Alcatel Lucent Network Router 7750 SR OS User Manual

Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .481

Page 8

7750 SR OS QoS Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Tables

Getting Started

Table 1:

Configuration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17

IP Router Configuration

IPv6 Header Field Descriptions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28

BFD Control Packet Field Description s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

CLI Commands to Configure Basic IP Router Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44

Default Route Preferences . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .93

LAG Event s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185

CLI Commands to Configure a VRRP Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .199

CLI Commands to Configure IES or VPRN Service VRRP Parameters . . . . . . . . . . . . . . . . . .201

Show VRRP Global-Statistics Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .261

Show VRRP Instance Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .262

Show VRRP Policy Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .266

Show VRRP Policy Event Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269

Show VRRP Policy Output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

Applying Filter Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277

DSCP Name to DSCP Value Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .288

IP Option Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .290

MAC Match Criteria Exclusivity Rule s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .294

CLI Commands to Configure Filter Policies Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .302

Applying Filter Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324

CLI Commands to Configure Cflowd Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .444

Cflowd Configuration Dependencie s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .454

Show Cflowd Collector Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .471

Show Cflowd Collector Detailed Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472

Show Cflowd Status Output Fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .475

7750 SR OS Router Configuration Guide

Page 9

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Tables

Page 10

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

LIST OF FIGURES

IP Router Configuration

Confederation Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25

IPv6 Header Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .27

IPv6 Internet Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

IPv6 Transit Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

IPv6 Services to Enterprise Customers and Home Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

IPv6 over IPv4 Relay Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .30

Example of a 6PE Topology within One AS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Mandatory Frame Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

IP Router Configuration Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .36

Figure 10: Router Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .37

Figure 11: CLI Configuration Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

Figure 12: CLI System Configuration Context . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .43

VRRP

Figure 13: VRRP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170

Figure 14: VRRP Configuration and Implementation Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

Figure 15: VRRP Policy Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

Figure 16: Interface VRRP Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192

Figure 17: IES VRRP Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193

Figure 18: VRRP Command Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197

Filter Policies

Figure 19: Web Redirect Traffic Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Figure 20: Filter Creation and Implementation Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282

Figure 21: Filter Creation and Implementation Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283

Figure 22: Redirect Policy Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284

Figure 23: Filter Policy Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

Figure 24: Filtering Process Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .292

Figure 25: Filter Command Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .300

Figure 26: Redirect Policy Command Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .301

Figure 27: Applying an IP Filter to an Ingress Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308

Figure 28: Policy-Based Forwarding for Deep Packet Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .332

Cflowd

Figure 29: Basic Cflowd Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .431

Figure 30: V5 and V8 Flow Processing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .433

Figure 31: Cflowd Configuration and Implementation Flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .434

Figure 32: Cflowd Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435

Figure 33: Router Interface Cflowd Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436

Figure 34: IP Filter Cflowd Configuration Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .436

Figure 35: Cflowd Command Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443

7750 SR OS Router Configuration Guide

Page 11

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Figures

Page 12

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

Preface

About This Guide

This guide describes logical IP routing interfaces, virtual routers, IP and MAC-based filtering, and

cflowd support provided by the 7750 SR OS and presents configuration and implementation

examples.

This document is organized into functional chapters and provides concepts and descriptions of the

implementation flow, as well as Command Line Interface (CLI) syntax and command usage.

Audience

This manual is intended for network administrators who are responsible for configuring the 7750

SR-Series routers. It is assumed that the network administrators have an understanding of

networking principles and configurations. Protocols, standards, and services described in this

manual include the following:

•

IP router configuration

Virtual routers

IP and MAC-based filters

Cflowd

7750 SR OS Router Configuration Guide

Page 13

Download from Www.Somanuals.com. All Manuals Search And Download.

Preface

List of Technical Publications

The 7750 SR documentation set is composed of the following books:

•

7750 SR OS Basic System Configuration Guide

This guide describes basic system configurations and operations.

7750 SR OS System Management Guide

•

This guide describes system security and access configurations as well as event logging

and accounting logs.

•

7750 SR OS Interface Configuration Guide

This guide describes card, Media Dependent Adapter (MDA), and port provisioning.

7750 SR OS Router Configuration Guide

This guide describes logical IP routing interfaces and associated attributes such as an IP

address, port, link aggregation group (LAG) as well as IP and MAC-based filtering,

VRRP, and Cflowd.

•

7750 SR OS Routing Protocols Guide

This guide provides an overview of routing concepts and provides configuration examples

for RIP, OSPF, IS-IS, Multicast, BGP, and route policies.

7750 SR OS MPLS Guide

This guide describes how to configure Multiprotocol Label Switching (MPLS) and Label

Distribution Protocol (LDP).

7750 SR OS Services Guide

This guide describes how to configure service parameters such as service distribution

points (SDPs), customer information, user services, service mirroring and Operations,

Administration and Management (OAM) tools.

•

7750 SR OS Triple Play Guide

This guide describes Triple Play services and support provided by the 7750 SR and

presents examples to configure and implement various protocols and services.

7750 SR Quality of Service Guide

This guide describes how to configure Quality of Service (QoS) policy management.

Page 14

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

Preface

Technical Support

If you purchased a service agreement for your 7750 SR-Series router and related products from a

distributor or authorized reseller, contact the technical support staff for that distributor or reseller

for assistance. If you purchased an Alcatel-Lucent service agreement, contact your welcome center

at:

Web: http://www1.alcatel-lucent.com/comps/pages/carrier_support.jhtml

7750 SR OS Router Configuration Guide

Page 15

Download from Www.Somanuals.com. All Manuals Search And Download.

Preface

Page 16

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

Getting Started

In This Chapter

This chapter provides process flow information to configure routing entities, virtual routers, IP and

MAC filters, and Cflowd.

Alcatel-Lucent 7750 SR-Series Router Configuration

Process

Table 1 lists the tasks necessary to configure logical IP routing interfaces, virtual routers, IP and

MAC-based filtering, and Cflowd.

This guide is presented in an overall logical configuration flow. Each section describes a software

area and provides CLI syntax and command usage to configure parameters for a functional area.

Table 1: Configuration Process

Area

Task

Chapter

Router

configuration

Configure router parameters, including router

interface and addresses, router ID, autonomous

systems, and confederations.

IP Router Configuration on page

Protocol

VRRP

VRRP on page 169

configuration

IP and MAC filters

Filter Policies on page 275

Cflowd on page 429

Cflowd

Reference

List of IEEE, IETF, and other proprietary entities.

Standards and Protocol Support on

page 715

7750 SR OS Router Configuration Guide

Page 17

Download from Www.Somanuals.com. All Manuals Search And Download.

Getting Started

Page 18

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

In This Chapter

This chapter provides information about commands required to configure basic router parameters.

Topics in this chapter include:

•

Configuring IP Router Parameters on page 20

→ Interfaces on page 20

→ Router ID on page 22

→ Autonomous Systems (AS) on page 23

→ Confederations on page 24

→ Proxy ARP on page 26

→ Internet Protocol V e rsions on page 27

Router Configuration Process Overview on page 36

Configuration Notes on page 39

•

7750 SR OS Router Configuration Guide

Page 19

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

In order to provision services on a 7750 SR-Series router, logical IP routing interfaces must be

configured to associate attributes such as an IP address, port or the system with the IP interface.

A special type of IP interface is the system interface. A system interface must have an IP address

with a 32-bit subnet mask. The system interface is used as the router identifier by higher-level

protocols such as OSPF and BGP, unless overwritten by an explicit router ID.

The following router features can be configured:

•

Interfaces

IP Addresses

Router ID

Autonomous Systems (AS)

Confederations

DHCP Relay

Internet Protocol V e rsions

Interfaces

7750 SR-Series routers use different types of interfaces for various functions. Interfaces must be

configured with parameters such as the interface type (network and system) and address. A port is

not associated with a system interface. An interface can be associated with the system (loopback

address).

Network Interface

A network interface (a logical IP routing interface) can be configured on one of the following

entities:

•

A physical or logical port

A SONET/SDH channel

Page 20

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

System Interface

The system interface is associated with the network entity (such as a specific router or switch), not

a specific interface. The system interface is also referred to as the loopback address. The system

interface is associated during the configuration of the following entities:

•

The termination point of service tunnels

The hops when configuring MPLS paths and LSPs

The addresses on a target router for BGP and LDP peering

The system interface is used to preserve connectivity (when routing reconvergence is possible)

when an interface fails or is removed. The system interface is used as the router identifier. A

system interface must have an IP address with a 32-bit subnet mask.

7750 SR OS Router Configuration Guide

Page 21

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

IP Addresses

Creating an IP Address Range

An IP address range can be reserved for exclusive use for services by defining the

config>router>service-prefixcommand. When the service is configured, the IP address

must be in the range specified as a service prefix. If no service prefix command is configured, then

no limitation exists.

Addresses in the range of a service prefix can be allocated to a network port unless the exclusive

parameter is used. Then, the address range is exclusively reserved for services.

When defining a range that is a superset of a previously defined service prefix, the subset will be

replaced with the superset definition. For example, if a service prefix exists for 10.10.10.0/24, and

a new service prefix is configured as 10.10.0.0/16, then the old address (10.10.10.0/24) will be

replaced with the new address (10.10.0.0/16).

When defining a range that is a subset of a previously defined service prefix, the subset will

replace the existing superset, providing addresses used by services are not affected; for example, if

a service prefix exists for 10.10.0.0/16, and a new service prefix is configured as 10.10.10.0/24,

then the 10.10.0.0/16 entry will be removed, provided that no services are configured that use

10.10.x.x addresses other than 10.10.10.x.

Router ID

The router ID, a 32-bit number, uniquely identifies the router within an autonomous system (AS)

(see Autonomous Systems (AS) on page 23). In protocols such as OSPF, routing information is

exchanged between areas, groups of networks that share routing information. It can be set to be the

same as the loopback address. The router ID is used by both OSPF and BGP routing protocols in

the routing table manager instance.

There are several ways to obtain the router ID. On each 7750 SR-Series router, the router ID can be

derived in the following ways.

•

Define the value in the config>router router-id context. The value becomes the

router ID.

Configure the system interface with an IP address in the config>router>interface

ip-int-name context. If the router ID is not manually configured in the

config>router router-idcontext, then the system interface acts as the router ID.

If neither the system interface or router ID are implicitly specified, then the router ID is

inherited from the last four bytes of the MAC address.

•

The router can be derived on the protocol level; for example, BGP.

Page 22

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Autonomous Systems (AS)

Networks can be grouped into areas. An area is a collection of network segments within an AS that

have been administratively assigned to the same group. An area’s topology is concealed from the

rest of the AS, which results in a significant reduction in routing traffic.

Routing in the AS takes place on two levels, depending on whether the source and destination of a

packet reside in the same area (intra-area routing) or different areas (inter-area routing). In intra-

area routing, the packet is routed solely on information obtained within the area; no routing

information obtained from outside the area can be used. This protects intra-area routing from the

injection of bad routing information.

Routers that belong to more than one area are called area border routers. All routers in an AS do

not have an identical topological database. An area border router has a separate topological

database for each area it is connected to. Two routers, which are not area border routers, belonging

to the same area, have identical area topological databases.

Autonomous systems share routing information, such as routes to each destination and information

about the route or AS path, with other ASs using BGP. Routing tables contain lists of next hops,

reachable addresses, and associated path cost metrics to each router. BGP uses the information and

path attributes to compile a network topology.

7750 SR OS Router Configuration Guide

Page 23

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

Confederations

Configuring confederations is optional and should only be implemented to reduce the IBGP mesh

inside an AS. An AS can be logically divided into smaller groupings called sub-confederations and

then assigned a confederation ID (similar to an autonomous system number). Each sub-

confederation has fully meshed IBGP and connections to other ASs outside of the confederation.

The sub-confederations have EBGP-type peers to other sub-confederations within the

confederation. They exchange routing information as if they were using IBGP. Parameter values

such as next hop, metric, and local preference settings are preserved. The confederation appears

and behaves like a single AS.

Confederations have the following characteristics.

•

A large AS can be sub-divided into sub-confederations.

Routing within each sub-confederation is accomplished via IBGP.

EBGP is used to communicate between sub-confederations.

BGP speakers within a sub-confederation must be fully meshed.

Each sub-confederation (member) of the confederation has a different AS number. The AS

numbers used are typically in the private AS range of 64512 — 65535.

To migrate from a non-confederation configuration to a confederation configuration requires a

major topology change and configuration modifications on each participating router. Setting BGP

policies to select an optimal path through a confederation requires other BGP modifications.

Page 24

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

There are no default confederations. Router confederations must be explicitly created. Figure 1

depicts a confederation configuration example.

Confederation 2002

AS 200

Confederation Member 1

AS 300

Confederation Member 3

ALA-B

ALA-C

ALA-E

ALA-F

AS 100

ALA-A

ALA-D

ALA-G

AS 400

Confederation Member 2

AS 500

ALA-H

SRSG005

Figure 1: Confederation Configuration

7750 SR OS Router Configuration Guide

Page 25

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

Proxy ARP

Proxy ARP is the technique in which a router answers ARP requests intended for another node.

The router appears to be present on the same network as the “real” node that is the target of the

ARP and takes responsibility for routing packets to the “real” destination. Proxy ARP can help

nodes on a subnet reach remote subnets without configuring routing or a default gateway.

Typical routers only support proxy ARP for directly attached networks; the 7750 SR-Series is

targeted to support proxy ARP for all known networks in the routing instance where the virtual

interface proxy ARP is configured.

In order to support DSLAM and other edge like environments, 7750 SR-Series proxy ARP

supports policies that allow the provider to configure prefix lists that determine for which target

networks proxy ARP will be attempted and prefix lists that determine for which source hosts proxy

ARP will be attempted.

In addition, the 7750 SR OS proxy ARP implementation will support the ability to respond for

other hosts within the local subnet domain. This is needed in environments such as DSL where

multiple hosts are in the same subnet but can not reach each other directly.

Static ARP is used when a 7750 SR OS needs to know about a device on an interface that cannot or

does not respond to ARP requests. Thus, the 7750 SR OS configuration can state that if it has a

packet that has a certain IP address to send it to the corresponding ARP address. Use proxy ARP so

the 7750 SR responds to ARP requests on behalf of another device.

Page 26

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Internet Protocol Versions

The 7750 SR OS implements IP routing functionality, providing support for IP version 4 (IPv4)

and IP version 6 (IPv6). IP version 6 (IPv6) (RFC 1883, Internet Protocol, Version 6 (IPv6)) is a

newer version of the Internet Protocol designed as a successor to IP version 4 (IPv4) (RFC-791,

Internet Protocol). The changes from IPv4 to IPv6 effect the following categories:

•

Expanded addressing capabilities — IPv6 increases the IP address size from 32 bits (IPv4)

to 128 bits, to support more levels of addressing hierarchy, a much greater number of

addressable nodes, and simpler auto-configuration of addresses. The scalability of

multicast routing is improved by adding a scope field to multicast addresses. Also, a new

type of address called an anycast address is defined that is used to send a packet to any one

of a group of nodes.

•

Header format simplification — Some IPv4 header fields have been dropped or made

optional to reduce the common-case processing cost of packet handling and to limit the

bandwidth cost of the IPv6 header.

Improved support for extensions and options — Changes in the way IP header options are

encoded allows for more efficient forwarding, less stringent limits on the length of

options, and greater flexibility for introducing new options in the future.

Flow labeling capability — The capability to enable the labeling of packets belonging to

particular traffic flows for which the sender requests special handling, such as non-default

quality of service or “real-time” service was added in IPv6.

Authentication and privacy capabilities — Extensions to support authentication, data

integrity, and (optional) data confidentiality are specified for IPv6.

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|Version| Prio. | Flow Label

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Payload Length | Next Header | Hop Limit

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Source Address

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Destination Address

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Figure 2: IPv6 Header Format

7750 SR OS Router Configuration Guide

Page 27

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

Table 2: IPv6 Header Field Descriptions

Field

Description

Version

4-bit Internet Protocol version number = 6.

Prio.

4-bit priority value.

24-bit flow label.

Flow Label

Payload Length

16-bit unsigned integer. The length of payload, for example, the rest of the packet

following the IPv6 header, in octets. If the value is zero, the payload length is

carried in a jumbo payload hop-by-hop option.

Next Header

Hop Limit

8-bit selector. Identifies the type of header immediately following the IPv6 header.

This field uses the same values as the IPv4 protocol field.

8-bit unsigned integer. Decremented by 1 by each node that forwards the packet.

The packet is discarded if the hop limit is decremented to zero.

Source Address

128-bit address of the originator of the packet.

Destination Address

128-bit address of the intended recipient of the packet (possibly not the ultimate

recipient if a routing header is present).

Page 28

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

IPv6 Applications

Examples of the IPv6 applications supported by the 7750 SR OS include:

•

IPv6 Internet exchange peering — Figure 3 shows an IPv6 Internet exchange where

multiple ISPs peer over native IPv6.

IPv6 IX

ISP A

ISP B

Peering

IPIPE_007

Figure 3: IPv6 Internet Exchange

•

IPv6 transit services — Figure 4 shows IPv6 transit provided by an ISP.

Customer 1

2001:0410:0001:/48

ISP

2001:0410::/32

Customer 2

2001:0410:0002:/4

IPIPE_008

Figure 4: IPv6 Transit Services

7750 SR OS Router Configuration Guide

Page 29

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

•

IPv6 services to enterprise customers and home users — Figure 5 shows IPv6 connectivity

to enterprise and home broadband users.

DSL, Cable

FTTH

Enterprise

IPv6 Core

IPv6 Broadband Users

ISP

IPIPE_009

Figure 5: IPv6 Services to Enterprise Customers and Home Users

•

IPv6 over IPv4 relay services — IPv6 over IPv4 tunnels are one of many IPv6 transition

methods to support IPv6 in an environment where not only IPv4 exists but native IPv6

networks depend on IPv4 for greater IPv6 connectivity. 7750 SR OS supports dynamic

IPv6 over IPv4 tunneling. The ipv4 source and destination address are taken from

configuration, the source address is the ipv4 system address and the ipv4 destination is the

next hop from the configured 6over4 tunnel.

IPv6 over IPv4 is an automatic tunnel method that gives a prefix to the attached IPv6

network. Figure 6 shows IPv6 over IPv4 tunneling to transition from IPv4 to IPv6.

6to4

IPv4 Cloud

Figure 6: IPv6 over IPv4 Relay Services

Page 30

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

IPv6 Provider Edge Router over MPLS (6PE)

6PE allows IPv6 domains to communicate with each other over an IPv4 MPLS core network. This

architecture requires no backbone infrastructure upgrades and no reconfiguration of core routers,

because forwarding is purely based on MPLS labels. 6PE is a cost effective solution for IPv6

deployment.

Figure 7: Example of a 6PE Topology within One AS

6PE Control Plane Support

The 6PE MP-BGP routers support:

•

IPv4/IPv6 dual-stack

MP-BGP can be used between 6PE routers to exchange IPv6 reachability information.

→ The 6PE routers exchange IPv6 prefixes over MP-BGP sessions running over IPv4

transport. The MP-BGP AFI used is IPv6 (value 2).

→ An IPv4 address of the 6PE router is encoded as an IPv4-mapped IPv6 address in the

BGP next-hop field of the IPv6 NLRI. By default, the IPv4 address that is used for

peering is used. It is configurable through the route policies.

→ The 6PE router binds MPLS labels to the IPv6 prefixes it advertises. The SAFI used in

MP-BGP is the SAFI (value 4) label. The 7750 SR-Series router uses the IPv6 Explicit

Null (value 2) label for all the IPv6 prefixes that it advertises and can accept an

arbitrary label from its peers.

7750 SR OS Router Configuration Guide

Page 31

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

•

LDP is used to create the MPLS full mesh between the 6PE routers and the IPv4 addresses

that are embedded in the next-hop field are reachable by LDP LSPs. The ingress 6PE

router uses the LDP LSPs to reach remote 6PE routers.

6PE Data Plane Support

The ingress 6PE router can push two MPLS labels to send the packets to the egress 6PE router. The

top label is an LDP label used to reach the egress 6PE router. The bottom label is advertised in MP-

BGP by the remote 6PE router. Typically, the IPv6 explicit null (value 2) label is used but an

arbitrary value can be used when the remote 6PE router is from a vendor other than Alcatel-

Lucent.

The egress 6PE router pops the top LDP tunnel label. It sees the IPv6 explicit null label, which

indicates an IPv6 packet is encapsulated. It also pops the IPv6 explicit null label and performs an

IPv6 route lookup to find out the next hop for the IPv6 packet.

Page 32

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Bidirectional Forwarding Detection

Bidirectional Forwarding Detection (BFD) is a light-weight, low-overhead, short-duration

detection of failures in the path between two systems. If a system stops receiving BFD messages

for a long enough period (based on configuration) it is assumed that a failure along the path has

occurred and the associated protocol or service is notified of the failure.

BFD can provide a mechanism used for liveness detection over any media, at any protocol layer,

with a wide range of detection times and overhead, to avoid a proliferation of different methods.

There are two modes of operation for BFD:

•

Asynchronous mode — Uses periodic BFD control messages to test the path between

systems.

Demand mode — Does not send periodic messages. BFD control messages are only sent

when either system feels it needs to again verify connectivity, in which case, it transmits a

short sequence of BFD messages and then stops.

A path is only declared operational when two-way communications has been established between

both systems.

A separate BFD session is created for each communications path and data protocol in use between

two systems.

In addition to the two operational modes, there is also an echo function defined within draft-ietf-

bfd-base-04.txt, Bidirectional Forwarding Detection, that allows either of the two systems to send

a sequence of BFD echo packets to the other system, which loops them back within that system’s

forwarding plane. If a number of these echo packets are lost then the BFD session is declared

down.

BFD Control Packet

The base BFD specification does not specify the encapsulation type to be used for sending BFD

control packets. Instead it is left to the implementers to use the appropriate encapsulation type for

the medium and network. The encapsulation for BFD over IPv4 and IPv6 networks is specified in

draft-ietf-bfd-v4v6-1hop-04.txt, BFD for IPv4 and IPv6 (Single Hop). This specification requires

that BFD control packets be sent over UDP with a destination port number of 3784 and the source

port number must be within the range 49152 to 65535.

In addition, the TTL of all transmitted BFD packets must have an IP TTL of 255. All BFD packets

received must have an IP TTL of 255 if authentication is not enabled. If authentication is enabled,

the IP TTL should be 255 but can still be processed if it is not (assuming the packet passes the

enabled authentication mechanism).

7750 SR OS Router Configuration Guide

Page 33

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring IP Router Parameters

If multiple BFD sessions exist between two nodes, the BFD discriminator is used to de-multiplex

the BFD control packet to the appropriate BFD session.

Control Packet Format

The BFD control packet has 2 sections, a mandatory section and an optional authentication section.

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

|Vers | Diag

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

My Discriminator

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Your Discriminator

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Desired Min TX Interval

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Required Min RX Interval

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Required Min Echo RX Interval

|Sta|P|F|C|A|D|R| Detect Mult |

Length

+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Figure 8: Mandatory Frame Format

Table 3: BFD Control Packet Field Descriptions

Field

Description

Vers

Diag

The version number of the protocol. The initial protocol version is 0.

A diagnostic code specifying the local system’s reason for the last transition of the

session from Up to some other state.

Possible values are:

0-No diagnostic

1-Control detection time expired

2-Echo function failed

3-Neighbor signaled session down

4-Forwarding plane reset

5-Path down

6-Concatenated path down

7-Administratively down

H Bit

The “I Hear You” bit. This bit is set to 0 if the transmitting system either is not

receiving BFD packets from the remote system, or is in the process of tearing down

the BFD session for some reason. Otherwise, during normal operation, it is set to 1.

Page 34

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Table 3: BFD Control Packet Field Descriptions (Continued)

Field

Description

D Bit

P Bit

F Bit

The “demand mode” bit. If set, the transmitting system wishes to operate in demand

mode.

The poll bit. If set, the transmitting system is requesting verification of

connectivity, or of a parameter change.

The final bit. If set, the transmitting system is responding to a received BFD control

packet that had the poll (P) bit set.

Rsvd

Reserved bits. These bits must be zero on transmit and ignored on receipt.

Detect Mult

Detect time multiplier. The negotiated transmit interval, multiplied by this value,

provides the detection time for the transmitting system in asynchronous mode.

Like the IGP hello protocol mechanisms, this is analogous to the hello-multiplier in

IS-IS, which can be used to determine the hold-timer.

(hello-interval) x (hello-multiplier) = hold-timer. If a hello is not received within

the hold-timer, a failure has occurred.

Similarly in BFD: (transmit interval) x (detect multiplier) = detect-timer. If a BFD

control packet is not received from the remote system within detect-timer, a failure

has occurred.

Length

Length of the BFD control packet, in bytes.

My Discriminator

A unique, nonzero discriminator value generated by the transmitting system, used

to demultiplex multiple BFD sessions between the same pair of systems.

Your Discriminator

The discriminator received from the corresponding remote system. This field

reflects back the received value of my discriminator, or is zero if that value is

unknown.

Desired Min TX Interval This is the minimum interval, in microseconds, that the local system would like to

use when transmitting BFD control packets.

Required Min RX

Interval

This is the minimum interval, in microseconds, between received BFD control

packets that this system is capable of supporting.

Required Min Echo RX

Interval

This is the minimum interval, in microseconds, between received BFD echo

packets that this system is capable of supporting. If this value is zero, the

transmitting system does not support the receipt of BFD echo packets.

7750 SR OS Router Configuration Guide

Page 35

Download from Www.Somanuals.com. All Manuals Search And Download.

Router Configuration Process Overview

Figure 9 displays the process to configure basic router parameters.

START

SET THE SYSTEM NAME

CONFIGURE SYSTEM IP ADDRESS

CONFIGURE ROUTER ID (optional)

AUTONOMOUS SYSTEMS (optional)

CONFIGURE CONFEDERATIONS (optional)

ENABLE

Figure 9: IP Router Configuration Flow

Page 36

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Router Configuration Process Overview

Figure 9 displays the process to configure basic router parameters.

ROUTER

INTERFACE

ADDRESS

IPV6

ADDRESS

NEIGHBOR

ROUTER ID (optional)

AUTONOMOUS SYSTEM (optional)

CONFEDERATION (optional)

Figure 10: Router Configuration Components

7750 SR OS Router Configuration Guide

Page 37

Download from Www.Somanuals.com. All Manuals Search And Download.

Router Configuration Process Overview

Figure 10 displays the process to configure basic router parameters.

•

Interface — A logical IP routing interface. Once created, attributes like an IP address, port,

link aggregation group or the system can be associated with the IP interface.

Address — The address associates the device’s system name with the IP system address.

An IP address must be assigned to each IP interface.

System interface — This command creates an association between the logical IP interface

and the system (loopback) address. The system interface address is the circuitless address

(loopback) and is used by default as the router ID for protocols such as OSPF and BGP.

•

Router ID — (Optional) The router ID specifies the router's IP address.

Autonomous system — (Optional) An autonomous system (AS) is a collection of

networks that are subdivided into smaller, more manageable areas.

•

Confederation — (Optional) Creates confederation autonomous systems within an AS to

reduce the number of IBGP sessions required within an AS.

Page 38

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuration Notes

The following information describes router configuration caveats.

•

A system interface and associated IP address should be specified.

Boot options file (BOF) parameters must be configured prior to configuring router

parameters.

•

Confederations can be configured before protocol connections (such as BGP) and peering

parameters are configured.

IPv6 interface parameters can only be configured on systems provisioned with the iom2-

20g and 400g SFM2 card types.

In order to configure IPv6 interface parameters, the chassis mode must be set to c in the

config>system>chassis-mode context. Use the force keyword to upgrade to c mode with

cards provisioned as iom-20g or iom-20g-b.

•

An iom2-20g and a SFM2 card are required to enable the IPv6 CPM filter and per-peer

queuing functionality.

Reference Sources

For information on supported IETF drafts and standards, as well as standard and proprietary

MIBS, refer to Standards and Protocol Support on page 477.

7750 SR OS Router Configuration Guide

Page 39

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Notes

Page 40

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring an IP Router with CLI

This section provides information to configure an IP router.

Topics in this section include:

•

Router Configuration Overview on page 42

CLI Command Structure on page 43

List of Commands on page 44

Basic Configuration on page 48

Common Configuration Tasks on page 49

→ Configuring a System Name on page 49

→ Configuring Interfaces on page 51

•

Configuring a System Interface on page 51

Configuring a Network Interface on page 51

Configuring IPv6 Parameters on page 53

Router Advertisement on page 66

→ Configuring Proxy ARP on page 68

→ Deriving the Router ID on page 72

→ Configuring a Confederation on page 73

→ Configuring an Autonomous System on page 75

Service Management Tasks on page 76

•

→ Changing the System Name on page 76

→ Modifying Interface Parameters on page 77

→ Deleting a Logical IP Interface on page 78

7750 SR OS Router Configuration Guide

Page 41

Download from Www.Somanuals.com. All Manuals Search And Download.

Router Configuration Overview

In a 7750 SR, an interface is a logical named entity. An interface is created by specifying an

interface name under the configure>routercontext. This is the global router configuration

context where objects like static routes are defined. An IP interface name can be up to 32

alphanumeric characters long, must start with a letter, and is case-sensitive; for example, the

interface name “1.1.1.1” is not allowed, but “int-1.1.1.1” is allowed.

To create an interface on an Alcatel-Lucent 7750 SR-Series router, the basic configuration tasks

that must be performed are:

•

Assign a name to the interface

Associate an IP address with the interface

Associate the interface with a network interface or the system interface

Configure appropriate routing protocols

A system interface and network interface should be configured.

System Interface

The system interface is associated with the network entity (such as a specific 7750 SR-Series), not

a specific interface. The system interface is also referred to as the loopback address. The system

interface is associated during the configuration of the following entities:

•

The termination point of service tunnels

The hops when configuring MPLS paths and LSPs

The addresses on a target router for BGP andLDP peering.

The system interface is used to preserve connectivity (when routing reconvergence is possible)

when an interface fails or is removed. The system interface is used as the router identifier. A

system interface must have an IP address with a 32-bit subnet mask.

Network Interface

A network interface can be configured on one of the following entities:

•

A physical or logical port

A SONET/SDH channel

Page 42

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

CLI Command Structure

Figure 11 displays the CLI command structure to configure router parameters. The commands are

located under the config>routercontext.

ROOT

CONFIG

ROUTER

INTERFACE

SYSTEM INTERFACE

ADDRESS

PORT

ROUTER ID

AUTONOMOUS SYSTEM

CONFEDERATION

show

router

arp

interface

route-table

Figure 11: CLI Configuration Context

Figure 12 displays the brief CLI command structure to configure the system name. The commands

are located under the config>system context. See the 7750 SR OS System Configuration Guide

for command syntax and descriptions.

ROOT

CONFIG

SYSTEM

name system-name

show

system information

Figure 12: CLI System Configuration Context

7750 SR OS Router Configuration Guide

Page 43

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Commands

Table 4 lists all the configuration commands to configure a 7750 SR-Series router, indicating the

configuration level at which each command is implemented with a short command description.

Refer to each specific chapter for specific routing protocol information and command syntax to

configure protocols such as OSPF and BGP.

The command list is organized in the following task-oriented manner:

•

Configure the system name

Configure the router ID

Configure router parameters

Configure a network interface

Configure the system interface

Configure IPv6 parameters on an interface

Configure router advertisement parameters

Configure interface ICMP

Table 4: CLI Commands to Configure Basic IP Router Parameters

Command

Description

Page

Configure the system name

config>system

name

The system name for the device. Only one system name can be configured.

Configure the router ID

config>router

router-id

Configures the router ID for the router instance. When configuring a new

router ID, protocols will not automatically be restarted with the ID. The

next time a protocol is initialized, the new router ID is used. This may lead

to an interim period of time where different protocols use different router

IDs

Configure router parameters

config>router

aggregate

Creates an aggregate route. Aggregate routes group a number of routes

with common prefixes into a single entry in the routing table, thereby

reducing the number of routes that need to be advertised by this router and

the routing tables of downstream routers.

Page 44

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Table 4: CLI Commands to Configure Basic IP Router Parameters (Continued)

Command

autonomous-system

confederation

ecmp

Description

Page

Assigns an autonomous system (AS) number to the router.

Creates a confederation within an AS.

Enables ECMP and configures the number of routes for path sharing.

Drops or accepts ICMP redirects received on the management interface.

ignore-icmp-

redirect

mc-maximum-routes

Specifies the maximum number of multicast routes that can be held within 89

a VPN routing/forwarding (VRF) context.

service-prefix

Creates an IP address range reserved for IES and certain VPLS services.

The purpose of reserving IP addresses using service-prefix is to provide a

mechanism to reserve one or more address ranges for services.

static-route

Creates static route entries for both the network and access routes.

Triggers route policy re-evaluation.

triggered-policy

Configure a network interface

config>router>interface

address

Assigns an IP address, subnet and broadcast address format to an IP

interface. Only one IP address is associated with an IP interface.

allow-directed-

broadcasts

Enables the forwarding of directed broadcasts out of the IP interface.

arp-timeout

Configures the minimum time in seconds that an address resolution

protocol (ARP) entry learned on the IP interface will be stored in the ARP

table.

bfd

Specifies the bi-directional forwarding detection (BFD) parameters for the 98

associated IP interface

cflowd

Enables the collection of traffic flow samples through a router for analysis. 99

local-proxy-arp

loopback

Enables local proxy ARP on the interface.

Configures the interface as a loopback interface.

Assigns a specific MAC address to an IP interface.

Enables receiving of SNTP broadcasts on the IP interface.

Creates an association with an IP interface and a physical port.

100

mac

ntp-broadcast

port

proxy-arp-policy

Specifies an existing policy-statement to analyze match and action criteria 101

that controls the flow of routing information to and from a given protocol,

set of protocols, or a particular neighbor.

qos

Associates a network Quality of Service (QoS) policy with an IP interface. 102

remote-proxy-arp

secondary

Enables remote proxy ARP on the interface.

102

Assigns a secondary IP address, IP subnet/broadcast address format to the 103

interface.

7750 SR OS Router Configuration Guide

Page 45

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Commands

Table 4: CLI Commands to Configure Basic IP Router Parameters (Continued)

Command

static-arp

Description

Page

Configures a static ARP entry associating an IP address with a MAC

address for the core router instance.

104

tos-marking-state

unnumbered

Specifies the TOS marking state.

104

105

Sets an IP interface as an unnumbered interface and the IP address to be

used for the interface.

Configure the system interface

config>router>interface

address

Assigns an IP address, IP subnet and broadcast address format to an IP

interface. Only one IP address can be associated with an IP interface.

secondary

Assigns a secondary IP address, IP subnet/broadcast address format to the 103

interface.

Configure IPv6 parameters on an interface

config>router>interface>ipv6

address

Assigns an IPv6 address to the interface. Multiple addresses (up to 8) are

allowed per interface.

112

egress

ingress

filter

Specifies egress network filter policies for IPv6 on the interface.

Specifies ingress network filter policies for IPv6 on the interface.

107

Specifies the IPv6 filter policy to be associated with the interface. IPv6

filter policies must be configured in the config>filter>ipv6-filter context

before it can be specified in the router interface context.

icmp6

Enables the context to configure ICMPv6 parameters for the interface.

Configures the rate for ICMPv6 packet-too-big messages.

Configures the rate for ICMPv6 param-problem messages.

Configures the rate for ICMPv6 redirect messages.

packet-too-big

param-problem

redirects

time-exceeded

unreachables

neighbor

Configures the rate for ICMPv6 time-exceeded messages.

Configures the rate for ICMPv6 unreachable messages.

Configures an IPv6-to-MAC address mapping on the interface.

Configure router advertisement parameters

config>router>router-advertisement

interface

Configures router advertisement properties on a specific interface. The

116

interface must already exist in the config>router>interface context.

current-hop-limit

Configures the current-hop-limit in the router advertisement messages. It

informs the nodes on the subnet about the hop-limit when originating IPv6

packets.

116

Page 46

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Table 4: CLI Commands to Configure Basic IP Router Parameters (Continued)

Command Description

managed-

Page

Sets the managed address configuration flag. This flag indicates that

DHCPv6 is available for address configuration in addition to any address

autoconfigured using stateless address autoconfiguration.

116

configuration

max-advertisement-

interval

Configures the maximum interval between sending router advertisement

messages.

117

min-advertisement-

interval

Configures the minimum interval between sending ICMPv6 neighbor

discovery router advertisement messages.

mtu

Configures the MTU for the nodes to use to send packets on the link.

other-stateful-

configuration

Sets the “Other configuration” flag. This flag indicates that DHCPv6lite is 118

available for autoconfiguration of other (non-address) information such as

DNS-related information or information on other servers in the network.

prefix

Configures an IPv6 prefix in the router advertisement messages.

118

autonomous

Specifies whether the prefix can be used for stateless address

autoconfiguration.

on-link

Specifies whether the prefix can be used for onlink determination.

Configures the length of time that the prefix remains preferred.

Configures the length of time that the prefix is valid.

119

preferred-lifetime

valid-lifetime

reachable-time

Configures how long this router should be considered reachable by other

nodes on the link after receiving a reachability confirmation.

retransmit-time

Configures the retransmission frequency of neighbor solicitation

messages.

120

router-lifetime

no shutdown

Sets the router lifetime.

120

Enables router advertisement on an interface.

Configure interface ICMP

config>router>interface

icmp

Configures ICMP parameters on a network IP interface.

109

mask-reply

redirects

Enables responses to ICMP mask requests on the router interface.

Enables and configures the rate for ICMP redirect messages issued on the

router interface.

ttl-expired

unreachables

Configures the rate that ICMP TTL expired messages are issued by the

interface.

110

Enables and configures the rate for ICMP host and network destination

unreachable messages issued on the router interface.

7750 SR OS Router Configuration Guide

Page 47

Download from Www.Somanuals.com. All Manuals Search And Download.

Basic Configuration

NOTE: Refer to each specific chapter for specific routing protocol information and command

syntax to configure protocols such as OSPF and BGP.

The most basic router configuration must have the following:

•

System name

System address

The following example displays a router configuration:

A:ALA-A> config# info

. . .

#------------------------------------------

# Router Configuration

#------------------------------------------

router

interface "system"

address 10.10.10.103/32

exit

interface "to-104"

address 10.0.0.103/24

port 1/1/1

exit

autonomous-system 100

confederation 1000 members 100 200 300

router-id 10.10.10.103

. . .

exit

isis

exit

. . .

#------------------------------------------

A:ALA-A> config#

Page 48

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Common Configuration Tasks

The following sections describe basic system tasks.

•

Configuring a System Name on page 49

Configuring Interfaces on page 51

→ Configuring a System Interface on page 51

→ Configuring a Network Interface on page 51

→ Configuring IPv6 Parameters on page 53

→ Router Advertisement on page 66

Configuring Proxy ARP on page 68

•

Creating an IP Address Range on page 71

Deriving the Router ID on page 72

Configuring a Confederation on page 73

Configuring an Autonomous System on page 75

Configuring a System Name

Use the systemcommand to configure a name for the device. The name is used in the prompt

string. Only one system name can be configured. If multiple system names are configured, the last

one configured will overwrite the previous entry.

If special characters are included in the system name string, such as spaces, #, or ?, the entire string

must be enclosed in double quotes.

Use the following CLI syntax to configure the system name:

CLI Syntax: config# system

name system-name

Example:

config# system

config>system# nameALA-A

ALA-A>config>system# exit all

ALA-A#

7750 SR OS Router Configuration Guide

Page 49

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

The following example displays the system name output.

A#ALA-A>config>system# info

#------------------------------------------

# System Configuration

#------------------------------------------

name "ALA-A"

location "Mt.View, CA, NE corner of FERG 1 Building"

coordinates "37.390, -122.05500 degrees lat."

snmp

exit

. . .

exit

----------------------------------------------

A#ALA-A>config>system#

Page 50

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring Interfaces

The following command sequences create a system and a logical IP interface. The system interface

assigns an IP address to the interface, and then associates the IP interface with a physical port. The

logical interface can associate attributes like an IP address or port.

Note that the system interface cannot be deleted.

Configuring a System Interface

To configure a system interface:

CLI Syntax: config>router

interface ip-int-name

address ip-addr{/mask-length|mask} [broadcast {all-

ones|host-ones}]

secondary {[ip-addr/mask|ip-addr][netmask]} [broadcast

{all-ones|host-ones}] [igp-inhibit]

Example:

config>router# interface system

config>router>if# address 10.10.10.104/32

config>router>if# exit

Configuring a Network Interface

To configure a network interface:

CLI Syntax: config>router

interface ip-int-name

address ip-addr{/mask-length | mask} [broadcast {all-

ones | host-ones}]

cflowd {acl | interface}

egress

filter ip ip-filter-id

filter ipv6 ipv6-filter-id

ingress

filter ip ip-filter-id

filter ipv6 ipv6-filter-id

port [port-id | ccag-group]

Example:

config>router> interface “to-ALA-2”

config>router>if# address 10.10.24.4/24

config>router>if# port 8/1/1

config>router>if# egress

7750 SR OS Router Configuration Guide

Page 51

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

config>router>if>egress# filter ip 10

config>router>if>egress# exit

config>router>if# cflowd acl

config>router>if# exit

The following displays the IP configuration output showing the interface information.

A:ALA-A>config>router# info

#------------------------------------------

# IP Configuration

#------------------------------------------

interface "system"

address 10.10.0.4/32

exit

interface "to-ALA-2"

address 10.10.24.4/24

port 8/1/1

egress

filter ip 10

exit

...

#------------------------------------------

A:ALA-A>config>router#

Page 52

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring IPv6 Parameters

To configure IPv6 parameters, you must first:

•

The chassis mode must be set to c in the config>system>chassis-mode context. Use the

force keyword to upgrade to c mode with cards provisioned as iom-20g or iom-20g-b.

The following displays the interface configuration showing the IPv6 default configuration when

IPv6 is enabled on the interface.

