, a circuit with a PWFQ policy binding. It corresponds to and overrides the “rate maximum” command value configured in the PWFQ policy. The range of allowable values is from 64 kbps to 1,000,000 kbps. pwfq-circuit-rate-maximum <value>. |
196 | |
pwfq-circuit-weight |
String. Overrides the circuit weight parameter defined by a PWFQ policy set with the weight command (in PWFQ policy configuration mode). This attribute is used to modify the relative weight of a circuit with a PWFQ policy binding. The format is: pwfq-circuit-weight weight where the weight argument corresponds to the weight argument of the weight command (in PWFQ policy configuration mode). The range of values is 1 to 4096. This attribute can be used to modify to relative weight of a TM L2 node; that is, a circuit with a PWFQ policy binding. It corresponds to and overrides the “weight” command value configured in the PWFQ policy. The range of allowable values is from 1 to 4096. pwfq-circuit-weight <value> This attribute can be used to modify the target minimum rate under congestion for a TM L2 node; that is, a circuit with a PWFQ policy binding. It corresponds to and overrides the “rate minimum” command value configured in the PWFQ policy. The range of allowable values is from 64 kbps to 1,000,000 kbps. pwfq-circuit-rate-minimum <value>. The pwfq-circuit-rate-minimum and pwfq-circuit-weight dynamic QoS parameters are mutually exclusive. A circuit cannot have these two parameters configured simultaneously. |
||
pwfq-priority-group-rate |
String. Overrides the priority group rate defined by a PWFQ policy. The format is: group-num rate-value where group-num is the group-num argument of the queue priority-group command, and rate-value is either the rate kbps or rate percentage value construct. |
196 | |
pwfq-queue-priority |
String. Overrides the queue priority defined by a PWFQ policy. The format is: queue-num priority-group weight-value where queue-num is the queue queue-num construct of the queue-priority command, priority-group is the priority group-num construct, and weight-value is the weight weight construct. |
196 | |
pwfq-queue-weight |
String. Overrides the queue weight defined by a PWFQ policy. The format is: queue-num weight-value where queue-num is the queue queue-num construct and weight-value is the weight traffic-weight construct the queue weight command |
196 | |
filter-id |
String. Name of the ACL that filters inbound or outbound traffic in the format:
|
11 | |
forward-policy |
String. Name of the ACL that filters inbound or outbound traffic in the format:
|
92 | |
http-redirect-profile-name |
String. Name of the HTTP redirect profile (up to 32 characters). |
107 | |
idle-timeout |
Integer. Idle timeout in seconds; the range of values is 1 to 65,534. |
28 | |
igmp-svc-prof-id |
String. Name of the IGMP service profile. |
90 | |
mcast-receive |
Integer. Defines whether the subscriber can receive multicast packets; the range of values is:
|
34 | |
mcast-send |
Integer. Defines whether the subscriber can send multicast packets; the range of values is:
|
33 | |
qos-metering |
String. Name of the QoS metering policy. |
88 | |
qos-overhead |
String. Name of the overhead profile. |
195 | |
qos-policing |
String. Name of the QoS policing policy. |
87 | |
qos-queuing |
String. Name of the QoS scheduling policy. |
89 | |
qos-rate |
String. Limits (in KB) for inbound or outbound traffic in the format:
The range of values for limit is 0 to 65,534. Zero (0) indicates an unlimited rate. |
156, 157 | |
qos-reference |
String. Node name, node-name index, group name, and group-name index in the format: node-name node-name index:group-name group-name index |
114 | |
session-timeout |
Integer. Session timeout in seconds; the range of values is 1 to 65,534. |
27 | |
shaping-profile-name |
String. Name of the ATM shaping profile. |
101 | |
traffic-limit |
String. Limits (in KB) for inbound or outbound traffic in the format:
Limits are independent. |
113 |
(1) The fwd-in-access-group parameter
does not support the parent keyword.
(2) The meter-class-mark parameter is not accepted
if the corresponding class in the metering policy has been configured
with a rate.
(3) The police-class-mark parameter is not accepted
if the corresponding class in the policing policy has been configured
with a rate.
When the same QoS rate of a circuit is subject to modification from both the DSL line rate (received through ANCP or through TR-101 PPPoE or DHCP tags) and a rate applied through VSA 156, 157, or 196 (set through RADIUS or the policy-refresh exec command), the lower of the last line rate received or the relevant VSA rate (as determined by the preceding precedence rule) is applied.
