0% found this document useful (0 votes)

313 views380 pages

NSMC Command

NSMCommandref

Uploaded by

anh00

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

313 views380 pages

NSMC Command

NSMCommandref

Uploaded by

anh00

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 380

ZebOS Intelligent Network Software

Version 7.5

NSM Command Reference

March 2007

IP Infusion Confidential

2001-2007 IP Infusion Inc. All Rights Reserved.

This documentation is subject to change without notice. The software described in this document and this documentation are furnished under a license agreement or nondisclosure agreement. The software and documentation may be used or copied only in accordance with the terms of the applicable agreement. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or any means electronic or mechanical, including photocopying and recording for any purpose other than the purchaser's internal use without the written permission of IP Infusion Inc. IP Infusion Inc. 125 S. Market Street, 9th Floor San Jose, CA 95113 (408) 794-1500 - main (408) 278-0521 - fax For support, questions, or comments via E-mail, contact: support@ipinfusion.com Trademarks: ZebOS is a registered trademark, and IP Infusion and the ipinfusion logo are trademarks of IP Infusion Inc. All other trademarks are trademarks of their respective companies.

IP Infusion Confidential

Table of Contents

CHAPTER 1 ZebOS Command Line Interface Environment . . . . . . . . . . . . . 1 About This Command Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Command Line Interface Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Command Line Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1 Syntax Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Command Reference Primer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

Typographic Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4

Format used for Command Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6

Command Negation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 Variable Parameter expansion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7

Other Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7 Show Command Tokens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8 Common Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 QoS Command Modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 CHAPTER 2 Commands Common to Multiple Protocols . . . . . . . . . . . . . . . 13
access-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13 access-list extended . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .14 access-list standard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15 access-list zebos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .16 banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17 clear ip prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 configure terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 copy running-config startup-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .18 description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19 enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 enable password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20 end . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 exec-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22 exit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .23 hostname . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 ip prefix-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .24 ip remote-address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25 ip unnumbered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26 ipv6 access-class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 ipv6 access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28 ipv6 access-list zebos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .29

2001-2007 IP Infusion Inc. Confidential

iii

Table of Contents ipv6 prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 unnumbered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . line vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log record-priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log stdout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . log trap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match as-path. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip address prefix-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ip next-hop prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 address prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match ipv6 next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match metric. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match origin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match route-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . match tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . password . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service advanced-vty . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service password-encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service terminal-length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set aggregator . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set as-path . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set atomic-aggregate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set comm-list delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set dampening . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set extcommunity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ip next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ipv6 next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set metric . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set metric-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set origin. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set originator-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set tag. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set vpnv4 next-hop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set weight . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show cli. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30 31 33 33 34 34 35 35 36 37 37 38 39 39 40 41 41 42 43 43 44 45 45 46 46 47 48 48 49 49 50 51 51 52 53 54 54 55 55 56 57 57 58 58 59 60 60

2001-2007 IP Infusion Inc. Confidential

Table of Contents show history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61 show ip prefix-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 show list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62 show memory all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .63 show memory free . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65 show memory lib . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66 show memory summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68 show route-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 show running-config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69 show startup-config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .71 show version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72 terminal length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 terminal monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 who . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73 write file and write memory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74 write terminal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74

CHAPTER 3

NSM Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

admin-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 arp A.B.C.D MAC. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77 bandwidth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 clear ip route kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 clear ipv6 neighbors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 debug nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 debug nsm events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79 debug nsm kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 debug nsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 fib retain . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .80 if-arbiter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .81 interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82 ip address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82 ip forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83 ip proxy-arp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83 ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 ipv6 forwarding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 ipv6 nd managed-config-flag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .84 ipv6 nd other-config-flag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85 ipv6 nd prefix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .85 ipv6 nd ra-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .86 ipv6 nd ra-lifetime. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87 ipv6 nd reachable-time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87 ipv6 nd suppress-ra . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88 ipv6 neighbor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88 ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 ipv6 address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89 maximum-paths . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90 mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

2001-2007 IP Infusion Inc. Confidential

Table of Contents multicast . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90 no debug nsm events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 no debug nsm kernel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 no debug nsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91 show debugging nsm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 show interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 show ip access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 show ip forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 show ip interface brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94 show ip route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 show ip route database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 show ip route summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 show ipv6 forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 show ipv6 interface brief. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 show ipv6 neighbors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 show ipv6 route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99 show ipv6 route summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100 show nsm client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 show router-id. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101 shutdown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 undebug nsm all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 undebug nsm events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 undebug nsm kernel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102 undebug nsm packet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103

CHAPTER 4

NSM VPN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .105

105 105 106 106 107

ip route vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip vrf forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip route vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip vrf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

CHAPTER 5 NSM MPLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109 MPLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

label-switching . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 mpls admin-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 mpls disable-all-interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 mpls egress-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 mpls enable-all-interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110 mpls ftn-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111 mpls ilm-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 mpls ingress-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112 mpls l2-circuit (Configure Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113 mpls-l2-circuit (Interface Mode) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113 mpls l2-circuit-ftn-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114 mpls l2-circuit-ilm-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114 mpls local-packet-handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

2001-2007 IP Infusion Inc. Confidential

Table of Contents mpls log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115 mpls lsp-model pipe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 mpls lsp-tunneling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 116 mpls map-route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 mpls max-label-value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117 mpls min-label-value . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 mpls propagate-ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118 mpls vrf-entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 show mpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 show mpls admin-groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120 show mpls cross-connect-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .120 show mpls forwarding-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .121 show mpls ftn-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 show mpls ilm-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122 show mpls in-segment-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 show mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123 show mpls l2-circuit-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124 show mpls log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .124 show mpls mapped-routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125 show mpls out-segment-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125 show mpls vc-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125 show mpls vrf-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

MPLS OAM Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126

ping mpls ipv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .126 ping mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 ping mpls l3vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127 ping mpls ldp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128 ping mpls rsvp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .129 ping mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 trace mpls ipv4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130 trace mpls l2-circuit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131 trace mpls l3vpn. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 trace mpls ldp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 trace mpls rsvp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .133 trace mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134

CHAPTER 6

NSM GMPLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 135

gmpls capability-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135 gmpls encoding-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .135 gmpls link-id . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .136 gmpls min-lsp-bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137 gmpls protection-type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137 gmpls risk-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138 gmpls sdh-indication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .139

CHAPTER 7 GMP Multicast Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 141 IGMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .141

2001-2007 IP Infusion Inc. Confidential

vii

Table of Contents clear ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . debug igmp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp immediate-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp last-member-query-count. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp mroute-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp proxy-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp querier-timeout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp robustness-variable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp ssm-map enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp ssm-map static. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ip igmp version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip igmp groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip igmp interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip igmp snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show ip igmp snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear ipv6 mld groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . debug mld. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld access-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld immediate-leave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld last-member-query-count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld last-member-query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld mroute-proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld proxy-service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld querier-timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld query-interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld query-max-response-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld robustness-variable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ipv6 mld snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141 141 142 142 143 143 144 145 145 146 147 147 148 148 149 150 150 151 151 152 152 153 153 154 155 156 157 158 158 159 159 160 160 161 161 162 163 163 164 165 165 166 166 167 167 168

MLD Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159

viii

2001-2007 IP Infusion Inc. Confidential

Table of Contents ipv6 mld snooping fast-leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169 ipv6 mld snooping mrouter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169 ipv6 mld snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170 ipv6 mld snooping report-suppression . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .170 ipv6 mld ssm-map enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171 ipv6 mld ssm-map static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .171 ipv6 mld static-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172 ipv6 mld version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173 show ipv6 mld groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174 show ipv6 mld interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .174 show ipv6 mld snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .175 show ipv6 mld snooping statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .176

CHAPTER 8

NSM Multicast Commands . . . . . . . . . . . . . . . . . . . . . . . . . . 177

clear ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177 clear ip mroute statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .177 clear ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178 clear ipv6 mroute statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178 debug nsm mcast. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178 ip mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .179 ip multicast route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180 ip multicast ttl-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .180 ip multicast-routing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181 ipv6 mroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .181 ipv6 multicast route-limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .182 ipv6 multicast-routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183 show ip mroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183 show ip mroute count. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184 show ip mroute summary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185 show ip mvif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186 show ip rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .186 show ipv6 mif . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187 show ipv6 mroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187 show ipv6 mroute count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .188 show ipv6 mroute summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .189 show ipv6 rpf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .190

CHAPTER 9

NSM Traffic Engineering (TE) Commands . . . . . . . . . . . . . . 191

reservable-bandwidth. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191

CHAPTER 10 NSM DiffServ Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . 193

mpls class-to-exp-bit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193 mpls support-diffserv-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193 show mpls diffserv . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193 show mpls diffserv class-to-exp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195 show mpls diffserv configurable-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195 show mpls diffserv supported-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .196

2001-2007 IP Infusion Inc. Confidential

Table of Contents

CHAPTER 11 NSM DiffServ-TE Commands . . . . . . . . . . . . . . . . . . . . . . . . .197

bandwidth-constraint . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . bc-mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mpls class-type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mpls te-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls dste. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls dste class-type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls dste te-class . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197 197 197 198 198 199 199

CHAPTER 12 NSM Layer-2 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . .201 Common Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201

flowcontrol off . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . flowcontrol on . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mirror interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show flowcontrol interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mirror. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mirror interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show storm-control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show storm-control broadcast interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . storm-control level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 201 202 202 203 203 204 204 205

Bridge Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205

bridge acquire. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205 bridge address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 bridge ageing-time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 bridge-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 bridge protocol ieee . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 bridge protocol ieee vlan-bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 bridge protocol mstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 bridge protocol rstp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 bridge protocol rstp vlan-bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 clear mac address-table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 clear mac address-table bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 clear mac address-table dynamic. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211 clear mac address-table dynamic bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .211 mac-address-table static . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 show bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 show interface switchport bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 switchport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214

VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215

show vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan all. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan all bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan brief . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan classifier group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan classifier interface group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan classifier rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show vlan dynamic bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215 215 215 216 216 217 217 218

2001-2007 IP Infusion Inc. Confidential

Table of Contents show vlan static bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218 switchport access vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219 switchport hybrid allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219 switchport hybrid vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220 switchport mode access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221 switchport mode hybrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221 switchport mode trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222 switchport trunk allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .223 switchport trunk native vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224 vlan bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .224 vlan classifier ipv4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225 vlan classifier mac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225 vlan classifier proto . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .226 vlan database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .226 vlan mtu bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227 vlan state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .227

Private-VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

private-vlan association bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228 private-vlan bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228 switchport mode private-vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229 switchport private-vlan host-association . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229 switchport private-vlan mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230 show vlan private-vlan bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230

GMRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231

clear gmrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231 debug gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .231 set gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232 set gmrp bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .232 set gmrp extended-filtering bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233 set gmrp fwdall. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233 set gmrp registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234 set gmrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234 set gmrp vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235 set port gmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .236 set port gmrp vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .236 show gmrp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237 show gmrp configuration bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237 show gmrp machine. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238 show gmrp machine bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238 show gmrp statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .239 show gmrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .239

GVRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240

clear gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240 debug gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .240 set gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241 set gvrp applicant. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .241

2001-2007 IP Infusion Inc. Confidential

Table of Contents set gvrp bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set gvrp dynamic-vlan-creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set gvrp dynamic-vlan-creation bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set gvrp registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set gvrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set port gvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show gvrp configuration bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show gvrp machine bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show gvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show gvrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear mmrp statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear mmrp statistics vlanid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp disable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp disable bridge vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp enable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp enable bridge vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp extended-filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp extended-filtering disable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp extended-filtering enable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp fwdall disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp fwdall enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp timer join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp timer leaveall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp pointtopoint enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp registration fixed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp registration forbidden . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mmrp registration normal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set port mmrp disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set port mmrp disable vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set port mmrp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set port mmrp enable vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp configuration bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp machine . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp machine bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp statistics vlanid bridge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mmrp timer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear mvrp statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear mvrp statistics all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear mvrp statistics bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mvrp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mvrp applicant state active . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242 242 242 243 243 244 244 245 245 246 246 247 247 248 248 249 249 250 250 251 251 252 252 253 253 254 254 254 255 255 256 257 257 258 258 259 259 259 260 261 261 262 262 262

MMRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246

MVRP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261

xii

2001-2007 IP Infusion Inc. Confidential

Table of Contents set mvrp applicant state normal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263 set mvrp disable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263 set mvrp dynamic-vlan-creation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264 set mvrp dynamic-vlan-creation disable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .264 set mvrp dynamic-vlan-creation enable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265 set mvrp enable bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .265 set mvrp timer join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .266 set mvrp timer leave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .266 set mvrp timer leaveall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267 set mvrp pointtopoint enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267 set mvrp registration fixed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .267 set mvrp registration forbidden . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268 set mvrp registration normal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268 set port mvrp disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269 set port mvrp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269 show mvrp configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .270 show mvrp configuration all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271 show mvrp interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271 show mvrp machine bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272 show mvrp statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272 show mvrp timer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

Provider Bridging Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273

bridge protocol provider-mstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273 bridge protocol provider-rstp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .274 cvlan registration table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .274 cvlan svlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275 l2-protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .275 switchport allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276 switchport customer-edge access vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .276 switchport customer-edge hybrid allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277 switchport customer-edge hybrid vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .277 switchport customer-edge vlan registration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278 switchport customer-network vlan translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .278 switchport mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279 switchport mode customer-edge access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .279 switchport mode customer-edge hybrid . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280 switchport mode customer-edge trunk. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281 switchport provider-edge vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281 switchport provider-network vlan translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282 switchport trunk customer-edge allowed vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .282 vlan type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283 vlan type access-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283 vlan type bridge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284

MEF UNI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284

ce-vlan preserve-cos <1-4094> . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284 ethernet uni . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

2001-2007 IP Infusion Inc. Confidential

xiii

Table of Contents ethernet uni id NAME . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 2protocol-tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285

CHAPTER 13 NSM LACP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287

channel-group mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . no channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show etherchannel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show static-channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . static-channel-group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mpls-vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls vpls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls vpls detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls vpls mesh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mpls vpls spoke . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vpls-description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vpls-mtu . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vpls-peer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . vpls-vc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . interface tunnel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel checksum . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel destination . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel mode ipv6ip . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel path-mtu-discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel source . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel tos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . tunnel ttl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . rmon collection history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . rmon collection stats. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show rmon alarm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show rmon event . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show rmon history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show rmon statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 287 288 288 289 291 291 291 292 293 293 294 294 295 295 297 297 298 298 299 300 300 301 301 303 303 304 305 305 306 306 306

CHAPTER 14 NSM VPLS Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291

CHAPTER 15 Tunneling Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297

CHAPTER 16 Remote Monitoring Commands . . . . . . . . . . . . . . . . . . . . . . .303

CHAPTER 17 Interpeak Security Commands . . . . . . . . . . . . . . . . . . . . . . . .307 Clear Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307

clear crypto isakmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear crypto sa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear crypto sa entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . clear crypto sa map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 307 308 308

xiv

2001-2007 IP Infusion Inc. Confidential

Table of Contents clear crypto sa peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .308

Crypto Map Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309

crypto ipsec security-association lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309 crypto ipsec transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .309 crypto map ipsec-manual | ipsec-isakmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .310 crypto map local-address. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 match address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312 set peer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313 set security-association lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313 set session-key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .314 set transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .315

ISAKMP Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316

crypto isakmp enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316 crypto isakmp keepalive. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316 crypto isakmp key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .316 crypto isakmp policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317

ISAKMP Policy Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317

authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318 encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318 group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 hash . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319 lifetime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319

Interface Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320

crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320

Show Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321

show crypto ipsec sa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321 show crypto ipsec transform-set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321 show crypto isakmp policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321 show crypto isakmp sa. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322 show crypto map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .322

CHAPTER 18 QoS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323

class. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323 class-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .323 ip-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324 mac-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 match access-group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325 match ip-dscp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326 match ip-precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326 match layer4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326 match mpls exp-bit topmost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327 match vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327 match vlan-range . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328 mls qos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328 mls qos aggregate-police. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .329

2001-2007 IP Infusion Inc. Confidential

Table of Contents mls qos dscp-cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mls qos dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mls qos map dscp-cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mls qos map dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . mls qos min-reserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . police . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . police-aggregate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . policy-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . service-policy input. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set cos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ip-dscp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set ip-precedence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . set mpls exp-bit topmost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show class-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mls qos aggregator-policer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mls qos interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mls qos maps dscp-cos. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show mls qos maps dscp-mutation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show policy-map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show qos-access-list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue bandwidth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue cos-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue dscp-map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue min-reserve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue queue-limit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue random-detect max-threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . wrr-queue threshold . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . access-list ipv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . access-list. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . firewall group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . firewall group in|out . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show firewall rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show stacking db . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show stacking dump db . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show stacking local . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show stacking master . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . show stacking numCPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . stacking masterdev . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329 330 330 331 331 332 332 333 334 334 335 335 335 336 336 337 337 338 338 339 339 340 340 341 341 342 342 345 345 346 347 347 349 349 350 350 351 351

CHAPTER 19 NSM Firewall Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . .345

CHAPTER 20 NSM Broadcom Stacking Commands. . . . . . . . . . . . . . . . . . .349

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Index - 1

xvi

2001-2007 IP Infusion Inc. Confidential

CHAPTER 1

ZebOS Command Line Interface Environment

About This Command Reference

Network administrators and application developers who install and configure ZebOS IP routing software should use this Command Reference. This Reference contains the following information: An overview of the ZebOS Command Line Interface. The complete command reference for ZebOS Network Services Module (NSM).

ZebOS provides Telnet services so that users can log into any of the routing module layers and control the module by using the Command Line Interface (CLI).

Command Line Interface Primer

The ZebOS Command Line Interface (CLI) is a text based facility conforming to industry standards. Many of the commands may be used in scripts to automate configuration tasks. Each command CLI is usually associated with a specific function or a common function performing a specific task. Multiple users can telnet and issue commands using the Exec mode and the Privileged Exec mode. For ZebOS versions earlier than 7.4, only one user is allowed to use the Configure mode at a time. For ZebOS versions 7.4 and later, multiple users are allowed to simultaneously use the Configure mode. The IMI Shell gives users and administrators the ability to issue commands to several daemons from a single telnet session.

Definitions
token parameter keyword A non-character, non-numeric symbol: {}, {}, (), <>, |, ?, >, ., = An UPPERCASE term for which the user substitutes input. A lowercase term that the user types exactly as shown.

Command Line Help

The ZebOS CLI contains a text-based help facility. Access this help by typing in the full or partial command string then typing a question mark ?. The ZebOS CLI displays the command keywords or parameters along with a short description. For example, at the CLI command prompt, type ZebOS> show ? (the CLI does not display the question mark). The CLI displays this keyword list with short descriptions for each keyword:

ZebOS# show debugging history ip

Debugging functions (see also 'undebug') Display the session command history IP information

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

memory route-map running-config startup-config version

Memory statistics route-map information running configuration Contents of startup configuration Displays ZebOS version

If the ? is typed in the middle of a keyword, ZebOS displays help for that keyword only. ZebOS> show de? (the CLI does not display the question mark). debugging Debugging functions (see also 'undebug') If the ? is typed in the middle of a keyword but the incomplete keyword matches several other keywords, ZebOS displays help for all matching keywords. ZebOS> show i? (the CLI does not display the question mark). interface Interface status and configuration ip IP information isis ISIS information

Syntax Help
Command Completion
The ZebOS CLI can complete the spelling of a command or a parameter. Begin typing the command or parameter and then press TAB. For example, at the CLI command prompt type sh:

ZebOS> sh
Press TAB. The CLI shows:

ZebOS> show
If the command or parameter partial spelling is ambiguous, the ZebOS CLI displays the choices that match the abbreviation. Type show i and press TAB. The CLI shows:

ZebOS> show i interface ip ZebOS> show i

isis

The CLI displays the interface and ip keywords. Type n to select interface and press TAB. The CLI shows:

ZebOS> show in ZebOS> show interface

Type ? and the CLI displays the list of parameters for the show interface command.

ZebOS> show interface IFNAME Interface name | Output modifiers > Output redirection <cr>
The CLI displays the only parameter associated with this command, the IFNAME parameter. For more information on the output modifiers and output redirection, see the Special Tokens for Show Commands section.

Command Abbreviations
The ZebOS CLI accepts abbreviations for commands. For example,

sh in eth0
is an abbreviation for the show interface command.

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Command Line Errors

Any unknown spelling variation causes the command line parser to display in response to the ?, the error Unrecognized command. The parser re-displays the command as last entered. When the user presses the enter key after typing an invalid command, the parser displays: ZebOS(config)#router ospf here ^ % Invalid input detected at '^' marker. where the ^ points to the first character in error in the command. If a command is incomplete it displays this message:

ZebOS> show % Incomplete command.

Some commands are too long for the display line and can wrap in mid-parameter or mid-keyword:

area 10.10.0.18 virtual-link 10.10.0.19 authent ication-key 57393

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Command Reference Primer

Typographic Conventions
The following table lists typographic conventions for command syntax descriptions.
Convention Name Command Description Variable parameter Description Represents command strings entered on a command line and sample source code. Gives specific details about a parameter. Indicates user input. Values to be entered according to the descriptions that follow. Each uppercased token expands into one or more other tokens. Indicates keywords. Values to be entered exactly as shown in the command description. Delimits choices; One to be selected from the list. Not to be entered as part of the command. Encloses optional parameters. None or only one to be chosen. Not to be entered as part of the command. Encloses optional parameters. None, one or more than one to be chosen. Not to be entered as part of the command. Encloses optional parameters. Choose one. Not to be entered as part of the command. Used with the square brackets to limit the immediately following token to one occurrence. Not to be entered as part of the command. Enclose a numeric range, endpoints inclusive. Not to be entered as part of the command. Separates the variable from explanatory text. Not to be entered as part of the command. Allows the repetition of the element that immediately follows it multiple times. Not to be entered as part of the command. An IPv4-style address. An IPv6-style address. Example

Monospaced font
Proportional font

show ip ospf advertise Advertises this

range

UPPERCASE

area AREAID range ADDRESS

lowercase | ()

Keyword parameter Vertical bar Parentheses

show ip ospf A.B.C.D|<0-4294967295> (A.B.C.D|<0-4294967295>)

{ }

Braces

{priority <0-255>| poll-interval <1-65535>}

[parm2|parm2|parm3] [parm1|parm2|?parm3] expands to

[] ?

Square brackets Question mark

parm1 parm3 parm1 parm2

(with parm3 occurring once)

< >
=

Angle brackets Equal sign Dot (period)

<0-65535> PROCESSID = <0-65535>

.AA:NN can be expanded to:

1:01 1:02 1:03. 10.0.11.123
3ffe:506::1, where the:: represents all 0s for those address components not explicitly given.

A.B.C.D X:X::X:X

IP address IP address

LINE

End-of-line input token

Indicates user input of any string, including spaces. No other parameters may be entered after input for this token.

string of words

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Convention

Name Single token Single token

Description Indicates user input of any contiguous string (excluding spaces). Indicates the name of an interface.

Example

WORD IFNAME

singlewordnospaces eth0

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Format used for Command Description

command name
Description of the command. What the command does and when should it be used.

Command Syntax
sample command name mandatory-parameters (OPTIONAL-PARAMETERS)

Default
The status of the command before it is executed. Is it enabled or disabled by default.

Command Mode
Name of the command mode in which this command is to be used. Such as, Exec, Privilege Exec, Configure mode and so on.

Usage
This section is optional. It describes the usage of a specific command and the interactions between parameters. It also includes appropriate sample outputs for show commands.

Example
Used if needed to show the complexities of the command syntax.

Related Commands
This section is optional and lists those commands that are of immediate importance.

Equivalent Commands
This section is optional and lists commands that accomplish the same function.

Validation Commands
This section is optional and lists commands that can be used to validate the effects of other commands.

Command Negation
Some commands can be negated by using a no keyword. In the following area virtual-link command, the no keyword is optional, This means that the entire syntax can be negated. Depending on the command or the parameters, command negation can mean the disabling of one entire feature for the router or the disabling of that feature for a specific ID, interface or address. (no) area AREAADDRESSID virtual-link ROUTERID (AUTHENTICATE|MSGD|INTERVAL) In the following example, negation is for the base command only. The negated form does not take any parameter. default-metric <1-16777214> no default-metric

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Variable Parameter expansion

For the area virtual-link command, (no) area AREAADDRESSID virtual-link ROUTERID (AUTHENTICATE|MSGD|INTERVAL) the AREAADDRESSID parameter is replaced by either an IP address or a number in the given range: AREAADDRESSID=A.B.C.D|<0-4294967295> and ROUTERID by an IP address. The minimum command then is:

area 10.10.0.11 virtual-link 10.10.0.12

The parameters in the string (AUTHENTICATE|MSGD|INTERVAL) are optional, and only one may be chosen. Each one can be replaced by more keywords and parameters. One of these parameters, MD5, is replaced by the following string: MD5= [message-digest-key <1-255> md5 MD5_KEY] with MD5_KEY replaced by a 1-16 character string.

Other Conventions
This warning symbol indicates that you must be cautious as you might risk losing data or damaging your hardware.

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Show Command Tokens

Two tokens modify the output of the show commands. Use the ? after typing the command to display: ZebOS# show users | Output modifiers > Output redirection Note: These tokens are available only through the IMI shell; they are unavailable to users who telnet to daemons.

Output Modifiers
Type the | (vertical bar) to use Output modifiers. begin exclude include redirect Begin The begin parameter displays the output beginning with the first line containing a token matching the input string (everything typed after the begin token). ZebOS# show run | begin eth1 ...skipping interface eth1 ipv6 address fe80::204:75ff:fee6:5393/64 ! interface eth2 ipv6 address fe80::20d:56ff:fe96:725a/64 ! line con 0 login line vty 0 4 login ! end Exclude The exclude parameter excludes all lines of output that contain the input string. In the following output all lines containing the word include are excluded: ZebOS# show interface eth1 | exclude input Interface eth1 Scope: both Hardware is Ethernet, address is 0004.75e6.5393 index 3 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST> VRF Binding: Not bound Label switching is disabled No Virtual Circuit configured Administrative Group(s): None DSTE Bandwidth Constraint Mode is MAM inet6 fe80::204:75ff:fee6:5393/64 Begin with the line that matches Exclude lines that match Include lines that match Redirect output

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

output packets 4438, bytes 394940, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 0 Include The include parameter includes only those lines of output that contain the input string. In the output below, all lines containing the word input are included: ZebOS# show interface eth1 | include input input packets 80434552, bytes 2147483647, dropped 0, multicast packets 0 input errors 0, length 0, overrun 0, CRC 0, frame 0, fifo 1, missed 0 Redirect The redirect parameter puts the lines of output into the indicated file. ZebOS# show history | redirect /var/frame.txt

Output Redirection
The output redirection token > allows the user to specify a target file for the lines of output. ZebOS# show history > /var/frame.txt

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

Common Command Modes

The commands available for each protocol are separated into several modes (nodes) arranged in a hierarchy; The Exec mode is the lowest. Each mode has its own special commands; in some modes, commands from a lower level are available. Note: Multiple users can telnet and issue commands using the Exec mode and the Privileged Exec mode. For ZebOS versions earlier than 7.4, only one user is allowed to use the Configure mode at a time. For ZebOS versions 7.4 and later, multiple users are allowed to simultaneously use the Configure mode.

Exec Mode Also called the View mode, is the base mode from where users can perform basic commands like show, exit, quit, help, list, and enable. All ZebOS daemons have this mode. Privileged Exec Mode Also called the Enable mode, allows users to run debug, write (for saving and viewing the configuration) and show commands. Configure Mode Also called Configure Terminal mode, this mode serves as a gateway into the Interface, Router, Line, Route Map, Key Chain and Address Family modes. Interface Mode Is used to configure protocol-specific settings for a particular interface. Any attribute configured in this mode overrides an attribute configured in the Router mode. Line Mode Makes the access-class commands available. This diagram displays the common command mode tree.

Startup Router in EXEC mode (View mode)

enable (password)

Command Mode

Command used to enter the next Command Mode

Privileged EXEC mode (Enable mode )

configure terminal

Configure mode

interface IFNAME

line vty [FIRST] (LAST)

Interface mode

Line mode

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

QoS Command Modes

Class Map Use this mode to create class maps. A class map names and isolates specific traffic from other traffic, and defines criteria to match against a specific traffic flow to further classify it. Policy Map Use this mode to create policy maps. A policy map specifies on which traffic class to act. Class Use this mode to define a traffic classification. The following diagram shows the complete QoS module command mode tree. For information about Exec, Privileged Exec, Configure and Interface modes, refer to the NSM daemon command modes mentioned earlier in this chapter.

Startup Router in Exec mode enable (password)

Command Mode Command used to enter next command mode

Privileged Exec mode configure terminal

Configure mode

class-map NAME

policy-map NAME

Class-Map mode

Policy-Map mode

class NAME

Class mode

2001-2007 IP Infusion Inc. Confidential

ZebOS Command Line Interface Environment

2001-2007 IP Infusion Inc. Confidential

CHAPTER 2

Commands Common to Multiple Protocols

access-class
Use this command to filter a connection, based on an IP access list, for IPv4 networks. Note: This command is unavailable to ZebOS Server Routing Suite (SRS) customers and ZebOS Advanced Routing Suite (ARS) customers using the IMISH for CLI management. To control access from the network/ hosts, IMISH administrators must change system files, such as, /etc/host.allow and /etc/hosts.deny.

Command Syntax
access-class LIST LIST = IP access-list

Command Mode
Line mode

Usage
Use access-class command after configuring the access-list. See ZebOS NSM Commands chapter for details on the access-list command.

Example ZebOS# configure terminal ZebOS(config)# line vty 23 55 ZebOS(config-line)# access-class myclass1 Related Commands
access-list, ipv6 access-class

access-list
Use the access-list command to configure an access list for filtering packets. Use the no parameter to remove a specified access-list.

Command Syntax
(no) access-list LISTNAME (DENY|PERMIT|REMARK) LISTNAME = WORD DENY|PERMIT|REMARK IP ZebOS access-list DENY = deny [A.B.C.D/M (exact-match)]|any Specify route to reject. PERMIT = permit [A.B.C.D/M (exact-match)]|any Specify route to permit A.B.C.D = An IP address. M = Mask specifying which part of the IP address will be ignored. any = Allows any IP address or prefix to match. exact-match = Specifies exact matching of prefixes REMARK = remark .LINE

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols LINE = Multi-line, access-list entry comment up to 100 characters.

Command Mode
Configure mode

Usage
Use access lists to control the transmission of packets on an interface, and restrict contents of routing updates. The switch stops checking the access list after a match occurs. When using this command from a Telnet session, be sure to telnet to the relevant protocol daemon (for example, isisd); unpredictable results can occur if this command is used in a telnet session with the NSM daemon.

Examples ZebOS# configure terminal ZebOS(config)# access-list mylist deny 10.10.0.72/24 exact-match ZebOS(config)# access-list mylist permit any Validation Commands
show running-config, show ip access-list, show ipv6 access-list

access-list extended
Use the access-list extended command to configure an access list for filtering packets. Use the no parameter to remove a specified access-list.

Command Syntax
(no) access-list EXTENDED (deny|permit|REMARK)ip SOURCE DESTINATION (no) access-list EXTENDED (deny|permit|REMARK)ip any any EXTENDED = <100-199>|<2000-2699> <100-199> = IP extended access list <2000-2699> = IP extended access list (expanded range) deny Specify route to reject. permit Specify route to permit. REMARK = remark .LINE LINE = Multi-line, access-list entry comment up to 100 characters. SOURCE = [A.B.C.D WILDCARDS]|any|host A.B.C.D = IP address of the Source. WILDCARD = Wildcard mask to specify which part of A.B.C.D are ignored. It works as a reverse address mask, e.g., 0.0.0.255 means you permit or deny the route which matches the first 24 bits, A.B.C.D. DESTINATION = [A.B.C.D WILDCARDS]|any|host A.B.C.D = IP address of the Destination. WILDCARD = Wildcard mask to specify which part of A.B.C.D is ignored. It works as a reverse address mask, e.g., 0.0.0.255 means you permit or deny the route which matches the first 24 bits, A.B.C.D. any = Allows any IP address or prefix to match. host = host A.B.C.D A single host address.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Configure mode

Usage
When using this command from a Telnet session, be sure to telnet to the relevant protocol daemon (for example, isisd); unpredictable results can occur if this command is used in a telnet session with the NSM daemon.

Examples ZebOS# configure terminal ZebOS(config)# access-list 134 deny 1.1.1.0 0.0.0.255 ZebOS(config)# access-list 2345 permit host 10.10.2.76 Validation Commands
show running-config, show ip access-list, show ipv6 access-list

access-list standard
Use the access-list standard command to configure an access list for filtering packets. Use the no parameter to remove a specified access-list.

Command Syntax
(no) access-list STANDARD (DENY|PERMIT|REMARK) STANDARD = <1-99>|<1300-1999> <1-99> = IP standard access list <1300-1999> = IP standard access list (expanded range) DENY = deny [A.B.C.D (WILDCARD)]|any|host Specify route to reject. PERMIT = permit [A.B.C.D (WILDCARD)]|any|host Specify route to permit. A.B.C.D = An IP address. WILDCARD = wildcard mask to specify which part of A.B.C.D is ignored. It works as a reverse address mask, e.g., 0.0.0.255 means you permit or deny the route which matches the first 24 bits, A.B.C.D. any = Allows any IP address or prefix to match. host = host A.B.C.D A single host address. REMARK = remark .LINE LINE = Multi-line, access-list entry comment up to 100 characters.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# access-list 67 deny 1.1.1.0 0.0.0.255 ZebOS(config)# access-list 1332 permit any

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Validation Commands
show running-config, show ip access-list, show ipv6 access-list

access-list zebos
Use this command to configure an access list for filtering frames that permit or deny IP, ICMP, TCP, UDP packets or ICMP packets with a specific value based on the source or destination. Use the mask to specify a subset of addresses. Use the any parameter to allow all packets, regardless of source or destination. Use the icmp-type parameter to include a specific value. Use the log option to keep a log of the command outputs. Use the no parameter to remove a specified access-list.

Command Syntax [ip|icmp]

(no) access-list zebos WORD [deny|permit] [ip|icmp|any] [A.B.C.D/M|any] [A.B.C.D|M/ any] (log) zebos Extended access-list. WORD ZebOS access-list name. deny Specify route to reject. permit Specify route to permit. ip IP packet. icmp ICMP packet. any Any packet. A.B.C.D/M|any = Source IP address or local address and mask, or any local address. A.B.C.D/M|any = Destination IP address or local address and mask, or any local address. log Log the results.

Command Syntax [ICMP-TYPE]

(no) access-list zebos WORD [deny|permit] [icmp] [A.B.C.D/M|any] [A.B.C.D|M/any] icmp-type ICMP-TYPE (log) zebos Extended access-list. WORD ZebOS access-list name. deny Specify route to reject. permit Specify route to permit. ip IP packet. icmp ICMP packet. any Any packet. A.B.C.D/M|any = Source IP address or local address and mask, or any local address. A.B.C.D/M|any = Destination IP address or local address and mask, or any local address. ICMP-TYPE = ICMP value. log Log the results.

Command Syntax [tcp|udp]

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols permit Specify route to permit. tcp TCP packet. udp UDP packet. any Any packet. A.B.C.D/M|any = Source IP address or local address and mask, or any local address. et Source port numbers equal to the given value lt Source port numbers less than the given value gt Source port numbers greater than the given value ne Source port numbers not equal to the given value. <0-65535> Port number specified A.B.C.D/M|any = Destination IP address or local address and mask, or any local address. et Destination port numbers equal to the given value lt Destination port numbers less than the given value gt Destination port numbers greater than the given value ne Destination port numbers not equal to the given value <0-65535> Port number specified log Log the results.

Command Mode
Configure mode

Usage
Use access lists to control the transmission of packets on an interface, and restrict the content of routing updates. The switch stops checking the access list when a match is encountered.

Example ZebOS# configure terminal ZebOS(config)# access-list zebos TK deny tcp 2.2.2.3/24 eq 14 3.3.3.4/24 lt 12 log Related Commands
show running-config, show ip access-list

banner
Use the banner command to display the banner motive of the day on login. Use the no parameter to disable this function. Note: When using the banner command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new banner) is not available when you log into IMISH the next time.

Command Syntax
(no) banner motd default

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Examples ZebOS# configure terminal ZebOS(config)# no banner motd Usage

clear ip prefix-list
Use this command to reset the hit count to zero in the prefix-list entries.

Command Syntax
clear ip prefix-list (WORD) (A.B.C.D/M) WORD Specify the name of the prefix-list. A.B.C.D/M IP prefix and length.

Command Mode
Privileged Exec mode

Examples ZebOS# clear ip prefix-list List1

configure terminal
Use the configure terminal command to enter the Configure command mode.

Command Syntax
configure terminal

Command Mode
Privileged Exec mode

Examples
The following example shows the use of the configure terminal command to enter the Configure command mode (note the change in the command prompt).

ZebOS# configure terminal ZebOS(config)#

copy running-config startup-config

Use the copy running-config startup-config to write configurations to the file to be used at startup. This is the same as the write memory command.

Command Syntax
copy running-config startup-config

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Privileged Exec mode

Examples ZebOS# copy running-config startup-config

description
Use this command to provide an interface-specific description.

Command Syntax
description .LINE LINE = Characters describing the specific interface.

Command Mode
Interface mode

Usage
This command is used to provide description about a particular interface.

Examples
The following example provides information about the connecting router for interface eth1.

Router# configure terminal Router(config)# interface eth1 Router(config-if)# description Connected to Zenith's fas2/0

Validation Commands
show running-config

disable
Use the disable command to exit the Privileged Exec mode, and return to the Exec mode.

Command Syntax
disable

Command Mode
Privileged Exec mode

Usage
This is the only command that allows a user to go back to the Exec mode. Using the exit or quit command from the Privileged Exec mode ends the session, instead of going back

Examples ZebOS# disable ZebOS>

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Related Commands
enable, end, exit

enable
Use the enable command to enter the Privileged Exec command mode.

Command Syntax
enable

Command Mode
Exec mode

Usage
To return to the Exec mode from Privileged Exec mode, use the disable command. Using the exit or quit command from Privileged Exec mode ends the session.

Examples
The following example shows the use of the enable command to enter the Privileged Exec mode (note the change in the command prompt).

ZebOS> enable ZebOS#

Related Commands
disable, exit, quit

enable password
Use the enable password command to modify or create a password to be used when entering the Enable mode. Note: When using the enable password command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new password) is not available when you log into IMISH the next time.

Command Syntax
enable password HIDDEN|PLAIN HIDDEN = 8 password Specifies a hidden password. PLAIN = password The unencrypted (cleartext) line password

Command Mode
Configure mode

Usage
This command enables the administrator to set a password for entering the enable mode. There are three methods to enable a password. Note: In the examples below, for each method, the configuration is different: the configuration file output is different, but the password string to be used to enter the enable mode is the same (mypasswd).

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols Plain Password The plain password is a clear text string that appears in the configuration file as configured.
Configuration Output in the Configuration File

ZebOS# configure terminal ZebOS(config)# enable password mypasswd ZebOS(config)# end

ZebOS# show run Current configuration: hostname ZebOS enable password mypasswd ! interface lo

Encrypted Password Configure an encrypted password using the service encrypted-password command. First, use the enable password command to specify the string that you want to use as a password (mypasswd). Then, use the service encrypted-password command to encrypt the specified string (mypasswd). The advantage of using an encrypted password is that the configuration file does not show mypasswd, it will only show the encrypted string fU7zHzuutY2SA.
Configuration Output in the Configuration File

ZebOS# configure terminal ZebOS(config)# enable password mypasswd ZebOS(config)# service password-encryption ZebOS(config)# end

ZebOS# show run Current configuration: hostname ZebOS enable password 8 fU7zHzuutY2SA service password-encryption ! interface lo

Hidden Password Configure an encrypted password using the HIDDEN parameter (8) with the enable password command. Use this method if you already know the encrypted string corresponding to the plain text string that you want to use as a password. It is not required to use the service password-encryption command for this method. The output in the configuration file will show only the encrypted string, and not the text string.
Configuration Output in the Configuration File

ZebOS# configure terminal ZebOS(config)# enable password 8 fU7zHzuutY2SA ZebOS(config)# end

ZebOS# show run Current configuration: hostname ZebOS enable password 8 fU7zHzuutY2SA ! interface lo

Related Commands
service password-encryption

Validation Commands
show running-config

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

end
Use the end command to return to the Privileged Exec command mode from any other advanced command mode.

Command Syntax
end

Command Mode
All command modes

Examples
The following example shows the use of the end command to return to the Privileged Exec mode directly from Interface mode.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# end ZebOS#

Related Commands
exit, disable, enable

exec-timeout
Use the exec-timeout command to set the interval the command interpreter waits for user input detected. Use the no parameter to disable the wait interval.

Command Syntax
exec-timeout MINUTES (SECONDS) no exec-timeout MINUTES = <0-35791> Timeout value in minutes SECONDS = <0-2147483> Timeout value in seconds

Command Mode
Line mode

Usage
This command is used set the time the telnet session waits for an idle VTY session, before it timeouts. An exectimeout 0 0 setting will cause the telnet session to wait indefinitely.

Examples
In the following example, the telnet session will timeout after 2 minutes, 30 seconds if there is no response from the user.

Router# configure terminal Router(config)# line vty 23 66 Router(config-line)# exec-timeout 2 30

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Validation Commands
show running-config

exit
Use the exit command to exit the current mode, and return to the previous level. When used in Exec mode, the exit command terminates the session.

Command Syntax
exit

Command Mode
All command modes

Examples
The following example shows the use of exit command to exit Interface mode, and return to Configure mode.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# exit ZebOS(config)#

Related Commands
end, enable, disable

help
Use the help command to display a description of the ZebOS help system.

Command Syntax
help

Command Mode
All command modes

Usage
This is the sample output from the help command: ZebOS# help ZebOS VTY provides advanced help feature. When you need help, anytime at the command line please press '?'. If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options. Two styles of help are provided: 1. Full help is available when you are ready to enter a command argument (e.g. 'show ?') and describes each possible argument. 2. Partial help is provided when an abbreviated argument is entered

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

and you want to know what arguments match the input (e.g. 'show me?'.)

Examples ZebOS# configure terminal ZebOS(config)# help

hostname
Use the hostname command to set or change the network server name. ZebOS daemons use this name in system prompts and default configuration file names. Use the no parameter to disable this function. Note: When using the hostname command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (the new hostname) is not available when you log into IMISH the next time.

Command Syntax
(no) hostname HOSTNAME HOSTNAME Specifies the network name of the system.

Command Mode
Configure mode

Usage
This command provides a hostname for login purposes only, and not for the enable mode. A hostname could be added for each remote system with which the local router communicates, and from which it requires authentication. The other router must have a hostname entry for the local router. This entry must have the same password as the local router has for this router. This command is useful for defining host names for special privileges. For example, a hostname all requiring no password could be created allowing the users to connect to general information without password. Note: Setting a hostname using this command takes precedence over setting a hostname in the kernel. If you set the hostname using the CLI, and then set the hostname in the kernel, the hostname set using the CLI will remain.

Examples
The following example sets the hostname to IPI, and shows the change in the prompt:

ZebOS# configure terminal ZebOS(config)# hostname IPI IPI(config)#

Validation Commands
show running-config

ip prefix-list
Use this command to create an entry for a prefix list. Use the no parameter with this command to delete the prefix-list entry.

Command Syntax
(no) ip prefix-list sequence number

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

(no) ip prefix-list LISTNAME description (.LINE) (no) ip prefix-list LISTNAME|SEQ LINE= text description of the prefix list. LISTNAME= Specifies the name of a prefix list. SEQ = seq <1-429496725> (deny|permit) IPPREFIX any|LENGTH seq <1-429496725> The sequence number of the prefix list. deny Specifies that packets are to be rejected. permit Specifies that packets are to be accepted. IPPREFIX=A.B.C.D/M The IP address mask and length of the prefix list mask. any Takes all packets of any length. This parameter is the same as using 0.0.0.0/0 le 32 for IPPREFIX. LENGTH= [LE|GE] LE= le <0-32> Maximum prefix length to be matched. GE= ge <0-32> Minimum prefix length to be matched.

Command Mode
Configure mode

Usage
Router starts to match prefixes from the top of the prefix list, and stops whenever a match or deny occurs. To promote efficiency, use the seq parameter and place common matches or denials towards the top of the list. The sequence values are generated in the sequence of 5. The parameters GE and LE specify the range of the prefix length to be matched. When setting these parameters, set the LE value to be less than 32, and the GE value to be less than LE value. In this configuration, the ip prefix-list command matches all, but denies the IP address range, 76.2.2.0. router bgp 100 network 172.1.1.0 network 172.1.2.0 neighbor 10.6.5.3 remote-as 300 neighbor 10.6.5.3 prefix-list mylist out ! ! ip prefix-list mylist seq 5 deny 76.2.2.0/24 ip prefix -list mylist seq 10 permit 0.0.0.0/0

Examples ZebOS# configure terminal ZebOS(config)# ip prefix-list mylist seq 12345 deny 10.0.0.0/8 le 22 ge 14 Related Commands
match ip address, neighbor prefix-list, match route-map

ip remote-address
Use this command to set the remote address on a point-to-point non multi-access link.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Syntax
ip remote-address A.B.C.D/M A.B.C.D/M IP address and prefix length of the link remote address.

Command Mode
Interface mode

Usage
This command sets the remote address (far end) of a point-to-point non multi-access link. This command can be used only on unnumbered interfaces. When a new remote-address is configured, the old address gets overwritten.