A:ALA-49>config>router>if>ipv6# info detail

----------------------------------------------

port 1/2/37

ipv6

packet-too-big 100 10

param-problem 100 10

redirects 100 10

time-exceeded 100 10

unreachables 100 10

exit

----------------------------------------------

A:ALA-49>config>router>if>ipv6# exit all

Use the following CLI syntax to configure IPv6 parameters on a router interface.

CLI Syntax: config>router# interface interface-name

port port-name

ipv6

address {ipv6-address/prefix-length} [eui-64]

icmp6

packet-too-big [number seconds]

param-problem [number seconds]

redirects [number seconds]

time-exceeded [number seconds]

unreachables [number seconds]

neighbor ipv6-address mac-address?

7750 SR OS Router Configuration Guide

Page 53

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

The following example displays IPv6 interface configuration command usage. These commands

are configured in the config>routercontext.

Example:

config>router# interface gemini_5_21

config>router>if# address 10.11.10.1/24

config>router>if# port 1/2/37

config>router>if# ipv6

config>router>if>ipv6# address 10::1/24

config>router>if>ipv6# exit

config>router>if# no shutdown

The following displays the configuration output showing the interface information.

A:ALA-49>config>router>if# info

----------------------------------------------

address 10.11.10.1/24

port 1/2/37

ipv6

address 10::1/24

exit

----------------------------------------------

A:ALA-49>config>router>if#

Page 54

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring IPv6 Over IPv4 Parameters

This section provides several examples of the features that must be configured in order to

implement IPv6 over IPv4 relay services.

•

Tunnel Ingress Node on page 55

→ Learning the Tunnel Endpoint IPv4 System Address on page 57

→ Configuring an IPv4 BGP Peer on page 58

→ An Example of a IPv6 Over IPv4 Tunnel Configuration on page 59

Tunnel Egress Node on page 61

→ Learning the Tunnel Endpoint IPv4 System Address on page 62

→ Configuring an IPv4 BGP Peer on page 63

→ An Example of a IPv6 Over IPv4 Tunnel Configuration on page 64

Tunnel Ingress Node

This configuration shows how the interface through which the IPv6 over IPv4 traffic leaves the

node. This must be configured on a network interface.

CLI Syntax: config>router

static-route ::C8C8:C802/128 indirect 200.200.200.2

interface ip-int-name

address {ip-address/mask>|ip-address netmask} [broadcast

all-ones|host-ones]

port port-name

Example:

config>router# interface ip-1.1.1.1

config>router>if# address 1.1.1.1/30

config>router>if# port 1/1/1

config>router>if# exit

config>router#

The following displays the configuration output showing the interface information.

A:ALA-49>configure>router# info

----------------------------------------------

...

interface "ip-1.1.1.1"

address 1.1.1.1/30

port 1/1/1

exit

...

----------------------------------------------

A:ALA-49>configure>router#

7750 SR OS Router Configuration Guide

Page 55

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Both the IPv4 and IPv6 system addresses must to configured

CLI Syntax: config>router

interface ip-int-name

address {ip-address/mask>|ip-address netmask} [broad-

cast all-ones|host-ones]

ipv6

address ipv6-address/prefix-length [eui-64]

Example:

config>router# interface system

config>router>if# address200.200.200.1/32

config>router>if# ipv6

config>router>if>ipv6# interface “ip-1.1.1.1”

config>router>if>ipv6# exit

The following displays the configuration output showing the interface information.

A:ALA-49>configure>router# info

----------------------------------------------

...

interface "system"

address 200.200.200.1/32

ipv6

address 3FFE::C8C8:C801/128

exit

...

----------------------------------------------

A:ALA-49>configure>router#

Page 56

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Learning the Tunnel Endpoint IPv4 System Address

This configuration displays the OSPF configuration to learn the IPv4 system address of the tunnel

endpoint.

CLI Syntax: config>router

ospf

area area-id

interface ip-int-name

Example:

config>router# ospf

config>router>ospf# interface system

config>router>ospf>if# exit

config>router>ospf# interface ip-1.1.1.1

config>router>ospf>if# exit

The following displays the configuration showing the OSPF output.

A:ALA-49>configure>router# info

----------------------------------------------

...

ospf

area 0.0.0.0

interface "system"

exit

interface "ip-1.1.1.1"

exit

----------------------------------------------

A:ALA-49>configure>router#

7750 SR OS Router Configuration Guide

Page 57

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Configuring an IPv4 BGP Peer

This configuration display the commands to configure an IPv4 BGP peer with (IPv4 and) IPv6

protocol families.

CLI Syntax: config>router

bgp

export policy-name [policy-name...(upto 5 max)]

router-id ip-address

group name

family [ipv4] [vpn-ipv4] [ipv6] [mcast-ipv4]

type {internal|external}

neighbor ip-address

local-as as-number [private]

peer-as as-number

Example:

config>router# bgp

config>router>bgp# export ospf3

config>router>bgp# router-id 200.200.200.1

config>router>bgp# group "main"

config>router>bgp>group# family ipv4 ipv6

config>router>bgp>group# type internal

config>router>bgp>group# neighbor 200.200.200.2

config>router>bgp>group>neighbor# local-as 1

config>router>bgp>group>neighbor# peer-as 1

config>router>bgp>group>neighbor# exit

config>router>bgp>group# exit

config>router>bgp# exit

The following displays the configuration showing the BGP output.

A:ALA-49>configure>router# info

----------------------------------------------

...

bgp

export "ospf3"

router-id 200.200.200.1

group "main"

family ipv4 ipv6

type internal

neighbor 200.200.200.2

local-as 1

peer-as 1

exit

...

----------------------------------------------

A:ALA-49>configure>router#

Page 58

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

An Example of a IPv6 Over IPv4 Tunnel Configuration

The IPv6 address is the next-hop as it is received through BGP. The IPv4 address is the system

address of the tunnel's endpoint static-route ::C8C8:C802/128 indirect 200.200.200.2.

This configuration displays an example to configure a policy to export IPv6 routes into BGP.

CLI Syntax: config>router

bgp

export policy-name [policy-name...(upto 5 max)]

router-id ip-address

group name

family [ipv4] [vpn-ipv4] [ipv6] [mcast-ipv4]

type {internal|external}

neighbor ip-address

local-as as-number [private]

peer-as as-number

Example:config>router# policy-options

config>router>policy-options# begin

config>router>policy-options# policy-statement ospf3

config>router>policy-options>policy-statement#

config>router>policy-options>policy-statement# description "Plcy

Stmnt For 'From ospf3 To bgp'"

config>router>policy-options>policy-statement# entry 10

config>router>policy-options>policy-statement>entry# description

"Entry protocol ospf3 To bgp"

config>router>policy-options>policy-statement>entry# from

config>router>policy-options>policy-statement>entry>from# protocol

ospf3

config>router>policy-options>policy-statement>entry>from# exit

config>router>policy-options>policy-statement>entry# action accept

config>router>policy-options>policy-statement>entry>action# exit

config>router>policy-options>policy-statement>entry# to

config>router>policy-options>policy-statement>entry>to# protocol bgp

config>router>policy-options>policy-statement>entry>to# exit

config>router>policy-options>policy-statement>entry# exit

config>router>policy-options>policy-statement# exit

config>router>policy-options# exit

config>router#

The following displays the configuration showing the policy output.

A:ALA-49>configure>router# info

----------------------------------------------

...

policy-options

policy-statement "ospf3"

description "Plcy Stmnt For 'From ospf3 To bgp'"

entry 10

description "Entry From Protocol ospf3 To bgp"

from

7750 SR OS Router Configuration Guide

Page 59

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

protocol ospf3

protocol bgp

exit

action accept

exit

...

----------------------------------------------

A:ALA-49>configure>router#

Page 60

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Tunnel Egress Node

This configuration shows how the interface through which the IPv6 over IPv4 traffic leaves the

node. It must be configured on a network interface. Both the IPv4 and IPv6 system addresses must

be configured.

CLI Syntax: config>router

configure router static-route ::C8C8:C801/128 indirect

200.200.200.1

interface ip-int-name

address {ip-address/mask>|ip-address netmask} [broad-

cast all-ones|host-ones]

ipv6

address ipv6-address/prefix-length [eui-64]

port port-name

Example:

config>router# interface ip-1.1.1.2

config>router>if# address 1.1.1.2/30

config>router>if# port 1/1/1

config>router>if# exit

config>router#

config>router# interface system

config>router>if# address 200.200.200.2/32

config>router>if# ipv6

config>router>if>ipv6# address 3FFE::C8C8:C802/128

config>router>if>ipv6# exit

config>router>if# exit

config>router#

The following displays the configuration showing the interface information.

A:ALA-49>configure>router# info

----------------------------------------------

...

interface "ip-1.1.1.2"

address 1.1.1.2/30

port 1/1/1

exit

interface "system"

address 200.200.200.2/32

ipv6

address 3FFE::C8C8:C802/128

exit

----------------------------------------------

7750 SR OS Router Configuration Guide

Page 61

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Learning the Tunnel Endpoint IPv4 System Address

This configuration displays the OSPF configuration to learn the IPv4 system address of the tunnel

endpoint.

CLI Syntax: config>router

ospf

area area-id

interface ip-int-name

Example:

config>router# ospf

config>router>ospf# interface system

config>router>ospf>if# exit

config>router>ospf# interface ip-1.1.1.2

config>router>ospf>if# exit

config>router>ospf# exit

The following displays the configuration showing the OSPF output.

A:ALA-49>configure>router# info

----------------------------------------------

...

ospf

area 0.0.0.0

interface "system"

exit

interface "ip-1.1.1.2"

exit

----------------------------------------------

A:ALA-49>configure>router#

Page 62

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring an IPv4 BGP Peer

This configuration display the commands to configure an IPv4 BGP peer with (IPv4 and) IPv6

protocol families.

CLI Syntax: config>router

bgp

export policy-name [policy-name...(upto 5 max)]

router-id ip-address

group name

family [ipv4] [vpn-ipv4] [ipv6] [mcast-ipv4]

type {internal|external}

neighbor ip-address

local-as as-number [private]

peer-as as-number

Example:

config>router# bgp

config>router>bgp# export ospf3

config>router>bgp# router-id 200.200.200.2

config>router>bgp# group "main"

config>router>bgp>group# family ipv4 ipv6

config>router>bgp>group# type internal

config>router>bgp>group# neighbor 200.200.200.1

config>router>bgp>group>neighbor# local-as 1

config>router>bgp>group>neighbor# peer-as 1

config>router>bgp>group>neighbor# exit

config>router>bgp>group# exit

config>router>bgp# exit

The following displays the configuration showing the BGP output.

A:ALA-49>configure>router# info

----------------------------------------------

...

bgp

export "ospf3"

router-id 200.200.200.2

group "main"

family ipv4 ipv6

type internal

neighbor 200.200.200.1

local-as 1

peer-as 1

exit

...

----------------------------------------------

A:ALA-49>configure>router#

7750 SR OS Router Configuration Guide

Page 63

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

An Example of a IPv6 Over IPv4 Tunnel Configuration

The IPv6 address is the next-hop as it is received through BGP. The IPv4 address is the system

address of the tunnel's endpoint static-route ::C8C8:C802/128 indirect 200.200.200.2

This configuration displays an example to configure a policy to export IPv6 routes into BGP.

CLI Syntax: config>router

bgp

export policy-name [policy-name...(upto 5 max)]

router-id ip-address

group name

family [ipv4] [vpn-ipv4] [ipv6] [mcast-ipv4]

type {internal|external}

neighbor ip-address

local-as as-number [private]

peer-as as-number

Example:config>router# policy-options

config>router>policy-options# begin

config>router>policy-options# policy-statement ospf3

config>router>policy-options>policy-statement#

config>router>policy-options>policy-statement# description "Plcy

Stmnt For 'From ospf3 To bgp'"

config>router>policy-options>policy-statement# entry 10

config>router>policy-options>policy-statement>entry# description

"Entry protocol ospf3 To bgp"

config>router>policy-options>policy-statement>entry# from

config>router>policy-options>policy-statement>entry>from# protocol

ospf3

config>router>policy-options>policy-statement>entry>from# exit

config>router>policy-options>policy-statement>entry# action accept

config>router>policy-options>policy-statement>entry>action# exit

config>router>policy-options>policy-statement>entry# to

config>router>policy-options>policy-statement>entry>to# protocol bgp

config>router>policy-options>policy-statement>entry>to# exit

config>router>policy-options>policy-statement>entry# exit

config>router>policy-options>policy-statement# exit

config>router>policy-options# exit

config>router#

The following displays the configuration showing the policy output.

A:ALA-49>configure>router# info

----------------------------------------------

...

policy-options

policy-statement "ospf3"

description "Plcy Stmnt For 'From ospf3 To bgp'"

entry 10

description "Entry From Protocol ospf3 To bgp"

from

Page 64

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

protocol ospf3

protocol bgp

exit

action accept

exit

----------------------------------------------

A:ALA-49>configure>router#

7750 SR OS Router Configuration Guide

Page 65

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Router Advertisement

To configure the router to originate router advertisement messages, the router-advertisement

command must be enabled. All other router advertisement configuration parameters are optional.

Router advertisement on all IPv6-enabled interfaces will be enabled.

Use the following CLI syntax to enable router advertisement and configure router advertisement

parameters:

CLI Syntax: config>router# router-advertisement

interface ip-int-name

current-hop-limit number

managed-configuration

max-advertisement-interval seconds

min-advertisement-interval seconds

mtu mtu-bytes

other-stateful-configuration

prefix ipv6-prefix/prefix-length

autonomous

on-link

preferred-lifetime {seconds | infinite}

valid-lifetime {seconds | infinite}

reachable-time milli-seconds

retransmit-time milli-seconds

router-lifetime seconds

no shutdown

Page 66

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

The following example displays router advertisement command usage. These commands are

configured in the config>routercontext.

Example: config>router# router-advertisement

config>router>router-advert# interface gemini_5_21

config>router>router-advert>if>prefix> autonomous

config>router>router-advert>if>prefix> on-link

config>router>router-advert>if>prefix> preferred-

lifetime 604800

config>router>router-advert>if>prefix> valid-

lifetime 2592000

config>router>router-advert>if# reachable-time 50000

config>router>router-advert>if# retransmit-time 10000

config>router>router-advert>if# no shutdown

config>router>router-advert>if# exit

*A:tahi>config>router>router-advert>if>prefix# info detail

----------------------------------------------

interface

autonomous

on-link

preferred-lifetime 604800

valid-lifetime 2592000

reachable-time 50000

retransmit-time 10000

no shutdown

----------------------------------------------

*A:tahi>config>router>router-advert>if>prefix#

7750 SR OS Router Configuration Guide

Page 67

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Configuring Proxy ARP

To configure proxy ARP, you can configure:

•

A prefix list in the config>router>policy-options>prefix-listcontext.

A route policy statement in the config>router>policy-options>policy-

statementcontext and apply the specified prefix list.

→ In the policy statement entry>tocontext, specify the host source address(es) for

which ARP requests can or cannot be forwarded to non-local networks, depending on

the specified action.

→ In the policy statement entry>from context, specify network prefixes that ARP

requests will or will not be forwarded to depending on the action if a match is found.

For more information about route policies, refer to Route Policies on page 597.

•

Apply the policy statement to the proxy-arp configuration in the

config>router>interface context.

CLI Syntax: config>router# policy-options

begin

commit

prefix-list name

prefix ip-prefix/mask [exact|longer|through

length|prefix-length-range length1-length2]

The following example displays prefix list configuration command usage. These commands are

configured in the config>routercontext.

Example:config>router>policy-options# begin

config>router>policy-options# prefix-list prefixlist1

config>router>policy-options>prefix-list# prefix 10.20.30.0/24

through 32

config>router>policy-options>prefix-list# exit

config>router>policy-options# prefix-list prefixlist2

config>router>policy-options>prefix-list# prefix 10.10.10.0/24

through 32

config>router>policy-options>prefix-list# exit

config>router>policy-options# commit

Page 68

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Use the following CLI syntax to configure the policy statement specified in the proxy-arp-

policy policy-statement command.

CLI Syntax: config>router# policy-options

begin

commit

policy-statement name

default-action {accept|next-entry|next-policy|reject}

entry entry-id

action {accept|next-entry|next-policy|reject}

prefix-list name [name...(upto 5 max)]

from

prefix-list name [name...(upto 5 max)]

Example:config>router>policy-options# begin

config>router>policy-options# policy-statement "ProxyARPpolicy"

config>..>policy-statement# default-action accept

config>..>policy-statement>default-action# exit

config>..>policy-statement# entry 10

config>..>policy-statement>entry# from

config>..>policy-statement>entry>from# prefix-list prefixlist1

config>..>policy-statement>entry>from# exit

config>..>policy-statement>entry# to

config>..>policy-statement>entry>to# prefix-list prefixlist1

config>..>policy-statement>entry>to# exit

config>..>policy-statement>entry# action reject

config>..>policy-statement>entry# exit

config>..>policy-statement# exit

config>router>policy-options#

The following output displays the prefix list and policy statement configurations:

A:ALA-49>config>router>policy-options# info

----------------------------------------------

prefix-list "prefixlist1"

prefix 10.20.30.0/24 through 32

exit

prefix-list "prefixlist2"

prefix 10.10.10.0/24 through 32

exit

...

policy-statement "ProxyARPpolicy"

entry 10

from

prefix-list "prefixlist1"

exit

prefix-list "prefixlist2"

exit

action reject

exit

default-action accept

7750 SR OS Router Configuration Guide

Page 69

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

exit

...

----------------------------------------------

A:ALA-49>config>router>policy-options#

Use the following CLI to configure proxy ARP:

CLI Syntax: config>router>interface interface-name

local-proxy-arp

proxy-arp-policy policy-name [policy-name...(upto 5 max)]

remote-proxy-arp

Example: config>router# interface “testARP”

config>router>if# address 128.251.10.59/24

config>router>if# local-proxy-arp

config>router>if# proxy-arp

config>router>if>proxy-arp# policy-statement "ProxyARPpolicy"

config>router>if>proxy-arp# exit

config>router>if# exit

A:ALA-49>config>router>if# info

----------------------------------------------

address 128.251.10.59/24

local-proxy-arp

proxy-arp

policy-statement "ProxyARPpolicy"

exit

----------------------------------------------

A:ALA-49>config>router>if#

Page 70

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Creating an IP Address Range

An IP address range can be reserved for exclusive use for services by defining the

config>router>service-prefixcommand. When the service is configured, the IP address

must be in the range specified as a service prefix. If no service prefix command is configured, then

no limitation exists.

The no service-prefix ip-prefix/mask command removes all address reservations. A

service prefix cannot be removed while one or more services use address(es) in the range to be

removed.

CLI Syntax: config>router

service-prefix ip-prefix/mask [exclusive]

Example:

config>router# service-prefix

7750 SR OS Router Configuration Guide

Page 71

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Deriving the Router ID

The router ID defaults to the address specified in the system interface command. If the system

interface is not configured with an IP address, then the router ID inherits the last four bytes of the

MAC address. The router ID can also be manually configured in the config>router router-

id context. On the BGP protocol level, a BGP router ID can be defined in the

config>router>bgp router-idcontext and is only used within BGP.

Note that if a new router ID is configured, protocols are not automatically restarted with the new

router ID. The next time a protocol is initialized the new router ID is used. An interim period of

time can occur when different protocols use different router IDs. To force the new router ID, issue

the shutdownand no shutdowncommands for each protocol that uses the router ID, or restart

the entire router.

Use the following CLI syntax to configure the router ID:

CLI Syntax: config>router

router-id router-id

interface ip-int-name

address {ip-address/mask|ip-address netmask} [broad-

cast all-ones|host-ones]

The following example displays the router ID command usage:

Example:

config>router# router-id 10.10.0.4

config>router# exit

Example:

config>router# interface “system”

config>router>if# address 10.10.0.4/32

config>router>if# exit

The following example displays the router ID configuration:

A:ALA-4>config>router# info

#------------------------------------------

# IP Configuration

#------------------------------------------

interface "system"

address 10.10.0.4/32

exit

. . .

router-id 10.10.0.4

#------------------------------------------

A:ALA-4>config>router#

Page 72

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring a Confederation

Configuring a confederation is optional. The AS and confederation topology design should be

carefully planned. Autonomous system (AS), confederation, and BGP connection and peering

parameters must be explicitly created on each participating SR. Identify AS numbers,

confederation numbers, and members participating in the confederation.

Refer to the BGP section for CLI syntax and command descriptions.

Use the following CLI syntax to configure a confederation:

CLI Syntax: config>router

confederation confed-as-num members member-as-num

The following example displays the commands to configure the confederation topology diagram

displayed in Figure 1 on page 25.

Example:ALA-B>config>router# autonomous-system 200

ALA-B>config>router# confederation 2002 members 200 300 400

ALA-B>config>router# exit

ALA-C>config>router# autonomous-system 200

ALA-C>config>router# confederation 2002 members 200 300 400

ALA-C>config>router# exit

ALA-D>config>router# autonomous-system 400

ALA-D>config>router# confederation 2002 members 200 300 400

ALA-D>config>router# exit

ALA-E>config>router# autonomous-system 300

ALA-E>config>router# confederation 2002 members 200 300 400

ALA-E>config>router# exit

ALA-F>config>router# autonomous-system 300

ALA-F>config>router# confederation 2002 members 200 300 400

ALA-F>config>router# exit

ALA-G>config>router# autonomous-system 300

ALA-G>config>router# confederation 2002 members 200 300 400

ALA-G>config>router# exit

7750 SR OS Router Configuration Guide

Page 73

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

NOTES:

•

Confederations can be preconfigured prior to configuring BGP connections and peering.

Each confederation can have up to 15 members.

The following example displays the confederation output.

A:ALA-B>config>router# info

#------------------------------------------

# IP Configuration

#------------------------------------------

interface "system"

address 10.10.10.103/32

exit

interface "to-104"

shutdown

address 10.0.0.103/24

port 1/1/1

exit

autonomous-system 100

confederation 2002 members 200 300 400

router-id 10.10.10.103

#------------------------------------------

A:ALA-B>config>router#

Page 74

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuring an Autonomous System

Configuring an autonomous system is optional. Use the following CLI syntax to configure an

autonomous system:

CLI Syntax: config>router

autonomous-system as-number

The following example displays the autonomous system configuration command usage:

Example:

config>router# autonomous-system 100

config>router#

The following example displays the autonomous system configuration:

A;ALA-A>config>router# info

#------------------------------------------

# IP Configuration

#------------------------------------------

interface "system"

address 10.10.10.103/32

exit

interface "to-104"

address 10.0.0.103/24

port 1/1/1

exit

autonomous-system 100

router-id 10.10.10.103

#------------------------------------------

A:ALA-A>config>router#

7750 SR OS Router Configuration Guide

Page 75

Download from Www.Somanuals.com. All Manuals Search And Download.

Service Management Tasks

This section discusses the following service management tasks:

•

Changing the System Name on page 76

Modifying Interface Parameters on page 77

Deleting a Logical IP Interface on page 78

Changing the System Name

The system command sets the name of the device and is used in the prompt string. Only one

system name can be configured. If multiple system names are configured, the last one configured

will overwrite the previous entry.

Use the following CLI syntax to change the system name:

CLI Syntax: config# system

name system-name

The following example displays the command usage to change the system name:

Example:

A:ALA-A>config>system# name TGIF

A:TGIF>config>system#

The following example displays the system name change:

A:ALA-A>config>system# name TGIF

A:TGIF>config>system# info

#------------------------------------------

# System Configuration

#------------------------------------------

name "TGIF"

location "Mt.View, CA, NE corner of FERG 1 Building"

coordinates "37.390, -122.05500 degrees lat."

synchronize

snmp

exit

security

snmp

community "private" rwa version both

exit

. . .

----------------------------------------------

A:TGIF>config>system#

Page 76

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Modifying Interface Parameters

Starting at the config>routerlevel, navigate down to the router interface context.

To modify an IP address, perform the following steps:

Example: A:ALA-A>config>router# interface “to-sr1”

A:ALA-A>config>router>if# shutdown

A:ALA-A>config>router>if# no address

A:ALA-A>config>router>if# address 10.0.0.25/24

A:ALA-A>config>router>if# no shutdown

To modify a port, perform the following steps:

Example: A:ALA-A>config>router# interface “to-sr1”

A:ALA-A>config>router>if# shutdown

A:ALA-A>config>router>if# no port

A:ALA-A>config>router>if# port 1/1/2

A:ALA-A>config>router>if# no shutdown

The following example displays the interface configuration:

A:ALA-A>config>router# info

#------------------------------------------

# IP Configuration

#------------------------------------------

interface "system"

address 10.0.0.103/32

exit

interface "to-sr1"

address 10.0.0.25/24

port 1/1/2

exit

router-id 10.10.0.3

#------------------------------------------

A:ALA-A>config>router#

7750 SR OS Router Configuration Guide

Page 77

Download from Www.Somanuals.com. All Manuals Search And Download.

Service Management Tasks

Deleting a Logical IP Interface

The no form of the interfacecommand typically removes the entry, but all entity associations

must be shut down and/or deleted before an interface can be deleted.

1. Before an IP interface can be deleted, it must first be administratively disabled with the

shutdown command.

2. After the interface has been shut down, it can then be deleted with the no interface

command.

CLI Syntax: config>router

no interface ip-int-name

Example:

config>router# interface test-interface

config>router>if# shutdown

config>router>if# exit

config>router# no interface test-interface

config>router#

Page 78

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

IP Router Command Reference

Command Hierarchies

Configuration Commands

• Router Commands

• Router Interface Commands

• Router Interface IPv6 Commands

• Router Advertisement Commands

• Show Commands

• Clear Commands

• Debug Commands

Router Commands

config

— router [router-name]

— aggregate ip-prefix/mask [summary-only] [as-set] [aggregator as-number:ip-address]

— no aggregate ip-prefix/mask

— autonomous-system as-number

— no autonomous-system

— confederation confed-as-num members as-number [as-number...(up to 15 max)]

— no confederation [confed-as-num members as-number....(up to 15 max)]

— ecmp max-ecmp-routes

— no ecmp

— [no] ignore-icmp-redirect

— mc-maximum-routes number [log-only] [threshold threshold]

— no mc-maximum-routes

— router-id ip-address

— no router-id

— service-prefix {ip-prefix/mask | ip-prefix netmask}[exclusive]

— no service-prefix ip-prefix/mask | ip-prefix netmask}

— [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [met-

ric metric] [tag tag] [enable | disable] next-hop ip-int-name|ip-address [mcast-ipv4]

— [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [met-

ric metric] [tag tag] [enable | disable] indirect ip-address [ldp [disallow-igp]]

— [no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference] [met-

ric metric] [tag tag] [enable | disable] black-hole [mcast-ipv4]

— [no] triggered-policy

7750 SR OS Router Configuration Guide

Page 79

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Command Reference

Router Interface Commands

config

— router [router-name]

— [no] interface ip-int-name

— address {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-

ones}]

— no address

— [no] allow-directed-broadcasts

— arp-timeout seconds

— no arp-timeout

— bfd transmit-interval [receive receive-interval] [multiplier multiplier]

— no bfd

— cflowd {acl | interface}

— no cflowd

— description description-string

— no description

— egress

— filter ip ip-filter-id

— filter ipv6 ipv6-filter-id

— no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]

— icmp

— [no] mask-reply

— redirects [number seconds]

— no redirects

— ttl-expired [number seconds]

— no ttl-expired

— unreachables [number seconds]

— no unreachables

— ingress

— filter ip ip-filter-id

— filter ipv6 ipv6-filter-id

— no filter

— no filter [ip ip-filter-id] [ipv6 ipv6-filter-id]

— [no] local-proxy-arp

— [no] loopback

— mac ieee-mac-addr

— no mac

— [no] ntp-broadcast

— port port-name

— no port

— [no] proxy-arp-policy

— qos network-policy-id

— no qos

— [no] remote-proxy-arp

— secondary {[ip-addr/mask | ip-addr][netmask]} [broadcast {all-ones | host-

ones}] [igp-inhibit]

— no secondary [ip-addr/mask | ip-addr][netmask ]

— [no] static-arp

— static-arp ip-addr ieee-mac-addr

— no static-arp ip-addr

— [no] shutdown

— tos-marking-state {trusted | untrusted}

— no tos-marking-state

— unnumbered [ip-addr | ip-int-name]

— no unnumbered

Page 80

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

For router interface VRRP commands, see “VRRP Command Reference” on page 223.

Router Interface IPv6 Commands

config

— router [router-name]

— [no] interface ip-int-name

— [no] ipv6

— address (ipv6) ipv6-address/prefix-length [eui-64]

— no address (ipv6) ipv6-address/prefix-length

— icmp6

— packet-too-big [number seconds]

— no packet-too-big

— param-problem [number seconds]

— no param-problem

— redirects [number seconds]

— no redirects

— time-exceeded [number seconds]

— no time-exceeded

— unreachables [number seconds]

— no unreachables

— [no] local-proxy-nd

— neighbor ipv6-address [mac-address]

— no neighbor ipv6-address

— proxy-nd-policy policy-name [ policy-name...(up to 5 max)]

— no proxy-nd-policy

Router Advertisement Commands

config

— router

— [no] router-advertisement

— [no] interface ip-int-name

— current-hop-limit number

— no current-hop-limit

— [no] managed-configuration

— max-advertisement-interval seconds

— no max-advertisement-interval

— min-advertisement-interval seconds

— no min-advertisement-interval

— mtu mtu-bytes

— no mtu

— [no] other-stateful-configuration

— prefix [ipv6-prefix/prefix-length]

— no prefix

— [no] autonomous

— [no] on-link

— preferred-lifetime {seconds | infinite}

— no preferred-lifetime

— valid-lifetime {seconds | infinite}

— no valid-lifetime

— reachable-time milli-seconds

— no reachable-time

— retransmit-time milli-seconds

7750 SR OS Router Configuration Guide

Page 81

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Command Reference

— no retransmit-time

— router-lifetime seconds

— no router-lifetime

— [no] shutdown

Page 82

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Show Commands

show

— router router-instance

— aggregate [family] [active]

— arp [ ip-int-name | ip-address/mask | mac ieee-mac-address | summary]

[local|dynamic|static|managed]

— authentication

— statistics

— statistics interface [ip-int-name|ip-address]

— statistics policy name

— bfd

— interface

— session [src ip-address [dst ip-address] | [detail]]

— dhcp

— statistics [ip-int-name | ip-address]

— summary

— dhcp6

— statistics [ip-int-name | ip-address]

— summary

— ecmp

— fib slot-number [family] [ip-prefix/prefix-length] [longer]

— icmp6

— interface [interface-name]

— interface [{[ip-address | ip-int-name] [detail]} | [summary] | [exclude-services]

— interface family [detail]

— neighbor [ip-address | ip-int-name | mac ieee-mac-address | summary]

— route-table [family] [ip-prefix[/prefix-length] [longer | exact]] | [protocol protocol-name] |

[summary]

— rtr-advertisement [interface interface-name] [prefix ipv6-prefix[/prefix-length] [conflicts]

— service-prefix

— static-arp [ip-address | ip-int-name | mac ieee-mac-addr]

— static-route [family] [[ip-prefix[/mask]] | [preference preference] | [next-hop ip-address]|

[tag tag]

— status

— tunnel-table [ip-address[/mask]] | [protocol protocol | sdp sdp-id] [summary]

— neighbor [interface-name]

7750 SR OS Router Configuration Guide

Page 83

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Command Reference

Clear Commands

clear

— router

— arp {all | ip-addr | interface {ip-int-name | ip-addr}}

— bfd

— session src-ip ip-address dst-ip ip-address

— session all

— statistics src-ip ip-address dst-ip ip-address

— statistics all

— dhcp

— statistics [ip-int-name | ip-address]

— dhcp6

— statistics [ip-int-name | ip-address]

— forwarding-table [slot-number]

— icmp-redirect-route {all | ip-address}

— icmp6 all

— icmp6 global

— icmp6 interface interface-name

— interface [ip-int-name | ip-addr] [icmp]

— neighbor {all | ip-address}

— neighbor [interface ip-int-name | ip-address]

— router-advertisement all

— router-advertisement [interface interface-name]

— forwarding-table [slot-number]

— interface [ip-int-name | ip-addr] [icmp]

Debug Commands

debug

— trace

— destination trace-destination

—

enable

— [no] trace-point [module module-name] [type event-type] [class event-class] [task task-

name] [function function-name]

— router router-instance

— ip

— [no] arp

— icmp

— no icmp

— icmp6 [ip-int-name]

— no icmp6

— [no] interface [ip-int-name | ip-address]

— [no] neighbor

— packet [ip-int-name | ip-address] [headers] [protocol-id]

— no packet [ip-int-name | ip-address]

— route-table [ip-prefix/prefix-length] [longer]

— no route-table

— mtrace

— [no] misc

— [no] packet [query | request | response]

—

Page 84

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Configuration Commands

Generic Commands

shutdown

Syntax

Context

[no] shutdown

config>router>interface ip-int-name

Description

The shutdown command administratively disables the entity. When disabled, an entity does not

change, reset, or remove any configuration settings or statistics. Many entities must be explicitly

enabled using the no shutdown command.

The shutdown command administratively disables an entity. The operational state of the entity is

disabled as well as the operational state of any entities contained within. Many objects must be shut

down before they may be deleted.

Unlike other commands and parameters where the default state is not indicated in the configuration

file, shutdown and no shutdown are always indicated in system generated configuration files.

The no form of the command puts an entity into the administratively enabled state.

Default

no shutdown

description

Syntax

description description-string

no description

Context

config>router>if

config>router>if>dhcp

config>router>if>vrrp

Description

This command creates a text description stored in the configuration file for a configuration context.

The no form of the command removes the description string from the context.

Default

No description is associated with the configuration context.

Parameters

description-string — The description character string. Allowed values are any string up to 80

characters long composed of printable, 7-bit ASCII characters. If the string contains special

characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes.

7750 SR OS Router Configuration Guide

Page 85

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Router Global Commands

router

Syntax

Context

router router-name

config

Description

This command enables the context to configure router parameters, interfaces, route policies, and

protocols.

Parameters

router-name — Specify the router-name.

Values

Default

router-name:

Base

Base, management

aggregate

Syntax

aggregate ip-prefix/ip-prefix-length [summary-only] [as-set] [aggregator as-number:ip-

address]

no aggregate ip-prefix/mask

Context

config>router

Description

This command creates an aggregate route.

Use this command to group a number of routes with common prefixes into a single entry in the

routing table. This reduces the number of routes that need to be advertised by this router and reduces

the number of routes in the routing tables of downstream routers.

Both the original components and the aggregated route (source protocol aggregate) are offered to the

Routing Table Manager (RTM). Subsequent policies can be configured to assign protocol-specific

characteristics (BGP, IS-IS or OSPF) such as the route type, or OSPF tag, to aggregate routes.

Multiple entries with the same prefix but a different mask can be configured; for example, routes are

aggregated to the longest mask. If one aggregate is configured as 10.0./16 and another as 10.0.0./24,

then route 10.0.128/17 would be aggregated into 10.0/16, and route 10.0.0.128/25 would be

aggregated into 10.0.0/24. If multiple entries are made with the same prefix and the same mask, the

previous entry is overwritten.

The no form of the command removes the aggregate.

No aggregate routes are defined.

Default

Parameters

ip-prefix — The destination address of the aggregate route in dotted decimal notation.

Values

ipv4-prefix

ipv4-prefix-length

ipv6-prefix

a.b.c.d (host bits must be 0)

0 — 32

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

Page 86

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

[0 — 255]D

ipv6-prefix-length

mask

0 — 128

Values

The mask associated with the network address expressed as a mask length.

Values 0 — 32

summary-only — This optional parameter suppresses advertisement of more specific component

routes for the aggregate.

To remove the summary-only option, enter the same aggregate command without the

summary-only parameter.

as-set — This optional parameter is only applicable to BGP and creates an aggregate where the path

advertised for this route will be an AS_SET consisting of all elements contained in all paths that

are being summarized.

Use this feature carefully. Aggregating several paths can result in the constant withdrawal and

insertion of AS-PATHs as associated component routes of the aggregate that are experiencing

changes.

aggregator as-number:ip-address — This optional parameter specifies the BGP aggregator path

attribute to the aggregate route. When configuring the aggregator, a two-octet AS number used to

form the aggregate route must be entered, followed by the IP address of the BGP system that

created the aggregate route.

autonomous-system

Syntax

autonomous-system as-number

no autonomous-system

Context

config>router

Description

This command configures the autonomous system (AS) number for the router. A router can only

belong to one AS. An AS number is a globally unique number with an AS. This number is used to

exchange exterior routing information with neighboring ASs and as an identifier of the AS itself.

If the AS number is changed on a router with an active BGP instance, the new AS number is not used

until the BGP instance is restarted either by administratively disabling/enabling (shutdown/

no shutdown) the BGP instance or rebooting the system with the new configuration.

Default

No autonomous system number is defined.

Parameters

as-number — The autonomous system number expressed as a decimal integer.

Values

1 - 65535

confederation

7750 SR OS Router Configuration Guide

Page 87

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Syntax

confederation confed-as-num members as-number [as-number...up to 15 max]

no confederation [confed-as-num members as-number...up to 15 max]

Context

config>router

Description

This command creates confederation autonomous systems within an AS.

This technique is used to reduce the number of IBGP sessions required within an AS. Route

reflection is another technique that is commonly deployed to reduce the number of IBGP sessions.

The no form of the command deletes the specified member AS from the confederation.

When no members are specified in the no statement, the entire list is removed and confederation is

disabled.

When the last member of the list is removed, confederation is disabled.

no confederation - no confederations are defined.

Default

Parameters

confed-as-num — The confederation AS number expressed as a decimal integer.

Values

1 - 65535

members member-as-num — The AS number(s) of members that are part of the confederation,

expressed as a decimal integer. Up to 15 members per confed-as-num can be configured.

Values

1 - 65535

ecmp

Syntax

ecmp max-ecmp-routes

no ecmp

Context

config>router

Description

This command enables ECMP and configures the number of routes for path sharing; for example, the

value 2 means two equal cost routes will be used for cost sharing.

ECMP can only be used for routes learned with the same preference and same protocol. See the

discussion on preferences in the static-route command.

When more ECMP routes are available at the best preference than configured in max-ecmp-routes,

then the lowest next-hop IP address algorithm is used to select the number of routes configured in

max-ecmp-routes.

The no form of the command disables ECMP path sharing. If ECMP is disabled and multiple routes

are available at the best preference and equal cost, then the route with the lowest next-hop IP address

is used.

Default

no ecmp

Parameters

max-ecmp-routes — The maximum number of equal cost routes allowed on this routing table

instance, expressed as a decimal integer. Setting ECMP max-ecmp-routes to 1 yields the same

result as entering no ecmp.

Values

0 — 16

Page 88

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

ignore-icmp-redirect

Syntax

Context

[no] ignore-icmp-redirect

config>router

This command drops or accepts ICMP redirects received on the management interface.

Description

mc-maximum-routes

Syntax

mc-maximum-routes number [log-only] [threshold threshold]

no mc-maximum-routes

Context

config>router

Description

This command specifies the maximum number of multicast routes that can be held within a VPN

routing/forwarding (VRF) context. When this limit is reached, a log and SNMP trap are sent. If the

log-only parameter is not specified and the maximum-routes value is set below the existing number

of routes in a VRF, then no new joins will be processed.

The no form of the command disables the limit of multicast routes within a VRF context. Issue the no

form of the command only when the VPRN instance is shutdown.

Default

no mc-maximum-routes

Parameters

number — Specifies the maximum number of routes to be held in a VRF context.

Values

1 — 2147483647

log-only — Specifies that if the maximum limit is reached, only log the event. log-only does not

disable the learning of new routes.

threshold threshold — The percentage at which a warning log message and SNMP trap should be

sent.

Values

Default

0 — 100

router-id

Syntax

router-id ip-address

[no] router-id

Context

config>router

Description

This command configures the router ID for the router instance.

The router ID is used by both OSPF and BGP routing protocols in this instance of the routing table

manager. IS-IS uses the router ID value as its system ID.

When configuring a new router ID, protocols are not automatically restarted with the new router ID.

The next time a protocol is initialized, the new router ID is used. This can result in an interim period

of time when different protocols use different router IDs.

7750 SR OS Router Configuration Guide

Page 89

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

To force the new router ID to be used, issue the shutdown and no shutdown commands for each

protocol that uses the router ID, or restart the entire router.

The no form of the command to reverts to the default value.

Default

The system uses the system interface address (which is also the loopback address).

If a system interface address is not configured, use the last 32 bits of the chassis MAC address.

Parameters

router-id — The 32 bit router ID expressed in dotted decimal notation or as a decimal value.

service-prefix

Syntax

service-prefix ip-prefix/mask | ip-prefix netmask [exclusive]

no service-prefix ip-prefix/mask | ip-prefix netmask

Context

config>router

Description

This command creates an IP address range reserved for IES or VPLS services.

The purpose of reserving IP addresses using service-prefix is to provide a mechanism to reserve one

or more address ranges for services.

When services are defined, the address must be in the range specified as a service prefix. If a service

prefix is defined, then IP addresses assigned for services must be within one of the ranges defined in

the service-prefix command. If the service-prefix command is not configured, then no limitations

exist.

Addresses in the range of a service prefix can be allocated to a network port unless the exclusive

parameter is used. Then, the address range is exclusively reserved for services.

When a range that is a superset of a previously defined service prefix is defined, the subset is

replaced with the superset definition; for example, if a service prefix exists for 10.10.10.0/24, and a

service prefix is configured as 10.10.0.0/16, then 10.10.10.0/24 is replaced by the new 10.10.0.0/16

configuration.

When a range that is a subset of a previously defined service prefix is defined, the subset replaces the

existing superset, providing addresses used by services are not affected; for example, if a service

prefix exists for 10.10.0.0/16, and a service prefix is configured as 10.10.10.0/24, then the 10.10.0.0/

16 entry is removed as long as no services are configured that use 10.10.x.x addresses other than

10.10.10.x.

The no form of the command removes all address reservations. A service prefix cannot be removed

while one or more service uses an address or addresses in the range.