The following example updates the subscriber record for subscriber joe@gold-service to specify a different quality of service (QoS) policing policy, police-policy:
[local]Redback#policy-refresh username joe@gold-service attribute qos-policing police-policy
The following example shows how to set the rate to 10000 kbps for priority-group 0 for the subscriber's PWFQ policy binding:
[local]Redback#policy-refresh username joe@gold-service attribute Dynamic-Qos-Param pwfq-priority-group-rate 0 rate-absolute 10000
The following example shows how to set the weight to 50 for queue 3 for the subscriber's PWFQ policy binding:
[local]Redback#policy-refresh username joe@gold-service attribute Dynamic-Qos-Param pwfq-queue-weight 3 50
The following example shows how to set the burst allowance to 1024 bytes for class name voip for the subscriber's metering policy binding:
[local]Redback#policy-refresh username joe@gold-service attribute Dynamic-Qos-Param meter-class-burst voip 1024
The following example shows how to set the policing rate to 7000 kbps for the policing policy binding of the parent circuit of the subscriber:
[local]Redback#policy-refresh username joe@gold-service attribute Dynamic-Qos-Param police-circuit-rate rate-absolute 7000 parent
pool nat-pool-name ctx-name
Configures the Network Address Translation (NAT) policy or its class to use the specified pool of IP addresses for source IP address translation.
nat-pool-name |
NAT pool name. |
ctx-name |
Name of the context in which the NAT pool is configured. |
If no action is configured for the NAT policy, by default, packets are dropped.
Use the pool command to configure the NAT policy or class of packets to use the specified pool of IP addresses for packet translation.
The following example configures the NAT policy, NAT-POLICY, to use the pool, NAT-POOL-DEFAULT, configured in the ISP context, and configures packets classified as NAT-CLASS-BASIC to use the pool, NAT-POOL-BASIC, configured in the ISP context:
[local]Redback(config-ctx)#nat policy NAT-POLICY [local]Redback(config-policy-nat)#pool NAT-POOL-DEFAULT ISP [local]Redback(config-policy-nat)#access-group NAT-ACL [local]Redback(config-policy-group)#class NAT-CLASS-BASIC [local]Redback(config-policy-group-class)#pool NAT-POOL-BASIC ISP
port atm slot/port
no port atm slot/port
Selects an Asynchronous Transfer Mode (ATM) port and enters ATM OC or ATM DS-3 configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Line card port number. The range of values depends on the type of line card; see Table 26 of this command. |
None
Use the port atm command to select an ATM port of any type and enter ATM OC or ATM DS-3 configuration mode.
Table 26 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
ATM OC-3c/STM-1c |
8 |
No |
– |
ATM OC-3c/STM-1c |
4 |
Yes |
1, 3 |
ATM OC-12c/STM-4c |
1 |
No |
– |
Enhanced ATM OC-12c/STM-4c |
1 |
No |
– |
ATM OC-12c/STM-4c |
2 |
No |
– |
ATM DS-3 |
12 |
No |
– |
If you have previously limited the number of software configurable ports, using the maximum ports command (in card configuration mode), for an ATM DS-3 line card, and the port that you specify is not a software configurable port, this command fails and the SmartEdge OS displays an error message.
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the port, use the no shutdown command in ATM OC or ATM DS-3 configuration mode.
Use the no form of this command to delete the port configuration from the configuration database.
The following example shows how to select port 2 on an ATM OC line card in slot 6 and enable the port:
[local]Redback(config)#port atm 6/2 [local]Redback(config-atm-oc)#no shutdown
The following example shows how to select port 1 on the ATM DS-3 line card in slot 3 and enable the port:
[local]Redback(config)#port atm 3/1 [local]Redback(config-atm-ds3)#no shutdown
port bvi name
no port bvi name
Creates a Bridged Virtual Interface (BVI) port to represent a pseudo circuit that supports bridging and routing in the same SmartEdge router context.
name |
BVI port name. |
None
Use the port bvi command to name a BVI port that represents the pseudo circuit. This command must be used with the bind interface command in the BVI context and the bridge command in the BVI context to create the bridged virtual interface port. The BVI port supports local or nonroutable Link Layer 2 traffic that is bridged to the bridged interfaces in the same bridge group, while routable Network Layer 3 traffic is routed to other routed interfaces.
Access, Ethernet and dot1q link groups are supported in the bridge group. Only one BVI port can be attached to a bridge group. BVI ports are supported on link groups and link groups support up to eight Ethernet ports. BVI port pseudo circuits in a bridge group are only supported on PPA2-based Ethernet cards.
PWFQ policies and aggregate shaping are not supported on BVI ports. NAT policies are not supported on bridged virtual interfaces.
This feature does not support transport ranges and VPLS circuits. Bridge groups with VPLS configured are not supported. Binding to multibind interfaces is not supported by this feature.
The show circuit and the show bindings commands display bvi-port when a BVI port is configured.
To monitor the port, use the show circuit counters command. To enable the port, use the no shutdown command (in port configuration mode). Use the no form of this command to delete the port configuration from the configuration database.
Bi-directional Forwarding Detection (BFD) on L3 BVI ports is not supported.
RSTP is not supported on BVI ports.