Example ZebOS(config)#interface ppp0 ZebOS(config-if)#ip unnumbered eth1 ZebOS(config-if)#ip remote-address 1.1.1.1/32 Validation Commands
show running-config, show interface

ip unnumbered
Use this command to enable IP processing without an explicit address, on a point-to-point non multi-access link. Use the no parameter with this command to unconfigure this feature on an interface.

Command Syntax
(no) ip unnumbered IFNAME IFNAME A string that specifies the interface.

Command Mode
Interface mode

Usage
This command lets an interface borrow the IP address of a specified interface, to enable IP processing on a serial, point-to-point interface without assigning it an explicit IP address. In this way, the IP unnumbered interface can borrow the IP address of another interface already configured on the router, to conserve network and address space.

Example
The following example creates a tunnel between Router 1 (eth1) and Router 2 (eth2), and enables IP processing without an explicit address on an interface.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

10.70.0.0/24 eth0 10.70.0.145 Router 1 (eth1) .145 On Router 1 Tunnel eth0 10.70.0.77 Router 2 (eth2) .77

ZebOS# configure terminal ZebOS (config)# interface lo ZebOS (config-if)# ip address 127.0.0.1/8 ZebOS (config-if)# ip address 33.33.33.33/32 secondary ZebOS (config-if)# exit ZebOS (config)# interface eth1 ZebOS (config-if)# ip address 10.10.10.145/24 ZebOS (config-if)# exit ZebOS (config)# interface Tunnel0 ZebOS (config-if)# tunnel source 10.70.0.145 ZebOS (config-if)# tunnel destination 10.70.0.77 ZebOS (config-if)# tunnel ttl 255 ZebOS (config-if)# tunnel path-mtu-discovery ZebOS (config-if)# tunnel mode gre ZebOS (config-if)# ip unnumbered eth1 ZebOS (config-if)# exit ZebOS (config)# router ospf ZebOS (config-router)# network 10.10.10.0/24 area 0
On Router 2

ZebOS# configure terminal ZebOS (config)# interface lo ZebOS (config-if)# ip address 127.0.0.1/8 ZebOS (config-if)# ip address 44.44.44.44/32 secondary ZebOS (config-if)# exit ZebOS (config)# interface eth2 ZebOS (config-if)# ip address 30.10.10.77/24 ZebOS (config-if)# exit ZebOS (config)# interface Tunnel0 ZebOS (config-if)# tunnel source 10.70.0.77 ZebOS (config-if)# tunnel destination 10.70.0.145 ZebOS (config-if)# tunnel ttl 255 ZebOS (config-if)# tunnel path-mtu-discovery ZebOS (config-if)# tunnel mode gre ZebOS (config-if)# ip unnumbered eth2 ZebOS (config-if)# exit ZebOS (config)# router ospf ZebOS (config-router)# network 30.10.10.0/24 area 0

Related Commands
ipv6 unnumbered

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ipv6 access-class
Use this command to filter a connection based on an IP access list for IPv6 networks. Note: This command is unavailable to ZebOS Server Routing Suite (SRS) customers, and to ZebOS ARS customers using the IMISH for CLI management. To control access from the network/ hosts, IMISH administrators are required to change system files, such as /etc/host.allow and /etc/hosts.deny.

Command Syntax
ipv6 access-class LIST

Default
Disabled

Command Mode
Line mode

Usage
Use this command in conjunction with the IP access list to set permissions for VTY session users for ipv6 address family.

Example ZebOS# configure terminal ZebOS(config)# line vty 12 77 ZebOS(config-line)# ipv6 access-class mylist1 Related Commands
access-list

ipv6 access-list
Use this command to configure an access list for filtering frames. Use the no parameter to remove a specified access-list.

Command Syntax
(no) ipv6 access-list LISTNAME (DENY|PERMIT|REMARK) LISTNAME = WORD DENY|PERMIT|REMARK IP ZebOS access-list DENY = deny [X:X::X:X/M (exact-match)]|any Specify route to reject. PERMIT = permit [X:X::X:X/M (exact-match)]|any Specify route to permit A.B.C.D = An IPv6 address. M = Mask Specifying which part of the IPv6 address will be ignored. any = Allows any IPv6 address or prefix to match. exact-match = Specifies exact-matching of prefixes REMARK = remark .LINE LINE = Multi-line, access-list entry comment up to 100 characters.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Configure mode

Usage
Use access lists to control the transmission of packets on an interface, and restrict contents of routing updates. The switch stops checking the access list after a match occurs.

Examples ZebOS# configure terminal ZebOS(config)# ipv6 access-list mylist deny 3ffe:506::/32 exact-match ZebOS(config)# ipv6 access-list mylist permit any Validation Commands
show running-config, show ipv6 access-list

ipv6 access-list zebos

Use this command to configure an access list for filtering frames that permit or deny IP, ICMP, TCP, or UDP packets, or ICMP packets with a specific value based on the source or destination. Use the mask to specify a subset of addresses. Use the any parameter to allow all packets, regardless of source or destination. Use the icmp-type parameter to include a specific value. Use the log option to keep a log of the command outputs. Use the no parameter to remove a specified access-list. Note: Use this command in IPV6 environments.

Command Syntax [ip|icmp]

(no)ipv6 access-list zebos WORD [deny|permit] [ip|icmp|any] [X:X::X:X/M|any] [X:X::X:X|M/any] (log) zebos Extended access-list. WORD ZebOS access-list name. deny Specify route to reject. permit Specify route to permit. ip IP packet. icmp ICMP packet. any Any packet. X:X::X:X/M|any = Source IP address or local address and mask, or any local address. X:X::X:X/M|any = Destination IP address or local address and mask, or any local address. log Log the results.

Command Syntax [icmp TYPE value]

(no)ipv6 access-list zebos WORD [deny|permit] [icmp] [X:X::X:X/M|any] [X:X::X:X|M/ any] icmp-type ICMP-TYPE (log) zebos Extended access-list. WORD ZebOS access-list name. deny Specify route to reject. permit Specify route to permit. ip IP packet.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols icmp ICMP packet. any Any packet. X:X::X:X/M|any = Source IP address or local address and mask, or any local address. X:X::X:X/M|any = Destination IP address or local address and mask, or any local address. ICMP-TYPE = ICMP value. log Log the results.

Command Syntax (Source and Destination Ports)

(no)ipv6 access-list zebos WORD [deny|permit] [tcp|udp] [X:X::X:X/M|any] [et|lt|gt|ne] <0-65535> [X:X::X:X|M/any] [et|lt|gt|ne] <0-65535> (log) zebos Extended access-list. WORD ZebOS access-list name. deny Specify route to reject. permit Specify route to permit. tcp TCP packet. udp UDP packet. any Any packet. X:X::X:X/M|any = Source IP address or local address and mask, or any local address. et Source port numbers equal to the given value lt Source port numbers less than the given value gt Source port numbers greater than the given value ne Source port numbers not equal to the given value. <0-65535> Port number specified X:X::X:X/M|any = Destination IP address or local address and mask, or any local address. et Destination port numbers equal to the given value lt Destination port numbers less than the given value gt Destination port numbers greater than the given value ne Destination port numbers not equal to the given value <0-65535> Port number specified log Log the results.

Command Mode
Configure mode

Usage
Use access lists to control the transmission of packets on an interface, and restrict the content of routing updates. The switch stops checking the access list when a match is encountered.

Example ZebOS# configure terminal ZebOS(config)# ipv6 access-list zebos TK deny tcp 2::2/64 eq 14 3::4/64 lt 12 log

ipv6 prefix-list
Use this command to create an entry for an ipv6 prefix-list.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Syntax
(no) ipv6 prefix-list sequence number ipv6 prefix-list description .LINE (no) ipv6 prefix-list description (.LINE) (no) ipv6 prefix-list LISTNAME|SEQ LINE= text description of the prefix list. LISTNAME= Specifies the name of a prefix list. SEQ = seq <1-429496725> (deny|permit) IPPREFIX any|LENGTH seq <1-429496725> The sequence number of the prefix list. deny Specifies that packets are to be rejected. permit Specifies that packets are to be accepted. IPPREFIX = X:X::X:X/M The IP address mask and length of the prefix list mask. any Takes all packets of any length. This parameter is the same as using 0.0.0.0/0 le 32 for IPPREFIX. LENGTH= [LE|GE] LE= le <0-32> Maximum prefix length to be matched. GE= ge <0-32> Minimum prefix length to be matched.

Command Mode
Configure mode

Examples ipv6 prefix-list mylist seq 12345 deny 3ffe:345::/16 le 22 ge 14

ipv6 unnumbered
Use this command to enable IPv6 processing without an explicit address, on a point-to-point non multi-access link. Use the no parameter with this command to unconfigure this feature on an interface.

Command Syntax
(no) ipv6 unnumbered IFNAME IFNAME A string that specifies the interface.

Command Mode
Interface mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
This command lets an interface borrow the IPv6 address of a specified interface, to enable IPv6 processing on a serial, point-to-point interface without assigning it an explicit IPv6 address. In this way, the IPv6 unnumbered interface can borrow the IPv6 address of another interface already configured on the router, to conserve network and address space.

Example
The following example creates a tunnel between Router 1 (eth1) and Router 2 (eth2), and enables IPv6 processing without an explicit address on an interface.

10.70.0.0/24 eth0 10.70.0.145 Router 1 (eth1) .145 On Router 1 Tunnel eth0 10.70.0.77 Router 2 (eth2) .77

ZebOS# configure terminal ZebOS (config)# interface lo ZebOS (config-if)# ipv6 address ::1/128 ZebOS (config-if)# exit ZebOS (config)# interface eth1 ZebOS (config-if)# ipv6 address fe80::20e:cff:fe6e:56dd/64 ZebOS (config-if)# exit ZebOS (config)# interface Tunnel0 ZebOS (config-if)# tunnel source 10.70.0.145 ZebOS (config-if)# tunnel destination 10.70.0.77 ZebOS (config-if)# tunnel ttl 255 ZebOS (config-if)# tunnel path-mtu-discovery ZebOS (config-if)# tunnel mode gre ZebOS (config-if)# ipv6 unnumbered eth1 ZebOS (config-if)# ipv6 router ospf area 0 tag 1 ZebOS (config-if)# exit ZebOS (config)# router ipv6 ospf 1 ZebOS (config-router)# router-id 10.70.0.145
On Router 2

ZebOS# configure terminal ZebOS (config)# interface lo ZebOS (config-if)# ipv6 address ::1/128 ZebOS (config-if)# exit ZebOS (config)# interface eth2 ZebOS (config-if)# ipv6 address fe80::204:75ff:febf:f07a/64 ZebOS (config-if)# exit ZebOS (config)# interface Tunnel0 ZebOS (config-if)# tunnel source 10.70.0.77 ZebOS (config-if)# tunnel destination 10.70.0.145 ZebOS (config-if)# tunnel ttl 255 ZebOS (config-if)# tunnel path-mtu-discovery ZebOS (config-if)# tunnel mode gre ZebOS (config-if)# ipv6 unnumbered eth2

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ZebOS ZebOS ZebOS ZebOS

(config-if)# ipv6 router ospf area 0 tag 1 (config-if)# exit (config)# router ipv6 ospf 1 (config-router)# router-id 10.70.0.77

Related Commands
ip unnumbered

line vty
Use the line vty command to move or change to VTY mode.

Command Syntax
line vty [FIRST] (LAST) FIRST <0-871> Specify the first line number. LAST <0-871> Specify the last line number.

Command Mode
Configure mode

Usage
This command is used to telnet to the NSM or any protocol daemons. This configuration is necessary for any telnet session. This configuration should be in the daemon's config file before starting the daemon. Use this command to enter the line mode to configure the access-class, and set the exec-timeout.

Examples
The following example shows the use of the line command to enter the Line command mode (note the change in the prompt).

ZebOS# configure terminal ZebOS(config)# line vty ZebOS(config-line)#

Validation Commands
show running-config

log file
Use the log file command to specify log file controls, and where to save the logs in a configuration file. Use the no parameter to revert logging to the default file.

Command Syntax
log file FILENAME no log file (FILENAME) FILENAME = Specifies the file name of the log.

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
The log file is written to filename in the default location, usually usr/local/sbin.

Examples
This command is used to log the debug messages of a particular protocol daemon to the specified file.

Router# configure terminal Router(config)# log file /usr/local/sbin/bgpd.log

Validation Commands
show running-config

log record-priority
Use the log record-priority command to include the priority of the message within the entry in the log file. Use the no parameter to exclude the priority from the entry.

Command Syntax
(no) log record-priority

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# log record-priority Validation Commands

show running-config

log stdout
Use the log stdout command to begin the logging of information to a standard output device, and set the level to debug. Use the trap parameter and its subparameters to set the logging to a different level. Use the no parameter to disable logging to the stdout.

Command Syntax
log stdout no log stdout

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# log stdout

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Validation Commands
show running-config

log syslog
Use the log syslog command to begin the logging of information to system log and set the level to debug. Use the trap parameter and its subparameters to set the logging to a different level. Use the no parameter to disable logging to the system log.

Command Syntax
log syslog no log syslog

Command Mode
Configure mode

Usage
The syslog enables logging and analyzing configuration events and system error messages, centrally. This helps in monitoring interface status, security alerts, and CPU process overloads. It also allows real-time capturing of client debug output sessions.

Examples ZebOS# configure terminal ZebOS(config)# log syslog Validation Commands

log trap
Use the log trap command with the log file to specify system message logging levels. Use the no parameter to include all levels of logging.

Command Syntax
log trap PRIORITY no log trap PRIORITY = emergencies|alerts|critical|errors|warnings| notifications|informational|debugging emergencies = turns on logging of only the most severe messages. alerts = turns on logging of the above plus this level. critical = turns on logging of the above plus this level. errors = turns on logging of the above plus this level. warnings = turns on logging of the above plus this level. notifications = turns on logging of the above plus this level. informational = turns on logging of the above plus this level. debugging = turns on logging of the above plus this level. This level of logging is the most comprehensive

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# log trap alerts ZebOS(config)# log trap critical ZebOS(config)# log trap informational Validation Commands
show running-config

Related Commands
log file

Command Syntax
(no) login

Default
Enabled

Command Mode
Line mode

Usage
Login is enabled by default. The no login command allows users to connect directly to the Privileged Exec mode skipping the password verification prompt. After using the no login command, if the user changes to the login command again, the system uses the password used earlier, unless the user specifies a password in the configure mode (see the following example).

Example
The following examples show the use of login and no login command. In this example, a password pass is set (in configure mode) before using the login command.

! ZebOS# configure terminal ZebOS(config)# line vty ZebOS(config-line)# no login ! ! ZebOS# configure terminal ZebOS#(config)# password pass ZebOS#(config)# line vty ZebOS#(config-line)# login !

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

match as-path
Use this command to match an autonomous system path access list. Use the no parameter with this command to remove a path list entry.

Command Syntax
match as-path LISTNAME no match as-path no match as-path LISTNAME

LISTNAME Specifies as autonomous system path access list name. Command Mode
Route-map mode

Usage
The match as-path command specifies the autonomous system path to be matched. If there is a match for the specified AS path, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met then the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid only for BGP.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute deny 34 ZebOS(config-route-map)# match as-path myaccesslist Related Commands
match metric, match ip address, match community, set as-path, set community

match community
Use this command to specify the community to be matched. Use the no parameter with this command to remove the community list entry.

Command Syntax
match community WORD no match community no match community WORD WORD Specifies the Community-list name

Command Mode
Route-map mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
Communities are used to group and filter routes. They are designed to provide the ability to apply policies to large numbers of routes by using match and set commands. Community lists are used to identify and filter routes by their common attributes. Use the match community command to allow matching based on community lists. The values set by the match community command overrides the global values. The route that does not match at least one match clause is ignored. Note: This command is valid only for BGP.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute permit 3 ZebOS(config-route-map)# match community mylist Related Commands
match ip address, match as-path, set as-path, set community, match metric

match interface
Use this command to define the interface match criterion. Use the no parameter with this command to remove the specified match criterion.

Command Syntax
match interface IFNAME no match interface IFNAME A string that specifies the interface for matching.

Default
Disabled

Command Mode
Route-map mode

Usage
The match interface command specifies the next-hop interface name of a route to be matched. Note: This command is only valid for RIP, OSPF, and IS-IS.

Example ZebOS# configure terminal ZebOS(config)# route-map mymap1 permit 10 ZebOS(config-route-map)# match interface eth0 Related Commands
match tag, match route-type external

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

match ip address
Use this command to specify the match address of route. Use the no parameter with this command to remove the match ip address entry.

Command Syntax
match ip address ACCESSLISTID no match ip address no match ip address ACCESSLISTID ACCESSLISTID = WORD|<1-199>|<1300-2699> WORD The name of IP access-list <1-199> The IP access-list number <1300-2699> The IP access-list number (expanded range)

Command Mode
Route-map mode

Usage
The match ip address command specifies the IP address to be matched. If there is a match for the specified IP address, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified then the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP, OSPF, RIP, and IS-IS only.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute permit 3 ZebOS(config-route-map)# match ip address List1 Related Commands
match community, match as-path, set as-path, set community, match metric

match ip address prefix-list

Use this command to match entries of prefix-lists. Use the no parameter with this command too disable this function

Command Syntax
match ip address prefix-list LISTNAME no match ip address prefix-list LISTNAME

LISTNAME Specifies the IP prefix list name.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Route-map mode

Usage
This command specifies the entries of prefix-lists to be matched. If there is a match for the specified prefix-list entries, and permit is specified, the route is redistributed or controlled, as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. This command is valid for BGP, OSPF, and RIP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)#match ip address prefix-list mylist

match ip next-hop
Use this command to specify a next-hop address to be matched in a route-map. Use the no parameter with this command to disable this function.

Command Syntax
match ip next-hop ACCESSLISTID no match ip next-hop no match ip next-hop ACCESSLISTID ACCESSLISTID = WORD|<1-199>|<1300-2699>|PREFIXLIST Specifies the IP access list name. WORD The IP access-list name <1-199> The IP access-list number <1300-2699> The IP access-list number (expanded range) PREFIXLIST prefix-list WORD Match entries of prefix-lists WORD IP prefix-list name

Command Mode
Route-map mode

Usage
The match ip next-hop command specifies the next-hop address to be matched. If there is a match for the specified next-hop address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP, OSPF, RIP, and IS-IS only.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# match ip next-hop mylist Related Commands
match community, match as-path, set as-path, set community, match metric

match ip next-hop prefix-list

Use this command to specify the next-hop IP address match criterion, using the prefix-list. Use the no parameter with this command to remove the specified match criterion.

Command Syntax
(no) match ip next-hop prefix-list LISTNAME no match ip next-hop prefix-list LISTNAME A string specifying the prefix-list name.

Default
Disabled

Command Mode
Route-map mode

Usage
Use the match ip next-hop prefix-list command to match the next-hop IP address of a route. Note: This command is valid for BGP and RIP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map mymap permit 3 ZebOS(config-route-map)# match ip next-hop prefix-list list1 Related Commands
match metric, match interface, match ip next-hop

match ipv6 address

Use this command to specify the match address of route. Use the no parameter with this command to remove the match ip address entry.

Command Syntax
match ipv6 address WORD no match ipv6 address WORD

WORD Specifies the IPv6 access list name.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Route-map mode

Usage
The match ipv6 address command specifies the IPv6 address to be matched. If there is a match for the specified IPv6 address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP, RIPng, and IS-IS only.

Examples ZebOS# configure terminal ZebOS(config)# route-map ipi deny 1 ZebOS(config-route-map)# match ipv6 address ipi

match ipv6 address prefix-list

Use this command to match entries of prefix-lists. Use the no parameter with this command to disable this function

Command Syntax
match ipv6 address prefix-list LISTNAME no match ipv6 address prefix-list LISTNAME

LISTNAME Specifies the IPv6 prefix list name. Command Mode

Route-map mode

Usage
The match ipv6 address prefix-list command specifies the entries of prefix-lists to be matched. If there is a match for the specified prefix-list entries, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes, depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. This command is valid for BGP, OSPFv3, and RIPng only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)#match ipv6 address prefix-list mylist

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

match ipv6 next-hop

Use this command to specify a next-hop address to be matched by the route-map. Use the no parameter with this command to disable this function

Command Syntax
match ipv6 next-hop X:X::X:X|WORD no match ipv6 next-hop X:X::X:X|WORD X:X::X:X The IPv6 address WORD The IPv6 access-list name

Command Mode
Route-map mode

Usage
The match ipv6 next-hop command specifies the next-hop address to be matched. If there is a match for the specified next-hop address, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP and IS-IS only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# match ipv6 next-hop 3ffe::1

match metric
Use this command to match a metric of a route. Use the no parameter with this command to disable this function

Command Syntax
match metric METRIC no match metric METRIC METRIC <0-4261412864> Specifies the metric value.

Command Mode
Route-map mode

Usage
The match metric command specifies the metric to be matched. If there is a match for the specified metric, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met,

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP, OSPF, RIP, and IS-IS only.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute permit 3 ZebOS(config-route-map)# no match metric 888999 Related Commands
match community, match as-path, set as-path, set community, match ip next-hop

match origin
Use this command to match origin code. Use the no parameter with this command to disable this matching.

Command Syntax
(no) match origin (egp|igp|incomplete) egp learned from EGP igp Local IGP incomplete Unknown heritage

Command Mode
Route-map mode

Usage
The origin attribute defines the origin of the path information. The egp parameter is indicated as an e in the routing table, and it indicates that the origin of the information is learned via Exterior Gateway Protocol. The igp parameter is indicated as an i in the routing table, and it indicates the origin of the path information is interior to the originating AS. The incomplete parameter is indicated as a ? in the routing table, and indicates that the origin of the path information is unknown or learned through other means. If a static route is redistributed into BGP, the origin of the route is incomplete. The match origin command specifies the origin to be matched. If there is a match for the specified origin, and permit is specified, the route is redistributed or controlled as specified by the set action. If the match criteria are met, and deny is specified, the route is not redistributed or controlled. If the match criteria are not met, the route is neither accepted nor forwarded, irrespective of permit or deny specifications. The route specified by the policies might not be the same as specified by the routing protocols. Setting policies enable packets to take different routes depending on their length or content. Packet forwarding based on configured policies overrides packet forwarding specified in routing tables. Note: This command is valid for BGP only.

Example ZebOS# configure terminal

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ZebOS(config)# route-map myroute deny 34 ZebOS(config-route-map)# match origin egp

Related Commands

match route-type
Use this command to match specified external route type. Use the no parameter with this command to turn off the matching.

Command Syntax
(no) match route-type external (type-1 | type-2)

Default
Disabled

Command Mode
Route-map mode

Usage
Use the match route-type external command to match specific external route types. AS-external LSA is either Type-1 or Type-2. External type-1 matches only Type 1 external routes, and external type-2 matches only Type 2 external routes. Note: This command is valid for OSPF only.

Examples ZebOS# configure terminal ZebOS(config)# route-map mymap1 permit 10 ZebOS(config-route-map)# match route-type external type-1 Related Commands
match tag, match route-type external

match tag
Use this command to match the specified tag value. Use the no parameter with this command to turn off the declaration.

Command Syntax
(no) match tag <0-4294967295>

Default
Disabled

Command Mode
Route-map mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
Use the match tag command to match the specified tag value. Note: This command is valid for OSPF only.

Examples ZebOS# configure terminal ZebOS(config)# route-map mymap1 permit 10 ZebOS(config-route-map)# match tag 100 Related Commands
match metric, match route-type external

password
Use the password command to specify a network password. Note: This command is unavailable to ZebOS Server Routing Suite (SRS) customers and ZebOS Advanced Routing Suite (ARS) customers using the IMISH for CLI management.

Command Syntax
password HIDDEN|PLAIN HIDDEN = 8 password Specifies a hidden password. PLAIN = password The unencrypted (cleartext) line password password An up to 80-character, alpha-numeric string including spaces. This string cannot begin with a number.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# password 8 hiddenpassword ZebOS(config)# password plainpassword Related Commands
enable

Validation Commands
show running-config

route-map
Use this command to enter the route-map mode, and to permit or deny match/set operations.

Command Syntax
(no) route-map MAPTAG deny|permit SEQ MAPTAG= Identifies the route. deny Route map denies set operations

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols permit Route map permits set operations SEQ= <1-65535> Specifies the sequence number for insertion or deletion.

Command Mode
Configure mode

Usage
Route-map is used to control and modify routing information. The route-map command allows redistribution of routes. It has a list of match and set commands associated with it. The match commands specify the conditions under which redistribution is allowed, and the set commands specify the particular redistribution actions to be performed if the criteria enforced by match commands are met. Route maps are used for detailed control over route distribution between routing processes. Route maps also allow policy routing, and might route packets to a different route than the obvious shortest path. If the permit parameter is specified, and the match criteria are met, the route is redistributed as specified by set actions. If the match criteria are not met, the next route map with the same tag is tested. If the deny parameter is specified, and the match criteria are met, the route is not redistributed, and any other route maps with the same map tag are not examined. Specify the sequence parameter to indicate the position a new route map is to have in the list of route maps already configured with the same name.

Examples
The following example shows the use of the route-map command to enter the route-map mode (note the change in the prompt), and the use of this mode in match and set commands.

ZebOS# configure terminal ZebOS(config)# route-map route1 permit 1 ZebOS(config-route-map)# match as-path 60 ZebOS(config-route-map)# set weight 70

service advanced-vty
Use this command to set multiple options to be listed when the Tab key is pressed, after completing a command. Use the no parameter to set no options to be listed when the Tab key is pressed, after completing a command.

Command Syntax
(no) service advanced-vty advanced-vty = Enable advanced mode VTY interface.

Command Mode
Configure mode

Usage
This feature applies to commands with more than one option.

Examples ZebOS# configure terminal ZebOS(config)# service advanced-vty

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

service password-encryption
Use this command to specify encryption of passwords. Use the no parameter to disable this feature. Note: When using the service password-encryption command through IMISH, you must write to memory using the write memory or write file command. If you have not written to memory, the change made by this command (encryption) is not available when you log into IMISH the next time.

Command Syntax
(no) service password-encryption password-encryption = Enable encrypted passwords.

Command Mode
Configure mode

Usage
The service password-encryption command specifies encryption of the passwords. This encryption is simple, and designed to prevent casual observers from reading passwords not for serious hackers. The following output displays the encrypted password. Router# configure terminal Router(config)# service password-encryption Current configuration: ! hostname ZebOS password 8 aZSABJxOet0gs enable password 8 SLtKyTiWDXTZw !

Examples ZebOS# configure terminal ZebOS(config)# service password-encryption Validation Commands

enable password

service terminal-length
Use this command to set the terminal length for VTY sessions. Use the no parameter to disable this feature.

Command Syntax
(no) service terminal-length terminal-length = LINES Establish system-wide terminal length configuration.

LINES = <0-512> Number of lines of VTY (0 means no line control).

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
The terminal-length parameter sets the terminal length for VTY sessions. In the following configuration, the terminal length for VTY sessions will be set to 60, making 60 the number of terminal lines for any telnet session. ZebOS# configure terminal ZebOS(config)# service terminal-length 60

Examples ZebOS# configure terminal ZebOS(config)# service advanced-vty Validation Commands

show running-config

set aggregator
Use this command to set the AS number for the route map and router ID. Use the no parameter with this command to disable this function

Command Syntax (no) set aggregator as ASNUM IPADDRESS ASNUM Specifies the AS number of aggregator. IPADDRESS Specifies the IP address of aggregator. Command Mode
Route-map mode

Usage
An Autonomous System (AS) is a collection of networks under a common administration sharing a common routing strategy. It is subdivided by areas, and is assigned a unique 16-bit number. Use the set aggregator command to assign an AS number for the aggregator. To use the set aggregator command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute permit 3 ZebOS(config-route-map)# set aggregator as 43 10.10.0.3

set as-path
Use this command to modify an autonomous system path for a route. Use the no parameter with this command to disable this function.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Syntax
(no) set as-path prepend (.ASN) prepend Prepends the autonomous system path. ASN ZebOS prepends this number to the AS path.

Command Mode
Router-map mode

Usage
Use the set as-path command to specify an autonomous system path. By specifying the length of the AS-Path, the router influences the best path selection by a neighbor. Use the prepend parameter with this command to prepend an AS path string to routes increasing the AS path length. To use the set as-path command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map myroute permit 3 ZebOS(config-route-map)# set as-path prepend 8 24

set atomic-aggregate
Use this command to set an atomic aggregate attribute. Use the no parameter with this command to disable this function

Command Syntax
set atomic-aggregate no set atomic-aggregate

Command Mode
Route-map mode

Usage
To use the set atomic aggregate command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set atomic-aggregate

Related Commands

set comm-list delete

Use this command to delete the matched communities from the community attribute of an inbound or outbound update when applying route-map. Use the no parameter with this command to disable this feature.

Command Syntax
(no) set comm-list (<1-199>|<100-199>|WORD) delete <1-99> Standard community-list number. <100-199> Expanded community-list number WORD Name of the Community-list.

Command Mode
Route-map mode

Usage
This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map ipi permit 3 ZebOS(config-route-map)# set comm-list 34 delete

set community
Use this command to set the communities attribute. Use the no parameter with this command to delete the entry.

Command Syntax
(no) set community [AA:NN|internet|local-AS|no-advertise|no-export](additive) set community none no set community

AA:NN Specifies the community number in this format.

AA = The AS number. NN = The number assigned to community. local-AS Specifies no sending outside the local AS (well-known community). internet Specifies the Internet. no-advertise Specifies no advertisement of this route to eBGP peers no-export Specifies no advertisement of this route to any peer none Removes the community attribute from the prefixes that pass the route-map. additive Adds to the existing community.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Route-map mode

Usage
Use this command to set the community attribute and group destinations in a certain community, as well as, apply routing decisions according to those communities. To use the set community command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples
The following examples show the use of the set community command with different parameters.

ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set community no-export no-advertise ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set community no-advertise ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set community 10:01 23:34 12:14 no-export

set dampening
Use this command to enable route-flap dampening and set parameters.

Command Syntax
(no) set dampening (REACHTIME (REUSE SUPPRESS MAXSUPPRESS))(UNREACHTIME) REACHTIME <1-45> Specifies the reachability half-life time in minutes. The time for the penalty to decrease to one-half of its current value. The default is 15 minutes. REUSE <1-20000> Specifies the reuse-limit value. When the penalty for a suppressed route decays below the reuse value, the routes become unsuppressed. The default reuse limit is 750. SUPPRESS <1-20000> Specifies the suppress-limit value. When the penalty for a route exceeds the suppress value, the route is suppressed. The default suppress limit is 2000. MAXSUPPRESS <1-255> Specifies the max-suppress-time. Maximum time that a dampened route is suppressed. The default max-suppress value is 4 times the half-life time (60 minutes). UNREACHTIME <1-45> Specifies the un-reachability half-life time for penalty, in minutes. The default value is 15 minutes.

Command Mode
Route-map mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
Set the unreachability half-life time to be equal to, or greater than, reachability half-life time. The suppress-limit value must be greater than or equal to the reuse limit value. Note: This command is valid for BGP only.

Example ZebOS# configure terminal ZebOS(config)# route-map R1 permit 24 ZebOS(config-route-map)# set dampening 20 333 534 30

set extcommunity
Use this command to set an extended community attribute. Use the no parameter with this command to disable this function

Command Syntax
(no) set extcommunity rt|soo EXTCOMMNUMBER no set extcommunity rt|soo rt Specifies the route target of the extended community. soo Specifies the site-of-origin of the extended community.

EXTCOMMNUMBER=ASN:nn_or_IP-address:nn VPN extended community

ASN:nn= the AS number. IPADDRESS:nn= the AS number in IP address form.

Command Mode
Route-map mode

Usage
To use the set extcommunity command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set extcommunity rt 06:01
ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set extcommunity rt 0.0.0.6:01 ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set extcommunity soo 06:01

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ZebOS# configure terminal ZebOS(config-route-map)# route-map rmap1 permit 3 ZebOS(config-route-map)# set extcommunity soo 0.0.0.6:01

set ip next-hop
Use this command to set the specified next-hop value. Use the no parameter with this command to turn off the setting.

Command Syntax
(no) set ip next-hop A.B.C.D no set ip next-hop A.B.C.D Specifies the IP address of the next-hop

Default
Disabled

Command Mode
Route-map mode

Usage
Use this command to set the next-hop IP address to the routes. Note: This command is valid for BGP, OSPF, and RIP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map mymap permit 3 ZebOS(config-route-map)# set ip next-hop 10.10.0.67 Related Commands
set metric

set ipv6 next-hop

Use this command to set a next hop-address. Use the no parameter with this command to delete an entry.

Command Syntax
set ipv6 next-hop global|local IPADDRESS no set ipv6 next-hop (global|local) no set ipv6 next-hop (global|local)(IPADDRESS) IPADDRESS= X:X::X:X Specifies the IPv6 address. global Specifies that the address is global. local Specifies that the address is local.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Route-map mode

Usage
Use this command to set the next-hop IPv6 address to the routes. Note: This command is valid for BGP and OSPFv3 only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set ipv6 next-hop local fe80::203:47ff:fe97:66dc

set level
Use this command to set the IS-IS level to export a route. Use the no parameter with this command to disable this function.

Command Syntax
set level-1|level-2|level-1-2 no set level

level-1 Export into a level-1 area. level-2 Export into a level-2 sub-domain. level-1-2 Export into level-1 and level-2. Command Mode
Route-map mode Note: This command is valid for IS-IS only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set level level-1

set metric
Use this command to set a metric value for a route. Use the no parameter with this command to disable this function.

Command Syntax
set metric METRICVAL no set metric (0-4261412864)

METRICVAL = <+/-metric>|<0-4261412864> The metric value. Command Mode

Route-map mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
This command sets the metric value for a route, and influences external neighbors about the preferred path into an Autonomous System (AS). The preferred path is the one with a lower metric value. A router compares metrics for paths from neighbors in the same ASs. To compare metrics from neighbors coming from different ASs, use the bgp always-compare-med command. To use the set metric command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP, OSPF, OSPFv3, RIP, RIPng, and IS-IS.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set metric 600

set metric-type
Use this command to set the metric type for the destination routing protocol. Use the no parameter with this command to return to the default.

Command Syntax
(no) set metric-type 1|2|type1|type2 1 = Select to set external type 1 metric. 2 = Select to set external type 2 metric. type1 = Select to set external type 1 metric. type2 = Select to set external type 2 metric. (no) set metric-type internal|external internal = Select to set internal IS-IS type metric. external = Select to set external IS-IS type metric.

Command Mode
Route-map mode

Examples
In this example the metric type of the destination protocol is set to OSPF external Type 1.

ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set metric-type 1

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Related Commands
redistribute, default-information

set origin
Use this command to set the BGP origin code. Use the no parameter with this command to delete an entry.

Command Syntax
set origin egp|igp|incomplete no set origin (egp|igp|incomplete) egp Specifies a remote EGP system. igp a local IGP system. incomplete Specifies a system of unknown heritage.

Command Mode
Route-map mode

Usage
The origin attribute defines the origin of the path information. The three parameters with this command indicate three different values. IGP is interior to the originating AS. This happens if IGP is redistributed into the BGP. EGP is learned through an Exterior Gateway Protocol. Incomplete is unknown or learned through some other means. This happens when static route is redistributed in BGP and the origin of the route is incomplete. To use the set origin command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set origin egp

set originator-id
Use this command to set the originator ID attribute. Use the no parameter with this command to disable this function

Command Syntax
set originator-id IPADDRESS no set originator-id (IPADDRESS)

IPADDRESS Specifies the IP address of originator.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Command Mode
Route-map mode

Usage
To use the set originator-id command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set originator-id 1.1.1.1

set tag
Use this command to set a specified tag value. Use the no parameter with this command to return to the default.

Command Syntax
(no) set tag TAGVALUE TAGVALUE = <0-4294967295> Tag value for destination routing protocol.

Command Mode
Route-map mode

Usage
Tag in this command is the route tag which is labeled by another routing protocol (BGP or other IGP when redistributing), because AS-external-LSA has a route-tag field in its LSAs. Also, with using route-map, ZebOS can tag the LSAs with the appropriate tag value. Sometimes, the tag matches with using route-map, and sometimes, the value may be used by another application. Note: This command is valid for OSPF only.

Examples
In the following example the tag value of the destination routing protocol is set to 6:

ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set tag 6

Related Commands
redistribute, default-information

set vpnv4 next-hop

Use this command to set a VPNv4 next-hop address.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols Use the no parameter with this command to disable this function

Command Syntax
set vpnv4 next-hop IPADDRESS no set vpnv4 next-hop (IPADDRESS)

IPADDRESS Specifies the IP address of next hop. Command Mode

Route-map mode

Usage
To use the set vpn4-hext-hop command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set vpnv4 next-hop 6.6.6.6

set weight
Use this command to set weights for the routing table. Use the no parameter with this command to delete an entry.

Command Syntax
set weight WEIGHT no set weight (WEIGHT)

WEIGHT = <0-4294967295> Specifies the weight value. Command Mode

Route-map mode

Usage
The weight value is used to assist in best path selection. It is assigned locally to a router. When there are several routes with a common destination, the routes with a higher weight value are preferred. To use the set weight command, you must first have a match clause. Match and set commands set the conditions for redistributing routes from one routing protocol to another. The match command specifies the match criteria under which redistribution is allowed for the current route-map. The set command specifies the set redistribution actions to be performed, if the match criteria are met. match as-path 10 set weight 400 In the above configuration, all routes that apply to access-list 10 will have the weight set at 400.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols If the packets do not match any of the defined criteria, they are routed through the normal routing process. Note: This command is valid for BGP only.

Examples ZebOS# configure terminal ZebOS(config)# route-map rmap1 permit 3 ZebOS(config-route-map)# set weight 60 Related Commands
match as-path

show access-list
Use this command to display a list of IP access lists.

Command Syntax
show access-list

Command Mode
Privileged Exec mode

Examples ZebOS# show access-list

show cli
Use this command to display the CLI tree of the current mode.

Command Syntax
show cli

Command Mode
All command modes

Usage
This is a section of the sample output of the show cli command executed at the Interface mode. +-ospf +-A.B.C.D +-authentication [no ip ospf (A.B.C.D|) authentication] +-authentication-key [no ip ospf (A.B.C.D|) authentication-key] +-cost [no ip ospf (A.B.C.D|) cost] +-database-filter [no ip ospf (A.B.C.D|) database-filter] +-hello-interval [no ip ospf (A.B.C.D|) hello-interval] +-message-digest-key

Examples ZebOS# show cli

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

show history
Use the show history command to list the commands entered in the current session. The history buffer is cleared automatically upon reboot. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show history

Command Mode
Exec mode and Privileged Exec mode

Examples show history Usage

Two sample results from the show history command: IMI-CLI#show history 1 en 2 show ru 3 con t 4 route-map er deny 3 5 exit 6 ex 7 di Though some modes do not have the show history command, commands entered in those modes are listed from the Privileged mode. All command line entries are listed, even erroneous commands. ZebOS# show history 1 show ip protocols 2 show ip protocols rip 3 show history 4 enable 5 config terminal 6 show his 7 interface eth0 8 show history 9 router rip 10 end 11 list 12 con t 13 router rip 14 shoe history 15 show history 16 end

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

show ip prefix-list
Use this command to display the prefix list entries. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is valid for RIP and BGP protocols only.

Syntax Description
show ip prefix-list (WORD|DETAIL|SUMMARY) WORD=A.B.C.D/M (first-match|longer) A.B.C.D IP address for the prefix list. M=<0-32> is the length of the address/Mask. first-match the show command displays the first matching routing table for the given IP address or prefix. longer causes the show command to lookup longer prefix. DETAIL =detail(WORD) WORD = name of prefix list. SUMMARY=summary(WORD) WORD = name of prefix list.

Command Mode
Exec mode

Usage
The following is a sample output of the show ip prefix-list command showing prefix-list entries. ZebOS# show ip prefix-list ip prefix-list ipi1: 3 entries seq 5 permit 172.1.1.0/16 seq 10 permit 173.1.1.0/16 seq 15 permit 174.1.1.0/16

Examples ZebOS# show ip prefix-list ZebOS# show ip prefix-list 10.10.0.98/8 first-match ZebOS# show ip prefix-list detail home

show list
Use this command to display a list of all the commands relevant to the current mode.

Command Syntax
show list

Command Mode
All command modes.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Examples ZebOS# show list

show memory all

Use this command to display memory statistics about all protocols and the ZebOS library. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax
show memory all

Command Mode
Privileged Exec mode

Usage
The following is an output of this command displaying memory statistics about all protocols: Zebos# show memory all Memory type Alloc cells Alloc bytes =================================== ============= =============== Temporary memory : 17759 1732336 Hash : 16 1280 Hash index : 16 58368 Hash bucket : 61 4880 Thread master : 8 8576 Thread : 71 7952 Link list : 148 11840 ... Buffer data : 3 3216 Prefix : 4 320 ... Host config password : 7 560 VTY master : 8 640 VTY : 4 17600 VTY history : 16 1280 VTY if : 49 14896

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

VTY connected : ... Patricia tree node : Message entry : Message handler : Host : Log information : Context : ----------------------------------NSM Client Handler : NSM Client : NSM server entry : NSM server client : NSM server : NSM Route table : NSM Route node : NSM Master : NSM RIB : ... IGMP interface info : NSM IPv6 Mcast entry : NSM IPv6 Mcast Client entry : NSM IPv6 Mcast Stat block entry : MLD Top : MLD interface : --------------------------------------------------------------------OSPFv3 structure : OSPFv3 area : OSPFv3 interface : OSPFv3 neighbor : OSPFv3 vertex : ... OSPFv3 prefix map : OSPFv3 packet : OSPFv3 FIFO : OSPFv3 if params : OSPFv3 description : ----------------------------------BGP structure : BGP VR structure : BGP global structure : BGP peer : BGP as list master : Community list handler : BGP Damp Reuse List Array : BGP table : ----------------------------------PIM-DM Global : PIM-DM VR :

112

8960

22 1760 7 560 8 896 8 1408 16 1280 16 3072 ------------- --------------7 229712 7 14672 7 229712 7 560 1 2096 12 960 15 1680 1 112 15 1200 1 176 1 560 2 160 2 8288 1 176 6 1056 ------------- --------------------------- --------------1 304 1 176 1 304 3 912 1 80 1 80 681 105328 1 80 2 224 4 320 ------------- --------------1 1072 1 112 1 112 1 2096 1 80 1 80 1 2096 37 2960 ------------- --------------1 176 1 80

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

PIM-DM VRF

176

Examples ZebOS# show memory all Related Commands

show memory lib

show memory free

Use this command to display memory statistics about free memory for every protocol. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax
show memory free

Command Mode
Privileged Exec mode

Usage
The following is an output of this command displaying the total free size and the number of available free blocks: ZebOS# show memory free Freed memories for IMI Block size =============== 32 64 128 256 ... Freed memories for NSM Block size Total bytes =============== =============== 32 80 64 257152 128 1421904 256 1214784 512 1127840 1024 1055920 2048 1031232 ... Freed memories for RIPng Block count ============== 1 2296 8079 3996 2014 985 492 Total bytes =============== 80 257152 1421904 1214784 Block count ============== 1 2296 8079 3996

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Block size =============== 32 64 128 256 512 1024 ...

Total bytes =============== 0 257040 1421904 1214784 1127840 1054848

Block count ============== 0 2295 8079 3996 2014 984

Examples ZebOS# show memory free Related Commands

show memory lib, show memory all

show memory lib

Use this command to display library memory statistics. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax
show memory lib

Command Mode
Privileged Exec mode

Usage
The following is a section of the sample output for the show memory lib command showing the memory usage by library in different protocols. ZebOS# show memory lib Library MTYPEs for NSM Memory type Alloc cells ============================== ============ Hash : 1 Hash index : 1 Hash bucket : 6 Thread master : 1 Thread : 11 Link list : 10 Link list node : 18 Buffer : 0 Buffer bucket : 0 Buffer data : 0

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Buffer IOV : 0 ... Config handle : 0 Temporary memory : 2039 Access list : 0 Access list str : 0 Access filter : 0 Prefix list : 0 Prefix list str : 0 Prefix list entry : 0 Route map : 0 Route map name : 0 Route map index : 0 ... Bit map : 3 Bit map block : 3 Bit map block array : 3 Patricia tree : 5 Patricia tree node : 0 MPLS VRF table entry : 0 ------------------------------ -----------Library MTYPEs for OSPF Memory type Alloc cells ============================== ============ Hash : 1 Hash index : 1 Hash bucket : 2 Thread master : 1 Thread : 25 Link list : 40 ... Temporary memory : 2460 Access list : 0 Access list str : 0 Access filter : 0 Prefix list : 0 ... VTY path : 0 Vector : 1340 Vector index : 1340 ... Bit map block : 0 Bit map block array : 0 Patricia tree : 0 Patricia tree node : 0 MPLS VRF table entry : 0 ------------------------------ ------------

Examples ZebOS# show memory lib

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Related Commands
show memory all

show memory summary

Use this command to display the summary of memory statistics. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-memmgr configuration option is enabled in the configure script.