Default

no service-prefix - no IP addresses are reserved for services.

Parameters

ip-prefix/mask — The IP address prefix to include in the service prefix allocation in dotted decimal

notation.

Values

ipv4-prefix:

ipv4-prefix-length: 0 — 32

ipv6-prefix: x:x:x:x:x:x:x:x (eight 16-bit pieces)

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

Page 90

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

d: [0 — 255]D

ipv6-prefix-length: 0 — 128

Values

exclusive

When this option is specified, the addresses configured are exclusively used for services and

cannot be assigned to network ports.

triggered-policy

Syntax

triggered-policy

no triggered-policy

Context

config>router

Description

This command triggers route policy re-evaluation.

By default, when a change is made to a policy in the config router policy options context and then

committed, the change is effective immediately. There may be circumstances when the changes

should or must be delayed; for example, if a policy change is implemented that would affect every

BGP peer on a 7750 SR router, the consequences could be dramatic. It would be more effective to

control changes on a peer-by-peer basis.

If the triggered-policy command is enabled, and a given peer is established, and you want the peer to

remain up, in order for a change to a route policy to take effect, a clear command with the soft or soft

inbound option must be used; for example, clear router bgp neighbor x.x.x.x soft. This keeps the

peer up, and the change made to a route policy is applied only to that peer or group of peers.

static-route

Syntax

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference]

[metric metric] [tag tag] [enable | disable] next-hop ip-int-name|ip-address [mcast-ipv4]

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference]

[metric metric] [tag tag] [enable | disable] indirect ip-address [ldp [disallow-igp]]

[no] static-route {ip-prefix/prefix-length | ip-prefix netmask} [preference preference]

[metric metric] [tag tag] [enable | disable] black-hole [mcast-ipv4]

Context

config>router

Description

This command creates static route entries for both the network and access routes.

When configuring a static route, either next-hop, indirect or black-hole must be configured.

The no form of the command deletes the static route entry. If a static route needs to be removed when

multiple static routes exist to the same destination, then as many parameters to uniquely identify the

static route must be entered.

Default

No static routes are defined.

Parameters

ip-prefix/prefix-length — The destination address of the static route.

Values

ipv4-prefix

ipv4-prefix-length

ipv6-prefix

a.b.c.d (host bits must be 0)

0 — 32

x:x:x:x:x:x:x:x (eight 16-bit pieces)

7750 SR OS Router Configuration Guide

Page 91

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

[0 — 255]D

ipv6-prefix-length

0 — 128

ip-address — The IP address of the IP interface. The ip-addr portion of the address command

specifies the IP host address that will be used by the IP interface within the subnet. This address

must be unique within the subnet and specified in dotted decimal notation.

Values

ipv4-address

ipv6-address

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0..FFFF]H

d: [0..255]D

interface: 32 characters maximum, mandatory for link local

addresses

netmask — The subnet mask in dotted decimal notation.

Values

0.0.0.0 — 255.255.255.255 (network bits all 1 and host bits all 0)

preference preference — The preference of this static route versus the routes from different sources

such as BGP or OSPF, expressed as a decimal integer. When modifing the preference of an

existing static route, the metric will not be changed unless specified.

Different protocols should not be configured with the same preference. If this occurs, the

tiebreaker is according to the default preference table defined in Table 5 on page 93.

If multiple routes are learned with an identical preference using the same protocol, the lowest-

cost route is used. If multiple routes are learned with an identical preference using the same

protocol, and the costs (metrics) are equal, then the route to use is determined by the

configuration of the ecmp command.

metric metric — The cost metric for the static route, expressed as a decimal integer. This value is

used when importing the static route into other protocols such as OSPF. When the metric is

configured as 0 then the metric configured in OSPF, default-import-metric, applies. When

modifying the metric of an existing static route, the preference will not change unless specified.

This value is also used to determine which static route to install in the forwarding table:

•

If there are multiple static routes with the same preference but unequal metrics then the

lower cost (metric) route will be installed.

If there are multiple static routes with equal preferences and metrics then ECMP rules

apply.

If there are multiple routes with unequal preferences then the lower preference route

will be installed.

Default

Values

0 — 65535

next-hop [ip-address | ip-int-name] — Specifies the directly connected next hop IP address used to

reach the destination. If the next hop is over an unnumbered interface, the ip-int-name of the

unnumbered interface (on this node) can be configured.

Page 92

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

The next-hop keyword and the indirect or black-hole keywords are mutually exclusive. If an

identical command is entered (with the exception of either the indirect or black-hole

parameters), then this static route will be replaced with the newly entered command, and unless

specified, the respective defaults for preference and metric will be applied.

The ip-address configured here can be either on the network side or the access side on this node.

This address must be associated with a network directly connected to a network configured on

this node.

Values

ip-int-name

ipv4-address

ipv6-address

32 chars max

a.b.c.d

x:x:x:x:x:x:x:x[-interface]

x:x:x:x:x:x:d.d.d.d[-interface]

x: [0..FFFF]H

d: [0..255]D

interface: 32 characters maximum, mandatory for link local

addresses

indirect ip-address — Specifies that the route is indirect and specifies the next hop IP address used to

reach the destination.

The configured ip-addr is not directly connected to a network configured on this node. The

destination can be reachable via multiple paths. The static route remains valid as long as the

address configured as the indirect address remains a valid entry in the routing table. Indirect

static routes cannot use an ip-prefix/mask to another indirect static route.

The indirect keyword and the next-hop or black-hole keywords are mutually exclusive. If an

identical command is entered (with the exception of either the next-hop or black-hole

parameters), then this static route will be replaced with the newly entered command and unless

specified the respective defaults for preference and metric will be applied.

The ip-addr configured can be either on the network or the access side and is normally at least

one hop away from this node.

black-hole — Specifies the route is a black hole route. If the destination address on a packet matches

this static route, it will be silently discarded.

The black-hole keyword and the next-hop or indirect keywords are mutually exclusive. If an

identical command is entered (with the exception of either the next-hop or indirect parameters),

then this static route will be replaced with the newly entered command, and unless specified, the

respective defaults for preference and metric will be applied.

LDP disallow-igp — This value is valid only for indirect static routes. If set and if none of the

defined tunneling mechanisms (RSVP-TE, LDP or IP) qualify as a next-hop, the normal IGP

next-hop to the indirect next-hop address will not be used. If not set then the IGP next-hop to the

indirect next-hop address can be used as the next-hop of the last resort.

tag — Adds a 32-bit integer tag to the static route. The tag is used in route policies to control

distribution of the route into other protocols.

Table 5: Default Route Preferences

Route Type

Direct attached

Preference

Configurable

7750 SR OS Router Configuration Guide

Page 93

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Table 5: Default Route Preferences

Route Type

Static-route

Preference

Configurable

Yes

OSPF Internal routes

IS-IS level 1 internal

IS-IS level 2 internal

OSPF External

150

160

165

170

IS-IS level 1 external

IS-IS level 2 external

BGP

Default

Values

1 — 255

enable — Static routes can be administratively enabled or disabled. Use the enable parameter to re-

enable a disabled static route. In order to enable a static route, it must be uniquely identified by

the IP address, mask, and any other parameter that is required to identify the exact static route.

The administrative state is maintained in the configuration file.

Default

enable

disable — Static routes can be administratively enabled or disabled. Use the disable parameter to

disable a static route while maintaining the static route in the configuration. In order to enable a

static route, it must be uniquely identified by the IP address, mask, and any other parameter that

is required to identify the exact static route.

The administrative state is maintained in the configuration file.

Default

enable

bfd-enable — Associates the state of the static route to a BFD session between the local system and

the configured nexthop. This keyword cannot be configured if the nexthop is indirect or

blackhole keywords are specified.

mcast-ipv4 — Specifies peers that are IPv4 multicast capable.

Page 94

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Router Interface Commands

interface

Syntax

Context

[no] interface ip-int-name

config>router

Description

This command creates a logical IP routing interface. Once created, attributes like IP address, port, or

system can be associated with the IP interface.

Interface names are case-sensitive and must be unique within the group of IP interfaces defined for

config router interface and config service ies interface. Interface names must not be in the dotted

decimal notation of an IP address.; for example, the name “1.1.1.1” is not allowed, but “int-1.1.1.1” is

allowed. Show commands for router interfaces use either the interface names or the IP addresses.

Ambiguity can exist if an IP address is used as an IP address and an interface name. Duplicate

interface names can exist in different router instances, although this is not recommended because it is

confusing.

When a new name is entered, a new logical router interface is created. When an existing interface

name is entered, the user enters the router interface context for editing and configuration.

Although not a keyword, the ip-int-name “system” is associated with the network entity (such as a

specific 7750 SR), not a specific interface. The system interface is also referred to as the loopback

address.

The no form of the command removes the IP interface and all the associated configurations. The

interface must be administratively shut down before issuing the no interface command.

Default

No interfaces or names are defined within the system.

Parameters

ip-int-name — The name of the IP interface. Interface names must be unique within the group of

defined IP interfaces for config router interface and config service ies interface commands. An

interface name cannot be in the form of an IP address. If the string contains special characters (#,

$, spaces, etc.), the entire string must be enclosed within double quotes.

Values

1 to 32 alphanumeric characters.

If the ip-int-name already exists, the context is changed to maintain that IP interface. If ip-int-

name already exists within another service ID or is an IP interface defined within the config

router commands, an error will occur and the context will not be changed to that IP interface. If

ip-int-name does not exist, the interface is created and the context is changed to that interface for

further command processing.

7750 SR OS Router Configuration Guide

Page 95

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

address

Syntax

address {ip-address/mask | ip-address netmask} [broadcast {all-ones | host-ones}]

no address

Context

config>router>interface ip-int-name

Description

This command assigns an IP address, IP subnet, and broadcast address format to an IP interface. Only

one IP address can be associated with an IP interface.

An IP address must be assigned to each IP interface. An IP address and a mask combine to create a

local IP prefix. The defined IP prefix must be unique within the context of the routing instance. It

cannot overlap with other existing IP prefixes defined as local subnets on other IP interfaces in the

same routing context within the router.

The local subnet that the address command defines must not be part of the services address space

within the routing context by use of the config router service-prefix command. Once a portion of

the address space is allocated as a service prefix, that portion is not available to IP interfaces for

network core connectivity.

The IP address for the interface can be entered in either CIDR (Classless Inter-Domain Routing) or

traditional dotted decimal notation. Show commands display CIDR notation and are stored in

configuration files.

By default, no IP address or subnet association exists on an IP interface until it is explicitly created.

The no form of the command removes the IP address assignment from the IP interface. Interface-

specific configurations for IGP protocols like OSPF are also removed. The no form of this command

can only be performed when the IP interface is administratively shut down. Shutting down the IP

interface will operationally stop any protocol interfaces or MPLS LSPs that explicitly reference that

IP address. When a new IP address is defined, the IP interface can be administratively enabled (no

shutdown), which reinitializes the protocol interfaces and MPLS LSPs associated with that IP

interface.

To change an IP address, perform the following steps:

1. Shut down the router interface.

2. Assign the new IP address.

3. Reconfigure the interface-specific parameters for IGP protocols such as OSPF.

4. Enable the router interface.

If a new address is entered while another address is still active, the new address will be rejected.

Default

No IP address is assigned to the IP interface.

Parameters

ip-address — The IP address of the IP interface. The ip-addr portion of the address command

specifies the IP host address that will be used by the IP interface within the subnet. This address

must be unique within the subnet and specified in dotted decimal notation.

Values

1.0.0.0 – 223.255.255.255

/ — The forward slash is a parameter delimiter that separates the ip-addr portion of the IP address

from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-

Page 96

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

addr, the “/” and the mask-length parameter. If a forward slash does not immediately follow the

ip-addr, a dotted decimal mask must follow the prefix.

mask-length — The subnet mask length when the IP prefix is specified in CIDR notation. When the

IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-addr from the mask-

length parameter. The mask length parameter indicates the number of bits used for the network

portion of the IP address; the remainder of the IP address is used to determine the host portion of

the IP address. Allowed values are integers in the range 1— 32. Note that a mask length of 32 is

reserved for system IP addresses.

Values

1 — 32

mask — The subnet mask in dotted decimal notation. When the IP prefix is not specified in CIDR

notation, a space separates the ip-addr from a traditional dotted decimal mask. The mask

parameter indicates the complete mask that will be used in a logical ‘AND’ function to derive the

local subnet of the IP address. Note that a mask of 255.255.255.255 is reserved for system IP

addresses.

Values

128.0.0.0 – 255.255.255.255

netmask — The subnet mask in dotted decimal notation.

Values

0.0.0.0 — 255.255.255.255 (network bits all 1 and host bits all 0)

broadcast {all-ones | host-ones} — The optional broadcast parameter overrides the default

broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no

broadcast format is specified for the IP address, the default value is host-ones, which indictates a

subnet broadcast address. Use this parameter to change the broadcast address to all-ones or

revert back to a broadcast address of host-ones.

The all-ones keyword following the broadcast parameter specifies that the broadcast address

used by the IP interface for this IP address will be 255.255.255.255, also known as the local

broadcast.

The host-ones keyword following the broadcast parameter specifies that the broadcast address

used by the IP interface for this IP address will be the subnet broadcast address. This is an IP

address that corresponds to the local subnet described by the ip-addr and the mask-length or

mask with all the host bits set to binary 1. This is the default broadcast address used by an IP

interface.

The broadcast parameter within the address command does not have a negate feature, which is

usually used to revert a parameter to the default value. To change the broadcast type to host-

ones after being changed to all-ones, the address command must be executed with the

broadcast parameter defined.

The broadcast format on an IP interface can be specified when the IP address is assigned or

changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A

host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-

ones) will be received by the IP interface.

Default

Values

host-ones

all-ones, host-ones

7750 SR OS Router Configuration Guide

Page 97

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

allow-directed-broadcasts

Syntax

Context

[no] allow-directed-broadcasts

config>router>interface ip-int-name

Description

This command enables the forwarding of directed broadcasts out of the IP interface.

A directed broadcast is a packet received on a local router interface destined for the subnet broadcast

address of another IP interface. The allow-directed-broadcasts command on an IP interface enables

or disables the transmission of packets destined to the subnet broadcast address of the egress IP

interface.

When enabled, a frame destined to the local subnet on this IP interface is sent as a subnet broadcast

out this interface. NOTE: Allowing directed broadcasts is a well-known mechanism used for denial-

of-service attacks.

By default, directed broadcasts are not allowed and are discarded at this egress IP interface.

The no form of the command disables directed broadcasts forwarding out of the IP interface.

Default

no allow-directed-broadcasts - directed broadcasts are dropped.

arp-timeout

Syntax

arp-timeout seconds

no arp-timeout

Context

config>router>interface ip-int-name

Description

This command configures the minimum time, in seconds, an ARP entry learned on the IP interface is

stored in the ARP table. ARP entries are automatically refreshed when an ARP request or gratuitous

ARP is seen from an IP host. Otherwise, the ARP entry is aged from the ARP table. If the arp-

timeout value is set to 0 seconds, ARP aging is disabled.

The no form of the command reverts to the default value.

Default

14400 seconds (4 hours)

Parameters

seconds — The minimum number of seconds a learned ARP entry is stored in the ARP table,

expressed as a decimal integer. A value of 0 specifies that the timer is inoperative and learned

ARP entries will not be aged.

Values

0 — 65535

bfd

Syntax

bfd transmit-interval [receive receive-interval] [multiplier multiplier]

no bfd

Context

config>router> interface

Description

This command specifies the bi-directional forwarding detection (BFD) parameters for the associated

IP interface. If no parameters are defined the default value are used.

Page 98

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

The multiplier specifies the number of consecutive BFD messages that must be missed from the peer

before the BFD session state is changed to down and the upper level protocols (OSPF, IS-IS or PIM)

is notified of the fault.

The no form of the command removes BFD from the router interface regardless of the IGP.

no bfd

Default

Parameters

transmit-interval — Sets the transmit interval, in milliseconds, for the BFD session.

Values

Default

100 — 100000

100

receive receive-interval — Sets the receive interval, in milliseconds, for the BFD session.

Values

Default

100 — 100000

100

multiplier multiplier — Set the multiplier for the BFD session.

Values

Default

3 — 20

cflowd

Syntax

cflowd {acl | interface}

no cflowd

Context

config>router>interface ip-int-name

Description

This command enables cflowd to collect traffic flow samples through a router for analysis.

cdflowd is used for network planning and traffic engineering, capacity planning, security, and

application, as well as user profiling, performance monitoring, and SLA measurement. When cflowd

is enabled at the interface level, all packets forwarded by the interface are subjected to analysis

according to the cflowd configuration.

Default

no cflowd

Parameters

ACL — cflowd policy associated with a filter.

interface — cflowd policy associated with an IP interface.

local-proxy-arp

Syntax

Context

[no] local-proxy-arp

config>router>interface ip-int-name

This command enables local proxy ARP on the interface.

no local-proxy-arp

Description

Default

7750 SR OS Router Configuration Guide

Page 99

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

loopback

Syntax

Context

[no] loopback

config>router>interface ip-int-name

This command configures the interface as a loopback interface.

Not enabled

Description

Default

mac

Syntax

mac ieee-mac-addr

no mac

Context

config>router>interface ip-int-name

Description

This command assigns a specific MAC address to an IP interface.

Only one MAC address can be assigned to an IP interface. When multiple mac commands are

entered, the last command overwrites the previous command.

A default MAC address for the interface is assigned by the system

The no form of the command returns the MAC address of the IP interface to the default value.

Default

IP interface has a system-assigned MAC address.

Parameters

ieee-mac-addr — Specifies the 48-bit MAC address for the IP interface in the form aa:bb:cc:dd:ee:ff

or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values

are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

ntp-broadcast

Syntax

Context

[no] ntp-broadcast

config>router>interface ip-int-name

Description

This command enables SNTP broadcasts received on the IP interface.

This parameter is only valid when the SNTP broadcast-client global parameter is configured.

The no form of the command disables SNTP broadcast received on the IP interface.

Default

no ntp-broadcast - receipt of SNTP broadcasts is disabled.

port

Page 100

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

port port-name

no port

Context

config>router>interface ip-int-name

Description

This command creates an association with a logical IP interface and a physical port.

An interface can also be associated with the system (loopback address).

The command returns an error if the interface is already associated with another port or the system. In

this case, the association must be deleted before the command is re-attempted.

The no form of the command deletes the association with the port. The no form of this command can

only be performed when the interface is administratively down.

Default

No port is associated with the IP interface.

Parameters

port-id — The physical port identifier to associate with the IP interface.

Values

port-name:

port-id[:encap-val]

port-id

slot/mda/port[.channel]

encap-val

for null

0 — 4094

for dot1q

aps-id

aps-group-id[.channel]

aps

group-id

keyword

1 — 64

bundle-type-slot/mda.bundle-num

bundle

type

bundle-num

keyword

ima, ppp

1 — 128

ccag-id

lag-id

ccag-id. path-id[cc-type]

ccag

path-id

cc-type

lag-id

lag

keyword

1 — 8

a, b

.sap-net, .net-sap

keyword

1 — 200

The port-id can be in one of the following forms:

Ethernet Interfaces

If the card in the slot has MDAs, port-id is in the slot_number/MDA_number/port_number

format; for example, 1/1/3 specifies port 3 of the MDA installed in MDA slot 1on the card

installed in chassis slot 1.

SONET/SDH interfaces

When the port-id represents a POS interface, the port-id must include the channel-id. The POS

interface must be configured as a network port.

proxy-arp-policy

7750 SR OS Router Configuration Guide

Page 101

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Syntax

Context

[no] proxy-arp-policy policy-name [policy-name...(up to 5 max)]

config>router>interface ip-int-name

Description

This command enables and configure proxy ARP on the interface and specifies an existing policy-

statement to analyze match and action criteria that controls the flow of routing information to and

from a given protocol, set of protocols, or a particular neighbor. The policy-name is configured in the

config>router>policy-options context.

Use proxy ARP so the 7750 SR responds to ARP requests on behalf of another device. Static ARP is

used when a 7750 SR needs to know about a device on an interface that cannot or does not respond to

ARP requests. Thus, the 7750 SR OS configuration can state that if it has a packet that has a certain

IP address to send it to the corresponding ARP address.

Default

no proxy-arp-policy

Parameters

policy-name — The export route policy name. Allowed values are any string up to 32 characters long

composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $,

spaces, etc.), the entire string must be enclosed within double quotes. The specified policy

name(s) must already be defined.

qos

Syntax

qos network-policy-id

no qos

Context

config>router>interface ip-int-name

Description

This command associates a network Quality of Service (QoS) policy with an IP interface.

Only one network QoS policy can be associated with an IP interface at one time. Attempts to

associate a second QoS policy return an error.

Packets are marked using QoS policies on edge devices. Invoking a QoS policy on a network port

allows for the packets that match the policy criteria to be remarked.

The no form of the command removes the QoS policy association from the SAP or IP interface, and

the QoS policy reverts to the default.

Default

qos 1 - IP interface associated with network QoS policy 1

Parameters

network-policy-id — The network policy ID to associate with the IP interface. The policy ID must

already exist.

Values

1 — 65535

remote-proxy-arp

Context

Description

Default

config>router>interface ip-int-name

This command enables remote proxy ARP on the interface.

no remote-proxy-arp

Page 102

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

secondary

Syntax

secondary {[ip-address/mask | ip-address netmask]} [broadcast {all-ones | host-ones}]

[igp-inhibit]

no secondary ip-addr

Context

config>router>interface ip-int-name

Description

Use this command to assign up to 16 secondary IP addresses to the interface. Each address can be

configured in an IP address, IP subnet or broadcast address format.

ip-address — The IP address of the IP interface. The ip-address portion of the address command

specifies the IP host address that will be used by the IP interface within the subnet. This address

must be unique within the subnet and specified in dotted decimal notation.

Values

1.0.0.0 — 223.255.255.255

/ — The forward slash is a parameter delimiter that separates the ip-address portion of the IP address

from the mask that defines the scope of the local subnet. No spaces are allowed between the ip-

addr, the “/” and the mask-length parameter. If a forward slash does not immediately follow the

ip-addr, a dotted decimal mask must follow the prefix.

mask-length — The subnet mask length when the IP prefix is specified in CIDR notation. When the

IP prefix is specified in CIDR notation, a forward slash (/) separates the ip-address from the

mask-length parameter. The mask length parameter indicates the number of bits used for the

network portion of the IP address; the remainder of the IP address is used to determine the host

portion of the IP address. Allowed values are integers in the range 1— 32. Note that a mask

length of 32 is reserved for system IP addresses.

Values

1 — 32

mask — The subnet mask in dotted decimal notation. When the IP prefix is not specified in CIDR

notation, a space separates the ip-addr from a traditional dotted decimal mask. The mask

parameter indicates the complete mask that will be used in a logical ‘AND’ function to derive the

local subnet of the IP address. Note that a mask of 255.255.255.255 is reserved for system IP

addresses.

Values

128.0.0.0 — 255.255.255.255

broadcast {all-ones | host-ones} — The optional broadcast parameter overrides the default

broadcast address used by the IP interface when sourcing IP broadcasts on the IP interface. If no

broadcast format is specified for the IP address, the default value is host-ones, which indicates a

subnet broadcast address. Use this parameter to change the broadcast address to all-ones or

revert back to a broadcast address of host-ones.

The all-ones keyword following the broadcast parameter specifies that the broadcast address

used by the IP interface for this IP address will be 255.255.255.255, also known as the local

broadcast.

The host-ones keyword following the broadcast parameter specifies that the broadcast address

used by the IP interface for this IP address will be the subnet broadcast address. This is an IP

address that corresponds to the local subnet described by the ip-addr and the mask-length or

7750 SR OS Router Configuration Guide

Page 103

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

mask with all the host bits set to binary 1. This is the default broadcast address used by an IP

interface.

The broadcast parameter within the address command does not have a negate feature, which is

usually used to revert a parameter to the default value. To change the broadcast type to host-

ones after being changed to all-ones, the address command must be executed with the

broadcast parameter defined.

The broadcast format on an IP interface can be specified when the IP address is assigned or

changed.

This parameter does not affect the type of broadcasts that can be received by the IP interface. A

host sending either the local broadcast (all-ones) or the valid subnet broadcast address (host-

ones) will be received by the IP interface.

igp-inhibit — The secondary IP address should not be recognized as a local interface by the running

IGP.

static-arp

Syntax

static-arp ip-addr ieee-mac-addr

no static-arp ip-addr

Context

config>router>interface

Description

This command configures a static Address Resolution Protocol (ARP) entry associating an IP address

with a MAC address for the core router instance. This static ARP appears in the core routing ARP

table. A static ARP can only be configured if it exists on the network attached to the IP interface.

If an entry for a particular IP address already exists and a new MAC address is configured for the IP

address, the existing MAC address is replaced by the new MAC address.

The number of static-arp entries that can be configured on a single node is limited to 1000.

Static ARP is used when a 7750 SR needs to know about a device on an interface that cannot or does

not respond to ARP requests. Thus, the 7750 SR OS configuration can state that if it has a packet that

has a certain IP address to send it to the corresponding ARP address. Use proxy ARP so the 7750 SR

responds to ARP requests on behalf of another device.

The no form of the command removes a static ARP entry.

No static ARPs are defined.

Default

Parameters

ip-addr — Specifies the IP address for the static ARP in IP address dotted decimal notation.

ieee-mac-addr — Specifies the 48-bit MAC address for the static ARP in the form aa:bb:cc:dd:ee:ff

or aa-bb-cc-dd-ee-ff, where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values

are any non-broadcast, non-multicast MAC and non-IEEE reserved MAC addresses.

tos-marking-state

Page 104

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

tos-marking-state {trusted | untrusted}

no tos-marking-state

Context

config>router>interface

Description

This command is used on a network IP interface to alter the default trusted state to a non-trusted state.

When unset or reverted to the trusted default, the ToS field will not be remarked by egress network IP

interfaces unless the egress network IP interface has the remark-trusted state set, in which case the

egress network interface treats all IES and network IP interface as untrusted.

When the ingress network IP interface is set to untrusted, all egress network IP interfaces will remark

IP packets received on the network interface according to the egress marking definitions on each

network interface. The egress network remarking rules also apply to the ToS field of IP packets

routed using IGP shortcuts (tunneled to a remote next-hop). However, the tunnel QoS markings are

always derived from the egress network QoS definitions.

Egress marking and remarking is based on the internal forwarding class and profile state of the packet

once it reaches the egress interface. The forwarding class is derived from ingress classification

functions. The profile of a packet is either derived from ingress classification or ingress policing.

The default marking state for network IP interfaces is trusted. This is equivalent to declaring no tos-

marking-state on the network IP interface. When undefined or set to tos-marking-state trusted, the

trusted state of the interface will not be displayed when using show config or show info unless the

detail parameter is given. The save config command will not store the default tos-marking-state

trusted state for network IP interfaces unless the detail parameter is also specified.

The no tos-marking-state command is used to restore the trusted state to a network IP interface. This

is equivalent to executing the tos-marking-state trusted command.

Default

trusted

Parameters

trusted — The default prevents the ToS field to not be remarked by egress network IP interfaces

unless the egress network IP interface has the remark-trusted state set

untrusted — Specifies that all egress network IP interfaces will remark IP packets received on the

network interface according to the egress marking definitions on each network interface

unnumbered

Syntax

unnumbered [ip-address | ip-int-name]

no unnumbered

Context

config>router>interface ip-int-name

Description

This command sets an IP interface as an unnumbered interface and specifies the IP address to be used

for the interface.

To conserve IP addresses, unnumbered interfaces can be configured. The address used when

generating packets on this interface is the ip-addr parameter configured.

An error message will be generated if an unnumbered interface is configured, and an IP address

already exists on this interface.

The no form of the command removes the IP address from the interface, effectively removing the

unnumbered property. The interface must be shutdown before no unnumbered is issued to delete the

IP address from the interface, or an error message will be generated.

7750 SR OS Router Configuration Guide

Page 105

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

Default

ip-addr | ip-int-name — Optional. The IP address or IP interface name to associate with the

unnumbered IP interface in dotted decimal notation. The configured IP address must exist on this

node. It is recommended to use the system IP address as it is not associated with a particular

interface and is therefore always reachable. The system IP address is the default if no ip-addr or

ip-int-name is configured.

no unumbered

Page 106

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Router Interface Filter Commands

egress

Syntax

Context

egress

config>router>interface ip-int-name

Description

This command enables access to the context to configure egress network filter policies for the IP

interface.

If an egress filter is not defined, no filtering is performed.

ingress

Syntax

Context

ingress

config>router>interface ip-int-name

Description

This command enables access to the context to configure ingress network filter policies for the IP

interface.

If an ingress filter is not defined, no filtering is performed.

filter

Syntax

filter ip ip-filter-id

filter ipv6 ipv6-filter-id

no filter [ip ip-filter-ip] [ipv6 ipv6-filter-id]

Context

config>router>if>ingress

config>router>if>egress

Description

This command associates an IP filter policy with an IP interface.

Filter policies control packet forwarding and dropping based on IP match criteria.

The ip-filter-id must have been pre-configured before this filter command is executed. If the filter ID

does not exist, an error occurs.

Only one filter ID can be specified.

The no form of the command removes the filter policy association with the IP interface.

Default

No filter is specified.

Parameters

ip ip-filter-id — The filter name acts as the ID for the IP filter policy expressed as a decimal integer.

The filter policy must already exist within the config>filter>ip context.

Values

1 — 16384

7750 SR OS Router Configuration Guide

Page 107

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

ipv6 ipv6-filter-id — The filter name acts as the ID for the IPv6 filter policy expressed as a decimal

integer. The filter policy must already exist within the config>filter>ipv6 context.

Values 1— 65535

Page 108

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Router Interface ICMP Commands

icmp

Syntax

Context

icmp

config>router>interface ip-int-name

Description

This command enables access to the context to configure Internet Control Message Protocol (ICMP)

parameters on a network IP interface. ICMP is a message control and error reporting protocol that

also provides information relevant to IP packet processing.

mask-reply

Syntax

Context

[no] mask-reply

config>router>if>icmp

Description

This command enables responses to ICMP mask requests on the router interface.

If a local node sends an ICMP mask request to the router interface, the mask-reply command

configures the router interface to reply to the request.

The no form of the command disables replies to ICMP mask requests on the router interface.

mask-reply — replies to ICMP mask requests.

Default

redirects

Syntax

redirects [number seconds]

no redirects

Context

config>router>if>icmp

Description

This command enables and configures the rate for ICMP redirect messages issued on the router

interface.

When routes are not optimal on this router, and another router on the same subnetwork has a better

route, the router can issue an ICMP redirect to alert the sending node that a better route is available.

The redirects command enables the generation of ICMP redirects on the router interface. The rate at

which ICMP redirects are issued can be controlled with the optional number and time parameters by

indicating the maximum number of redirect messages that can be issued on the interface for a given

time interval.

By default, generation of ICMP redirect messages is enabled at a maximum rate of 100 per 10 second

time interval.

The no form of the command disables the generation of ICMP redirects on the router interface.

redirects 100 10 — maximum of 100 redirect messages in 10 seconds

Default

7750 SR OS Router Configuration Guide

Page 109

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

number — The maximum number of ICMP redirect messages to send, expressed as a decimal integer.

This parameter must be specified with the time parameter.

Values 10 — 1000

seconds — The time frame, in seconds, used to limit the number of ICMP redirect messages that can

be issued,expressed as a decimal integer.

Values

1 — 60

ttl-expired

Syntax

ttl-expired [number seconds]

no ttl-expired

Context

config>router>if>icmp

Description

This command configures the rate that Internet Control Message Protocol (ICMP) Time To Live

(TTL) expired messages are issued by the IP interface.

By default, generation of ICMP TTL expired messages is enabled at a maximum rate of 100 per 10

second time interval.

The no form of the command disables the generation of TTL expired messages.

ttl-expired 100 10 — maximum of 100 TTL expired message in 10 seconds

Default

Parameters

number — The maximum number of ICMP TTL expired messages to send, expressed as a decimal

integer. The seconds parameter must also be specified.

Values

10 — 1000

seconds — The time frame, in seconds, used to limit the number of ICMP TTL expired messages that

can be issued, expressed as a decimal integer.

Values

1 — 60

unreachables

Syntax

unreachables [number seconds]

no unreachables

Context

config>router>if>icmp

Description

This command enables and configures the rate for ICMP host and network destination unreachable

messages issued on the router interface.

The unreachables command enables the generation of ICMP destination unreachables on the router

interface. The rate at which ICMP unreachables is issued can be controlled with the optional number

and seconds parameters by indicating the maximum number of destination unreachable messages that

can be issued on the interface for a given time interval.

By default, generation of ICMP destination unreachables messages is enabled at a maximum rate of

100 per 10 second time interval.

Page 110

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

The no form of the command disables the generation of ICMP destination unreachables on the router

interface.

Default

unreachables 100 10 — maximum of 100 unreachable messages in 10 seconds

Parameters

number — The maximum number of ICMP unreachable messages to send, expressed as a decimal

integer. The seconds parameter must also be specified.

Values

10 — 1000

seconds — The time frame, in seconds, used to limit the number of ICMP unreachable messages that

can be issued, expressed as a decimal integer.

Values

1 — 60

7750 SR OS Router Configuration Guide

Page 111

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Router Interface IPv6 Commands

ipv6

Syntax

Context

[no] ipv6

config>router>interface

Description

This command configures IPv6 for a router interface.

The no form of the command disables IPv6 on the interface.

Default

not enabled

address (ipv6)

Syntax

address {ipv6-address/prefix-length} [eui-64]

no address {ipv6-address/prefix-length}

Context

Description

Default

config>router>if>ipv6

This command assigns an IPv6 address to the interface.

none

Parameters

ipv6-address/prefix-length — Specify the IPv6 address on the interface.

Values

ipv6-address/prefix: ipv6-address x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x [0 — FFFF]H

d [0 — 255]D

1 — 128

prefix-length

eui-64 — When the eui-64 keyword is specified, a complete IPv6 address from the supplied prefix

and 64-bit interface identifier is formed. The 64-bit interface identifier is derived from MAC

address on Ethernet interfaces. For interfaces without a MAC address, for example POS

interfaces, the Base MAC address of the chassis should be used.

icmp6

Syntax

Context

icmp6

config>router>if>ipv6

Description

This command enables the context to configure ICMPv6 parameters for the interface.

packet-too-big

Page 112

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

packet-too-big [number seconds]

no packet-too-big

Context

Description

Parameters

config>router>if>ipv6>icmp6

This command configures the rate for ICMPv6 packet-too-big messages.

number — Limits the number of packet-too-big messages issued per the time frame specifed in the

seconds parameter.

Values

10 — 1000

seconds — Determines the time frame, in seconds, that is used to limit the number of packet-too-big

messages issued per time frame.

Values

1 — 60

param-problem

Syntax

param-problem [number seconds]

no param-problem

Context

Description

Parameters

config>router>if>ipv6>icmp6

This command configures the rate for ICMPv6 param-problem messages.

number — Limits the number of param-problem messages issued per the time frame specifed in the

seconds parameter.

Values

10 — 1000

seconds — Determines the time frame, in seconds, that is used to limit the number of param-problem

messages issued per time frame.

Values

1 — 60

redirects

Syntax

redirects [number seconds]

no redirects

Context

config>router>if>ipv6>icmp6

Description

This command configures the rate for ICMPv6 redirect messages. When configured, ICMPv6

redirects are generated when routes are not optimal on the router and another router on the same

subnetwork has a better route to alert that node that a better route is available.

The no form of the command disables ICMPv6 redirects.

Default

100 10 (when IPv6 is enabled on the interface)

Parameters

number — Limits the number of redirects issued per the time frame specifed in seconds parameter.

Values

10 — 1000

7750 SR OS Router Configuration Guide

Page 113

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

seconds — Determines the time frame, in seconds, that is used to limit the number of redirects issued

per time frame.

Values

1 — 60

time-exceeded

Syntax

time-exceeded [number seconds]

no time-exceeded

Context

Description

Parameters

config>router>if>ipv6>icmp6

This command configures rate for ICMPv6 time-exceeded messages.

number — Limits the number of time-exceeded messages issued per the time frame specifed in

seconds parameter.

Values

10 — 1000

seconds — Determines the time frame, in seconds, that is used to limit the number of time-exceeded

messages issued per time frame.

Values

1 — 60

unreachables

Syntax

unreachables [number seconds]

no unreachables

Context

config>router>if>ipv6>icmp6

Description

This command configures the rate for ICMPv6 unreachable messages. When enabled, ICMPv6 host

and network unreachable messages are generated by this interface.

The no form of the command disables the generation of ICMPv6 host and network unreachable

messages by this interface.

Default

100 10 (when IPv6 is enabled on the interface)

Parameters

number — Determines the number destination unreachable ICMPv6 messages to issue in the time

frame specified in seconds parameter.

Values

10 — 1000

seconds — Sets the time frame, in seconds, to limit the number of destination unreachable ICMPv6

messages issued per time frame.

Values

1 — 60

local-proxy-nd

Page 114

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

Context

[no] local-proxy-nd

config>router>if>ipv6

Description

This command enables local proxy neighbor discovery on the interface.

The no form of the command disables local proxy neighbor discovery.

proxy-nd-policy

Syntax

proxy-nd-policy policy-name [policy-name...(up to 5 max)]

no proxy-nd-policy

Context

Description

Parameters

config>router>if>ipv6

This command configure a proxy neighbor discovery policy for the interface.

policy-name — The neighbor discovery policy name. Allowed values are any string up to 32

characters long composed of printable, 7-bit ASCII characters. If the string contains special

characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. The

specified policy name(s) must already be defined.

neighbor

Syntax

neighbor [ipv6-address] [mac-address]

no neighbor [ipv6-address]

Context

config>router>if>ipv6

Description

This command configures an IPv6-to-MAC address mapping on the interface. Use this command if a

directly attached IPv6 node does not support ICMPv6 neighbor discovery, or for some reason, a static

address must be used. This command can only be used on Ethernet media.

The ipv6-address must be on the subnet that was configured from the IPv6 address command or a

link-local address.

Parameters

ipv6-address — The IPv6 address assigned to a router interface.

Values

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

mac-address — Specifies the MAC address for the neighbor in the form of xx:xx:xx:xx:xx:xx or xx-

xx-xx-xx-xx-xx.

7750 SR OS Router Configuration Guide

Page 115

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Router Advertisement Commands

router-advertisement

Syntax

Context

[no] router-advertisement

config>router

Description

This command configures router advertisement properties. By default, it is disabled for all IPv6

enabled interfaces.

The no form of the command disables all IPv6 interface. However, the no interface interface-name

command disables a specific interface.

Default

disabled

interface

Syntax

Context

[no] interface ip-int-name

config>router>router-advertisement

Description

This command configures router advertisement properties on a specific interface. The interface must

already exist in the config>router>interface context.

Default

No interfaces are configured by default.

Parameters

ip-int-name — Specify the interface name. If the string contains special characters (#, $, spaces, etc.),

the entire string must be enclosed within double quotes.

current-hop-limit

Syntax

current-hop-limit number

no current-hop-limit

Context

config>router>router-advert>if

Description

This command configures the current-hop-limit in the router advertisement messages. It informs the

nodes on the subnet about the hop-limit when originating IPv6 packets.

Default

Parameters

number — Specifies the hop limit.

Values

0 — 255. A value of zero means there is an unspecified number of hops.

managed-configuration

Page 116

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

Context

[no] managed-configuration

config>router>router-advert>if

Description

This command sets the managed address configuration flag. This flag indicates that DHCPv6 is

available for address configuration in addition to any address autoconfigured using stateless address

autoconfiguration. See RFC 3315, Dynamic Host Configuration Protocol (DHCP) for IPv6.

Default

no managed-configuration

max-advertisement-interval

Syntax

Context

[no] max-advertisement-interval seconds

config>router>router-advert>if

Description

Default

This command configures the maximum interval between sending router advertisement messages.

600

Parameters

seconds — Specifies the maximum interval in seconds between sending router advertisement

messages.

Values

4 — 1800

min-advertisement-interval

Syntax

Context

[no] min-advertisement-interval seconds

config>router>router-advert>if

Description

This command configures the minimum interval between sending ICMPv6 neighbor discovery router

advertisement messages.

Default

200

Parameters

seconds — Specify the minimum interval in seconds between sending ICMPv6 neighbor discovery

router advertisement messages.

Values

3 — 1350

mtu

Syntax

Context

[no] mtu mtu-bytes

config>router>router-advert>if

Description

Default

This command configures the MTU for the nodes to use to send packets on the link.

no mtu — the MTU option is not sent in the router advertisement messages.

7750 SR OS Router Configuration Guide

Page 117

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

mtu-bytes — Specify the MTU for the nodes to use to send packets on the link.

Values 1280 — 9212

other-stateful-configuration

Syntax

[no] other-stateful-configuration

Description

This command sets the "Other configuration" flag. This flag indicates that DHCPv6lite is available

for autoconfiguration of other (non-address) information such as DNS-related information or

information on other servers in the network. See RFC 3736, Stateless Dynamic Host Configuration

Protocol (DHCP) for IPv6.

Default

no other-stateful-configuration

prefix

Syntax

Context

[no] prefix [ipv6-prefix/prefix-length]

config>router>router-advert>if

Description

This command configures an IPv6 prefix in the router advertisement messages. To support multiple

IPv6 prefixes, use multiple prefix statements. No prefix is advertised until explicitly configured using

prefix statements.

Default

none

Parameters

ip-prefix — The IP prefix for prefix list entry in dotted decimal notation.

Values

ipv4-prefix

ipv4-prefix-length

ipv6-prefix

a.b.c.d (host bits must be 0)

0 — 32

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

[0 — 255]D

ipv6-prefix-length

0 — 128

prefix-length — Specifies a route must match the most significant bits and have a prefix length.