BVI ports support:
Related Commands in other manuals are listed in the following table.
forward policy in forward policy out |
qos policy metering qos policy policing |
The following example shows how to create a pseudo circuit with the port bvi command:
[local]Redback(config)#context bvi-context [local]Redback(config-ctx)#bridge bvi-bridge [local]Redback(config-bridge)#description Bridge for BVI to support routed and bridged traffic [local]Redback(config-ctx)#interface i1 [local]Redback(config-if)#ip address 192.168.110.1 255.255.255.0 [local]Redback(config-ctx)#interface br1 bridge [local]Redback(config-if)#bridge name bvi-bridge [local]Redback(config)#port bvi port-bvi [local]Redback(config-port)#no shutdown [local]Redback(config-port)#bind interface i1 bvi-context [local]Redback(config-port)#bridge name bvi-bridge bvi-context [local]Redback(config)#port eth 1/1 [local]Redback(config-port)#bind interface br1 bvi-context [local]Redback(config)#port eth 2/1 [local]Redback(config-port)#bind interface br1 bvi-context
For DS-3 channels on channelized OC-12 line cards, the syntax is:
port channelized-ds3 slot/port:ds3-chan-num
no port channelized-ds3 slot/port:ds3-chan-num
For channelized ports on DS-3 line cards, the syntax is:
port channelized-ds3 slot/port
no port channelized-ds3 slot/port
Selects a channelized DS-3 channel or port and enters DS-3 configuration mode.
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized OC-12 or DS-3 line card. The range of values depends on the type and version of the line card; see Table 28 of this command |
ds3-chan-num |
Number of the DS-3 channel on the channelized OC-12 port. The range of values is 1 to 12. |
No channelized DS-3 channels or ports are selected.
Use the port channelized-ds3 command to select a channelized DS-3 channel on a channelized OC-12 port, or a port on a DS-3 line card, and enter DS-3 configuration mode.
Table 28 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized DS-3 |
3 |
No |
– |
Channelized DS-3 |
12 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the DS-3 channel or port, use the no shutdown command (in DS-3 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
The following example selects channelized DS-3 channel 1 on port 1 of the channelized OC-12 line card in slot 4 and enters DS-3 configuration mode:
[local]Redback(config)#port channelized-ds3 4/1:1 [local]Redback(config-ds3)#
port channelized-oc12 slot/port
no port channelized-oc12 slot/port
Selects a channelized OC-12 port and enters port configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized OC-12 line card. The range of values depends on the type and version of the line card; see Table 29 of this command. |
No channelized OC-12 ports are created.
Use the port channelized-oc12 command to create or select a channelized OC-12 port and enter port configuration mode. Use this command to configure port parameters that apply to all channels on the port, such as framing and loopback.
Table 29 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized OC-12 to DS-1 IR Channelized OC-12 to DS-3 IR |
1 |
No |
– |
You do not need to issue this command to select a channelized OC-12 port; the system creates the command in the configuration database when you enter the port ds3 or port ds1 command (in global configuration mode).
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the port, use the no shutdown command (in port configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
The following example selects the first channelized OC-12 port on the line card in slot 4 and enters port configuration mode. The no shutdown command (in port configuration mode) enables the port:
[local]Redback(config)#port channelized-oc12 4/1 [local]Redback(config-port)#no shutdown
port channelized-stm1 slot/port
no port channelized-stm1 slot/port
Selects a port on a channelized STM-1 line card and enters STM-1 configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized STM-1 line card. The range of values depends on the type and version of the line card; see Table 30 of this command. |
No channelized STM-1 ports are created.
Use the port channelized-stm1 command to select a port on a channelized STM-1 line card and enter STM-1 configuration mode. Use this command to configure port parameters that apply to all channels on the port, such as administrative unit group (AUG) mapping and loopback.
Table 30 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized STM-1 to E1 IR |
3 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the port, use the no shutdown command (in STM-1 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
Caution! | ||
Risk of data loss. The no form of this command removes
all configured E1 channels and DS-0 channel groups associated with
the channelized STM-1 port. To reduce the risk, consider the associated
E1 channels and DS-0 channel groups before removing a channelized
STM-1 port.
|
The following example selects a channelized STM-1 port:
[local]Redback(config)#card ch-stm1ds0-3-port 1 [local]Redback(card)#exit [local]Redback(config)#port channelized-stm1 1/1 [local]Redback(config-stm1)#
For ports on channelized STM-1 line cards, the syntax is:
port ds0s slot/port:e1-chan-num:ds0-chan-num
no port ds0s slot/port:e1-chan-num:ds0-chan-num
For channelized ports on E1 line cards, the syntax is:
port ds0s slot/port:ds0-chan-num
no port ds0s slot/port:ds0-chan-num
Selects a DS-0 channel group on a channelized E1 channel or port and enters DS-0 group configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number for the channelized STM-1 or E1 line card. The range of values depends on the type and version of the line card; see Table 31 of this command. |
e1-chan-num |
E1 channel number on the STM-1 port. The range of values is 1 to 63. |
ds0-chan-num |
First time slot in the DS-0 channel group. The range of values is 1 to 31. |
No DS-0 channel groups are created or selected.
Use the port ds0s command to create or select a DS-0 channel group on a channelized E1 channel or port and enter DS-0 group configuration mode.