Command Syntax
show memory summary

Command Mode
Privileged Exec mode

Usage
Following is a sample output of the show memory summary command: ZebOS# show memory summary Memory summary for IMI Total preallocated memory size: Total preallocated memory overhead: Total preallocated memory blocks: Total on demand allocated memory size: Total on demand allocated memory overhead: Total on demand allocated memory count: Requested ZebOS memory size: Allocated ZebOS memory size: Allocated ZebOS memory blocks: Total memory left in the free pool: Total blocks left in the free pool: 10485760 3141024 65438 913824 388368 8091 2048768 6393904 55301 8535072 18228

Memory summary for NSM Total Total ... Total Total preallocated memory size: preallocated memory overhead: on demand allocated memory overhead: on demand allocated memory count: 10485760 3141024 388368 8091 2049160 6394464

Requested ZebOS memory size: Allocated ZebOS memory size:

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Allocated ZebOS memory blocks: Total memory left in the free pool: Total blocks left in the free pool:

55302 8534512 18227

Memory summary for RIPng Total preallocated memory size: Total preallocated memory overhead: Total preallocated memory blocks: ... Total memory left in the free pool: Total blocks left in the free pool: 8533360 18225 10485760 3141024 65438

Examples ZebOS# show memory summary

show route-map
Use this command to display user readable route-map information. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show route-map

Command Mode
Privileged Exec mode

Usage
The following is a sample output of the show route-map command. ZebOS# show route-map route-map ipi, permit, sequence 1 Match clauses: metric 200 Set clauses: metric 60

Examples ZebOS> show route-map

show running-config
Use the show running-config command to display the current configuration file.

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show running-config

Command Mode
Privileged Exec mode

Examples show running-config Usage

The display for the show running-config command is bracketed by Current configuration and end. ZebOS# show running-config Current configuration: ! hostname ripd password zebra log stdout ! debug rip events debug rip packet ! interface lo ! interface cipcb0 ! interface sit0 ! interface eth0 ! interface eth1 ip rip send version 2 ip rip receive version 2 ip rip authentication string !!!! ! interface dummy0 ! interface ip6tnl0 ! interface ip6tnl1 ! ! router rip network eth0 network eth1 passive-interface eth0

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

redistribute connected ! ip prefix-list hoge seq 5 permit any ip prefix-list hoge seq 10 permit 10.0.0.0/8 ! route-map nexthop permit 1 set ip next-hop 10.10.0.97 ! line vty exec-timeout 0 0 ! end

Related Commands
write terminal

show startup-config
Use the show startup-config command to display the startup configuration. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show startup-config

Command Mode
Privileged Exec mode

Examples show startup-config Usage

The following is a sample output of the show startup-config command displaying the configuration at startup. ripd# show startup-config ! ! ZebOS configuration saved from vty ! 2001/04/21 11:38:52 ! hostname ripd password zebra log stdout ! debug rip events debug rip packet ! interface lo ! interface eth0

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

ip rip send version 1 2 ip rip receive version 1 2 ! interface eth1 ip rip send version 1 2 ip rip receive version 1 2 ! router rip redistribute connected network 10.10.10.0/24 network 10.10.11.0/24 ! line vty exec-timeout 0 0

show version
Use the show version command to display the version of ZebOS currently running. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show version

Command Mode
Privileged Exec mode and Exec mode

Usage
The following is an output from the show version command. ZebOS# show version ZebOS SRS 6.1 (i686-pc-linux-gnu) 12172003 Copyright 2001-2003 IP Infusion Inc. NET-SNMP SNMP agent software (c) 1989, 1991, 1992 by Carnegie Mellon University; (c) 1996, 1998-6.10 The Regents of the University of California. All Rights Reserved; (c) 6.11, Networks Associates Technology, Inc. All rights reserved; (c) 6.11, Cambridge Broadband Ltd. All rights reserved. RSA Data Security, Inc. MD5 Message-Digest Algorithm (c) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved. Libedit Library (c) 1992, 1993 The Regents of the University of California. All rights reserved. OpenSSL Library Copyright (C) 1998-6.12 The OpenSSL Project. All rights reserved. Original SSLeay License Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

terminal length
Use the terminal length command to set number of lines displayed on a terminal. Use the no parameter with this command to revert to the default setting.

Command Syntax
(no) terminal length LENGTH LENGTH = <0-512> The number of lines on a terminal. The default length is 25 lines.

Command Mode
Exec mode and Privileged Exec mode

Examples
The following example sets the terminal length to 30 lines.

ZebOS# terminal length 30

terminal monitor
Use the terminal monitor command to display debugging output on a terminal.

Command Syntax
(no) terminal monitor

Command Mode
Privileged Exec mode

Examples ZebOS# terminal monitor Related Commands

All debug commands

who
Use the who command to display all other VTY connections. Note: Note: This command is unavailable to ZebOS Server Routing Suite (SRS) customers and to ZebOS Advanced Routing Suite (ARS) customers using the IMISH for CLI management. This command is only available on the Linux platform.

Command Syntax
who

Command Mode
Exec mode

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

Usage
The following is an output from the who command displaying all other VTY connections. The entry * marks the connection with the configuration rights. Router# who vty[8] connected from 127.0.0.1. *vty[9] connected from 127.0.0.1. vty[10] connected from 10.10.0.74

Examples ZebOS> who

write file and write memory

Use the write file or write memory command to write configuration data to a file.

Command Syntax
write file write memory

Command Mode
Privileged Exec mode

Examples ZebOS# write file Related Commands

show running-config

write terminal
Use the write terminal command to display current configurations to the VTY terminal.

Command Syntax
write terminal

Command Mode
Privileged Exec mode

Usage
The following is an output from the write terminal command displaying current configuration on the terminal. ripd# write terminal Current configuration: ! hostname ripd password zebra log stdout

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

! debug rip events debug rip packet ! interface lo ! interface eth0 ip rip send version 1 2 ip rip receive version 1 2 ! interface eth1 ip rip send version 1 2 ip rip receive version 1 2 ! ! router rip network 10.10.10.0/24 network 10.10.11.0/24 redistribute connected ! line vty exec-timeout 0 0 ! end

Examples ZebOS# write terminal Related Commands

show-running-config

2001-2007 IP Infusion Inc. Confidential

Commands Common to Multiple Protocols

2001-2007 IP Infusion Inc. Confidential

CHAPTER 3

NSM Commands

admin-group
Use this command to create an administrative group to be used for links. Each link can be a member of one or more, or no administrative groups. Note: This command is unavailable to ZebOS Server Routing Suite (SRS) customers and to ZebOS Advanced Routing Suite (ARS) customers using the IMISH for CLI management.

Command Syntax
admin-group NAME <0-31> NAME = Note: Specify the name of the admin group to be added <0-31> available only from the Configure mode <0-31> = Specify the number of groups per system

Command Mode
Interface mode

Usage
When used in the interface mode, this command adds a link between an interface and a group. The name is the name of the group previously configured. There can be multiple groups per interface. The group is created in the Configure mode, then interfaces are added to the group in the Interface mode.

Examples
In the following example, the interface eth0 has been added to the group ipi:

ZebOS# configure terminal ZebOS(config) interface eth0 ZebOS(config-if)# admin-group ipi

arp A.B.C.D MAC

Use this command to create a static group ARP entry. Use the no parameter to remove the static group ARP entry.

Command Syntax
arp A.B.C.D MAC (alias | ) no arp A.B.C.D A.B.C.D MAC IP address MAC address

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Examples ZebOS# configure terminal ZebOS(config)# arp 10.10.10.10 0010.2355.4566 alias

bandwidth
Use this command to specify the maximum bandwidth to be used for each interface. The bandwidth value is in bits, and can also accept units. Use the no parameter to remove the maximum bandwidth.

Command Syntax
(no) bandwidth BANDWIDTH <1-999> k|m for 1 to 999 kilo bits or mega bits. <1-10> g for 1 to 10 giga bits. BANDWIDTH

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# bandwidth 100m Related Commands
reservable-bandwidth

Validation Commands
show running-config, show interface

clear ip route kernel

Use this command to clear IPv4 stale kernel routes from NSM RIB and FIB.

Command Syntax
clear ip route kernel

Default
None

Command Mode
Privileged Exec mode

Examples ZebOS# clear ip route kernel

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Related Commands
clear ipv6 route kernel, fib retain

clear ipv6 neighbors

Use this command to clear all dynamic IPv6 neighbor entries.

Command Syntax
clear ipv6 route kernel

Command Mode
Privileged Exec mode

debug nsm
Use this command to specify a set of debug options for NSM events, kernel, and packets.

Command Syntax
(no) debug nsm

Command Mode
Exec mode, Privileged Exec mode, and Configure mode

Examples ZebOS# debug nsm Related Commands

debug nsm kernel, debug nsm events, debug nsm packet

Validation Commands
show debugging nsm

debug nsm events

Use this command to specify the set of debug options for NSM daemon events.

Command Syntax
debug nsm events

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# debug nsm events Related Commands

debug nsm kernel

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Validation Commands
show debugging nsm

debug nsm kernel

Use this command to specify the debug option-set for the NSM daemon routing manager between the kernel interface.

Command Syntax
debug nsm kernel

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# debug nsm kernel Validation Commands

show debugging nsm

debug nsm packet

Use this command to specify the debug option-set for the nsm packet.

Command Syntax
debug nsm packet (recv|send)(detail) recv = Specifies the debug option-set for receive packet. send = Specifies the debug option-set for send packet. detail = Sets the debug option set to detailed information.

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# debug nsm packet ZebOS# debug nsm packet recv detail Validation Commands
show debugging nsm

fib retain
Use this command to modify the retain time for stale routes in the Forwarding Information Base (FIB) during NSM restart. Use the no parameter with this command to revert to default; not retaining NSM routes in the FIB when NSM is killed. Note: NSM still retains the stale routes for 60 seconds when it restarts.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Syntax
(no) fib retain (TIME|Forever) Forever Specifies an infinite retain time for stale routes. TIME = time <1-65535> Specifies the retain time for stale routes. The default retain time is 60 seconds. <1-65535> The retain time in seconds.

Default
NSM routes are cleared from the FIB when NSM is killed, but when NSM is restarted, stale routes are retained for 60 seconds.

Command Mode
Configure mode

Usage
NSM reads the Forwarding Information Base (FIB), and treats previously self-installed routes as stale routes. You can display stale routes by running the show ip route database command. All routes preceded by the symbol p are stale routes. When protocol modules restart, NSM overrides these stale routes with routes reinstalled by protocol modules. The behavior of NSM routes when NSM is killed is as follows: no fib retain (default) Cleans up NSM routes from the FIB, but retains stale routes for 60 seconds when restarted. fib retain Does not clear routes from the FIB, and retains stale routes for 60 seconds when restarted. fib retain forever Does not clear routes from the FIB and retains stale routes forever. fib retain time <1-65535> Does not clear routes from the FIB and retains stale routes for the specified seconds. You can remove stale routes at any time by using the clear ip route kernel command.

Note:

Examples ZebOS# configure terminal ZebOS(config)# fib retain time 180

if-arbiter
Use this command to discover new interfaces recently added to the kernel, and add them to the ZebOS database.

Command syntax
if-arbiter interval <1-65535> no if-arbiter <1-65535> Specifies the interval (in seconds) after which NSM sends query to kernel.

Default
By default, if-arbiter is disabled. When interface-related operations are performed outside of ZebOS (for example, when using OS ifconfig), enable if-arbiter for a transient time to complete synchronization. When synchronization is complete, disable it using the if-arbiter CLI.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Mode
Configure mode

Usage
This command starts the arbiter to check interface information periodically. ZebOS dynamically finds any new interfaces added to the kernel. If an interface is loaded dynamically into the kernel when ZebOS is already running, this command polls kernel information periodically, and updates.

Examples ZebOS# configure terminal ZebOS(config)# if-arbiter interval 5 Validation Commands

show running-config

interface
Use this command to select an interface to configure, and to enter the Interface command mode.

Command Syntax
interface IFNAME IFNAME = Specifies the name of the interface

Command Mode
Configure mode

Examples
This example shows the use of this command to enter the Interface mode (note the change in the prompt).

Router# configure terminal Router(config)# interface eth0 Router(config-if)#

ip address
Use this command to set the IP address of an interface. Use the no parameter with this command to remove the IP address from an interface.

Command Syntax
ip address IP-ADDRESS (secondary) no ip address IP-ADDRESS

no ip address
IP-ADDRESS A.B.C.D/M Specifies the IP address and prefix length of an interface. secondary Specifies the IP address as secondary.

Command mode
Interface mode

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Usage
When the secondary parameter is not specified with this command, this command overwrites the primary IP address. When the secondary parameter is specified with this command, this command adds a new IP address to the interface. The secondary address cannot be configured in the absence of a primary IP address. The primary address cannot be removed when a secondary address is present.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip address 10.10.10.50/24 ZebOS(config-if)# ip address 10.10.11.50/24 secondary Validation commands
show running-config, show interface, show ip interface brief

ip forwarding
Use this command to turn on IP forwarding. Use the no parameter with this command to turn off IP forwarding.

Command Syntax
(no) ip forwarding

Command Mode
Configure mode

Examples Router# configure terminal Router(config)# ip forwarding

ip proxy-arp
Use this command to enable the proxy ARP feature on an interface. Use the no parameter to disable the proxy ARP feature on an interface.

Command Syntax
ip proxy-arp no ip proxy-arp

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip proxy-arp

2001-2007 IP Infusion Inc. Confidential

NSM Commands

ip route
Use this command to establish the distance for static routes of a subnet mask. Use the no form of this command to disable the distance for static routes of a subnet mask.

Command Syntax
(no) ip route DESTPREFIX IPADDRESSMASK GATEWAYIP|INTERFACE (DISTVALUE) (no) ip route DESTPREFIX/M GATEWAYIP|INTERFACE (DISTVALUE)

DESTPREFIX = A.B.C.D Specifies the IP destination prefix.

DESTPREFIX/M = A.B.C.D/M Specifies the IP destination prefix and a mask length <0-32>.

IPADDRESSMASK = A.B.C.D Specifies the IP destination prefix mask. GATEWAYIP = A.B.C.D Specifies the IP gateway address. DISTVALUE = <1-255> Specifies the distance value for the route.
INTERFACE = Specifies the name of the interface.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# ip route 192.168.3.0 255.255.255.0 2.2.2.2 128 ZebOS(config)# ip route 1.1.1.0/24 eth0 32 Validation Commands
show ip route, show running-config

ipv6 forwarding
Use this command to turn on IPv6 forwarding. Use the no parameter with this command to turn off IPv6 forwarding.

Command Syntax
(no)ipv6 forwarding

Command Mode
Configure mode

Examples Router# configure terminal Router(config)# ipv6 forwarding

ipv6 nd managed-config-flag
Use this command to set the managed address configuration flag in the Router Advertisement to be used for the IPv6 address auto-configuration. Use the no parameter with this command to reset the value to default.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Syntax
(no) ipv6 nd managed-config-flag

Default
Unset

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd managed-config-flag ZebOS(config-if)# no ipv6 nd suppress-ra Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix, ipv6 nd other-config-flag

ipv6 nd other-config-flag
Use this command to set the other stateful configuration flag in Router Advertisement to be used for IPv6 address autoconfiguration. Use no parameter with this command to reset the value to default.

Command Syntax
(no) ipv6 nd other-config-flag

Default
Unset

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd other-config-flag ZebOS(config-if)# no ipv6 nd suppress-ra Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix, ipv6 nd managed-config-flag

ipv6 nd prefix
Use this command to specify the IPv6 prefix information that is advertised by the Router Advertisement for IPv6 address auto-configuration. Use no parameter with this command to reset the IPv6 prefix.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Syntax
(no) ipv6 nd prefix X:X::X:X/M <0-4294967295> <0-4294967295> (off-link|) (noautoconfig|) X:X::X:X/M Specify the IPv6 prefix. <0-4294967295> Specify theIPv6 prefix valid lifetime. <0-4294967295> Specify the IPv6 prefix preferred lifetime. off-link Specify the IPv6 prefix off-link flag. no-autoconfig Specify the IPv6 prefix no autoconfiguration flag.

Default
Unspecified

Command Mode
Interface mode

Usage
This command specifies the IPv6 prefix that is advertised by the Router Advertisement message.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd prefix 2001:ffff::/64 ZebOS(config-if)# no ipv6 nd suppress-ra Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix

ipv6 nd ra-interval
Use this command to specify the interval between IPv6 Router Advertisements (RA). Use no parameter with this command to reset the value to default.

Command Syntax
(no) ipv6 nd ra-interval <3-1800>

Default
600 seconds.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd ra-interval 60 ZebOS(config-if)# ipv6 nd prefix 3ffe:ffff:ffff::/64 ZebOS(config-if)# no ipv6 nd suppress-ra

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix

ipv6 nd ra-lifetime
Use this command to specify the lifetime of this router enabling it to act as a default gateway for the network. Use no parameter with this command to reset the value to default.

Command Syntax
(no) ipv6 nd ra-lifetime <0-9000>

Default
1800 seconds

Command Mode
Interface mode

Usage
This command specifies the lifetime of the current router to be announced in IPv6 Router Advertisement.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd ra-lifetime 9000 ZebOS(config-if)# no ipv6 nd suppress-ra Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix

ipv6 nd reachable-time
Use this command to specify the reachable time in the Router Advertisement to be used for detecting unreachability of the IPv6 neighbor. Use the no parameter with this command to reset the value to default.

Command Syntax
(no) ipv6 nd reachable-time <0-3600000>

Default
0 milliseconds

Command Mode
Interface mode

Example ZebOS# configure terminal

2001-2007 IP Infusion Inc. Confidential

NSM Commands

ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 nd reachable-time 1800000 ZebOS(config-if)# no ipv6 nd suppress-ra

Related Commands
ipv6 nd suppress-ra, ipv6 nd prefix

ipv6 nd suppress-ra
Use this command to control IPv6 Router Advertisement (RA) transmission for the current interface. Router Advertisement is used for IPv6 stateless auto-configuration. Use no parameter with this command to enable Router Advertisement transmission.

Command Syntax
(no) ipv6 nd suppress-ra

Default
Suppressed

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# no ipv6 nd suppress-ra Related Commands
ipv6 nd ra-interval, ipv6 nd prefix

ipv6 neighbor
Use this command to add an IPv6 neighbor entry. Use the no form of this command to an IPv6 neighbor entry.

Command Syntax
ipv6 neighbor ADDRESS IF NAME MAC no ipv6 neighbor ADDRESS IF NAME

ADDRESS = X:X::X:X neighbors IPv6 address

IFNAME = interface name MAC = HHHH.HHHH.HHHH MAC hardware address

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

NSM Commands

ipv6 route
Use this command to establish the distance for static routes of a subnet mask. Use the no form of this command to disable the distance for static routes of a subnet mask.

Command Syntax
(no) ipv6 route DESTPREFIX/M GATEWAYIP|INTERFACE DISTVALUE

DESTPREFIX = Specifies the IP destination prefix. DESTPREFIX/M = X:X::X:X/M Specifies the IP destination prefix and a mask length <0-128>.
GATEWAYIP = X:X::X:X Specifies the IP gateway address.

DISTVALUE = <1-255> Specifies the distance value for the route.

INTERFACE = Specifies the name of the interface

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# ipv6 route 3ffe:506::1 128 ZebOS(config)# ipv6 route 3ffe:506::1/128 myintname 32 Validation Commands
show running-config, show ipv6 route

ipv6 address
Use this command to set the IPv6 address of an interface. Use the no form of this command to disable this function.

Command Syntax
ipv6 address IPADDRESS no ipv6 address

IPADDRESS = X:X::X:X/M Specifies the IP destination prefix and a mask length <0-128>. Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 address 3ffe:506::1/128 Validation Commands
show running-config, show interface, show ipv6 route

2001-2007 IP Infusion Inc. Confidential

NSM Commands

maximum-paths
Use this command to enable multipath support on ZebOS, and set the maximum number of paths to be installed in the FIB (Forward Information Base). Use the no parameter with this command to revert to default. Note: Currently, this command is available on Linux systems only.

Command Syntax
(no) maximum-paths <1-10> no maximum-paths <1-10> Specify the maximum number of paths to be installed in the FIB.

Default
By default, the maximum number of paths is set to 4.

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# maximum-paths 5

mtu
Use this command to set the Maximum Transmission Unit (MTU) size of an interface.

Command Syntax
mtu SIZE SIZE <64-17940> Specifies the size of MTU in bytes.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# mtu 120

multicast
Use this command to set the multicast flag to an interface. Use the no form of this command to disable this function.

Command Syntax
(no) multicast

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# multicast Validation Commands
show running-config

no debug nsm events

Use this command to disable the debugging options for NSM daemon events.

Command Syntax
no debug nsm events

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# no debug nsm events Equivalent Commands

undebug nsm events

no debug nsm kernel

Use this command to disable the debugging option for the NSM daemon routing manager between the kernel interface.

Command Syntax
no debug nsm kernel

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# no debug nsm kernel Equivalent Commands

no debug nsm kernel

no debug nsm packet

Use this command to disable the debugging option for the nsm packet.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Syntax
no debug nsm packet (recv|send)(detail) recv = Disable the debugging option for receive packet. send = Disable the debugging option for send packet. detail = Disable the debugging option for detailed information.

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# no debug nsm packet ZebOS# no debug nsm packet recv detail Validation Commands
show debugging nsm

Equivalent Commands
no debug nsm packet

show debugging nsm

Use this command to display debugging information for the ZebOS routing manager. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show debugging nsm

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show debugging nsm command displaying the NSM debugging status.

ZebOS# show debugging nsm NSM debugging status: NSM event debugging is on NSM packet debugging is on NSM kernel debugging is on

Examples ZebOS# show debugging nsm

show interface
Use this command to display interface configuration and status.

2001-2007 IP Infusion Inc. Confidential

NSM Commands To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show interface IFNAME IFNAME Specifies the name of the interface for which status and configuration information is desired.

Command Mode
Exec mode and Privileged Exec mode

Usage
When the QoS feature is enabled for the interface, this is what this command displays: Router# show interface eth0 Interface eth0 index 2 metric 1 mtu 1500 <UP,BROADCAST,RUNNING,MULTICAST> HWaddr: 00:b0:d0:da:92:5f Administrative Group(s) : ipi bandwidth 100m maximum reservable bandwidth 100m available b/w at priority 0 is 100.000m available b/w at priority 1 is 100.000m available b/w at priority 2 is 100.000m available b/w at priority 3 is 100.000m available b/w at priority 4 is 100.000m available b/w at priority 5 is 100.000m available b/w at priority 6 is 100.000m available b/w at priority 7 is 100.000m inet 10.10.0.34/24 broadcast 10.10.0.255 input packets 973824, bytes 127560568, dropped 0, multicast packets 0 input errors 1, length 0, overrun 0, CRC 0, frame 1, fifo 1, missed 0 output packets 84422, bytes 26945483, dropped 0 output errors 0, aborted 0, carrier 0, fifo 0, heartbeat 0, window 0 collisions 2483

Examples ZebOS# show interface myifname

show ip access-list
Use this command to display a IP access lists. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip access-list

Command Mode
Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Usage
The following is a sample output of the show ip access-list command showing the IP access-list entries. ZebOS# show ip access-list Standard IP access list 1 permit 172.168.6.0, wildcard bits 0.0.0.255 permit 192.168.6.0, wildcard bits 0.0.0.255

Examples ZebOS#

show ip access-list

show ip forwarding
Use this command to display the IP forwarding status. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip forwarding

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show ip forwarding command displaying the IP forwarding status. ZebOS# show ip forwarding IP forwarding is on

Examples ZebOS# show ip forwarding

show ip interface brief

Use this command to display brief information about interfaces and the IP addresses assigned to them. To display information about a specific interface, specify the interface name with the command. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip interface [IFNAME] brief IFNAME Specify the name of the interface.

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output from the show ip interface brief command:

2001-2007 IP Infusion Inc. Confidential

NSM Commands

ZebOS# show ip interface brief Interface lo gre0 eth0 eth1 eth2 eth3 sit0 tun24 tunl0 IP-Address 127.0.0.1 unassigned 10.10.0.142 10.10.11.123 unassigned unassigned unassigned unassigned unassigned Status up administratively up up administratively administratively administratively administratively administratively Protocol up down up up down down down down down

down

down down down down down

Examples ZebOS# show ip interface eth0 brief Related Commands

show ipv6 interface brief

show ip route
Use this command to display the IP routing table for a protocol or from a particular table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip route (bgp |connected |kernel |ospf |rip |static |A.B.C.D |A.B.C.D/M) bgp = Display selected BGP routes. connected = Display selected connected routes. kernel = Display selected kernel routes. ospf = Display selected OSPF routes. rip = Display selected RIP routes. static = Display selected static routes. A.B.C.D = Network in the IP routing table to display A.B.C.D/M = IP prefix <network>/<length>, e.g., 35.0.0.0/8

Command Mode
Exec mode and Privileged Exec mode

Usage
When multiple entries are available for the same prefix, NSM uses an internal route selection mechanism based on protocol administrative distance and metric values to choose the best route. All best routes are entered into the FIB, and can be viewed using the this command. To display all routes (selected and not selected), use the show ip route database command. The following show output displays only the best routes. To illustrate the difference between the show ip route database output and this output, the same configuration has been used in both examples. Note: For a detailed line-by-line description of an output of this command, refer to the ZebOS Troubleshooting Guide. ZebOS# show ip route Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP

2001-2007 IP Infusion Inc. Confidential

NSM Commands

O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area * - candidate default O C C O IA K C C C K 1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:00:10 2.2.2.0/24 is directly connected, eth2 3.3.3.0/24 is directly connected, eth1 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:00:10 10.10.0.0/24 via 10.70.0.1, eth0 10.70.0.0/24 is directly connected, eth0 33.33.33.33/32 is directly connected, lo 127.0.0.0/8 is directly connected, lo 169.254.0.0/16 is directly connected, eth0

The following is a show output of this command with the ospf parameter, displaying only the selected OPSF routes learned by NSM: ZebOS# show ip route ospf O 1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:00:44 O IA 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:00:44

Examples ZebOS# show ip route ospf Related Commands

show ip route database

Use this command to display all routing entries known by NSM. When multiple entries are available for the same prefix, NSM uses an internal route selection mechanism based on protocol administrative distance and metric values to choose the best route. All best routes are entered into the FIB, and can be viewed using the show ip route command. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip route database (bgp|connected|isis|kernel|ospf|rip|static) bgp Display all the BGP routes learned by NSM. connected Display all the connected routes learned by NSM. isis Display all the IS-IS routes learned by NSM. kernel Display all the kernel routes learned by NSM. ospf Display all the OSPF routes learned by NSM. rip Display all the RIP routes learned by NSM. static Display all the static routes learned by NSM.

Command Mode
Exec mode and Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Usage
The following is an output of this command displaying all routes learned by NSM. Note: This output shows selected as well as non selected routes. To illustrate the difference between the show ip route output and this output, the same configuration has been used in both examples. Note: For a detailed line-by-line description of an output of this command, refer to the ZebOS Troubleshooting Guide.

ZebOS# show ip route database Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area > - selected route, * - FIB route, p - stale info O *> 1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:01:26 O 2.2.2.0/24 [110/10] is directly connected, eth2, 00:02:16 C *> 2.2.2.0/24 is directly connected, eth2 C *> 3.3.3.0/24 is directly connected, eth1 O IA *> 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:01:26 K *> 10.10.0.0/24 via 10.70.0.1, eth0 K * 10.70.0.0/24 is directly connected, eth0 C *> 10.70.0.0/24 is directly connected, eth0 C *> 33.33.33.33/32 is directly connected, lo S 100.100.100.0/24 [1/0] via 5.5.5.1 inactive C *> 127.0.0.0/8 is directly connected, lo K *> 169.254.0.0/16 is directly connected, eth0 The following is a show output of this command with the ospf parameter, displaying all OPSF routes learned by NSM: ZebOS# show ip route database ospf O *> 1.1.1.0/24 [110/20] via 2.2.2.1, eth2, 00:01:26 O 2.2.2.0/24 [110/10] is directly connected, eth2, 00:02:16 O IA *> 4.4.4.0/24 [110/21] via 2.2.2.1, eth2, 00:01:26

Examples ZebOS# show ip route database static Related Commands

show ip route

show ip route summary

Use this command to display the summary of the current NSM RIB entries. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip route summary

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show ip route summary IP routing table name is Default-IP-Routing-Table(0) IP routing table maximum-paths is 4 RouteSource Networks kernel 1 connected 5 ospf 2 Total 8 FIB 2 Related Commands
show ip route, show ip route database

show ipv6 forwarding

Use this command to display IPv6 forwarding status. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 forwarding

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show ipv6 forwarding command displaying the IPv6 forwarding status. ZebOS# show ipv6 forwarding ipv6 forwarding is on

Examples ZebOS# show ipv6 forwarding

show ipv6 interface brief

Use this command to display brief information about interfaces and the IPv6 address assigned to them. To display information about a specific interface, specify the interface name with the command. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 interface [IFNAME] brief IFNAME Specify the name of the interface.

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output from the show ipv6 interface brief command: ZebOS# show ipv6 interface brief lo [up/up] ::1 gre0 [administratively eth0 [up/up] 3ffe:abcd:104::1 3ffe:abcd:103::1 fe80::2e0:29ff:fe6f:cf0 eth1 [up/up] fe80::260:97ff:fe20:f257 eth2 [administratively eth3 [administratively sit0 [administratively tun24 [administratively tunl0 [administratively

down/down]

unassigned

down/down] down/down] down/down] down/down] down/down]

unassigned unassigned unassigned unassigned unassigned

Examples ZebOS# show ipv6 interface eth0 brief Related Commands

show ip interface brief

show ipv6 neighbors

Use this command to display all IPv6 neighbors. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 neighbors

Command Mode
Exec mode and Privileged Exec mode

show ipv6 route

Use this command to display the IP routing table for a protocol or from a particular table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

2001-2007 IP Infusion Inc. Confidential

NSM Commands bgp = Border Gateway Protocol (BGP) connected = connected kernel = kernel ospf = Open Shortest Path First (OSPF) rip = Routing Information Protocol (RIP) static = static routes X:X::X:X = Network in the IP routing table to display X:X::X:X/M = IP prefix <network>/<length>, e.g., 35.0.0.0/8

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show ipv6 route command displaying the IPv6 routing table. ZebOS# show ipv6 route Codes: K - kernel route, C - connected, S - static, R - RIPng, O - OSPFv3, I - IS-IS, B - BGP, > - selected route, * - FIB route, p - stale info. C> * ::1/128 is directly connected, lo C> * 3ffe:1::/48 is directly connected, eth1 C> * 3ffe:2:2::/48 is directly connected, eth2 C * fe80::/10 is directly connected, eth1 C * fe80::/10 is directly connected, eth2 C * fe80::/10 is directly connected, eth3 C> * fe80::/10 is directly connected, eth0

Examples ZebOS# show ipv6 route ospf

show ipv6 route summary

Command Syntax
show ipv6 route summary

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show ipv6 route summary IPv6 routing table name is Default-IPv6-Routing-Table(0) IPv6 routing table maximum-paths is 4 RouteSource Networks connected 4 ospf 5 Total 9

100

2001-2007 IP Infusion Inc. Confidential

NSM Commands

FIB

Related Commands
show ip route, show ip route database

show nsm client

Use this command to display NSM client information. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show nsm client

Command Mode
Privileged Exec mode

Usage
This command displays the details of currently connected NSM clients, such as: the services requested by the protocols, statistics and the connection time. The following is a sample output for this command: Router# show nsm client NSM client ID: 1 OSPF, socket 8 Service: Interface Service, Route Service Message received 1, sent 6 Connection time: Thu Sep 26 16:08:23 2002

Examples ZebOS# show nsm client

show router-id
Use this command to display the Router ID of the current system.

Command Syntax
show router-id

Command Mode
Privileged Exec mode

Usage
ZebOS> show router-id Router ID: 10.55.0.2 (automatic)

Examples ZebOS# show router-id

2001-2007 IP Infusion Inc. Confidential

101

NSM Commands

shutdown
Use this command to shut down the selected interface. Use the no form of this command to disable this function.

Command Syntax
(no) shutdown

Command Mode
Interface mode

Examples
the following example shows the use of the shutdown command to shut down the interface called eth0.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if) shutdown

undebug nsm all

Use this command to disable all NSM debugging.

Command Syntax
undebug nsm all

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# undebug nsm all

undebug nsm events

Use this command to disable the debugging options for NSM daemon events.

Command Syntax
undebug nsm events

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# undebug nsm events

undebug nsm kernel

Use this command to disable the debugging option for the NSM daemon routing manager between the kernel interface.

102

2001-2007 IP Infusion Inc. Confidential

NSM Commands

Command Syntax
undebug nsm kernel

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# undebug nsm kernel

undebug nsm packet

Use this command to disable the debugging option for the nsm packet.

Command Syntax
undebug nsm packet (recv|send)(detail) recv = Disable the debugging option for receive packet. send = Disable the debugging option for send packet. detail = Disable the debugging option for detailed information.

Command Mode
Privileged Exec mode and Configure mode

Examples ZebOS# debug nsm packet ZebOS# debug nsm packet recv detail Validation Commands
show debugging nsm

2001-2007 IP Infusion Inc. Confidential

103

NSM Commands

104

2001-2007 IP Infusion Inc. Confidential

CHAPTER 4

NSM VPN Commands

ip route vrf
This command creates a new static entry for the VRF. To delete static route entry, use the no parameter with this command.

Command Syntax
(no) ip route vrf VRF-NAME PREFIX (GATEWAY_ADDRESS) INTERFACE VRF-NAME = A name used to identify a VRF. PREFIX = Route prefix for destination. A.B.C.D/M format.

GATEWAY_ADDRESS = Nexthop address for the destination. A.B.C.D format INTERFACE = Output interface name for the destination. Command Mode
Configure mode

Usage
The interface should be associated with VRF beforehand. The output interface always should be specified.

Examples ZebOS# configure terminal ZebOS(config)# ip route vrf VRF_A 10.10.10.0/24 10.10.0.1 eth0 Related Commands
ip vrf, ip vrf forwarding,

ip vrf
This command creates a VRF RIB, assigns a VRF-ID, and switches command mode to VRF mode on the ZebOS daemon. To remove a VRF RIB, use the no parameter with command.

Command Syntax
(no) ip vrf VRF-NAME VRF-NAME = a name used to identify a VRF.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# ip vrf IPI ZebOS(config-vrf)#

2001-2007 IP Infusion Inc. Confidential

105

NSM VPN Commands

Related Commands
ip route vrf, ip vrf forwarding

ip vrf forwarding
This command associates an interface with a VRF. To unbind an interface with a VRF, use the no parameter with this command.

Command Syntax
(no) ip vrf forwarding VRF-NAME VRF-NAME = Name of the VRF created using the ip vrf command in the configure mode (see ip vrf command)

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# ip vrf IPI ZebOS(config)# interface eth1 ZebOS(config-if)# ip vrf forwarding IPI Related Commands
ip route vrf, ip vrf

show ip route vrf

This command shows a routing table of the VRF. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show ip route vrf VRF-NAME

VRF-NAME = A name used to identify a VRF.

Command Mode
Privileged Exec mode

Usage
ZebOS# show ip route vrf VRF_A Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF, B - BGP, > - selected route, * - FIB route S> 10.10.10.0/24 [1/0] via 10.10.0.1, eth1 C> * 10.10.0.0/24 is directly connected, eth1 Note: FIB flag might not correct for VRF routing information.

106

2001-2007 IP Infusion Inc. Confidential

NSM VPN Commands

Related Commands
show ip vrf

show ip vrf
This command shows the routing information of the VRF. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show ip vrf (VRF-NAME)

VRF-NAME = a name used to identify a VRF.

Command Mode
Privileged Exec mode

Usage
ZebOS# show ip vrf IPI VRF IPI; (id=1); default RD 1:2 Interfaces: eth2 Export VPN route-target communities RT:100:1 Import VPN route-target communities RT:100:1 No import route-map

Examples ZebOS# show ip vrf myvrfname Related Commands

show ip route vrf

2001-2007 IP Infusion Inc. Confidential

107

NSM VPN Commands

108

2001-2007 IP Infusion Inc. Confidential

CHAPTER 5

NSM MPLS Commands

MPLS Commands
label-switching
Use this command to enable label switching on an interface.

Command Syntax
(no) label-switching (LABELSPACE) LABELSPACE <0-65535> Specifies the label space value.

Command Mode
Interface mode

Usage
This command is used to either enable label-switching on an interface, or to modify the label-space to which this interface is bound. If no label-space is provided, this interface is bound to the platform-wide (zero) label-space.

Examples
This example shows the enabling of label switching on the eth0 interface.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# label-switching 654

mpls admin-groups
Use this command to add a new administrative group. Use the no parameter with this command to remove the specified administrative group.

Command Syntax
(no) mpls admin-group NAME <0-31> NAME Specifies the name of the administrative group to be added <0-31> Specifies the value of the administrative group to be added

Command Mode
Configure mode

Usage
This command is used to create a name-to-value binding for an administrative group. Note: Only 32 administrative groups can be configured at one time.

2001-2007 IP Infusion Inc. Confidential

109

NSM MPLS Commands

Examples ZebOS# configure terminal ZebOS(config)# mpls admin-group mygroup 3

mpls disable-all-interfaces
Use this command to disable all interfaces for MPLS.

Command Syntax
mpls disable-all-interfaces

Command Mode
Configure mode

Usage
This command serves as a complete show-stopper for all signaling on the router. When this command is used, all signaling protocols are made aware of this change, and all MPLS-specific processing ceases.

Examples ZebOS# configure terminal ZebOS(config)# mpls disable-all-interfaces

mpls egress-ttl
Use this command to specify a Time to Live (TTL) value for LSPs for which this LSR is the egress. Use the no parameter with this command to unset the custom TTL value.

Command Syntax
no mpls egress-ttl (no) mpls egress-ttl <0-255> <0-255> The TTL value to be used.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls egress-ttl 45 Related Commands

mpls ingress-ttl

mpls enable-all-interfaces
Use this command to enable all interfaces for MPLS.

Command Syntax
mpls enable-all-interfaces

110

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

Default
All interfaces are disabled by default.

Command Mode
Configure mode

Usage
This command is used to enable all interfaces on a router for label-switching. This would be very helpful on a router that has a very large number of interfaces. Note: Executing this command does not enable any signaling protocol interaction via all the interfaces. Each protocol needs to be explicitly enabled per interface.

Examples ZebOS# configure terminal ZebOS(config)# mpls enable-all-interfaces Related Commands

mpls disable-all-interfaces

mpls ftn-entry
Use this command to add an FTN entry. Use the no parameter with this command to delete the entry.

Command Syntax
(no) mpls ftn-entry tunnel-id <1-100> A.B.C.D/M|A.B.C.D A.B.C.D LABEL NEXTHOP IFNAME (INDEX) (primary|secondary) 1-100 = tunnel ID A.B.C.D/M|A.B.C.D A.B.C.D Forwarding Equivalence Class (FEC) with mask LABEL = <16-1046400> Outgoing label NEXTHOP = A.B.C.D Next hop IPv4 address IFNAME Name of the outgoing interface INDEX FTN index update. Optional. If issued, the FTN entry is updated. If not issued, a new FTN entry is created. primary primary LSP. Optional. Default is primary. secondary secondary LSP. Optional. Default is primary.

Command Mode
Configure mode

Usage
Use this command to create FTN entries in the FTN table, in the MPLS Forwarder. For all incoming IP packets on an MPLS-enabled router, a best-match lookup is done in the FTN table based on the incoming IP packet's destination address. If a match is found, the packet is labeled, and switched.

Examples ZebOS# configure terminal ZebOS(config)# mpls ftn-entry 2 10.10.0.0/24 16 1.2.3.4 eth1 secondary

2001-2007 IP Infusion Inc. Confidential

111

NSM MPLS Commands

mpls ilm-entry
Use this command to add an ILM entry. Use the no parameter with this command to delete the entry.

Command Syntax
(no) mpls ilm-entry LABEL_IN IFNAME_IN LABEL_OUT IFNAME_OUT NEXTHOP OPERATION (A.B.C.D/M|A.B.C.D A.B.C.D) (INDEX) LABEL_IN <16-1046400> Incoming label IFNAME_IN Specifies incoming interface name LABEL_OUT <16-1046400> Outgoing label (Use 1046401 for egress) IFNAME_OUT Specifies outgoing interface name NEXTHOP A.B.C.D Next hop IPv4 address OPERATION = pop|swap|vpnpop Label operation pop|swap incoming label vpnpop incoming label and forward VPN packet A.B.C.D/M|A.B.C.D A.B.C.D Forwarding Equivalence Class (FEC) with mask. Optional INDEX <1-429496725> ILM index update. Optional. If issued, the ILM entry is updated. If not issued, a new ILM entry is created.

Command Mode
Configure mode

Usage
Use this command to create an ILM entry in the ILM table to which the incoming interface specified is bound. Upon receipt of a labeled packet on an MPLS-enabled router, a lookup is done based on the incoming label in the ILM table. If a match is found, the packet may either be label-switched downstream, or popped and passed over IP.

Examples ZebOS# configure terminal ZebOS(config)# mpls ilm-entry 100 eth0 200 eth1 1.2.3.4 pop 10.10.0.0/24

mpls ingress-ttl
Use this command to specify a Time to Live (TTL) value for LSPs for which this LSR is the ingress. Use the no parameter with this command to unset the custom TTL value being used for LSPs for which this LSR is the ingress.

Command Syntax
(no) mpls ingress-ttl <0-255> no mpls ingress-ttl <0-255> Specifies the TTL value to be used.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls ingress-ttl

112

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

mpls l2-circuit (Configure Mode)

Use this command in Configure mode to create an instance of an MPLS Layer-2 Virtual Circuit.

Command Syntax
(no) mpls l2-circuit NAME <1-1000000> A.B.C.D (GROUPNAME) (no) mpls l2-circuit NAME <1-1000000> NAME Specifies a string identifying the MPLS Layer-2 Virtual Circuit. <1-1000000> Specifies a 32-bit identifier to which the specified name is to be mapped. A.B.C.D Specifies the IPv4 address for the MPLS L-2 Virtual Circuit end-point GROUPNAME Specify a group to which this Layer-2 circuit belongs. Note: Multiple Layer-2 circuits may belong to the same group

Command Mode
Configure mode

Usage
This command is used to create an instance of a Layer-2 MPLS Virtual Circuit. This instance may be bound to any interface on the router. Note: Only one interface may be bound to a Layer-2 circuit at a time.

Examples ZebOS# configure terminal ZebOS(config)# mpls l2-circuit mycircuit 45678 1.2.3.4

mpls-l2-circuit (Interface Mode)

Use this command on the Interface mode to bind an interface to a MPLS Layer-2 Virtual Circuit created on the Configure mode.

Command Syntax
(no) mpls-l2-circuit NAME VC-TYPE NAME Specifies a string identifying the MPLS Layer-2 Virtual Circuit. VC_TYPE = ppp|ethernet|vlan The type of Virtual Circuit. The default is vlan.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# mpls-l2-circuit mycircuit ethernet Related Commands
mpls l2-circuit

2001-2007 IP Infusion Inc. Confidential

113

NSM MPLS Commands

mpls l2-circuit-ftn-entry
Use this command to add a Layer-2 MPLS Virtual Circuit FTN entry. Note: This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax
mpls l2-circuit-ftn-entry VC-ID LABEL NEXTHOP IFNAME_IN IFNAME_OUT PUSH_AND_LOOKUP_FOR_VC|PUSH_FOR_VC VC-ID Virtual circuit identifier LABEL < 16-1046400 > Outgoing label NEXTHOP Specifies the nexthop IPv4 address IFNAME_IN Incoming interface name IFNAME_OUT Outgoing interface name PUSH_AND_LOOKUP_FOR_VC Do second lookup in global FTN table for labels PUSH_FOR_VC Only one label should be pushed

Command Mode
Configure mode

Usage
Use this command to create an MPLS Layer-2 Virtual Circuit FTN entry for an interface. Note: The interface must be bound to the Virtual Circuit ID specified before this command is executed

Examples ZebOS# configure terminal ZebOS(config)# mpls l2-circuit-ftn-entry rt 345 2.2.2.2 eth0 eth1 PUSH_FOR_VC

mpls l2-circuit-ilm-entry
Use this command to add an ILM entry. Note: This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax
mpls l2-circuit-ilm-entry VC-ID LABEL IFNAME_IN IFNAME_OUT NEXTHOP VC-ID Virtual Circuit identifier LABEL Incoming label IFNAME_IN Incoming interface name IFNAME_OUT Outgoing interface name NEXTHOP A.B.C.D Nexthop IPv4 address

Command Mode
Configure mode

114

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

Examples ZebOS# configure terminal ZebOS(config)# mpls l2-circuit-ilm-entry rt 16 eth0 eth1 1.2.3.4

mpls local-packet-handling
Use this command to enable the labeling of locally generated TCP packets. Use the no parameter with this command to disable labeling of locally generated TCP packets.

Command Syntax
(no) mpls local-packet-handling

Command Mode
Configure mode

Usage
This command enables the labeling of locally generated TCP packets only. All other locally generated packets are not looked at by the MPLS Forwarder

Examples ZebOS# configure terminal ZebOS(config)# mpls local-packet-handling

mpls log
Use this command to exercise logging control. Use the no parameter with this command to stop logging messages in the MPLS Forwarder.

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

115

NSM MPLS Commands

Usage
This command has been provided to interact with the Linux kernel. If using the kernel logging utility - klogd - it needs to be enabled to a logging level that allows for the requested log messages to be printed.

Examples ZebOS# configure terminal ZebOS(config)# mpls log error

mpls lsp-model pipe

Use this command to configure the MPLS LSP model as Pipe. Use the no parameter with this command to configure the MPLS LSP model as Uniform.

Command Syntax
(no) mpls lsp-model pipe

Command Mode
Configure mode

Default
Uniform is the default model configuration.

Examples ZebOS# configure terminal ZebOS(config)# mpls lsp-model pipe

ZebOS# configure terminal ZebOS(config)# no mpls lsp-model pipe

mpls lsp-tunneling
Use this command to choose the transit LSP and a locally configured LSP tunnel for carrying the transit LSP.

Command Syntax mpls lsp-tunneling IFNAME INLABEL OUTLABEL A.B.C.D/M

IFNAME Name of the incoming interface.

INLABEL <16-1048575> Label used to identify incoming transit LSP traffic. OUTLABEL <16-1048575> Transit LSP Label distributed by tunnel LSP egress node to its upstream
node. Note: Tunnel egress node should have platform wide label space configured.