Values 1 — 128

autonomous

Syntax

Context

[no] autonomous

config>router>router-advert>if>prefix

Description

Default

This command specifies whether the prefix can be used for stateless address autoconfiguration.

enabled

Page 118

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

on-link

Syntax

[no] on-link

Context

config>router>router-advert>if>prefix

Description

Default

This command specifies whether the prefix can be used for onlink determination.

enabled

preferred-lifetime

Syntax

Context

[no] preferred-lifetime {seconds | infinite}

config>router>router-advert>if

Description

This command configures the remaining length of time in seconds that this prefix will continue to be

preferred, such as, time until deprecation.

The address generated from a deprecated prefix should not be used as a source address in new

communications, but packets received on such an interface are processed as expected.

Default

604800

Parameters

seconds — Specifies the remaining length of time in seconds that this prefix will continue to be

preferred.

infinite — Specifies that the prefix will always be preferred. A value of 4,294,967,295 represents

infinity.

valid-lifetime

Syntax

valid-lifetime {seconds | infinite}

Description

This command specifies the length of time in seconds that the prefix is valid for the purpose of on-

link determination. A value of all one bits (0xffffffff) represents infinity.

The address generated from an invalidated prefix should not appear as the destination or source

address of a packet.

Default

2592000

Parameters

seconds — Specifies the remaining length of time in seconds that this prefix will continue to be valid.

infinite — Specifies that the prefix will always be valid. A value of 4,294,967,295 represents infinity.

reachable-time

7750 SR OS Router Configuration Guide

Page 119

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Syntax

reachable-time milli-seconds

no reachable-time

Context

config>router>router-advert>if

Description

This command configures how long this router should be considered reachable by other nodes on the

link after receiving a reachability confirmation.

Default

no reachable-time

Parameters

milli-seconds — Specifies the length of time the router should be considered reachable.

Values

0 — 3600000

retransmit-time

Syntax

retransmit-timer milli-seconds

no retransmit-timer

Context

Description

Default

config>router>router-advert>if

This command configures the retransmission frequency of neighbor solicitation messages.

no retransmit-time

Parameters

milli-seconds — Specifies how often the retransmission should occur.

Values

0 — 1800000

router-lifetime

Syntax

router-lifetime seconds

no router-lifetime

Context

Description

Default

config>router>router-advert>if

This command sets the router lifetime.

1800

Parameters

seconds — The length of time, in seconds, (relative to the time the packet is sent) that the prefix is

valid for route determination.

Values

0, 4 — 9000 seconds. 0 means that the router is not a default router on this link.

shutdown

Syntax

Context

[no] shutdown

config>router>router-advert>if

Description

This command enables or disables router advertisement on an interface.

Page 120

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Default

no shutdown

7750 SR OS Router Configuration Guide

Page 121

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Page 122

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Show Commands

aggregate

Syntax

Context

aggregate [family][active]

show>router

Description

Parameters

This command displays aggregate routes.

family — Specifies to display IPv4 or IPv6 aggregate routes.

Values

ipv4, ipv6

active — When the active keyword is specified, inactive aggregates are filtered out.

arp

Syntax

static | managed]

Context

show>router

Description

This command displays the router ARP table sorted by IP address.

If no command line options are specified, all ARP entries are displayed.

Parameters

ip-address/mask — Only displays ARP entries associated with the specified IP address and mask.

ip-int-name — Only displays ARP entries associated with the specified IP interface name.

mac ieee-mac-addr — Only displays ARP entries associated with the specified MAC address.

summary — Displays an abbreviate list of ARP entries.

[local | dynamic | static | managed] — Only displays ARP information associated with the specified

keyword.

Output

ARP Table Output — The following table describes the ARP table output fields:

Label

IP Address

Description

The IP address of the ARP entry.

MAC Address

Expiry

The MAC address of the ARP entry.

The age of the ARP entry.

7750 SR OS Router Configuration Guide

Page 123

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Label

Description (Continued)

Dyn — The ARP entry is a dynamic ARP entry.

Inv — The ARP entry is an inactive static ARP entry (invalid).

Oth — The ARP entry is a local or system ARP entry.

Sta — The ARP entry is an active static ARP entry.

The IP interface name associated with the ARP entry.

The number of ARP entries displayed in the list.

Type

Interface

No. of ARP Entries

Sample Output

A:ALA-A# show router ARP

===============================================================================

ARP Table

===============================================================================

IP Address

MAC Address

Expiry

Type Interface

-------------------------------------------------------------------------------

10.10.0.3

04:5d:ff:00:00:00 00:00:00

04:5b:01:01:00:02 03:53:09

04:5d:01:01:00:02 00:00:00

04:5d:01:01:00:01 00:00:00

04:5e:01:01:00:01 01:08:00

04:5d:01:01:00:03 00:00:00

04:5f:01:01:00:03 02:47:07

00:03:47:97:68:7d 00:00:00

00:01:03:c0:f6:5a 00:19:59

Oth system

10.10.13.1

10.10.13.3

10.10.34.3

10.10.34.4

10.10.35.3

10.10.35.5

192.168.2.93

192.168.5.204

Dyn to-ser1

Oth to-ser1

Oth to-ser4

Sta to-ser4

Oth to-ser5

Dyn to-ser5

Oth management

Dyn management

-------------------------------------------------------------------------------

No. of ARP Entries: 9

===============================================================================

A:ALA-A#

A:ALA-A# show router ARP 10.10.0.3

===============================================================================

ARP Table

===============================================================================

IP Address

-------------------------------------------------------------------------------

10.10.0.3 04:5d:ff:00:00:00 00:00:00 Oth system

MAC Address

Expiry

Type Interface

===============================================================================

A:ALA-A#

A:ALA-A# show router ARP to-ser1

===============================================================================

ARP Table

===============================================================================

IP Address

-------------------------------------------------------------------------------

10.10.13.1 04:5b:01:01:00:02 03:53:09 Dyn to-ser1

MAC Address

Expiry

Type Interface

===============================================================================

A:ALA-A#

Page 124

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

authentication

Syntax

Context

authentication

show>router>authentication

Description

This command enables the command to display authentication statistics.

statistics

Syntax

statistics

statistics interface [ip-int-name | ip-address]

statistics policy name

Context

Description

Parameters

show>router>authentication

This command displays interface or policy authentication statistics.

interface [ip-int-name | ip-address] — Specifies an existing interface name or IP address.

Values

ip-int-name: 32 chars max

ip-address: a.b.c.d

policy name — Specifies an existing policy name.

Output

Authentication Statistics Output — The following table describes the show authentication

statistics output fields:

Label

Description

Client Packets

Authenticate Fail

The number of packets that failed authentication.

Client Packets

Authenticate Ok

The number of packets that were authenticated.

Sample Output

A:SR-3>show>router>auth# statistics

===================================================================

Authentication Global Statistics

===================================================================

Client Packets Authenticate Fail

Client Packets Authenticate Ok

: 0

: 12

===================================================================

A:SR-3>

7750 SR OS Router Configuration Guide

Page 125

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

bfd

Syntax

Context

bfd

show>router

Description

This command enables the context to display bi-directional forwarding detection (BFD) information.

interface

Syntax

Context

interface

show>router>bfd

Description

Output

This command displays interface information.

BFD interface Output — The following table describes the show BFD interface output fields:

Label

Description

TX Interval

Displays the interval, in milliseconds, between the transmitted BFD mes-

sages to maintain the session

RX Interval

Multiplier

Displays the expected interval, in milliseconds, between the received BFD

messages to maintain the session

Displays the integer used by BFD to declare when the neighbor is down.

Sample Output

B:CORE2# show router bfd interface

===============================================================================

BFD Interface

===============================================================================

Interface name

Tx Interval

Rx Interval

Multiplier

-------------------------------------------------------------------------------

net10_1_2

net11_1_2

net12_1_2

net13_1_2

net14_1_2

net15_1_2

net16_1_2

net17_1_2

net18_1_2

net19_1_2

net1_1_2

100

net1_2_3

net20_1_2

net21_1_2

net22_1_2

net23_1_2

net24_1_2

Page 126

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

net25_1_2

net2_1_2

net3_1_2

net4_1_2

net5_1_2

net6_1_2

net7_1_2

net8_1_2

net9_1_2

100

-------------------------------------------------------------------------------

No. of BFD Interfaces: 26

===============================================================================

session

Syntax

session [src ip-address [dst ip-address] | detail]

show>router>bfd

Context

Description

Parameters

This command displays session information.

ip-address — Only displays the interface information associated with the specified IP address.

Values

ipv4-address

a.b.c.d (host bits must be 0)

Output

BFD Session Output — The following table describes the show BFD session output fields:

Label

Description

Displays the administrative state for this BFD session.

Displays the active protocol.

State

Protocol

Tx Intvl

Displays the interval, in milliseconds, between the transmitted BFD mes-

sages to maintain the session

Tx Pkts

Displays the number of transmitted BFD packets.

Rx Intvl

Displays the expected interval, in milliseconds, between the received BFD

messages to maintain the session

Rx Pkts

Mult

Displays the number of received packets.

Displays the integer used by BFD to declare when the neighbor is down.

Sample Output

B:CORE2# show router bfd session

===============================================================================

BFD Session

===============================================================================

Interface

State

Tx Intvl Rx Intvl Mult

7750 SR OS Router Configuration Guide

Page 127

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Remote Address

Protocol

Tx Pkts

Rx Pkts

-------------------------------------------------------------------------------

net1_1_2

12.1.2.1

net1_2_3

12.2.3.2

Up (3)

ospf2 isis

Up (3)

100

5029

100

5029

100

ospf2 isis

156367

156365

-------------------------------------------------------------------------------

No. of BFD sessions: 2

===============================================================================

dhcp

Syntax

Context

dhcp

show>router

Description

This command enables the context to display DHCP related information.

dhcp6

Syntax

Context

dhcp6

show>router

Description

This command enables the context to display DHCP6 related information.

statistics

Syntax

statistics [ip-int-name | ip-address]

Context

show>router>dhcp

show>router>dhcp6

Description

This command displays statistics for DHCP relay and DHCP snooping.

If no IP address or interface name is specified, then all configured interfaces are displayed.

If an IP address or interface name is specified, then only data regarding the specified interface is

displayed.

Parameters

Output

ip-int-name | ip-address — Displays statistics for the specified IP interface.

Show DHCP Statistics Output — The following table describes the output fields for DHCP.

statistics.

Page 128

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Label

Description

Received Packets

The number of packets received from the DHCP clients.

The number of packets transmitted to the DHCP clients.

Transmitted Pack-

ets

Received Mal-

formed Packets

The number of malformed packets received from the DHCP clients.

The number of untrusted packets received from the DHCP clients.

Received

Untrusted Packets

Client Packets

Discarded

The number of packets received from the DHCP clients that were

discarded.

Client Packets

Relayed

The number of packets received from the DHCP clients that were

forwarded.

Client Packets

Snooped

The number of packets received from the DHCP clients that were

snooped.

Server Packets

Discarded

The number of packets received from the DHCP server that were

discarded.

Server Packets

Relayed

The number of packets received from the DHCP server that were

forwarded.

Server Packets

Snooped

The number of packets received from the DHCP server that were

snooped.

Sample Output

A:ALA-1# show router dhcp statistics

==========================================================================

DHCP6 statistics (Router: Base)

==========================================================================

Msg-type

Dropped

--------------------------------------------------------------------------

1 SOLICIT

2 ADVERTISE

3 REQUEST

4 CONFIRM

5 RENEW

6 REBIND

7 REPLY

8 RELEASE

9 DECLINE

10 RECONFIGURE

11 INFO_REQUEST

12 RELAY_FORW

13 RELAY_REPLY

7750 SR OS Router Configuration Guide

Page 129

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

--------------------------------------------------------------------------

Dhcp6 Drop Reason Counters :

--------------------------------------------------------------------------

1 Dhcp6 oper state is not Up on src itf

2 Dhcp6 oper state is not Up on dst itf

3 Relay Reply Msg on Client Itf

4 Hop Count Limit reached

5 Missing Relay Msg option, or illegal msg type

6 Unable to determine destinatinon client Itf

7 Out of Memory

8 No global Pfx on Client Itf

9 Unable to determine src Ip Addr

10 No route to server

11 Subscr. Mgmt. Update failed

12 Received Relay Forw Message

13 Packet too small to contain valid dhcp6 msg

14 Server cannot respond to this message

15 No Server Id option in msg from server

16 Missing or illegal Client Id option in client msg

17 Server Id option in client msg

18 Server DUID in client msg does not match our own

19 Client sent message to unicast while not allowed

20 Client sent message with illegal src Ip address

21 Client message type not supported in pfx delegation

22 Nbr of addrs or pfxs exceeds allowed max (128) in msg

23 Unable to resolve client's mac address

24 The Client was assigned an illegal address

25 Illegal msg encoding

==========================================================================

A:ALA-1#

summary

Syntax

Context

summary

show>router>dhcp

Description

Output

Display the status of the DHCP Relay and DHCP Snooping functions on each interface.

Show DHCP Summary Output — The following table describes the output fields for DHCP

summary.

Label

Interface Name

Info Option

Description

Name of the router interface.

Indicates whether Option 82 processing is enabled on the interface.

Page 130

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Auto Filter

Snoop

Indicates whether IP Auto Filter is enabled on the interface.

Indicates whether Auto ARP table population is enabled on the

interface.

Interfaces

Indicates tot total number of router interfaces on the 7750 SR.

Sample Output

A:ALA-1# show router dhcp summary

===============================================================================

DHCP6 Summary (Router: Base)

===============================================================================

Interface Name

SapId

Nbr

Resol.

Used/Max Relay

Used/Max Server

Admin Oper Relay

Admin Oper Server

-------------------------------------------------------------------------------

interfaceServiceDefault

sap:6/2/12:1

interfaceServiceIxia

sap:6/2/1

interfaceServiceNonDefault

sap:6/2/12:2

ip-61.4.113.4

0/0

0/8000

0/0

0/8000

0/0

0/8000

575/8000

580/8000

NoServerCo*

Down

NoServerCo*

Down

Yes

sap:6/1/1:1

=============================================================================

A:ALA-1#

ecmp

Syntax

ecmp

Context

show>router

Description

Output

This command displays the ECMP settings for the router.

ECMP Settings Output — The following table describes the output fields for the router ECMP

settings.

Label

Instance

Description

The router instance number.

Router Name

ECMP

The name of the router instance.

False — ECMP is disabled for the instance.

True — ECMP is enabled for the instance.

The number of ECMP routes configured for path sharing.

Configured-ECMP-

Routes

7750 SR OS Router Configuration Guide

Page 131

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Sample Output

A:ALA-A# show router ecmp

===============================================================================

Router ECMP

===============================================================================

Instance

-------------------------------------------------------------------------------

Base True

Router Name

ECMP

Configured-ECMP-Routes

===============================================================================

A:ALA-A#

fib

Syntax

Context

fib slot-number [family] [ip-prefix/prefix-length] [longer] [secondary]

show>router

Description

Parameters

Displays the active FIB entries for a specific IOM.

slot-number — Displays routes only matching the specified chassis slot number.

Default

Values

all IOMs

1 - 10

family — Displays the router IP interface table to display.

Values ipv4 — Displays only those peers that have the IPv4 family enabled.

ipv6 — Displays the peers that are IPv6-capable.

ip-prefix/prefix-length — Displays FIB entries only matching the specified ip-prefix and length.

Values

ipv4-prefix:

ipv4-prefix-length:[

ipv6-prefix:

a.b.c.d (host bits must be 0)

0 — 32

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

ipv6-prefix-length:

0 — 128

longer — Displays FIB entries matching the ip-prefix/mask and routes with longer masks.

secondary — Displays secondary VRF ID information.

icmp6

Syntax

Context

icmp6

show>router

Description

This command displays Internet Control Message Protocol Version 6 (ICMPv6) statistics. ICMP

generates error messages (for example, ICMP destination unreachable messages) to report errors during

processing and other diagnostic functions. ICMPv6 packets can be used in the neighbor discovery

protocol and path MTU discovery.

Page 132

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Output

icmp6 Output — The following table describes the show router icmp6 output fields:

Label

Description

The total number of all messages.

Total

Destination

Unreachable

The number of message that did not reach the destination.

Time Exceeded

Echo Request

Router Solicits

Neighbor Solicits

Errors

The number of messages that exceeded the time threshold.

The number of echo requests.

The number of times the local router was solicited.

The number of times the neighbor router was solicited.

The number of error messages.

Redirects

The number of packet redirects.

Pkt too big

Echo Reply

The number of packets that exceed appropriate size.

The number of echo replies.

Router Advertise-

ments

The number of times the router advertised its location.

Neighbor Adver-

tisements

The number of times the neighbor router advertised its location.

Sample Output

A:SR-3>show>router>auth# show router icmp6

===============================================================================

Global ICMPv6 Stats

===============================================================================

Received

Total

: 14

Errors

Redirects

Pkt Too Big

Echo Reply

Router Advertisements

: 0

: 5

: 0

: 4

Destination Unreachable : 5

Time Exceeded

Echo Request

Router Solicits

Neighbor Solicits

: 0

Neighbor Advertisements : 0

-------------------------------------------------------------------------------

Sent

Total

: 10

Errors

Redirects

Pkt Too Big

Echo Reply

Router Advertisements

: 0

Destination Unreachable : 0

Time Exceeded

Echo Request

Router Solicits

Neighbor Solicits

: 0

: 5

Neighbor Advertisements : 5

===============================================================================

A:SR-3>show>router>auth#

7750 SR OS Router Configuration Guide

Page 133

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

interface

Syntax

Context

interface [interface-name]

show>router>icmpv6

Description

Parameters

Output

This command displays interface ICMPv6 statistics.

interface-name — Only displays entries associated with the specified IP interface name.

icmp6 interface Output — The following table describes the show router icmp6 interface output

fields:

Label

Description

The total number of all messages.

Total

Destination

Unreachable

The number of message that did not reach the destination.

Time Exceeded

Echo Request

Router Solicits

Neighbor Solicits

Errors

The number of messages that exceeded the time threshold.

The number of echo requests.

The number of times the local router was solicited.

The number of times the neighbor router was solicited.

The number of error messages.

Redirects

The number of packet redirects.

Pkt too big

Echo Reply

The number of packets that exceed appropriate size.

The number of echo replies.

Router Advertise-

ments

The number of times the router advertised its location.

Neighbor Adver-

tisements

The number of times the neighbor router advertised its location.

Sample Output

B:CORE2# show router icmp6 interface net1_1_2

===============================================================================

Interface ICMPv6 Stats

===============================================================================

Interface "net1_1_2"

-------------------------------------------------------------------------------

Received

Total

Destination Unreachable : 0

Time Exceeded : 0

: 41

Errors

Redirects

Pkt Too Big

: 0

Page 134

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Echo Request

Router Solicits

Neighbor Solicits

: 0

: 20

Echo Reply

Router Advertisements

Neighbor Advertisements : 21

: 0

-------------------------------------------------------------------------------

Sent

Total

: 47

Errors

Redirects

Pkt Too Big

Echo Reply

Router Advertisements

: 0

Destination Unreachable : 0

Time Exceeded

Echo Request

Router Solicits

Neighbor Solicits

: 0

: 27

Neighbor Advertisements : 20

===============================================================================

B:CORE2#

interface

Syntax

interface [{[ip-address | ip-int-name] [detail]} | [summary] | [exclude-services]

interface family [detail]]

Context

Description

Parameters

show>router

This command displays the router IP interface table sorted by interface index.

ip-address — Only displays the interface information associated with the specified IP address.

Values

ipv4-address

ipv6-address

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

ip-int-name — Only displays the interface information associated with the specified IP interface name.

detail — Displays detailed IP interface information.

summary — Displays summary IP interface information for the router.

exclude-services — Displays IP interface information, excluding IP interfaces configured for customer

services. Only core network IP interfaces are displayed.

family — Displays the router IP interface family to display.

Values

ipv4 — Displays only those peers that have the IPv4 family enabled.

ipv6 — Displays the peers that are IPv6-capable.

Output

Standard IP Interface Output — The following table describes the standard output fields for an IP

interface.

Label

Description

Interface-Name

The IP interface name.

7750 SR OS Router Configuration Guide

Page 135

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Label

Description (Continued)

Type

n/a — No IP address has been assigned to the IP interface, so the IP

address type is not applicable.

Pri — The IP address for the IP interface is the Primary address on the

IP interface.

Sec — The IP address for the IP interface is a secondary address on the

IP interface.

IP-Address

Adm

The IP address and subnet mask length of the IP interface.

n/a— Indicates no IP address has been assigned to the IP interface.

Down — The IP interface is administratively disabled.

Up — The IP interface is administratively enabled.

Down — The IP interface is operationally disabled.

Up — The IP interface is operationally disabled.

Opr

Mode

Network — The IP interface is a network/core IP interface.

Service — The IP interface is a service IP interface.

Sample Output

A:ALA-A# show router interface

===============================================================================

Interface Table (Router: Base)

===============================================================================

Interface-Name

IP-Address

Adm(v4/v6) Opr(v4/v6) Mode

Port/SapId

PfxState

-------------------------------------------------------------------------------

ip-100.0.0.2

100.0.0.2/10

Up/Up

Network lag-1

n/a

PREFERRED

Network lag-2

3FFE:1::2/64

FE80::200:FF:FE00:4/64

ip-100.128.0.2

100.128.0.2/10

3FFE:2::2/64

FE80::200:FF:FE00:4/64

ip-11.2.4.4

11.2.4.4/24

15::2/120

ip-11.4.101.4

n/a

PREFERRED

Up/Up

Down/Down

Up/Up

Network 3/1/1

n/a

Network 5/2/1

n/a

11.4.101.4/24

3FFE::B04:6504/120

FE80::200:FF:FE00:4/64

ip-11.4.113.4

PREFERRED

Network 6/1/1

Up/Up

11.4.113.4/24

n/a

PREFERRED

3FFE::B04:7104/120

FE80::200:FF:FE00:4/64

ip-11.4.114.4

Network 6/1/2

11.4.114.4/24

n/a

3FFE::B04:7204/120

PREFERRED

Page 136

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

FE80::200:FF:FE00:4/64

ip-12.2.4.4

12.2.4.4/24

3FFE::C02:404/120

ip-13.2.4.4

13.2.4.4/24

3FFE::D02:404/120

ip-14.2.4.4

14.2.4.4/24

3FFE::E02:404/120

ip-15.2.4.4

PREFERRED

Network 3/1/2

n/a

Up/Up

Down/Down

Up/Up

Network 3/1/3

n/a

Network 3/1/4

n/a

Network 3/1/5

n/a

15.2.4.4/24

3FFE::F02:404/120

ip-21.2.4.4

Network 6/2/11

n/a

21.2.4.4/24

3FFE::1502:404/120

FE80::200:FF:FE00:4/64

ip-22.2.4.4

PREFERRED

Network 6/2/12

n/a

PREFERRED

Network 6/2/13

n/a

PREFERRED

Network 6/2/14

n/a

PREFERRED

Network system

n/a

Up/Up

22.2.4.4/24

3FFE::1602:404/120

FE80::200:FF:FE00:4/64

ip-23.2.4.4

23.2.4.4/24

3FFE::1702:404/120

FE80::200:FF:FE00:4/64

ip-24.2.4.4

24.2.4.4/24

3FFE::1802:404/120

FE80::200:FF:FE00:4/64

system

200.200.200.4/32

3FFE::C8C8:C804/128

PREFERRED

-------------------------------------------------------------------------------

Interfaces : 15

===============================================================================

A:ALA-A#

A:ALA-A# show router interface 10.10.0.3/32

===============================================================================

Interface Table

===============================================================================

Interface-Name

-------------------------------------------------------------------------------

system Pri 10.10.0.3/32 Up Up Network

Type IP-Address

Adm

Opr Mode

===============================================================================

A:ALA-A#

A:ALA-A# show router interface to-ser1

===============================================================================

Interface Table

===============================================================================

Interface-Name

-------------------------------------------------------------------------------

to-ser1 Pri 10.10.13.3/24 Up Up Network

Type IP-Address

Adm

Opr Mode

===============================================================================

A:ALA-A#

A:ALA-A# show router interface exclude-services

7750 SR OS Router Configuration Guide

Page 137

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

===============================================================================

Interface Table

===============================================================================

Interface-Name

Type IP-Address

Adm

Opr Mode

-------------------------------------------------------------------------------

system

Pri 10.10.0.3/32

Pri 10.10.13.3/24

Pri 10.10.34.3/24

Pri 10.10.35.3/24

n/a n/a

Network

to-ser1

to-ser4

to-ser5

to-ser6

management

Down Network

Up Network

Pri 192.168.2.93/20

===============================================================================

A:ALA-A#

Detailed IP Interface Output — The following table describes the detailed output fields for an IP

interface.

Label

If Name

Description

The IP interface name.

Admin State

Down — The IP interface is administratively disabled.

Up — The IP interface is administratively enabled.

Down — The IP interface is operationally disabled.

Up — The IP interface is operationally enabled.

Oper State

IP Addr/mask

The IP address and subnet mask length of the IP interface.

Not Assigned— Indicates no IP address has been assigned to the IP

interface.

IPV6 Addr

The IPv6 address of the interface.

If Index

The interface index of the IP router interface.

The virtual interface index of the IP router interface.

The last change in operational status.

Virt If Index

Last Oper Change

Global If Index

Sap ID

The global interface index of the IP router interface.

The SAP identifier.

TOS Marker

If Type

The TOS byte value in the logged packet.

Network — The IP interface is a network/core IP interface.

Service — The IP interface is a service IP interface.

Displays if the broadcast-client global parameter is configured

The IES identifier.

SNTP B.cast

IES ID

QoS Policy

The QoS policy ID associated with the IP interface.

Page 138

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Label

MAC Address

Arp Timeout

Description (Continued)

The MAC address of the IP interface.

The ARP timeout for the interface, in seconds, which is the time an ARP

entry is maintained in the ARP cache without being refreshed.

IP MTU

The IP Maximum Transmission Unit (MTU) for the IP interface.

ICMP Mask Reply

False — The IP interface will not reply to a received ICMP mask

request.

True — The IP interface will reply to a received ICMP mask request.

Displays if ARP is enabled or disabled.

Arp Populate

Host Conn Verify

Cflowd

Host connectivity verification.

Specifies the type of Cflowd analysis that is applied to the interface.

acl — ACL Cflowd analysis is applied to the interface.

interface — Interface cflowd analysis is applied to the interface.

none — No Cflowd analysis is applied to the interface.

redirects

Specifies the maximum number of ICMP redirect messages the IP inter-

face will issue in a given period of time in seconds.

Disabled— Indicates the IP interface will not generate ICMP redirect

messages.

Unreachables

TTL Expired

Specifies the maximum number of ICMP destination unreachable mes-

sages the IP interface will issue in a given period of time in seconds.

Disabled — Indicates the IP interface will not generate ICMP destina-

tion unreachable messages.

The maximum number (Number) of ICMP TTL expired messages the IP

interface will issue in a given period of time in seconds.

Disabled — Indicates the IP interface will not generate ICMP TTL

expired messages.

A:ALA# show router interface ip-11.2.4.4 detail

===============================================================================

Interface Table (Router: Base)

===============================================================================

-------------------------------------------------------------------------------

Interface

-------------------------------------------------------------------------------

If Name

: dut-1

Admin State : Up

Oper (v4/v6)

: Down/Down

Protocols

IPv6 Addr

: None

: 3FFE:501:FFFF:100:200:FF:FE00:101/64

: FE80::200:FF:FE00:101/64

INACCESSIBLE

-------------------------------------------------------------------------------

Details

-------------------------------------------------------------------------------

If Index

Last Oper Chg: 02/13/2007 01:00:29

SAP Id : 1/1/1

: 2

Virt. If Index

Global If Index : 127

: 2

7750 SR OS Router Configuration Guide

Page 139

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

TOS Marking : Untrusted

SNTP B.Cast : False

If Type

IES ID

: IES

: 1

MAC Address : 00:00:00:00:01:01

Arp Timeout

: 14400

IP MTU

Arp Populate : Disabled

Cflowd : None

: 1500

ICMP Mask Reply : True

Host Conn Verify : Disabled

Proxy ARP Details

Rem Proxy ARP: Disabled

Local Proxy ARP : Disabled

Policies

: none

Proxy Neighbor Discovery Details

Local Pxy ND : Disabled

Policies

: none

DHCP Details

Admin State : Down

Lease Populate

: 0

Gi-Addr

Action

: Not configured

: Keep

Gi-Addr as Src Ip: Disabled

Trusted

: Disabled

DHCP Proxy Details

Admin State : Down

Lease Time

: N/A

Emul. Server : Not configured

Subscriber Authentication Details

Auth Policy : None

DHCP6 Relay Details

Admin State : Down

Lease Populate

Nbr Resolution

Remote Id

: 0

: Disabled

Oper State

: Down

If-Id Option : None

Src Addr

: Not configured

DHCP6 Server Details

Admin State : Down

Max. Lease States: 8000

ICMP Details

Redirects

Unreachables : Number - 100

TTL Expired : Number - 100

: Number - 100

Time (seconds)

- 10

===============================================================================

A:ALA#

Summary IP Interface Output — The following table describes the summary output fields for the

router IP interfaces..

Label

Instance

Description

The router instance number.

Router Name

Interfaces

The name of the router instance.

The number of IP interfaces in the router instance.

Page 140

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Label

Admin-Up

Description (Continued)

The number of administratively enabled IP interfaces in the router

instance.

Oper-Up

The number of operationally enabled IP interfaces in the router instance.

Sample Output

A:ALA-A# show router interface summary

===============================================================================

Router Summary (Interfaces)

===============================================================================

Instance Router Name

-------------------------------------------------------------------------------

Base

Interfaces

Admin-Up

Oper-Up

===============================================================================

A:ALA-A#

neighbor

Syntax

neighbor [interface-name | ipv6-address | ipv6-address]

show>router

Context

Description

Parameters

This command displays information about the IPv6 neighbor cache.

interface-name — Specify the IP interface name.

ipv6-address — Specify the address of the IPv6 interface address.

Output

Neighbor Output — The following table describes neighbor output fields.

Label

IPv6 Address

MAC Address

Exp

Description

Displays the name of the IPv6 interface.

Specifies the link-layer address.

Displays the number of seconds until the entry expires.

Displays the type of IPv6 interface.

Displays the interface name.

Type

Interface

Rtr

Specifies whether a neighbor is a router.

Displays the MTU size.

Mtu

7750 SR OS Router Configuration Guide

Page 141

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Sample Output

B:CORE2# show router neighbor

===============================================================================

Neighbor Table (Router: Base)

===============================================================================

IPv6 Address

MAC Address

Interface

Expiry

State

Type

RTR

-------------------------------------------------------------------------------

FE80::203:FAFF:FE78:5C88

00:16:4d:50:17:a3

FE80::203:FAFF:FE81:6888

00:03:fa:1a:79:22

net1_1_2

03h52m08s

net1_2_3

03h29m28s

STALE

Dynamic

Yes

-------------------------------------------------------------------------------

No. of Neighbor Entries: 2

===============================================================================

B:CORE2#

policy

Syntax

Context

show>router

Description

Parameters

This command displays policy-related information.

name — Specify an existing policy-statement name.

damping — Specify damping to display route damping profiles.

prefix-list name — Specify a prefix list name to display the route policy entries.

as-path name — Specify the route policy AS path name to display route policy entries.

community name — Specify a route policy community name to display information about a particular

community member.

admin — Specify the admin keyword to display the entities configured in the config>router>policy-

options context.

Output

Policy Output — The following table describes policy output fields.

Label

Description

Policy

The policy name.

Displays the description of the policy.

Description

Sample Output

B:CORE2# show router policy

===============================================================================

Route Policies

Page 142

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

===============================================================================

Policy

Description

-------------------------------------------------------------------------------

fromStatic

-------------------------------------------------------------------------------

Policies : 1

===============================================================================

B:CORE2#

route-table

Syntax

route-table [family] [ip-prefix[/prefix-length] [longer | exact] ] | [protocol protocol-name] |

[summary]

Context

show>router

Description

This command displays the active routes in the routing table.

If no command line arguments are specified, all routes are displayed, sorted by prefix.

Parameters

family — Specify the type of routing information to be distributed by this peer group.

Values

ipv4 — Displays only those BGP peers that have the IPv4 family enabled and not

those capable of exchanging IP-VPN routes.

ipv6 — Displays the BGP peers that are IPv6 capable.

mcast-ipv4 — Displays the BGP peers that are IPv4 multicast capable.

ip-prefix[/prefix-length] — Displays routes only matching the specified ip-address and length.

Values

ipv4-prefix:

ipv4-prefix-length:

a.b.c.d (host bits must be set to 0)

0 — 32

ipv6

ipv6-prefix[/pref*:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

prefix-length:

1 — 128ipv6

longer — Displays routes matching the ip-prefix/mask and routes with longer masks.

exact — Displays the exact route matching the ip-prefix/mask masks.

protocol protocol-name — Displays routes learned from the specified protocol.

Values

bgp, bgp-vpn, isis, local, ospf, rip, static, aggregate, ospf3

summary — Displays a route table summary information.

Output

Standard Route Table Output — The following table describes the standard output fields for the

route table.

Label

Dest Address

Next Hop

Description

The route destination address and mask.

The next hop IP address for the route destination.

7750 SR OS Router Configuration Guide

Page 143

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Label

Description (Continued)

Local — The route is a local route.

Type

Remote — The route is a remote route.

The protocol through which the route was learned.

The route age in seconds for the route.

The route metric value for the route.

Protocol

Age

Metric

Pref

The route preference value for the route.

The number of routes displayed in the list.

No. of Routes

Sample Output

A:ALA# show router route-table

===============================================================================

Route Table (Router: Base)

===============================================================================

Dest Prefix

Age

Type

Proto

Pref

Next Hop[Interface Name]

Metric

-------------------------------------------------------------------------------

11.2.103.0/24

00h59m02s 10

21.2.4.2

11.2.103.0/24

00h59m02s 10

22.2.4.2

11.2.103.0/24

00h59m02s 10

23.2.4.2

11.2.103.0/24

00h59m02s 10

24.2.4.2

11.2.103.0/24

00h59m02s 10

100.0.0.1

11.2.103.0/24

00h59m02s 10

100.128.0.1

Remote OSPF

11.4.101.0/24

...

Local

02h14m29s

-------------------------------------------------------------------------------

A:ALA#

B:ALA-B# show router route-table 100.10.0.0 exact

===============================================================================

Route Table (Router: Base)

===============================================================================

Dest Address Next Hop Type Proto Age Metric Pref

-------------------------------------------------------------------------------

100.10.0.0/16 Black Hole Remote Static 00h03m17s 1 5

-------------------------------------------------------------------------------

No. of Routes: 1

Page 144

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

===============================================================================

B:ALA-B#

A:ALA-A# show router route-table 10.10.0.4

===============================================================================

Route Table

===============================================================================

Dest Address

-------------------------------------------------------------------------------

10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10

Next Hop

Type

Protocol

Age

Metric Pref

-------------------------------------------------------------------------------

A:ALA-A#

A:ALA-A# show router route-table 10.10.0.4/32 longer

===============================================================================

Route Table

===============================================================================

Dest Address

-------------------------------------------------------------------------------

10.10.0.4/32 10.10.34.4 Remote OSPF 3523 1001 10

Next Hop

Type

Protocol

Age

Metric Pref

-------------------------------------------------------------------------------

No. of Routes: 1

===============================================================================

+ : indicates that the route matches on a longer prefix

A:ALA-A#

A:ALA-A# show router route-table protocol ospf

===============================================================================

Route Table

===============================================================================

Dest Address

Next Hop

Type

Protocol

Age

Metric Pref

-------------------------------------------------------------------------------

10.10.0.1/32

10.10.0.2/32

10.10.0.4/32

10.10.0.5/32

10.10.12.0/24

10.10.15.0/24

10.10.24.0/24

10.10.25.0/24

10.10.45.0/24

10.10.13.1

10.10.34.4

10.10.35.5

10.10.13.1

10.10.34.4

10.10.35.5

10.10.34.4

Remote OSPF

65844

3523

1084022

65844

58836

3523

1001

2001

1001

2000

399059

3523

-------------------------------------------------------------------------------

A:ALA-A#

Summary Route Table Output — Summary output for the route table displays the number of

active routes and the number of routes learned by the router by protocol. Total active and available

routes are also displayed.

Sample Output

A:ALA-A# show router route-table summary

===============================================================================

Route Table Summary

===============================================================================

Active

Available

7750 SR OS Router Configuration Guide

Page 145

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

-------------------------------------------------------------------------------

Static

Direct

BGP

OSPF

ISIS

RIP

Aggregate

-------------------------------------------------------------------------------

Total 15 15

===============================================================================

A:ALA-A#

rtr-advertisement

Syntax

rtr-advertisement [interface interface-name] [prefix ipv6-prefix[/prefix-length]]

rtr-advertisement [conflicts]

Context

show>router

Description

This command displays router advertisement inormation.

If no command line arguments are specified, all routes are displayed, sorted by prefix.

Parameters

interface-name — Maximum 32 characters.

ipv6-prefix[/prefix-length] — Displays routes only matching the specified ip-address and length.

Values

ipv6

ipv6-prefix[/pref*:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

prefix-length:

1 — 128

Output

Router-Advertisement Table Output — The following table describes the output fields for router-

advertisement.

Label

Description

Rtr Advertisement

Tx/Last Sent

The number of router advertisements sent and time since they were sent.

Nbr Solicitation

The number of neighbor solicitations sent and time since they were sent.

Nbr Advertisement

The number of neighbor advertisements sent and time since they were

sent.

Rtr Advertisement

The number of router advertisements received and time since they were

received.

Nbr Advertisement

The number of neighbor advertisements received and time since they were

received.

Page 146

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Label

Description (Continued)

Max Advert Inter-

val

The maximum interval between sending router advertisement messages.

Managed Config

True — Indicates that DHCPv6 has been configured.

False — Indicates that DHCPv6 is not available for address configura-

tion.

Reachable Time

Retransmit Time

Link MTU

The time, in milliseconds, that a node assumes a neighbor is reachable

after receiving a reachability confirmation.

The time, in milliseconds, between retransmitted neighbor solicitation

messages.

The MTU number the nodes use for sending packets on the link.

Rtr Solicitation

The number of router solicitations received and time since they were

received.

Nbr Solicitation

The number of neighbor solicitations received and time since they were

received.

Min Advert Inter-

val

The minimum interval between sending ICMPv6 neighbor discovery

router advertisement messages.

Other Config

True — Indicates there are other stateful configurations.

False — Indicates there are no other stateful configurations.

Displays the router lifetime in seconds.

Router Lifetime

Hop Limit

Displays the current hop limit.

Sample Output

A:Dut-A# show router rtr-advertisement

=======================================================================

Router Advertisement

=======================================================================

-------------------------------------------------------------------------------

Interface: interfaceNetworkNonDefault

-------------------------------------------------------------------------------

Rtr Advertisement Tx : 8

Nbr Solicitation Tx : 83

Nbr Advertisement Tx : 74

Rtr Advertisement Rx : 8

Nbr Advertisement Rx : 83

Last Sent

Rtr Solicitation Rx : 0

Nbr Solicitation Rx : 74

: 00h01m28s

: 00h00m17s

: 00h00m25s

-------------------------------------------------------------------------------

Max Advert Interval : 601 Min Advert Interval : 201

Managed Config

Reachable Time

Retransmit Time

Link MTU

: TRUE

Other Config

Router Lifetime

Hop Limit

: TRUE

: 00h30m01s

: 63

: 00h00m00s400ms

: 1500

Prefix: 211::/120

Autonomous Flag

: FALSE

On-link flag

: FALSE

7750 SR OS Router Configuration Guide

Page 147

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

Prefix: 231::/120

Autonomous Flag

: FALSE

On-link flag

: FALSE

Preferred Lifetime

: 49710d06h

Valid Lifetime

: 49710d06h

Prefix: 241::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 00h00m00s

Valid Lifetime

: 00h00m00s

Prefix: 251::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

-------------------------------------------------------------------------------

Advertisement from: FE80::200:FF:FE00:2

Managed Config

Reachable Time

Retransmit Time

Link MTU

: FALSE

Other Config

Router Lifetime

Hop Limit

: FALSE

: 00h30m00s

: 64

: 00h00m00s0ms

: 0

-------------------------------------------------------------------------------

Interface: interfaceServiceNonDefault

-------------------------------------------------------------------------------

Rtr Advertisement Tx : 8

Nbr Solicitation Tx : 166

Nbr Advertisement Tx : 143

Rtr Advertisement Rx : 8

Nbr Advertisement Rx : 166

Last Sent

Rtr Solicitation Rx : 0

Nbr Solicitation Rx : 143

: 00h06m41s

: 00h00m04s

: 00h00m05s

-------------------------------------------------------------------------------

Max Advert Interval : 601 Min Advert Interval : 201

Managed Config

Reachable Time

Retransmit Time

Link MTU

: TRUE

Other Config

Router Lifetime

Hop Limit

: TRUE

: 00h30m01s

: 63

: 00h00m00s400ms

: 1500

Prefix: 23::/120

Autonomous Flag

Preferred Lifetime

: FALSE

: infinite

On-link flag

Valid Lifetime

: FALSE

: infinite

Prefix: 24::/120

Autonomous Flag

Preferred Lifetime

: TRUE

: 00h00m00s

On-link flag

Valid Lifetime

: TRUE

: 00h00m00s

Prefix: 25::/120

Autonomous Flag

Preferred Lifetime

: TRUE

: 07d00h00m

On-link flag

Valid Lifetime

: TRUE

: 30d00h00m

-------------------------------------------------------------------------------

Advertisement from: FE80::200:FF:FE00:2

Managed Config

Reachable Time

Retransmit Time

Link MTU

: FALSE

Other Config

Router Lifetime

Hop Limit

: FALSE

: 00h30m00s

: 64

: 00h00m00s0ms

: 0

Prefix: 2::/120

Autonomous Flag

Preferred Lifetime

: TRUE

: 07d00h00m

On-link flag

Valid Lifetime

: TRUE

: 30d00h00m

Prefix: 23::/120

Autonomous Flag

Preferred Lifetime

: TRUE

: 07d00h00m

On-link flag

Valid Lifetime

: TRUE

: 30d00h00m

Prefix: 24::/119

Page 148

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

Prefix: 25::/120

Autonomous Flag

Preferred Lifetime

: TRUE

: 07d00h00m

On-link flag

Valid Lifetime

: TRUE

: infinite

Prefix: 231::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

-------------------------------------------------------------------------------

...