Table 31 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized STM-1 to E1 IR |
3 |
No |
– |
Channelized E1 |
24 |
No |
– |
If you are creating the DS-0 channel group on a channelized STM-1 port, you must verify that the field- programmable gate array (FPGA) on the card supports this feature. Use the show hardware detail command (in any mode) to determine the version of the FPGA file installed in the channelized STM-1 line card, and compare it to the version of the FPGA file bundled into the software image. If the version of the FPGA file in the card is older, use the reload fpga command (in exec mode) to upgrade to the latest version.
Caution! | ||
It takes three to seven minutes for the reload fpga command to
successfully complete an upgrade. Do not interrupt the process in
the middle of an FPGA upgrade.
|
If you have not selected the E1 channel or port using the port e1 command (in global configuration mode) before you enter this command, this command automatically creates the E1 channel or port with the default CRC-4 framing.
The DS-0 channel number that you specify becomes the only assigned DS-0 channel in the channel group. Any other DS-0 channel that you assign to this group using the timeslot command (in DS-0 group configuration mode) must have a time slot equal to or greater than that specified with the ds0-chan-num argument.
The DS-0 channel group cannot include any time slot less than the value you specify for the ds0-chan-num argument. For example, if you specify 13 as the value for the ds0-chan-num argument, you cannot include time slots 1 to 12 in the DS-0 channel group when you enter the timeslot command (in DS-0 group configuration mode).
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the DS-0 channel group, use the no shutdown command (in DS-0 group configuration mode).
Use the no form of this command to remove a DS-0 channel group from a channelized E1 channel or port.
The following example selects a channelized E1 port on a channelized E1 line card and creates an associated DS-0 channel group:
[local]Redback(config)#card ch-e1ds0-24-port 1 [local]Redback(config-card)#exit !select the channelized E1 port on the channelized E1 traffic card [local]Redback(config)#port e1 1/1 [localRedback(config-e1)#no shutdown [local]Redback(config-e1)#exit !create the DS-0 channel group with a base time slot of 5 [local]Redback(config)#port ds0s 1/1:5 [local]Redback(config-ds0-group)#no shutdown [local]Redback(config-ds0-group)#timeslot 5, 7, 9, 12, 15 [local]Redback(config-ds0-group)#no shutdown [local]Redback(config-ds0-group)#exit
The following example selects a channelized E1 channel on a port on an channelized STM-1 line card and an associated DS-0 channel group:
[local]Redback(config)#card ch-stm1ds0-3-port 2 [local]Redback(card)#exit !select the channelized STM-1 port [local]Redback(config)#port channelized-stm1 2/1 [local]Redback(config-stm1)#no shutdown [local]Redback(config-stm1)#exit !create the channelized E1 channel on the channelized STM-1 port [local]Redback(config)#port e1 2/1:1 [local]Redback(config-e1)#no shutdown [local]Redback(config-e1)#exit !create the DS-0 channel group with a base time slot of 3 [local]Redback(config)#port ds0s 2/1:1:3 [local]Redback(config-ds0-group)#timeslot 3, 7, 9, 12, 15 [local]Redback(config-ds0-group)#no shutdown [local]Redback(config-ds0-group)#exit
For ports on channelized OC-12 line cards, the syntax is:
port ds1 slot/port:ds3-chan-num:ds1-chan-num
no port ds1 slot/port:ds3-chan-num:ds1-chan-num
For channelized ports on DS-3 line cards, the syntax is:
port ds1 slot/port:ds1-chan-num
no port ds1 slot/port:ds1-chan-num
Selects a constituent DS-1 channel on a channelized DS-3 channel or port and enters DS-1 configuration mode.
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized OC-12 or DS-3 line card. The range of values depends on the type and version of the line card; see Table 32 of this command. |
ds3-chan-num |
Number of the DS-3 channel on the channelized OC-12 line card. The range of values is 1 to 12. |
ds1-chan-num |
Number of the DS-1 channel to select. The range of values is 1 to 28. |
No DS-1 channels are selected.
Use the port ds1 command to select a constituent DS-1 channel in a channelized DS-3 channel or port and enter DS-1 configuration mode. Table 32 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized DS-3 |
3 |
No |
– |
Channelized DS-3 |
12 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the DS-1 channel, use the no shutdown command (in DS-1 configuration mode).
Use the no form of this command to delete the channel or port configuration from the configuration database.
The following example selects DS-1 channel 4 in DS-3 channel 1 on port 1 on a channelized OC-12 line card in slot 4 and enters DS-1 configuration mode:
[local]Redback(config)#port ds1 4/1:1:4 [local]Redback(config-ds1)#
The following example selects DS-1 channel 4 on port 1 on a channelized DS-3 line card in slot 3 and enters DS-1 configuration mode:
[local]Redback(config)#port ds1 3/1:4 [local]Redback(config-ds1)#
For ports on channelized OC-12 line cards, the syntax is:
port ds3 slot/port:ds3-chan-num
no port ds3 slot/port:ds3-chan-num
For clear-channel ports on DS-3 line cards, the syntax is:
port ds3 slot/port
no port ds3 slot/port
Selects a clear-channel DS-3 channel or port and enters DS-3 configuration mode.