A.B.C.D/M Prefix used to identify tunnel LSP.

Command Mode
Configure mode

Command Example ZebOS# configure terminal ZebOS(config)# mpls lsp-tunneling eth0 15 30 1.2.2.4/16

116

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

mpls map-route
Use this command to map a prefix to a Forwarding Equivalence Class (FEC).

Command Syntax
(no) mpls map-route PREFIX MASK1 FEC MASK2 (no) mpls map-route PREFIX/M1 FEC/M2 PREFIX = A.B.C.D Specifies the IPv4 prefix to be mapped FEC = A.B.C.D Specifies the IPv4 FEC for route to be mapped to. MASK1 = A.B.C.D Specifies the mask for IPv4 address to be mapped MASK2 = A.B.C.D Specifies the mask for Forwarding Equivalence Class (FEC) M1 Specifies the mask for IPv4 address to be mapped M2 Specifies the mask for the Forwarding Equivalence Class (FEC)

Command Mode
Configure mode

Examples
In the following examples 5.6.7.8/32 is the FEC for an LSP, and 1.2.3.4 is the prefix to be mapped.

ZebOS# configure terminal ZebOS(config)# mpls map-route 1.2.3.4/32 5.6.7.8/32 ! ZebOS# configure terminal ZebOS(config)# mpls map-route 1.2.3.4 255.255.255.255 5.6.7.8 255.255.255.255

mpls max-label-value
Use this command to specify a maximum label value. Use the no parameter with this command to use the default maximum label value for all the label pools. Specify the label space to set or unset maximum label value for a specific label space. Note: The system allows label-space range (maximum and minimum label values) changes for interface-specific label spaces only. The platform-wide label-space range cannot be modified.

Command Syntax
mpls max-label-value <16-1048575> (label-space <0-65535>) <16-1048575> Maximum size for all label pools. <0-65535> Label space for which maximum value needs to be modified. Optional. no mpls max-label-value (<16-1048575>) (label-space <0-65535>) <16-1048575> Maximum size for all label pools. Optional. <0-65535> Label space for which maximum value needs to be modified. Optional.

Command Mode
Configure mode

Usage
After setting the maximum label value for a label space, make sure to bind the label space to an interface.

2001-2007 IP Infusion Inc. Confidential

117

NSM MPLS Commands

Examples ZebOS# configure terminal ZebOS(config)# mpls max-label-value 5 label-space 4456

mpls min-label-value
Use this command to specify a minimum label value. Use the no parameter with this command to use the default minimum label value for all label pools. Specify the label space to set or unset minimum label value for a specific label space. Note: The system allows label space range (maximum and minimum label values) changes for interface-specific label spaces only. Platform-wide label-space range cannot be modified.

Command Syntax
mpls min-label-value <16-1048575> (label-space <0-65535>) <16-1048575> Minimum size for all label pools. <0-65535> Label space for which minimum value needs to be modified. Optional. no mpls min-label-value (<16-1048575>) (label-space <0-65535>) <16-1048575> Minimum size for all label pools. Optional. <0-65535> Label space for which minimum value needs to be modified. Optional.

Command Mode
Configure mode

Usage
After setting the minimum label value for a label space, make sure to bind the label space to an interface.

Examples ZebOS# configure terminal ZebOS(config)# mpls min-label-value 5 label-space 2342

mpls propagate-ttl
Use this command to enable TTL propagation. Enabling TTL propagation causes the TTL value in the IP header to be copied onto the TTL field in the shim header, at the LSP ingress. Use the no parameter with this command to disable TTL propagation.

Command Syntax
(no) mpls propogate-ttl

Command Mode
Configure mode

Default
TTL propagation is enabled by default.

Examples ZebOS# configure terminal

118

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

ZebOS(config)# mpls propogate-ttl ZebOS# configure terminal ZebOS(config)# no mpls propogate-ttl

mpls vrf-entry
Use this command to add a VRF entry. Note: This command is mainly for developers, and is available only when the --enable-dev-test option is used in the configure script.

Command Syntax
(no) mpls vrf-entry VRF-NAME A.B.C.D|A.B.C.D/M LABEL_OUT NEXTHOP IFNAME DLVR_TO_IP|PUSH|PUSH_AND_LOOKUP no mpls vrf-entry VRF-NAME A.B.C.D|A.B.C.D/M VRF-NAME Specifies the VRF identifier A.B.C.D = A.B.C.D MASK Forwarding Equivalence Class (FEC) MASK A.B.C.D Mask for Forwarding Equivalence Class A.B.C.D/M Forwarding Equivalence Class with mask LABEL_OUT = <16-1046400> Outgoing label NEXTHOP = A.B.C.D Next hop IPv4 address IFNAME Name of the outgoing interface DLVR_TO_IP Forward over IP PUSH Only one label should be pushed. PUSH_AND_LOOKUP Do second lookup in global FTN table for label.

Command Mode
Configure mode

Usage
Use this command to add a VRF entry to the VRF table with the name (VRF-NAME). To use this command, the VRF table must already exist.

Examples ZebOS# configure terminal ZebOS(config)# mpls vrf-entry myVRF 10.10.0.0/24 100 1.2.3.4 eth1 PUSH Related Commands
ip vrf NAME

show mpls
Use this command to display all label data. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

2001-2007 IP Infusion Inc. Confidential

119

NSM MPLS Commands

Command Syntax
show mpls

Command Mode
Exec mode and Privileged Exec mode

Usage
ZebOS# show mpls Minimum label configured: 16 Maximum label configured: 1048575 Per label-space information: Label-space 0 is using minimum label: 16 and maximum label: 1048575 Custom ingress TTL configured: none Custom egress TTL configured: none Log message detail: none Admin group detail: none

Examples ZebOS# show mpls

show mpls admin-groups

Use this command to display all administrative groups configured. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls admin-groups

Command Mode
Exec mode and Privileged Exec mode

Usage
ZebOS# show mpls admin-groups Admin group detail: Value of 0 associated with admin Value of 1 associated with admin Value of 2 associated with admin Value of 4 associated with admin ipi-ilabs2-nsm#

group group group group

'a' 'b' 'c' 'd'

Examples ZebOS# show mpls admin-groups

show mpls cross-connect-table

Use this command to display detailed information of all the entries created in the MPLS cross-connect table.

120

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls cross-connect-table

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show mpls cross-connect-table ZebOS# show mpls cross-connect-table Cross connect ix: 3, in intf: -, in label: 0, out-segment ix: 3 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 3, owner: RSVP, out intf: eth1, out label: 16 Nexthop addr: 10.10.20.80, cross connect ix: 3, op code: Push Cross connect ix: 6, in intf: -, in label: 0, out-segment ix: 6 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 6, owner: RSVP, out intf: eth1, out label: 17 Nexthop addr: 10.10.20.80, cross connect ix: 6, op code: Push

Examples ZebOS# show mpls cross-connect-table

show mpls forwarding-table

Use this command to display all LSPs originating from this router. It also displays codes indicating the selected FTN (FEC to Next-Hop-Label-Forwarding-Entry). To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls forwarding-table

Command Mode
Exec mode and Privileged Exec mode

Usage
The following output shows the code explanations, FEC, Nexthop, and outgoing interfaces and labels. ZebOS# show mpls forwarding-table Codes: > - selected FTN, B - BGP FTN, C - CR-LDP FTN, K - CLI FTN, L - LDP FTN, R - RSVP-TE FTN, S - SNMP FTN, U - unknown FTN Code R> R> FEC 10.10.26.63/32 192.168.0.63/32 Nexthop 10.10.20.80 10.10.20.80 Out-Label 16 17 Out-Intf eth1 eth1

2001-2007 IP Infusion Inc. Confidential

121

NSM MPLS Commands

Examples ZebOS# show mpls forwarding table

show mpls ftn-table

Use this command to display information of all the entries created in the MPLS FTN (FEC to Next-Hop-LabelForwarding-Entry) table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls ftn-table

Command Mode
Exec mode and Privileged Exec mode

Usage
ZebOS# show mpls ftn-table Primary FTN entry with FEC: 10.10.26.63/32, ix 3, row status: Active Owner: RSVP, Action-type: Redirect to Tunnel, Exp-bits: 0x0 Description: t1 Cross connect ix: 3, in intf: -, in label: 0, out-segment ix: 3 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 3, owner: RSVP, out intf: eth1, out label: 16 Nexthop addr: 10.10.20.80, cross connect ix: 3, op code: Push Primary FTN entry with FEC: 192.168.0.63/32, ix 4, row status: Active Owner: RSVP, Action-type: Redirect to Tunnel, Exp-bits: 0x0 Description: t2 Cross connect ix: 6, in intf: -, in label: 0, out-segment ix: 6 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 6, owner: RSVP, out intf: eth1, out label: 17 Nexthop addr: 10.10.20.80, cross connect ix: 6, op code: Push

Examples ZebOS# show mpls ftn-table

show mpls ilm-table

Use this command to display summarized information of the ILM (Incoming Label Map) table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls ilm-table

Command Mode
Exec mode and Privileged Exec mode

122

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

Usage
ZebOS# show mpls ilm-table In-Label Out-Label In-Intf 16 3 eth1 17 3 eth1 Out-Intf eth0 eth0 Nexthop 10.10.24.63 10.10.24.63 FEC 10.10.26.63/32 192.168.0.63/32

Examples ZebOS# show mpls ilm-table

show mpls in-segment-table

Use this command to display detailed information of all entries in the Incoming Label Map (also known as in-segment) table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls in-segment-table

Command Mode
Exec mode and Privileged Exec mode

Usage
ZebOS# show mpls in-segment-table In-segment entry with in label: 16, in intf: eth1, row status: Active Owner: RSVP, # of pops: 1, fec: 10.10.26.63/32 Cross connect ix: 1, in intf: eth1, in label: 16, out-segment ix: 1 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 1, owner: RSVP, out intf: eth0, out label: 3 Nexthop addr: 10.10.24.63, cross connect ix: 1, op code: Swap In-segment entry with in label: 17, in intf: eth1, row status: Active Owner: RSVP, # of pops: 1, fec: 192.168.0.63/32 Cross connect ix: 1, in intf: eth1, in label: 17, out-segment ix: 1 Owner: RSVP, Persistent: No, Admin Status: Up, Oper Status: Up Out-segment with ix: 1, owner: RSVP, out intf: eth0, out label: 3 Nexthop addr: 10.10.24.63, cross connect ix: 1, op code: Swap

Examples ZebOS# show mpls in-segment-table

show mpls l2-circuit

Use this command to display MPLS Layer-2 Virtual Circuit data. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls l2-circuit

2001-2007 IP Infusion Inc. Confidential

123

NSM MPLS Commands

Command Mode
Exec mode and Privileged Exec mode

Usage
The following is a sample output of the show mpls l2-circuit command displaying Virtual Circuit data. ZebOS# show mpls l2-circuit ipi MPLS Layer-2 Virtual Circuit: ipi, id: 1000 Endpoint: 192.168.0.80 Control Word: 0 MPLS Layer-2 Virtual Circuit Group: none Bound to interface: eth2 Virtual Circuit Type: Ethernet

Examples ZebOS# show mpls l2-circuit

show mpls l2-circuit-group

Use this command to display MPLS Layer-2 Virtual Circuit group data. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls l2-circuit-group

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls l2-circuit-group

show mpls log

Use this command to display logging information configured for MPLS. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls log

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls log

124

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

show mpls mapped-routes

Use this command to display all configured mapped MPLS routes. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls mapped-routes

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls mapped-routes

show mpls out-segment-table

Use this command to display detailed information of all entries in the out-segment (also known as NHLFE) table. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls out-segment-table

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls out-segment-table

show mpls vc-table

Use this command to display summarized information of all Virtual Circuit FTN (FEC to Next-Hop-Label-ForwardingEntry) entries. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-mpls-vc configuration option is enabled in the configure script.

Command Syntax
show mpls vc-table

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls vc-table

2001-2007 IP Infusion Inc. Confidential

125

NSM MPLS Commands

show mpls vrf-table

Use this command to display detailed information of all the configured VRF entries. Specify the name of the VRF to display information about a specific VRF entry. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter. Note: This command is available only if --enable-vrf configuration option is enabled in the configure script.

Command Syntax
show mpls vrf-table

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show mpls vrf-table

MPLS OAM Commands

MPLS Operation, Administration, and Maintenance (OAM) provides an external ability to detect data plan failures that cannot be detected by the protocols. MPLS OAM provides ping and trace-route facilities for the data plane with which end-to-end connectivity can be tested.

ping mpls ipv4

Use this command to initiate sending MPLS echo request packets in the specified static LSP of the MPLS cloud.

Command Syntax
ping mpls ipv4 A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) ipv4 A.B.C.D/M IPv4 prefix address MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

126

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

Command Mode
Privileged Exec mode

Usage
Use this command to test the connectivity of static LSPs.

Examples ZebOS# ping mpls ipv4 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicitnull

ping mpls l2-circuit

Use this command to initiate sending MPLS echo request packets in the specified Layer-2 Virtual Circuit (VC) of the MPLS cloud.

Command Syntax
ping mpls l2-circuit <1-10000> (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) l2-circuit <1-10000> Layer-2 VC ID MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Usage
Use this command to test the operation of MPLS Layer-2 VC.

Examples ZebOS# ping mpls l2-circuit 3 reply-mode 2 flags destination 1.2.3.4 source

10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicitnull

ping mpls l3vpn

Use this command to initiate sending MPLS echo request packets in the specified VPN instance of the MPLS cloud.

2001-2007 IP Infusion Inc. Confidential

127

NSM MPLS Commands

Command Syntax
ping mpls l3vpn VRFNAME A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) VRFNAME VRF instance name A.B.C.D/M BGP VPN prefix MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Usage
Use this command to test the connectivity for BGP VPN peers.

Examples ZebOS# ping mpls l3vpn vrfa 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4
source 10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail forceexplicitnull

ping mpls ldp

Use this command to initiate sending MPLS echo request packets in the specified LDP LSP of the MPLS cloud. ping mpls ldp A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) ldp A.B.C.D/M LDP IPv4 FEC prefix address MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225.

128

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Usage
Use this command to ping a normal LDP LSP.

Examples ZebOS# ping mpls ldp 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicitnull

ping mpls rsvp

Use this command to initiate sending MPLS echo request packets in the specified RSVP-TE LSP of the MPLS cloud. ping mpls rsvp egress A.B.C.D|tunnel-name NAME (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) egress A.B.C.D IPv4 egress address tunnel-name NAME RSVP-TE tunnel name MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Usage
Use this command to ping RSVP-TE tunnel LSPs.

2001-2007 IP Infusion Inc. Confidential

129

NSM MPLS Commands

Examples ZebOS# ping mpls rsvp egress 1.2.3.5 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail force-explicitnull source 10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail forceexplicitnull

ZebOS# ping mpls rsvp tunnel-name tun1 reply-mode 2 flags destination 1.2.3.4

ping mpls vpls

Use this command to initiate sending MPLS echo request packets in the specified VPLS instance of the MPLS cloud.

Command Syntax
ping mpls vpls <1-10000> peer A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (repeat <5-5000>) (interval <2-20000>) (detail) (force-explicitnull) <1-10000> VPLS instance ID peer A.B.C.D/M VPLS mesh peer address MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. repeat <5-5000> Number of ping packets to be sent. Optional. Default is 5. interval <2-20000> Interval, in milliseconds, between MPLS ping packets. Optional. Default is 2. detail Print a detailed output of the ping command. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Usage
Use this command to test the connectivity for LDP VPLS instances.

Examples ZebOS# ping mpls vpls 2 peer 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4
source 10.10.0.1/25 ttl 226 timeout 65 repeat 6 interval 3 detail forceexplicitnull

trace mpls ipv4

Use this command to initiate tracing the route traversed by the specified IPv4 static LSP echo request packet in the MPLS cloud.

130

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands

Command Syntax
trace mpls ipv4 A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (force-explicitnull) ipv4 A.B.C.D/M IPv4 prefix address MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Examples ZebOS# trace mpls ipv4 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

trace mpls l2-circuit

Use this command to initiate tracing the route traversed by the specified Layer-2 VC echo request packet in the MPLS cloud.

Command Syntax
trace mpls l2-circuit <1-10000> (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (forceexplicitnull) l2-circuit <1-10000> Layer-2 VC ID MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

2001-2007 IP Infusion Inc. Confidential

131

NSM MPLS Commands

Command Mode
Privileged Exec mode

Examples ZebOS# trace mpls l2-circuit 3 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

trace mpls l3vpn

Use this command to initiate tracing the route traversed by the specified VPN instance echo request packet in the MPLS cloud.

Command Syntax
trace mpls l3vpn VRFNAME A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (forceexplicitnull) VRFNAME VRF instance name A.B.C.D/M BGP VPN prefix MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Examples ZebOS# trace mpls l3vpn vrfa 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4
source 10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

trace mpls ldp

Use this command to initiate tracing the route traversed by the specified LDP LSP echo request packet in the MPLS cloud.

Command Syntax
trace mpls ldp A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (force-explicitnull) ldp A.B.C.D/M LDP IPv4 FEC prefix address MODE Reply modes defined in RFC. Optional.

132

2001-2007 IP Infusion Inc. Confidential

NSM MPLS Commands 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Examples ZebOS# trace mpls ldp 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4 source
10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

trace mpls rsvp

Use this command to initiate tracing the route traversed by the specified RSVP-TE LSP echo request packet in the MPLS cloud.

Command Syntax
trace mpls rsvp egress A.B.C.D|tunnel-name NAME (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (force-explicitnull) egress A.B.C.D IPv4 egress address tunnel-name NAME RSVP-TE tunnel name MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D Destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> Time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

133

NSM MPLS Commands

Examples ZebOS# trace mpls rsvp egress 1.2.3.5 reply-mode 2 flags destination 1.2.3.4
source 10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull source 10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

ZebOS# trace mpls rsvp tunnel-name tun1 reply-mode 2 flags destination 1.2.3.4

trace mpls vpls

Use this command to initiate tracing the route traversed by the specified VPLS instance echo request packet in the MPLS cloud.

Command Syntax
trace mpls vpls <1-10000> peer A.B.C.D/M (reply-mode MODE) (flags) (destination A.B.C.D)(source A.B.C.D/M) (ttl <1-225>) (timeout <1-500>) (detail) (forceexplicitnull) <1-10000> VPLS instance ID peer A.B.C.D/M VPLS mesh peer address MODE Reply modes defined in RFC. Optional. 1 Reply with IP UDP packet (default) 2 Reply with IP UDP packet with router alert flags Received LSR must do an FEC stack validation. Optional. Default is disabled. destination A.B.C.D destination IPv4 address field in the UPD ping packet. Optional. Must be from the range 127/8 excluding the default local loopback address. source A.B.C.D/M Source IPv4 address field in the UPD packet. Optional. Default is the router ID. ttl <1-225> Ping packet time-to-live value, in seconds. Optional. Default is 225. timeout <1-500> time to wait, in seconds, before rejecting the sent probe as a failure. Optional. Default is 60. detail Print a detailed output of the trace command with the received label values. Optional. force-explicitnull Force Explicit NULL label. Optional.

Command Mode
Privileged Exec mode

Examples ZebOS# trace mpls vpls 2 peer 10.10.0.0/24 reply-mode 2 flags destination 1.2.3.4
source 10.10.0.1/25 ttl 226 timeout 65 detail force-explicitnull

134

2001-2007 IP Infusion Inc. Confidential

CHAPTER 6

NSM GMPLS Commands

gmpls capability-type
Use this command to specify the Generalized MPLS (GMPLS) interface switching capability-type.

Command Syntax
gmpls capability-type fsc|l2sc|lsc|psc1|psc2|psc3|psc4|tdm no gmpls capability-type fsc Fiber-Switch Capable (FSC) l2sc Layer-2 Switch Capable (L2SC) lsc Lambda-Switch Capable (LSC) psc1 Packet-Switch Capable-1 (PSC-1) psc2 Packet-Switch Capable-2 (PSC-2) psc3 Packet-Switch Capable-3 (PSC-3) psc4 Packet-Switch Capable-4 (PSC-4) tdm Time-Division-Multiplex Capable (TDM)

Command Mode
Interface mode

Usage
This command specifies the switching capability-type of the Interface. It also triggers advertisement of the interface switching capability type as GMPLS extensions by Interior Gateway Protocol (IGP). It is possible to configure one or more capability types on an interface.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls capability-type psc1 Related Commands
gmpls link-id, gmpls protection-type, gmpls risk-group

gmpls encoding-type
Use this command to specify the GMPLS interface LSP (Label Switched Path) encoding type.

2001-2007 IP Infusion Inc. Confidential

135

NSM GMPLS Commands fiber = Fiber fiber-channel = Fiber channel lambda = Lambda (photonic) packet = Packet pdh = ANSI/ETSI PDH sdh = SDH ITU-T G.707 / SONET ANSI T1.105

Default
Disabled

Command Mode
Interface mode

Usage
This command specifies the switching encoding-types of interfaces. To advertise this information by IGP, also specify at least one switching capability type, using the gmpls capability-type command.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls encoding-type packet Related commands
gmpls capability-type, gmpls min-lsp-bandwidth, gmpls sdh-indication

gmpls link-id
Use this command to advertise link local/remote identifiers by IGP.

Command Syntax
(no) gmpls link-id

Default
Disabled

Command Mode
Interface mode

Usage
This command triggers an advertisement of link local/remote identifiers as GMPLS extensions by IGP.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls link-id

136

2001-2007 IP Infusion Inc. Confidential

NSM GMPLS Commands

Related commands
gmpls protection-type, gmpls capability-type, gmpls risk-group

gmpls min-lsp-bandwidth
Use this command to specify GMPLS minimum LSP bandwidth.

Command Syntax
gmpls min-lsp-bandwidth BANDWIDTH no gmpls min-lsp-bandwidth BANDWIDTH = <1-10000000000> bits, expressed in k|m|g for kilo bits, mega bits, or giga bits.

Default
Disabled

Command Mode
Interface mode

Usage
This command specifies the minimum LSP bandwidth of an interface. To advertise this information by IGP, also specify the switching capability type to PSC1, PSC2, PSC3, PSC4, or TDM, using the gmpls capability-type command.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls min-lsp-bandwidth 1g Related commands
gmpls capability-type, gmpls encoding-type, gmpls sdh-indication

gmpls protection-type
Use this command to specify the GMPLS link protection type.

Command Syntax
gmpls protection-type (dedicated-1plus1|decicated-1to1|enhanced|extratraffic|unprotected|shared||) no gmpls protection-type dedicated-1plus1 Specify link type as dedicated 1+1 dedicated-1to1 Specify link type as dedicated 1:1 enhanced Specify link type as enhanced extra-traffic Specify link type as extra traffic unprotected Specify link type as unprotected shared Specify link type as shared

2001-2007 IP Infusion Inc. Confidential

137

NSM GMPLS Commands

Default
Disabled

Command Mode
Interface mode

Usage
This command specifies the link protection type of an interface. It also triggers an advertisement of link protection type as GMPLS extensions by IGP.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls protection-type extra-traffic Related commands
gmpls link-id, gmpls capability-type, gmpls risk-group

gmpls risk-group
Use this command to specify the GMPLS Shared Risk Link Group (SRLG) value.

Command Syntax
(no) gmpls risk-group GROUPVALUE no gmpls risk-group GROUPVALUE <0-4294967295> Specifies Shared Risk Link Group value

Default
Disabled

Command Mode
Interface mode

Usage
This command specifies the GMPLS Shared Risk Link Group value. It also triggers an advertisement of Shared Risk Link Group (SRLG) information as GMPLS extensions by IGP.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls risk-group 200 Related commands
gmpls link-id, gmpls protection-type, gmpls capability-type

138

2001-2007 IP Infusion Inc. Confidential

NSM GMPLS Commands

gmpls sdh-indication
Use this command to specify the GMPLS SONET/SDH indication.

Command Syntax
gmpls sdh-indication arbitrary|standard no gmpls sdh-indication arbitrary = Arbitrary SONET/SDH standard = Standard SONET/SDH

Default
Disabled

Command Mode
Interface mode

Usage
This command specifies the SONET/SDH indication of an interface. To advertise this information by IGP, also specify the switching capability type to Time Division Multiplexing (TDM), using the gmpls capability-type command.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# gmpls sdh-indication standard Related commands
gmpls capability-type, gmpls encoding-type, gmpls min-lsp-bandwidth

2001-2007 IP Infusion Inc. Confidential

139

NSM GMPLS Commands

140

2001-2007 IP Infusion Inc. Confidential

CHAPTER 7

GMP Multicast Commands

This chapter lists configuration, clear, and show commands related to Group Management Protocols (GMPs), IGMP and MLD, in alphabetical order.

IGMP Commands
The Internet Group Management Protocol (IGMP) module includes the IGMP Proxy service and IGMP Snooping functionalities. Some of the following commands may have commonalities and restrictions: these are described under the Usage section for each command.

clear ip igmp
Use this command to clear all IGMP local-memberships on all interfaces.

Command Syntax
clear ip igmp (vrf VRFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Privileged Exec mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example ZebOS# clear ip igmp vrf VRF_A Related Commands

clear ip igmp groups, clear ip igmp interface

clear ip igmp groups

Use this command to clear IGMP specific local-membership(s) on all interfaces.

Command Syntax
clear ip igmp (vrf VRFNAME) groups * | A.B.C.D VRFNAME Optional. Specify the VRF name. * Clears all groups on all interfaces. This is an alias to the clear ip igmp command. A.B.C.D Specifies the group addresss local-membership to be cleared from all interfaces.

Command Mode
Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

141

GMP Multicast Commands

Usage
This command applies to groups learned by IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples ZebOS# clear ip igmp groups * ZebOS# clear ip igmp 224.1.1.1 Related Commands
clear ip igmp, clear ip igmp interface

clear ip igmp interface

Use this command to clear IGMP interface entries.

Command Syntax
clear ip igmp (vrf VRFNAME) interface IFNAME VRFNAME Optional. Specify the VRF name. IFNAME Specifies name of the interface; all groups learned from this interface are deleted.

Command Mode
Privileged Exec mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example ZebOS# clear ip igmp interface eth1 Related Commands

clear ip igmp, clear ip igmp groups

debug igmp
Use this command to enable debugging of all IGMP, or a specific component of IGMP. Use the no parameter with this command to disable all IGMP debugging, or debugging of a specific component of IGMP.

142

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands tib debug IGMP Tree Information Base (TIB)

Command Modes
Privileged Exec mode and Configure mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example ZebOS# configure terminal ZebOS(config)# debug igmp all

ip igmp
Use this command to enable the IGMP protocol operation on an interface. This command enables IGMP protocol operation in stand-alone mode, and can be used to learn local-membership information prior to enabling a multicast routing protocol on the interface. Use the no parameter with this command to return all IGMP related configuration to the default (including IGMP Snooping or IGMP Proxy service).

Command Syntax
ip igmp no ip igmp

Command Mode
Interface mode

Default
Disabled

Usage
This command will has no effect on interfaces configured for IGMP Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ip igmp

ip igmp access-group
Use this command to control the multicast local-membership groups learnt on an interface. Use the no parameter with this command to disable this access control.

Command Syntax
ip igmp access-group <1-99>|WORD no ip igmp access-group <1-99> Access-list number.

2001-2007 IP Infusion Inc. Confidential

143

GMP Multicast Commands Standard IP access-list name.

WORD

Command Mode
Interface mode

Default
No access list configured

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples
In the following example, hosts serviced by Ethernet interface 0 can only join the group 225.2.2.2:

ZebOS# configure terminal ZebOS(config)# access-list 1 225.2.2.2 0.0.0.0 ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ip igmp access-group 1

Related Commands
None

ip igmp immediate-leave
In IGMP version 2, use this command to minimize the leave latency of IGMP memberships. This command is used when only one receiver host is connected to each interface. To disable this feature, use the no parameter with this command.

Command Syntax
ip igmp immediate-leave group-list ACCESSLIST no ip igmp immediate-leave ACCESSLIST <1-99>|<1300-1999>|WORD Standard access-list name or number that defines multicast groups in which the immediate leave feature is enabled. <1-99> Access-list number. <1300-1999> Access-list number (expanded range). WORD Standard IP access-list name.

Command Mode
Interface mode

Default
Disabled

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

144

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Examples
The following example shows how to enable the immediate-leave feature on an interface for a specific range of multicast groups. In this example, the router assumes that the group access-list consists of groups that have only one host membership at a time per interface:

ZebOS# configure terminal ZebOS(config)# interface eth 0 ZebOS(config-if)# ip igmp immediate-leave group-list 34 ZebOS(config-if)# exit ZebOS(config)# access-list 34 permit 225.192.20.0 0.0.0.255

Related Commands
ip igmp last-member-query-interval

ip igmp last-member-query-count
Use this command to set the last-member query-count value. To return to the default value on an interface, use the no parameter with this command.

Command Syntax
ip igmp last-member-query-count <2-7> no ip igmp last-member-query-count <2-7> last member query count value

Command Mode
Interface mode

Default
The default last member query count value is 2.

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ip igmp last-member-query-count 3

ip igmp last-member-query-interval
Use this command to configure the frequency at which the router sends IGMP group-specific host query messages. To set this frequency to the default value, use the no parameter with this command.

Command Syntax
ip igmp last-member-query-interval INTERVAL no ip igmp last-member-query-interval

2001-2007 IP Infusion Inc. Confidential

145

GMP Multicast Commands INTERVAL = <1000-25500> Frequency (in milliseconds) at which IGMP group-specific host query messages are sent.

Command Mode
Interface mode

Default
1000 milliseconds

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples
The following example changes the IGMP group-specific host query message interval to 2 seconds:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip igmp last-member-query-interval 2000

Related Commands
ip igmp immediate-leave

ip igmp limit
Use this command to configure the limit on the maximum number of group membership states, at either the router level, or for the specified interface. Once the specified number of group memberships is reached, all further localmemberships will be ignored. Optionally, an exception access-list can be configured to specify the group-address(es) to be excluded from being subject to the limit. Use the no parameter with this command to unset the limit and any specified exception access-list.

Command Syntax
ip igmp (vrf VRFNAME) limit LIMITVALUE (except ACCESSLIST) no ip igmp (vrf VRFNAME) limit VRFNAME Optional. Specify the VRF name. LIMITVALUE <1-2097152> Maximum number of group membership states ACCESSLIST <1-99>|<1300-1999>|WORD Number or name that defines multicast groups which are exempted from being subject to configured limit. <1-99> Access-list number <1300-1999> Access-list number (expanded range) WORD Standard IP access-list name

Command Mode
Global Config mode and Interface mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy. When configured for IGMP Snooping, this command can be issued on only VLAN interfaces. The limit applies, individually, to each of its constituent interfaces.

146

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Examples
The following example configures an IGMP limit of 100 group-membership states across all interfaces on which IGMP is enabled, and excludes group 224.1.1.1 from this limitation:

ZebOS# configure terminal ZebOS(config)# access-list 1 224.1.1.1 0.0.0.0 ZebOS(config)# ip igmp limit 100 except 1
The following example configures an IGMP limit of 100 group-membership states on eth0:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip igmp limit 100

ip igmp mroute-proxy
Use this command to specify the IGMP Proxy service (upstream host-side) interface with which to be associated. IGMP router-side protocol operation is enabled only when the specified upstream proxy-service interface is functional. Use the no parameter with this command to remove the association with the proxy-service interface.

Command Syntax
ip igmp mroute-proxy IFNAME no ip igmp mroute-proxy

Command Mode
Interface mode

Usage
This command should not be used when configuring interfaces enabled for IGMP in association with a multicast routing protocol, otherwise the behavior will be undefined.

Example
The following example configures the eth 0 interface as the upstream proxy-service interface for the downstream router-side interface, eth 1.

ZebOS# configure terminal ZebOS(config)# interface eth 1 ZebOS(config-if)# ip igmp mroute-proxy eth 0

ip igmp proxy-service
Use this command to designate an interface to be the IGMP proxy-service (upstream host-side) interface, thus enabling IGMP host-side protocol operation on this interface. All associated downstream router-side interfaces will have their memberships consolidated on this interface, according to IGMP host-side functionality. Use the no parameter with this command to remove the designation of the interface as an upstream proxy-service interface.

Command Syntax
ip igmp proxy-service no ip igmp proxy-service

2001-2007 IP Infusion Inc. Confidential

147

GMP Multicast Commands

Command Mode
Interface mode

Usage
This command should not be used when configuring interfaces enabled for IGMP in association with a multicastrouting protocol, otherwise the behavior will be undefined.

Example
The following example designates the eth 0 interface as the upstream proxy-service interface.

ZebOS# configure terminal ZebOS(config)# interface eth 0 ZebOS(config-if)# ip igmp proxy-service

ip igmp querier-timeout
Use this command to configure the timeout period before the router takes over as the querier for the interface after the previous querier has stopped querying. To restore the default value, use the no parameter with this command.

Command Syntax
ip igmp querier-timeout TIMEOUT no ip igmp querier-timeout TIMEOUT = <60-300> Number of seconds that the router waits after the previous querier has stopped querying before it takes over as the querier.

Command Mode
Interface mode

Default
255 seconds

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples
The following example configures the router to wait 120 seconds from the time it received the last query before it takes over as the querier for the interface:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip igmp querier-timeout 120

Related Commands
ip igmp query-interval

ip igmp query-interval
Use this command to configure the frequency of sending IGMP host query messages.

148

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

To return to the default frequency, use the no parameter with this command.

Command Syntax
ip igmp query-interval INTERVAL no ip igmp query-interval INTERVAL = <1-18000> Frequency (in seconds) at which IGMP host query messages are sent.

Command Mode
Interface mode

Default
The default query interval is 125 seconds.

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example
The following example changes the frequency of sending IGMP host-query messages to 2 minutes:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip igmp query-interval 120

ip igmp query-max-response-time
Use this command to configure the maximum response time advertised in IGMP queries. To restore the default value, use the no parameter with this command.

Command Syntax
ip igmp query-max-response-time RESPONSETIME no ip igmp query-max-response-time RESPONSETIME = <1-240> Maximum response time (in seconds) advertised in IGMP queries.

Command Mode
Interface mode

Default
10 seconds

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples
The following example configures a maximum response time of 8 seconds:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip igmp query-max-response-time 8

2001-2007 IP Infusion Inc. Confidential

149

GMP Multicast Commands

ip igmp robustness-variable
Use this command to change the robustness variable value on an interface. To return to the default value on an interface, use the no parameter with this command.

Command Syntax
ip igmp robustness-variable <2-7> no ip igmp robustness-variable

Command Mode
Interface mode

Default
The default robustness variable value is 2.

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ip igmp robustness-variable 3

ip igmp snooping
Use this command to enable IGMP Snooping. When this command is given in the Global Config mode, IGMP Snooping is enabled at the switch level. When this command is given at the VLAN interface level, IGMP Snooping is enabled for that VLAN. Use the no parameter with this command to globally disable IGMP Snooping, or for the specified interface.

Command Syntax
ip igmp (vrf VRFNAME) snooping no ip igmp (vrf VRFNAME) snooping VRFNAME Optional. Specify the VRF name.

Command Mode
Global Config mode Interface mode for VLAN interface

Default
IGMP Snooping is enabled.

Usage
This IGMP Snooping command can only be configured on VLAN interfaces

150

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Examples ZebOS# configure terminal ZebOS(config)# ip igmp snooping ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ip igmp snooping

ip igmp snooping fast-leave

Use this command to enable IGMP Snooping fast-leave processing. Fast-leave processing is analogous to immediateleave processing; the IGMP group-membership is removed, as soon as an IGMP leave group message is received without sending out a group-specific query. Use the no parameter with this command to disable fast-leave processing.

Command Syntax
ip igmp snooping fast-leave no ip igmp snooping fast-leave

Command Mode
Interface mode for VLAN interface

Default
IGMP Snooping fast-leave processing is disabled.

Usage
This IGMP Snooping command can only be configured on VLAN interfaces.

Example
This example shows how to enable fast-leave processing on a VLAN.

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ip igmp snooping fast-leave

ip igmp snooping mrouter

Use this command to statically configure the specified VLAN constituent interface as a multicast router interface for IGMP Snooping in that VLAN. Use the no parameter with this command to remove the static configuration of the interface as a multicast router interface.

Command Syntax
ip igmp snooping mrouter interface IFNAME no ip igmp snooping mrouter interface IFNAME IFNAME Specify the name of the interface

Command Mode
Interface mode for VLAN interface

2001-2007 IP Infusion Inc. Confidential

151

GMP Multicast Commands

Usage
This IGMP Snooping command can only be configured on VLAN interfaces.

Example
This example shows interface fe8 statically configured to be a multicast router interface.

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ip igmp snooping mrouter interface fe8

ip igmp snooping querier

Use this command to enable IGMP querier operation on a subnet (VLAN) when no multicast routing protocol is configured in the subnet (VLAN). When enabled, the IGMP Snooping querier sends out periodic IGMP queries for all interfaces on that VLAN. Use the no parameter with this command to disable IGMP querier configuration.

Command Syntax
ip igmp snooping querier no ip igmp snooping querier

Command Mode
Interface mode for VLAN interface

Usage
This command can only be configured on VLAN interfaces. The IGMP Snooping querier uses the 0.0.0.0 Source IP address because it only masquerades as a proxy IGMP querier for faster network convergence. It does not start, or automatically cease, the IGMP Querier operation if it detects query message(s) from a multicast router. It restarts as the IGMP Snooping querier if no queries are seen within the other querier interval.

Example ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ip igmp snooping querier

ip igmp snooping report-suppression

Use this command to enable report suppression for IGMP versions 1 and 2. Use the no parameter with this command to disable report suppression.

Command Syntax
ip igmp snooping report-suppression no ip igmp snooping report-suppression

152

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Command Mode
Interface mode for VLAN interface

Default
Report suppression does not apply to IGMPv3, and is turned off by default for IGMPv1 and IGMPv2 reports.

Usage
This command can only be configured on VLAN interfaces.

Example
This example shows how to enable report suppression for IGMPv2 reports.

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ip igmp version 2 ZebOS(config-if)# ip igmp snooping report-suppression

ip igmp ssm-map enable

Use this command to enable SSM mapping on the router. Use the no parameter with this command to disable SSM mapping.

Command Syntax
ip igmp (vrf VRFNAME) ssm-map enable no ip igmp (vrf VRFNAME) ssm-map enable VRFNAME Optional. Specify the VRF name.

Command Mode
Global Config mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Example
This example shows how to configure SSM mapping on the router.

ZebOS# configure terminal ZebOS(config)# ip igmp ssm-map enable

Related Commands
ip igmp ssm-map static

ip igmp ssm-map static

Use this command to specify the static mode of defining SSM mapping. SSM mapping statically assigns sources to IGMPv1 and IGMPv2 groups to translate such (*,G) groups memberships to (S,G) memberships for use with PIMSSM. Use the no parameter with this command to remove the SSM map association.

2001-2007 IP Infusion Inc. Confidential

153

GMP Multicast Commands

Command Syntax
ip igmp (vrf VRFNAME) ssm-map static ACCESSLIST A.B.C.D no ip igmp (vrf VRFNAME) ssm-map static ACCESSLIST A.B.C.D VRFNAME Optional. Specify the VRF name. ACCESSLIST <1-99> Access-list number <1300-1999> Access-list number (expanded range). A.B.C.D Standard IP access-list name.

Command Mode
Global Config mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Examples
This example shows how to configure an SSM static mapping for group-address 224.1.1.1.

ZebOS# configure terminal ZebOS(config)# ip igmp ssm-map static 1 1.2.3.4 ZebOS(config)# access-list 1 224.1.1.1 0.0.0.0

Related Commands
ip igmp ssm-map enable

ip igmp static-group
Use this command to statically configure group membership entries on an interface. To statically add only a group membership, do not specify any parameters. Use the no parameter with this command to delete static group membership entries.

Command Syntax
ip igmp static-group A.B.C.D (source [E.F.G.H|ssm-map]) (interface IFNAME) no ip igmp static-group A.B.C.D (source [E.F.G.H|ssm-map]) (interface IFNAME) A.B.C.D Standard IP Multicast group address to be configured as a static group member. source Optional. E.F.G.H Standard IP source address to be configured as a static source from where multicast packets originate. ssm-map Mode of defining SSM mapping. SSM mapping statically assigns sources to IGMPv1 and IGMPv2 groups to translate these (*, G) groups' memberships to (S, G) memberships for use with PIM-SSM. interface Optional. Physical interface. Use this parameter on VLAN interfaces when static configuration is required for IGMP snooping. If used, static configuration is applied to the physical interface specified in IFNAME. If not used, static configuration is applied on all VLAN constituent interfaces. IFNAME Physical interface name.

154

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Command Mode
Interface mode

Usage
This command applies to IGMP operation on a specific interface to statically add group and/or source records; or to IGMP Snooping on a VLAN interface to statically add group and/or source records.

Examples
The following examples show how to statically add group and/or source records for IGMP:

ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# ip igmp static-group 226.1.2.3 ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#ip igmp static-group 226.1.2.4 source 1.2.3.4 ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# ip igmp static-group 226.1.2.5 source ssm-map
The following examples show how to statically add group and/or source records for IGMP Snooping:

ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.3 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.6 source 1.2.3.4 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.6 source ssm-map ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.3 interface eth0 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.6 source 1.2.3.4 interface eth0 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ip igmp static-group 226.1.2.6 source ssm-map interface eth0

ip igmp version
Use this command to set the current IGMP protocol version on an interface. To return to the default version, use the no parameter with this command.

2001-2007 IP Infusion Inc. Confidential

155

GMP Multicast Commands

Command Syntax
ip igmp version <1-3> no ip igmp version <1-3> IGMP protocol version number

Command Mode
Interface mode

Usage
This command applies to interfaces configured for IGMP Layer-3 multicast protocols, IGMP Snooping, or IGMP Proxy.

Default
The default IGMP protocol version number is 3.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ip igmp version 2

show ip igmp groups

Use this command to display the multicast groups with receivers directly connected to the router, and learned through IGMP. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip igmp (vrf VRFNAME) groups (A.B.C.D|IFNAME detail) VRFNAME Optional. Specify the VRF name. A.B.C.D Address of the multicast group. IFNAME Interface name for which to display local information.

Command Mode
Exec mode and Privileged Exec mode

Examples
The following command displays local-membership information for all interfaces: ZebOS# show ip igmp groups IGMP Connected Group Membership Group Address Interface 224.0.1.1 eth2 224.0.1.24 eth2 224.0.1.40 eth2 224.0.1.60 eth2 224.100.100.100 eth2 228.5.16.8 eth2 228.81.16.8 eth2

Uptime 00:00:09 00:00:06 00:00:09 00:00:05 00:00:11 00:00:11 00:00:05

Expires 00:04:17 00:04:14 00:04:15 00:04:15 00:04:13 00:04:16 00:04:15

Last Reporter 10.10.0.82 10.10.0.84 10.10.0.91 10.10.0.7 10.10.0.91 10.10.0.91 10.10.0.91

156

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

228.249.13.8 235.80.68.83 239.255.255.250 239.255.255.254 eth2

eth2 eth2 eth2

00:00:08 00:00:12 00:00:12

00:04:17 00:04:15 00:04:15

10.10.0.91 10.10.0.40 10.10.0.228

00:00:08 00:04:13 10.10.0.84

The following describes significant fields shown in the display above:

Field Group Address Interface Uptime Expires Last Reporter Description Address of the multicast group. Interface through which the group is reachable. For the time period (in weeks, days, hours, minutes, and seconds) this multicast group is known. Time (in hours, minutes, and seconds) until the entry expires. Last host to report being a member of the multicast group.

The following command displays local-membership details for a specific group: ZebOS# show ip igmp groups 224.1.1.1 detail Interface: eth1 Group: 224.1.1.1 Uptime: 00:00:42 Group mode: Include Last reporter: 192.168.50.111 TIB-A Count: 2 TIB-B Count: 0 Group source list: (R - Remote, M - SSM Mapping) Source Address Uptime v3 Exp Fwd Flags 192.168.55.55 00:00:42 00:03:38 Yes R 192.168.55.66 00:00:42 00:03:38 Yes R

show ip igmp interface

Use this command to display the state of IGMP, IGMP Proxy service, and IGMP Snooping for a specified interface, or all interfaces. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show ip igmp (vrf VRFNAME) interface IFNAME

VRFNAME IFNAME Optional. Specify the VRF name. Interface name

Command Mode
Exec and Privileged Exec mode

Example
The following command displays the IGMP interface status on all interfaces enabled for IGMP. ZebOS# show ip igmp interface

Interface vlan1.1 (Index 4294967295) IGMP Active, Non-Querier, Version 3 (default) IGMP querying router is 0.0.0.0

2001-2007 IP Infusion Inc. Confidential

157

GMP Multicast Commands

IGMP query interval is 125 seconds IGMP querier timeout is 255 seconds IGMP max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds| IGMP Snooping is globally enabled| IGMP Snooping is enabled on this interface IGMP Snooping fast-leave is not enabled IGMP Snooping querier is not enabled IGMP Snooping report suppression is enabled

show ip igmp snooping mrouter

Use this command to display the multicast router interfaces, both configured and learned, in a VLAN. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip igmp (vrf VRFNAME) snooping mrouter interface IFNAME VRFNAME IFNAME Optional. Specify the VRF name. The name of the VLAN interface

Command Mode
Exec and Privileged Exec mode

Example
The following command displays the multicast router interfaces in VLAN 1.1.

ZebOS# show ip igmp snooping mrouter vlan1.1

VLAN 1 1 Interface ge9 ge11

show ip igmp snooping statistics

Use this command to display IGMP Snooping statistics data. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip igmp (vrf VRFNAME) snooping statistics interface IFNAME VRFNAME IFNAME Optional. Specify the VRF name. The name of the VLAN interface

Command Mode
Exec and Privileged Exec mode

Example
The following displays IGMPv3 statistical information for bridge 2.