A:Dut-A#

Output

Router-Advertisement Conflicts Output — The following table describes the output fields for

router- advertisement conflicts.

Label

Description

The address of the advertising router.

from

Reachable Time

The time, in milliseconds, that a node assumes a neighbor is reachable

after receiving a reachability confirmation.

Router Lifetime

Retransmit Time

Displays the router lifetime in seconds.

The time, in milliseconds, between retransmitted neighbor solicitation

messages.

Hop Limit

Link MTU

Displays the current hop limit

The MTU number the nodes use for sending packets on the link.

Sample Output

A:Dut-A# show>router# rtr-advertisement conflicts

===============================================================================

Router Advertisement

===============================================================================

Interface: interfaceNetworkNonDefault

-------------------------------------------------------------------------------

Advertisement from: FE80::200:FF:FE00:2

Managed Config

Other Config

Reachable Time

Router Lifetime

Retransmit Time

Hop Limit

: FALSE [TRUE]

: 00h00m00s0ms [00h00m00s400ms]

: 00h30m00s [00h30m01s]

: 00h00m00s0ms [00h00m00s400ms]

: 64 [63]

Link MTU

: 0 [1500]

Prefix not present in neighbor router advertisement

Prefix: 211::/120

Autonomous Flag

: FALSE

On-link flag

: FALSE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

Prefix not present in neighbor router advertisement

7750 SR OS Router Configuration Guide

Page 149

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Prefix: 231::/120

Autonomous Flag

: FALSE

On-link flag

: FALSE

Preferred Lifetime

: 49710d06h

Valid Lifetime

: 49710d06h

Prefix not present in neighbor router advertisement

Prefix: 241::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 00h00m00s

Valid Lifetime

: 00h00m00s

Prefix not present in neighbor router advertisement

Prefix: 251::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

-------------------------------------------------------------------------------

Interface: interfaceServiceNonDefault

-------------------------------------------------------------------------------

Advertisement from: FE80::200:FF:FE00:2

Managed Config

Other Config

Reachable Time

Router Lifetime

Retransmit Time

Hop Limit

: FALSE [TRUE]

: 00h00m00s0ms [00h00m00s400ms]

: 00h30m00s [00h30m01s]

: 00h00m00s0ms [00h00m00s400ms]

: 64 [63]

Link MTU

: 0 [1500]

Prefix not present in own router advertisement

Prefix: 2::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

Prefix: 23::/120

Autonomous Flag

On-link flag

: TRUE [FALSE]

Preferred Lifetime: 07d00h00m [infinite]

Valid Lifetime : 30d00h00m [infinite]

Prefix not present in own router advertisement

Prefix: 24::/119

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

Prefix not present in neighbor router advertisement

Prefix: 24::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 00h00m00s

Valid Lifetime

: 00h00m00s

Prefix: 25::/120

Valid Lifetime

: infinite [30d00h00m]

Prefix not present in own router advertisement

Prefix: 231::/120

Autonomous Flag

: TRUE

On-link flag

: TRUE

Preferred Lifetime

: 07d00h00m

Valid Lifetime

: 30d00h00m

-------------------------------------------------------------------------------

===============================================================================

A:Dut-A#

Page 150

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

static-arp

Syntax

static-arp [ip-addr | ip-int-name | mac ieee-mac-addr]

Context

show>router

Description

This command displays the router static ARP table sorted by IP address.

If no options are present, all ARP entries are displayed.

Parameters

Output

ip-addr — Only displays static ARP entries associated with the specified IP address.

ip-int-name — Only displays static ARP entries associated with the specified IP interface name.

mac ieee-mac-addr — Only displays static ARP entries associated with the specified MAC address.

Static ARP Table Output — The following table describes the output fields for the ARP table.

Label

IP Address

Description

The IP address of the static ARP entry.

MAC Address

Age

The MAC address of the static ARP entry.

The age of the ARP entry. Static ARPs always have 00:00:00for the age.

Inv — The ARP entry is an inactive static ARP entry (invalid).

Sta — The ARP entry is an active static ARP entry.

The IP interface name associated with the ARP entry.

The number of ARP entries displayed in the list.

Type

Interface

No. of ARP Entries

Sample Output

A:ALA-A# show router static-arp

===============================================================================

ARP Table

===============================================================================

IP Address

MAC Address

Age

Type Interface

-------------------------------------------------------------------------------

10.200.0.253

12.200.1.1

00:00:5a:40:00:01 00:00:00 Sta to-ser1

00:00:5a:01:00:33 00:00:00 Inv to-ser1a

-------------------------------------------------------------------------------

No. of ARP Entries: 1

===============================================================================

A:ALA-A#

A:ALA-A# show router static-arp 12.200.1.1

===============================================================================

ARP Table

===============================================================================

IP Address

-------------------------------------------------------------------------------

12.200.1.1 00:00:5a:01:00:33 00:00:00 Inv to-ser1

MAC Address

Age

Type Interface

7750 SR OS Router Configuration Guide

Page 151

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

===============================================================================

A:ALA-A#

A:ALA-A# show router static-arp to-ser1

===============================================================================

ARP Table

===============================================================================

IP Address

MAC Address

Age

Type Interface

-------------------------------------------------------------------------------

10.200.0.253 00:00:5a:40:00:0100:00:00Sta to-ser1

===============================================================================

A:ALA-A#

A:ALA-A# show router static-arp mac 00:00:5a:40:00:01

===============================================================================

ARP Table

===============================================================================

IP Address

MAC Address

Age

Type Interface

-------------------------------------------------------------------------------

10.200.0.253 00:00:5a:40:00:0100:00:00Sta to-ser1

===============================================================================

A:ALA-A#

static-route

Syntax

static-route [family] [[ip-prefix [/mask]] | [preference preference] | [next-hop ip-address] |

tag tag]

Context

show>router

Description

This command displays the static entries in the routing table.

If no options are present, all static routes are displayed sorted by prefix.

Parameters

family — Specify the type of routing information to be distributed by this peer group.

Values

ipv4 — Displays only those BGP peers that have the IPv4 family enabled and not

those capable of exchanging IP-VPN routes.

ipv6 — Displays the BGP peers that are IPv6 capable.

mcast-ipv4 — Displays the BGP peers that are IPv4 multicast capable.

ip-prefix[/mask] — Displays static routes only matching the specified ip-prefix and optional mask.

Values ipv4-prefix: a.b.c.d (host bits must be 0)

ipv4-prefix-length: 0 — 32

ipv6-prefix: x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

[0 — 255]D

ipv6-prefix-length: 0 — 128

preference preference — Only displays static routes with the specified route preference.

Values 0 — 65535

Page 152

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

next-hop ip-address — Only displays static routes with the specified next hop IP address.

Values

ipv4-address:

ipv6-address:

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

[0 — 255]D

tag tag — Displays the tag used to add a 32-bit integer tag to the static route. The tag is used in route

policies to control distribution of the route into other protocols.

Values

1 — 4294967295

Output

Static Route Output — The following table describes the output fields for the static route table.

Label

IP Addr/mask

Pref

Description

The static route destination address and mask.

The route preference value for the static route.

The route metric value for the static route.

Metric

Type

BH — The static route is a black hole route. The Nexthopfor this type of

route is black-hole.

ID — The static route is an indirect route, where the nexthopfor this

type of route is the non-directly connected next hop.

NH — The route is a static route with a directly connected next hop. The

Nexthopfor this type of route is either the next hop IP address or an

egress IP interface name.

Next Hop

Protocol

Interface

The next hop for the static route destination.

The protocol through which the route was learned.

The egress IP interface name for the static route.

n/a — indicates there is no current egress interface because the static

route is inactive or a black hole route.

Active

N — The static route is inactive; for example, the static route is disabled

or the next hop IP interface is down.

Y — The static route is active.

No. of Routes

The number of routes displayed in the list.

Sample Output

A:ALA-A# show router static-route

===============================================================================

Route Table

===============================================================================

IP Addr/mask

Pref Metric Type Nexthop

Interface

Active

-------------------------------------------------------------------------------

192.168.250.0/24

10.200.10.1

to-ser1

7750 SR OS Router Configuration Guide

Page 153

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

192.168.252.0/24

192.168.253.0/24

192.168.254.0/24

10.10.0.254

to-ser1

10.10.0.254

black-hole

n/a

===============================================================================

A:ALA-A#

A:ALA-A# show router static-route 192.168.250.0/24

===============================================================================

Route Table

===============================================================================

IP Addr/mask

-------------------------------------------------------------------------------

192.168.250.0/24 ID 10.200.10.1 to-ser1 Y

Pref Metric Type Nexthop

Interface

Active

===============================================================================

A:ALA-A#

A:ALA-A# show router static-route preference 4

===============================================================================

Route Table

===============================================================================

IP Addr/mask

-------------------------------------------------------------------------------

192.168.254.0/24 BH black-hole n/a Y

Pref Metric Type Nexthop

Interface

Active

===============================================================================

A:ALA-A#

A:ALA-A# show router static-route next-hop 10.10.0.254

===============================================================================

Route Table

===============================================================================

IP Addr/mask

-------------------------------------------------------------------------------

192.168.253.0/24 NH 10.10.0.254 n/a N

Pref Metric Type Nexthop

Interface

Active

===============================================================================

A:ALA-A#

service-prefix

Syntax

Description

Output

service-prefix

This command displays the address ranges reserved by this node for services sorted by prefix.

Service Prefix Output — The following table describes the output fields for service prefix

information.

Label

IP Prefix

Description

The IP prefix of the range of addresses included in the range for ser-

vices.

Mask

The subnet mask length associated with the IP prefix.

Page 154

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Label

Exclusive

Description (Continued)

false — Addresses in the range are not exclusively for use for ser-

vice IP addresses.

true — Addresses in the range are exclusively for use for service IP

addresses and cannot be assigned to network IP interfaces.

Sample Output

A:ALA-A# show router service-prefix

=================================================

Address Ranges reserved for Services

=================================================

IP Prefix

Mask

Exclusive

-------------------------------------------------

172.16.1.0

172.16.2.0

true

false

=================================================

A:ALA-A#

status

Syntax

status

Context

Description

Output

show>router

This command displays the router status.

Router Status Output — The following table describes the output fields for router status

information.

Label

Description

Router

OSPF

RIP

The administrative and operational states for the router.

The administrative and operational states for the OSPF protocol.

The administrative and operational states for the RIP protocol.

The administrative and operational states for the IS-IS protocol.

The administrative and operational states for the MPLS protocol.

The administrative and operational states for the RSVP protocol.

The administrative and operational states for the LDP protocol.

The administrative and operational states for the BGP protocol.

The maximum number of routes configured for the system.

The total number of routes in the route table.

ISIS

MPLS

RSVP

LDP

BGP

Max Routes

Total Routes

7750 SR OS Router Configuration Guide

Page 155

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Label

Description (Continued)

The number of ECMP routes configured for path sharing.

No — Triggered route policy re-evaluation is disabled.

Yes — Triggered route policy re-evaluation is enabled.

ECMP Max Routes

Triggered Policies

Sample Output

Note that there are multiple instances of OSPF. OSPF-0 is persistent. OSPF-1 through OSPF-31 are

present when that particular OSPF instance is configured.

*A:Performance# show router status

================================================================

Router Status (Router: Base)

================================================================

Admin State

Oper State

----------------------------------------------------------------

Router

OSPFv2-0

RIP

ISIS

MPLS

RSVP

LDP

Not configured

BGP

IGMP

PIM

OSPFv3

MSDP

Not configured

Max Routes

No Limit

Total IPv4 Routes

Total IPv6 Routes

Max Multicast Routes

Total Multicast Routes

ECMP Max Routes

244285

No Limit

PIM not configured

Triggered Policies

================================================================

*A:Performance#

*A:Performance# configure router ospf [1..31] shutdown

*A:Performance# show router status

================================================================

Router Status (Router: Base)

================================================================

Admin State

Oper State

----------------------------------------------------------------

Router

OSPFv2-0

OSPFv2-1

OSPFv2-2

OSPFv2-3

OSPFv2-4

OSPFv2-5

OSPFv2-6

OSPFv2-7

OSPFv2-8

Down

Page 156

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

OSPFv2-9

OSPFv2-10

OSPFv2-11

OSPFv2-12

OSPFv2-13

OSPFv2-14

OSPFv2-15

OSPFv2-16

OSPFv2-17

OSPFv2-18

OSPFv2-19

OSPFv2-20

OSPFv2-21

OSPFv2-22

OSPFv2-23

OSPFv2-24

OSPFv2-25

OSPFv2-26

OSPFv2-27

OSPFv2-28

OSPFv2-29

OSPFv2-30

OSPFv2-31

RIP

Down

ISIS

MPLS

RSVP

LDP

BGP

Not configured

IGMP

PIM

OSPFv3

MSDP

OSPFv3

MSDP

Not configured

Max Routes

No Limit

Total IPv4 Routes

Total IPv6 Routes

Max Multicast Routes

Total Multicast Routes

ECMP Max Routes

244277

No Limit

PIM not configured

Triggered Policies

================================================================

*A:Performance#

7750 SR OS Router Configuration Guide

Page 157

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

tunnel-table

Syntax

Context

tunnel-table [ip-address[/mask]] [protocol protocol | sdp sdp-id] [summary]

show>router

Description

This command displays tunnel table information.

Note that auto-bind GRE tunnels are not displayed in show command output. GRE tunnels are not the

same as SDP tunnels that use the GRE encapsulation type. When the auto-bind command is used when

configuring a VPRN service, it means the MP-BGP NH resolution is refering to the core routing

instance for IP reachability. For a VPRN service this object specifies the lookup to be used by the

routing instance if no SDP to the destination exists.

Parameters

Output

[ip-address[/mask]] — Displays the specified tunnel table’s destination IP address and mask.

protocol protocol — Dislays LDP protocol information.

sdp sdp-id — Displays information pertaining to the specified SDP.

summary — Displays summary tunnel table information.

Tunnel Table Output — The following table describes tunnel table output fields.

Label

Destination

Owner

Description

The route’s destination address and mask.

Specifies the tunnel owner.

Encap

Specifies the tunnel’s encapsulation type.

Specifies the tunnel (SDP) identifier.

Tunnel ID

Pref

Specifies the route preference for routes learned from the configured

peer(s).

Nexthop

Metric

The next hop for the route’s destination.

The route metric value for the route.

Sample Output

A:ALA-A>config>service# show router tunnel-table

===============================================================================

Tunnel Table

===============================================================================

DestinationOwner

Encap

Tunnel Id

Pref Nexthop Metric

-------------------------------------------------------------------------------

10.0.0.1/32 sdp

GRE

5 10.0.0.1

===============================================================================

A:ALA-A>config>service#

Page 158

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

A:ALA-A>config>service# show router tunnel-table summary

===============================================================================

Tunnel Table Summary (Router: Base)

===============================================================================

Active

Available

-------------------------------------------------------------------------------

LDP

SDP

===============================================================================

A:ALA-A>config>service#

7750 SR OS Router Configuration Guide

Page 159

Download from Www.Somanuals.com. All Manuals Search And Download.

Clear Commands

arp

Syntax

Context

arp {all | ip-addr | interface {ip-int-name | ip-addr}}

clear>router

Description

This command clears all or specific ARP entries.

The scope of ARP cache entries cleared depends on the command line option(s) specified.

Parameters

all — Clears all ARP cache entries.

ip-addr — Clears the ARP cache entry for the specified IP address.

interface ip-int-name — Clears all ARP cache entries for the IP interface with the specified name.

interface ip-addr — Clears all ARP cache entries for the specified IP interface with the specified IP

address.

bfd

Syntax

Context

bfd

clear>router

Description

This command enables the context to clear bi-directional forwarding (BFD) sessions and statistics.

session

Syntax

session src-ip ip-address dst-ip ip-address

session all

Context

Description

Parameters

clear>router>bfd

This command clears BFD sessions.

src-ip ip-address — Specifies the address of the local endpoint of this BFD session.

dst-ip ip-address — Specifies the address of the remote endpoint of this BFD session.

all — Clears all BFD sessions.

Page 160

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

statistics

Syntax

statistics src-ip ip-address dst-ip ip-address

statistics all

Context

Description

Parameters

clear>router>bfd

This command clears BFD statistics.

src-ip ip-address — Specifies the address of the local endpoint of this BFD session.

dst-ip ip-address — Specifies the address of the remote endpoint of this BFD session.

all — Clears statistics for all BFD sessions.

dhcp

Syntax

Context

dhcp

clear>router

Description

This command enables the context to clear DHCP related information.

dhcp6

Syntax

Context

dhcp6

clear>router

Description

This command enables the context to clear DHCP6 related information.

forwarding-table

Syntax

Context

forwarding-table [slot-number]

clear>router

Description

This command clears entries in the forwarding table (maintained by the IOMs).

If the slot number is not specified, the command forces the route table to be recalculated.

Parameters

slot-number — Clears the specified IOM slot.

Default

Values

all IOMs

1 - 10

7750 SR OS Router Configuration Guide

Page 161

Download from Www.Somanuals.com. All Manuals Search And Download.

Clear Commands

icmp-redirect-route

Syntax

Context

icmp-redirect-route {all | ip-address}

clear>router

Description

This command deletes routes created as a result of ICMP redirects received on the management

interface.

Parameters

all — Clears all routes.

ip-address — Clears the routes associated with the specified IP address.

icmp6

Syntax

icmp6 all

icmp6 global

icmp6 interface interface-name

Context

Description

Parameters

clear>router

This command clears ICMP statistics.

all — Clears all statistics.

global — Clears global statistics.

interface-name — Clears ICMP6 statistics for the specified interface.

interface

Syntax

Context

interface [ip-int-name | ip-addr] [icmp]

clear>router

Description

This command clears IP interface statistics.

If no IP interface is specified either by IP interface name or IP address, the command will perform the

clear operation on all IP interfaces.

Parameters

ip-int-name | ip-addr — The IP interface name or IP interface address.

Default

all IP interfaces

icmp — Specifies to reset the ICMP statistics for the IP interface(s) used for ICMP rate limiting.

Page 162

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

statistics

Syntax

statistics [ip-address | ip-int-name]

Context

clear>router>dhcp

clear>router>dhcp6

Description

This command clear statistics for DHCP and DHCP6 relay and snooping statistics.

If no IP address or interface name is specified, then statistics are cleared for all configured interfaces.

If an IP address or interface name is specified, then only data regarding the specified interface is

cleared.

Parameters

ip-address | ip-int-name — Displays statistics for the specified IP interface.

neighbor

Syntax

neighbor {all | ip-address}

neighbor [interface ip-int-name | ip-address]

Context

Description

Parameters

clear>router

This command clears IPv6 neighbor information.

all — Clears IPv6 neighbors.

ip-int-name — Clears the specified neighbor interface information.

Values

32 characters maximum

ip-address — Clears the specified IPv6 neighbors.

Values

ipv6-address:

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

router-advertisement

Syntax

router-advertisement all

router-advertisement [interface interface-name]

Context

Description

Parameters

clear>router

This command clears all router advertisement counters.

all — Clears all router advertisement counters for all interfaces.

interface interface-name — Clear router advertisement counters for the specified interface.

7750 SR OS Router Configuration Guide

Page 163

Download from Www.Somanuals.com. All Manuals Search And Download.

Debug Commands

destination

Syntax

Context

destination trace-destination

debug>trace

Description

Parameters

This command specifies the destination to send trace messages.

trace-destination — The destination to send trace messages.

Values

stdout, console, logger, |memory

enable

Syntax

Context

[no] enable

debug>trace

Description

This command enables the trace.

The no form of the command disables the trace.

trace-point

Syntax

[no] trace-point [module module-name] [type event-type] [class event-class] [task task-

name] [function function-name]

Context

debug>trace

Description

This command adds trace points.

The no form of the command removes the trace points.

router

Syntax

Context

router router-instance

debug

Description

Parameters

This command configures debugging for a router instance.

router-instance — Specify the router name or service ID.

Values

router-name:

service-id:

Base, management

1 — 2147483647

Default

Base

Page 164

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

Syntax

Context

debug>router

Description

This command configures debugging for IP.

arp

Syntax

arp

Context

debug>router>ip

Description

This command configures route table debugging.

icmp

Syntax

Context

[no] icmp

debug>router>ip

Description

This command enables ICMP debugging.

icmp6

Syntax

icmp6 [ip-int-name]

no icmp6

Context

debug>router>ip

Description

This command enables ICMP6 debugging.

interface

Syntax

Context

[no] interface [ip-int-name | ip-address | ipv6-address]

debug>router>ip

Description

Parameters

This command displays the router IP interface table sorted by interface index.

ip-address — Only displays the interface information associated with the specified IP address.

Values

ipv4-address

ipv6-address

a.b.c.d (host bits must be 0)

x:x:x:x:x:x:x:x (eight 16-bit pieces)

7750 SR OS Router Configuration Guide

Page 165

Download from Www.Somanuals.com. All Manuals Search And Download.

Debug Commands

x:x:x:x:x:x:d.d.d.d

x: [0 — FFFF]H

d: [0 — 255]D

ip-int-name — Only displays the interface information associated with the specified IP interface name.

Values

32 characters maximum

packet

Syntax

packet [ip-int-name | ip-address] [headers] [protocol-id]

no packet [ip-int-name | ip-address]

Context

Description

Parameters

debug>router>ip

This command enables debugging for IP packets.

ip-int-name — Only displays the interface information associated with the specified IP interface name.

Values

32 characters maximum

ip-address — Only displays the interface information associated with the specified IP address.

headers — Only displays information associated with the packet header.

protocol-id — Specifies the decimal value representing the IP protocol to debug. Well known protocol

numbers include ICMP(1), TCP(6), UDP(17). The no form the command removes the protocol

from the criteria.

Values

0 — 255 (values can be expressed in decimal, hexidecimal, or binary)

keywords: none, crtp, crudp, egp, eigrp, encap, ether-ip, gre, icmp, idrp, igmp, igp,

ip, ipv6, ipv6-frag, ipv6-icmp, ipv6-no-nxt, ipv6-opts, ipv6-route, isis, iso-ip, l2tp,

ospf-igp, pim, pnni, ptp, rdp, rsvp, stp, tcp, udp, vrrp

* — udp/tcp wildcard

route-table

Syntax

route-table [ip-prefix/prefix-length]

route-table ip-prefix/prefix-length longer

no route-table

Context

Description

Parameters

debug>router>ip

This command configures route table debugging.

ip-prefix — The IP prefix for prefix list entry in dotted decimal notation.

Values

ipv4-prefix

ipv4-prefix-length

ipv6-prefix

a.b.c.d (host bits must be 0)

0 — 32

x:x:x:x:x:x:x:x (eight 16-bit pieces)

x:x:x:x:x:x:d.d.d.d

[0 — FFFF]H

Page 166

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

IP Router Configuration

[0 — 255]D

ipv6-prefix-length

0 — 128

longer — Specifies the prefix list entry matches any route that matches the specified ip-prefix and pre-

fix mask length values greater than the specified mask.

mtrace

Syntax

[no] mtrace

Context

debug>router

Description

This command configures debugging for mtrace.

misc

Syntax

Context

[no] misc

debug>router>mtrace

Description

This command enables debugging for mtrace miscellaneous.

packet

Syntax

Context

[no] packet [query | request | response]

debug>router>mtrace

Description

This command enables debugging for mtrace packets.

7750 SR OS Router Configuration Guide

Page 167

Download from Www.Somanuals.com. All Manuals Search And Download.

Debug Commands

Page 168

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

In This Chapter

This chapter provides information about configuring Virtual Router Redundancy Protocol (VRRP)

parameters. Topics in this chapter include:

•

VRRP Overview on page 170

→ Virtual Router on page 171

→ IP Address Owner on page 171

→ Primary and Secondary IP Addresses on page 172

→ Virtual Router Master on page 172

→ Virtual Router Backup on page 173

→ Owner and Non-Owner VRRP on page 173

→ Configurable Parameters on page 174

•

VRRP Priority Control Policies on page 182

→ VRRP Virtual Router Policy Constraints on page 182

→ VRRP Virtual Router Instance Base Priority on page 182

→ VRRP Priority Control Policy Delta In-Use Priority Limit on page 183

→ VRRP Priority Control Policy Priority Events on page 183

VRRP Non-Owner Accessibility on page 188

→ Non-Owner Access Ping Reply on page 188

→ Non-Owner Access Telnet on page 188

→ Non-Owner Access SSH on page 189

→ VRRP Advertisement Message IP Address List V e rification on page 180

VRRP Configuration Process Overview on page 190

→ VRRP Configuration Components on page 191

Configuration Notes on page 194

•

7750 SR OS Router Configuration Guide

Page 169

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Overview

The Virtual Router Redundancy Protocol (VRRP) is defined in the IETF RFC 2338, Virtual Router

Redundancy Protocol, and further described in draft-ietf-vrrp-spec-v2-06.txt. VRRP describes a

method of implementing a redundant IP interface shared between two or more routers on a

common LAN segment, allowing a group of routers to function as one virtual router. When this IP

interface is specified as a default gateway on hosts directly attached to this LAN, the routers

sharing the IP interface prevent a single point of failure by limiting access to this gateway address.

VRRP can be implemented on IES service interfaces and on core network IP interfaces.

If the master virtual router fails, the backup router configured with the highest acceptable priority

becomes the master virtual router. The new master router assumes the normal packet forwarding

for the local hosts.

Figure 13 displays an example of a VRRP configuration.

Internet

Backup

Master

Backup

Non-Owner

Owner

Non-Owner

ALA-1

vrld 100

ALA-2

ALA-3

vrld 100

Priority 200

Priority 150

Virtual

Router ID

(VRID)

OSRG006

Figure 13: VRRP Configuration

Page 170

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Components

VRRP consists of the following components:

•

Virtual Router on page 171

IP Address Owner on page 171

Primary and Secondary IP Addresses on page 172

Virtual Router Master on page 172

Virtual Router Backup on page 173

Owner and Non-Owner VRRP on page 173

Virtual Router

A virtual router is a logical entity managed by VRRP that acts as a default router for hosts on a

shared LAN. It consists of a Virtual Router Identifier (VRID) and a set of associated IP addresses

(or address) across a common LAN. A VRRP router can backup one or more virtual routers.

The purpose of supporting multiple IP addresses within a single virtual router is for multi-netting.

This is a common mechanism that allows multiple local subnet attachment on a single routing

interface. Up to four virtual routers are possible on a single Alcatel-Lucent IP interface. The virtual

routers must be in the same subnet. Each virtual router has its own VRID, state machine and

messaging instance.

IP Address Owner

VRRP can be configured in either an owner or non-owner mode. The owner is the VRRP router

whose virtual router IP address is the same as the real interface IP address. This is the router that

responds to packets addressed to one of the IP addresses for ICMP pings, TCP connections, etc.

All other virtual router instances participating in this message domain must have the same VRID

configured and cannot be configured as owner.

7750 SR OS allows the virtual routers to be configured as non-owners of the IP address. VRRP on

a 7750 SR router can be configured to allow non-owners to respond to ICMP echo requests when

they become the virtual router master for the virtual router. Telnet and other connection-oriented

protocols can also be configured for non-owner master response. However, the individual

application conversations (connections) will not survive a VRRP failover. A non-owner VRRP

router operating as a backup will not respond to any packets addressed to any of the virtual router

IP addresses.

7750 SR OS Router Configuration Guide

Page 171

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Components

Primary and Secondary IP Addresses

A primary address is an IP address selected from the set of real interface address. VRRP

advertisements are always sent using the primary IP address as the source of the IP packet.

A 7750 SR IP interface must always have a primary IP address assigned for VRRP to be active on

the interface. 7750 SR OS supports both primary and secondary IP addresses (multi-netting) on the

IP interface. The virtual router’s VRID primary IP address is always the primary address on the IP

interface. VRRP uses the primary IP address as the IP address placed in the source IP address field

of the IP header for all VRRP messages sent on that interface.

Virtual Router Master

The VRRP router which controls the IP address(es) associated with a virtual router is called the

master. The master is responsible for forwarding packets sent to the VRRP IP addresses. An

election process provides dynamic failover of the forwarding responsibility if the master becomes

unavailable. This allows any of the virtual router IP addresses on the LAN to be used as the default

first hop router by end hosts. This enables a higher availability default path without requiring

configuration of dynamic routing or router discovery protocols on every end host.

If the master is unavailable, each backup virtual router for the VRID compare the configured

priority values to determine the master role. In case of a tie, the virtual router with the highest

primary IP address becomes master.

The preemptparameter can be set to falseto prevent a backup virtual router with a better

priority value from becoming master when an existing non-owner virtual router is the current

master. This is determined on a first-come, first-served basis.

While master, a virtual router routes and originates all IP packets into the LAN using the physical

MAC address for the IP interface as the Layer 2 source MAC address, not the VRID MAC address.

ARP packets also use the parent IP interface MAC address as the Layer 2 source MAC address

while inserting the virtual router MAC address in the appropriate hardware address field. VRRP

messages are the only packets transmitted using the virtual router MAC address as the Layer 2

source MAC.

Page 172

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Virtual Router Backup

A new virtual router master is selected from the set of VRRP routers available to assume

forwarding responsibility for a virtual router should the current master fail.

Owner and Non-Owner VRRP

The owner controls the IP address of the virtual router and is responsible for forwarding packets

sent to this IP address. The owner assumes the role of the master virtual router. Only one virtual

router in the domain can be configured as owner. All other virtual router instances participating in

this message domain must have the same VRID configured.

The most important parameter to be defined on a non-owner virtual router instance is the priority.

The priority defines a virtual router’s selection order in the master election process. The priority

value and the preempt mode determine the virtual router with the highest priority to become the

master virtual router.

The base priority is used to derive the in-use priority of the virtual router instance as modified by

any optional VRRP priority control policy. VRRP priority control policies can be used to either

override or adjust the base priority value depending on events or conditions within the chassis.

For information about non-owner access parameters, refer to VRRP Non-Owner Accessibility on

page 188.

7750 SR OS Router Configuration Guide

Page 173

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Components

Configurable Parameters

In addition to backup IP addresses, to facilitate configuration of a virtual router on 7750 SR

routers, the following parameters can be defined in owner configurations:

•

Virtual Router ID (VRID) on page 174

Message Interval and Master Inheritance on page 176

VRRP Message Authentication on page 178

Authentication Data on page 180

Virtual MAC Address on page 180

The following parameters can be defined in non-owner configurations:

•

Virtual Router ID (VRID) on page 174

Priority on page 174

Message Interval and Master Inheritance on page 176

Master Down Interval on page 177

Preempt Mode on page 177

VRRP Message Authentication on page 178

Authentication Data on page 180

Virtual MAC Address on page 180

Inherit Master VRRP Router’s Advertisement Interval Timer on page 181

Policies on page 181

Virtual Router ID (VRID)

The VRID must be configured with the same value on each virtual router associated with the

redundant IP address (IP addresses). It is placed in all VRRP advertisement messages sent by each

virtual router.

Priority

The priority value affects the interaction between this VRID and the same VRID of other virtual

routers participating on the same LAN. A higher priority value defines a greater priority in

becoming the virtual router master for the VRID. The priority value can only be configured when

the defined IP address on the IP interface is different than the virtual router IP address (non-owner

mode).

Page 174

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

When the IP address on the IP interface matches the virtual router IP address (owner mode), the

priority value is fixed at 255, the highest value possible. This virtual router member is considered

the owner of the virtual router IP address. There can only be one owner of the virtual router IP

address for all virtual router members.

The priority value 0 is reserved for VRRP advertisement message purposes. It is used to tell other

virtual routers in the same VRID that this virtual router is no longer acting as master, triggering a

new election process. When this happens, each backup virtual router sets its master down timer

equal to the skew time value. This shortens the time until one of the backup virtual routers

becomes master.

The current master virtual router must transmit a VRRP advertisement message immediately upon

receipt of a VRRP message with priority set to 0. This prevents another backup from becoming

master for a short period of time.

Non-owner virtual routers may be configured with a priority of 254 through 1. The default value is

100. Multiple non-owners can share the same priority value. When multiple non-owner backup

virtual routers are tied (transmit VRRP advertisement messages simultaneously) in the election

process, both become master simultaneously, the one with the best priority will win the election. If

the priority value in the message is equal to the master’s local priority value, then the primary IP

address of the local master and the message is evaluated as the tie breaker. The higher IP address

becomes master. (The primary IP address is the source IP address of the VRRP advertisement

message.)

The priority is also used to determine when to preempt the existing master. If the preempt mode

value is true, VRRP advertisement messages from inferior (lower priority) masters are discarded,

causing the master down timer to expire and the transition to master state.

The priority value also dictates the skew time added to the master timeout period.

IP Addresses

Each virtual router participating in the same VRID should be defined with the same set of IP

addresses. These are the IP addresses being used by hosts on the LAN as gateway addresses. Since

multi-netting supports 16 IP addresses on the IP interface, up to 16 addresses may be assigned to a

specific a virtual router instance.

7750 SR OS Router Configuration Guide

Page 175

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Components

Message Interval and Master Inheritance

Each virtual router is configured with a message interval per VRID within which it participates.

This parameter must be the same for every virtual router on the VRID.

The default advertisement interval is 1 second and can be configured between 1 and 255 seconds in

1 second increments.

As stated in RFC 2338, the advertisement interval field in every received VRRP advertisement

message must match the locally configured advertisement interval. If a mismatch occurs, the

incoming message is discarded without further processing. An optional inherit parameter specifies

that the current master’s advertisement interval setting should operationally override the locally

configured advertisement interval setting. If the current master changes, the new master setting is

used. If the local virtual router becomes master, the locally configured advertisement interval is

enforced.

If a VRRP advertisement message is received with an advertisement interval set to a value

different than the local value and the inherit parameter is disabled, the message is discarded

without processing.

The master virtual router on a VRID uses the advertisement interval to load the advertisement

timer, specifying when to send the next VRRP advertisement message. Each backup virtual router

on a VRID uses the advertisement interval (with the configured local priority) to derive the master

down timer value.

Skew Time

The skew time is used to add a sub-second time period to the master down interval. This is not a

configurable parameter. It is derived from the current local priority of the virtual router’s VRID. To

calculate the skew time, the virtual router evaluates the following formula:

Skew Time = ((256 - priority) / 256) seconds

The higher priority value, the smaller the skew time will be. This means that virtual routers with a

lower priority will transition to master slower than virtual routers with higher priorities.

Page 176

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Master Down Interval

The master down interval is a calculated value used to load the master down timer. When the

master down timer expires, the virtual router enters the master state. To calculate the master down

interval, the virtual router evaluates the following formula:

Master Down Interval = ((3 x Operational Advertisement Interval) + Skew Time) seconds)

The operational advertisement interval is dependent upon the state of the inherit parameter. When

the inherit parameter is enabled, the operational advertisement interval is derived from the current

master’s advertisement interval field in the VRRP advertisement message. When inherit is

disabled, the operational advertisement interval must be equal to the locally configured

advertisement interval.

The master down timer is only operational when the local virtual router is operating in backup

mode.

Preempt Mode

Preempt mode is a true or false configured value which controls whether a specific backup virtual

router preempts a lower priority master. The IP address owner will always become master when

available. Preempt mode cannot be set to false on the owner virtual router. The default value for

preempt mode is true.

When preempt mode is true, the advertised priority from the incoming VRRP advertisement

message from the current master is compared to the local configured priority. If the local priority is

higher, the received VRRP advertisement message is discarded. This will result in the eventual

expiration of the master down timer causing a transition to the master state. If the received priority

is equal to the local priority, the message is not discarded and the current master will not be

discarded. Note that when in the backup state, the received primary IP address is not part of the

decision to preempt and is not used as a tie breaker when the received and local priorities are equal.

When preemptis enabled, the virtual router instance overrides any non-owner master with an in-

use message priority value less than the virtual router instance in-use priority value. If preemptis

disabled, the virtual router only becomes master if the master down timer expires before a VRRP

advertisement message is received from another virtual router.

7750 SR OS Router Configuration Guide

Page 177

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Components

VRRP Message Authentication

The authentication type parameter defines the type of authentication used by the virtual router in

VRRP advertisement message authentication. The current master uses the configured

authentication type to indicate any egress message manipulation that must be performed in

conjunction with any supporting authentication parameters before transmitting a VRRP

advertisement message. The configured authentication type value is transmitted in the message

authentication type field with the appropriate authentication data field filled in. Backup routers use

the authentication type message field value in interpreting the contained authentication data field

within received VRRP advertisement messages.

VRRP supports three message authentication methods which provide varying degrees of security.

The supported authentication types are:

0 – No Authentication

1 – Simple Text Password

2 – IP Authentication Header

Authentication Type 0 – No Authentication

The use of type 0 indicates that VRRP advertisement messages are not authenticated (provides no

authentication). The master transmitting VRRP advertisement messages will transmit the value 0

in the egress messages authentication type field and the authentication data field. Backup virtual

routers receiving VRRP advertisement messages with the authentication type field equal to 0 will

ignore the authentication data field in the message.

All compliant VRRP advertisement messages are accepted. The following fields within the

received VRRP advertisement message are checked for compliance (the VRRP specification may

require additional checks).

•

IP header checks specific to VRRP

→ IP header destination IP address – Must be 224.0.0.18

→ IP header TTL field – Must be equal to 255, the packet must not have traversed any IP

routed hops

→ IP header protocol field – must be 112 (decimal)

Page 178

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

•

VRRP message checks

→ Version field – Must be set to the value 2

→ Type field – Must be set to the value of 1 (advertisement)

→ Virtual router ID field – Must match one of the configured VRID on the ingress IP

interface (All other fields are dependent on matching the virtual router ID field to one

of the interfaces configured VRID parameters)

→ Priority field – Must be equal to or greater than the VRID in-use priority or be equal to

0 (Note, equal to the VRID in-use priority and 0 requires further processing regarding

master/backup and senders IP address to determine validity of the message)

→ Authentication type field – Must be equal to 0

→ Advertisement interval field – Must be equal to the VRID configured advertisement

interval

→ Checksum field – Must be valid

→ Authentication data fields – Must be ignored.

VRRP messages not meeting the criteria are silently dropped.

Authentication Type 1 – Simple Text Password

The use of type 1 indicates that VRRP advertisement messages are authenticated with a clear

(simple) text password. All virtual routers participating in the virtual router instance must be

configured with the same 8 octet password. Transmitting virtual routers place a value of 1 in the

VRRP advertisement message authentication type field and put the configured simple text

password into the message authentication data field. Receiving virtual routers compare the

message authentication data field with the local configured simple text password based on the

message authentication type field value of 1.

The same checks are performed for type 0 with the following exceptions (the VRRP specification

may require additional checks):

•

VRRP message checks

→ Authentication type field – Must be equal to 1

→ Authentication data fields – Must be equal to the VRID configured simple text

password

Any VRRP message not meeting the type 0 verification checks with the exceptions above are

silently discarded.

7750 SR OS Router Configuration Guide

Page 179

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Components

Authentication Failure

Any received VRRP advertisement message that fails authentication must be silently discarded

with an invalid authentication counter incremented for the ingress virtual router instance.

Authentication Data

This feature is different than the VRRP advertisement message field with the same name. This is

any required authentication information that is pertinent to the configured authentication type. The

type of authentication data used for each authentication type is as follows:

Authentication Type

Authentication Data

None, authentication is not performed

Simple text password consisting of 8 octets

Virtual MAC Address

The MAC address can be used instead of an IP address in ARP responses when the virtual router

instance is master. The MAC address configuration must be the same for all virtual routers

participating as a virtual router or indeterminate connectivity by the attached IP hosts will result.

All VRRP advertisement messages are transmitted with ieee-mac-addr as the source MAC.

The command can be configured in both non-owner and owner VRRP contexts.

VRRP Advertisement Message IP Address List Verification

VRRP advertisement messages contain an IP address count field that indicates the number of IP

addresses listed in the sequential IP address fields at the end of the message. The 7750 SR OS

implementation always logs mismatching events. The decision on where and whether to forward

the generated messages depends on the configuration of the event manager.

To facilitate the sending of mismatch log messages, each virtual router instance keeps the

mismatch state associated with each source IP address in the VRRP master table. Whenever the

state changes, a mismatch log message is generated indicating the source IP address within the

message, the mismatch or match event and the time of the event.

With secondary IP address support, multiple IP addresses may be found in the list and it should

match the IP address on the virtual router instance. Owner and non-owner virtual router instances

Page 180

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

have the supported IP addresses explicitly defined, making mismatched supported IP address

within the interconnected virtual router instances a provisioning issue.

Inherit Master VRRP Router’s Advertisement Interval Timer

The virtual router instance can inherit the master VRRP router’s advertisement interval timer

which is used by backup routers to calculate the master down timer.

The inheritance is only configurable in the non-owner nodal context. It is used to allow the current

virtual router instance master to dictate the master down timer for all backup virtual routers.

Policies

Policies can be configured to control VRRP priority with the virtual router instance. VRRP priority

control policies can be used to override or adjust the base priority value depending on events or

conditions within the chassis.

The policy can be associated with more than one virtual router instance. The priority events within

the policy override or diminish the base priority dynamically affecting the in-use priority. As

priority events clear in the policy, the in-use priority can eventually be restored to the base priority

value.

Policies can only be configured in the non-owner VRRP context. For non-owner virtual router

instances, if policies are not configured, then the base priority is used as the in-use priority.

7750 SR OS Router Configuration Guide

Page 181

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Priority Control Policies

This implementation of VRRP supports control policies to manipulate virtual router participation

in the VRRP master election process and master self-deprecation. The local priority value for the

virtual router instance is used to control the election process and master state.