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized OC-12 or DS-3 line card. The range of values depends on the type and version of the line card; see Table 33 of this command. |
ds3-chan-num |
Number of the DS-3 channel on the channelized OC-12 line card. The range of values is 1 to 12. |
No DS-3 channels or ports are selected.
Use the port ds3 command to select a clear-channel DS-3 channel or port and enter DS-3 configuration mode.
Table 33 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Clear-Channel DS-3 |
12 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the DS-3 channel, use the no shutdown command (in DS-3 configuration mode).
Use the no form of this command to delete the channel or port configuration from the configuration database.
The following example selects port 1 on the clear-channel DS-3 line card in slot 4 and enters DS-3 configuration mode:
[local]Redback(config)#port ds3 4/1 [local]Redback(config-ds3)#
For ports on channelized STM-1 line cards, the syntax is:
port e1 slot/port:e1-chan-num
no port e1 slot/port:e1-chan-num
For ports on E1 line cards, the syntax is:
port e1 slot/port
no port e1 slot/port
Selects an E1 channel or port and enters E1 configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the channelized STM-1 or E1 line card. The range of values depends on the version of the card; see Table 34 of this command. |
e1-chan-num |
E1 channel number on the channelized STM-1 line card. The range of values is 1 to 63. |
No E1 channels or ports are selected.
Use the port e1 command to select an E1 channel or port and enter E1 configuration mode. When selected, the E1 channel or port is channelized with CRC4 framing.
Table 34 lists the range of values for the port argument; in the table, the IR abbreviation is used for Intermediate Reach.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Channelized STM-1 to E1 IR |
3 |
No |
– |
Channelized E1 |
24 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
Use the no form of this command to delete the E1 channel or port configuration from the database.
Caution! | ||
Risk of data loss. The no form of this command deletes
any DS-0 channel groups configured for the E1 channel or port. To
reduce the risk, consider the associated DS-0 channel groups before
deleting an E1 channel or port.
|
The following example shows how to configure a channelized E1 port and a clear-channel E1port on a channelized E1 line card:
[local]Redback(config)#card ch-e1ds0-24-port [local]Redback(config-card)#exit !select an E1 port and frame it as channelized [local]Redback(config)#port e1 1/1 [local]Redback(config-e1)#framing crc4 [local]Redback(config-e1)#exit !select an E1 port and frame it as clear-channel [local]Redback(config)#port e1 1/2 [local]Redback(config-e1)#framing unframed [localRedback(config-e1)#
The following example shows how to create an E1 channel on a channelized STM-1 port:
!select the channelized STM-1 port [local]Redback(config)#port channelized-stm1 1/1 [local]Redback(config-stm1)#exit !select the E1 channel on the STM-1 port [local]Redback(config)#port e1 1/1:1 [localRedback(config-e1)#
port e3 slot/port
no port e3 slot/port
Selects a port on a clear-channel E3 line card and enters E3 configuration mode.
slot |
Chassis slot number of the clear-channel E3 line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Port number on the clear-channel E3 line card. The range of values is listed in Table 35 of this command. |
No E3 ports are selected.
Use the port e3 command to select a clear-channel E3 port on a clear-channel E3 line card and enter E3 configuration mode.
Table 35 lists the range of values for the port argument.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
Clear-Channel E3 |
6 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the E3 port, use the no shutdown command (in E3 configuration mode).
Use the no form of this command to delete the port configuration from the configuration database.
The following example selects port 1 on the clear-channel E3 line card in slot 4 and enters E3 configuration mode:
[local]Redback(config)#port e3 4/1 [local]Redback(config-e3)#
port ethernet slot/port [wan-phy]
no port ethernet slot/port [wan-phy]
Selects an Ethernet port and enters port configuration mode.
global configuration
slot |
Chassis slot number of the line or controller card. The range of values depends on the chassis in which the line or controller card is installed; see the card command. |
port |
Line or controller card port number. The range of values depends on the type of line or controller card; see Table 36 of this command. |
wan-phy |
Enables WAN-PHY operation. A WAN-PHY port can transmit and receive IEEE 802.3 MAC frames directly in the payload envelope of a SONET STS-192c/SDH VC-4-64c frame. WIS is described in IEEE 802.3ae. WAN-PHY is supported only on the 1-Port 10 Gigabit Ethernet Card (10ge-1-port ) and 1-Port 10 Gigabit Ethernet/OC-192c DDR (10ge-oc192-1-port). The Ethernet port on this card operates in either LAN-PHY or WHY-PHY mode. If you do not enter the wan-phy keyword, the port operates in LAN-PHY mode. (1) |
(1) To change the configuration of the port of this card from LAN-PHY
to WHY-PHY or from WHY-PHY to LAN-PHY, you must first delete the existing
configuration.
None
Use the port ethernet command to select an Ethernet port and enter port configuration mode. The Ethernet port can be of any type, including Gigabit Ethernet ports and the Ethernet management port on the active controller card.
For Ethernet management ports, the slot argument is always 1 in a SmartEdge 100 chassis, 6 in a SmartEdge 400 chassis, and 7 in a SmartEdge 600, 800, 1200, or 1200H chassis; the port argument is always 1.