ZebOS# show ip igmp snooping statistics interface vlan1.1

158

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

IGMP Snooping statistics for ge9 Interface: ge10 Group: 225.0.0.1 Uptime: 00:00:09 Group mode: Exclude (Expires: 00:04:10) Last reporter: 4.4.4.5 Source list is empty

MLD Commands
The Multicast Listener Discovery (MLD) module includes the MLD Proxy service and MLD Snooping functionalities. Some of the following commands may have commonalities and restrictions: these are described under the Usage section for each command.

clear ipv6 mld

Use this command to clear all MLD local-memberships on all interfaces.

Command Syntax
clear ipv6 mld (vrf VRFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Privileged Exec mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# clear ipv6 mld vrf VRF_A Related Commands

clear ipv6 mld groups, clear ipv6 mld interface

clear ipv6 mld groups

Use this command to clear MLD specific local-membership(s) on all interfaces.

Command Syntax
clear ipv6 mld (vrf VRFNAME) groups *|X:X::X:X VRFNAME Optional. Specify the VRF name. * Clears all groups on all interfaces. This is an alias to the clear ipv6 mld command. X:X::X:X Specifies the group addresss local-membership to be cleared from all interfaces.

Command Mode
Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

159

GMP Multicast Commands

Usage
This command applies to groups learned by MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Examples ZebOS# clear ipv6 mld groups * ZebOS# clear ipv6 mld 224.1.1.1 Related Commands
clear ipv6 mld, clear ipv6 mld interface

clear ipv6 mld interface

Use this command to clear MLD interface entries.

Command Syntax
clear ipv6 mld (vrf VRFNAME) interface IFNAME VRFNAME Optional. Specify the VRF name. IFNAME Specifies name of the interface; all groups learned from this interface are deleted.

Command Mode
Privileged Exec mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# clear ipv6 mld interface eth1 Related Commands

clear ipv6 mld, clear ipv6 mld groups

debug mld
Use this command to enable debugging of all MLD, or a specific component of MLD. Use the no parameter with this command to disable all MLD debugging, or debugging of a specific component of MLD.

160

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands tib debug MLD Tree Information Base (TIB)

Command Mode
Privileged Exec mode and Configure mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# configure terminal ZebOS(config)# debug mld all

ipv6 mld
Use this command to enable the MLD protocol operation on an interface. This command enables MLD protocol operation in stand-alone mode, and can be used to learn local-membership information prior to enabling a multicast routing protocol on the interface. Use the no parameter with this command to return all MLD related configuration to the default (including MLD Snooping or MLD Proxy service).

Command Syntax
ipv6 mld no ipv6 mld

Command Mode
Interface mode

Default
Disabled

Usage
This command will has no effect on interfaces configured for MLD Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ipv6 mld

ipv6 mld access-group

Use this command to control the multicast local-membership groups learnt on an interface. Use the no parameter with this command to disable this access control.

Command Syntax
ipv6 mld access-group WORD no ipv6 mld access-group WORD Standard IPv6 access-list name.

2001-2007 IP Infusion Inc. Confidential

161

GMP Multicast Commands

Command Mode
Interface mode

Default
No access list configured

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Examples
In the following example, hosts serviced by Ethernet interface 0 can join the group ff0e::1/128 only:

ZebOS# configure terminal ZebOS(config)# ipv6 access-list Group1 permit ff0e::1/128 ZebOS(config)# interface fxp0 ZebOS(config-if)# ipv6 mld access-group Group1

Related Commands
None

ipv6 mld immediate-leave

Use this command to minimize the leave latency of MLD memberships. To disable this feature, use the no parameter with this command.

Command Syntax
ipv6 mld immediate-leave group-list ACCESSLIST no ipv6 mld immediate-leave ACCESSLIST Standard IPv6 access-list name that defines multicast groups in which the immediate leave feature is enabled.

Command Mode
Interface mode

Default
Disabled

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. Use this command when only one receiver host is connected to each interface.

Example
The following example shows how to enable the immediate-leave feature on an interface for a specific range of multicast groups. In this example, the router assumes that the group access-list consists of groups that have only one node membership at a time per interface:

ZebOS# configure terminal ZebOS(config)# interface eth 0

162

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

ZebOS(config-if)# ipv6 mld immediate-leave v6grp ZebOS(config-if)# exit

Related Commands
ipv6 mld last-member-query-interval

ipv6 mld last-member-query-count

Use this command to set the last-member query-count value. To return to the default value on an interface, use the no parameter with this command.

Command Syntax
ipv6 mld last-member-query-count <2-7> no ipv6 mld last-member-query-count <2-7> last-member query-count value

Command Mode
Interface mode

Default
The default last-member query-count value is 2.

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ipv6 mld last-member-query-count 3

ipv6 mld last-member-query-interval

Use this command to configure the frequency at which the router sends MLD group-specific host query messages. To set this frequency to the default value, use the no parameter with this command.

Command Syntax
ipv6 mld last-member-query-interval INTERVAL no ipv6 mld last-member-query-interval INTERVAL = <1000-25500> Frequency (in milliseconds) at which MLD group-specific host query messages are sent.

Command Mode
Interface mode

Default
1000 milliseconds

2001-2007 IP Infusion Inc. Confidential

163

GMP Multicast Commands

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Examples
The following example changes the MLD group-specific host query message interval to 2 seconds:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 mld last-member-query-interval 2000

Related Commands
ipv6 mld immediate-leave

ipv6 mld limit

Use this command to configure the limit on the maximum number of group membership states at either the router level, or for the specified interface. Once the specified number of group memberships is reached, all further localmemberships will be ignored. Optionally, an exception access-list can be configured to specify the group-address(es) to be excluded from being subject to the limit. Use the no parameter with this command to unset the limit and any specified exception access-list.

Command Syntax
ipv6 mld (vrf VRFNAME) limit LIMITVALUE (except ACCESSLIST) no ipv6 mld (vrf VRFNAME) limit VRFNAME Optional. Specify the VRF name. LIMITVALUE <1-2097152> Maximum number of group membership states ACCESSLIST Standard IPv6 access-list name that defines multicast groups which are exempted from being subject to the configured limit.

Command Mode
Global Config mode and Interface mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy. When configured for MLD Snooping, this command can be issued on only VLAN interfaces, and the limit applies individually to each of its constituent interfaces.

Examples
The following example configures an MLD limit of 100 group-membership states across all interfaces on which MLD is enabled, and excludes group 224.1.1.1 from this limitation:

ZebOS# configure terminal ZebOS(config)# access-list 1 224.1.1.1 0.0.0.0 ZebOS(config)# ipv6 mld limit 100 except v6grp
The following example configures an MLD limit of 100 group-membership states on eth0:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 mld limit 100

164

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Related Commands
ipv6 mld immediate-leave

ipv6 mld mroute-proxy

Use this command to specify the MLD Proxy service (upstream host-side) interface with which to be associated. MLD router-side protocol operation is enabled only when the specified upstream proxy-service interface is functional. Use the no parameter with this command to remove the association with the proxy-service interface.

Command Syntax
ipv6 mld mroute-proxy IFNAME no ipv6 mld mroute-proxy

Command Mode
Interface mode

Usage
This command should not be configured on interfaces enabled for MLD in association with a multicast routing protocol, otherwise, the behavior will be undefined.

Example
The following example configures the eth 0 interface as the upstream proxy-service interface for the downstream router-side interface, eth 1.

ZebOS# configure terminal ZebOS(config)# interface eth 1 ZebOS(config-if)# ipv6 mld mroute-proxy eth 0

ipv6 mld proxy-service

Use this command to designate an interface to be the MLD proxy-service (upstream host-side) interface, thus enabling MLD host-side protocol operation on this interface. All associated downstream router-side interfaces will have their memberships consolidated on this interface, according to MLD host-side functionality. Use the no parameter with this command to remove the designation of the interface as an upstream proxy-service interface.

Command Syntax
ipv6 mld proxy-service no ipv6 mld proxy-service

Command Mode
Interface mode

Usage
This command should not be used when configuring interfaces enabled for MLD in association with a multicast-routing protocol, otherwise the behavior will be undefined.

2001-2007 IP Infusion Inc. Confidential

165

GMP Multicast Commands

Example
The following example designates the eth 0 interface as the upstream proxy-service interface.

ZebOS# configure terminal ZebOS(config)# interface eth 0 ZebOS(config-if)# ipv6 mld proxy-service

ipv6 mld querier-timeout

Use this command to configure the timeout period before the router takes over as the querier for the interface after the previous querier has stopped querying. To restore the default value, use the no parameter with this command.

Command Syntax
ipv6 mld querier-timeout TIMEOUT no ipv6 mld querier-timeout TIMEOUT = <60-300> Number of seconds that the router waits after the previous querier has stopped querying before it takes over as the querier.

Command Mode
Interface mode

Default
255 seconds

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example
The following example configures the router to wait 120 seconds from the time it received the last query before it takes over as the querier for the interface:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 mld querier-timeout 120

Related Commands
ipv6 mld query-interval

ipv6 mld query-interval

Use this command to configure the frequency of sending MLD host query messages. To return to the default frequency, use the no parameter with this command.

Command Syntax
ipv6 mld query-interval INTERVAL no ipv6 mld query-interval INTERVAL = <1-18000> Frequency (in seconds) at which MLD host query messages are sent.

166

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Command Mode
Interface mode

Default
The default query interval is 125 seconds.

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example
The following example changes the frequency of sending MLD host-query messages to 2 minutes:

ZebOS# configure terminal ZebOS(config)# interface fxp0 ZebOS(config-if)# ipv6 mld query-interval 120

Related Commands
ipv6 mld querier-timeout

ipv6 mld query-max-response-time

Use this command to configure the maximum response time advertised in MLD queries. To restore the default value, use the no parameter with this command.

Command Syntax
ipv6 mld query-max-response-time RESPONSETIME no ipv6 mld query-max-response-time RESPONSETIME = <1-240> Maximum response time (in seconds) advertised in MLD queries.

Command Mode
Interface mode

Default
10 seconds

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example
The following example configures a maximum response time of 8 seconds:

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ipv6 mld query-max-response-time 8

ipv6 mld robustness-variable

Use this command to change the robustness variable value on an interface.

2001-2007 IP Infusion Inc. Confidential

167

GMP Multicast Commands To return to the default value on an interface, use the no parameter with this command.

Command Syntax
ipv6 mld robustness-variable <2-7> no ipv6 mld robustness-variable

Command Mode
Interface mode

Default
The default robustness variable value is 2.

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ipv6 mld robustness-variable 3

ipv6 mld snooping

Use this command to enable MLD Snooping. When this command is given in the Global Config mode, MLD Snooping is enabled at the switch level. When this command is given at the VLAN interface level, MLD Snooping is enabled for that VLAN. Use the no parameter with this command to globally disable MLD Snooping, or for the specified interface.

Command Syntax
ipv6 mld (vrf VRFNAME) snooping no ipv6 mld (vrf VRFNAME) snooping VRFNAME Optional. Specify the VRF name.

Command Mode
Global Config mode Interface mode for VLAN interface

Default
MLD Snooping is enabled.

Usage
This MLD Snooping command can only be configured on VLAN interfaces

Example ZebOS# configure terminal ZebOS(config)# ipv6 mld snooping ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ipv6 mld snooping

168

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

ipv6 mld snooping fast-leave

Use this command to enable MLD Snooping fast-leave processing. Fast-leave processing is analogous to immediateleave processing; the MLD group-membership is removed, as soon as an MLD leave group message is received without sending out a group-specific query. Use the no parameter with this command to disable fast-leave processing.

Command Syntax
ipv6 mld snooping fast-leave no ipv6 mld snooping fast-leave

Command Mode
Interface mode for VLAN interface

Default
MLD Snooping fast-leave processing is disabled.

Usage
This MLD Snooping command can only be configured on VLAN interfaces.

Example
This example shows how to enable fast-leave processing on a VLAN.

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ipv6 mld snooping fast-leave

ipv6 mld snooping mrouter

Use this command to statically configure the specified VLAN constituent interface as a multicast router interface for MLD Snooping in that VLAN. Use the no parameter with this command to remove the static configuration of the interface as a multicast router interface.

Command Syntax
ipv6 mld snooping mrouter interface IFNAME no ipv6 mld snooping mrouter interface IFNAME IFNAME Specify the name of the interface

Command Mode
Interface mode for VLAN interface

Usage
This MLD Snooping command can only be configured on VLAN interfaces.

Example
This example shows how to specify the next-hop interface to the multicast router.

2001-2007 IP Infusion Inc. Confidential

169

GMP Multicast Commands

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ipv6 mld snooping mrouter interface fe8

ipv6 mld snooping querier

Use this command to enable MLD querier operation on a subnet (VLAN) when no multicast routing protocol is configured in the subnet (VLAN). When enabled, the MLD Snooping querier sends out periodic MLD queries for all interfaces on that VLAN. Use the no parameter with this command to disable MLD querier configuration.

Command Syntax
ipv6 mld snooping querier no ipv6 mld snooping querier

Command Mode
Interface mode for VLAN interface

Usage
This command can only be configured on VLAN interfaces. The MLD Snooping querier uses the 0.0.0.0 Source IP address because it only masquerades as a proxy MLD querier for faster network convergence. It does not start, or automatically cease, the MLD Querier operation if it detects query message(s) from a multicast router. It restarts as MLD Snooping querier if no queries are seen within the other querier interval.

Example ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config)# ipv6 mld snooping querier

ipv6 mld snooping report-suppression

Use this command to enable report suppression for MLD version 1. Use the no parameter to disable report suppression.

Command Syntax
ipv6 mld snooping report-suppression no ipv6 mld snooping report-suppression

Command Mode
Interface mode for VLAN interface

Default
Report suppression does not apply to MLDv2, and is turned off by default for MLDv1 reports.

170

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Usage
This MLD Snooping command can only be configured on VLAN interfaces.

Example
This example shows how to enable report suppression for MLDv1 reports.

ZebOS# configure terminal ZebOS(config)# interface vlan1.1 ZebOS(config-if)# ipv6 mld version 1 ZebOS(config-if)# ipv6 mld snooping report-suppression

ipv6 mld ssm-map enable

Use this command to enable SSM mapping on the router. Use the no parameter with this command to disable SSM mapping.

Command Syntax
ipv6 mld (vrf VRFNAME) ssm-map enable no ipv6 mld (vrf VRFNAME) ssm-map enable VRFNAME Optional. Specify the VRF name.

Command Mode
Global Config mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example
This example shows how to enable MLD SSM mapping on the router.

ZebOS# configure terminal ZebOS(config)# ipv6 mld ssm-map enable

Related Commands
ipv6 mld ssm-map static

ipv6 mld ssm-map static

Use this command to specify the static mode of defining SSM mapping. SSM mapping statically assigns sources to MLDv1 groups to translate such (*,G) groups memberships to (S,G) memberships for use with PIM-SSM. Use the no parameter with this command to remove the SSM map association.

Command Syntax
ipv6 mld (vrf VRFNAME) ssm-map static WORD X:X::X:X no ipv6 mld (vrf VRFNAME) ssm-map static WORD X:X::X:X VRFNAME Optional. Specify the VRF name. WORD IPv6 named standard access-list.

2001-2007 IP Infusion Inc. Confidential

171

GMP Multicast Commands X:X::X:X IPv6 address

Command Mode
Global Config mode

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example
This example shows how to configure an SSM static mapping for group-address ff0e::1/128.

ZebOS# configure terminal ZebOS(config)# ipv6 mld ssm-map static v6grp 2006::3 ZebOS(config)# ipv6 access-list v6grp permit ff0e::1/128

Related Commands
ipv6 mld ssm-map enable

ipv6 mld static-group

Use this command to statically configure IPv6 group membership entries on an interface. To statically add only a group membership, do not specify any parameters. Use the no parameter with this command to delete static group membership entries.

Command Syntax
ipv6 mld static-group X:X::X:X (source [Y:Y::Y:Y|ssm-map]) (interface IFNAME) no ipv6 mld static-group X:X::X:X (source [Y:Y::Y:Y|ssm-map]) (interface IFNAME) X:X::X:X Standard IPv6 Multicast group address to be configured as a static group member. source Optional. Y:Y::Y:Y Standard IPv6 source address to be configured as a static source from where multicast packets originate. ssm-map Mode of defining SSM mapping. SSM mapping statically assigns sources to MLDv1 groups to translate these (*,G) groups' memberships to (S,G) memberships for use with PIM-SSM. interface Optional. Physical interface. Use this parameter on VLAN interfaces when static configuration is required for MLD snooping. If used, static configuration is applied to the physical interface specified in IFNAME. If not used, static configuration is applied on all VLAN constituent interfaces. IFNAME Physical interface name.

Command Mode
Interface mode

Usage
This command applies to MLD operation on a specific interface to statically add group and/or source records; or to MLD Snooping on a VLAN interface to statically add group and/or source records.

Examples
The following examples show how to statically add group and/or source records for MLD:

172

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# ipv6 mld static-group ff1e::10 ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source fe80::2fd:6cff:fe1c:b ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source ssm-map
The following examples show how to statically add group and/or source records for MLD Snooping:

ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source fe80::2fd:6cff:fe1c:b ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source ssm-map ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 interface eth0 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source fe80::2fd:6cff:fe1c:b interface eth0 ZebOS# configure terminal ZebOS(config)#interface vlan1.1 ZebOS(config-if)# ipv6 mld static-group ff1e::10 source ssm-map interface eth0

ipv6 mld version

Use this command to set the current MLD protocol version on an interface. To return to the default version on an interface, use the no parameter with this command.

Command Syntax
ipv6 mld version <1-2> no ipv6 mld version <1-2> MLD protocol version number

Command Mode
Interface mode

2001-2007 IP Infusion Inc. Confidential

173

GMP Multicast Commands

Default
The default MLD protocol version number is 2.

Usage
This command applies to interfaces configured for MLD Layer-3 multicast protocols, MLD Snooping, or MLD Proxy.

Example ZebOS# configure terminal ZebOS(config)# interface ethernet 0 ZebOS(config-if)# ipv6 mld version 1

show ipv6 mld groups

Use this command to display the multicast groups with receivers directly connected to the router, and learned through MLD. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 mld (vrf VRFNAME) groups (X:X::X:X |IFNAME detail) VRFNAME Optional. Specify the VRF name. X:X::X:X Address of the multicast group. IFNAME Interface name for which to display local information.

Command Mode
Exec mode and Privileged Exec mode

Example
The following command displays local-membership information for all interfaces: ZebOS# show ipv6 mld groups MLD Connected Group Membership Group Address Interface Uptime ff1e::10 ge10 00:03:16

Expires 00:01:09

Last Reporter fe80::202:b3ff:fef0:79d8

show ipv6 mld interface

Use this command to display the state of MLD, MLD Proxy service, and MLD Snooping for a specified interface, or all interfaces. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 mld (vrf VRFNAME) interface IFNAME VRFNAME Optional. Specify the VRF name. IFNAME Interface name

174

2001-2007 IP Infusion Inc. Confidential

GMP Multicast Commands

Command Mode
Exec mode and Privileged Exec mode

Example
The following displays MLD interface status on all interfaces enabled for MLD. ZebOS# show ipv6 mld interface Interface eth1 (Index 2) MLD Enabled, Active, Querier, Version 2 (default) Internet address is fe80::2fd:6cff:fe1c:b MLD interface has 0 group-record states MLD activity: 0 joins, 0 leaves MLD query interval is 125 seconds MLD querier timeout is 255 seconds MLD max query response time is 10 seconds Last member query response interval is 1000 milliseconds Group Membership interval is 260 seconds

show ipv6 mld snooping mrouter

Command Syntax
show ipv6 mld (vrf VRFNAME) snooping mrouter interface IFNAME VRFNAME IFNAME Optional. Specify the VRF name. The name of the VLAN interface

Command Mode
Exec and Privileged Exec mode

Example
The following displays the multicast router interfaces in VLAN 1.1

ZebOS# show ipv6 mld snooping mrouter vlan1.1

VLAN 1 1 Interface ge9 ge11

2001-2007 IP Infusion Inc. Confidential

175

GMP Multicast Commands

show ipv6 mld snooping statistics

Use this command to display MLD Snooping statistics data. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 mld (vrf VRFNAME) snooping statistics interface IFNAME VRFNAME IFNAME Optional. Specify the VRF name. The name of the VLAN interface

Command Mode
Exec and Privileged Exec mode

Example
The following displays MLDv2 statistical information for bridge 2.

ZebOS# show ipv6 mld snooping statistics

Interface: ge10 Group: ff1e::10 Uptime: 00:00:13 Group mode: Include Last reporter: fe80::202:b3ff:fef0:79d8 Group source list: (R - Remote, M - SSM Mapping) Source Address Uptime v2 Exp Fwd Flags 7ffe::4 00:00:13 00:04:06 Yes R

176

2001-2007 IP Infusion Inc. Confidential

CHAPTER 8

NSM Multicast Commands

This chapter contains NSM Multicast related commands in alphabetical order. For IGMP and MLD specific Multicast commands, see Chapter 7, GMP Multicast Commands.

clear ip mroute
Use this command to delete entries from the IP multicast routing table.

Command Syntax
clear ip mroute (vrf VRFNAME) [*|GROUP_SRC_ADD] VRFNAME Optional. Specify the VRF name. * = Deletes all multicast routes GROUP_SRC_ADD = GRPADD (SRCADD) Group IP address GRPADD A.B.C.D Group IP address. SRCADD A.B.C.D Source IP address.

Command Mode
Privileged Exec mode

Usage
When this command is used, the MRIB clears the multicast route entries in its multicast route table, and removes the entries from the multicast forwarder. The MRIB sends a clear message to the multicast protocols. Each multicast protocol has its own clear multicast route command. The protocol-specific clear command clears multicast routes from the protocol, and also clears the routes from the MRIB.

Example ZebOS# clear ip mroute vrf VRF_A 225.1.1.1 3.3.3.3

clear ip mroute statistics

Use this command to delete multicast route statistics entries from the IP multicast routing table.

Command Syntax
clear ip mroute (vrf VRFNAME) statistics [*|GRP_SRC_ADD] VRFNAME Optional. Specify the VRF name. * All multicast route entries. GRP_SRC_ADD GRPADD (SRCADD) Group IP address. GRPADD A.B.C.D Group IP address SRCADD A.B.C.D Source IP address.

Command Mode
Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

177

NSM Multicast Commands

Example ZebOS# clear ip mroute statistics 225.1.1.2 4.3.4.4

clear ipv6 mroute

Use this command to delete entries from the IPv6 multicast routing table.

Command Syntax
clear ipv6 mroute (vrf VRFNAME) [*|GRP_SRC_ADD] VRFNAME Optional. Specify the VRF name. * = Deletes all multicast routes GRP_SRC_ADD = GRPADD (SRCADD) Group IP address GRPADD X:X::X:X Group IPv6 address. SRCADD X:X::X:X Source IP address.

Command Mode
Privileged Exec mode

Example ZebOS# clear ipv6 mroute ff1e::10 3ffe::1

clear ipv6 mroute statistics

Use this command to delete multicast route statistics entries from the IPv6 multicast routing table.

Command Syntax
clear ipv6 mroute (vrf VRFNAME) statistics [*|GRP_SRC_ADD] VRFNAME Optional. Specify the VRF name. * All multicast route entries. GRP_SRC_ADD GRPADD (SRCADD) Group IP address. GRPADD X:X::X:X Group IP address SRCADD X:X::X:X Source IP address.

Command Mode
Privileged Exec mode

Example ZebOS# clear ipv6 mroute ff1e::100 3ffe::3

debug nsm mcast

Use this command to debug events in the multicast RIB.

178

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

Command Syntax
debug nsm mcast (vrf VRFNAME) (all|fib-msg|mrt|register|stats|vif) VRFNAME Optional. Specify the VRF name. all All IPv4 multicast debugging. fib-msg Multicast FIB messages. mrt Multicast routes. register Multicast PIM register messages. stats Multicast statistics. vif Multicast interface.

Command Mode
Privileged Exec and Configure mode

Example ZebOS# configure terminal ZebOS(config)# debug nsm mcast register

ip mroute
Use this command to create a multicast static route. Use the no form of this command to clear the route. Multicast static routes are unicast routes which allow multicast and unicast topologies to be incongruous. These routes are used by multicast routing protocols to perform reverse-path forwarding (RPF) checks.

Command Syntax
ip mroute SRCADD/MASKLEN (PROTOCOL) RPFADD|INTERFACE (DISTANCE) ip mroute SRCADD/MASKLEN (PROTOCOL) SRCADD = A.B.C.D Specifies multicast source IP address MASKLEN = <0-32> Specifies multicast source IP address mask length PROTOCOL Unicast routing protocol. bgp BGP isis IS-IS ospf OSPF rip RIP static RPFADD = A.B.C.D RPF address for the multicast route. The host IP address can be a directly connected system or a remote system. When it is a remote system, a recursive lookup is done from the unicast routing table to find a directly connected system; the recursive lookup is done up to only one level. INTERFACE Incoming interface name. Can only be specified for non-broadcast interfaces. DISTANCE Specifies whether a unicast route or multicast static route is used for the RPF lookup. Lower distances have preference. If the multicast static route has the same distance as the other RPF sources, the multicast static route takes precedence. Default is 0. Range is 0-255.

Command Mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

179

NSM Multicast Commands

Examples
The following example configures all sources via a single interface (in this case, a tunnel):

ZebOS# configure terminal ZebOS(config)# ip mroute 10.10.10.50 255.255.255.0 tunnel1

The following example configures all specific sources within a network number to be accessible through 10.10.10.50:

ZebOS# configure terminal ZebOS(config)# ip mroute 192.168.3.0 255.255.255.0 10.10.10.50

Validation Commands
show ip rpf

ip multicast route-limit
Use this command to limit the number of multicast routes that can be added to a multicast routing table. Use the no parameter with this command to disable this configuration.

Command Syntax
(no) ip multicast (vrf VRFNAME) route-limit LIMIT (THRESHOLD) VRFNAME Optional. Specify the VRF name. LIMIT = <1-2147483647> Number of routes. THRESHOLD = <1-2147483647> Threshold at which to generate a warning message.

Command Mode
Configure mode

Default
The default limit and threshold value is 2147483647.

Usage
This command limits the number of multicast routes (mroutes) that can be added to a router, and generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Note: The mroute warning threshold must not exceed the mroute limit.

Example ZebOS# configure terminal ZebOS(config)# ip multicast route-limit 34 24

ip multicast ttl-threshold
Use this command to configure the time-to-live (TTL) threshold of packets being forwarded out of an interface. Use the no parameter with this command to return to the default TTL threshold.

Command Syntax
ip multicast ttl-threshold TTL

180

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

no ip multicast ttl-threshold TTL <0-255> The time-to-live threshold.

Command Mode
Interface mode

Default
The default TTL value is 1.

Usage
Only multicast packets with a TTL value greater than the threshold are forwarded out of the interface.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# ip multicast ttl-threshold 34

ip multicast-routing
Use this command to turn on/off multicast routing on the router; when turned off, the multicast protocol daemon remains present, but does not perform multicast functions. Use the no parameter with this command to disable this function.

Command Syntax
(no) ip multicast-routing (vrf VRFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Configure mode

Default
By default, multicast routing is on.

Usage
When the no parameter is used with this command, the MRIB releases all VIFs and tunnels, cleans up MRTs, stops IGMPv2 operation, and stops relaying multicast forwarder events to multicast protocols. When multicast routing is enabled, the MRIB re-creates tunnels, and starts processing any VIF addition/deletion requests, MRT addition/deletion requests, and any multicast forwarding events.

Example ZebOS# configure terminal ZebOS(config)# ip multicast-routing

ipv6 mroute
Use this command to create a multicast static route. Use the no form of this command to clear the route.

2001-2007 IP Infusion Inc. Confidential

181

NSM Multicast Commands Multicast static routes are unicast routes which allow multicast and unicast topologies to be incongruous. These routes are used by multicast routing protocols to perform reverse-path forwarding (RPF) checks.

Command Syntax
ipv6 mroute SRCADD/MASKLEN (PROTOCOL) RPFADD|INTERFACE (DISTANCE) no ipv6 mroute SRCADD/MASKLEN (PROTOCOL) SRCADD = X:X::X:X Specifies multicast source IPv6 address MASKLEN = <0-128> Specifies multicast source IPv6 address mask length PROTOCOL Unicast routing protocol. bgp BGP isis IS-IS ospf OSPF rip RIP static RPFADD = X:X::X:X RPF address for the multicast route. The host IPv6 address can be a directly connected system, or a remote system. When it is a remote system, a recursive lookup is done from the unicast routing table to find a directly connected system; the recursive lookup is done only up to one level. INTERFACE Incoming interface name. Can only be specified for non-broadcast interfaces. DISTANCE Specifies whether a unicast route or multicast static route is used for the RPF lookup. Lower distances have preference. If the multicast static route has the same distance as the other RPF sources, the multicast static route takes precedence. Default is 0. Range is 0-255.

Command Mode
Configure mode

Validation Commands
show ipv6 rpf

ipv6 multicast route-limit

Use this command to limit the number of IPv6 multicast routes that can be added to a multicast routing table. Use the no parameter with this command to disable this configuration.

Command Syntax
(no) ipv6 multicast (vrf VRFNAME) route-limit LIMIT (THRESHOLD) VRFNAME Optional. Specify the VRF name. LIMIT = <1-2147483647> Number of routes. THRESHOLD = <1-2147483647> Threshold at which to generate a warning message.

Command Mode
Configure mode

Default
The default limit and threshold value is 2147483647.

182

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

Usage
This command limits the number of IPv6 multicast routes that can be added to a router, and generates an error message when the limit is exceeded. If the threshold parameter is set, a threshold warning message is generated when this threshold is exceeded, and the message continues to occur until the number of mroutes reaches the limit set by the limit argument. Note: The mroute warning threshold must not exceed the mroute limit.

Example ZebOS# configure terminal ZebOS(config)# ipv6 multicast route-limit 34 34

ipv6 multicast-routing
Use this command to turn on/off IPv6 multicast routing on the router; when turned off, the multicast protocol daemon remains present, but does not perform multicast functions. Use the no parameter with this command to disable this function.

Command Syntax
(no) ipv6 multicast-routing (vrf VRFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Configure mode

Default
By default, multicast routing is on.

Example ZebOS# configure terminal ZebOS(config)# ipv6 multicast-routing

show ip mroute
Use this command to display the contents of the IP multicast routing (mroute) table.

Command Syntax
show ip mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) VRFNAME SRCADD Optional. Specify the VRF name. Source IP address. GRPADD Group IP address. dense Display dense multicast routes.

2001-2007 IP Infusion Inc. Confidential

183

NSM Multicast Commands sparse Display sparse multicast routes.

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output of this command displaying the IP multicast routing table, with and without specifying the group and source IP address: ZebOS# show ip mroute IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:00:31, stat expires 00:02:59 Owner PIM-SM, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (1) ZebOS# show ip mroute 10.10.1.52 224.0.1.3 IP Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), uptime 00:03:24, stat expires 00:01:28 Owner PIM-SM, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (1)

Example ZebOS# show ip mroute 10.10.3.34 224.1.4.3

show ip mroute count

Use this command to display the route and packet count from the IP multicast routing (mroute) table.

Command Syntax
show ip mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) count show ip mroute count VRFNAME Optional. Specify the VRF name. GRPADD = Group IP address. SRCADD = Source IP address. dense Display dense multicast routes. sparse Display sparse multicast routes. count Route and packet count data.

184

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output of this command displaying the packet count from the IP multicast routing table: ZebOS# show ip mroute count IP Multicast Statistics Total 1 routes using 132 bytes memory Route limit/Route threshold: 2147483647/2147483647 Total NOCACHE/WRONGVIF/WHOLEPKT recv from fwd: 1/0/0 Total NOCACHE/WRONGVIF/WHOLEPKT sent to clients: 1/0/0 Immediate/Timed stat updates sent to clients: 0/0 Reg ACK recv/Reg NACK recv/Reg pkt sent: 0/0/0 Next stats poll: 00:01:10 Forwarding Counts: Pkt count/Byte count, Other Counts: Wrong If pkts Fwd msg counts: WRONGVIF/WHOLEPKT recv Client msg counts: WRONGVIF/WHOLEPKT/Imm Stat/Timed Stat sent Reg pkt counts: Reg ACK recv/Reg NACK recv/Reg pkt sent (10.10.1.52, 224.0.1.3), Forwarding: 2/19456, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0

Example ZebOS# show ip mroute 10.10.5.24 225.2.2.2 count

show ip mroute summary

Use this command to display the contents of the IP multicast routing (mroute) table in an abbreviated form.

Command Syntax
show ip mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) summary show ip mroute summary VRFNAME Optional. Specify the VRF name. GRPADD = Group IP address. SRCADD = Source IP address. dense Display dense multicast routes. sparse Display sparse multicast routes. summary = Provide abbreviated display.

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output for this command displaying the IP multicast routing table in an abbreviated form: ZebOS# show ip mroute summary IP Multicast Routing Table

2001-2007 IP Infusion Inc. Confidential

185

NSM Multicast Commands

Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (TTL) (10.10.1.52, 224.0.1.3), 00:01:32/00:03:20, PIM-SM, Flags: TF

Example ZebOS# show ip mroute 10.10.1.34 summary

show ip mvif
Use this command to display the contents of the MRIB VIF table.

Command Syntax
show ip mvif (vrf VRFNAME) (IFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Exec and Privileged Exec mode

Usage
The following are sample outputs of this command displaying the contents for the MRIB VIF table, both with and without the interface parameter specified: ZebOS# show ip mvif Interface Vif Owner Idx Module wm0 0 PIM-SM Register 1 wm1 2 PIM-SM ZebO# show ip mvif wm0 Interface Vif Owner Idx Module wm0 0 PIM-SM TTL 1 1 1 TTL 1 Local Address 192.168.1.53 192.168.1.53 192.168.10.53 Local Address 192.168.1.53 Remote Address 0.0.0.0 0.0.0.0 0.0.0.0 Remote Address 0.0.0.0 Uptime 00:04:26 00:04:26 00:04:25 Uptime 00:05:17

Example ZebOS# show ip mvif wm0

show ip rpf
Use this command to display RPF information for the specified source address. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ip rpf SRCADD SRCADD = A.B.C.D Specifies source IP address

186

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show ip rpf 10.10.10.50

show ipv6 mif

Use this command to display the contents of the MRIB VIF table.

Command Syntax
show ipv6 mif (vrf VRFNAME) (IFNAME) VRFNAME Optional. Specify the VRF name.

Command Mode
Exec and Privileged Exec mode

Usage
The following are sample outputs of this command displaying the MRIB VIF table, with and without the interface parameter: ZebOS# show ipv6 mif Interface Mif Idx wm0 0 Register 1 wm1 2 ZebOS# show ipv6 mif Interface Mif Idx wm0 0 Owner Module PIM-SMv6 PIM-SMv6 wm0 Owner Module PIM-SMv6 Uptime 00:17:18 00:17:18 00:17:18 Uptime 00:19:06

Example ZebOS# show ipv6 mif wm0

show ipv6 mroute

Use this command to display the contents of the IPv6 multicast routing (mroute) table.

Command Syntax
show ipv6 mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) VRFNAME Optional. Specify the VRF name. GRPADD = Group IPv6 address. SRCADD = Source IPv6 address. dense Display dense multicast routes. sparse Display sparse multicast routes.

2001-2007 IP Infusion Inc. Confidential

187

NSM Multicast Commands

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output for this command displaying the IPv6 multicast routing table: ZebOS# show ipv6 mroute IPv6 Multicast Routing Table Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (3ffe:10:10:1::96, ff1e::10), uptime 00:00:09, stat expires 00:03:21 Owner PIM-SMv6, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1 (3ffe:10:10:1::96, ff1e::12), uptime 00:00:02, stat expires 00:03:28 Owner PIM-SMv6, Flags: TF Incoming interface: wm0 Outgoing interface list: wm1

Example ZebOS# show ipv6 mroute 3ffe:10:10:1::90 ff1e::15

show ipv6 mroute count

Use this command to display the route and packet count from the IP multicast routing (mroute) table.

Command Syntax
show ipv6 mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) count show ipv6 mroute count VRFNAME Optional. Specify the VRF name. GRPADD = Group IPv6 address. SRCADD = Source IPv6 address. dense Display dense multicast routes. sparse Display sparse multicast routes. count Route and packet count data.

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output for this command displaying route and packet count data from the IP multicast routing table:

188

2001-2007 IP Infusion Inc. Confidential

NSM Multicast Commands

ZebOS# show ipv6 mroute count IPv6 Multicast Statistics Total 2 routes using 312 bytes memory Route limit/Route threshold: 2147483647/2147483647 Total NOCACHE/WRONGmif/WHOLEPKT recv from fwd: 2/0/0 Total NOCACHE/WRONGmif/WHOLEPKT sent to clients: 2/0/0 Immediate/Timed stat updates sent to clients: 0/0 Reg ACK recv/Reg NACK recv/Reg pkt sent: 0/0/0 Next stats poll: 00:00:36 Forwarding Counts: Pkt count/Byte count, Other Counts: Wrong If pkts Fwd msg counts: WRONGmif/WHOLEPKT recv Client msg counts: WRONGmif/WHOLEPKT/Imm Stat/Timed Stat sent Reg pkt counts: Reg ACK recv/Reg NACK recv/Reg pkt sent (3ffe:10:10:1::96, ff1e::10), Forwarding: 1/0, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0 (3ffe:10:10:1::96, ff1e::12), Forwarding: 1/0, Other: 0 Fwd msg: 0/0, Client msg: 0/0/0/0, Reg: 0/0/0

Example ZebOS# show ipv6 mroute 3ffe:10:20:2::92 ff1e::12 count

show ipv6 mroute summary

Use this command to display the contents of the IPv6 multicast routing (mroute) table in an abbreviated form.

Command Syntax
show ipv6 mroute (vrf VRFNAME) (GRPADD) (SRCADD) (dense|sparse) summary show ipv6 mroute summary VRFNAME Optional. Specify the VRF name. GRPADD = Group IPv6 address. SRCADD = Source IPv6 address. dense Display dense multicast routes. sparse Display sparse multicast routes. summary = Provide abbreviated display.

Command Mode
Exec and Privileged Exec mode

Usage
The following is a show output of this command displaying an abbreviated version of the IP multicast routing table contents. ZebOS# show ipv6 mroute summary IPv6 Multicast Routing Table

2001-2007 IP Infusion Inc. Confidential

189

NSM Multicast Commands

Flags: I - Immediate Stat, T - Timed Stat, F - Forwarder installed Timers: Uptime/Stat Expiry Interface State: Interface (3ffe:10:10:1::96, ff1e::10), 00:00:10/00:03:20, PIM-SMv6, Flags: TF (3ffe:10:10:1::96, ff1e::12), 00:00:03/00:03:27, PIM-SMv6, Flags: TF

Example ZebOS# show ipv6 mroute 3ffe:10:10:1::70

ff1e::6 summary

show ipv6 rpf

Use this command to display RPF information for the specified source address. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show ipv6 rpf SRCADD SRCADD = X:X::X:X Specifies source IPv6 address

Command Mode
Exec mode and Privileged Exec mode

Examples ZebOS# show ipv6 rpf 3ffe::1

190

2001-2007 IP Infusion Inc. Confidential

CHAPTER 9

NSM Traffic Engineering (TE) Commands

reservable-bandwidth
Use this command to specify the maximum reservable bandwidth per interface. This value can be a larger or smaller value than max-bandwidth. When no max-reservable-bandwidth is specified, the default is equal to the maxbandwidth. Use the no parameter to remove the maximum reservable, and use the maximum bandwidth. This command is available only when Traffic Engineering is enabled at build time. Use any of these switches to turn on TE: --enable te; --enable ospf-te; --enable cspf.

Command Syntax
reservable-bandwidth BANDWIDTH BANDWIDTH = <1-999> k|m|g for 1 to 999 kilo bits, mega bits or giga bits.

Command Mode
Interface mode

Usage
interface eth0 reservable-bandwidth 100m

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# reservable-bandwidth Related Commands
bandwidth

100m

2001-2007 IP Infusion Inc. Confidential

191

NSM Traffic Engineering (TE) Commands

192

2001-2007 IP Infusion Inc. Confidential

CHAPTER 10

NSM DiffServ Commands

This chapter contains DiffServ commands in alphabetical order. These commands are available only if ZebOS is compiled with the --enable-diffserv configuration option.

mpls class-to-exp-bit
Use this command to configure the node level PHB-EXP mapping. Use the no parameter with this command to remove the configuration of a PHB-EXP mapping.

Command Syntax
(no) mpls class-to-exp-bit CLASS <0-7> CLASS Diffserv class mapped to particular PHB. For example, be, ef, af11 etc. <0-7> EXP bit mapped to the specified PHB.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls class-to-exp-bit ef 3

mpls support-diffserv-class
Use this command to configure the supported Diffserv class. Use the no parameter with this command to remove the configuration of the supported Diffserv class.

Command Syntax
(no) mpls support-diffserv-class CLASS CLASS Diffserv class mapped to the specified PHB. For example, ef, be, af11 etc.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls support-diffserv-class af11

show mpls diffserv

Use this command to display Diffserv configuration information. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

2001-2007 IP Infusion Inc. Confidential

193

NSM DiffServ Commands

Command Syntax
show mpls diffserv

Command Mode
Privileged Exec mode

Usage
The diffserv configuration information displayed by this command includes: All configurable Diffserv classes that can be used as PHB/PSC. PHB/PSC supported by this node. Node level PHB-EXP mapping.

Following is a sample output of the show mpls diffserv command showing diffserv configuration information. ZebOS# show mpls diffserv MPLS Differentiated Services Configurable Classes list: DSCP Class: be, value: 000000 DSCP Class: cs1, value: 001000 DSCP Class: af11, value: 001010 DSCP Class: af12, value: 001100 DSCP Class: af13, value: 001110 DSCP Class: cs2, value: 010000 DSCP Class: af21, value: 010010 DSCP Class: af22, value: 010100 DSCP Class: af23, value: 010110 DSCP Class: cs3, value: 011000 DSCP Class: af31, value: 011010 DSCP Class: af32, value: 011100 DSCP Class: af33, value: 011110 DSCP Class: cs4, value: 100000 DSCP Class: af41, value: 100010 DSCP Class: af42, value: 100100 DSCP Class: af43, value: 100110 DSCP Class: cs5, value: 101000 DSCP Class: ef, value: 101110 DSCP Class: cs6, value: 110000 DSCP Class: cs7, value: 111000 MPLS Differentiated Services Supported Classes data: CLASS DSCP_value be 000000 af11 001010 af12 001100 cs5 101000 MPLS Differentiated Services CLASS to EXP mapping data: CLASS DSCP_value EXP_value be 000000 0 be 000000 2 af12 001100 3

194

2001-2007 IP Infusion Inc. Confidential

NSM DiffServ Commands

Examples ZebOS# show mpls diffserv

show mpls diffserv class-to-exp

Use this command to display the node level PHB-EXP mapping. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls diffserv class-to-exp

Command Mode
Privileged Exec mode

Usage
Following is a sample output of the show mpls diffserv class-to-exp command showing PHB-EXP mapping at the node level. ZebOS# show mpls diffserv class-to-exp MPLS Differentiated Services CLASS to EXP mapping data: CLASS DSCP_value EXP_value be 000000 0 be 000000 2 af12 001100 3

Examples ZebOS# show mpls diffserv class-to-exp

show mpls diffserv configurable-dscp

Use this command to display all configurable DSCP values which can be used as PHB/PSC by this node. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls diffserv configurable-dscp

Command Mode
Privileged Exec mode

Usage
Following is a sample output of the show mpls diffserv configurable-dscp command showing all configurable diffserv DSCP values. ZebOS# show mpls diffserv configurable-dscp MPLS Differentiated Services Configurable Classes list: DSCP Class: be, value: 000000 DSCP Class: cs1, value: 001000

2001-2007 IP Infusion Inc. Confidential

195

NSM DiffServ Commands

DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP DSCP

Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class: Class:

af11, af12, af13, cs2, af21, af22, af23, cs3, af31, af32, af33, cs4, af41, af42, af43, cs5, ef, cs6, cs7,

value: value: value: value: value: value: value: value: value: value: value: value: value: value: value: value: value: value: value:

001010 001100 001110 010000 010010 010100 010110 011000 011010 011100 011110 100000 100010 100100 100110 101000 101110 110000 111000

Examples
ZebOS# show mpls diffserv configurable-dscp

show mpls diffserv supported-dscp

Use this command to display supported DSCP values that can be used as PHB/PSC by this node. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls diffserv supported-dscp

Command Mode
Privileged Exec mode

Usage
Following is a sample output of the show mpls diffserv supported-dscp command showing the supported diffserv DSCP value. ZebOS# show mpls diffserv supported-dscp MPLS Differentiated Services Supported Classes data: CLASS DSCP_value be 000000 af11 001010 af12 001100 cs5 101000

Examples ZebOS# show mpls diffserv supported-dscp

196

2001-2007 IP Infusion Inc. Confidential

CHAPTER 11

NSM DiffServ-TE Commands

bandwidth-constraint
Use this command to configure the bandwidth constraint for a class type on the current interface. Use the no parameter with this command to remove the bandwidth constraint of a class type on the current interface.

Command Syntax
(no) bandwidth-constraint CT-NAME BANDWIDTH CT-NAME Specifies the DS-TE class type name associated with the bandwidth. BANDWIDTH Specifies the bandwidth constraint <1-10000000000 bits>. Usable units are k|m|g for kilo, mega or giga bits. The default value is 0.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# bandwidth-constraint a1 100m

bc-mode
Use this command to configure the bandwidth constraint mode for the current interface. There are three different modes available--MAM, RSDL and MAR.