VRRP Virtual Router Policy Constraints

Priority control policies can only be applied to non-owner VRRP virtual router instances. Owner

VRRP virtual routers cannot be controlled by a priority control policy because they are required to

have a priority value of 255 that cannot be diminished. Only one VRRP priority control policy can

be applied to a non-owner virtual router instance.

Multiple VRRP virtual router instances may be associated with the same IP interface, allowing

multiple priority control policies to be associated with the IP interface.

An applied VRRP priority control policy only affects the in-use priority on the virtual router

instance when the preempt mode has been enabled. A virtual router instance with preempt mode

disabled will always use the base priority as the in-use priority, ignoring any configured priority

control policy.

VRRP Virtual Router Instance Base Priority

Non-owner virtual router instances must have a base priority value between 1 and 254. The value 0

is reserved for master termination. The value 255 is reserved for owners. The default base priority

for non-owner virtual router instances is the value 100.

The base priority is the starting priority for the VRRP instance. The actual in-use priority for the

VRRP instance is derived from the base priority and an optional VRRP priority control policy.

Page 182

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Priority Control Policy Delta In-Use Priority Limit

A VRRP priority control policy enforces an overall minimum value that the policy can inflict on

the VRRP virtual router instance base priority. This value provides a lower limit to the delta

priority events manipulation of the base priority.

A delta priority event is a conditional event defined in the priority control policy that subtracts a

given amount from the current, in-use priority for all VRRP virtual router instances to which the

policy is applied. Multiple delta priority events can apply simultaneously, creating a dynamic

priority value. The base priority for the instance, less the sum of the delta values derives the actual

priority value in-use.

An explicit priority event is a conditional event defined in the priority control policy that explicitly

defines the in-use priority for the virtual router instance. The explicitly defined values are not

affected by the delta in-use priority limit. When multiple explicit priority events happen

simultaneously, the lowest value is used for the in-use priority. The configured base priority is not

a factor in explicit priority overrides of the in-use priority.

The allowed range of the Delta In-Use Priority Limit is 1 to 254. The default is 1, which prevents

the delta priority events from operationally disabling the virtual router instance.

VRRP Priority Control Policy Priority Events

The main function of a VRRP priority control policy is to define conditions or events that impact

the system’s ability to communicate with outside hosts or portions of the network. When one or

multiple of these events are true, the base priority on the virtual router instance is either

overwritten with an explicit value, or a sum of delta priorities is subtracted from the base priority.

The result is the in-use priority for the virtual router instance. Any priority event may be

configured as an explicit event or a delta event.

Explicit events override all delta events. When multiple explicit events occur, the event with the

lowest priority value is assigned to the in-use priority. As events clear, the in-use priority is

reevaluated accordingly and adjusted dynamically.

Delta priority events also have priority values. When no explicit events have occurred within the

policy, the sum of the occurring delta events priorities is subtracted from the base priority of each

virtual router instance. If the result is lower than the delta in-use priority limit, the delta in-use

priority limit is used as the in-use priority for the virtual router instance. Otherwise, the in-use

priority is set to the base priority less the sum of the delta events.

7750 SR OS Router Configuration Guide

Page 183

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Priority Control Policies

Each event generates a VRRP priority event message indicating the policy-id, the event type, the

priority type (delta or explicit) and the event priority value. Another log message is generated

when the event is no longer true, indicating that it has been cleared.

Priority Event Hold-Set Timers

Hold-set timers are used to dampen the effect of a flapping event. A flapping event is where the

event continually transitions between clear and set. The hold-set value is loaded into a hold set

timer that prevents a set event from transitioning to the cleared state until it expires.

Each time an event transitions between cleared and set, the timer is loaded and begins to count

down to zero. If the timer reaches zero, the event will be allowed to enter the cleared state once

more. Entering the cleared state is always dependent on the object controlling the event

conforming to the requirements defined in the event itself. It is possible, on some event types, to

have a further set action reload the hold set timer. This extends the amount of time that must expire

before entering the cleared state.

For an example of a hold-set timer setting, refer to LAG Degrade Priority Event on page 184.

Port Down Priority Event

The port down priority event is tied to either a physical port or a SONET/SDH channel. The port or

channel operational state is evaluated to determine a port down priority event or event clear.

When the port or channel operational state is up, the port down priority event is considered false or

cleared. When the port or channel operational state is down, the port down priority event is

considered true or set.

LAG Degrade Priority Event

The LAG degrade priority event is tied to an existing Link Aggregation Group (LAG). The LAG

degrade priority event is conditional to percentage of available port bandwidth on the LAG.

Multiple bandwidth percentage thresholds may be defined, each with its own priority value.

If the LAG transitions from one threshold to the next, the previous threshold priority value is

subtracted from the total delta sum while the new threshold priority value is added to the sum. The

new sum is then subtracted from the base priority and compared to the delta in-use priority limit to

derive the new in-use priority on the virtual router instance.

Page 184

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

The following example illustrates a LAG priority event and it’s interaction with the hold set timer

in changing the in-use priority.

The following state and timer settings are used for the LAG events displayed in Table 6:

•

User-defined thresholds: 2 ports down 4 ports down

LAG configured ports: 8 ports

6 ports down

Hold set timer (hold-set): 5 seconds

Table 6: LAG Events

Time

LAG Port State

Parameter

Event State

State

Set - 8 ports down

6 ports down

5 seconds

Comments

All ports down

Event Threshold

Hold Set Timer

Event State

Set to hold-set parameter

One port up

All ports up

Five ports down

Set - 8 ports down

6 ports down

5 seconds

Cannot change until Hold Set Timer expires

Event Threshold

Hold Set Timer

Event State

Event does not affect timer

Set - 8 ports down

6 ports down

3 seconds

Still waiting for Hold Set Timer expires

Event Threshold

Hold Set Timer

Event State

Cleared - All ports up

None

Event Threshold

Hold Set Timer

Event State

Event cleared

Expired

100

102

103

Set - 5 ports down

4 ports down

Expired

Event Threshold

Hold Set Timer

Set to hold-set parameter

Three ports down Event State

Event Threshold

Set - 5 ports down

4 ports down

3 seconds

Hold Set Timer

Event State

All ports up

Set - 5 ports down

4 ports down

2 second

Event Threshold

Hold Set Timer

7750 SR OS Router Configuration Guide

Page 185

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Priority Control Policies

Table 6: LAG Events (Continued)

Time

LAG Port State

Parameter

Event State

State

Set - 5 ports down

4 ports down

1 second

Comments

104

Two ports down

Event Threshold

Hold Set Timer

Current threshold is 5, so 2 down has no

effect

105

200

202

206

207

Two ports down

Four ports down

Event State

Set - 2 ports down

2 ports down

Expired

Event Threshold

Hold Set Timer

Event State

Set - 2 ports down

4 ports down

5 seconds

Event Threshold

Hold Set Timer

Set to hold-set parameter

Seven ports down Event State

Event Threshold

Set - 7 ports down

6 ports down

5 seconds

Changed due to increase

Hold Set Timer

Event State

Set to hold-set due to threshold increase

All ports up

Set - 7 ports down

6 ports down

1 second

Event Threshold

Hold Set Timer

Event State

Cleared - All ports up

None

Event Threshold

Hold Set Timer

Event cleared

Expired

Page 186

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Host Unreachable Priority Event

The host unreachable priority event creates a continuous ping task that is used to test connectivity

to a remote host. The path to the remote host and the remote host itself must be capable and

configured to accept ICMP echo request and replies for the ping to be successful.

The ping task is controlled by interval and size parameters that define how often the ICMP request

messages are transmitted and the size of each message. A historical missing reply parameter

defines when the ping destination is considered unreachable.

When the host is unreachable, the host unreachable priority event is considered true or set. When

the host is reachable, the host unreachable priority event is considered false or cleared.

Route Unknown Priority Event

The route unknown priority event defines a task that monitors the existence of a given route prefix

in the system’s routing table.

The route monitoring task can be constrained by a condition that allows a prefix that is less

specific than the defined prefix to be considered as a match. The source protocol can be defined to

indicate the protocol the installed route must be populated from. To further define match criteria

when multiple instances of the route prefix exist, an optional next hop parameter can be defined.

When a route prefix exists within the active route table that matches the defined match criteria, the

route unknown priority event is considered false or cleared. When a route prefix does not exist

within the active route table matching the defined criteria, the route unknown priority event is

considered true or set.

7750 SR OS Router Configuration Guide

Page 187

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Non-Owner Accessibility

Although RFC 2338 and draft-ietf-vrrp-spec-v2-06.txt states that only VRRP owners can respond

to ping and other management-oriented protocols directed to the VRID IP addresses, 7750 SR OS

allows an override of this restraint on a per VRRP virtual router instance basis.

Non-Owner Access Ping Reply

When non-owner access ping reply is enabled on a virtual router instance, ICMP echo request

messages destined to the non-owner virtual router instance IP addresses are not discarded at the IP

interface when operating in master mode. ICMP echo request messages are always discarded in

backup mode.

When non-owner access ping reply is disabled on a virtual router instance, ICMP echo request

messages destined to the non-owner virtual router instance IP addresses are silently discarded in

both the master and backup modes.

Non-Owner Access Telnet

When non-owner access Telnet is enabled on a virtual router instance, authorized Telnet sessions

may be established that are destined to the virtual router instance IP addresses when operating in

master mode. Telnet sessions are always discarded at the IP interface when destined to a virtual

router IP address operating in backup mode. Enabling non-owner access Telnet does not guarantee

Telnet access, proper management and security features must be enabled to allow Telnet on this

interface and possibly from the given source IP address.

When non-owner access Telnet is disabled on a virtual router instance, Telnet sessions destined to

the non-owner virtual router instance IP addresses are silently discarded in both master and backup

modes.

Page 188

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Non-Owner Access SSH

When non-owner access SSH is enabled on a virtual router instance, authorized SSH sessions may

be established that are destined to the virtual router instance IP addresses when operating in master

mode. SSH sessions are always discarded at the IP interface when destined to a virtual router IP

address operating in backup mode. Enabling non-owner access SSH does not guarantee SSH

access, proper management and security features must be enabled to allow SSH on this interface

and possibly from the given source IP address.

When non-owner access SSH is disabled on a virtual router instance, SSH sessions destined to the

non-owner virtual router instance IP addresses are silently discarded in both master and backup

modes.

7750 SR OS Router Configuration Guide

Page 189

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Configuration Process Overview

Figure 14 displays the process to provision VRRP parameters.

START

CONFIGURE VRRP PRIORITY CONTROL POLICIES (optional)

CONFIGURE IES SERVICE

CONFIGURE INTERFACE

CONFIGURE ROUTER INTERFACE

CONFIGURE INTERFACE

SPECIFY ADDRESS, SECONDARY ADDRESS(ES)

CONFIGURE VRRP OWNER/NON-OWNER INSTANCE

SPECIFY BACKUP IP ADDRESS(ES)

CONFIGURE VRRP PARAMETERS

APPLY VRRP PRIORITY CONTROL POLICIES (optional)

TURN UP

Figure 14: VRRP Configuration and Implementation Flow

Page 190

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Configuration Components

Figure 15 displays the major components to configure a VRRP priority control policy.

VRRP

POLICY

PRIORITY-EVENT

PORT-DOWN

LAG-PORT-DOWN

HOST-UNREACHABLE

ROUTE-UNKNOWN

Figure 15: VRRP Policy Configuration Components

•

Policy — A VRRP priority control policy can be used to modify the VRRP in-use priority

based on priority control events such as port-down, lag-port-down, host-

unreachable, and route-unknownparameters.

•

Priority event — The context to configure VRRP priority control events used to define

criteria for modifying the VRRP in-use priority.

Port down — Configure a port down priority control event that monitors the operational

state of a given port or SONET/SDH channel. When a port or channel enters an

operational down state, the event is considered set. When the port or channel enters an

operational up state, the event is considered cleared.

•

LAG port down — Configures a Link Aggregation Group (LAG) priority control event

that monitors the operational state of the links in the LAG. The event monitors the

operational state of each port in the specified LAG. When one or more of the ports enter

the operational down state, the event is considered set. When all the ports enter an

operational up state, the event is considered clear.

Host unreachable — Configures a host unreachable priority control event to monitor the

ability to receive ICMP echo reply packets from a given IP host address. A host

unreachable priority event creates a continuous ICMP echo request (ping) probe to the

specified IP address. During ping failure, the event is considered to be set. During ping

success, the event is considered to be cleared.

Route unknown — Configures a route unknown priority control event that monitors the

existence of a specific active IP route prefix within the routing table. Route unknown

defines a link between the VRRP priority control policy and the Route Table Manager

(RTM). The RTM registers the specified route prefix as monitored by the policy. If any

change (add, delete, new next hop) occurs relative to the prefix, the policy is notified and

takes proper action according to the priority event definition.

Figure 16 displays the major components to configure a network interface VRRP instance.

7750 SR OS Router Configuration Guide

Page 191

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Configuration Process Overview

ROUTER

INTERFACE

ADDRESS

SECONDARY

VRRP

OWNER (optional)

BACKUP

POLICY (optional)

NON-OWNER (default)

BACKUP

POLICY (optional)

Figure 16: Interface VRRP Configuration Components

•

Interface — A logical IP routing interface.

Address — Assigns the primary IP address for the interface. A primary IP address must be

assigned to each IP interface.

•

Secondary — Assigns a secondary IP address, IP subnet/broadcast address format to the

interface.

VRRP — The context to configure a VRRP virtual router instance. A virtual router is

defined by its VRID and a set of IP addresses.

Owner — When the ownerkeyword is specified, the virtual router instance owns the

backed up IP addresses. Only one router in the message domain can be the owner.

Non-owner — VRRP instances are created as non-owners unless the ownerkeyword is

specified. Non-owners are all the other virtual router instances participating in the message

domain that have the same VRID configured.

•

Backup — Non-owner virtual router instances create a routable IP interface address that is

operationally dependent on the virtual router instance mode (master or backup). The

backup command in ownervirtual router instances does not create a routable IP interface

address; it defines the already existing parental IP interface IP addresses that are advertised

by the virtual router instance.

For owner virtual router instances, backupdefines the list of IP addresses that will be

advertised within VRRP Advertisement messages. This indicates to backup virtual routers

receiving the messages what IP addresses the master is representing.

•

Policy — (optional) Assigns an existing VRRP priority control policy association with the

virtual router instance.

Page 192

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Figure 17 displays the major components to configure a VRRP instance in an IES service.

SERVICE

IES

INTERFACE

ADDRESS

SECONDARY

VRRP vrid

OWNER

BACKUP

POLICY (optional)

NON-OWNER

BACKUP

POLICY (optional)

Figure 17: IES VRRP Configuration Components

•

IES — The context to creates or modify an IES service.

Interface — A logical IP routing interface.

Address — Assigns the primary IP address for the interface. A primary IP address must be

assigned to each IP interface.

•

Secondary — Assigns a secondary IP address, IP subnet/broadcast address format to the

interface.

VRRP — The context to configure a VRRP virtual router instance. A virtual router is

defined by its VRID and a set of IP addresses.

Owner — When the ownerkeyword is specified, the virtual router instance owns the

backed up IP addresses. Only one router in the message domain can be the owner.

Non-owner — VRRP instances are created as non-owners unless the ownerkeyword is

specified. Non-owners are all the other virtual router instances participating in the

message domain that have the same VRID configured.

•

Backup — Non-owner virtual router instances create a routable IP interface address that is

operationally dependent on the virtual router instance mode (master or backup). The

backup command in ownervirtual router instances does not create a routable IP interface

address; it defines the already existing parental IP interface IP addresses that are

advertised by the virtual router instance.

For owner virtual router instances, backupdefines the list of IP addresses that will be

advertised within VRRP Advertisement messages. This indicates to backup virtual routers

receiving the messages what IP addresses the master is representing.

•

Policy — (optional) Assigns an existing VRRP priority control policy association with the

virtual router instance.

7750 SR OS Router Configuration Guide

Page 193

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Notes

This section describes VRRP configuration caveats.

General

•

Creating and applying VRRP policies are optional.

Backup command:

→ You can configure up to 16 backup IP addresses in the non-owner mode. The backup

IP address(es) must be on the same subnet. The backup addresses explicitly define

which IP addresses are in the VRRP advertisement message IP address list.

→ In the owner mode, the backup IP address must be identical to one of the interface’s IP

addresses. The backup address explicitly defines which IP addresses are in the VRRP

advertisement message IP address list.

Reference Sources

For information on supported IETF drafts and standards, as well as standard and proprietary MIBS,

refer to Standards and Protocol Support on page 715.

Page 194

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Configuring VRRP with CLI

This section provides information to configure VRRP using the command line interface.

Topics in this section include:

•

VRRP Configuration Overview on page 196

VRRP CLI Command Structure on page 197

List of Commands on page 199

Basic VRRP Configurations on page 204

Common Configuration Tasks on page 207

Configuring VRRP Policy Components on page 209

VRRP Configuration Management Tasks on page 219

Modifying a VRRP Policy on page 219

Deleting a VRRP Policy on page 220

→ Modifying Service and Interface VRRP Parameters on page 221

•

Modifying Non-Owner Parameters on page 221

Modifying Owner Parameters on page 221

Deleting VRRP on an Interface or Service on page 221

7750 SR OS Router Configuration Guide

Page 195

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Configuration Overview

Configuring VRRP policies and configuring VRRP instances on IES or VPRN interfaces and

router interfaces is optional. The basic owner and non-owner VRRP configurations on an IES or

router interface must specify the backup ip-address parameter.

VRRP helps eliminate the single point of failure in a routed environment by using virtual router IP

address shared between two or more routers connecting the common domain. VRRP provides

dynamic fail over of the forwarding responsibility if the master becomes unavailable.

The VRRP implementation allows one master per IP subnet. All other VRRP instances in the same

domain must be in backup mode.

Preconfiguration Requirements

VRRP policies:

•

VRRP policies must be configured before they can be applied to an interface or IES or

VPRN VRRP instance. VRRP policies are configured in the config>vrrpcontext.

Configuring VRRP on an IES or VPRN service interface:

•

The service customer account must be created prior to configuring an IES or VPRN VRRP

instance.

The interface address must be specified in the both the owner and non-owner IES or

VPRN or router interface instances.

Page 196

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP CLI Command Structure

The 7750 SR OS VRRP command structure is displayed in Figure 18. VRRP policy

commands are located under the config>vrrp context.

VRRP service configuration commands are located under the config>service>ies>

interfacecontext. VRRP interface configuration commands are located under the

config>router>interface context.

VRRP show commands are located under the show>vrrp context.

ROOT

CONFIG

VRRP

POLICY

DELTA-IN-USE LIMIT

PRIORITY EVENT

HOST UNREACHABLE

LAG PORT DOWN

SERVICE

PORT DOWN

IES/VPRN

ROUTE UNKNOWN

INTERFACE

VRRP

OWNER

BACKUP

NON-OWNER

ROUTER

INTERFACE

BACKUP

VRRP

SHOW

OWNER

VRRP

BACKUP

NON-OWNER

BACKUP

INSTANCE

POLICY

Figure 18: VRRP Command Structure

7750 SR OS Router Configuration Guide

Page 197

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP CLI Command Structure

ROOT

CONFIG

VRRP

POLICY

DELTA-IN-USE LIMIT

PRIORITY EVENT

HOST UNREACHABLE

LAG PORT DOWN

PORT DOWN

SERVICE

IES/VPRN

ROUTE UNKNOWN

INTERFACE

VRRP

OWNER

BACKUP

NON-OWNER

BACKUP

ROUTER

INTERFACE

VRRP

SHOW

OWNER

VRRP

BACKUP

NON-OWNER

BACKUP

INSTANCE

POLICY

Page 198

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

List of Commands

Table 7 lists the commands to configure VRRP policy parameters, indicating the configuration

level at which each command is implemented with a short command description.

Table 8 lists the commands to configure VRRP parameters on an interface and in an IES or

VPRN service, indicating the configuration level at which each command is implemented with

a short command description. Refer to the IES chapter of the 7750 SR OS Services Guide for

information about IES command syntax and usage.

The VRRP command list is organized in the following task-oriented manner:

•

Configure a VRRP policy

Configure VRRP policy priority events

Configure IES or VPRN VRRP owner parameters

Configure IES or VPRN VRRP non-owner parameters

Table 7: CLI Commands to Configure a VRRP Policy

Command

Description

Page

Configure a VRRP policy

config>vrrp>policy

description

Text string describing the policy.

243

delta-in-use-limit

Sets a lower limit on the virtual router in-use priority that can be derived 242

from the delta priority control events.

Configure VRRP policy priority events

config>vrrp>policy>priority-event

port-down

Creates a port down priority control event that monitors the operational

state of a given port or SONET/SDH channel.

248

245

hold-set

Configures the amount of time before the set state for a VRRP priority

control event can transition to the cleared state to dampen flapping

events.

priority

Configures the effect the set event has on the virtual router instance in-

use priority.

246

250

lag-port-down

Creates context for configuring Link Aggregation Group (LAG) priority

control event that monitors the operational state of the links in the LAG.

7750 SR OS Router Configuration Guide

Page 199

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Commands

Table 7: CLI Commands to Configure a VRRP Policy (Continued)

Command

hold-set

Description

Page

Configures the amount of time before the set state for a VRRP priority

control event transitions to the cleared state to dampen flapping events.

245

number-down

priority

Creates a context for configuring an event set threshold within a lag-port- 251

down priority control event.

Configures the effect the set event has on the virtual router instance in-

use priority.

246

host-unreachable

Creates a context for configuring a host unreachable priority control

event to monitor the ability to receive ICMP echo reply packets from a

given IP host address.

253

hold-set

Configures the amount of time before the set state for a VRRP priority

control event can transition to the cleared state to dampen flapping

events.

245

interval

timeout

Configures the number of seconds between host unreachable priority

event ICMP echo request messages directed to the host IP address.

255

Configures the time allowed for receiving an ICMP echo reply message

in response to a transmitted ICMP echo request message for the host

unreachable priority control event.

drop-count

priority

Configures the number of consecutive ICMP echo request message sends 253

that must fail before the host unreachable priority control event is set.

Configures the effect the set event has on the virtual router instance in-

use priority.

246

route-unknown

Creates a context for configuring a route unknown priority control event

that monitors the existence of a specific active IP route prefix within the

routing table.

259

hold-set

Configures the amount of time before the set state for a VRRP priority

control event can transition to the cleared state to dampen flapping

events.

245

less-specific

next-hop

Allows a CIDR shortest match hit on a route prefix that contains the IP

route prefix associated with the route unknown priority event.

257

Adds one of potentially multiple allowed next hop IP addresses when

matching the IP route prefix for a route unknown priority control event.

protocol bgp

protocol ospf

protocol isis

protocol rip

protocol static

Adds one or multiple allowable route sources such as BGP, OSPF, IS-IS, 258

and RIP, when matching the route unknown IP route prefix for a route

unknown priority control event.

priority

Configures the effect the set event has on the virtual router instance in-

use priority.

246

Page 200

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Table 8: CLI Commands to Configure IES or VPRN Service VRRP Parameters

Command Description

Page

VRRP IES service and network interface parameters are configured in the following contexts:

config>service>ies>interface>vrrp

211

215

config>service>vprn>interface>vrrp

config>router>interface>vrrp

Configure IES or VPRN VRRP owner parameters

config>service>ies>interface>vrrp virtual-router-id owner

config>service>vprn>interface>vrrp virtual-router-id owner

interface

Creates a logical IP routing interface for IES services. Once created,

attributes like an IP address and service access point (SAP) can be

associated with the IP interface.

address

Assigns the primary IP address, IP subnet, and broadcast address

format to an IES IP router interface.

secondary

no shutdown

Assigns a secondary IP address, IP subnet/broadcast address format

to the interface.

Enables the interface and address instance.

vrrp virtual-router-id

owner

Creates context for configuring VRRP virtual router instance and can 240

specify which virtual router instance owns the backed up IP

addresses. A virtual router is defined by its virtual router identifier

(VRID) and a set of IP addresses.

When the optional ownerkeyword is used the virtual router instance

owns the backed up IP addresses. All other virtual router instances

participating in this message domain must have the same vrid

configured and cannot be configured as owner. Once created, the

ownerkeyword is optional when entering the vrid for configuration

purposes.

authentication-type

Configures the VRRP authentication:

228

227

• VRRP Type 0 authentication provides no authentication. All

compliant VRRP advertisement messages are accepted.

• VRRP Type 1 authentication provides a simple password check on

incoming VRRP advertisement messages.

• VRRP Type 2 authentication provides an MD5 IP header

authentication check on incoming VRRP advertisement messages.

authentication-key

Sets/clears the simple text authentication key used for generating

master VRRP advertisement messages and validating received VRRP

advertisements.

7750 SR OS Router Configuration Guide

Page 201

Download from Www.Somanuals.com. All Manuals Search And Download.

List of Commands

Table 8: CLI Commands to Configure IES or VPRN Service VRRP Parameters (Continued)

Command

Description

Page

backup ip-address

Assigns virtual router IP addresses associated with the parental IP

interface IP addresses.

229

Owner instances do not create a routable IP interface address; it

defines the existing parental IP interface IP addresses that will be

advertised by the virtual router instance.

mac

Sets an explicit MAC address to be used by the virtual router instance 232

overriding the VRRP default derived from the VRID.

message-interval

Configures the administrative advertisement message timer used by

the master virtual router instance to send VRRP advertisement

messages and to derive the master down timer as backup.

234

Configure IES or VPRN VRRP non-owner parameters

config>service>ies>interface>vrrp virtual-router-id

config>service>vprn>interface>vrrp virtual-router-id

interface

Creates a logical IP routing interface for IES services. Once created,

attributes like an IP address and service access point (SAP) can be

associated with the IP interface.

address

Assigns an IP address, IP subnet, and broadcast address format to an

IES IP router interface. Only one IP address can be associated with an

IP interface.

no shutdown

Enables the interface and address instance.

vrrp vrid

Creates context for configuring VRRP virtual router instance

participating in the message domain. The virtual router must have the

same vrid configured as the other routers participating in the message

domain.

240

228

authentication-type

Configures the VRRP authentication:

• VRRP Type 0 authentication provides no authentication. All

compliant VRRP advertisement messages are accepted.

• VRRP Type 1 authentication provides a simple password check on

incoming VRRP advertisement messages.

• VRRP Type 2 authentication provides an MD5 IP header

authentication check on incoming VRRP advertisement messages.

authentication-key

Sets/clears the simple text authentication key used for generating

master VRRP advertisement messages and validating received VRRP

advertisements.

227

Page 202

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Table 8: CLI Commands to Configure IES or VPRN Service VRRP Parameters (Continued)

Command

Description

Page

backup ip-address

Assigns virtual router IP addresses associated with the parental IP

interface IP addresses.

229

Non-owner instances create a routable IP interface address that is

operationally dependent on the virtual router instance mode (master

or backup).

init-delay

mac

Configures a VRRP initialization delay timer.

232

Sets an explicit MAC address to be used by the virtual router instance 232

overriding the VRRP default derived from the VRID.

message-interval

Configures the administrative advertisement message timer used by

the master virtual router instance to send VRRP advertisement

messages and to derive the master down timer as backup.

234

priority

Configures the base router priority for the virtual router instance used 236

in the master election process.

policy

Adds a VRRP priority control policy association with the virtual

router instance.

235

preempt

Enables overriding an existing VRRP master if the virtual router’s in- 235

use priority is higher than the current master.

ping-reply

telnet-reply

ssh-reply

no shutdown

Enables the non-owner master to reply to ICMP echo requests

directed at the virtual router instances IP addresses.

Enables the non-owner master to reply to TCP port 23 Telnet

requests directed at the virtual router instances IP addresses.

Enables the non-owner master to reply to SSH requests directed at

the virtual router instances IP addresses.

Administratively enables the VRRP instance.

7750 SR OS Router Configuration Guide

Page 203

Download from Www.Somanuals.com. All Manuals Search And Download.

Basic VRRP Configurations

Configure VRRP parameters in the following contexts:

•

VRRP Policy on page 204

VRRP IES Service Parameters on page 205

VRRP Router Interface Parameters on page 206

•

VRRP Policy

Configuring and applying VRRP policies are optional. There are no default VRRP policies.

Each policy must be explicitly defined.

A VRRP policy configuration must include the following:

•

Policy ID

Define at least one of the following priority events:

→ Port down

→ LAG port down

→ Host unreachable

→ Route unknown

The following example displays a sample configuration of a VRRP policy.

A:SR2>config>vrrp>policy# info

----------------------------------------------

delta-in-use-limit 50

priority-event

port-down 4/1/2

hold-set 43200

priority 100 delta

exit

port-down 4/1/3

priority 200 explicit

exit

lag-port-down 1

number-down 3

priority 50 explicit

exit

host-unreachable 10.10.24.4

drop-count 25

exit

route-unknown 10.10.0.0/32

priority 50 delta

protocol bgp

Page 204

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

exit

----------------------------------------------

A:SR2>config>vrrp>policy#

VRRP IES Service Parameters

VRRP parameters are configured within an IES service with two contexts, owner or non-

owner. The status is specified when the VRRP configuration is created. When configured as

owner, the virtual router instance owns the backup IP addresses. All other virtual router

instances participating in this message domain must have the same vridconfigured and

cannot be configured as owner.

Up to 4 virtual routers IDs (vrid) can be configured on an IES service interface. Each virtual

router instance can manage up to 16 backup IP addresses, including up to 16 secondary IP

addresses. If there are multiple subnets configured on an Ethernet interface, you can configure

VRRP on each subnet.

VRRP parameters configured within an IES service must include the following:

•

VRID

Backup IP address(es)

The following example displays a sample configuration of a IES service owner and non-owner

VRRP configurations.

A:SR2>config>service>ies# info

----------------------------------------------

interface "tuesday" create

address 10.10.36.2/24

vrrp 19 owner

backup 10.10.36.2

authentication-type password

authentication-key "testabc"

exit

interface "testing" create

address 10.10.10.16/24

vrrp 12

backup 10.10.10.15

backup 10.10.10.17

policy 1

authentication-type password

authentication-key "testabc"

exit

no shutdown

----------------------------------------------

A:SR2>config>service>ies#

7750 SR OS Router Configuration Guide

Page 205

Download from Www.Somanuals.com. All Manuals Search And Download.

Basic VRRP Configurations

VRRP Router Interface Parameters

VRRP parameters are configured on a router interface with two contexts, owner or non-owner.

The status is specified when the VRRP configuration is created. When configured as owner,

the virtual router instance owns the backed up IP addresses. All other virtual router instances

participating in this message domain must have the same vridconfigured and cannot be

configured as owner.

Up to 4 virtual routers IDs (vrid) can be configured on a router interface. Each virtual router

instance can manage up to 16 backup IP addresses, including up to 16 secondary IP addresses.

If there are multiple subnets configured on an Ethernet interface, you can configure VRRP on

each subnet.

VRRP parameters configured on a router interface must include the following:

•

VRID

Backup IP address(es)

The following example displays a sample configuration of a router interface owner and non-

owner VRRP configurations.

A:SR4>config>router# info

#------------------------------------------

echo "IP Configuration "

#------------------------------------------

interface "system"

address 10.10.0.4/32

exit

interface "ethel"

address 10.10.14.1/24

secondary 10.10.16.1/24

secondary 10.10.17.1/24

secondary 10.10.18.1/24

exit

interface "fatfreddie"

address 10.10.10.23/24

vrrp 1 owner

backup 10.10.10.23

authentication-type password

authentication-key "testabc"

exit

#------------------------------------------

A:SR4>config>router#

Page 206

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Common Configuration Tasks

This section provides a brief overview of the tasks that must be performed to configure VRRP

and provides the CLI commands.

VRRP parameters are defined under a service interface or a router interface context. An IP

address must be assigned to each IP interface. Only one IP address can be associated with an

IP interface but several secondary IP addresses also be associated.

Owner and non-owner configurations must include the following parameters:

•

All participating routers in a VRRP instance must be configured with the same vrid.

All participating non-owner routers can specify up to 16 backup IP addresses (IP

addresses the master is representing). The owner configuration must include one back

IP address.

Other owner and non-owner configurations include the following optional commands:

• authentication-type

• authentication-key

• mac

• message-interval

In addition to the common parameters, the following non-owner commands can be configured:

• master-int-inherit

• priority

• policy

• ping-reply

• preempt

• telnet-reply

• ssh-reply

• [no] shutdown

7750 SR OS Router Configuration Guide

Page 207

Download from Www.Somanuals.com. All Manuals Search And Download.

Common Configuration Tasks

Creating Interface Parameters

You can configure up to 4 virtual routers IDs on an IP interface. Each virtual router instance

can manage up to 16 backup IP addresses, including up to 16 secondary IP addresses. If you

have multiple subnets configured on an Ethernet interface, you can configure VRRP on each

subnet.

To configure an interface:

CLI Syntax: config>router

interface ip-int-name

address ip-addr{/mask-length|mask} [broadcast {all-

ones|host-ones}]

secondary {[ip-addr/mask|ip-addr][netmask]}

[broadcast {all-ones|host-ones}][igp-inhibit]

Example:

config>router> interface “ethel”

config>router>if$ address 10.10.14.1/24

config>router>if# secondary 10.10.16.1/24

config>router>if# secondary 10.10.17.1/24

config>router>if# secondary 10.10.18.1/24

config>router>if# exit

The following example displays the IP interface configuration:

A:SR1>config>router# info

#------------------------------------------

echo "IP Configuration "

#------------------------------------------

interface "system"

address 10.10.0.1/32

exit

interface "fred"

address 123.123.123.123/24

exit

interface "ethel"

address 10.10.14.1/24

secondary 10.10.16.1/24

secondary 10.10.17.1/24

secondary 10.10.18.1/24

exit

router-id 10.10.0.1

#------------------------------------------

A:SR1>config>router#

Page 208

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Configuring VRRP Policy Components

Use the CLI syntax displayed below to configure a VRRP policy:

CLI Syntax: config>vrrp

policy policy-id [context service-id]

description string

delta-in-use-limit in-use-priority-limit

priority-event

port-down port-id[.channel-id]

hold-set seconds

priority priority-level [{delta|explicit}]

lag-port-down lag-id

hold-set seconds

number-down number-of-lag-ports-down

priority priority-level [{delta|explicit}]

host-unreachable ip-addr

hold-set seconds

interval seconds

timeout seconds

drop-count consecutive-failures

priority priority-level [{delta|explicit}]

route-unknown prefix/mask-length

hold-set seconds

less-specific [allow-default]

next-hop ip-address

protocol bgp

protocol ospf

protocol isis

protocol rip

protocol static

priority priority-level [{delta|explicit}]

The following output displays an example of a VRRP policy specifying parameter values that

are assumed in the event that a specific port is down:

Example: SR1>config>vrrp#

config>vrrp# policy 1

config>vrrp>policy$ delta-in-use-limit 50

config>vrrp>policy# priority-event

config>vrrp>policy>priority-event# port-down 1/1/2

config>vrrp>policy>priority-event>port-down$ hold-set 43200

config>vrrp>policy>priority-event>port-down# priority 100 delta

7750 SR OS Router Configuration Guide

Page 209

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring VRRP Policy Components

The following displays the VRRP policy configuration:

A:SR1>config>vrrp# info

----------------------------------------------

policy 1

delta-in-use-limit 50

priority-event

port-down 1/1/2

hold-set 43200

priority 100 delta

exit

route-unknown 0.0.0.0/0

protocol isis

exit

----------------------------------------------

A:SR1>config>vrrp#

Page 210

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Configuring IES or VPRN Service VRRP Parameters

VRRP parameters can be configured on an interface in an IES or VPRN service to provide

virtual default router support which allows traffic to be routed without relying on a single

router in case of failure.

VRRP can be configured the following ways:

•

Non-Owner IES or VPRN VRRP Example on page 212

Owner IES or VPRN VRRP on page 214

Use the following CLI syntax to configure IES or VPRN service owner and non-owner VRRP

parameters:

CLI Syntax: config>service# ies service-id [customer customer-id ]

config>service# vprn service-id [customer customer-id ]in-

terface ip-int-name

address ip-addr/mask-length [broadcast {all-ones|host-

ones}]

no shutdown

vrrp vrid

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

master-int-inherit

priority base-priority

policy vrrp-policy-id [context service-id]

preempt

message-interval seconds

ping-reply

telnet-reply

ssh-reply

shutdown

vrrp vrid owner

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

message-interval seconds

7750 SR OS Router Configuration Guide

Page 211

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring VRRP Policy Components

Non-Owner IES or VPRN VRRP Example

Use the CLI syntax displayed below to configure IES or VPRN service non-owner VRRP

parameters:

CLI Syntax: config>service# ies service-id [{customer customer-id }]

config>service# vprn service-id [customer customer-id ]in-

terface ip-int-name

address ip-addr/mask-length [broadcast {all ones|host-

ones}]

no shutdown

vrrp vrid

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash |hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

master-int-inherit

priority base-priority

policy volicy-id [context service-id]

preempt

message-interval seconds

ping-reply

telnet-reply

ssh-reply

no shutdown

The following output displays an example an IES non-owner VRRP configuration:

Example: config>service>ies>if# vrrp 1

config>service>ies>if>vrrp$ backup 10.10.0.4/32

config>service>ies>if>vrrp# authentication-type password

config>service>ies>if>vrrp# authentication-key 18

config>service>ies>if>vrrp# priority 254

config>service>ies>if>vrrp# policy 1

config>service>ies>if>vrrp# no ssh-reply

config>service>ies>if>vrrp# no telnet-reply

config>service>ies>if>vrrp# no shutdown

Page 212

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

The following example displays the basic non-owner VRRP configuration:

A:SR2>config>service>ies# info

----------------------------------------------

interface "mertz" create

address 10.10.65.4/24

backup 10.10.0.4/32

vrrp 1

priority 254

policy 1

authentication-type password

authentication-key "18"

exit

no shutdown

----------------------------------------------

A:SR2>config>service>ies#

7750 SR OS Router Configuration Guide

Page 213

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring VRRP Policy Components

Owner IES or VPRN VRRP

Use the CLI syntax displayed below to configure IES or VPRN service owner VRRP

parameters:

CLI Syntax: config>service# ies service-id [{customer customer-id }]

config>service# vprn service-id [customer customer-id ]

interface ip-int-name

address ip-addr/mask-length [broadcast {all-ones|host-

ones}]

no shutdown

vrrp vrid owner

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

message-interval seconds

The following output displays an example of an owner IES VRRP configuration:

Example: config>service>ies# interface tuesday create

config>service>ies>if# address 10.10.36.2/24

config>service>ies>if# vrrp 2 owner

config>service>ies>if>vrrp# backup 10.10.36.2

config>service>ies>if>vrrp# authentication-type password

config>service>ies>if>vrrp# authentication-key testabc

The following example displays the owner VRRP configuration:

A:SR2>config>service>ies# info

----------------------------------------------

interface "tuesday" create

address 10.10.36.2/24

vrrp 19 owner

backup 10.10.36.2

authentication-type password

authentication-key "testabc"

exit

#------------------------------------------

A:SR2>config>service>ies#

Page 214

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Configuring Router Interface VRRP Parameters

VRRP parameters can be configured on an interface in an interface to provide virtual default

router support which allows traffic to be routed without relying on a single router in case of

failure.

VRRP can be configured the following ways:

•

Router Interface VRRP Non-Owner on page 216

Use the CLI syntax displayed below to configure owner and non-owner router interface VRRP

parameters:

CLI Syntax: config>router

interface ip-int-name

address ip-addr/mask-length

no shutdown

vrrp vrid

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

priority base-priority

policy vrrp-policy-id

message-interval seconds

ping-reply

telnet-reply

ssh-reply

no shutdown

vrrp vrid owner

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

message-interval seconds

7750 SR OS Router Configuration Guide

Page 215

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring VRRP Policy Components

Router Interface VRRP Non-Owner

Use the CLI syntax displayed below to configure non-owner router interface VRRP

parameters:

CLI Syntax: config>router

interface ip-int-name

address ip-addr/mask-length

no shutdown

vrrp vrid

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash|hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

priority base-priority

policy vrrp-policy-id

message-interval seconds

ping-reply

telnet-reply

ssh-reply

no shutdown

The following example displays router interface non-owner VRRP configuration command

usage:

Example: config>router# interface "lucy"

config>router>if# address 10.20.30.40/24

config>router>if# secondary 10.10.50.1/24

config>router>if# secondary 10.10.60.1/24

config>router>if# secondary 10.10.70.1/24

config>router>if# no shutdown

config>router>if# vrrp 1

config>router>if>vrrp# backup 10.10.50.2

config>router>if>vrrp# backup 10.10.60.2

config>router>if>vrrp# backup 10.10.70.2

config>router>if>vrrp# backup 10.20.30.41

config>router>if>vrrp# ping-reply

config>router>if>vrrp# telnet-reply

config>router>if>vrrp# authentication-type password

config>router>if>vrrp# authentication-key testabc

config>router>if>vrrp# no shutdown

Page 216

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

The following example displays the non-owner interface VRRP configuration:

A:SR2>config># info

#------------------------------------------

interface "lucy"

address 10.20.30.40/24

secondary 10.10.50.1/24

secondary 10.10.60.1/24

secondary 10.10.70.1/24

vrrp 1

backup 10.10.50.2

backup 10.10.60.2

backup 10.10.70.2

backup 10.20.30.41

ping-reply

telnet-reply

authentication-type password

authentication-key "testabc"

exit

#------------------------------------------

A:SR2>config>#

7750 SR OS Router Configuration Guide

Page 217

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuring VRRP Policy Components

Router Interface VRRP Owner

Use the CLI syntax displayed below to configure owner router interface VRRP parameters:

CLI Syntax: config>router

interface ip-int-name

address ip-addr/mask-length

no shutdown

vrrp vrid owner

authentication-type {password}

authentication-key [authentication-key | hash-key]

[hash | hash2]

backup ip-addr

init-delay seconds

mac ieee-mac-address

message-interval seconds

The following example displays router interface owner VRRP configuration command usage:

Example: config>router# interface "vrrpowner"

config>router>if# address 10.10.10.23/24

config>router>if# vrrp 1 owner

config>router>if>vrrp# backup 10.10.10.23

config>router>if>vrrp# authentication-type password

config>router>if>vrrp# authentication-key "testabc"

config>router>if>vrrp# exit

The following example displays the router interface owner VRRP configuration:

A:SR2>config>router# info

#------------------------------------------

interface "vrrpowner"

address 10.10.10.23/24

vrrp 1 owner

backup 10.10.10.23

authentication-type password

authentication-key "testabc"

exit

#------------------------------------------

A:SR2>config>router#

Page 218

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Configuration Management Tasks

This section discusses the following VRRP configuration management tasks:

•

Modifying a VRRP Policy on page 219

Deleting a VRRP Policy on page 220

•

Modifying Service and Interface VRRP Parameters on page 221

→ Modifying Non-Owner Parameters on page 221

→ Modifying Owner Parameters on page 221

→ Deleting VRRP on an Interface or Service on page 221

Modifying a VRRP Policy

To access a specific VRRP policy, you must specify the policy ID. To display a list of VRRP

policies, use the show vrrp policy command.