Table 36 lists the range of values for the port argument for SmartEdge 400, 600, 800, 1200 and 1200H line cards.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
10/100 Ethernet |
12 |
No |
– |
Fast Ethernet-Gigabit Ethernet |
62(1) |
No |
– |
Gigabit Ethernet |
4 |
Yes |
1, 3 |
Advanced Gigabit Ethernet |
4 |
Yes |
1, 3 |
Gigabit Ethernet 3 |
4 |
No |
– |
Gigabit Ethernet 1020 |
10 |
No |
– |
Gigabit Ethernet 1020 |
20 |
No |
– |
Gigabit Ethernet |
5 |
No |
– |
Gigabit Ethernet |
20 |
No |
– |
Gigabit Ethernet DDR |
10 |
No |
– |
10 Gigabit Ethernet |
1 |
No |
– |
10 Gigabit Ethernet |
4 |
No |
– |
10 Gigabit Ethernet/OC-192c DDR |
1 |
No |
– |
(1) On the FE-GE card, ports 1 to 60 are Fast Ethernet,
while ports 61 and 62 are Gigabit Ethernet.
The value for the port argument on the SmartEdge 100 router is either of the following:
Before the port is configured, the operating system performs a power check to determine if the SmartEdge router has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the operating system displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the port, use the no shutdown command in port configuration mode.
Use the no form of this command to delete the port configuration from the configuration database.
The following example shows how to configure an Ethernet port on the Ethernet line card installed in slot 2:
[local]Redback(config)#port ethernet 2/2 [local]Redback(config-port)#no shutdown
port [80] [port-number]
Selects the port or ports on which the HTTP server on the controller card listens.
HTTP redirect server configuration
80 |
Optional. Configures the HTTP server to listen on port 80. This is the default port. |
port-number |
Optional. Configures the HTTP server to listen to the specified port or ports. The supported ports range from 1025 to 51000. |
The HTTP server listens on port 80.
Use the port (http) command to select the port (or ports) on which the HTTP server on the controller card listens.
By default, the HTTP server listens on port 80. You can configure the HTTP server to listen on any port or ports (up to 10) ranging from 1025 to 51000. Including port 80, the total number of ports to which the HTTP server can listen is 11.
The following example configures the HTTP server to listen on ports 80, 8080, 1025, 45000, and 5000:
[local]Redback(config)#http-redirect server [local]Redback(config-hr-server)#port 80 8080 1025 45000 50000
port-limit max-sessions
no port-limit
Limits the number of sessions a subscriber can access simultaneously.
subscriber configuration
max-sessions |
Maximum number of simultaneous subscriber sessions allowed. The range of values is 1 to 255. |
There are no session limits.
Use the port-limit command to limit the number of sessions a subscriber can access simultaneously. This command is useful for dial-up and ISDN users who might attempt to consume multiple links in their multilink bundle. You can also use this command to prevent a single user’s account from being accessed by multiple users.
At runtime, if the subscriber sessions are using links in a Point-to-Point Protocol (PPP) multilink bundle, the maximum number of sessions (links) is reduced to eight if the value specified for the max-sessions argument is greater than eight. However, the value stored in the subscriber record is unchanged.
To set the port limit remotely using Remote Authentication Dial-In User Service (RADIUS), use the Port-Limit RADIUS attribute described in RADIUS Attributes.
Use the no form of this command to remove the session limitation.
The following example sets a maximum of two sessions for subscriber joe to use simultaneously:
[local]Redback(config-ctx)#subscriber name joe [local]Redback(config-sub)#port-limit 2
port pos slot/port
no port pos slot/port
Configures a Packet over SONET/SDH (POS) port and enters port configuration mode.
global configuration
slot |
Chassis slot number of the line card. The range of values depends on the chassis in which the line card is installed; see the Line and Services Card Types and Slots section in the Usage Guidelines of the card command. |
port |
Line card port number. The range of values depends on the type of line card; see Table 37 of this command. |
None
Use the port pos command to configure a POS port on an OC-3c/STM-1c line card, OC-12c/STM-4c line card, or OC-48c/STM-16 line card, and to enter port configuration mode.
Table 37 lists the range of values for the port argument.
Line Card Type |
Physical Ports |
Low-Density Version |
Low-Density Ports |
---|---|---|---|
POS OC-3c/STM-1c |
8 |
No |
– |
POS OC-12c/STM-4c |
4 |
No |
– |
POS OC-48c/STM-16c |
4 |
No |
– |
OC-192c/STM-64c |
1 |
No |
– |
OC-3c/STM-1c |
8 |
No |
– |
OC-12c/STM-4c |
4 |
No |
– |
OC-48c/STM-16c |
4 |
No |
– |
OC-48c/STM-16c |
1 |
No |
– |
Before the port is configured, the SmartEdge OS performs a power check to determine if the chassis has sufficient unallocated power to meet the power requirements for the port’s line card. If the power requirements for the line card are greater than the unallocated power resources of the chassis, the SmartEdge OS displays the following message:
Insufficient power available for card <card-name> in slot <slot>. Power Required: <n> A @48V Power Available: <m> A @48V
In the message, n is the amperes required by the line card and m is the amperes available for assignment. In this case, the command is not included in the system configuration. However, it might be possible to configure a line card that requires less power in this slot. Use the show chassis power command with the inventory keyword to display the power requirements for each line card.