Command Syntax
bc-mode MODE MODE Specifies the bandwidth constraint mode: MAM, RSDL or MAR. MAM is the default mode.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# bc-mode mam

mpls class-type
Use this command to configure the name for a class type. Defining the class type name enables and configures the class type on a particular node. Use the no parameter with this command to remove the class type configuration.

2001-2007 IP Infusion Inc. Confidential

197

NSM DiffServ-TE Commands

Command Syntax
(no) mpls class-type CLASS-TYPE CLASS-TYPE-NAME CLASS-TYPE Class type to be configured (ct0-ct7). CLASS-TYPE-NAME Name to be configured for the specified class type.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls class-type ct1 a1

mpls te-class
Use this command to configure a TE class using the class type name and the pre-emption priority. Use the no parameter with this command to remove the TE class configuration.

Command Syntax
(no) mpls te-class TE-CLASS CLASS-TYPE-NAME <0-7> TE-CLASS Specifies DiffServ TE class (te0-te7). CLASS-TYPE-NAME Specifies class type name. <0-7> Pre-emption priority.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(configure)# mpls te-class te3 default 6

show mpls dste

Use this command to display the DS-TE configuration information on this node. It displays information about the configured class types and TE classes. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls dste

Command Mode
Privileged Exec mode

Usage
The following is a sample output of the show mpls dste command displaying the DS-TE configuration information about the TE classes and class types.

198

2001-2007 IP Infusion Inc. Confidential

NSM DiffServ-TE Commands

ZebOS# show mpls dste te0: { a1, 4 } te1: { a2, 5 } te3: { default, 6 } ct0: default ct1: a1 ct2: a2

Examples ZebOS# show mpls dste

show mpls dste class-type

Use this command to display configured DS-TE class types. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls dste class-type

Command Mode
Privileged Exec mode

Usage
The following is a sample output of the show mpls dste class-type command displaying the class types. ZebOS# show mpls dste class-type ct0: default ct1: a1 ct2: a2

Examples ZebOS# show mpls dste class-type

show mpls dste te-class

Use this command to display configured DS-TE TE classes. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls dste te-class

Command Mode
Privileged Exec Mode

Usage
The following is a sample output of the show mpls dste te-class command displaying the TE classes.

2001-2007 IP Infusion Inc. Confidential

199

NSM DiffServ-TE Commands

ZebOS# te0: { te1: { te3: {

show mpls dste te-class a1, 4 } a2, 5 } default, 6 }

Examples ZebOS# show mpls dste te-class

200

2001-2007 IP Infusion Inc. Confidential

CHAPTER 12

NSM Layer-2 Commands

Common Commands
flowcontrol off
Use this command to disable flow control.

Command Syntax
flowcontrol [send|receive] off

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# flowcontrol receive off

flowcontrol on
Use this command to enable flow control, and configure the flow control mode for the port.

Command Syntax
flowcontrol [send|receive] on

Command Mode
Interface mode

Usage
Flow control enables connected Ethernet ports to control traffic rates during congestion by allowing congested nodes to pause link operation at the other end. If one port experiences congestion, and cannot receive any more traffic, it notifies the other port to stop sending until the condition clears. When the local device detects congestion at its end, it notifies the remote device by sending a pause frame. On receiving a pause frame, the remote device stops sending data packets, which prevents loss of data packets during the congestion period.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# flowcontrol send on

2001-2007 IP Infusion Inc. Confidential

201

NSM Layer-2 Commands

mirror interface
Use this command to define a mirror source port and its direction. This command must be run separately for each source port. Use the no parameter with this command to disable port mirroring by the destination port on the specified source port.

Command Syntax
mirror interface SOURCEPORT direction SNOOPDIRECTION no mirror interface SOURCEPORT SOURCEPORT Name of the Source interface to be used. SNOOPDIRECTION [both|receive|transmit] both Specifies mirroring of traffic in both directions. receive Specifies mirroring of received traffic. transmit Specifies mirroring of transmitted traffic.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# mirror interface eth1 direction both

show flowcontrol interface

Use this command to display flow control information.

Command Syntax
show flowcontrol interface IFNAME IFNAME Specifies the name of the interface to be displayed.

Command Mode
Exec mode

Example ZebOS# show flowcontrol interface ge2 Usage

The following is a sample output of the show flowcontrol interface command displaying flow control information: ZebOS# show flowcontrol interface ge1 Port Send FlowControl Receive FlowControl admin ----ge1 oper admin oper ------- ------0 0 RxPause TxPause

------- -------on on

202

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

show mirror
Use this command to display the status of all mirrored ports.

Command Syntax
show mirror

Command Mode
Privileged Exec mode

Example ZebOS# show mirror Usage

The following is a sample output of the show mirror command displaying the status of all mirrored ports: ZebOS# show mirror Mirror Test Port Name: ge1 Mirror option: Enabled Mirror direction: both Monitored Port Name: ge2 Mirror Test Port Name: ge3 Mirror option: Enabled Mirror direction: receive Monitored Port Name: ge4 Mirror Test Port Name: ge3 Mirror option: Enabled Mirror direction: receive Monitored Port Name: ge1 Mirror Test Port Name: ge1 Mirror option: Enabled Mirror direction: receive Monitored Port Name: ge3 Mirror Test Port Name: ge1 Mirror option: Enabled Mirror direction: transmit Monitored Port Name: ge4

show mirror interface

Use this command to display port mirroring.

Command Syntax
show mirror interface IFNAME IFNAME Specifies the name of the destination port to be used.

Command Mode
Interface, Privileged Exec and Exec mode

2001-2007 IP Infusion Inc. Confidential

203

NSM Layer-2 Commands

Example ZebOS# show mirror interface eth1 Usage

Following is a sample output of the show mirror interface command displaying mirroring information. ZebOS(config)# interface ge1 ZebOS(config-if)# mirror interface ge2 direction both ZebOS(config-if)# show mirror interface ge2 Mirror Test Port Name: ge1 Mirror option: Enabled Mirror direction: both Monitored Port Name: ge2

show storm-control
Use this command to display storm control information for all interfaces or a particular interface.

Command Syntax
show storm-control (IFNAME) IFNAME Specifies the name of the interface for which storm-control information is to be displayed.

Command Mode
Privileged Exec mode

Example ZebOS# show storm-control eth1 Usage

The following is a sample output of this command displaying storm control information:

ZebOS# show storm-control eth1

Port fe14

BcastLevel BcastDiscards McastLevel McastDiscards DlfLevel 40. 0% 64290164 100. 0% 64290164 100. 0%

DlfDiscards 64290164

show storm-control broadcast interface

Use this command to display storm control information.

Command Syntax
show storm-control broadcast interface IFNAME IFNAME Specifies the name of the interface for which storm-control information is to be displayed.

Command Mode
Privileged Exec mode

Example ZebOS# show storm-control broadcast interface eth1

204

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Usage
The following is a sample output of this command displaying storm control information: ZebOS(config-if)# storm-control broadcast level 3 ZebOS(config-if)# show storm-control broadcast Port ge1 BcastSuppLevel 3% TotalSuppressedPackets 61503000

storm-control level
Use this command to specify the rising threshold level for broadcasting, multicast, or destination lookup failure traffic. The storm control action occurs when traffic utilization reaches this level. Use the no parameter with this command to disable storm control.

Command Syntax
storm-control broadcast|multicast|dlf level LEVEL no storm-control broadcast|multicast|dlf LEVEL <0-100> Specifies the percentage of the threshold; percentage of the maximum speed (pps) of the interface. dlf destination lookup failure

Default
By default, storm control is disabled.

Command Mode
Interface mode

Usage
Flooding techniques are used to block the forwarding of unnecessary flooded traffic. A packet storm occurs when a large number of broadcast packets are received on a port. Forwarding these packets can cause the network to slow down or time out.

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# storm-control broadcast level 30

Bridge Commands
bridge acquire
Use this command to enable a specific bridge to learn station location information for an instance. This helps in making forwarding decisions. To disable learning, use the no parameter with this command.

2001-2007 IP Infusion Inc. Confidential

205

NSM Layer-2 Commands

Command Syntax
bridge <1-32> acquire no bridge <1-32> acquire <1-32> Bridge-group ID used for bridging.

Command Mode
Configure mode

Default
Learning is enabled by default for all instances.

Examples ZebOS# configure terminal ZebOS(config)# bridge 3 acquire

bridge address
Use this command to statically configure a bridge entry to forward or discard matching frames.

Command Syntax
bridge <1-32> address MAC forward|discard IFNAME no bridge <1-32> address MAC forward|discard IFNAME <1-32> Bridge-group ID used for bridging. MAC the Media Access Control (MAC) address in the HHHH.HHHH.HHHH format. IFNAME the interface on which the frame comes in.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# bridge 2 address 2222.2222.2222 forward eth0

bridge ageing-time
Use this command to specify an ageing-out time for a learned MAC address. The learned MAC address will persist till this specified time.

Command Syntax
bridge-group <1-32> ageing-time AGEINGTIME no bridge-group <1-32> ageing-time <1-32> The ID of the bridge-group that this ageing time is for. AGEINGTIME = <10-1000000> The number of seconds of persistence.

Default
The default ageing time is 300 seconds.

206

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# bridge 3 ageing-time 1000

bridge-group
Use this command to bind an interface with a bridge specified by the parameter.

Command Syntax
(no) bridge-group <1-32> <1-32> Bridge-group ID used for bridging.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# bridge-group 2

bridge protocol ieee

Use this command to add a IEEE 802.1d Spanning Tree Protocol bridge. Use the no parameter to remove a bridge.

Command Syntax
bridge <1-32> protocol ieee no bridge <1-32> <1-32> Bridge-group ID used for bridging.

Command Mode
Configure mode

Default
There is no default value.

Usage
After creating a bridge instance, add interfaces to the bridge using the bridge-group command. Bring the bridge instance into operation with the no shutdown command in interface mode.

Examples zebos# configure terminal zebos(config)# bridge 3 protocol ieee

2001-2007 IP Infusion Inc. Confidential

207

NSM Layer-2 Commands

Related Commands
bridge ageing-time

bridge protocol ieee vlan-bridge

Use this command to add a VLAN bridge (according to the IEEE 802.1q Spanning Tree Protocol) to the spanning tree.

Command Syntax
bridge <1-32> protocol ieee vlan-bridge <1-32> Bridge-group ID used for bridging.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# bridge 4 protocol ieee vlan-bridge

bridge protocol mstp

Use this command to create a multiple spanning-tree protocol (MSTP) bridge of a specified parameter. Use the no parameter with this command to unmap the VLANs from a particular instance, and associate it back to the default instance of 0.

Command Syntax
bridge <1-32> protocol mstp no bridge <1-32> <1-32> Specify the bridge group ID.

Command Mode
Configure mode

Usage
The MSTP bridges can have different spanning-tree topologies for different VLANs inside a region of similar MSTP bridges. The multiple spanning tree protocol, like the rapid spanning tree protocol, provides rapid reconfiguration capability, while providing load balancing ability. Using this command creates an instance of the spanning tree, and associates the VLANs specified with that instance. A bridge created by the above command forms its own separate region unless it is added explicitly to a region by using the region name command.

Examples ZebOS# configure terminal ZebOS(config)# bridge 2 protocol mstp

bridge protocol rstp

Use this command to add an IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) bridge.

208

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Syntax
bridge <1-32> protocol rstp (ring) <1-32> Bridge-group ID used for bridging. ring Optional. Add an RSTP bridge for a ring topology.

Command Mode
Configure mode

Usage
After creating a bridge instance, add interfaces to the bridge using the bridge-group command. Bring the bridge instance into operation with the no shutdown command in Interface mode.

Examples ZebOS# configure terminal ZebOS(config)# bridge 2 protocol rstp

bridge protocol rstp vlan-bridge

Use this command to add a VLAN bridge to the rapid spanning tree.

Command Syntax
bridge <1-32> protocol rstp vlan-bridge <1-32> Bridge-group ID used for bridging.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# bridge 3 protocol rstp vlan-bridge

clear mac address-table

Use this command to clear the filtering database for the default bridge.

Command Syntax clear mac address-table static|multicast address|vlan|interface (WORD) static Filtering database entries configured through the CLI. multicast Multicast filtering database entries. address Filtering database entries with the given MAC address. vlan Filtering database entries for the given VLAN. interface Filtering database entries for the given interface. WORD
VLAN ID when filtering database entries are cleared based on VLANs. Value range is 1-4094. Interface name when filtering database entries are cleared based on an interface name. MAC address name when filtering database entries are cleared based on the MAC address.

2001-2007 IP Infusion Inc. Confidential

209

NSM Layer-2 Commands

Command Mode
Privileged Exec mode

Examples
This example shows how to clear all filtering database entries configured through the CLI.

ZebOS# clear mac address-table static

This example shows how to clear multicast filtering database entries.

ZebOS# clear mac address-table multicast

This example shows how to clear all filtering database entries for a given interface.

ZebOS# clear mac address-table static interface eth0

This example shows how to clear multicast filtering database entries for a given VLAN.

ZebOS# clear mac address-table multicast vlan 2

This example shows how to clear static filtering database entries for a given MAC address.

ZebOS# clear mac address-table static address 0202.0202.0202

Related Commands
clear mac address-table bridge

clear mac address-table bridge

Use this command to: clear the filtering database clear all filtering database entries configured through CLI (static) clear all multicast filtering database entries clear all multicast filtering database entries for a given VLAN or interface clear all static or multicast database entries based on a mac address

Command Syntax
clear mac address-table (static|multicast) (address|vlan|interface) WORD bridge NAME static Filtering database entries configured through CLI. multicast Multicast filtering database entries. address Filtering database entries with the given mac address. vlan Filtering database entries for the given VLAN. interface Filtering database entries for the given interface. WORD VLAN ID when filtering database entries are cleared based on VLANs. Value range is 1-4094. Interface name when filtering database entries are cleared based on an interface name. Mac address name when filtering database entries are cleared based on the mac address. NAME Bridge name <1-32>.

Command Mode
Privileged Exec mode

210

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Examples
This example shows how to clear all filtering database entries configured through CLI.

ZebOS# clear mac address-table static bridge 1

This example shows how to clear multicast filtering database entries.

ZebOS# clear mac address-table multicast bridge 1

This example shows how to clear all filtering database entries for a given interface.

ZebOS# clear mac address-table static interface eth0 bridge 1

This example shows how to clear multicast filtering database entries for a given VLAN.

ZebOS# clear mac address-table multicast vlan 2 bridge 1

This example shows how to clear static filtering database entries for a given mac address.

ZebOS# clear mac address-table static address 0202.0202.0202 bridge 1

clear mac address-table dynamic

Use this command to clear, on the default bridge, the filtering database of all entries learned through bridge operation, or filtering database entries learned through bridge operation for a given MAC address, interface, or VLAN.

Command Syntax clear mac address-table dynamic clear mac address-table dynamic address|interface|vlan (WORD) address Filtering database entries for the given MAC address. interface Filtering database entries for the given interface. vlan Filtering database entries for the given VLAN. WORD Optional.
MAC address when filtering database entries are cleared based on an MAC address. Interface name when filtering database entries are cleared based on an interface name. VLAN ID when filtering database entries are cleared based on VLANs. Value range is 1-4094.

Command Mode
Privileged Exec mode

Examples
This example shows how to clear all filtering database entries learned through bridge operation for a given MAC address.

ZebOS# clear mac address-table dynamic address 0202.0202.0202

Related Commands
clear mac address-table dynamic bridge

clear mac address-table dynamic bridge

Use this command to clear the filtering database of all entries learned through bridge operation, or clear filtering database entries learned through bridge operation for a given MAC address, interface, or VLAN.

2001-2007 IP Infusion Inc. Confidential

211

NSM Layer-2 Commands

Command Syntax
clear mac address-table dynamic bridge NAME NAME Bridge name <1-32>. clear mac address-table dynamic address|interface|vlan WORD bridge NAME address Filtering database entries for the given MAC address. interface Filtering database entries for the given interface. vlan Filtering database entries for the given VLAN. WORD MAC address when filtering database entries are cleared based on an MAC address. Interface name when filtering database entries are cleared based on an interface name. VLAN ID when filtering database entries are cleared based on VLANs. Value range is 1-4094.

Command Mode
Privileged Exec mode

Examples
This example shows how to clear all filtering database entries learned through bridge operation for a given MAC address.

ZebOS# clear mac address-table dynamic address 0202.0202.0202 bridge 1

mac-address-table static
Use this command to configure the static forwarding table entry for the default bridge. Use the no parameter with this command to remove the entry for the default bridge.

Command Syntax (no) mac-address-table static MAC forward|discard IFNAME MAC MAC address in the HHHH.HHHH.HHHH format. IFNAME Interface on which the frame comes in. Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mac-address-table static 2222.2222.2222 forward eth0 Related Commands
bridge address

show bridge
Use this command to display the filtering database values. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

212

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Syntax
show bridge

Command Mode
Privileged Exec mode

Usage
The following is a sample output of the show bridge command. ZebOS# show bridge % b: bridge up - spanning tree enabled - learning enabled % b: ageing-time 300 - root path cost 0 - priority 32768 % b: forward-time 15 - hello-time 2 - max-age 20 - root port 0 % b: root id 8000000000000000 % b: bridge id 8000000000000000 % b: hello timer 0 - tcn timer 0 - topo change timer 0 % b: 0 topology changes - last topology change Wed Dec 31 19:00:00 1969 zebos#con t Enter configuration commands, one per line. End with CNTL/Z. zebos(config)#int eth1 zebos(config-if)#bridge-group b ZebOS# show bridge % b: bridge up - spanning tree enabled - learning enabled % b: ageing-time 300 - root path cost 0 - priority 32768 % b: forward-time 15 - hello-time 2 - max-age 20 - root port 0 % b: root id 8000000476e6c88c % b: bridge id 8000000476e6c88c % b: hello timer 0 - tcn timer 0 - topo change timer 0 % b: 0 topology changes - last topology change Wed Dec 31 19:00:00 1969 % eth1: port 3 - id 8003 - path cost 20000000 - designated cost 0 % eth1: designated port id 8003 - state Listening - priority 128 % eth1: designated root 8000000476e6c88c % eth1: designated bridge 8000000476e6c88c % eth1: forward-timer 10 - hold-timer 0 - msg age timer 0 % eth1: forward-transitions 0

show interface switchport bridge

Use this command to display the characteristics of the Layer-2 interface with the current VLAN.

Command Syntax
show interface switchport bridge <1-32> <1-32> Specify the ID of the bridge-group for which information has to be displayed.

Command Mode
Privileged Exec mode

Usage
The following is an output of this command displaying the characteristics of this interface on bridge b.

2001-2007 IP Infusion Inc. Confidential

213

NSM Layer-2 Commands

ZebOS# show interfaces switchport bridge 2 Interface name : eth5 Switchport mode : access Ingress filter : disable Acceptable frame types : all Vid swap : disable Default vlan : 2 Configured vlans : 2 Interface name : eth4 Switchport mode : access Ingress filter : disable Acceptable frame types : all Vid swap : disable Default vlan : 1 Configured vlans : 1

Example
zebos# show interface switchport bridge 4

switchport
Use this command to set the switching characteristics of the Layer-2 protocols when using the ZebOS Hybrid Layer-2/ Layer-3 solution. Use the no parameter with this command to revert to the default behavior.

Command Syntax
(no) switchport

Command Mode
Interface mode

Usage
In case of ZebOS Hybrid L-2/ L-3, it is important to understand that by default, all interfaces are configured as routed interfaces; and if you want to change the behavior of a port from a Switched port to a routed port, you must explicitly configure this using the no switchport command in the interface mode.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# no switchport

214

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

VLAN Commands
show vlan
Use this command to display information about a particular VLAN by specifying the VLAN ID. It displays information for all the bridges configured.

Command Syntax
show vlan <2-4094> <2-4094> VLAN ID.

Command Mode
Privileged Exec mode

Example
The following is an output of this command displaying information about VLAN 2. ZebOS# show vlan 2 Bridge Group VLAN ID Name State Member ports ([u]-Untagged, [t]-Tagged) [u]eth1 [t]eth2

------------ --------- --------------- ----------- -----------------------1 2 VLAN0002 active

show vlan all

Use this command to display information about all VLANs on the default bridge. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show vlan all Command Mode

Privileged Exec mode

Related Commands
show vlan all bridge

show vlan all bridge

Use this command to display information about all VLANs on a bridge.

Command Syntax
show vlan all bridge <1-32> <1-32> Bridge group ID.

2001-2007 IP Infusion Inc. Confidential

215

NSM Layer-2 Commands

Command Mode
Privileged Exec mode

Example
The following is a sample output of this command displaying all VLANs on bridge 1. ZebOS# show vlan all bridge 1 Bridge VLAN ID Name Member ports (u)-Untagged, (t)-Tagged =============== ======= =============== ======= ============================= 1 1 default ACTIVE fe17(u) po1(t) fe43(t) fe44(t) Bridge VLAN ID Name State Member ports (u)-Untagged, (t)-Tagged =============== ======= =============== ======= ============================== 1 11 VLAN0011 ACTIVE po1(t) State

show vlan brief

Use this command to display information about all VLANs configured for all bridges.

Command Syntax
show vlan brief

Command Mode
Privileged Exec mode

Example
ZebOS# show vlan brief Bridge VLAN ID Name State Member ports (u)-Untagged, (t)-Tagged =============== ======= ================ ====== ============================== 1 Bridge 1 VLAN ID default Name ACTIVE State fe17(u) po1(t) fe43(t) fe44(t) Member ports (u)-Untagged, (t)-Tagged =============== ======= ================ ====== ============================== 1 11 VLAN0011 ACTIVE po1(t)

show vlan classifier group

Use this command to display information about all configured VLAN classifier groups or a specific group.

Command Syntax show vlan classifier group (<1-256>)

<1-256> VLAN classifier group identifier

216

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Exec mode

Usage
If a group ID is not specified, all configured VLAN classifier groups are shown. If a group ID is specified, a specific configured VLAN classifier group is shown.

Example ZebOS# show vlan classifier group 1 vlan classifier group 1 add rule 1

show vlan classifier interface group

Use this command to display information about all interfaces configured for a VLAN group or all the groups.

Command Syntax
show vlan classifier interface group (<1-16>) <1-16> VLAN classifier interface group identifier

Command Mode
Exec mode

Usage
If a group ID is not specified, all interfaces configured for all VLAN classifier groups are shown. If a group ID is specified, the interfaces configured for this VLAN classifier group are shown.

Example ZebOS# show vlan classifier interface group vlan classifier group 1 interface fe2 vlan classifier group 1 interface fe3 vlan classifier group 2 interface fe5 vlan classifier group 3 interface fe7
ZebOS# show vlan classifier interface group 1 vlan classifier group 1 interface fe2 vlan classifier group 1 interface fe3

show vlan classifier rule

Use this command to display information about all configured VLAN classifier rules or a specific rule.

Command Syntax show vlan classifier rule (<1-256>)

<1-256> VLAN classifier rule identifier

Command Mode
Exec mode and Privileged Exec mode

2001-2007 IP Infusion Inc. Confidential

217

NSM Layer-2 Commands

Usage
If a rule ID is not specified, all configured VLAN classifier rules are shown. If a rule ID is specified, a specific configured VLAN classifier rule is shown.

Example ZebOS# show vlan vlan classifier rule 1 vlan classifier group 1 add rule 1

show vlan dynamic bridge

Use this command to display information about all dynamic VLANs on a bridge.

Command Syntax
show vlan dynamic bridge <1-32> <1-32> Bridge-group ID.

Command Mode
Privileged Exec mode

Example
The following is a sample output of this command displaying dynamic VLANs on bridge 1. ZebOS# show vlan dynamic bridge 1 Bridge VLAN ID Name Member ports (u)-Untagged, (t)-Tagged =============== ======= ================ ======= ============================= 1 1 11 14 *VLAN0011 *VLAN0014 ACTIVE ACTIVE fe33(t) fe33(t) State

show vlan static bridge

Use this command to display information about all static VLANs on a bridge.

Command Syntax
show vlan static bridge <1-32> <1-32> Bridge-group ID.

Command Mode
Privileged Exec mode

Example
The following is a sample output of this command displaying static VLANs on bridge 1. ZebOS# show vlan static bridge 1 Bridge VLAN ID Name Member ports (u)-Untagged, (t)-Tagged =============== ======= ================ ===================================== State

218

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

1 Bridge

fe17(u) po1(t) fe43(t)fe44(t) Member ports (u)-Untagged, (t)-Tagged =============== ======= ================ ===================================== 1 11 VLAN0011 ACTIVE po1(t)

1 default VLAN ID Name

ACTIVE State

switchport access vlan

Use this command to change the default VLAN on the current interface. Use the no parameter to remove a previously created VLAN with the specified VLAN ID.

Command Syntax
(no) switchport access vlan VLANID VLANID = < 2-4094> The default VLAN ID for the specified interface.

Command Mode
Interface mode

Usage
IPI does not recommend the use of VLANID identifier 1 because of interoperability issues with other vendors equipment.

Examples
This example shows the steps of a typical VLAN session, creating and destroying a VLAN. zebos# configure terminal zebos(config)# interface eth0 zebos(config-if)# switchport access vlan 3 ... zebos(config)# interface eth0 zebos(config-if)# no switchport access vlan 3

Related Commands
show vlan

switchport hybrid allowed vlan

Use this command to set the switching characteristics of the Layer-2 interface to hybrid. Both tagged and untagged frames will be classified over hybrid interfaces. Use the no parameter to turn off allowed hybrid switching.

Command Syntax
switchport hybrid allowed vlan all switchport hybrid allowed vlan none switchport hybrid allowed vlan add VLANID (egress-tagged [enable|disable]) switchport hybrid allowed vlan remove VLANID

2001-2007 IP Infusion Inc. Confidential

219

NSM Layer-2 Commands

no switchport hybrid vlan all Allow all VLANs to transmit and receive through the Layer-2 interface. none Allow no VLANs to transmit and receive through the Layer-2 interface. add Add a VLAN to the member set. remove Remove a VLAN from the member set. VLANID = <2-4094> The ID of the VLAN or VLANs that will be added to, or removed from, the Layer-2 interface. For a VLAN range, specify two VLAN numbers: lowest, then highest number in the range, separated by a hyphen. For a VLAN list, specify the VLAN numbers separated by commas. Note: Do not enter spaces between hyphens or commas when setting parameters for VLAN ranges or lists.

egress-tagged enable Enable the egress tagging for the outgoing frames. disable Disable the egress tagging for the outgoing frames.

Command Mode
Interface mode

Examples
The following shows adding a single VLAN to the member set.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport hybrid allowed vlan add eg switchport hybrid allowed vlan add 2 egress-tagged enable
The following shows adding a range of VLANs to the member set.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport hybrid allowed vlan add eg switchport hybrid allowed vlan add 2-4 egress-tagged enable
The following shows adding a list of VLANs to the member set.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport hybrid allowed vlan add eg switchport hybrid allowed vlan add 2,3,4 egress-tagged enable

switchport hybrid vlan

Use this command to set the switching characteristics of the Layer-2 interface to hybrid. Use the no parameter to turn off hybrid switching (no switchport hybrid), or add the Layer 2 interface to the default VLAN (no switchport hybrid vlan).

Command Syntax
switchport hybrid vlan VLANID VLANID The ID of the VLAN that will be added to, or removed from, the Layer-2 interface no switchport hybrid

220

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands Turns off the Layer 2 switching characteristic. no switchport hybrid vlan Adds the Layer 2 interface to the default VLAN.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport hybrid vlan 18

switchport mode access

Use this command to set the switching characteristics of the Layer-2 interface to access mode, and classify untagged frames only. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. Use the no parameter with this command to reset the mode of the Layer-2 interface to access (default).

Command Syntax
switchport mode access (ingress-filter [enable|disable]) no switchport mode ingress-filter Set the ingress filtering for the received frames. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value.

Default
The result of not using this command is that ingress filtering is off, and that all frame types are classified and accepted. Using this command without the ingress-filter parameter causes this command to use the default values.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode access ingress-filter enable

switchport mode hybrid

Use this command to set the switching characteristics of the Layer-2 interface as hybrid, and classify both tagged and untagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. Use the no parameter to reset the mode of the Layer-2 interface to access (default).

2001-2007 IP Infusion Inc. Confidential

221

NSM Layer-2 Commands

Command Syntax
switchport mode hybrid switchport mode hybrid ingress-filter [enable|disable] switchport mode hybrid acceptable-frame-type vlan-tagged no switchport mode ingress-filter Set the ingress filtering for the frames received. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value. acceptable-frame-type Set the Layer-2 interface acceptable frame types. This processing occurs after VLAN classification. vlan-tagged Accept only classified frames which belong to the port's member set.

Default
The result of not using this command is that ingress filtering is off, and that all frame types are classified and accepted. Using this command without either ingress-filter or acceptable-frame-type parameters causes this command to use the default values for each.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode hybrid acceptable-frame-type vlan-tagged

switchport mode trunk

Use this command to set the switching characteristics of the Layer-2 interface as trunk, and specify only tagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. Use the no parameter to reset the mode of the Layer-2 interface to access (default).

Command Syntax
switchport mode trunk (ingress-filter [enable|disable]) no switchport mode ingress-filter Set the ingress filtering for the frames received. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value.

222

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode trunk ingress-filter enable

switchport trunk allowed vlan

Use this command to set the switching characteristics of the Layer-2 interface to trunk.The all parameter indicates that any VLAN ID is part of its ports member set. The none parameter indicates that no VLAN ID is configured on this port. The add and remove parameters will add and remove VLAN IDs to/from the ports member set. Use the no parameter to remove all VLAN IDs configured on this port.

Command Syntax
switchport trunk allowed vlan all switchport trunk allowed vlan none switchport trunk allowed vlan add VLANID switchport trunk allowed vlan remove VLANID switchport trunk allowed vlan except VLANID no switchport trunk vlan all Allow all VLANs to transmit and receive through the Layer-2 interface. none Allow no VLANs to transmit and receive through the Layer-2 interface. add Add a VLAN to transmit and receive through the Layer-2 interface. remove Remove a VLAN from transmit and receive through the Layer-2 interface. except All VLANs, except the VLAN for which the ID is specified, are part of its ports member set. VLANID <2-4094> The ID of the VLAN or VLANs that will be added to, or removed from, the Layer-2 interface. A single VLAN, VLAN range, or VLAN list can be set. For a VLAN range, specify two VLAN numbers: lowest, then highest number in the range, separated by a hyphen. For a VLAN list, specify the VLAN numbers separated by commas. Note: Do not enter spaces between hyphens or commas when setting parameters for VLAN ranges or lists.

Command Mode
Interface mode

Examples
The following shows adding a single VLAN to the ports member set.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport trunk allowed vlan add V2
The following shows adding a range of VLANs to the ports member set.

ZebOS# configure terminal ZebOS(config)# interface eth0

2001-2007 IP Infusion Inc. Confidential

223

NSM Layer-2 Commands

ZebOS(config-if)# switchport trunk allowed vlan add V2-4

The following shows adding a list of VLANs to the ports member set.

ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport trunk allowed vlan add V2,3,4

switchport trunk native vlan

Use this command to configure native VLANs for this port. The native VLAN is used for classifying the incoming untagged packets. Use the no parameter to revert the native VLAN to the default VLAN ID 1.

Command Syntax
switchport trunk native vlan VLANID no switchport trunk native vlan VLANID <1-4094> The ID of the VLAN that will be used to classify the incoming untagged packets. The VLAN ID must be a part of the VLAN member set of the port.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport trunk native vlan 2

vlan bridge
This command enables or disables the state of a particular VLAN on a bridge basis. Specifying the disable state causes all forwarding over the specified VLAN ID on the specified bridge to cease. Specifying the enable state allows forwarding of frames on the specified VLAN-aware bridge.

Command Syntax
vlan VLANID bridge <1-32> (name VLAN_NAME) (state [enable|disable]) no vlan VLANID bridge <1-32> VLANID The VID of the VLAN that will be enabled or disabled on the bridge <2-4094>. <1-32> The ID of the bridge-group on which the VLAN will be affected. VLAN_NAME The ASCII name of the VLAN. Maximum length: 16 characters. enable Sets VLAN into an enable state. disable Sets VLAN into a disable state.

Command Mode
VLAN Configuration mode

Examples ZebOS# configure terminal ZebOS(config)# vlan database

224

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

ZebOS(config-vlan)#vlan 45 bridge 2 name vlan2 state enable

vlan classifier ipv4

Use this command to create an IPv4 subnet-based VLAN classifier rule and map it to a specific VLAN.

Command Syntax
vlan classifier <1-256> ipv4 A.B.C.D/M vlan <2-4094> no vlan classifier <1-256> ipv4 A.B.C.D/M <1-256> VLAN Classifier identifier A.B.C.D/M IP Subnet <2-4094> VLAN to which an untagged packet is mapped.

Command Mode
Configure mode

Usage
If the source IP address matches the IP subnet specified in the VLAN classifier rule, the received packets are mapped to the specified VLAN.

Command Example ZebOS# configure terminal ZebOS(config)# vlan classifier 3 ipv4 3.3.3.3/8 vlan 5

vlan classifier mac

Use this command to create a MAC address-based VLAN classifier rule, and map it to a specific VLAN. Use the no parameter with this command to delete the specified VLAN classifier rule.

Command Syntax
vlan classifier <1-256> mac WORD vlan <2-4094> no vlan classifier <1-256> (mac WORD) <1-256> VLAN classifier identifier WORD Mac address <2-4094> VLAN to which an untagged packet is mapped

Command Mode
Configure mode

Usage
If the source MAC address matches the MAC address specified in the VLAN classifier rule, the untagged received frames are mapped to the specified VLAN.

Example ZebOS# configure terminal ZebOS(config)# vlan classifier 33 mac 00-0C-BB-13-2F-88 vlan 35

2001-2007 IP Infusion Inc. Confidential

225

NSM Layer-2 Commands

vlan classifier proto

Use this command to create a protocol type-based VLAN classifier rule, and map it to a specific VLAN.

Command Syntax
vlan classifier <1-256> proto (Ethernet|appletalk|ipx|llc|<0-65535>)vlan <2-4094> <1-256> VLAN Classifier identifier proto Type of protocol Ethernet Ethernet protocol appletalk Appletalk protocol ipx IPX protocol llc LLC protocol <0-65535> Other protocol values <2-4094> VLAN to which an untagged packet is mapped

Command Mode
Configure mode

Usage
If the protocol type matches the protocol specified in the VLAN classifier rule, the received packets are mapped to the specified VLAN.

Example ZebOS# configure terminal ZebOS(config)# vlan classifier 34 proto ethernet vlan 444

vlan database
Use this command to enter the VLAN configuration mode.

Command Syntax
vlan database

Command Mode
Configure mode

Usage
Use this command to enter the VLAN configuration mode, and add, delete, or modify values associated with a single VLAN.

Examples
In the following example, note the change to VLAN configuration mode from Configure mode:

ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)#

226

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Related Commands
vlan bridge

vlan mtu bridge

Use this command to set the Maximum Transmission Unit (MTU) for a specified VLAN. Any packet with a size greater than the configured MTU is discarded. Use the no parameter to reset the MTU configuration for the VLAN.

Command Syntax
vlan VLANID mtu MTU_VALUE bridge BRIDGE_NAME no vlan VLANID mtu bridge BRIDGE_NAME VLANID The ID of the VLAN for which the MTU has to be set. MTU_VALUE The value of the Maximum Transmission Unit. BRIDGE_NAME The name of the bridge on which VLAN is configured.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# vlan 2 mtu 1000 bridge 1

vlan state
This command enables or disables the state of a particular VLAN on the default bridge. Specifying the disable state causes all forwarding over the specified VLAN ID on the bridge to cease. Specifying the enable state allows forwarding of frames on the bridge. Using the no parameter with this command also disables the state of a particular VLAN on the default bridge.

Command Syntax vlan VLANID (name VLAN_NAME) state enable|disable no vlan VLANID VLANID ID of the VLAN that will be enabled or disabled on the bridge <2-4094>. VLAN_NAME Optional. ASCII name of the VLAN. Maximum length: 16 characters. enable Sets VLAN into an enable state. disable Sets VLAN into a disable state. Command Mode
VLAN Configuration mode

Examples ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)#vlan 45 name vlan2 state enable

2001-2007 IP Infusion Inc. Confidential

227

NSM Layer-2 Commands

Related Commands
vlan bridge

Private-VLAN Commands
private-vlan association bridge
Use this command to associate a secondary vlan to a primary vlan. Only one isolated vlan can be associated to a primary vlan. Multiple community vlans can be associated to a primary vlan. Use the no form of this command to remove association of all the secondary vlans to a primary vlan.

Command Syntax
private-vlan PRIMARY_VLAN_ID association add SECONDARY_VLAN_ID bridge <1-32> private-vlan PRIMARY_VLAN_ID association remove SECONDARY_VLAN_ID bridge <1-32> no private-vlan PRIMARY_VLAN_ID association bridge <1-32> PRIMARY_VLAN_ID VLAN ID of the primary vlan SECONDARY_VLAN_ID VLAN ID of the secondary vlan (either isolated or community)

Command Mode
VLAN Configuration mode

Example ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)# private-vlan 2 association add 3-4 bridge 1 ZebOS(config-vlan)# private-vlan 2 association remove 3-4 bridge 1 ZebOS(config-vlan)# no private-vlan 2 association bridge 1

private-vlan bridge
Use this command to create community, isolated or primary vlan. Use the no form of this command to remove the specified private vlan.

Command Syntax
private-vlan VLAN_ID (community | isolated | primary) bridge <1-32> no private-vlan VLAN_ID (community | isolated | primary) bridge <1-32> VLAN_ID community isolated primary bridge VLAN ID of the vlan which is to be made a private vlan. Community vlan Isolated vlan Primary vlan Bridge ID

Command Mode
VLAN Configuration mode

228

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Example ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)# vlan 2 bridge 1 name vlan2 state enable ZebOS(config-vlan)# vlan 3 bridge 1 name vlan3 state enable ZebOS(config-vlan)# vlan 4 bridge 1 name vlan3 state enable ZebOS(config-vlan)# private-vlan 2 primary bridge 1 ZebOS(config-vlan)# private-vlan 3 isolated bridge 1 ZebOS(config-vlan)# private-vlan 4 community bridge 1

switchport mode private-vlan

Use this command to make a layer2 port as a host port or promiscuous port. Use the no form of this command to remove the configuration.

Command Syntax
switchport mode private-vlan (host | promiscuous) no switchport mode private-vlan (host | promiscuous) host This port type can communicate with all other host ports assigned to the same community vlan, but it cannot communicate with the ports in the same isolated vlan. All communications outside of this vlan must pass through a promiscuous port in the associated primary vlan. promiscuous A promiscuous port can communicate with all interfaces, including the community and isolated ports within a private VLAN

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)# switchport mode private-vlan host ZebOS(config)#interface eth1 ZebOS(config-if)# switchport mode private-vlan promiscuous ZebOS(config)#interface eth2 ZebOS(config-if)# no switchport mode private-vlan promiscuous

switchport private-vlan host-association

Use this command to associate a primary vlan and a secondary vlan to a host port. Only one primary and secondary vlan can be associated to a host port. Use the no form of this command to remove the association.

Command Syntax
switchport private-vlan host-association PRIMARY_VLAN_ID add SECONDARY_VLAN_ID no switchport private-vlan host-association PRIMARY_VLAN_ID PRIMARY_VLAN_ID SECONDARY_VLAN_ID VLAN ID of the primary vlan VLAN ID of the secondary vlan (either isolated or community)

2001-2007 IP Infusion Inc. Confidential

229

NSM Layer-2 Commands

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport private-vlan host-association 2 add 3
ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# no switchport private-vlan host-association

switchport private-vlan mapping

Use this command to associate a primary vlan and a set of secondary vlans to a promiscuous port. Use the no form of this to remove all the association of secondary vlans to primary vlans for a promiscuous port.

Command Syntax
switchport private-vlan mapping PRIMARY_VLAN_ID add SECONDARY_VLAN_ID switchport private-vlan mapping PRIMARY_VLAN_ID remove SECONDARY_VLAN_ID no switchport private-vlan mapping PRIMARY_VLAN_ID VLAN ID of the primary vlan SECONDARY_VLAN_ID VLAN ID of the secondary vlan (either isolated or community)

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport private-vlan mapping 2 add 3-4 ZebOS(config-if)# switchport private-vlan mapping 2 remove 3-4 ZebOS(config-if)# no switchport private-vlan mapping

show vlan private-vlan bridge

Use this command to display the private-vlan configuration and associations.

Command Syntax
show vlan private-vlan bridge <1-32>

Command Mode
Privileged Exec mode

Example ZebOS# show vlan private-vlan bridge 1 PRIMARY SECONDARY TYPE -----------------------2 3 isolated

INTERFACES ----------

230

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

community

GMRP Commands
clear gmrp statistics
Use this command to clear GMRP statistics for a given VLAN or all the VLANs configured on the Layer-2 switch.

Command Syntax
clear gmrp statistics [all|vlan VLAN-ID] bridge <1-32> all Clear GMRP statistics for all the VLANs. VLAN-ID = vlanid <1 to 4094> Clear GMRP statistics for the particular VLAN_ID.

Default
This default clearing is for all the configured VLANs

Command Mode
Privileged Exec mode

Examples
This example shows how to clear the GMRP statistics for a given VLAN 12.

ZebOS# clear gmrp statistics vlan 12 bridge 2

This example shows to clear the GMRP statistics for all the configured VLANs on a bridge.

ZebOS# clear gmrp statistics all bridge 2

debug gmrp
Use this command to put various types of data to the console. Use the no parameter to turn off a specific type of debugging. Use the all parameter to display all types on the console, or use any combination of the other parameters to display pertinent data on the console.

Command Syntax
(no) debug gmrp event|cli|timer|packet|all event use this parameter to echo events to the console. cli use this parameter to echo commands to the console. timer use this parameter to echo the time start to the console. packet use this parameter to echo packet contents to the console. all to echo all of the above data types to the console.

Command Modes
Configure mode

Default
If this command is not used, no debugging data is displayed on the console.

2001-2007 IP Infusion Inc. Confidential

231

NSM Layer-2 Commands

Examples
This example shows set debugging for commands and packets:

ZebOS# configure terminal ZebOS(config)# debug gmrp cli

set gmrp
Use this command to enable or disable GMRP globally on the default bridge. This command does not enable or disable GMRP in all ports of the bridge. After enabling GMRP globally, use the set port gmrp command to enable GMRP on individual ports of the bridge.

Command Syntax set gmrp enable|disable enable Enable GMRP on a Layer-2 switch. disable Disable GMRP on a Layer-2 switch Default
If this command is not used, GMRP is disabled.

Command Modes
Configure mode

Usage
GMRP cannot be enabled if IGMP Snooping is enabled, or if GMRP has already been configured for a particular VLAN.

Examples ZebOS# configure terminal ZebOS(config)# set gmrp enable Related Commands
set gmrp bridge

set gmrp bridge

Use this command to enable/disable GMRP globally on a particular bridge. This command does not enable/disable GMRP in all ports of the bridge. After enabling GMRP globally, use the set port gmrp command to enable GMRP on individual ports of the bridge.

Command Syntax
set gmrp enable|disable bridge <1-32> enable Enable GMRP on Layer-2 switch. disable Disable GMRP on Layer-2 switch <1-32> Bridge-group ID used for bridging.

Default
If this command is not used, GMRP is disabled.

232

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Modes
Configure mode

Usage
GMRP cannot be enabled if IGMP Snooping is enabled, or if GMRP has already been configured for a particular VLAN.

Examples
To enable GMRP on a Layer-2 switch for a particular bridge 2:

ZebOS# configure terminal ZebOS(config)# set gmrp enable bridge 2 GMRP is enabled for bridge 2
To enable GMRP on a Layer-2 switch on a particular bridge 3 when IGMP Snooping is enabled:

ZebOS# configure terminal ZebOS(config)# set gmrp enable bridge 3 Disable IGMP Snooping and then enable GMRP on bridge 3

set gmrp extended-filtering bridge

Use this command to enable or disable extended filtering on a bridge as per Table 8-7 of IEEE802.1Q-2003.

Command Syntax
set gmrp extended-filtering enable|disable bridge BRIDGE NAME <1-32> enable Enables extended filtering services on the bridge disable Disabled extended filtering services on the bridge <1-32> Bridge-group ID used for bridging

Default
Extended filtering is disabled on a GMRP enabled bridge.

Command Mode
Privileged Exec

Examples
Enable extended filtering services on bridge 1 ZebOS# set gmrp extended-filtering enable bridge 1 Disable extended filtering services on bridge 1 ZebOS# set gmrp extended-filtering disable bridge 1

set gmrp fwdall

Use this command to set the GMRP forward all option for an interface.

Command Syntax
set gmrp fwdall enable|disable IF_NAME

2001-2007 IP Infusion Inc. Confidential

233

NSM Layer-2 Commands

Default
If this command is not used, the default setting is GMRP disabled.

Command Modes
Configure mode

Examples
To enable GMRP forwarding on a Layer-2 switch for a particular interface: IPInfusion (enable)> set gmrp fwdall enable eth1

set gmrp registration

Use this command to set GMRP registration type for all ports for a given bridge.

Command Syntax
set gmrp registration normal|fixed|forbidden PORT-NAME bridge <1-32> normal Specify dynamic GMRP multicast registration and deregistration on the port. fixed Specify the multicast groups currently registered on the switch are applied to the port, but any subsequent registrations or deregistrations do not affect the port. Any registered multicast groups on the port are not deregistered based on the GARP timers. forbidden Specify that all GMRP multicasts are deregistered, and prevent any further GMRP multicast registration on the port. PORT-NAME Defines a text string used as the name of the interface; ASCII string from 1 to 16 characters. <1-32> Bridge-group ID used for bridging.

Default
The default is normal registration for all the ports

Command Modes
Configure mode

Usage
To deregister a multicast port, the port must be in the normal registration mode.