Example: config>vrrp#

config>vrrp# policy 1

config>vrrp>policy# priority-event

config>vrrp>policy>priority-event# port-down 1/1/3

config>vrrp>policy>priority-event>port-down$ priority 200

explicit

config>vrrp>policy>priority-event>port-down# exit

config>vrrp>policy>priority-event# host-unreachable

10.10.24.4

config>vrrp>policy>priority-event>host-unreachable$ drop-

count 25

The following example displays the modified VRRP policy configuration:

A:SR2>config>vrrp>policy# info

----------------------------------------------

delta-in-use-limit 50

priority-event

port-down 1/1/2

hold-set 43200

priority 100 delta

exit

port-down 1/1/3

priority 200 explicit

exit

host-unreachable 10.10.24.4

drop-count 25

exit

----------------------------------------------

A:SR2>config>vrrp>policy#

7750 SR OS Router Configuration Guide

Page 219

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Configuration Management Tasks

Deleting a VRRP Policy

Policies are only applied to non-owner VRRP instances. A VRRP policy cannot be deleted if it

is applied to an interface or to an IES service. Each instance in which the policy is applied

must be deleted.

The following example displays the command usage to remove a policy from an IES service

and then deleting the policy from the configuration:

Example: config>service# ies 10

config>service>ies# interface “test”

config>service>ies>if# vrrp 1

config>service>ies>if>vrrp# no policy

config>service>ies>if>vrrp# exit all

config>vrrp# no policy 1

config>vrrp# exit all

The Appliedcolumn in the following example displays whether or not the VRRP policies are

applied to an entity.

A:SR2#

===============================================================================

VRRP Policies

===============================================================================

Policy

Current

Priority & Effect

Current

Explicit

Current

Delta Sum

Delta

Limit

Applied

-------------------------------------------------------------------------------

200 Explicit

254

100

200

None

100

None

Yes

===============================================================================

A:SR2#

Page 220

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Modifying Service and Interface VRRP Parameters

Modifying Non-Owner Parameters

Once a VRRP instance is created as non-owner, it cannot be modified to the ownerstate. The

vridmust be deleted and then recreated with the ownerkeyword to invoke IP address

ownership.

Modifying Owner Parameters

Once a VRRP instance is created as owner, it cannot be modified to the non-owner state. The

vridmust be deleted and then recreated without the ownerkeyword to remove IP address

ownership.

Entering the ownerkeyword is optional when entering the vridfor modification purposes.

Deleting VRRP on an Interface or Service

The vrid does not need to be shutdown to remove the virtual router instance from an interface

or service.

Example: config>router#interface

config>router# interface lucy

config>router>if# shutdown

config>router>if# exit

config>router# no interface lucy

config>router#

The following example displays the command usage to delete a VRRP instance from an

interface or IES service:

Example: config>service#ies 10

config>service>ies# interface “test”

config>service>ies>if# vrrp 1

config>service>ies>if>vrrp# shutdown

config>service>ies>if>vrrp# exit

config>service>ies>if# no vrrp 1

config>service>ies>if# exit all

7750 SR OS Router Configuration Guide

Page 221

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Configuration Management Tasks

Page 222

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Command Reference

Command Hierarchies

Configuration Commands

• VRRP Network Interface Commands on page 223

• VRRP Priority Control Event Policy Commands on page 225

• Show Commands on page 226

• Clear Commands on page 226

VRRP Network Interface Commands

config

— router

— [no] interface interface-name

— address {ip-address/mask | ip-address netmask} [broadcast all-ones | host-ones]

— no address

— [no] allow-directed-broadcasts

— arp-timeout seconds

— no arp-timeout

— description description-string

— no description

— secondary {ip-address/mask | ip-address netmask} [broadcast all-ones | host-

ones] [igp-inhibit]

— no secondary {ip-address/mask | ip-address netmask}

— [no] shutdown

—

static-arp ip-address ieee-address

— [no] static-arp ip-address

— tos-marking-state {trusted | untrusted}

— no tos-marking-state

— unnumbered [ip-int-name | ip-address]

— no unnumbered

— vrrp virtual-router-id [owner]

— no vrrp virtual-router-id

— authentication-key [authentication-key | hash-key] [hash | hash2]

— no authentication-key

— authentication-type {password}

— no authentication-type

— [no] backup ip-address

— init-delay seconds

— no init-delay

— mac mac-address

— no mac

— [no] master-int-inherit

— message-interval {[seconds] [milliseconds milliseconds]}

— no message-interval

— [no] ping-reply

— policy vrrp-policy-id

— no policy

7750 SR OS Router Configuration Guide

Page 223

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Command Reference

— [no] preempt

— priority priority

— no priority

— [no] ssh-reply

— [no] standby-forwarding

— [no] telnet-reply

— [no] shutdown

— [no] traceroute-reply

Page 224

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Priority Control Event Policy Commands

config

— vrrp

— [no] policy policy-id [context service-id]

— delta-in-use-limit limit

— no delta-in-use-limit

— description description string

— no description

— [no] priority-event

— [no] host-unreachable ip-addr

— drop-count consecutive-failures

— no drop-count

— hold-clear seconds

— no hold-clear

— hold-set seconds

— no hold-set

— interval seconds

— no interval

— priority priority-level [{delta | explicit}]

— no priority

— timeout seconds

— no timeout

— [no] lag-port-down lag-id

— hold-clear seconds

— no hold-clear

— hold-set seconds

— no hold-set

— [no] number-down number-of-lag-ports-down

— priority priority-level [delta | explicit]

— no priority

— [no] port-down port-id

— hold-clear seconds

— no hold-clear

— hold-set seconds

— no hold-set

— priority priority-level [delta | explicit]

— no priority

— [no] route-unknown ip-prefix/mask

— hold-clear seconds

— no hold-clear

— hold-set seconds

— no hold-set

— less-specific [allow-default]

— no less-specific

— [no] next-hop ip-address

— priority priority-level [delta | explicit]

— no priority

— protocol protocol

— no protocol[protocol]

— [no] protocol bgp

— [no] protocol ospf

— [no] protocol isis

— [no] protocol rip

— [no] protocol static

7750 SR OS Router Configuration Guide

Page 225

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP Command Reference

Show Commands

show

— router

— vrrp

— instance [interface interface-name [vrid virtual-router-id]]

— statistics

Clear Commands

clear

— router

— vrrp

— instance interface-name [vrid virtual-router-id]

— statistics [interface interface-name [vrid virtual-router-id]]

Page 226

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Configuration Commands

Interface Configuration Commands

authentication-key

Syntax

authentication-key [authentication-key | hash-key] [hash | hash2]

no authentication-key

Context

config>router>if>vrrp

Description

This command sets the simple text authentication key used to generate master VRRP advertisement

messages and validates VRRP advertisements.

If simple text password authentication is not required, the authenticaton-key command is not

required.

The command is configurable in both non-owner and owner vrrp nodal contexts.

The key parameter identifies the simple text password to be used when VRRP Authentication Type 1

is enabled on the virtual router instance. Type 1 uses an eight octet long string that is inserted into all

transmitted VRRP advertisement messages and is compared against all received VRRP advertisement

messages. The authentication data fields are used to transmit the key.

The key string is case sensitive and is left justified in the VRRP advertisement message authentication

data fields. The first field contains the first four characters with the first octet (starting with IETF RFC

bit position 0) containing the first character. The second field similarly holds the fifth through eighth

characters. Any unspecified portion of the authentication data field is padded with a 0 value in the

corresponding octet.

If the command is re-executed with a different password key defined, the new key is used

immediately.

The authentication-key command can be executed at anytime, altering the simple text password

used when the authentication-type password authentication method is specified for the virtual

router instance. The authentication-type password command does not have to be executed before

defining the authentication-key command.

To change the current in-use password key on multiple virtual router instances:

1. Identify the current master.

2. Shutdown the virtual router instance on all backups.

3. Execute the authentication-key command on the master to change the password key.

4. Execute the authentication-key command and no shutdown command on each backup.

The no form of the command reverts to the default value.

Default

no authentication-key - The authentication key value is the null string.

7750 SR OS Router Configuration Guide

Page 227

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

authentication-key — The authentication key. Allowed values are any string up to 8 characters long

composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $,

spaces, etc.), the entire string must be enclosed within double quotes.

hash-key — The hash key. The key can be any combination of ASCII characters up to 22 (hash-key1)

or 121 (hash-key2) characters in length (encrypted). If spaces are used in the string, enclose the

entire string in quotation marks (“ ”).

This is useful when a user must configure the parameter, but for security purposes, the actual

unencrypted key value is not provided.

hash — Specifies the key is entered in an encrypted form. If the hash parameter is not used, the key

is assumed to be in a non-encrypted, clear text form. For security, all keys are stored in encrypted

form in the configuration file with the hash parameter specified.

hash2 — Specifies the key is entered in a more complex encrypted form. If the hash2 parameter is

not used, the less encrypted hash form is assumed.

authentication-type

Syntax

authentication-type {password}

no authentication

Context

config>router>if>vrrp

Description

This command configures the VRRP authentication Type 0 (no authentication), Type 1 (simple

password), or Type 2 (MD5) for the virtual router.

If authentication is not required, the authenticaton-type command must not be executed. If the

command is re-executed with a different authentication type defined, the new type is used.

If the no authentication-type command is executed, authentication is removed and no authentication

is performed. The authentication-type command can be executed at anytime, altering the

authentication method used by the virtual router instance.

The command is configurable in both non-owner and owner vrrp nodal contexts.

The VRRP specification supports three message authentication methods that provide varying degrees

of security: Type 0, Type 1 and Type 2.

VRRP Type 0 authentication provides no authentication. All compliant VRRP advertisement

messages are accepted.

VRRP Type 1 authentication provides a simple password check on incoming VRRP advertisement

messages.

VRRP Type 2 authentication provides an MD5 IP header authentication check on incoming VRRP

advertisement messages.

For all VRRP authentication types, VRRP messages not meeting the verification checks are

discarded.

The no form of the command removes authentication from the virtual router instance. All VRRP

advertisement messages sent will have the authentication type field set to 0 and the authentication

data fields will contain 0 in all octets. VRRP advertisement messages received with authentication

type fields containing a value other than 0 will be discarded.

Default

no authentication - VRRP Type 0 (no authentication) is used .

Page 228

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Parameters

password — Specifies VRRP Authentication Type 1 is used.

Type 1 requires the definition of an eight octet long string. All transmitted VRRP advertisement

messages must have the authentication type field set to 1 and the authentication data fields must

contain the authentication-key password.

All received VRRP advertisement messages must contain a value of 1 in the authentication type

field and the authentication data fields must match the defined authentication-key. All other

received messages are discarded.

backup

Syntax

Context

[no] backup ip-address

config>router>if>vrrp

Description

This command associates router IP addresses with the parental IP interface IP addresses.

The backup command has two distinct functions when used in an owner or a non-owner context of

the virtual router instance.

Non-owner virtual router instances actually create a routable IP interface address that is operationally

dependent on the virtual router instance mode (master or backup). The backup command in owner

virtual router instances does not create a routable IP interface address; it simply defines the existing

parental IP interface IP addresses that are advertised by the virtual router instance.

For owner virtual router instances, the backup command defines the IP addresses that are advertised

within VRRP advertisement messages. This communicates the IP addresses that the master is

representing to backup virtual routers receiving the messages. It is possible (as an RFC sanctioned

option) for recipients to discard any advertisement that has an IP address list that does not match the

list of addresses it would advertise. Advertising a correct list is important. The specified ip-addr must

be equal to one of the existing parental IP interface IP addresses (primary or secondary) or the

backup command will fail. Multiple owner virtual router instances on the same parental IP interface

may backup the same IP address.

For non-owner virtual router instances, the backup command actually creates an IP interface IP

address used for routing IP packets and communicating with the system when the access commands

are defined (ping-reply, telnet-reply, and ssh-reply). The specified ip-addr must be an IP address

that is within one of the parental IP interface local subnets created with the address or secondary

commands. If a local subnet does not exist that includes the specified ip-addr or if ip-addr is the same

IP address as the parental IP interface IP address, the backup command will fail.

The new interface IP address created with the backup command assumes the mask and parameters of

the corresponding parent IP interface IP address. The ip-addr is only active when the virtual router

instance is operating in the master state. When not operating as master, the virtual router instance acts

as if it is operationally down. It will not respond to ARP requests to ip-addr, nor will it route packets

received with its vrid derived source MAC address. A non-master virtual router instance always

silently discards packets destined to ip-addr. A single virtual router instance may only have a single

virtual router IP address from a given parental local subnet. Multiple virtual router instances can

define a virtual router IP address from the same local subnet as long as each is a different IP address.

Up to sixteen backup ip-addr commands can be executed within the same virtual router instance.

Executing backup multiple times with the same ip-addr results in no operation performed and no

7750 SR OS Router Configuration Guide

Page 229

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

error generated. At least one successful backup ip-addr command must be executed before the

virtual router instance can enter the operational state.

When operating as (non-owner) master, the default functionality associated with ip-addr is ARP

response to ARP requests to ip-addr, routing of packets destined to the virtual router instance source

MAC address and silently discarding packets destined to ip-addr. Enabling the non-owner-access

parameters selectively allows ping, Telnet and SSH connectivity to ip-addr when the virtual router

instance is operating as master.

The no form of the command removes the specified virtual router IP address from the virtual router

instance. For non-owner virtual router instances, this causes all routing and local access associated

with the ip-addr to cease. For owner virtual router instances, the no backup command only removes

ip-addr from the list of advertised IP addresses. If the last ip-addr is removed from the virtual router

instance, the virtual router instance will enter the operationally down state

Special Cases

Assigning the Virtual Router ID IP Address — Once the vrid is created on the parent IP

interface, IP addresses need to be assigned to the virtual router instance. If the vrid was created with

the keyword owner, the virtual router instance IP addresses must have one or more of the parent IP

interface defined IP addresses (primary and secondary). For non-owner virtual router instances, the

virtual router IP addresses each must be within one of the parental IP interface IP address defined

local subnets. For both owner and non-owner virtual router instances, the virtual router IP addresses

must be explicitly defined using the backup ip-addr command.

Virtual Router Instance IP Address Assignment Conditions — The RFC does not specify

that the assigned IP addresses to the virtual router instance must be in the same subnet as the parent

IP interface primary IP address or secondary IP addresses. The only requirement is that all virtual

routers participating in the same virtual router instance have the same virtual router IP addresses

assigned. To avoid confusion, the assigned virtual router IP addresses must be in a local subnet of one

of the parent IP interfaces IP addresses. For owner virtual router instances the assigned virtual router

IP address must be the same as one of the parental IP interface primary or secondary IP addresses.

The following rules apply when adding, changing, or removing parental and virtual router IP

addresses:

Owner Virtual Router IP Address Parental Association — When an IP address is assigned

to an owner virtual router instance, it must be associated with one of the parental IP interface-

assigned IP addresses. The virtual router IP address must be equal to the primary or one of the

secondary IP addresses within the parental IP interface.

Page 230

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Example - Owner Virtual Router Instance

Parent IP addresses:

10.10.10.10/24

11.11.11.11/24

Virtual router IP addresses:

10.10.10.11

10.10.10.10

Invalid (not equal to parent IP address)

Associated (same as parent IP

address 10.10.10.10)

10.10.11.11

11.11.11.254

11.11.11.255

Invalid (not equal to parent IP address)

Non-Owner Virtual Router IP Address Parental Association — When an IP address is

assigned to a non-owner virtual router instance, it must be associated with one of the parental IP

interface assigned IP addresses. The virtual router IP address must be a valid IP address within one of

the parental IP interfaces local subnet. Local subnets are created by the primary or secondary IP

addresses in conjunction with the IP addresses mask. If the defined virtual router IP address is equal

to the associated subnet’s broadcast address, it is invalid. Virtual router IP addresses for non-owner

virtual router instances that are equal to a parental IP interface IP address are also invalid.

The same virtual router IP address may not be assigned to two separate virtual router instances. If the

virtual router IP address already exists on another virtual router instance, the virtual router IP address

assignment will fail.

Example - Non-Owner Virtual Router Instance

Parent IP addresses:

10.10.10.10/24

11.11.11.11/24

Virtual router IP addresses:

10.10.10.11

Associated with 10.10.10.10 (in sub-

net)

10.10.10.10

10.10.11.11

Invalid (same as parent IP address)

Invalid (outside of all Parent IP sub-

nets)

11.11.11.254

11.11.11.255

Associated with 11.11.11.11 (in sub-

net)

Invalid (broadcast address of

11.11.11.11/24)

Virtual Router IP Address Assignment without Parent IP Address — When assigning an

IP address to a virtual router instance, an associated IP address (see Owner Virtual Router IP

Address Parental Association and Non-Owner Virtual Router IP Address Parental Association)

on the parental IP interface must already exist. If an associated IP address on the parental IP interface

is not configured, the virtual router IP address assignment fails.

7750 SR OS Router Configuration Guide

Page 231

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parent Primary IP Address Changed — When a virtual router IP address is set and the

associated parent IP interface IP address is changed, the new parent IP interface IP address is

evaluated to ensure it meets the association rules defined in Owner Virtual Router IP Address

Parental Association or Non-Owner Virtual Router IP Address Parental Association. If the

association check fails, the parental IP address change is not allowed. If the parental IP address

change fails, the previously configured IP address definition remains in effect.

Only the primary parent IP address can be changed. Secondary addresses must be removed before the

new IP address can be added. Parent Primary or Secondary IP Address Removal explains IP

address removal conditions.

Parent Primary or Secondary IP Address Removal — When a virtual router IP address is

successfully set, but removing the associated parent IP interface IP address is attempted and fails. All

virtual router IP addresses associated with the parental IP interface IP address must be deleted prior

to removing the parental IP address. This includes virtual router IP address associations from

multiple virtual router instances on the IP interface.

Default

no backup - No virtual router IP address is assigned.

Parameters

ip-address — The virtual router IP address expressed in dotted decimal notation. The IP virtual router

IP address must be in the same subnet of the parental IP interface IP address or equal to one of

the primary or secondary IP addresses for owner virtual router instances.

Values

1.0.0.1 - 223.255.255.254

init-delay

Syntax

init-delay seconds

no init-delay

Context

Description

Parameters

config>router>if>vrrp

This command configures a VRRP initialization delay timer.

seconds — Specifies the initialization delay timer for VRRP, in seconds.

Values

1 — 65535

mac

Syntax

mac mac-addr

no mac

Context

config>router>if>vrrp

Description

This command sets an explicit MAC address used by the virtual router instance overriding the VRRP

default derived from the VRID.

Changing the default MAC address is useful when an existing HSRP or other non-VRRP default

MAC is in use by the IP hosts using the virtual router IP address. Many hosts do not monitor

unessential ARPs and continue to use the cached non-VRRP MAC address after the virtual router

becomes master of the host’s gateway address.

Page 232

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

The mac command sets the MAC address used in ARP responses when the virtual router instance is

master. Routing of IP packets with ieee-mac-addr as the destination MAC is also enabled. The mac

setting must be the same for all virtual routers participating as a virtual router or indeterminate

connectivity by the attached IP hosts will result. All VRRP advertisement messages are transmitted

with ieee-mac-addr as the source MAC.

The command can be configured in both non-owner and owner vrrp nodal contexts.

The mac command can be executed at any time and takes effect immediately. When the virtual router

MAC on a master virtual router instance changes, a gratuitous ARP is immediately sent with a VRRP

advertisement message. If the virtual router instance is disabled or operating as backup, the gratuitous

ARP and VRRP advertisement message is not sent.

The no form of the command restores the default VRRP MAC address to the virtual router instance.

Default

no mac - The virtual router instance uses the default VRRP MAC address derived from the

VRID.

Parameters

mac-addr — The 48-bit MAC address for the virtual router instance in the form aa:bb:cc:dd:ee:ff or

aa-bb-cc-dd-ee-ff where aa, bb, cc, dd, ee and ff are hexadecimal numbers. Allowed values are

any non-broadcast, non-multicast MAC, and non-IEEE reserved MAC addresses.

master-int-inherit

Syntax

Context

[no] master-int-inherit

config>router>if>vrrp

Description

This command enables the virtual router instance to inherit the master VRRP router’s advertisement

interval timer which is used by backup routers to calculate the master down timer.

The master-int-inherit command is only available in the non-owner nodal context and is used to

allow the current virtual router instance master to dictate the master down timer for all backup virtual

routers. The master-int-inherit command has no effect when the virtual router instance is operating

as master.

If master-int-inherit is not enabled, the locally configured message-interval must match the

master’s VRRP advertisement message advertisement interval field value or the message is

discarded.

The no form of the command restores the default operating condition which requires the locally

configured message-interval to match the received VRRP advertisement message advertisement

interval field value.

Default

no master-int-inherit - The virtual router instance does not inherit the master VRRP router’s

advertisement interval timer and uses the locally configured message interval.

7750 SR OS Router Configuration Guide

Page 233

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

message-interval

Syntax

message-interval {[seconds] [milliseconds milliseconds]}

no message-interval

Context

config>router>if>vrrp

Description

This command configures the administrative advertisement message timer used by the master virtual

router instance to send VRRP advertisement messages and to derive the master down timer as

backup.

For an owner virtual router instance, the administrative advertisement timer directly sets the

operational advertisement timer and indirectly sets the master down timer for the virtual router

instance.

Non-owner virtual router instances usage of the message-interval setting is dependent on the state of

the virtual router (master or backup) and the state of the master-int-inherit parameter.

• When a non-owner is operating as master for the virtual router, the configured message-interval

is used as the operational advertisement timer similar to an owner virtual router instance. The

master-int-inherit command has no effect when operating as master.

• When a non-owner is in the backup state with master-int-inherit disabled, the configured mes-

sage-interval value is used to match the incoming VRRP advertisement message advertisement

interval field. If the locally configured message interval does not match the advertisement inter-

val field, the VRRP advertisement is discarded.

• When a non-owner is in the backup state with master-int-inherit enabled, the configured mes-

sage-interval is ignored. The master down timer is indirectly derived from the incoming VRRP

advertisement message advertisement interval field value.

The in-use value of the message interval is used to derive the master down timer to be used when the

virtual router is operating in backup mode based on the following formula:

(3x (in-use message interval) + (((256 - (in-use priority)) / 256) x ((256 - (in-use priority)) / 256)

The (in-use priority / 256) portion of the equation is the skew-time used to slow down virtual routers

with relatively low priority values when competing in the master election process.

The command is available in both non-owner and owner vrrp nodal contexts.

By default, a message-interval of 1 second is used.

The no form of the command reverts to the default value.

Default

1 - advertisement timer set to 1 second

Parameters

seconds — The number of seconds that will transpire before the advertisement timer expires

expressed as a decimal integer.

Values

1 — 255

milliseconds milliseconds — Specifies the time interval, in milliseconds, between sending

advertisement messages.

Values

100 — 900

Page 234

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

policy

Syntax

policy vrrp-policy-id

no policy

Context

config>router>if>vrrp

Description

This command adds a VRRP priority control policy association with the virtual router instance.

To further augment the virtual router instance base priority, VRRP priority control policies can be

used to override or adjust the base priority value depending on events or conditions within the chassis.

The policy can be associated with more than one virtual router instance. The priority events within the

policy either override or diminish the base priority set with the priority command dynamically

affecting the in-use priority. As priority events clear in the policy, the in-use priority can eventually be

restored to the base priority value.

The policy command is only available in the non-owner vrrp nodal context. The priority of owner

virtual router instances is permanently set to 255 and cannot be changed by VRRP priority control

policies. For non-owner virtual router instances, if the policy command is not executed, the base

priority is used as the in-use priority.

The no form of the command removes existing VRRP priority control policy associations from the

virtual router instance. All associations must be removed prior to deleting the policy from the system.

Default

no policy - No VRRP priority control policy is associated with the virtual router instance.

Parameters

vrrp-policy-id — The policy ID of the VRRP priority control expressed as a decimal integer. The

vrrp-policy-id must already exist for the command to function.

Values

1 — 9999

preempt

Syntax

Context

[no] preempt

config>router>if>vrrp

Description

This command enables the overriding of an existing VRRP master if the virtual router’s in-use

priority is higher than the current master.

The priority of the non-owner virtual router instance, the preempt mode allows the best available

virtual router to force itself as the master over other available virtual routers.

When preempt is enabled, the virtual router instance overrides any non-owner master with an in-use

message priority value less than the virtual router instance in-use priority value. If preempt is

disabled, the virtual router only becomes master if the master down timer expires before a VRRP

advertisement message is received from another virtual router.

Enabling preempt mode improves the effectiveness of the base priority and the VRRP priority

control policy mechanisms on the virtual router instance. If the virtual router cannot preempt an

existing non-owner master, the affect of the dynamic changing of the in-use priority is diminished.

The preempt command is only available in the non-owner vrrp nodal context. The owner may not be

preempted because the priority of non-owners can never be higher than the owner. The owner always

preempts all other virtual routers when it is available.

7750 SR OS Router Configuration Guide

Page 235

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Non-owner virtual router instances only preempt when preempt is set and the current master has an

in-use message priority value less than the virtual router instances in-use priority.

A master non-owner virtual router only allows itself to be preempted when the incoming VRRP

advertisement message priority field value is one of the following:

• Greater than the virtual router in-use priority value.

• Equal to the in-use priority value and the source IP address (primary IP address) is greater than

the virtual router instance primary IP address.

By default, preempt mode is enabled on the virtual router instance.

The no form of the command disables preempt mode and prevents the non-owner virtual router

instance from preempting another, less desirable virtual router.

Default

preempt - The preempt mode enabled on the virtual router instance where it will preempt a

VRRP master with a lower priority.

priority

Syntax

priority base-priority

no priority

Context

config>router>if>vrrp

Description

This command configures the base router priority for the virtual router instance used in the master

election process.

The priority is the most important parameter set on a non-owner virtual router instance. The priority

defines a virtual router’s selection order in the master election process. Together, the priority value

and the preempt mode allow the virtual router with the best priority to become the master virtual

router.

The base-priority is used to derive the in-use priority of the virtual router instance as modified by any

optional VRRP priority control policy. VRRP priority control policies can be used to either override

or adjust the base priority value depending on events or conditions within the chassis.

The priority command is only available in the non-owner vrrp nodal context. The priority of owner

virtual router instances is permanently set to 255 and cannot be changed.

For non-owner virtual router instances, the default base priority value is 100.

The no form of the command reverts to the default value.

Default

100 - virtual router base priority set to 100

Parameters

base-priority — The base priority used by the virtual router instance expressed as a decimal integer.

If no VRRP priority control policy is defined, the base-priority is the in-use priority for the

virtual router instance.

Values

1 — 254

Page 236

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

ping-reply

Syntax

[no] ping-reply

Context

config>router>if>vrrp

Description

This command enables the non-owner master to reply to ICMP echo requests directed at the vritual

router instances IP addresses.

Non-owner virtual router instances are limited by the VRRP specifications to responding to ARP

requests destined to the virtual router IP addresses and routing IP packets not addressed to the virtual

router IP addresses. Many network administrators find this limitation frustrating when

troubleshooting VRRP connectivity issues.

7750 SR OS allows this access limitation to be selectively lifted for certain applications. Ping, Telnet

and SSH can be individually enabled or disabled on a per-virtual-router-instance basis.

The ping-reply command enables the non-owner master to reply to ICMP echo requests directed at

the virtual router instances IP addresses. The Ping request can be received on any routed interface.

Ping must not have been disabled at the management security level (either on the parental IP interface

or based on the Ping source host address).

When ping-reply is not enabled, ICMP echo requests to non-owner master virtual IP addresses are

silently discarded.

Non-owner backup virtual routers never respond to ICMP echo requests regardless of the ping-reply

setting.

The ping-reply command is only available in non-owner vrrp nodal context.

By default, ICMP echo requests to the virtual router instance IP addresses are silently discarded.

The no form of the command configures discarding all ICMP echo request messages destined to the

non-owner virtual router instance IP addresses.

Default

no ping-reply - ICMP echo requests to the virtual router instance IP addresses are discarded.

shutdown

Syntax

Context

[no] shutdown

config>router>if>vrrp

Description

This command administratively disables an entity. When disabled, an entity does not change, reset, or

remove any configuration settings or statistics.

The operational state of the entity is disabled as well as the operational state of any entities contained

within. Many objects must be shut down before they may be deleted.

The no form of this command administratively enables an entity.

Special Cases

Non-Owner Virtual Router — Non-owner virtual router instances can be administratively

shutdown. This allows the termination of VRRP participation in the virtual router and stops all

routing and other access capabilities with regards to the virtual router IP addresses. Shutting down the

virtual router instance provides a mechanism to maintain the virtual routers without causing false

backup/master state changes.

7750 SR OS Router Configuration Guide

Page 237

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

If the shutdown command is executed, no VRRP advertisement messages are generated and all

received VRRP advertisement messages are silently discarded with no processing.

By default, virtual router instances are created in the no shutdown state.

Whenever the administrative state of a virtual router instance transitions, a log message is generated.

Whenever the operational state of a virtual router instance transitions, a log message is generated.

Owner Virtual Router — An owner virtual router context does not have a shutdown command.

To administratively disable an owner virtual router instance, use the shutdown command within the

parent IP interface node which administratively downs the IP interface.

ssh-reply

Syntax

[no] ssh-reply

Context

config>router>if>vrrp

Description

This command enables the non-owner master to reply to SSH requests directed at the virtual router

instance IP addresses.

Non-owner virtual router instances are limited by the VRRP specifications to responding to ARP

requests destined to the virtual router IP addresses and routing IP packets not addressed to the virtual

router IP addresses.

This limitation can be disregarded for certain applications. Ping, Telnet and SSH can be individually

enabled or disabled on a per-virtual-router-instance basis.

The ssh-reply command enables the non-owner master to reply to SSH requests directed at the

virtual router instances IP addresses. The SSH request can be received on any routed interface. SSH

must not have been disabled at the management security level (either on the parental IP interface or

based on the SSH source host address). Proper login and CLI command authentication is still

enforced.

When ssh-reply is not enabled, SSH requests to non-owner master virtual IP addresses are silently

discarded.

Non-owner backup virtual routers never respond to SSH requests regardless of the ssh-reply setting.

The ssh-reply command is only available in non-owner vrrp nodal context.

By default, SSH requests to the virtual router instance IP addresses are silently discarded.

The no form of the command discards all SSH request messages destined to the non-owner virtual

router instance IP addresses.

Default

no ssh-reply - SSH requests to the virtual router instance IP addresses are discarded.

Page 238

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

standby-forwarding

Syntax

Context

[no] standby-forwarding

config>router>if>vrrp

Description

This command specifies whether this VRRP instance allows forwarding packets to a standby router.

When disabled, a standby router should not forward traffic sent to virtual router's MAC address.

However, the standby router should forward traffic sent to the standby router’s real MAC address.

When enabled, a standby router should forward all traffic.

telnet-reply

Syntax

Context

[no] telnet-reply

config>router>if>vrrp

Description

This command enables the non-owner master to reply to TCP port 23 Telnet requests directed at the

virtual router instances’ IP addresses.

Non-owner virtual router instances are limited by the VRRP specifications to responding to ARP

requests destined to the virtual router IP addresses and routing IP packets not addressed to the virtual

router IP addresses. Many network administrators find this limitation frustrating when

troubleshooting VRRP connectivity issues.

This limitation can be disregarded for certain applications. Ping, SSH and Telnet can each be

individually enabled or disabled on a per-virtual-router-instance basis.

The telnet-reply command enables the non-owner master to reply to Telnet requests directed at the

virtual router instances’ IP addresses. The Telnet request can be received on any routed interface.

Telnet must not have been disabled at the management security level (either on the parental IP

interface or based on the Telnet source host address). Proper login and CLI command authentication

is still enforced.

When telnet-reply is not enabled, Telnet requests to non-owner master virtual IP addresses are

silently discarded.

Non-owner backup virtual routers never respond to Telnet requests regardless of the telnet-reply

setting.

The telnet-reply command is only available in non-owner vrrp nodal context.

By default, Telnet requests to the virtual router instance IP addresses will be silently discarded.

The no form of the command configures discarding all Telnet request messages destined to the non-

owner virtual router instance IP addresses.

Default

no telnet-reply - Telnet requests to the virtual router instance IP addresses are discarded.

7750 SR OS Router Configuration Guide

Page 239

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

traceroute-reply

Syntax

Context

[no] traceroute-reply

config>router>if>vrrp

Description

This command is valid only if the VRRP virtual router instance associated with this entry is a non-

owner.

When this command is enabled, a non-owner master can reply to traceroute requests directed to the

virtual router instance IP addresses.

A non-owner backup virtual router never responds to such traceroute requests regardless of the trace-

route-reply status.

Default

Syntax

no traceroute-reply

vrrp

vrrp vrid [owner]

no vrrp vrid

Context

config>router>interface ip-int-name

Description

This command creates the context to configure a VRRP virtual router instance. A virtual router is

defined by its virtual router identifier (VRID) and a set of IP addresses.

The optional owner keyword indicates that the owner controls the IP address of the virtual router and

is responsible for forwarding packets sent to this IP address. The owner assumes the role of the

master virtual router.

All other virtual router instances participating in this message domain must have the same vrid

configured and cannot be configured as owner. Once created, the owner keyword is optional when

entering the vrid for configuration purposes.

A vrid is internally associated with the IP interface. This allows the vrid to be used on multiple IP

interfaces while representing different virtual router instances.

Up to four vrrp vrid nodes can be defined on an IP interface. Any or all may be defined as owner.

The nodal context of vrrp is used to define the configuration parameters for the vrid.

The no form of the command removes the specified vrid from the IP interface. This terminates VRRP

participation and deletes all references to the vrid in conjunction with the IP interface. The vrid does

not need to be shutdown to remove the virtual router instance.

Special Cases

Virtual Router Instance Owner IP Address Conditions — It is possible for the virtual router

instance owner to be created prior to assigning the parent IP interface primary or secondary IP

addresses. When this is the case, the virtual router instance is not associated with an IP address. The

operational state of the virtual router instance is down. Once the virtual router instance is created, an

advertise exclude list may be created, listing parent IP interface IP addresses that will not be

advertised in VRRP advertisement messages. The advertise exclude list allows the advertised IP

address list to be a subset of the parent IP addresses. This provides a method where non-owner virtual

routers backing up the owner may be configured with a subset of virtual router IP addresses and

while enabling IP address list match verification.

Page 240

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

VRRP Owner Command Exclusions — By specifying the VRRP vrid as owner, The following

commands are no longer available:

• vrrp mismatch-discard — Owner virtual router instances do not accept VRRP advertisement

messages; IP address mismatches are not checked or logged.

• vrrp priority — The virtual router instance owner is hard-coded with a priority value of 255

and cannot be changed.

• vrrp master-int-inherit — Owner virtual router instances do not accept VRRP advertisement

messages; the advertisement interval field is not evaluated and cannot be inherited.

• ping-reply, telnet-reply and ssh-reply — The owner virtual router instance always allows Ping,

Telnet and SSH if the management and security parameters are configured to accept them on the

parent IP interface.

• vrrp shutdown — The owner virtual router instance cannot be shutdown in the vrrp node. If

this was allowed, VRRP messages would not be sent, but the parent IP interface address would

continue to respond to ARPs and forward IP packets. Another virtual router instance may detect

the missing master due to the termination of VRRP advertisement messages and become master.

This would cause two routers responding to ARP requests for the same IP addresses. To shut-

down the owner virtual router instance, use the shutdown command in the parent IP interface

context. This will prevent VRRP participation, IP ARP reply and IP forwarding. To continue par-

ent IP interface ARP reply and forwarding without VRRP participation, remove the vrrp vrid

instance.

Default

no vrrp - No VRRP virtual router instance is associated with the IP interface.

Parameters

vrid — The virtual router ID for the IP interface expressed as a decimal integer.

Values

1 — 255

owner — Identifies this virtual router instance as owning the virtual router IP addresses. If the owner

keyword is not specified at the time of vrid creation, the vrrp backup commands must be

specified to define the virtual router IP addresses. The owner keyword is not required when

entering the vrid for editing purposes. Once created as owner, a vrid on an IP interface cannot

have the owner parameter removed. The vrid must be deleted and than recreated without the

owner keyword to remove ownership.

7750 SR OS Router Configuration Guide

Page 241

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Priority Policy Commands

delta-in-use-limit

Syntax

delta-in-use-limit in-use-priority-limit

no delta-in-use-limit

Context

config>vrrp>policy vrrp-policy-id

Description

This command sets a lower limit on the virtual router in-use priority that can be derived from the

delta priority control events.

Each vrrp-priority-id places limits on the delta priority control events to define the in-use priority of

the virtual router instance. Setting this limit prevents the sum of the delta priority events from

lowering the in-use priority value of the associated virtual router instances below the configured

value.

The limit has no effect on explicit priority control events. Explicit priority control events are

controlled by setting the in-use priority to any value between 1 and 254.

Only non-owner virtual router instances can be associated with VRRP priority control policies and

their priority control events.

Once the total sum of all delta events is calculated and subtracted from the base priority of the virtual

router instance, the result is compared to the delta-in-use-limit value. If the result is less than the

limit, the delta-in-use-limit value is used as the virtual router in-use priority value. If an explicit

priority control event overrides the delta priority control events, the delta-in-use-limit has no effect.

Setting the limit to a higher value than the default of 1 limits the effect of the delta priority control

events on the virtual router instance base priority value. This allows for multiple priority control

events while minimizing the overall effect on the in-use priority.

Changing the in-use-priority-limit causes an immediate re-evaluation of the in-use priority values for

all virtual router instances associated with this vrrp-policy-id based on the current sum of all active

delta control policy events.

The no form of the command reverts to the default value.

Default

1 - The lower limit of 1 for the in-use priority, as modified, by delta priorty control events.

Parameters

in-use-priority-limit — The lower limit of the in-use priority base, as modified by priority control

policies. The in-use-priority-limit has the same range as the non-owner virtual router instance

base-priority parameter. If the result of the total delta priority control events minus the virtual

router instances base-priority, is less than the in-use-priority-limit, the in-use-priority-limit value

is used as the virtual router instances in-use priority value.

Setting the in-use-priority-limit to a value equal to or larger than the virtual router instance base-

priority prevents the delta priority control events from having any effect on the virtual router

instance in-use priority value.

Values

1 — 254

Page 242

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

description

Syntax

description string

no description

Context

config>vrrp>policy vrrp-policy-id

Description

This command creates a text description stored in the configuration file for a configuration context.

The description command associates a text string with a configuration context to help identify the

content in the configuration file.

The no form of the command removes the string from the configuration.

Default

No text description is associated with this configuration. The string must be entered.

Parameters

string — The description character string. Allowed values are any string up to 80 characters long

composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $,

spaces, etc.), the entire string must be enclosed within double quotes.

policy

Syntax

policy policy-id [context service-id]

no policy policy-id

Context

config>vrrp

Description

This command creates the context to configure a VRRP priority control policy which is used to

control the VRRP in-use priority based on priority control events. It is a parental node for the various

VRRP priority control policy commands that define the policy parameters and priority event

conditions.

The virtual router instance priority command defines the initial or base value to be used by non-

owner virtual routers. This value can be modified by assigning a VRRP priority control policy to the

virtual router instance. The VRRP priority control policy can override or diminish the base priority

setting to establish the actual in-use priority of the virtual router instance.

The policy policy-id command must be created first, before it can be associated with a virtual router

instance.

Because VRRP priority control policies define conditions and events that must be maintained, they

can be resource intensive. The number of policies is limited to 1000.

The policy-id do not have to be consecutive integers. The range of available policy identifiers is from

1 to 9999.

The no form of the command deletes the specific policy-id from the system.

The policy-id must be removed first from all virtual router instances before the no policy command

can be issued. If the policy-id is associated with a virtual router instance, the command will fail.

Default

no policy - No VRRP priority control policies are defined.

7750 SR OS Router Configuration Guide

Page 243

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

vrrp-policy-id — The VRRP priority control ID expressed as a decimal integer that uniquely

identifies this policy from any other VRRP priority control policy defined on the system. Up to

1000 policies can be defined.

Values

1 — 9999

context service-id — Specifies the service ID to which this policy applies. A value of zero (0) means

that this policy does not apply to a service but applies to the base router instance.

Values

1 — 2147483647

priority-event

Syntax

Context

[no] priority-event

config>vrrp>policy vrrp-priority-id

Description

This command creates the context to configure VRRP priority control events used to define criteria to

modify the VRRP in-use priority.

A priority control event specifies an object to monitor and the effect on the in-use priority level for an

associated virtual router instance.

Up to 32 priority control events can be configured within the priority-event node.

The no form of the command clears any configured priority events.

Page 244

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Priority Policy Event Commands

hold-clear

Syntax

hold-clear seconds

no hold-clear

Context

config>vrrp>policy vrrp-policy-id>priority-event>port-down

config>vrrp>policy vrrp-policy-id>priority-event>lag-port-down

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown

Description

This command configures the hold clear time for the event. The seconds parameter specifies the hold-

clear time, the amount of time in seconds by which the effect of a cleared event on the associated

virtual router instance is delayed.