To enable the port, use the no shutdown command in port configuration mode.
Use the no form of this command to delete the port configuration from the configuration database.
The following example shows how to configure an POS port on the OC card installed in slot 6:
[local]Redback(config)#port pos 6/1 [local]Redback(config-port)#no shutdown
port-priority priority-value
{no | default} port-priority
Sets the Rapid Spanning Tree Protocol (RSTP) priority of the associated port.
priority-value |
RSTP port priority. The range of values is from 0 to 240. Only multiples of 16 are allowed as values for the argument. |
The default RSTP priority is 16.
Use the port-priority command to set the RSTP priority of the associated port. If multiple ports have the same path cost to the root bridge, the port with lowest port priority is selected as the root port.
The following example illustrates how the spanning-tree profile command creates the spanning-tree profile womp and sets its port priority to the value 224. In the second part of the example, an Ethernet port is assigned the spanning-tree profile womp and, therefore, the priority of the Ethernet port is set at 224:
[local]Redback(config)#spanning-tree profile womp [local]Redback(config-stp-prof)#port-priority 224 [local]Redback(config-stp-prof)#exit [local]Redback(config)#port ethernet 1/1 [local]Redback(config-port)#spanning-tree profile womp
port-propagate qos from ethernet [class-map map-name]
{no | default} port-propagate qos from ethernet [class-map map-name]
For incoming packets, enables the use of 802.1p user priority bits in the 802.1q Ethernet header to set the internal SmartEdge packet descriptor (PD) quality of service (QoS) bits for the packet and determine ingress oversubscription treatment.
Port configuration for cards that support differentiated packet treatment for ingress oversubscription scenarios.
class-map map-name |
Optional. Name of an ingress Ethernet classification map for mapping Ethernet 802.1p user priority bits to quality of service (QoS) packet descriptor (PD) values. |
Ethernet 802.1p user priority bits are not propagated to PD QoS bits or used to determine ingress oversubscription treatment.
Use the port-propagate qos from ethernet command to propagate Ethernet 802.1p user priority bits to PD QoS bits for incoming packets. Use the 802.1p value in the outer 802.1q header, if present, of each received packet to determine its ingress oversubscription treatment. For more information, see Priority Propagation for Oversubscribed Traffic Cards .
Use the qos class-map command with the ethernet in keywords (in global configuration mode) to define an optional custom mapping schema to be referenced by the class-map map-name option of the port-propagate qos from ethernet command. The ethernet use-ip class-map command is not supported in this context and should not be configured in class-maps which are to be used with this command.
If no class-map is specified with the port-propagate qos from ethernet command, the PD QoS priority value is mapped directly from the 802.1p value of the packet according to the mapping specified in Table 38.
802.1p Value |
PD QoS Priority Value |
PD QoS Drop-precedence Value |
---|---|---|
7 |
0 |
0 |
6 |
1 |
0 |
5 |
2 |
0 |
4 |
3 |
0 |
3 |
4 |
0 |
2 |
5 |
0 |
1 |
6 |
0 |
0 |
7 |
0 |
Use the no or default form of this command to disable the propagation of Ethernet 802.1p bits to PD QoS bits and use of 802.1p to determine ingress oversubscription treatment.
For more information about port propagation, see Priority Propagation for Oversubscribed Traffic Cards .
The following example shows how to propagate Ethernet 802.1p user priority bits to PD QoS bits and use the 802.1p bits to determine ingress oversubscription treatment for incoming packets arriving in slot 2, port 1 of an ethernet port:
[local]Redback(config)#port ethernet 2/1 [local]Redback(config-port)#port-propagate qos from ethernet
port-propagate qos from ip [class-map map-name]
{no | default} port-propagate qos from ip [class-map map-name]
For incoming packets, enable use of Differentiated Services Code Point (DSCP) bits in the IP packet header to set the internal SmartEdge packet descriptor (PD) quality of service (QoS) bits for the packet and determine ingress oversubscription treatment.
Port configuration for cards that support differentiated packet treatment for ingress oversubscription scenarios.
class-map map-name |
Optional. Name of the schema for mapping DSCP bits to PD priority bits. |
IP DSCP bits are not propagated to PD QoS bits or used to determine ingress oversubscription treatment.
Use the port-propagate qos from ip command to propagate IP DSCP user priority bits to PD QoS bits and use the DSCP value in the IP header, if present, of each received packet to determine its ingress oversubscription treatment. For more information, see Priority Propagation for Oversubscribed Traffic Cards .
Use the qos class-map command with the ip in keywords (in global configuration mode) to define an optional custom mapping schema to be referenced by the port-propagate qos from ip command.
If no class-map is specified with the class-map map-name option of the port-propagate qos from ip command, the PD QoS priority value is mapped directly from the IP DSCP value of the packet according to the mapping specified in Table 39.