Examples
This example shows how to set the port to normal registration:

ZebOS# set gmrp registration normal eth0 bridge 2 GMRP Registration is set to normal for eth0

set gmrp timer

Use this command to set the values for the GMRP Join, Leave, and Leaveall timers for a specified bridge.

Command Syntax
set gmrp timer [join |leave |leaveall] TIMER_VALUE IFNAME join Type of timer

234

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands leave Type of timer leaveall Type of timer TIMER_VALUE Timer value in hundredths of a second. IFNAME Specify the name of the interface.

Default
The default is the join timer (200 milliseconds); the leave timer is 600 milliseconds (ms); and the leaveall timer is 10000 ms.

Command Modes
Configure mode

Usage
The relationship for the timer values are as following: Leave timer must be greater than, or equal to, three times the join timer. Leaveall timer must be greater than the leave timer.

Examples
This example shows how to set the join timers for all ports and all VLANs.

ZebOS# configure terminal ZebOS(config)# set gmrp join timer 100 eth0 GARP Join timer value is set to 100 centiseconds

set gmrp vlan

To enable/disable GMRP on a Layer-2 switch for a particular VLAN.

Command Syntax
set gmrp enable|disable bridge <1-32> vlan <1-4094> enable Enable GMRP on Layer-2 switch for the specified VLAN. disable Disable GMRP on Layer-2 switch for the specified VLAN. <1-32> Bridge-group ID used for bridging. <1-4094> VLAN number on which GMRP is to be enabled.

Command Modes
Configure mode

Usage
GMRP on a VLAN basis cannot be enabled if IGMP Snooping is enabled, or if GMRP is globally enabled.

Examples
To enable GMRP on a Layer-2 switch for a particular bridge (2) and VLAN 2: ZebOS# configure terminal ZebOS(config)# set gmrp enable bridge 2 vlan 2 To disable GMRP on a Layer-2 switch for a particular bridge (2) and VLAN 2:

2001-2007 IP Infusion Inc. Confidential

235

NSM Layer-2 Commands

ZebOS# configure terminal ZebOS(config)# set gmrp disable bridge 2 vlan 2

set port gmrp

To enable/disable GMRP on a particular port in all VLANs or all ports in a bridge.

Command Syntax
set port gmrp enable|disable all|IFNAME enable Enable GMRP on Layer-2 switch port disable Disable GMRP on Layer-2 switch port all All ports added to recently configured bridge IFNAME Specify the name of the interface.

Default
By default, GMRP is disabled.

Command Modes
Configure mode

Usage
GMRP on a port cannot be enabled for all VLANs if GMRP has already been configured for a particular VLAN for the port.

Examples
This example shows how to enable GMRP on a particular port in all VLANs on a specified bridge. ZebOS# configure terminal ZebOS(config)# set port gmrp enable eth0 GMRP enabled on port eth0 ZebOS# configure terminal ZebOS(config)# set port gmrp enable all GMRP enabled on all ports added to recently configured bridge

set port gmrp vlan

To enable/disable GMRP on a particular port in a particular VLAN.

Command Syntax
set port gmrp enable|disable IFNAME vlan <1-4094> enable Enable GMRP on Layer-2 switch port disable Disable GMRP on Layer-2 switch port IFNAME Specify the name of the interface. <1-4094> VLAN number on which GMRP is to be enabled.

236

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Usage
GMRP cannot be enabled on a VLAN basis if it has been enabled for all VLANs for the port. GMRP cannot be enabled for a port for a VLAN if GMRP is not enabled for the VLAN for the bridge.

Command Modes
Configure mode

Examples
This example shows how to enable GMRP on a specified port (eth0) in VLAN 2. ZebOS# configure terminal ZebOS(config)# set port gmrp enable eth0 vlan 2 GMRP enabled on port eth0 and vlan 2

show gmrp configuration

Use this command to display GMRP related configuration information for the default bridge. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show gmrp configuration Command Mode

Privileged Exec mode

Related Commands
show gmrp configuration bridge

show gmrp configuration bridge

To display GMRP related configuration information for a given bridge. To modify the lines displayed, use the | (output modifier token) and to save the output to a file, use the > (output redirection token). For more information, see ZebOS Command Line Interface Environment.

Command Syntax
show gmrp configuration bridge <1-32> <1-32> Bridge-group ID used for bridging.

Command Mode
Privileged Exec mode

Default
None.

Usage
The following is an output of this command displaying GMRP related configuration information:

2001-2007 IP Infusion Inc. Confidential

237

NSM Layer-2 Commands

ZebOS# show gmrp configuration bridge 2 Global GMRP Configuration for bridge :2 GMRP Feature: Enabled GMRP Timers (centiseconds): Join: 20 Leave: 60 Leave All: 1000 Port based GMRP Configuration: GMRP Status Registration Forward All Port -------------------------------------------------Enabled Normal Disabled eth4 Enabled Normal Disabled eth5 where: GMRP Status Status of GMRP for the particular port. Registration Registration status of GMRP for the particular port. Forward All Forward All status of GMRP for the particular port. Ports Ports that have GMRP Enabled or Disabled.

Examples show gmrp configuration bridge 3

show gmrp machine

Use this command to display the state machine for GMRP, for the default bridge. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show gmrp machine Command Mode

Exec and Privileged Exec modes

Related Commands
show gmrp machine bridge

show gmrp machine bridge

Use this command to display the state machine for GMRP, for a particular bridge.

Command Syntax
show gmrp machine bridge <1-32> <1-32> Bridge-group ID used for bridging.

238

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Exec and Privileged Exec modes

Usage
The following is an output of this command displaying the GMRP state machine. ZebOS# show gmrp machine bridge 2 port = eth0 VLAN = 1 applicant applicant port = eth1 VLAN = 1 applicant applicant state[0] state[1] state[0] state[1] = = = = VO VO VO VO registrar registrar registrar registrar state[0] state[1] state[0] state[1] = = = = MT MT MT MT

Example ZebOS# show gmrp machine bridge 2

show gmrp statistics

To display the GMRP related statistics.

Command Syntax
show gmrp statistics

Command Modes
Privileged Exec mode

Examples
The following is an output of this command displaying GMRP statistics. ZebOS# show gmrp statistics GMRP Statistics for bridge b vlan 1 --------------------------------------------------Total GMRP packets Received: 0 Join Empties: 0 Join Ins: 0 Leave Empties: 0 Leave Ins: 0 Empties: 0 Total GMRP packets Transmitted: Join Empties: Join Ins: Leave Empties: Leave Ins: Empties: 0 0 0 0 0 0

show gmrp timer

To display GMRP timer values on a specified interface.

2001-2007 IP Infusion Inc. Confidential

239

NSM Layer-2 Commands

Command Syntax
show gmrp timer IFNAME IFNAME Specify the name of the interface.

Command Modes
Privileged Exec mode

Usage
The following is an output of this command displaying the GMRP timer values for interface eth4. ZebOS# show gmrp timer eth4 Timer Timer Value (centiseconds) -----------------------------------------Join 20 Leave 60 Leave All 1000

Examples ZebOS# show gmrp timer eth0

GVRP Commands
clear gvrp statistics
Use this command to clear GVRP statistics for all VLANs or a specific VLAN.

Command Syntax
clear gvrp statistics all bridge <1-32> clear gvrp statistics vid VLANID bridge <1-32> <1-32> Bridge-group ID used for bridging. VLANID = <1-4094> Specify VLAN ID value.

Command Mode
Privileged Exec mode

Examples ZebOS# clear gvrp statistics vid 333 bridge 2

debug gvrp
Use this command to debug GVRP events, packets, timer starts, and commands, sending output to the console. Use the no parameter to turn off debugging.

Command Syntax
(no) debug gvrp (all|event|cli|timer|packet) all = turns on or off debugging for all levels.

240

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands event = turns on or off debugging for events. cli = turns on or off debugging for commands. timer = turns on or off debugging for timer starts. packet = turns on or off debugging for packets.

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# debug gvrp all

set gvrp
Use this command to enable (set) and disable (reset) GVRP globally for the default bridge instance. This command does not enable or disable GVRP in all ports of the bridge. After enabling GVRP globally, use the set port gvrp command to enable GVRP on individual ports of the bridge.

Command Syntax set gvrp enable|disable enable Enable GMRP on a Layer-2 switch. disable Disable GMRP on a Layer-2 switch Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp enable ZebOS(config)# set gvrp disable Related Commands
set gvrp bridge

set gvrp applicant

Use this command to set the GVRP applicant state to normal or active.

Command Syntax
set gvrp applicant state [active|normal] IFNAME active Active state normal Normal state IFNAME Name of the interface.

Command mode
Configure mode

2001-2007 IP Infusion Inc. Confidential

241

NSM Layer-2 Commands

Examples ZebOS# configure terminal ZebOS(config)# set gvrp applicant state active eth0

set gvrp bridge

Use this command to enable (set) and disable (reset) GVRP globally for the bridge instance. This command does not enable/disable GVRP in all ports of the bridge. After enabling GVRP globally, use the set port gvrp command to enable GVRP on individual ports of the bridge.

Command Syntax
set gvrp enable bridge <1-32> set gvrp disable bridge <1-32> <1-32> Bridge-group ID used for bridging.

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp enable bridge 2

set gvrp dynamic-vlan-creation

Use this command to enable or disable dynamic VLAN creation for the default bridge instance.

Command Syntax set gvrp dynamic-vlan-creation enable|disable enable Enables dynamic VLAN creation for the default bridge instance disable Disables dynamic VLAN creation for the default bridge instance Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp dynamic-vlan-creation enable ZebOS(config)# set gvrp dynamic-vlan-creation disable Related Commands
set gvrp dynamic-vlan-creation bridge

set gvrp dynamic-vlan-creation bridge

Use this command to enable and disable dynamic VLAN creation for a specific bridge instance.

Command Syntax
set gvrp dynamic-vlan-creation enable bridge <1-32>

242

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

set gvrp dynamic-vlan-creation disable bridge <1-32> <1-32> Bridge-group ID used for bridging.

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp dynamic-vlan-creation enable bridge 2 ZebOS(config)# set gvrp dynamic-vlan-creation disable bridge 2

set gvrp registration

Use this command to set GVRP Registration to normal, fixed, and forbidden Registration mode for a given port.

Command Syntax
set gvrp registration normal IF_NAME set gvrp registration fixed IF_NAME set gvrp registration forbidden IF_NAME normal Specify dynamic GVRP multicast registration and deregistration on the port. fixed Specify the multicast groups currently registered on the switch are applied to the port, but any subsequent registrations or deregistrations do not affect the port. Any registered multicast groups on the port are not deregistered based on the GARP timers. forbidden Specify that all GVRP multicasts are deregistered, and prevent any further GVRP multicast registration on the port. IF_NAME The name of the interface.

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp registration fixed eth0

set gvrp timer

Use this command to set GVMRP timers for a specific interface.

Command Syntax
set gvrp timer [join|leave|leaveall] TIMER_VALUE IF_NAME join to set the timer for joining the group. leave to set the timer for leaving a group. leaveall to set the time for leaving all groups. TIMER_VALUE = <1-65535> The timer value in hundredths of a second. IF_NAME The name of the interface.

2001-2007 IP Infusion Inc. Confidential

243

NSM Layer-2 Commands

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp timer leave 245 eth0

set port gvrp

Use this command to enable and disable GVRP on a port or all ports in a bridge.

Command Syntax
set port gvrp enable all|IFNAME set port gvrp disable all|IFNAME all All ports added to recently configured bridge. IFNAME The name of the interface.

Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set port gvrp enable eth0
ZebOS# configure terminal ZebOS(config)# set port gvrp enable all

show gvrp configuration bridge

Use this command to display GVRP configuration bridge data for a specified bridge instance.

Command Syntax
show gvrp configuration (bridge <1-32>) <1-32> Bridge-group ID used for bridging.

Command mode
Exec and Privileged Exec mode

Usage
The following is an output of this command displaying the GVRP configuration for bridge b. ZebOS# show gvrp configuration bridge 3 Global GVRP Configuration for bridge 3: GVRP Feature: Enabled Dynamic Vlan Creation: Disabled Port based GVRP Configuration: Timers(centiseconds)

244

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Port GVRP Status Registration Applicant Join Leave LeaveAll -------------------------------------------------------------------------------eth4 Enabled Normal Normal 20 60 1000 eth5 Enabled Normal Normal 200 600 10000

Example ZebOS# show gvrp configuration bridge 2

show gvrp machine bridge

Use this command to display the state machine for GVRP.

Command Syntax
show gvrp machine bridge <1-32> <1-32> Bridge-group ID used for bridging.

Command Mode
Exec and Privileged Exec modes

Usage
The following is an output of this command displaying the GVRP state machine. ZebOS# show gvrp machine bridge 2 port = eth5 applicant state = QA port = eth4 applicant state = QA registrar state = INN registrar state = INN

Example ZebOS# show gvrp machine bridge 2

show gvrp statistics

Use this command to display a statistical summary for a bridge.

Command Syntax
show gvrp statistics IFNAME IFNAME Name of the port.

Command mode
Exec and Privileged Exec mode

Usage
The following is an output of this command displaying a statistical summary for bridge 2. ZebOS# show gvrp statistics Bridge: b Port JoinEmpty JoinIn LeaveEmpty LeaveIn Empty -------------------------------------------------------------------------------

2001-2007 IP Infusion Inc. Confidential

245

NSM Layer-2 Commands

eth5 eth4

RX TX RX TX

0 0 0 0

2 0 1 0

0 0 0 0

0 0 1 0

Example ZebOS# show gvrp statistics eth0

show gvrp timer

Use this command to display data for the timers.

Command Syntax
show gvrp timer IF_NAME

Command mode
Exec and Privileged Exec mode

Usage
The following show output displays data for timer on interface eth4. ZebOS# show gvrp timer eth4 Timer Timer Value (centiseconds) -----------------------------------------Join 20 Leave 60 Leave All 1000

MMRP Commands
This section lists the Multiple Multicast Registration Protocol (MMRP) commands for managing bridges. MMRP provides a mechanism to allow end stations and Media Access Control (MAC) bridges to dynamically register or deregister Group membership and individual MAC address information with bridges attached to the same LAN. The operation of MMRP relies upon services provided by the Multiple Registration Protocol (MRP).

clear mmrp statistics

Use this command to clear MMRP statistics information for all interfaces on a bridge.

Command Syntax
clear mmrp statistics all bridge BRIDGE_NAME BRIDGE_NAME Name of the bridge in the range of <1-32>

Command Mode
Exec mode

Usage
This command is used to clear all MMRP statistics information on a specified bridge.

246

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Examples ZebOS# configure terminal ZebOS(config)# clear mmrp statistics all bridge 2

clear mmrp statistics vlanid

Use this command to clear MMRP statistics information on a specific VLAN on a bridge.

Command Syntax
clear mmrp statistics vlanid [1-4094] bridge [1-32] vlanid ID of the VLAN in the range of <1-1094> bridge Name of the bridge in the range of <1-32>

Command Mode
Exec mode

Usage
This command is used to clear MMRP statistics information on a selected VLAN on a specific bridge.

Examples ZebOS# configure terminal ZebOS(config)# clear mmrp statistics vlanid 2 bridge 2

set mmrp
Use this command to enable or disable MMRP globally on the default bridge. This command does not enable or disable MMRP in all ports of the bridge. After enabling MMRP globally, use the set port mmrp command to enable MMRP on individual ports of the bridge.

Command Syntax set mmrp enable|disable enable Enable MMRP on a Layer-2 switch. disable Disable MMRP on a Layer-2 switch Default
If this command is not used, MMRP is disabled.

Command Modes
Configure mode

Usage
MMRP cannot be enabled if IGMP Snooping is enabled, or if MMRP has already been configured for a particular VLAN.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp enable

2001-2007 IP Infusion Inc. Confidential

247

NSM Layer-2 Commands

Related Commands
set mmrp bridge

set mmrp bridge

Use this command to enable or disable MMRP globally on a particular bridge. This command does not enable or disable MMRP in all ports of the bridge. After enabling MMRP globally, use the set port mmrp command to enable MMRP on individual ports of the bridge.

Command Syntax
set mmrp enable|disable bridge <1-32> enable Enable MMRP on Layer-2 switch. disable Disable MMRP on Layer-2 switch <1-32> Bridge-group ID used for bridging.

Default
If this command is not used, MMRP is disabled.

Command Modes
Configure mode

Usage
MMRP cannot be enabled if IGMP Snooping is enabled, or if MMRP has already been configured for a particular VLAN.

Examples
To enable MMRP on a Layer-2 switch for a particular bridge 2:

ZebOS# configure terminal ZebOS(config)# set mmrp enable bridge 2 MMRP is enabled for bridge 2
To enable MMRP on a Layer-2 switch on a particular bridge 3 when IGMP Snooping is enabled:

ZebOS# configure terminal ZebOS(config)# set mmrp enable bridge 3 Disable IGMP Snooping and then enable MMRP on bridge 3

set mmrp disable bridge

Use this command to disable MMRP on an MMRP-enabled bridge.

Command Syntax
set mmrp disable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
This setting is disabled by default.

248

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Configure mode

Usage
Using this command disables MMRP on a specific bridge that was previously MMRP-enabled.

Example ZebOS# configure terminal ZebOS(config)# set mmrp disable bridge 1 Related Commands
set mmrp disable bridge vlan set port mmrp disable

set mmrp disable bridge vlan

Use this command to disable MMRP on a bridge for a specified instance.

Command Syntax
set mmrp disable bridge BRIDGE_NAME vlan VLANID BRIDGE_NAME Name of the bridge in the range of <1-32> VLANID ID of the VLAN in the range of <1-4094>

Default
Disabled by default

Command Mode
Configuration mode

Usage
This command disables MMRP on a selected VLAN ID on a specific MMRP-enabled bridge

ZebOS# configure terminal ZebOS(config)# set mmrp disable bridge 1 vlan 3

Related Commands
set port mmrp disable vlan

set mmrp enable bridge

Use this command to enable MMRP on a bridge.

Command Syntax
set mmrp enable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

2001-2007 IP Infusion Inc. Confidential

249

NSM Layer-2 Commands

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables MMRP on a specific bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp enable bridge 1 Related Commands
set mmrp enable bridge vlan set port mmrp enable

set mmrp enable bridge vlan

Use this command to enable MMRP on a bridge for a specific VLAN instance.

Command Syntax
set mmrp enable bridge BRIDGE_NAME vlan VLANID BRIDGE_NAME An integer in the range of <1 - 32> VLANID An integer in the range of <1- 4094>

Default
This setting is disabled by default.

Command Mode
Configure Mode

Usage
This command is used to enable MMRP on a specific VLAN on a chosen bridge.

Example ZebOS# configure terminal ZebOS(config)# set mmrp enable bridge 1 vlan 3 Related Commands
set port mmrp enable vlan

set mmrp extended-filtering

Use this command to enable or disable extended filtering on the default bridge as per Table 8-7 of IEEE802.1Q-2003.

250

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Syntax set mmrp extended-filtering enable|disable enable Enables extended filtering services on the bridge disable Disables extended filtering services on the bridge Default
Extended filtering is disabled on an MMRP enabled bridge.

Command Mode
Privileged Exec

Related Commands
set mmrp extended-filtering bridge

set mmrp extended-filtering disable bridge

Use this command to disable MMRP extended filtering on a bridge.

Command Syntax
set mmrp extended-filtering disable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
Extended filtering is disabled by default.

Command Mode
Configure mode

Usage
Using this command disables extended filtering on a selected MMRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp extended-filtering disable bridge 2

set mmrp extended-filtering enable bridge

Use this command to enable extended filtering on an MMRP-enabled bridge.

Command Syntax
set mmrp extended-filtering enable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
Extended filtering is disabled by default.

2001-2007 IP Infusion Inc. Confidential

251

NSM Layer-2 Commands

Command Mode
Configure mode

Usage
Using this command enables extended filtering on a chosen bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp extended-filtering enable bridge 2

set mmrp fwdall disable

Use this command to disable the forwardall configuration on a port.

Command Syntax
set mmrp fwdall disable IF_NAME IF_NAME Name of the interface

Default
The forwardall configuration is disabled by default.

Command Mode
Configuration mode

Usage
This command is used to disable the forwardall configuration on a port.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp fwdall disable eth1

set mmrp fwdall enable

Use this command to enable the forwardall configuration on a port.

Command Syntax
set mmrp fwdall enable IF_NAME IF_NAME Name of the interface

Default
The forwardall configuration is disabled by default.

Command Mode
Configuration mode

Usage
This command is used to enable the forwardall configuration on a port.

252

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Examples ZebOS# configure terminal ZebOS(config)# set mmrp fwdall enable eth1

set mmrp timer join

Use this command to set the join timer value on an interface.

Command Syntax
set mmrp timer join TIMER_VALUE|IF_NAME TIMER_VALUE An integer in the range of <0-4294967295> representing milliseconds IF_NAME An interface name

Default
The default value of the MMRP join timer is 200 milliseconds.

Command Mode
Configure mode

Usage
Using this command sets the join timer value for a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp timer join 300 eth1

set mmrp timer leaveall

Use this command to set the leaveall timer value on an interface.

Command Syntax
set mmrp timer leaveall [TIMER_VALUE|IF_NAME] TIMER_VALUE An integer in the range <0-4294967295> representing milliseconds IF_NAME The name of an interface

Default
The default value of the leaveall timer is 10000 milliseconds.

Command Mode
Configure mode

Usage
Using this command sets the leaveall timer value on a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp timer leaveall 20000 eth1

2001-2007 IP Infusion Inc. Confidential

253

NSM Layer-2 Commands

set mmrp pointtopoint enable

Use this command to enable point-to-point behavior on an MMRP-enabled bridge.

Command Syntax
set mmrp pointtopoint enable BRIDGE BRIDGE_NAME An integer in the range of <1 - 32>

Default
Point-to-point behavior is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables point-to-point behavior on an MMRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp pointtopoint enable bridge 2

set mmrp registration fixed

Use this command to set the MMRP registration mode to fixed.

Command Syntax
set mmrp registration fixed IF_NAME IF_NAME The interface name

Default
The default MMRP registration mode is Normal.

Command Mode
Configure mode

Usage
This command is used to set the MMRP registration mode to fixed.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp registration fixed eth1

set mmrp registration forbidden

Use this command to set the MMRP registration mode to forbidden.

254

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Syntax
set mmrp registration forbidden IF_NAME IF_NAME The interface name

Default
The default MMRP registration mode is normal.

Command Mode
Configure mode

Usage
Using this command sets the MMRP management registration mode to forbidden.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp registration forbidden eth1

set mmrp registration normal

Use this command to set the MMRP registration mode to normal.

Command Syntax
set mmrp registration normal IF_NAME IF_NAME The interface name

Default
The default MMRP registration mode is normal.

Command Mode
Configure mode

Usage
This command is used to set the MMRP management registration mode to normal.

Examples ZebOS# configure terminal ZebOS(config)# set mmrp registration normal eth1

set port mmrp disable

Use this command to disable MMRP on a selected port, or on all ports on a bridge.

Command Syntax
set port mmrp disable IF_NAME|all IF_NAME The interface name of the port all All interfaces on the bridge

2001-2007 IP Infusion Inc. Confidential

255

NSM Layer-2 Commands

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
This command is used to disable MMRP on a selected interface or on all interfaces on a bridge.

Examples
To disable MMRP on a selected interface on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mmrp disable eth1

To disable MMRP on all interfaces on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mmrp disable all

Related Commands
set port mmrp disable vlan

set port mmrp disable vlan

Use this command to disable MMRP on a particular VLAN on a port.

Command Syntax
set port mmrp disable IF_NAME vlan VLANID IF_NAME The interface name of the port VLANID An integer in the range of <1 - 4094> that identifies the VLAN

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
This command is used to disable MMRP on a selected VLAN on a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# set port mmrp disable eth1 vlan 4 Related Commands
set port mmrp disable

256

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

set port mmrp enable

Use this command to enable MMRP on a selected port, or on all ports on a bridge.

Command Syntax
set port mmrp enable IF_NAME|all IF_NAME The interface name of the port all All interfaces on the bridge

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
.This command lets you enable MMRP on a selected interface on a bridge or on all interfaces on a bridge

Examples
To enable MMRP in a selected interface on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mmrp enable eth1

To enable MMRP in all interfaces on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mmrp enable all

set port mmrp enable vlan

Use this command to enable MMRP on a particular VLAN on a port.

Command Syntax
set port mmrp enable IF_NAME vlan VLANID IF_NAME The interface name of the port VLANID An integer in the range of <1 - 4094> that identifies the VLAN

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables MMRP functionality on a selected VLAN on a specific port.

Examples ZebOS# configure terminal

2001-2007 IP Infusion Inc. Confidential

257

NSM Layer-2 Commands

ZebOS(config)# set port mmrp enable eth1 vlan 4

Related Commands
set port mmrp enable

show mmrp configuration

Use this command to display MMRP related configuration information for the default bridge. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show mmrp configuration Command Mode

Privileged Exec mode

Related Commands
show mmrp configuration bridge

show mmrp configuration bridge

Use this command to display the MMRP configuration for an MMRP-enabled bridge.

Command Syntax
show mmrp configuration bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Command Mode
Exec mode

Usage
The following sample output from this command displays MMRP-related configuration information for bridge 2. ZebOS# show mmrp configuration bridge 2 Global MMRP Configuration for bridge :2 MMRP Feature: Enabled Port based MMRP Configuration: Timers(centiseconds) Port MMRP Status Registration Forward All Join Leave LeaveAll --------------------------------------------------------------------------------------eth2 Enabled Normal Disabled 20 60 1000

Examples ZebOS# configure terminal ZebOS(config)# show mmrp configuration bridge 2

258

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

show mmrp machine

Use this command to display the state machine for MMRP, for the default bridge. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax show mmrp machine Command Mode

Exec and Privileged Exec modes

Related Commands
show mmrp machine bridge

show mmrp machine bridge

Use this command to display the MMRP machine state on a bridge.

Command Syntax
show mmrp machine bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Command Mode
Exec mode

Usage
The following sample output from this command displays the MMRP state machine information. ZebOS#show mmrp machine bridge 1 port = eth 2 VLAN = 1 applicant state[0] = LO applicant state[1] = LO

registrar state[0] = MT registrar state[1] = MT

Examples ZebOS# configure terminal ZebOS(config)# show mmrp machine bridge 2

show mmrp statistics vlanid bridge

Use this command to display MMRP statistics for a specific VLAN bridge.

Command Syntax
show mmrp statistics vlanid [1-4094] bridge [1-32] <1-4094> An integer within this range used to identify a VLAN <1-32> An integer within this range used to identify a bridge

Command Mode
Exec mode

2001-2007 IP Infusion Inc. Confidential

259

NSM Layer-2 Commands

Usage
The following sample output from this command displays the MMRP statistics for bridge 1 and VLAN 1. ZebOS#show mmrp statistics vlanid 1 bridge 1 MMRP Statistics for bridge 1 vlan 1 --------------------------------------------Total MMRP packets Received: 0 Leave alls: 0 Join Empties: 0 Join Ins: 0 New Empties: 0 New Ins: 0 Empties: 0 Total MMRP packets Transmitted: Leave alls: Join Empties: Join Ins: New Empties: New Ins: Empties: 0 0 0 0 0 0 0

Examples ZebOS# configure terminal ZebOS(config)# show mmrp statistics vlanid 2 bridge 2

show mmrp timer

Use this command to display MMRP timer values associated with an interface.

Command Syntax
show mmrp timer IF_NAME IF_NAME The interface name

Command Mode
Configure mode

Usage
The following sample output from this command displays all MMRP timer values associated with the interface eth2. ZebOS#show mmrp timer eth2 Timer Timer Value (centiseconds) -----------------------------------------Join 20 Leave 60 Leave All 1000

Examples ZebOS# configure terminal ZebOS(config)# show mmrp timer eth2

260

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

MVRP Commands
This section contains the Multiple VLAN Registration Protocol (MVRP) commands. MVRP uses the Multiple Registration Protocol (MRP) attribute declaration and propagation features to dynamically establish and update VLAN information, for example, which VLAN has active members and through which ports can those members be reached.

clear mvrp statistics

Use this command to clear the MVRP statistics for an interface.

Command Syntax
clear mvrp statistics IF_NAME IF_NAME The name of the interface

Default
This functionality is disabled by default.

Command Mode
Exec mode

Usage
Using this command clears all MVRP statistics for a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# clear mvrp statistics eth1

clear mvrp statistics all

Use this command to clear the MVRP statistics on all interfaces on an MVRP-enabled bridge.

Command Syntax
clear mvrp statistics all

Default
This functionality is disabled by default.

Command Mode
Exec mode

Usage
Using this command clears the MVRP statistics for all interfaces on an MVRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# clear mvrp statistics all

2001-2007 IP Infusion Inc. Confidential

261

NSM Layer-2 Commands

clear mvrp statistics bridge

Use this command to clear the MVRP statistics for a bridge.

Command Syntax
clear mvrp statistics bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 32>

Default
This functionality is disabled by default.

Command Mode
Exec mode

Usage
Using this command clears MVRP statistics on a specific MVRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# clear mvrp statistics bridge 2

set mvrp
Use this command to enable (set) and disable (reset) MVRP globally for the default bridge instance. This command does not enable or disable MVRP in all ports of the bridge. After enabling MVRP globally, use the set port mvrp command to enable MMRP on individual ports of the bridge.

Command Syntax set mvrp enable|disable enable Enable MVRP on a Layer-2 switch. disable Disable MVRP on a Layer-2 switch Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set gvrp enable ZebOS(config)# set gvrp disable Related Commands
set mvrp bridge

set mvrp applicant state active

Use this command to set the MVRP applicant state to active.

262

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Syntax
set mvrp applicant state active IF_NAME IF_NAME The name of the interface

Default
The default MVRP applicant state is normal.

Command Mode
Configure mode

Usage
Using this command sets the MVRP applicant state to active.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp applicant state active eth1

set mvrp applicant state normal

Use this command to set the MVRP applicant state to normal.

Command Syntax
set mvrp applicant state normal IF_NAME IF_NAME The name of the interface

Default
The default MVRP applicant state is normal.

Command Mode
Configure mode

Usage
Using this command sets the MVRP applicant state to normal.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp applicant state normal eth1

set mvrp disable bridge

Use this command to disable MVRP functionality on a bridge.

Command Syntax
set mvrp disable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

2001-2007 IP Infusion Inc. Confidential

263

NSM Layer-2 Commands

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command disables MVRP on a specific bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp disable bridge 1

set mvrp dynamic-vlan-creation

Use this command to enable or disable dynamic VLAN creation for the default bridge instance.

Command Syntax set mvrp dynamic-vlan-creation enable|disable enable Enables dynamic VLAN creation for the default bridge instance disable Disables dynamic VLAN creation for the default bridge instance Command mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# set mvrp dynamic-vlan-creation enable ZebOS(config)# set mvrp dynamic-vlan-creation disable Related Commands
set mvrp dynamic-vlan-creation bridge

set mvrp dynamic-vlan-creation disable bridge

Use this command to disable dynamic VLAN creation on an MVRP-enabled bridge.

Command Syntax
set mvrp dynamic-vlan-creation disable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
This setting is disabled by default.

Command Mode
Configure mode

264

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Usage
Using this command disables dynamic VLAN creation on a specific MVRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp dynamic-vlan-creation disable bridge 1

set mvrp dynamic-vlan-creation enable bridge

Use this command to enable dynamic VLAN creation on an MVRP-enabled bridge.

Command Syntax
set mvrp dynamic-vlan-creation enable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables dynamic VLAN creation on a specific MVRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp dynamic-vlan-creation enable bridge 1

set mvrp enable bridge

Use this command to enable MVRP functionality on a bridge.

Command Syntax
set mvrp enable bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables MVRP functionality on a specific bridge.

Examples ZebOS# configure terminal

2001-2007 IP Infusion Inc. Confidential

265

NSM Layer-2 Commands

ZebOS(config)# set mvrp enable bridge 1

set mvrp timer join

Use this command to set the MVRP join timer value for a selected interface.

Command Syntax
set mvrp timer join TIMER_VALUE|IF_NAME TIMER_VALUE An integer in the range <0-4294967295> representing milliseconds IF_NAME The name of the interface

Default
The default join timer value is 200 milliseconds.

Command Mode
Configure mode

Usage
Using this command sets the MVRP join timer value for a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp timer join 300 eth1

set mvrp timer leave

Use this command to set the MVRP leave timer value on an interface.

Command Syntax
set mvrp timer leave TIMER_VALUE|IF_NAME TIMER_VALUE An integer in the range of <0-4294967295> representing milliseconds IF_NAME The name of the interface

Default
The default MVRP leave timer value is 200 milliseconds.

Command Mode
Configure mode

Usage
Using this command sets the MVRP leave timer value for a specific interface.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp timer leave 300 eth1

266

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

set mvrp timer leaveall

Use this command to set the MVRP leaveall timer value on an interface.

Command Syntax
set mvrp timer leaveall TIMER_VALUE|IF_NAME TIMER_VALUE An integer in the range <0-4294967295> representing milliseconds IF_NAME An interface name

Default
The default MVRP leaveall timer value is 10000 milliseconds.

Command Mode
Configure mode

Usage
Using this command sets the MVRP leaveall timer value for an interface.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp timer leaveall 20000 eth1

set mvrp pointtopoint enable

Use this command to enable point-to-point behavior on a bridge.

Command Syntax
set mvrp pointtopoint enable BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>.

Default
Point-to-point operation is disabled by default.

Command Mode
Configure Mode

Usage
Using this command enables point-to-point operation on a specific MVRP-enabled bridge.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp pointtopoint enable bridge 2

set mvrp registration fixed

Use this command to set the MVRP registration mode to fixed.

2001-2007 IP Infusion Inc. Confidential

267

NSM Layer-2 Commands

Command Syntax
set mvrp registration fixed IF_NAME IF_NAME The name of the interface

Default
The default MVRP registration mode is normal.

Command Mode
Configure mode

Usage
Using this command sets the MVRP management registration mode to fixed.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp registration fixed eth1

set mvrp registration forbidden

Use this command to set the MVRP registration mode to forbidden.

Command Syntax
set mvrp registration forbidden IF_NAME IF_NAME The name of the interface.

Default
The default MVRP registration mode is normal.

Command Mode
Configure mode

Usage
Using this command sets the MVRP management registration mode to forbidden.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp registration forbidden eth1

set mvrp registration normal

Use this command to set the MVRP registration mode to normal.

Command Syntax
set mvrp registration normal IF_NAME IF_NAME An interface name

268

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Default
The default MVRP registration mode is normal.

Command Mode
Configure mode

Usage
Using this command sets the MVRP management registration mode to normal.

Examples ZebOS# configure terminal ZebOS(config)# set mvrp registration normal eth1

set port mvrp disable

Use this command to disable MVRP on a selected port or on all ports on a bridge.

Command Syntax
set port mvrp enable IF_NAME|all IF_NAME An interface name all All interfaces on the bridge

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command disables MVRP on a selected port, or on all ports on a bridge.

Examples
To disable MVRP on a selected interface on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mvrp disable eth1

To disable MVRP on all interfaces on a bridge, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mvrp disable all

Related Commands
set port mvrp disable vlan

set port mvrp enable

Use this command to enable MVRP on a port.

2001-2007 IP Infusion Inc. Confidential

269

NSM Layer-2 Commands

Command Syntax
set port mvrp enable IF_NAME|all IF_NAME The name of the interface all All interfaces on a bridge

Default
This setting is disabled by default.

Command Mode
Configure mode

Usage
Using this command enables MVRP on a specific interface, or on all interfaces on an MVRP-enabled bridge.

Examples
To enable MVRP on a selected interface, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mvrp enable eth1

To enable MVRP on all interfaces, use this command structure:

ZebOS# configure terminal ZebOS(config)# set port mvrp enable all

Related Commands
set port mvrp enable vlan

show mvrp configuration

Use this command to display the MVRP configurations for a bridge.

Command Syntax
show mvrp configuration bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 32>

Command Mode
Exec mode

Usage
The following is sample output from this command displaying all the MVRP configurations on the MVRP-enabled bridge 1. ZebOS#show mvrp configuration bridge 1 Global MVRP Configuration for bridge 1: Dynamic Vlan Creation: Enabled Port based MVRP Configuration: Timers(centiseconds) Port MVRP Status Registration Applicant Join Leave LeaveAll ---------------------------------------------------------------------------------------

270

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

eth2

Enabled

Normal

1000

Examples ZebOS# configure terminal ZebOS(config)# show mvrp configuration bridge 2

show mvrp configuration all

Use this command to display the MVRP configurations of all MVRP-enabled bridges.

Command Syntax
show mvrp configuration all

Command Mode
Exec mode

Usage
The following sample output from this command displays MVRP configurations for all MVRP-enabled bridges. ZebOS#show mvrp configuration Global MVRP Configuration for bridge 1: Dynamic Vlan Creation: Enabled Port based MVRP Configuration: Timers(centiseconds) Port MVRP Status Registration Applicant Join Leave LeaveAll --------------------------------------------------------------------------------------eth2 Enabled Normal Normal 20 60 1000 eth1 Enabled Normal Normal 20 60 1000

Examples ZebOS# configure terminal ZebOS(config)# show mvrp configuration all

show mvrp interface statistics

Use this command to display MVRP statistics for an interface.

Command Syntax
show mvrp interface statistics IF_NAME IF_NAME The name of the interface

Command Mode
Exec mode

Usage
The following sample output from this command displays the MVRP statistics for a specific interface. ZebOS#show mvrp statistics eth2 Bridge: 1

2001-2007 IP Infusion Inc. Confidential

271

NSM Layer-2 Commands

Port JoinEmpty JoinIn LeaveEmpty LeaveIn Empty NewIn NewEmpty --------------------------------------------------------------------------------------eth2 RX 0 0 0 0 0 0 0 TX 0 0 0 0 12 0 0

Examples ZebOS# configure terminal ZebOS(config)# show mvrp statistics eth1

show mvrp machine bridge

Use this command to display the MVRP machine state on a specific bridge.

Command Syntax
show mvrp machine bridge BRIDGE_NAME BRIDGE_NAME An integer in the range of <1 - 32>

Command Mode
Exec mode

Usage
The following sample output from this command displays the MVRP machine state on an MVRP-enabled bridge. ZebOS#show mvrp machine bridge 1 port = eth2 applicant state[0] = VO registrar state[0] = IN

Examples ZebOS# configure terminal ZebOS(config)# show mvrp machine bridge 2

show mvrp statistics

Use this command to display MVRP statistics for a bridge.

Command Syntax
show mvrp statistics

Command Mode
Exec mode

Usage
The following sample output from this command displays all MVRP statistics for an MVRP-enabled bridge. ZebOS#show mvrp statistics Bridge: 1 Port JoinEmpty JoinIn LeaveEmpty LeaveIn Empty NewIn NewEmpty -----------------------------------------------------------------------------eth2 RX 0 0 0 0 0 0 TX 0 0 0 4 0 0

272

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

eth1

RX TX

0 0

Examples ZebOS# configure terminal ZebOS(config)# show mvrp statistics

show mvrp timer

Use this command to display MVRP timer values associated with a specific interface.

Command Syntax
show mvrp timer IF_NAME IF_NAME The name of the interface

Command Mode
Configure mode

Usage
The following sample output from this command displays all MVRP timer values associated with a specific interface. ZebOS#show mvrp timer eth2 Timer Timer Value (centiseconds) -----------------------------------------Join 20 Leave 60 Leave All 1000

Examples ZebOS# configure terminal ZebOS(config)# show mvrp timer eth2

Provider Bridging Commands

Provider bridging lets a provider organization provide Ethernet Virtual Circuit (EVC) services to the customer. The EVC is recognized by the Service Provider VLAN. The packets through the provider network are doubly tagged with inner (CVLAN) and outer (SVLAN) tags. The CVLAN tag is the customer network VLAN ID. The SVLAN tag is the provider network VLAN ID.

bridge protocol provider-mstp

Use this command to create a provider multiple spanning-tree protocol (MSTP) bridge of a specified parameter. Use the no parameter with this command to unmap the VLANs from a particular instance, and associate them back to the default instance of 0.

Command Syntax
bridge <1-32> protocol provider-mstp no bridge <1-32>

2001-2007 IP Infusion Inc. Confidential

273

NSM Layer-2 Commands <1-32> Bridge-group ID used for bridging

Command Mode
Configure mode

Usage
The MSTP bridges can have different spanning-tree topologies for different VLANs inside a region of similar MSTP bridges. The multiple spanning tree protocol, like the rapid spanning tree protocol, provides rapid reconfiguration capability, while providing load-balancing ability. Using this command creates an instance of the spanning tree, and associates the VLANs specified with that instance. A bridge created by the above command forms its own separate region, unless it is added explicitly to a region by using the region name command.

Example ZebOS# configure terminal ZebOS(config)# bridge 2 protocol provider-mstp

bridge protocol provider-rstp

Use this command to add an IEEE 802.1D-2004 Rapid Spanning Tree Protocol (RSTP) bridge.

Command Syntax
bridge <1-32> protocol provider-rstp <1-32> Bridge-group ID used for bridging

Command Mode
Configure mode

Usage
After creating a bridge instance, add interfaces to the bridge using the bridge-group command. Bring the bridge instance into operation with the no shutdown command in interface mode.

Example ZebOS# configure terminal ZebOS(config)# bridge 2 protocol provider-rstp

cvlan registration table

Use this command to create a customer VLAN (CVLAN) registration table that will have the mapping between CVLANs and service provider VLANs (SVLANs). Use the no parameter with this command to delete the CVLAN registration table.

Command Syntax
cvlan registration table WORD cvlan registration table WORD bridge <1-32> no cvlan registration table WORD no cvlan registration table WORD bridge <1-32>

274

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands WORD Name of the CVLAN registration table <1-32> ID of the bridge-group on which the VLAN will be affected

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport provider-network allowed vlan add 2

cvlan svlan
Use this command to create a mapping between the CVLAN and SVLAN. Use the no parameter with this command to delete the mapping.

Command Syntax
cvlan VLAN_ID svlan VLAN_ID no cvlan VLAN_ID no svlan VLAN_ID CVLAN_ID <1-4094> CVLAN ID SVLAN_ID <1-4094> SVLAN ID to which the CVLAN will be mapped

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# cvlan registration table customer1 ZebOS(config-cvlan-registration)# cvlan 2 svlan 3 ZebOS(config-cvlan-registration)# cvlan 3 svlan 3

l2-protocol
Use this command to configure the protocol handling on a customer edge/customer network port.

Command Syntax
l2-protocol PROTOCOL tunnel|discard PROTOCOL Protocol for the action specified. stp Spanning-tree Protocol (STP) gmrp GARP Multicast Address Registration Protocol (GMRP) gvrp GARP VLAN Registration Protocol (GVRP) mvrp Multiple VLAN Registration Protocol (MVRP) mmrp Mobile Mesh Routing Protocol (MMRP) tunnel Tunnel the specified protocol on the interface. discard Discard the specified protocol packets on the interface.

2001-2007 IP Infusion Inc. Confidential

275

NSM Layer-2 Commands

Default
The default action is to tunnel.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# l2-protocol stp tunnel

switchport allowed vlan

Use this command to set the switching characteristics of the Layer-2 interface to the provider-network. The all parameter indicates that any VLAN ID is part of its ports member set. The none parameter indicates that no VLAN ID is configured on this port. The add and remove parameters will add and remove VLAN IDs to/from the ports member set.

Command Syntax
switchport provider-network|customer-network allowed vlan all|none switchport provider-network|customer-network allowed vlan add|remove|except VLANID provider-network Provider network port that behaves per the 802.1 AD standard. customer-network Customer network port that behaves per the 802.1 AD standard. all Allow all VLANs to transmit and receive through the Layer-2 interface. none Allow no VLANs to transmit and receive through the Layer-2 interface. add Add a VLAN to the member set remove Remove a VLAN from the member set. except All VLANs, except the VLAN for which the ID is specified, are part of its ports member set. VLANID <2-4094> The ID of the VLAN that will be added to, or removed from, the Layer-2 interface.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport provider-network allowed vlan add 2

switchport customer-edge access vlan

Use this command to change the default customer VLAN on the current interface. Use the no parameter with this command to remove a previously created customer VLAN with the specified VLAN ID.

Command Syntax
(no) switchport customer-edge access vlan VLANID customer-edge Configured port is a customer-edge port, and the VLAN ID must be a customer VLAN. VLANID <2-4094> Default VLAN ID for the specified interface.

276

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Command Mode
Interface mode

Examples zebos# configure terminal zebos(config)# interface eth0 zebos(config-if)# switchport customer-edge access vlan 3
zebos(config)# interface eth0 zebos(config-if)# no switchport customer-edge access vlan

switchport customer-edge hybrid allowed vlan

Use this command to set the switching characteristics of the Layer-2 customer facing interface to hybrid. Both tagged and untagged frames will be classified over hybrid interfaces. Use the no parameter with this command to turn off allowed customer-edge hybrid switching.

Command Syntax
switchport customer-edge hybrid allowed vlan all|none switchport customer-edge hybrid allowed vlan add VLANID egress-tagged enable|disable switchport customer-edge hybrid allowed vlan remove VLANID customer-edge Configured port is a customer-edge port, and the VLAN ID must be a customer VLAN. all Allow all VLANs to transmit and receive through the Layer-2 interface. none Allow no VLANs to transmit and receive through the Layer-2 interface. add Add a VLAN to the member set. remove Remove a VLAN from the member set. VLANID <2-4094> ID of the VLAN that will be added to, or removed from, the Layer-2 interface. egress-tagged enable Enable the egress tagging for the outgoing frames. disable Disable the egress tagging for the outgoing frames.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport customer-edge hybrid allowed vlan add 2 egresstagged enable

switchport customer-edge hybrid vlan

Use this command to set the switching characteristics of the Layer-2 customer facing interface to hybrid. Use the no parameter with this command to turn off customer-edge hybrid switching.