The hold-clear time is used to prevent black hole conditions when a virtual router instance advertises

itself as a master before other conditions associated with the cleared event have had a chance to enter

a forwarding state.

Default

no hold-clear

Parameters

seconds — Specifies the amount of time in seconds by which the effect of a cleared event on the

associated virtual router instance is delayed.

Values

0 — 86400

hold-set

Syntax

hold-set seconds

no hold-set

Context

config>vrrp>policy vrrp-policy-id>priority-event>host-unreachable

config>vrrp>policy vrrp-policy-id>priority-event>lag-port-down

config>vrrp>policy vrrp-policy-id>priority-event>port-down

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown

Description

This command specifies the amount of time that must pass before the set state for a VRRP priority

control event event can transition to the cleared state to dampen flapping events. A flapping event

continually transitions between clear and set.

The hold-set command is used to dampen the effect of a flapping event. The hold-set value is loaded

into a hold set timer that prevents a set event from transitioning to the cleared state until it expires.

Each time an event transitions between cleared and set, the timer is loaded and begins a countdown to

zero. When the timer reaches zero, the event is allowed to enter the cleared state. Entering the cleared

state is dependent on the object controlling the event, conforming to the requirements defined in the

event itself. It is possible, on some event types, to have another set action reload the hold-set timer.

This extends the amount of time that must expire before entering the cleared state.

Once the hold set timer expires and the event meets the cleared state requirements or is set to a lower

threshold, the current set effect on the virtual router instances in-use priority can be removed. As with

7750 SR OS Router Configuration Guide

Page 245

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

lag-port-down events, this may be a decrease in the set effect if the clearing amounts to a lower set

threshold.

The hold-set command can be executed at anytime. If the hold-set timer value is configured larger

than the new seconds setting, the timer is loaded with the new hold-set value.

The no form of the command reverts the default value.

Default

0 - The hold-set timer is disabled so event transitions are processed immediately.

Parameters

seconds — The number of seconds that the hold set timer waits after an event enters a set state or

enters a higher threshold set state, depending on the event type.

The value of 0 disables the hold set timer, preventing any delay in processing lower set

thresholds or cleared events.

Values

0 — 86400

priority

Syntax

priority priority-level [{delta | explicit}]

no priority

Context

config>vrrp>policy vrrp-policy-id>priority-event>host-unreachable ip-addr

config>vrrp>policy vrrp-policy-id>priority-event>lag-port-down lag-id>number-

down number-of-lag-ports-down

config>vrrp>policy vrrp-policy-id>priority-event>port-down port-id[.channel-id]

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown prefix/mask-length

Description

This command controls the effect the set event has on the virtual router instance in-use priority.

When the event is set, the priority-level is either subtracted from the base priority of each virtual

router instance or it defines the explicit in-use priority value of the virtual router instance depending

on whether the delta or explicit keywords are specified.

Multiple set events in the same policy have interaction constraints:

• If any set events have an explicit priority value, all the delta priority values are ignored.

• The set event with the lowest explicit priority value defines the in-use priority that are used by

all virtual router instances associated with the policy.

• If no set events have an explicit priority value, all the set events delta priority values are added

and subtracted from the base priority value defined on each virtual router instance associated

with the policy.

• If the delta priorities sum exceeds the delta-in-use-limit parameter, then the delta-in-use-limit

parameter is used as the value subtracted from the base priority value defined on each virtual

router instance associated with the policy.

If the priority command is not configured on the priority event, the priority-value defaults to 0 and

the qualifier keyword defaults to delta, thus, there is no impact on the in-use priority.

The no form of the command reverts to the default values.

Default

0 delta - The set event will subtract 0 from the base priority (no effect).

Page 246

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Parameters

priority-level — The priority level adjustment value expressed as a decimal integer.

Values 0 — 254

delta | explicit — Configures what effect the priority-level will have on the base priority value.

When delta is specified, the priority-level value is subtracted from the associated virtual router

instance’s base priority when the event is set and no explicit events are set. The sum of the

priority event priority-level values on all set delta priority events are subtracted from the virtual

router base priority to derive the virtual router instance in-use priority value. If the delta priority

event is cleared, the priority-level is no longer used in the in-use priority calculation.

When explicit is specified, the priority-level value is used to override the base priority of the

virtual router instance if the priority event is set and no other explicit priority event is set with a

lower priority-level. The set explicit priority value with the lowest priority-level determines the

actual in-use protocol value for all virtual router instances associated with the policy.

Default

Values

delta

delta, explicit

7750 SR OS Router Configuration Guide

Page 247

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Priority Policy Port Down Event Commands

port-down

Syntax

Context

[no] port-down port-id

config>vrrp>policy>priority-event

Description

This command configures a port down priority control event that monitors the operational state of a

port or SONET/SDH channel. When the port or channel enters the operational down state, the event

is considered set. When the port or channel enters the operational up state, the event is considered

cleared.

Multiple unique port-down event nodes can be configured within the priority-event context up to

the overall limit of 32 events. Up to 32 events can be defined in any combination of types.

The port-down command can reference an arbitrary port or channel. The port or channel does not

need to be pre-provisioned or populated within the system. The operational state of the port-down

event will indicate:

• Set – non-provisioned

• Set – not populated

• Set – down

• Cleared – up

When the port or channel is provisioned, populated, or enters the operationally up or down state, the

event operational state is updated appropriately.

When the event enters the operationally down, non-provisioned, or non-populated state, the event is

considered to be set. When an event transitions from clear to set, the set is processed immediately and

must be reflected in the associated virtual router instances in-use priority value. As the event

transitions from cleared to set, a hold set timer is loaded with the value configured by the events

hold-set command. This timer prevents the event from clearing until it expires, damping the effect of

event flapping. If the event clears and becomes set again before the hold set timer expires, the timer is

reset to the hold-set value, extending the time before another clear can take effect.

When the event enters the operationally up state, the event is considered to be cleared. Once the

events hold-set expires, the effects of the events priority value are immediately removed from the

in-use priority of all associated virtual router instances.

The actual effect on the virtual router instance in-use priority value depends on the defined event

priority and its delta or explicit nature.

The no form of the command deletes the specific port or channel monitoring event. The event may be

removed at anytime. When the event is removed, the in-use priority of all associated virtual router

instances will be re-evaluated. The events hold-set timer has no effect on the removal procedure.

Default

no port-down - No port down priority control events are defined.

Parameters

port-id — The port ID of the port monitored by the VRRP priority control event.

The port-id can only be monitored by a single event in this policy. The port can be monitored by

multiple VRRP priority control policies. A port and a specific channel on the port are considered

Page 248

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

to be separate entities. A port and a channel on the port can be monitored by separate events in

the same policy.

Values

port-id

slot/mda/port[.channel]

aps-id aps-group-id[.channel]

aps

group-id

keyword

1 — 64

bundle-type-slot/mda.<bundle-num>

bundle

type

keyword

ima, ppp

bundle-num 1 —128

ccag-id

ccag-id. path-id[cc-type]

ccag

keyword

1 — 8

path-id

cc-type

a, b

.sap-net, .net-sap

Values

.channel

The POS channel on the port monitored by the VRRP priority control event. The port-

id.channel-id can only be monitored by a single event in this policy. The channel can be

monitored by multiple VRRP priority control policies. A port and a specific channel on the port

are considered to be separate entities. A port and a channel on the port can be monitored by

separate events in the same policy.

If the port is provisioned, but the channel does not exist or the port has not been populated, the

appropriate event operational state is Set – non-populated.

If the port is not provisioned, the event operational state is Set – non-provisioned.

If the POS interface is configured as a clear-channel, the channel-id is 1 and the channel

bandwidth is the full bandwidth of the port.

7750 SR OS Router Configuration Guide

Page 249

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Priority Policy LAG Events Commands

lag-port-down

Syntax

Context

[no] lag-port-down lag-id

config>vrrp>policy vrrp-policy-id>priority-event

Description

This command creates the context to configure Link Aggregation Group (LAG) priority control

events that monitor the operational state of the links in the LAG.

The lag-port-down command configures a priority control event. The event monitors the operational

state of each port in the specified LAG. When one or more of the ports enter the operational down

state, the event is considered to be set. When all the ports enter the operational up state, the event is

considered to be clear. As ports enter the operational up state, any previous set threshold that

represents more down ports is considered cleared, while the event is considered to be set.

Multiple unique lag-port-down event nodes can be configured within the priority-event node up to

the maximum of 32 events.

The lag-port-down command can reference an arbitrary LAG. The lag-id does have to already exist

within the system. The operational state of the lag-port-down event will indicate:

• Set – non-existent

• Set – one port down

• Set – two ports down

• Set – three ports down

• Set – four ports down

• Set – five ports down

• Set – six ports down

• Set – seven ports down

• Set – eight ports down

• Cleared – all ports up

When the lag-id is created, or a port in lag-id becomes operationally up or down, the event

operational state must be updated appropriately.

When one or more of the LAG composite ports enters the operationally down state or the lag-id is

deleted or does not exist, the event is considered to be set. When an event transitions from clear to

set, the set is processed immediately and must be reflected in the associated virtual router instances

in-use priority value. As the event transitions from clear to set, a hold set timer is loaded with the

value configured by the events hold-set command. This timer prevents the event from clearing until

it expires, damping the effect of event flapping. If the event clears and becomes set again before the

hold set timer expires, the timer is reset to the hold-set value, extending the time before another clear

can take effect.

The lag-port-down event is considered to have a tiered event set state. While the priority impact per

number of ports down is totally configurable, as more ports go down, the effect on the associated

virtual router instances in-use priority is expected to increase (lowering the priority). When each

Page 250

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

configured threshold is crossed, any higher thresholds are considered further event sets and are

processed immediately with the hold set timer reset to the configured value of the hold-set command.

As the thresholds are crossed in the opposite direction (fewer ports down then previously), the

priority effect of the event is not processed until the hold set timer expires. If the number of ports

down threshold again increases before the hold set timer expires, the timer is only reset to the hold-

set value if the number of ports down is equal to or greater than the threshold that set the timer.

The event contains number-down nodes that define the priority delta or explicit value to be used

based on the number of LAG composite ports that are in the operationally down state. These nodes

represent the event set thresholds. Not all port down thresholds must be configured. As the number of

down ports increase, the number-down ports-down node that expresses a value equal to or less than

the number of down ports describes the delta or explicit priority value to be applied.

The no form of the command deletes the specific LAG monitoring event. The event can be removed

at anytime. When the event is removed, the in-use priority of all associated virtual router instances

must be reevaluated. The events hold-set timer has no effect on the removal procedure.

Default

no lag-port-down - No LAG priority control events are created.

Parameters

lag-id — The LAG ID that the specific event is to monitor expressed as a decimal integer. The lag-id

can only be monitored by a single event in this policy. The LAG may be monitored by multiple

VRRP priority control policies. A port within the LAG and the LAG ID itself are considered to

be separate entities. A composite port may be monitored with the port-down event while the lag-

id the port is in is monitored by a lag-port-down event in the same policy.

Values

1 — 200

number-down

Syntax

Context

[no] number-down number-of-lag-ports-down

config>vrrp>policy vrrp-policy-id>priority-event>lag-port-down lag-id

Description

This command creates a context to configure an event set threshold within a lag-port-down priority

control event.

The number-down command defines a sub-node within the lag-port-down event and is uniquely

identified with the number-of-lag-ports-down parameter. Each number-down node within the same

lag-port-down event node must have a unique number-of-lag-ports-down value. Each number-

down node has its own priority command that takes effect whenever that node represents the current

threshold.

The total number of sub-nodes (uniquely identified by the number-of-lag-ports-down parameter)

allowed in a single lag-port-down event is equal to the total number of possible physical ports

allowed in a LAG.

A number-down node is not required for each possible number of ports that could be down. The

active threshold is always the closest lower threshold. When the number of ports down equals a given

threshold, that is the active threshold.

The no form of the command deletes the event set threshold. The threshold may be removed at any

time. If the removed threshold is the current active threshold, the event set thresholds must be re-

evaluated after removal.

Default

no number-down - No threshold for the LAG priority event is created.

7750 SR OS Router Configuration Guide

Page 251

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

Parameters

number-of-lag-ports-down — The number of LAG ports down to create a set event threshold. This is

the active threshold when the number of down ports in the LAG equals or exceeds number-of-

lag-ports-down, but does not equal or exceed the next highest configured number-of-lag-ports-

down.

Values

1 — 8

Page 252

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Priority Policy Host Unreachable Event Commands

drop-count

Syntax

drop-count consecutive-failures

no drop-count

Context

config>vrrp vrrp-policy-id>priority-event>host-unreachable ip-addr

Description

This command configures the number of consecutively sent ICMP echo request messages that must

fail before the host unreachable priority control event is set.

The drop-count command is used to define the number of consecutive message send attempts that

must fail for the host-unreachable priority event to enter the set state. Each unsuccessful attempt

increments the event’s consecutive message drop counter. With each successful attempt, the event’s

consecutive message drop counter resets to zero.

If the event’s consecutive message drop counter reaches the drop-count value, the host-unreachable

priority event enters the set state.

The event’s hold-set value defines how long the event must stay in the set state even when a

successful message attempt clears the consecutive drop counter. The event is not cleared until the

consecutive drop counter is less than the drop-count value and the hold-set timer has a value of zero

(expired).

The no form of the command reverts to the default value.

Default

3 — 3 consecutive ICMP echo request failures are required before the host unreachable priority

control event is set.

Parameters

consecutive-failures — The number of ICMP echo request message attempts that must fail for the

event to enter the set state. It also defines the threshold so a lower consecutive number of failures

can clear the event state.

Values

1 — 60

host-unreachable

Syntax

Context

[no] host-unreachable ip-addr

config>vrrp vrrp-policy-id>priority-event

Description

This command creates the context to configure a host unreachable priority control event to monitor

the ability to receive ICMP echo reply packets from an IP host address.

A host unreachable priority event creates a continuous ICMP echo request (ping) probe to the

specified ip-addr. If a ping fails, the event is considered to be set. If a ping is successful, the event is

considered to be cleared.

Multiple unique (different ip-addr) host-unreachable event nodes can be configured within the

priority-event node to a maximum of 32 events.

7750 SR OS Router Configuration Guide

Page 253

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

The host-unreachable command can reference any valid local or remote IP address. The ability to

ARP a local IP address or find a remote IP address within a route prefix in the route table is

considered part of the monitoring procedure. The host-unreachable priority event operational state

tracks ARP or route table entries dynamically appearing and disappearing from the system. The

operational state of the host-unreachable event can be one of the following:

Host Unreachable

Operational State

Description

Set – no ARP

No ARP address found for ip-addr for drop-count consecutive

attempts. Only applies when IP address is considered local.

Set – no route

No route exists for ip-addr for drop-count consecutive attempts. Only

when IP address is considered remote.

Set – host unreachable

ICMP host unreachable message received for drop-count consecutive

attempts.

Set – no reply

ICMP echo request timed out for drop-count consecutive attempts.

Set – reply received

Last ICMP echo request attempt received an echo reply but historically

not able to clear the event.

Cleared – no ARP

No ARP address found for ip-addr - not enough failed attempts to set

the event.

Cleared – no route

No route exists for ip-addr - not enough failed attempts to set the event.

Cleared – host

unreachable

ICMP host unreachable message received - not enough failed attempts

to set the event.

Cleared – no reply

ICMP echo request timed out - not enough failed attempts to set the

event.

Cleared – reply

received

Event is cleared - last ICMP echo request received an echo reply.

Unlike other priority event types, the host-unreachable priority event monitors a repetitive task. A

historical evaluation is performed on the success rate of receiving ICMP echo reply messages. The

operational state takes its cleared and set orientation from the historical success rate. The

informational portion of the operational state is derived from the last attempt’s result. It is possible

for the previous attempt to fail while the operational state is still cleared due to an insufficient number

of failures to cause it to become set. It is also possible for the state to be set while the previous

attempt was successful.

When an event transitions from clear to set, the set is processed immediately and must be reflected in

the associated virtual router instances in-use priority value. As the event transitions from clear to set,

a hold set timer is loaded with the value configured by the events hold-set command. This timer

prevents the event from clearing until it expires, damping the effect of event flapping. If the event

clears and becomes set again before the hold set timer expires, the timer is reset to the hold-set value,

extending the time before another clear can take effect.

The hold-set timer be expired and the historical success rate must be met prior to the event

operational state becoming cleared.

Page 254

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

The no form of the command deletes the specific IP host monitoring event. The event may be deleted

at anytime. When the event is deleted, the in-use priority of all associated virtual router instances

must be reevaluated. The event’s hold-set timer has no effect on the removal procedure.

Default

no host-unreachable - No host unreachable priority events are created.

Parameters

ip-addr — The IP address of the host for which the specific event will monitor connectivity. The ip-

addr can only be monitored by a single event in this policy. The IP address can be monitored by

multiple VRRP priority control policies. The IP address can be used in one or multiple ping

requests. Each VRRP priority control host-unreachable and ping destined to the same ip-addr is

uniquely identified on a per message basis. Each session originates a unique identifier value for

the ICMP echo request messages it generates. This allows received ICMP echo reply messages to

be directed to the appropriate sending application.

Values

1.0.0.0 — 223.255.255.255

interval

Syntax

interval seconds

no interval

Context

config>vrrp vrrp-policy-id>priority-event>host-unreachable ip-addr

Description

This command configures the number of seconds between host unreachable priority event ICMP echo

request messages directed to the host IP address.

The no form of the command reverts to the default value.

Default

1 — 1 second between ICMP echo request messages to the target host.

Parameters

seconds — The number of seconds between the ICMP echo request messages sent to the host IP

address for the host unreachable priority event.

Values

1 — 60

timeout

Syntax

timeout seconds

no timeout

Context

config>vrrp vrrp-policy-id>priority-event>host-unreachable ip-addr

Description

This command defines the time, in seconds, that must pass before considering the far-end IP host

unresponsive to an outstanding ICMP echo request message.

The timeout value is not directly related to the configured interval parameter. The timeout value

may be larger, equal, or smaller, relative to the interval value.

If the timeout value is larger than the interval value, multiple ICMP echo request messages may be

outstanding. Every ICMP echo request message transmitted to the far end host is tracked individually

according to the message identifier and sequence number.

7750 SR OS Router Configuration Guide

Page 255

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

With each consecutive attempt to send an ICMP echo request message, the timeout timer is loaded

with the timeout value. The timer decrements until:

• An internal error occurs preventing message sending (request unsuccessful).

• An internal error occurs preventing message reply receiving (request unsuccessful).

• A required route table entry does not exist to reach the IP address (request unsuccessful).

• A required ARP entry does not exist and ARP request timed out (request unsuccessful).

• A valid reply is received (request successful).

Note that it is possible for a required ARP request to succeed or timeout after the message timeout

timer expires. In this case, the message request is unsuccessful.

If an ICMP echo reply message is not received prior to the timeout period for a given ICMP echo

request, that request is considered to be dropped and increments the consecutive message drop

counter for the priority event.

If an ICMP echo reply message with the same sequence number as an outstanding ICMP echo

request message is received prior to that message timing out, the request is considered successful.

The consecutive message drop counter is cleared and the request message no longer is outstanding.

If an ICMP Echo Reply message with a sequence number equal to an ICMP echo request sequence

number that had previously timed out is received, that reply is silently discarded while incrementing

the priority event reply discard counter.

The no form of the command reverts to the default value.

Default

1 — 1 second timeout to receive an ICMP echo reply in response to an ICMP echo request.

Parameters

seconds — The number of seconds before an ICMP echo request message is timed out. Once a

message is timed out, a reply with the same identifier and sequence number is discarded.

Values

1 — 60

Page 256

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Priority Policy Route Unknown Event Commands

less-specific

Syntax

Context

[no] less-specific [allow-default]

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown prefix/mask-length

Description

This command allows a CIDR shortest match hit on a route prefix that contains the IP route prefix

associated with the route unknown priority event.

The less-specific command modifies the search parameters for the IP route prefix specified in the

route-unknown priority event. Specifying less-specific allows a CIDR shortest match hit on a route

prefix that contains the IP route prefix.

The less-specific command eases the RTM lookup criteria when searching for the prefix/mask-length.

When the route-unknown priority event sends the prefix to the RTM (as if it was a destination

lookup), the result route table prefix (if a result is found) is checked to see if it is an exact match or a

less specific match. The less-specific command enables a less specific route table prefix to match the

configured prefix. When less-specific is not specified, a less specific route table prefix fails to match

the configured prefix. The allow-default optional parameter extends the less-specific match to

include the default route (0.0.0.0).

The no form of the command prevents RTM lookup results that are less specific than the route prefix

from matching.

Default

no less-specific — The route unknown priority events requires an exact prefix/mask match.

Parameters

allow-default — When the allow-default parameter is specified with the less-specific command, an

RTM return of 0.0.0.0 matches the IP prefix. If less-specific is entered without the allow-default

parameter, a return of 0.0.0.0 will not match the IP prefix. To disable allow-default, but continue

to allow less-specific match operation, only enter the less-specific command (without the allow-

default parameter).

next-hop

Syntax

Context

[no] next-hop ip-address

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown prefix/mask-length

Description

This command adds an allowed next hop IP address to match the IP route prefix for a route-unknown

priority control event.

If the next-hop IP address does not match one of the defined ip-addr, the match is considered

unsuccessful and the route-unknown event transitions to the set state.

The next-hop command is optional. If no next-hop ip-addr commands are configured, the

comparison between the RTM prefix return and the route-unknown IP route prefix are not included

in the next hop information.

7750 SR OS Router Configuration Guide

Page 257

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

When more than one next hop IP addresses are eligible for matching, a next-hop command must be

executed for each IP address. Defining the same IP address multiple times has no effect after the first

instance.

The no form of the command removes the ip-addr from the list of acceptable next hops when looking

up the route-unknown prefix. If this ip-addr is the last next hop defined on the route-unknown

event, the returned next hop information is ignored when testing the match criteria. If the ip-addr

does not exist, the no next-hop command returns a warning error, but continues to execute if part of

an exec script.

Default

no next-hop — No next hop IP address for the route unknown priority control event is defined.

Parameters

ip-address — The IP address for an acceptable next hop IP address for a returned route prefix from

the RTM when looking up the route-unknown route prefix.

Values

1.0.0.0 — 223.255.255.255

protocol

Syntax

protocol {bgp | ospf | is-is | rip | static}

no protocol

Context

config>vrrp>policy vrrp-policy-id>priority-event>route-unknown prefix/mask-length

Description

This command adds one or more route sources to match the route unknown IP route prefix for a route

unknown priority control event.

If the route source does not match one of the defined protocols, the match is considered unsuccessful

and the route-unknown event transitions to the set state.

The protocol command is optional. If the protocol command is not executed, the comparison

between the RTM prefix return and the route-unknown IP route prefix will not include the source of

the prefix. The protocol command cannot be executed without at least one associated route source

parameter. All parameters are reset each time the protocol command is executed and only the

explicitly defined protocols are allowed to match.

The no form of the command removes protocol route source as a match criteria for returned RTM

route prefixes.

To remove specific existing route source match criteria, execute the protocol command and include

only the specific route source criteria. Any unspecified route source criteria is removed.

Default

no protocol — No route source for the route unknown priority event is defined.

Parameters

bgp — This parameter defines BGP as an eligible route source for a returned route prefix from the

RTM when looking up the route-unknown route prefix. The bgp parameter is not exclusive

from the other available protocol parameters. If protocol is executed without the bgp parameter,

a returned route prefix with a source of BGP will not be considered a match and will cause the

event to enter the set state.

ospf — This parameter defines OSPF as an eligible route source for a returned route prefix from the

RTM when looking up the route-unknown route prefix. The ospf parameter is not exclusive

from the other available protocol parameters. If protocol is executed without the ospf

parameter, a returned route prefix with a source of OSPF will not be considered a match and will

cause the event to enter the set state.

Page 258

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

is-is — This parameter defines IS-IS as an eligible route source for a returned route prefix from the

RTM when looking up the route-unknown route prefix. The is-is parameter is not exclusive

from the other available protocol parameters. If protocol is executed without the is-is parameter,

a returned route prefix with a source of IS-IS will not be considered a match and will cause the

event to enter the set state.

rip — This parameter defines RIP as an eligible route source for a returned route prefix from the

RTM when looking up the route-unknown route prefix. The rip parameter is not exclusive from

the other available protocol parameters. If protocol is executed without the rip parameter, a

returned route prefix with a source of RIP will not be considered a match and will cause the event

to enter the set state.

static — This parameter defines a static route as an eligible route source for a returned route prefix

from the RTM when looking up the route-unknown route prefix. The static parameter is not

exclusive from the other available protocol parameters. If protocol is executed without the static

parameter, a returned route prefix with a source of static route will not be considered a match and

will cause the event to enter the set state.

route-unknown

Syntax

Context

[no] route-unknown prefix/mask-length

config>vrrp>policy vrrp-policy-id>priority-event

Description

This command creates a context to configure a route unknown priority control event that monitors the

existence of a specific active IP route prefix within the routing table.

The route-unknown command configures a priority control event that defines a link between the

VRRP priority control policy and the Route Table Manager (RTM). The RTM registers the specified

route prefix as monitored by the policy. If any change (add, delete, new next hop) occurs relative to

the prefix, the policy is notified and takes proper action according to the priority event definition. If

the route prefix exists and is active in the routing table according to the conditions defined, the event

is in the cleared state. If the route prefix is removed, becomes inactive or fails to meet the event

criteria, the event is in the set state.

The command creates a route-unknown node identified by prefix/mask-length and containing event

control commands.

Multiple unique (different prefix/mask-length) route-unknown event nodes can be configured within

the priority-event node up to the maximum limit of 32 events.

The route-unknown command can reference any valid IP addres mask-length pair. The IP address

and associated mask length define a unique IP router prefix. The dynamic monitoring of the route

prefix results in one of the following event operational states:

route-unknown

Description

Operational State

Set – non-existent

Set – inactive

The route does not exist in the route table.

The route exists in the route table but is not being used.

7750 SR OS Router Configuration Guide

Page 259

Download from Www.Somanuals.com. All Manuals Search And Download.

Configuration Commands

route-unknown

Description

Operational State

Set – wrong next hop

The route exists in the route table but does not meet the next-hop

requirements.

Set – wrong protocol

The route exists in the route table but does not meet the protocol

requirements.

Set – less specific

found

The route exists in the route table but does is not an exact match and

does not meet any less-specific requirements.

Set – default best

match

The route exists in the route table as the default route but the default

route is not allowed for route matching.

Cleared – less specific

found

A less specific route exists in the route table and meets all criteria

including the less-specific requirements.

Cleared – found

The route exists in the route table manager and meets all criteria.

An existing route prefix in the RTM must be active (used by the IP forwarding engine) to clear the

event operational state. It may be less specific (the defined prefix may be contained in a larger prefix

according to Classless Inter-Domain Routing (CIDR) techniques) if the event has the less-specific

statement defined. The less specific route that incorporates the router prefix may be the default route

(0.0.0.0) if the less-specific allow-default statement is defined. The matching prefix may be required

to have a specific next hop IP address if defined by the event next-hop command. Finally, the source

of the RTM prefix may be required to be one of the dynamic routing protocols or be statically defined

if defined by the event protocol command. If an RTM prefix is not found that matches all the above

criteria (if defined in the event control commands), the event is considered to be set. If a matching

prefix is found in the RTM, the event is considered to be cleared.

When an event transitions from clear to set, the set is processed immediately and must be reflected in

the associated virtual router instances in-use priority value. As the event transitions from clear to set,

a hold set timer is loaded with the value configured by the events hold-set command. This timer

prevents the event from clearing until it expires, damping the effect of event flapping. If the event

clears and becomes set again before the hold set timer expires, the timer is reset to the hold-set value,

extending the time before another clear can take effect.

The no form of the command is used to remove the specific prefix/mask-length monitoring event.

The event can be removed at anytime. When the event is removed, the in-use priority of all associated

virtual router instances must be reevaluated. The events hold-set timer has no effect on the removal

procedure.

Default

no route-unknown — No route unknown priority control events are defined for the priority

control event policy.

Parameters

prefix — The IP prefix address to be monitored by the route unknown priority control event in dotted

decimal notation.

Values

0.0.0.0 — 255.255.255.255

mask-length — The subnet mask length expressed as a decimal integer associated with the IP prefix

defining the route prefix to be monitored by the route unknown priority control event.

Values

0 — 32

Page 260

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Show Commands

global-statistics

Syntax

Context

global-statistics

show>vrrp

Description

Output

This command displays global VRRP statistics.

VRRP Global Statistics Output — The following table describes the global statistics command

output fields for VRRP.

Table 9: Show VRRP Global-Statistics Output

Label

VR ID Errors

Description

The number of errors the Virtual Router Identifier (VR ID) has

reported.

Version Errors

Checksum Errors

The number of version errors detected in VRRP messages.

The number of checksum errors detected in VRRP messages.

Output

Sample Output

A:ALA-A# show vrrp global-statistics

===============================================================================

VRRP Global Statistics

===============================================================================

VR Id Errors

Checksum Errors

: 13

: 0

Version Errors

: 0

===============================================================================

A:ALA-A#

instance

Syntax

Context

instance [interface ip-int-name [vrid vrid]]

show>vrrp

Description

This command displays information for VRRP instances.

If no command line options are specified, summary information for all VRRP instances displays.

Parameters

interface ip-int-name — Displays detailed information for the VRRP instances on the specified IP

interface including status and statistics.

Default

Summary information for all VRRP instances.

7750 SR OS Router Configuration Guide

Page 261

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

vrid vrid — Displays detailed information for the specified VRRP instance on the IP interface.

Default

Values

All VRIDs for the IP interface.

1 — 255

Output

VRRP Instance Output — The following table describes the instance command output fields for

VRRP.

Table 10: Show VRRP Instance Output

Label

Interface name

VR ID

Description

The name of the IP interface.

The virtual router ID for the IP interface

Own

Owner

Yes — Specifies that the virtual router instance as owning the

virtual router IP addresses.

No — Indicates that the virtual router instance is operating as a

non-owner.

Adm

Up — Indicates that the administrative state of the VRRP

instance is up.

Down — Indicates that the administrative state of the VRRP

instance is down.

Opr

Up — Indicates that the operational state of the VRRP instance

is up.

Down — Indicates that the operational state of the VRRP

instance is down.

State

When owner, backup defines the IP addresses that are

advertised within VRRP advertisement messages.

When non-owner, backup actually creates an IP interface IP

address used for routing IP packets and communicating with the

system when the access commands are defined (ping-reply, tel-

net-reply, and ssh-reply).

Pol Id

The value that uniquely identifies a Priority Control Policy.

Base Priority

The base-priority value used to derive the in-use priority of the

virtual router instance as modified by any optional VRRP

priority control policy.

InUse Priority

Msg Int

The current in-use priority associated with the VRRP virtual

router instance.

The administrative advertisement message timer used by the

master virtual router instance to send VRRP advertisement mes-

sages and to derive the master down timer as backup.

Page 262

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Table 10: Show VRRP Instance Output

Label

Description

Inh Int

Yes — When the VRRP instance is a non-owner and is operat-

ing as a backup and the master-int-inherit command is enabled,

the master down timer is indirectly derived from the value in the

advertisement interval field of the VRRP message received from

the current master.

No — When the VRRP instance is operating as a backup and

the master-int-inherit command is not enabled, the configured

advertisement interval is matched against the value in the adver-

tisement interval field of the VRRP message received from the

current master. If the two values do not match then the VRRP

advertisement is discarded.

If the VRRP instance is operating as a master, this value has no

effect.

Backup Addr

VRRP State

The backup virtual router IP address.

Specifies whether the VRRP instance is operating in a master or

backup state.

Policy ID

The VRRP priority control policy associated with the VRRP vir-

tual router instance.

A value of 0 indicates that no control policy policy is associated

with the virtual router instance.

Preempt Mode

Yes — The preempt mode is enabled on the virtual router

instance where it will preempt a VRRP master with a lower pri-

ority.

No — The preempt mode is disabled and prevents the non-

owner virtual router instance from preempting another, less

desirable virtual router.

Ping Reply

Yes — A non-owner master is enabled to reply to ICMP Echo

requests directed to the virtual router instance IP addresses.

Ping Reply is valid only if the VRRP virtual router instance

associated with this entry is a non-owner.

A non-owner backup virtual router never responds to such ICMP

echo requests irrespective if Ping Reply is enabled.

No — ICMP echo requests to the virtual router instance IP

addresses are discarded.

Telnet Reply

Yes — Non-owner masters can to reply to TCP port 23 Telnet

requests directed at the vritual router instances IP addresses.

No — Telnet requests to the virtual router instance IP addresses

are discarded.

7750 SR OS Router Configuration Guide

Page 263

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Table 10: Show VRRP Instance Output

Label

Description

SSH Reply

Yes — Non-owner masters can to reply to SSH requests

directed at the virtual router instances IP addresses.

No — All SSH request messages destined to the non-owner

virtual router instance IP addresses are discarded.

Primary IP of Master

Primary IP

The IP address of the VRRP master.

The IP address of the VRRP owner.

Up Time

The date and time when the operational state of the event last

changed.

Virt MAC Addr

Auth Type

The virtual MAC address used in ARP responses when the

VRRP virtual router instance is operating as a master.

Specifies the VRRP authentication Type 0 (no authentication),

Type 1 (simple password), or Type 2 (MD5) for the virtual

router.

Addr List Mismatch

Specifies whether a trap was generated when the IP address list

received in the advertisement messages received from the cur-

rent master did not match the configured IP address list.

This is an edge triggered notification. A second trap will not be

generated for a packet from the same master until this event has

been cleared.

Master Priority

Master Since

The priority of the virtual router instance which is the current

master.

The date and time when operational state of the virtual router

changed to master.

For a backup virtual router, this value specifies the date and time

when it received the first VRRP advertisement message from the

virtual router which is the current master.

Output

Sample Output

A:ALA-A# show vrrp instance

===============================================================================

VRRP Instances

===============================================================================

Interface Name

VR Own Adm Opr State Pol Base InUse Msg Inh

Id Id Pri Pri Int Int

-------------------------------------------------------------------------------

d2hub No Up Up Backup n/a 100 100 No

Backup Addr: 10.10.11.5

===============================================================================

Page 264

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

A:ALA-A#

A:ALA-A# show vrrp instance d2hub

===============================================================================

VRRP Instances for interface "d2hub"

===============================================================================

-------------------------------------------------------------------------------

VRID 1

-------------------------------------------------------------------------------

Owner

: No

VRRP State

: Backup

Primary IP of Master: 10.10.2.1 (Other)

Primary IP

: 10.10.2.1

: 10.10.2.3

: Up

: 12/13/2005 23:18:51 Virt MAC Addr

: None

VRRP Backup Addr

Admin State

Up Time

Oper State

: Up

: 00:00:5e:00:01:01

Auth Type

Config Mesg Intvl

: 1

In-Use Mesg Intvl : 1

Master Inherit Intvl: No

Base Priority

Policy ID

Ping Reply

SSH Reply

: 100

: n/a

: No

In-Use Priority

Preempt Mode

Telnet Reply

: 100

: Yes

: No

-------------------------------------------------------------------------------

Master Information

-------------------------------------------------------------------------------

Primary IP of Master: 10.10.11.3 (Other)

Addr List Mismatch : No

Master Since : 12/13/2005 23:18:52

Master Down Interval: 3.609 sec (Expires in 3.550 sec)

Master Priority

: 100

-------------------------------------------------------------------------------

Masters Seen (Last 32)

-------------------------------------------------------------------------------

Primary IP of Master

-------------------------------------------------------------------------------

10.10.11.3 12/14/2005 00:46:48 No 5225

Last Seen

Addr List Mismatch

Msg Count

-------------------------------------------------------------------------------

Statistics

-------------------------------------------------------------------------------

Become Master

Adv Sent

: 0

Master Changes

Adv Received

: 0

: 5225

Pri Zero Pkts Sent : 0

Preempt Events : 0

Mesg Intvl Discards : 0

Addr List Discards : 0

Auth Type Mismatch : 0

Pri Zero Pkts Rcvd: 0

Preempted Events : 0

Mesg Intvl Errors : 0

Addr List Errors : 0

Auth Failures

: 0

Invalid Auth Type

IP TTL Errors

Total Discards

: 0

Invalid Pkt Type : 0

Pkt Length Errors : 0

===============================================================================

A:ALA-A#

7750 SR OS Router Configuration Guide

Page 265

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

policy

Syntax

Context

policy [vrrp-policy-id [event event-type specific-qualifier]]

show>vrrp

Description

This command displays VRRP priority control policy information.

If no command line options are specified, a summary of the VRRP priority control event policies dis-

plays.

Parameters

vrrp-policy-id — Displays information on the specified priority control policy ID.

Default

Values

All VRRP policies IDs

1 — 9999

event event-type specific-qualifier — Displays information on the specified VRRP priority control

event within the policy ID.

Default

Values

All event types and qualifiers

port-down port-id

lag-port-down lag-id

host-unreachable host-ip-addr

route-unknown route-prefix/mask

Output

VRRP Policy Output — The following table describes the VRRP policy command output fields.

Table 11: Show VRRP Policy Output

Label

Description

Policy Id

The VRRP priority control policy associated with the VRRP vir-

tual router instance.

A value of 0 indicates that no control policy policy is associated

with the virtual router instance.

Current Priority & Effects

Current Explicit

When multiple explicitly defined events associated with the pri-

ority control policy happen simultaneously, the lowest value of

all the current explicit priorities will be used as the in-use prior-

ity for the virtual router.

Current Delta Sum

The sum of the priorities of all the delta events when multiple

delta events associated with the priority control policy happen

simultaneously. This sum is subtracted from the base priority of

the virtual router to give the in-use priority.

Page 266

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

Table 11: Show VRRP Policy Output (Continued)

Label

Description

Delta Limit

The delta-in-use-limit for a VRRP policy. Once the total sum of

all delta events has been calculated and subtracted from the

base-priority of the virtual router, the result is compared to the

delta-in-use-limit value. If the result is less than this value, the

delta-in-use-limit value is used as the virtual router in-use prior-

ity value. If an explicit priority control event overrides the delta

priority control events, the delta-in-use-limit has no effect.

If the delta-in-use-limit is 0, the sum of the delta priority control

events to reduce the virtual router's in-use-priority to 0 can pre-

vent it from becoming or staying master.

Applied

The number of virtual router instances to which the policy has

been applied. The policy cannot be deleted unless this value is 0.

Description

A text string which describes the VRRP policy.

Current Priority

The configured delta-in-use-limit priority for a VRRP priority

control policy or the configured delta or explicit priority for a

priority control event.

Event Type & ID

A delta priority event is a conditional event defined in a priority

control policy that subtracts a given amount from the base prior-

ity to give the current in-use priority for the VRRP virtual router

instances to which the policy is applied.

An explicit priority event is a conditional event defined in a pri-

ority control policy that explicitly defines the in-use priority for

the VRRP virtual router instances to which the policy is applied.

Explicit events override all delta Events. When multiple explicit

events occur simultaneously, the event with the lowest priority

value defines the in-use priority.

Event Oper State

The operational state of the event.

Hold Set Remaining

The amount of time that must pass before the set state for a

VRRP priority control event can transition to the cleared state to

dampen flapping events.

7750 SR OS Router Configuration Guide

Page 267

Download from Www.Somanuals.com. All Manuals Search And Download.

Show Commands

Table 11: Show VRRP Policy Output (Continued)

Label

Description

Priority & Effect

Delta — The priority-level value is subtracted from the asso-

ciated virtual router instance’s base priority when the event is set

and no explicit events are set. The sum of the priority event

priority-level values on all set delta priority events are subtracted

from the virtual router base priority to derive the virtual router

instance in-use priority value.

If the delta priority event is cleared, the priority-level is no

longer used in the in-use priority calculation.

Explicit — The priority-level value is used to override the

base priority of the virtual router instance if the priority event is

set and no other explicit priority event is set with a lower

priority-level.

The set explicit priority value with the lowest priority-level

determines the actual in-use protocol value for all virtual router

instances associated with the policy.

In Use

Specifies whether or not the event is currently affecting the in-

use priority of some virtual router.

Output

Sample Output

A:ALA-A# show vrrp policy

===============================================================================

VRRP Policies

===============================================================================

Policy

Current

Priority & Effect

Current

Explicit

Current

Delta Sum

Delta

Limit

Applied

-------------------------------------------------------------------------------

None

Yes

===============================================================================

A:ALA-A#

A:ALA-A# show vrrp policy 1

===============================================================================

VRRP Policy 1

===============================================================================

Description

: 10.10.200.253 reachability

Current Priority: None

Current Explicit: None

Applied

Current Delta Sum : None

: No

Delta Limit

: 1

-------------------------------------------------------------------------------

Applied To

Interface Name

Opr

Base

Pri

In-use Master Is

Pri Pri Master

-------------------------------------------------------------------------------

None

Page 268

7750 SR OS Router Configuration Guide

Download from Www.Somanuals.com. All Manuals Search And Download.

VRRP

-------------------------------------------------------------------------------

Priority Control Events

-------------------------------------------------------------------------------

Event Type & ID

Event Oper State

Hold Set Priority In

Remaining &Effect Use

-------------------------------------------------------------------------------

Host Unreach 10.10.200.252

Host Unreach 10.10.200.253

Route Unknown 10.10.100.0/24

n/a

Expired

20 Del No

10 Del No

1 Exp No

===============================================================================

A:ALA-A#

Output

VRRP Policy Event Output — The following table describes a specific event VRRP policy

command output fields.

Table 12: Show VRRP Policy Event Output

Label

Description

A text string which describes the VRRP policy.

Policy Id

The VRRP priority control policy associated with the VRRP vir-

tual router instance.

A value of 0 indicates that no control policy is associated with

the virtual router instance.

Current Priority

Current Explicit

The base router priority for the virtual router instance used in the

master election process.