IP DSCP Value |
PD QoS Priority Value |
PD QoS Drop-precedence Value |
---|---|---|
111xxxb |
0 |
0 |
110xxxb |
1 |
0 |
101xxxb |
2 |
0 |
100xxxb |
3 |
0 |
011xxxb |
4 |
0 |
010xxxb |
5 |
0 |
001xxxb |
6 |
0 |
000xxxb |
7 |
0 |
When the port-propagate command is used to map IP DSCP values to PD QoS values, only the three most significant bits (the DSCP class-selector or precedence) are relevant, and the three least significant bits (DSCP drop-precedence) are ignored and treated as if they were zero. Therefore, in IP class-maps referenced by the port-propagate command, only the entries for which the “ip” value is evenly divisible by "8" are relevant.
For example, in the following class-map:
qos class-map port_in ip in ip 8 to qos 11 ip 9 to qos 12
The ip 8 entry is used for all packets in assured forwarding class "1", and the ip 9 value is never used because the three least significant bits are non-zero. For convenience, use the "csN" DSCP labels when defining class-map entries for use with the port-propagate command:
qos class-map port_in ip in ip cs1 to qos 11 ip cs2 to qos 19
Use the no or default form of this command to disable propagation of IP DSCP to PD QoS and use of IP DSCP to determine ingress oversubscription treatment.
The following example shows how to propagate DSCP bits in the IP packet header to the PD priority bits and use DSCP bits to determine ingress oversubscription treatment for incoming packets arriving in slot 2, port 2 of an ethernet port:
[local]Redback(config)#port ethernet 2/2 [local]Redback(config-port)#port-propagate qos from ip
port-propagate qos from mpls [class-map map-name]
{no | default} port-propagate qos from mpls [class-map map-name]
For incoming packets, enable use of MPLS experimental (EXP) bits to set the internal SmartEdge packet descriptor (PD) quality of service (QoS) bits for the packet and determine ingress oversubscription treatment.
Port configuration for cards that support differentiated packet treatment for ingress oversubscription scenarios.
class-map map-name |
Optional. Name of the ingress MPLS classification map for mapping MPLS EXP values to QoS PD values. |
MPLS EXP bits are not mapped to PD QoS bits or used to determine ingress oversubscription treatment.
Use the port-propagate qos from mpls command to enable mapping MPLS EXP bits to PD QoS values for incoming packets and use each received EXP value of the packet in the MPLS header, if present, to determine its ingress oversubscription treatment. For more information, see Priority Propagation for Oversubscribed Traffic Cards .
Use the qos class-map command with the mpls in keywords (in global configuration mode) to define an optional custom mapping schema to be referenced by the class-map map-name option of the port-propagate qos from mpls command. The mpls use-ethernet and mpls use-ip class-map commands are not supported in this context and should not be configured in class-maps which are to be used with the port-propagate qos from mpls command.
If no class-map is specified with the port-propagate qos from mpls command, the PD QoS priority value is mapped directly from the EXP value of the packet according to the mapping specified in Table 40.
EXP Value |
PD QoS Priority Value |
PD QoS Drop-precedence Value |
---|---|---|
7 |
0 |
0 |
6 |
1 |
0 |
5 |
2 |
0 |
4 |
3 |
0 |
3 |
4 |
0 |
2 |
5 |
0 |
1 |
6 |
0 |
0 |
7 |
0 |
Use the no or default form of this command to disable the mapping of MPLS EXP bits to PD QoS bits and use of EXP to determine ingress oversubscription treatment.
The following example shows how to propagate MPLS EXP bits to PD QoS bits and use EXP bits to determine ingress oversubscription treatment for incoming packets arriving in slot 2, port 2 of an ethernet port:
[local]Redback(config)#port ethernet 2/2 [local]Redback(config-port)#port-propagate qos from mpls
port pseudowire pw_name ethernet
no port pseudowire
Configures a port pseudowire connection and changes the mode to port pseudowire configuration mode.
global configuration
pw_name |
Port pseudowire connection name. |
ethernet |
Specifies the protocol (Ethernet) of the port pseudowire connection. |
global configuration
Use the port pseudowire command to configure a port pseudowire connection.
Use the no form of this command to disable a port pseudowire connection.
The following example shows how to configure a port pseudowire Ethernet connection called connect1:
[local]Redback(config)#port pseudowire connect1 ethernet
port destination-port
no port destination-port
Configures access to a port on an external collector. This is the port on which you want the external collector to receive exported records.
flow collector configuration
destination-port |
Identifies a port on an external collector that listens for flow records that are exported from the SmartEdge router. Range is from 1 through 16384. |
The default destination port for a collector is 9997.
Use the port command in flow collector configuration mode to configure access to a port on an external collector. This is the port on which the external collector receives exported records.
Use the no form of this command to return the collector to using the default destination port 9997.
The following example shows how to configure access to the destination port 10 on the external collector c1:
[local]Redback)#configure [local]Redback)(config)#context foo [local]Redback(config-ctx)#flow collector c1 [local]Redback(config-flow-collector)#port 10