2001-2007 IP Infusion Inc. Confidential

277

NSM Layer-2 Commands

Command Syntax
switchport customer-edge hybrid vlan VLANID no switchport customer-edge hybrid vlan customer-edge Configured port is a customer-edge port, and the VLAN ID must be a customer VLAN. VLANID <2-4094> ID of the VLAN that will be added to, or removed from, the Layer-2 interface.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport customer-edge hybrid vlan 2

switchport customer-edge vlan registration

Use this command to apply a mapping to the customer edge port. Use the no parameter with this command to delete the mapping from the interface.

Command Syntax
switchport customer-edge vlan registration WORD no switchport customer-edge vlan registration WORD Name of the CVLAN registration table

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# switchport customer-edge vlan registration customer1

switchport customer-network vlan translation

Use this command to add a translation table entry for SVLANs on a customer network port. Use the no parameter with this command to delete a translation table entry for SVLANs on a customer network port.

Command Syntax
switchport customer-network vlan translation svlan RVLAN_ID svlan TVLAN_ID no switchport customer-network vlan translation svlan RVLAN_ID svlan TVLAN_ID RVLAN_ID TVLAN_ID <2-4094> ID of the SVLAN to be translated. <2-4094> ID of the translated SVLAN.

Command Mode
Interface mode

278

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

Example ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# switchport customer-network vlan translation svlan 10 svlan 20

switchport mode
Use this command to set the switching characteristics of the Layer-2 as provider-network or customer-network, and specify only tagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.

Command Syntax
switchport mode provider-network|customer-network (ingress-filter enable|disable) provider-network Provider network port that behaves per the 802.1 AD standard. customer-network Customer network port that behaves per the 802.1 AD standard. ingress-filter Set the ingress filtering for the received frames. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode provider-network ingress-filter enable

switchport mode customer-edge access

Use this command to set the switching characteristics of the Layer-2 customer facing interface to access mode, and classify only untagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.

Command Syntax
switchport mode customer-edge access (ingress-filter enable|disable) customer-edge Configured port is a customer-edge port. ingress-filter Set the ingress filtering for the received frames. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value.

2001-2007 IP Infusion Inc. Confidential

279

NSM Layer-2 Commands

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode customer-edge access ingress-filter enable

switchport mode customer-edge hybrid

Use this command to set the switching characteristics of the Layer-2 customer facing interface as hybrid, and classify both tagged and untagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria. Use the no parameter to reset the mode of the Layer-2 interface to access (default).

Command Syntax
switchport mode customer-edge hybrid switchport mode customer-edge hybrid ingress-filter enable|disable switchport mode customer-edge hybrid acceptable-frame-type vlan-tagged no switchport mode customer-edge The port that is configured is a customer edge port. ingress-filter Set the ingress filtering for the frames received. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value. acceptable-frame-type Set the Layer-2 interface acceptable frame types. This processing occurs after VLAN classification. vlan-tagged Accept only classified frames which belong to the port's member set.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode customer-edge hybrid acceptable-frame-type vlan-tagged

280

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

switchport mode customer-edge trunk

Use this command to set the switching characteristics of the Layer-2 customer facing interface as trunk, and specify only tagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.

Command Syntax
switchport mode customer-edge trunk (ingress-filter enable|disable) customer-edge The port that is configured is a customer edge port. ingress-filter Set the ingress filtering for the frames received. enable Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. disable Turn off ingress filtering to accept frames that do not meet the classification criteria. This is the default value.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport mode customer-edge trunk ingress-filter enable

switchport provider-edge vlan

Use this command to set the switching characteristics of the Layer-2 logical provider edge port. By default, egress tagging is enabled for all VLANs on the provider edge ports.

Command Syntax
switchport provider-edge allowed vlan VLANID (egress-tagged enable|disable) provider-edge The port is the logical port created by the SVLAN on the customer edge port. The VLAN ID must be a customer VLAN, and a mapping for the customer VLAN must already be configured. VLANID <2-4094> The ID of the VLAN to be configured. egress-tagged enable Enable the egress tagging for the outgoing frames. disable Disable the egress tagging for the outgoing frames.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# switchport provider-edge allowed vlan 2 egress-tagged enable

2001-2007 IP Infusion Inc. Confidential

281

NSM Layer-2 Commands

switchport provider-network vlan translation

Use this command to add a translation table entry for CVLANs on a provider network port. Use the no parameter with this command to delete a translation table entry for CVLANs on a provider network port.

Command Syntax
switchport provider-network vlan translation svlan RSVLAN_ID cvlan RCVLAN_ID cvlan TCVLAN_ID no switchport provider-network vlan translation svlan RSVLAN_ID cvlan RCVLAN_ID RSVLAN_ID <2-4094> ID of the SVLAN to be translated. RCVLAN_ID <2-4094> ID of the CVLAN to be translated. TCVLAN_ID <2-4094> ID of the translated CVLAN.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# switchport provider-network vlan translation svlan 10 cvlan 10 cvlan 20

switchport trunk customer-edge allowed vlan

Use this command to set the switching characteristics of the customer facing Layer-2 interface to trunk. The all parameter indicates that any VLAN ID is part of its ports member set. The none parameter indicates that no VLAN ID is configured on this port. The add and remove parameters will add and remove VLAN IDs to/from the ports member set.

Command Syntax
switchport customer-edge trunk allowed vlan all|none switchport customer-edge trunk allowed vlan add|remove|except VLANID customer-edge The port that is configured is a customer edge port, and the VLAN ID must be a customer VLAN. all Allow all VLANs to transmit and receive through the Layer-2 interface. none Allow no VLANs to transmit and receive through the Layer-2 interface. add Add a VLAN to the member set. except All VLANs, except the VLAN for which the ID is specified, are part of its ports member set. remove Remove a VLAN from the member set. VLANID <2-4094> ID of the VLAN that will be added to, or removed from, the Layer-2 interface.

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0

282

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

ZebOS(config-if)# switchport customer-edge trunk allowed vlan add 2

vlan type
Use this command to idenitify a VLAN as either a customer VLAN (CVLAN) or a service VLAN (SVLAN), name the VLAN, enable or disable it and specify point-to-point or multipoint-to-mulitpoint operation.

Command Syntax
vlan VLANID type customer|service bridge <1-32> name VLAN_NAME state enable|disable point-point|multipoint-multipoint no vlan VLANID type customer|service bridge <1-32> VLANID The VID of the VLAN to be enabled or disabled on the bridge in the range <2-4094>. type The type of the VLAN; specifies a CVLAN or an SVLAN <1-32> The ID of the bridge group for which the VLAN is affected VLAN_NAME The ASCII name of the VLAN with a maximum allowable length of 16 characters enable Sets the VLAN to an enabled state disable Sets the VLAN to a disabled state point-point Denotes that this VLAN has two edge nodes, which can be access ports or customer-edge ports multipoint-multipoint Denotes that this VLAN has two edge nodes, which can be access ports or customer-edge ports

Command Mode
VLAN Configuration mode

Examples ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)#vlan 45 type service bridge 2 point-point

vlan type access-map

Use this command to configure the VLAN access control list.

Command Syntax
vlan type VLANTYPE access-map NAME <1-65535> VLANTYPE Type of VLAN customer service NAME Name of the VLAN access map <1-65535> Sequence to insert to, or delete from, the existing access-map entry

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# vlan type customer access-map ACL1 1

2001-2007 IP Infusion Inc. Confidential

283

NSM Layer-2 Commands

vlan type bridge

This command enables or disables the state of a particular customer or service VLAN on a bridge basis. Specifying the disable state causes all forwarding over the specified VLAN ID on the specified bridge to cease. Specifying the enable state allows forwarding of frames on the specified VLAN-aware bridge. Use the no parameter with this command to delete a VLAN.

Command Syntax
vlan VLANID type VLANTYPE bridge <1-32> (name VLAN_NAME) state enable|disable no vlan VLANID type VLANTYPE bridge <1-32> VLANID <2-4094> ID of the VLAN that will be enabled or disabled on the bridge. VLANTYPE Type of VLAN. customer service <1-32> ID of the bridge-group on which the VLAN will be affected. VLAN_NAME Optional. ASCII name of the VLAN. Maximum length: 16 characters. enable Sets VLAN into an enable state. disable Sets VLAN into a disable state.

Command Mode
VLAN Configuration mode

Example ZebOS# configure terminal ZebOS(config)# vlan database ZebOS(config-vlan)#vlan 45 type service bridge 2 name vlan2 state enable

MEF UNI
This section contains commands for the Metro Ethernet Forum User Netword Interface (MSF UNI).

ce-vlan preserve-cos <1-4094>

Use this command to configure Customer Edge (CE) VLAN class of service (COS) preservation for a particular SVLAN. Use the no for of this command to unset preserve-cos.

Command Syntax
ce-vlan preserve-cos <1-4094> no ce-vlan preserve-cos <1-4094> <1-4094> VLAN ID of the service VLAN for which the COS of the CVLANs must be preserved

Command Mode
Configure mode

Examples ZebOS# configure terminal

284

2001-2007 IP Infusion Inc. Confidential

NSM Layer-2 Commands

ZebOS(config)# ce-vlan preserve-cos 2

ethernet uni
Use this command to configure service multiplexing and bundling on a UNI. Use the no option with this command to remove service multiplexing and bundling from a UNI.

Command Syntax
ethernet uni [bundle all-to-one|multiplex] no ethernet uni {bundle all-to-one|multiplex} bundle CVLAN registration table with only one SVLAN supported on the UNI. Multiple CVLANs can be mapped to the SVLAN. multiplex UNI supports multiplexing without bundling (one or more) SVLANs with a single CVLAN mapped to each SVLAN. all-to-one CVLAN registration table with only one SVLAN supported on the UNI. All CVLANs must be mapped to the SVLAN.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# ethernet uni bundle

ethernet uni id NAME

Use this command to configure the UNI ID of an interface. Use the no form of this command to remove a UNI ID from an interface.

Command Syntax
ethernet uni id NAME no ethernet uni id NAME NAME Name of the UNI. The maximum allowable length of the name is 64 characters.

Usage
This command can only be given for a customer edge port.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth1

2protocol-tunnel
Use this command in the interface mode to configure the protocol handling on a customer edge/customer network port. The VLAN ID should be given as input only for DOT1x and LACP.

2001-2007 IP Infusion Inc. Confidential

285

NSM Layer-2 Commands Use this command in the configure mode to configure the protocol handling for a particular SVLAN. When using this command in the configure mode, the peer option cannot be used. The peer option also cannot be used with the GVRP/ MVRP protocols.

Default
The default actions for interfaces are tunnel for GMRP/MMRP, peer for LACP, 802.1x and STP, and discard for GVRP/ MVRP. Note: The Peer option is valid only for STP, LACP and 802.1x.

Default
The default action for a Service VLAN is to tunnel.

Command Mode
Interface mode Configure mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# l2protocol-tunnel stp tunnel

286

2001-2007 IP Infusion Inc. Confidential

CHAPTER 13

NSM LACP Commands

channel-group mode
Use this command to add a port to a channel group specified by the channel group number (<1-12>). This command enables link aggregation on a port, so that it may be selected for aggregation by the local system.

Command Syntax
channel-group <1-12> mode (active|passive) <1-12> Specify a channel group number. active Enable initiation of LACP negotiation on a port passive Disable initiation of LACP negotiation on a port

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# channel-group 4 mode active Related Commands
no channel-group

no channel-group
Use this command to turn off link aggregation on a port.

Command Syntax
no channel-group

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface eht0 ZebOS(config-if)# no channel-group Related Commands
channel-group mode

2001-2007 IP Infusion Inc. Confidential

287

NSM LACP Commands

show etherchannel
Use this command to display information about an Ether channel specified by the channel-group number. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show etherchannel <1-12>

Command mode
Privileged Exec mode

Example ZebOS# show etherchannel 5

show static-channel-group
Use this command to display all configured static aggregators and their corresponding member ports.

Command Syntax
show static-channel-group

Command Mode
Privileged Exec mode

Examples
ZebOS# show static-channel-group % Static Aggregator: sa1 % Member: eth0 eth1 % Static Aggregator: sa2 % Member: eth2

288

2001-2007 IP Infusion Inc. Confidential

NSM LACP Commands

static-channel-group
Use this command to create a static aggregator, or add a member port to an already-existing static aggregator. Use the no parameter with this command to detach the port from the static aggregator.

Command Syntax
static-channel-group <1-12> no static-channel-group <1-12> Channel group number.

Command Mode
Interface mode

Usage
This command adds the interface to the static aggregator with the specified key. If the aggregator does not exist, it is created, and the interface is added to it. The no prefix detaches the port from the static aggregator. If the port is the last member to be detached, the static aggregator is deleted.

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# static-channel-group 2

2001-2007 IP Infusion Inc. Confidential

289

NSM LACP Commands

290

2001-2007 IP Infusion Inc. Confidential

CHAPTER 14

NSM VPLS Commands

mpls vpls
Use this command to create an instance of Virtual Private LAN Service (VPLS). It also switches the command mode to VPLS mode. Use the no parameter to delete a VPLS instance.

Command Syntax
(no) mpls vpls NAME [<1-100000>] NAME Specifies a string for identifying the VPLS instance. <1-100000> Specifies a 32-bit VPLS identifier value. This value must be specified for creating a new VPLS instance. It might not be specified if a pre-existing VPLS instance is being updated.

Command Mode
Configure mode

Examples ZebOS# configure terminal ZebOS(config)# mpls vpls test 34 ZebOS(config-vpls)#

mpls-vpls
Use this command to associate an interface with a VPLS instance. Use the no parameter to delete VPLS instance.

Command Syntax
(no) mpls-vpls NAME NAME Specifies a string identifying the VPLS instance.

Command Mode
Interface mode

Examples ZebOS# configure terminal ZebOS(config)# interface eth0 ZebOS(config-if)# mpls-vpls t1

show mpls vpls

Use this command to display all configured VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance.

2001-2007 IP Infusion Inc. Confidential

291

NSM VPLS Commands To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls vpls (NAME) NAME specifies the string identifying a VPLS instance.

Command Mode
Exec and Privileged Exec mode

Usage
Using show mpls vpls command without parameters displays information about all VPLS instances. The following are two sample outputs displaying information about all VPLS instances and a specified instance. ZebOS# show mpls vpls Name VPLS-ID Type t1 1 Ethernet VPLS t2 2 Ethernet VPLS MPeers 2 2 SPeers 1 0 State Active Active

ZebOS# show mpls vpls t1 Virtual Private LAN Service Instance: t1, ID: 1 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0 Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up) Spoke Peers: t100 (Up)

Example ZebOS# show mpls vpls VPLS1

show mpls vpls detail

Use this command to display detailed information about all configured VPLS instances. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls vpls detail

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output of the show mpls vpls detail command displaying detailed information about all configured VPLS instances. ZebOS# show mpls vpls detail Virtual Private LAN Service Instance: t1, ID: 1 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0

292

2001-2007 IP Infusion Inc. Confidential

NSM VPLS Commands

Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up) Spoke Peers: t100 (Up) Virtual Private LAN Service Instance: t2, ID: 2 Group ID: 0, VPLS Type: Ethernet VPLS, Configured MTU: 0 Description: none Configured interfaces: none Mesh Peers: 192.168.0.80 (Up) 192.168.0.90 (Up)

Example ZebOS# show mpls vpls detail

show mpls vpls mesh

Use this command to display information about all the core Virtual Circuit (VC) connections for all VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance. To modify the lines displayed, use the | (output modifier token); to save the output to a file, use the > output redirection token. For more information, see the ZebOS Command Line Interface Environment chapter.

Command Syntax
show mpls vpls (NAME) mesh NAME specifies the string identifying a VPLS instance.

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output of the show mpls vpls mesh command displaying information about all the core VC connections for all VPLS instances. ZebOS# show mpls vpls mesh VPLS-ID Peer Addr 1 192.168.0.80 1 192.168.0.90 2 192.168.0.80 2 192.168.0.90 In-Intf eth0 eth1 eth0 eth1 In-Label 16 18 19 17 Out-Intf eth0 eth1 eth0 eth1 Out-Label 640 642 641 643 Lkps/St 1/Up 1/Up 1/Up 1/Up

Example ZebOS# show mpls vpls VPL1 mesh ZebOS# show mpls vpls mesh

show mpls vpls spoke

Use this command to display information about all the spoke VC connections for all VPLS instances. Specify the name of a VPLS instance for displaying information about a specific instance.

2001-2007 IP Infusion Inc. Confidential

293

Command Syntax
show mpls vpls (NAME) spoke NAME specifies the string identifying a VPLS instance

Command Mode
Exec and Privileged Exec mode

Usage
The following is a sample output of the show mpls vpls spoke displaying the spoke VC connection to the VPLS instance. ZebOS# show mpls vpls spoke VPLS-ID Virtual Circuit In-Intf 1 t100 eth2 In-Label 20 Out-Intf eth2 Out-Label 640 Lkps/St 1/Up

Example ZebOS# show mpls vpls spoke ZebOS# show mpls vpls VP1 spoke

vpls-description
Use this command to add a description line for a VPLS instance. Use the no parameter to remove a VPLS description line.

Command Syntax
(no) vpls-description LINE LINE specifies a description line for this VPLS.

Command Mode
VPLS Mode

Example ZebOS# configure terminal ZebOS(config)# mpls vpls test 34 ZebOS(config-vpls)# vpls-description This is for testing

vpls-mtu
Use this command to set the Maximum Transmission Unit (MTU) size for a given VPLS instance. This size is signaled to peer VPLS routers. Use the no parameter to unset the MTU size.

Command Syntax
(no) vpls-mtu <576-65535> <576-65535> Allowed MTU size to be used for a given VPLS instance.

294

2001-2007 IP Infusion Inc. Confidential

NSM VPLS Commands

Command Mode
VPLS Mode

Example ZebOS# configure terminal ZebOS(config)# mpls vpls test 34 ZebOS(config-vpls)# vpls-mtu 6506

vpls-peer
Use this command to create a VPLS Virtual Circuit with a core router. Use the no parameter to delete the VPLS Virtual Circuit to a specified peer.

Command Syntax
(no) vpls-peer A.B.C.D A.B.C.D Specifies the IP address of a VPLS peer node to which a mesh Virtual Circuit is to be created.

Command Mode
VPLS Mode

Usage
The Virtual Circuit ID is the same as the VPLS ID configured for this VPLS. At least one such peer configuration is required for every VPLS instance.

Example ZebOS# configure terminal ZebOS(config)# mpls vpls test 34 ZebOS(config-vpls)# vpls-peer 10.10.0.34

vpls-vc
Use this command to bind an instance of MPLS Virtual Circuit to VPLS. Use the no parameter to unbind the specified Virtual Circuit from a VPLS instance.

Command Syntax
(no) vpls-vc NAME NAME is a string identifying the MPLS Virtual Circuit to be added to this VPLS instance.

Command Mode
VPLS Mode

Usage
A given Virtual Circuit can either be bound to an interface or a VPLS instance, but not to both at the same time. This VC is generally termed as spoke VC as it connects a core VPLS router to a spoke node.

2001-2007 IP Infusion Inc. Confidential

295

NSM VPLS Commands

Example ZebOS# configure terminal ZebOS(config)# mpls vpls test 34 ZebOS(config-vpls)# vpls-vc VC1

296

2001-2007 IP Infusion Inc. Confidential

CHAPTER 15

Tunneling Commands

This chapter contains ZebOS commands related to IP tunneling. These commands are available only if tunneling configuration options are enabled when compiling the kernel (for example, IP:Tunneling under Networking Options). Refer to Configuring and Compiling the Linux Kernel appendix in the ZebOS Installation Guide for details.

interface tunnel
Use this command to create a new tunnel interface. Use the no parameter to destroy the tunnel interface.

Command Syntax
(no) interface tunnel <0-2147483647>

Default
Disabled

Command Mode
Configure mode

Usage
This command creates a new tunnel interface.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 100 ZebOS(config-if)#

Related Commands
tunnel mode, tunnel source, tunnel destination

tunnel checksum
Use this command to enable a checksum feature for the tunnel. Use the no parameter to disable the feature.

Command Syntax
(no) tunnel checksum

Default
Disabled

Command Mode
Interface mode

2001-2007 IP Infusion Inc. Confidential

297

Tunneling Commands

Usage
This command enables a checksum feature for the tunnel. When configuring the tunnel checksum, make sure to: configure the tunnel checksum feature before configuring the tunnel source and destination. configure the tunnel checksum on both ends of the tunnel.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel mode gre ZebOS(config-if)# tunnel checksum ZebOS(config-if)# tunnel source 192.168.1.1 ZebOS(config-if)# tunnel destination 192.168.254.2

Related Commands
interface tunnel, tunnel mode, tunnel source, tunnel destination

tunnel destination
Use this command to specify a tunnel destination address in an IPv4 portion. Use the no parameter to unspecify the address.

Command Syntax
(no) tunnel destination A.B.C.D A.B.C.D Tunnel destination IPv4 address

Command Mode
Interface mode

Usage
This command specify a tunnel destination address.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 200 ZebOS(config-if)# tunnel mode ipip ZebOS(config-if)# tunnel source 10.10.0.1 ZebOS(config-if)# tunnel destination 10.11.0.1

Related Commands
Interface tunnel, tunnel mode, tunnel source

tunnel mode
Use this command to configure an IPv4 tunnel mode. Use the no parameter to unconfigure the mode.

298

2001-2007 IP Infusion Inc. Confidential

Tunneling Commands

Command Syntax
(no) tunnel mode (gre|ipip) gre Generic Routing Encapsulation (GRE) tunnel mode. ipip IPIP tunnel mode.

Command Mode
Interface mode

Usage
This command specifies a tunnel encapsulation mode. Currently, GRE and IPIP mode are supported. The GRE tunnel mode is used for IPv4 to IPv4 tunneling, as well as, IPv6 to IPv4 tunneling.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 2 ZebOS(config-if)# tunnel source 192.168.1.1 ZebOS(config-if)# tunnel destination 192.168.2.1 ZebOS(config-if)# tunnel mode gre

Related Commands
Interface tunnel, tunnel mode ipv6ip, tunnel source, tunnel destination

tunnel mode ipv6ip

Use this command to specify the IPv6 transition tunnel mode. Use the no parameter to unconfigure the mode.

Command Syntax
(no) tunnel mode ipv6ip (6to4|isatap) 6to4 6to4 automatic tunnel mode. isatap ISATAP automatic tunnel mode. Note: Using this command without the 6to4 or isatap parameters specifies manual configuration mode.

Command Mode
Interface mode

Usage
This command specifies a tunnel encapsulation mode for IPv6 in IPv4.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel source 10.10.1.1 ZebOS(config-if)# tunnel destination 10.10.2.1 ZebOS(config-if)# tunnel mode ipv6ip

2001-2007 IP Infusion Inc. Confidential

299

Tunneling Commands

Related Commands
Interface tunnel, tunnel mode, tunnel source, tunnel destination

tunnel path-mtu-discovery
Use this command to enable path Maximum Transmission Unit (MTU) discovery in the underlying tunnel interface. Use the no parameter to disable this feature.

Command Syntax
(no) tunnel path-mtu-discovery

Default
Disabled

Command Mode
Interface mode

Usage
This command enables the path MTU discovery feature in the underlying physical interface.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel mode gre ZebOS(config-if)# tunnel source 192.168.0.1 ZebOS(config-if)# tunnel destination 10.0.0.1 ZebOS(config-if)# tunnel path-mtu-discovery

Related Commands
Interface tunnel, tunnel mode, tunnel source, tunnel destination, tunnel ttl

tunnel source
Use this command to specify a tunnel source address in a IPv4 portion. Use the no parameter to unspecify the tunnel source address.

Command Syntax
(no) tunnel source A.B.C.D A.B.C.D IPv4 tunnel source address

Command Mode
Interface mode

Usage
This command specifies a tunnel source address.

300

2001-2007 IP Infusion Inc. Confidential

Tunneling Commands

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel mode gre ZebOS(config-if)# tunnel destination 10.10.1.1 ZebOS(config-if)# tunnel source 10.11.2.1

Related Commands
interface tunnel, tunnel mode, tunnel destination

tunnel tos
Use this command to specify a value of Type of Service (TOS) in the tunnel IPv4 encapsulation header. Use the no parameter to make 0 the default value.

Command Syntax
(no) tunnel tos <0-255>

Default
The default TOS value is 0.

Command Mode
Interface mode

Usage
This command specifies a value of Type of Service (TOS) in the tunnel IPv4 encapsulation header.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel mode gre ZebOS(config-if)# tunnel destination 192.168.10.2 ZebOS(config-if)# tunnel source 192.168.11.1 ZebOS(config-if)# tunnel tos 10

Related Commands
Interface tunnel, tunnel mode, tunnel source, tunnel destination

tunnel ttl
Use this command to specify a value of Time to Live (TTL) in the tunnel IPv4 encapsulation header. Use the no parameter to inheriting the underlying physical interface value by default.

Command Syntax
(no) tunnel ttl <1-255>

2001-2007 IP Infusion Inc. Confidential

301

Tunneling Commands

Default
By default, physical interface value is inherited.

Command Mode
Interface mode

Usage
This command specifies a value of Time to Live (TTL) in the tunnel IPv4 encapsulation header. Enable the path-mtudiscovery before setting the TTL value. However, the first time you set the TTL value, and the path-mtudiscovery is not set, the system automatically enables the path-mtu-discovery.

Example
ZebOS# configure terminal ZebOS(config)# interface tunnel 0 ZebOS(config-if)# tunnel mode gre ZebOS(config-if)# tunnel destination 192.168.128.1 ZebOS(config-if)# tunnel source 192.168.0.1 ZebOS(config-if)# tunnel ttl 255

Related Commands
tunnel path-mtu-discovery

302

2001-2007 IP Infusion Inc. Confidential

CHAPTER 16

Remote Monitoring Commands

This chapter contains all Remote Monitoring (RMON) related commands in alphabetical order.

rmon alarm
Use this command to configure alarm parameters, such as, alarm type, thresholds, and corresponding events on crossing the threshold for a particular variable. Use the no form of this command to remove the alarm configuration.

Command Syntax
rmon alarm IX_VAL OID_VAR interval <1-65535> SAMPLE_TYPE rising-threshold <1-65535> event <1-65535> falling-threshold <1-65535> event <1-65535> (owner WORD) no rmon alarm IX_VAL IX_VAL = 1-65535 Alarm entry index value OID_VAR = WORD Variable Object Identifier (OID) name to be monitored interval Polling interval in seconds SAMPLE_TYPE = delta|absolute Alarm sample type rising-threshold Rising threshold value of the alarm entry event Event corresponding to the alarm crossing the rising threshold value of the alarm entry falling-threshold Falling threshold value of the alarm entry event Event corresponding to the alarm crossing the falling threshold value of the alarm entry owner Owner name to identify entry

Command Mode
Configure mode

Default
No default alarm is created.

Examples ZebOS# configure terminal ZebOS(config)# rmon alarm 229 etherStatsEntry.1.5 interval 50 delta rising-threshold 400 falling-threshold 600

rmon collection history

Use this command to configure a history statistics control group. History statistics parameters can be requested buckets, interval, and owner name on a particular interface. The number of history statistics buckets, and the interval to collect them, can be specified. The system based on the available memory configures the granted buckets. Use the no form of this command to remove the history control configuration.

2001-2007 IP Infusion Inc. Confidential

303

Remote Monitoring Commands

Command Syntax
rmon collection history IX_VAL (buckets <1-65535>) (interval <1-3600>) (owner WORD) no rmon collection history IX_VAL IX_VAL = 1-65535 History control entry index value interval Polling interval in seconds buckets Number of requested buckets owner Owner name to identify the entry

Command Mode
Interface mode

Default
There is no default collection history configuration.

Usage
The granted buckets are same as the requested buckets.

Examples ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# rmon collection history 200 buckets 500 interval 600 owner herbert

rmon collection stats

Use this command to configure an Ethernet statistics parameter, such as, index and owner name, on a particular interface. Use the no form of this command to remove the collection statistics configuration.

Command Syntax
rmon collection stats IF_INDEX <1-65535> (owner WORD) no rmon collection stats <1-65535> IF_INDEX Interface Index owner Owner name to identify the entry

Command Mode
Interface mode

Default
Ethernet statistics probe is not running.

Examples ZebOS# configure terminal ZebOS(config)# interface eth1 ZebOS(config-if)# rmon collection stats 200 owner herbert

304

2001-2007 IP Infusion Inc. Confidential

Remote Monitoring Commands

rmon event
Use this command to configure event parameters, such as, event type, description, and the community string corresponding to the trap if the event type is trap. Use the no form of this command to remove the event configuration.

Command Syntax
rmon event IX_VAL TYPE (description WORD) (owner WORD) no rmon event IX_VAL IX_VAL = 1-65535 Event entry index value TYPE = log|trap WORD|log trap WORD Event type log Log event type trap Trap event type log trap Log and trap event type WORD Community string corresponding to the trap description Event entry description owner Owner name to identify the entry

Command Mode
Configure mode

Default
No default event is created.

Usage
The configured trap community does not take effect as the trap sending is handled by the SNMP daemon.

Examples ZebOS# configure terminal ZebOS(config)# rmon event 299 log description cond3 alfred

show rmon alarm

Use this command to display the alarms and threshold configured for the RMON probe.

Command Syntax
show rmon alarm

Command Mode
Exec and Privileged Exec modes

Examples ZebOS# show rmon alarm

2001-2007 IP Infusion Inc. Confidential

305

Remote Monitoring Commands

show rmon event

Use this command to display the events configured for the RMON probe.

Command Syntax
show rmon event

Command Mode
Exec mode

Examples ZebOS# show rmon event

show rmon history

Use this command to display the history Ethernet statistics collected on a particular interface.

Command Syntax
show rmon history

Command Mode
Exec mode

Examples ZebOS# show rmon history

show rmon statistics

Use this command to display the Ethernet statistics collected on a particular interface.

Command Syntax
show rmon statistics

Command Mode
Exec mode

Examples ZebOS# show rmon statistics

306

2001-2007 IP Infusion Inc. Confidential

CHAPTER 17

Interpeak Security Commands

This chapter contains all commands related to Interpeak Security (IPSec) listed by function. Within each function listing, the commands are listed alphabetically.

Clear Commands
clear crypto isakmp
Use this command to clear active IKE connections in Exec configuration mode.

Command Syntax
clear crypto isakmp

Command mode
Exec mode

Usage
Use this command to clear active IKE connections.

clear crypto sa
Use this command in global configuration mode to delete IPSec security associations.

Command Syntax
clear crypto sa

Command mode
Exec mode

Usage
If the security associations are manually established, the security associations are deleted and reinstalled. If you make configuration changes that affect security associations, these changes will not apply to existing security associations but to negotiations for subsequent security associations. You can use the clear crypto sa command to restart all security associations so they will use the most current configuration settings. In the case of manually established security associations, if you make changes that affect security associations you must use the clear crypto sa command before the changes take effect. This commands clears (and reinitializes if appropriate) all IPSec security associations at the router.

2001-2007 IP Infusion Inc. Confidential

307

Interpeak Security Commands

clear crypto sa entry

Use this command in global configuration mode to delete specific IPSec security associations with the specified address, protocol, and SPI.

Command Syntax
clear crypto sa entry destination-address A.B.C.D protocol (ah | esp) spi SPI ah AH protocol esp ESP protocol SPI SPI Parameter Index of the SA to be reset

Command mode
Exec mode

Usage
Same as clear crypto sa command.

clear crypto sa map

Use this command in global configuration mode to delete specific IPSec security associations with the given name.

Command Syntax
clear crypto sa map MAP_NAME MAP_NAME Name of specific IP security associations

Command mode
Exec mode

Usage
Same as clear crypto sa command.

clear crypto sa peer

Use this command in global configuration mode to delete specific IPSec security associations for the specified peer.

Command Syntax
clear crypto sa peer <ip-address>

Command mode
Exec mode

Usage
Same as clear crypto sa command.

308

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands

Crypto Map Commands

crypto ipsec security-association lifetime
Use this command in global configuration mode to change global lifetime values used when negotiating IPSec security associations. Use the no form of the command to reset a lifetime to the default value.

Command Syntax
crypto ipsec security-association lifetime (seconds|kilobytes) LIFETIME no crypto ipsec security-association lifetime (seconds|kilobytes) seconds LIFETIME Specifies the number of seconds the security association will live before expiring kilobytes LIFETIME Specifies the volume of traffic (in kilobytes) that can pass between IPSec peers before the security association expires

Command mode
Global configuration mode

Defaults
3600 seconds (one hour) and 4,608,000 kilobytes (10 megabits per second for one hour).

Usage
IPSec security associations use shared secret keys. These keys and their security associations time out together. Assuming that the particular crypto map entry does not have lifetime values configured, when the router requests new security associations during security association negotiation, it will specify its global lifetime value in the request to the peer; it will use this value as the lifetime of the new security associations. When the router receives a negotiation request from the peer, it will use the smaller of the lifetime value proposed by the peer or the locally configured lifetime value as the lifetime of the new security associations. If you change a global lifetime, the change is only applied when the crypto map entry does not have a lifetime value specified. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command. The lifetime values are ignored for manually established security associations.

crypto ipsec transform-set

Use this command in global configuration mode to define a transform setan acceptable combination of security protocols and algorithms. Use the no form of the command to delete a transform set.

2001-2007 IP Infusion Inc. Confidential

309

Interpeak Security Commands

no crypto ipsec transform-set NAME NAME Name of the transform set ah-md5 AH with the MD5 (HMAC variant) authentication algorithm ah-sha1 AH with the MD5 (HMAC variant) authentication algorithm esp-nul Null encryption algorithm esp-des ESP with the 56-bit encryption algorithm esp-3des ESP with the 168-bit DES encryption algorithm (3DES or Triple DES) esp-aes Alternative AES algorithm esp-blf Alternative Blowfish algorithm esp-cast Alternative Cast algorithm

Command mode
Configure mode

Usage
A transform set is an acceptable combination of security protocols, algorithms and other settings to apply to IPSec protected traffic. During the IPSec security association negotiation, the peers agree to use a particular transform set when protecting a particular data flow. You can configure multiple transform sets, and then specify one or more of these transform sets in a crypto map entry. When IKE is not used to establish security associations, a single transform st must be used. The transform set is not negotiated. Before a transform set can be included in a crypto map entry it must be defined using this command. A transform set specifies one or two IPSec security protocols (either ESP or AH or both) and specifies which algorithms to use with the selected security protocol. If one or more transforms are specified in the crypto ipsec transform-set command for an existing transform set, the specified transforms will replace the existing transforms for that transform set. If you change a transform set definition, the change is only applied to crypto map entries that reference the transform set. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command.

crypto map ipsec-manual | ipsec-isakmp

Use this command in global configuration mode to create or modify a crypto map entry and enter the crypto map configuration mode. Use the no form of this command to delete a crypto map entry or set.

Command Syntax
crypto map MAP-NAME SEQ-NUM ipsec-manual | ipsec-isakmp no crypto map MAP-NAME (SEQ-NUM|) MAP-NAME The name you assign to the crypto map set SEQ-NUM The number you assign to the crypto map entry ipsec-manual Indicates that IKE will not be used to establish the IPSec security associations for protecting the traffic specified by this crypoto map entry ipsec-isakmp Indicates that IKE will be used to establish the IPSec security associations for protecting the traffic specified by this crypoto map entry

310

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands

Command mode
Global configuration mode

Usage
Use this command to create a new crypto map entry or to modify an existing crypto map entry. Once a crypto map entry has been created, you cannot change the parameters specified at the global configuration level because these parameters determine which of the configuration commands are valid at the crypto map level. For example, once a map entry has been created as ipsec-isakmp, you cannot change it to ipsec-manual or cisco; you must delete and reenter the map entry. After you define crypto map entries, you can assign the crypto map set to interfaces using the crypto map (interface IPSec) command.

crypto map local-address

Use this command in global configuration mode to specify and name an identifying interface to be used by the crypto map for IPSec traffic. Use the no form of the command to remove this command from the configuration.

Command Syntax
crypto map MAP-NAME local-address INTERFACE-ID no crypto map MAP-NAME local-address MAP-NAME The name that identifies the crypto map set INTERFACE-ID Specify the identifying interface that should be used by the router to identify itself to remote peers

Command mode
Global configuration mode

Usage
If you apply the same crypto map to two interfaces and do not use this command, two separate security associations (with different local IP addresses) could be established to the same peer for similar traffic. If you are using the second interface as redundant to the first interface, it could be preferable to have a single security association (with a single local IP address) created for traffic sharing the two interfaces. Having a single security association decreases overhead and makes administration simpler.

match address
Use this command in crypto map configuration mode to specify an extended access list for a crypto map entry. Use the no form of this command to remove the extended access list from a crypto map entry.

Command Syntax
match address ACCESSLIST-ID no match address ACCESSLIST-ID match ipv6-address ACCESSLIST-NAME no match ipv6-address ACCESSLIST-NAME

2001-2007 IP Infusion Inc. Confidential

311

Interpeak Security Commands ACCESSLIST-ID Identifies the extended access list by its number ACCESSLIST-NAME Identifies the extended access list by its name

Command mode
Crypto map configuration mode

Usage
Use this command to assign an extended access list to a crypto map entry. You also need to define this access list using the access-list or ip access-list extended commands. The extended access list specified with this command will be used by IPSec to determine which traffic should be protected by crypto and which traffic does not need crypto protection. (Traffic that is permitted by the access list will be protected. Traffic that is denied by the access list will not be protected in the context of the corresponding crypto map entry.) Note that the crypto access list is not used to determine whether to permit or deny traffic through the interface. An access list applied directly to the interface makes that determination. The crypto access list specified by this command is used when evaluating both inbound and outbound traffic. Outbound traffic is evaluated against the crypto access lists specified by the interface's crypto map entries to determine if it should be protected by crypto and if so (if traffic matches a permit entry) which crypto policy applies. (If necessary, in the case of static IPSec crypto maps, new security associations are established using the data flow identity as specified in the permit entry; in the case of dynamic crypto map entries, if no SA exists, the packet is dropped.) After passing the regular access lists at the interface, inbound traffic is evaluated against the crypto access lists specified by the entries of the interface's crypto map set to determine if it should be protected by crypto and, if so, which crypto policy applies. (In the case of IPSec, unprotected traffic is discarded because it should have been protected by IPSec.) In the case of IPSec, the access list is also used to identify the flow for which the IPSec security associations are established. In the outbound case, the permit entry is used as the data flow identity (in general), while in the inbound case the data flow identity specified by the peer must be "permitted" by the crypto access list.

mode
Use this command in crypto transform configuration mode to change the mode for a transform set. Use the no form of the command to reset the mode to the default value of tunnel mode.

Command Syntax
mode (tunnel | transport) no mode tunnel Specifies the tunnel mode for a transform set transport Specifies the transport mode for a transform set

Command mode
Crypto transform configuration mode

Usage
Use this command to change the mode specified for the transform. This setting is only used when the traffic to be protected has the same IP addresses as the IPSec peers (this traffic can be encapsulated either in tunnel or transport mode). This setting is ignored for all other traffic (all other traffic is encapsulated in tunnel mode).

312

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands If you use this command to change the mode, the change will only affect the negotiation of subsequent IPSec security associations via crypto map entries which specify this transform set. (If you want the new settings to take effect sooner, you can clear all or part of the security association database. See the clear crypto sa command for more details.

set peer
Use this command in crypto map configuration mode.to specify an IPSec peer in a crypto map entry. Use the no form of this command to remove an IPSec peer from a crypto map entry.

Command Syntax
set peer A.B.C.D no set peer A.B.C.D set ipv6 peer X:X::X:X no set ipv6 peer X:X::X:X A.B.C.D IPv4 address X:X::X:X IPv6 address

Command mode
Crypto map configuration mode

Usage
Use this command to specify an IPSec peer for a crypto map. For ipsec-isakmp crypto map entries, you can specify multiple peers by repeating this command. The peer that packets are actually sent to is determined by the last peer that the router heard from (received either traffic or a negotiation request from) for a given data flow. If the attempt fails with the first peer, IKE tries the next peer on the crypto map list. For ipsec-manual crypto entries, you can specify only one IPSec peer per crypto map. If you want to change the peer, you must first delete the old peer and then specify the new peer.

set security-association lifetime

Use this command in crypto map configuration mode to override the global lifetime value for a particular crypto map entry. The global lifetime value is used when negotiating IPSec security associations. Use the no form of this command to reset a crypto map entrys lifetime value to the global value.

Command Syntax
set security-association lifetime seconds | kilobytes LIFETIME no set security-association lifetime seconds | kilobytes LIFETIME seconds LIFETIME Specifies the number of seconds a security association will live before expiring kilobytes LIFETIME Specifies the volume of traffic (in kilobytes) that can pass between IPSec peers using a given security association before that security association expires

Command mode
Crypto map configuration mode

2001-2007 IP Infusion Inc. Confidential

313

Interpeak Security Commands

Defaults
The crypto maps security associations are negotiated according to the global lifetimes.

Usage
This command is only available for ipsec-isakmp crypto map entries and dynamic crypto map entries. IPSec security associations use shared secret keys. These keys and their security associations time out together. Assuming that the particular crypto map entry has lifetime values configured, when the router requests new security associations during security association negotiation, it will specify its crypto map lifetime value in the request to the peer; it will use this value as the lifetime of the new security associations. When the router receives a negotiation request from the peer, it will use the smaller of the lifetime value proposed by the peer or the locally configured lifetime value as the lifetime of the new security associations. There are two lifetimes: a "timed" lifetime and a "traffic-volume" lifetime. The session keys/security association expires after the first of these lifetimes is reached.

set session-key
Use this command in crypto map configuration mode to manually specify the IPSec session keys within a crypto map entry. This command is only available for ipsec-manual crypto map entries. Use the no form of this command to remove IPSec session keys from a crypto map entry.

Command Syntax
set session-key (inbound|outbound) ah SPI HEX-KEY-DATA no set session-key (inbound|outbound) ah set session-key (inbound|outbound) esp SPI cipher HEX-KEY-DATA authenticator HEX_KEY_DATA no set session-key (inbound|outbound) esp inbound Sets the inbound IPSec session key outbound Sets the outbound IPSec session key ah Sets the IPSec session key for the AH protocol SPI Specifies the Security Parameter Index (SPI), a number that is used to uniquely identify a security association HEX-KEY-DATA Specifies the session key; enter in hexadecimal format

Command mode
Crypto map configuration mode

Usage
Use this command to define IPSec keys for security associations via ipsec-manual crypto map entries. (In the case of ipsec-isakmp crypto map entries, the security associations with their corresponding keys are automatically established via the IKE negotiation.) If the crypto map's transform set includes an AH protocol, you must define IPSec keys for AH for both inbound and outbound traffic. If the crypto map's transform set includes an ESP encryption protocol, you must define IPSec keys for ESP encryption for both inbound and outbound traffic. If your transform set includes an ESP authentication protocol, you must define IPSec keys for ESP authentication for inbound and outbound traffic. When you define multiple IPSec session keys within a single crypto map, you can assign the same security parameter index (SPI) number to all the keys. The SPI is used to identify the security association used with the crypto map.

314

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands However, not all peers have the same flexibility in SPI assignment. You should coordinate SPI assignment with your peer's operator, making certain that the same SPI is not used more than once for the same destination address/ protocol combination. Security associations established via this command do not expire (unlike security associations established via IKE). Session keys at one peer must match the session keys at the remote peer. If you change a session key, the security association using the key will be deleted and reinitialized.

set transform-set
Use this command in crypto map configuration mode to specify which transform sets can be used with the crypto map entry. Use the no form of this command to remove all transform sets from a crypto map entry.

Command Syntax
set transform-set NAME no set transform-set NAME NAME The name that identifies the crypto map set

Command mode
Crypto map configuration mode

Usage
Use this command to specify which transform sets to include in a crypto map entry. For an ipsec-isakmp crypto map entry, you can list multiple transform sets with this command. List the higher priority transform sets first. If the local router initiates the negotiation, the transform sets are presented to the peer in the order specified in the crypto map entry. If the peer initiates the negotiation, the local router accepts the first transform set that matches one of the transform sets specified in the crypto map entry. The first matching transform set that is found at both peers is used for the security association. If no match is found, IPSec will not establish a security association. The traffic will be dropped because there is no security association to protect the traffic. For an ipsec-manual crypto map entry, you can specify only one transform set. If the transform set does not match the transform set at the remote peer's crypto map, the two peers will fail to correctly communicate because the peers are using different rules to process the traffic. If you want to change the list of transform sets, re-specify the new list of transform sets to replace the old list. This change is only applied to crypto map entries that reference this transform set. The change will not be applied to existing security associations, but will be used in subsequent negotiations to establish new security associations. If you want the new settings to take effect sooner, you can clear all or part of the security association database by using the clear crypto sa command. Any transform sets included in a crypto map must previously have been defined using the crypto ipsec transform-set command.

2001-2007 IP Infusion Inc. Confidential

315

Interpeak Security Commands

ISAKMP Configuration Commands

crypto isakmp enable
Use this command to globally enable IKE (Internet Key Exchange) at your peer router in global configuration mode. Use the no form of this command to disable IKE at the peer.

Command Syntax
crypto isakmp enable no crypto isakmp enable

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
IKE is enabled by default. IKE does not have to be enabled for individual interfaces, but is enabled globally for all interfaces at the router. If you do not want IKE to be used in your IPSec implementation, you can disable IKE at all your IPSec peers. If you disable IKE at one peer you must disable it at all your IPSec peers.

crypto isakmp keepalive

Use this command to send Internet Key Exchange (IKE) keepalive messages from one router to another router in global configuration mode. To disable keepalives, use the no form of this command.

Command Syntax
crypto isakmp keepalive SECS no crypto isakmp keepalive SECS Number of seconds between keepalive messages

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
The crypto isakmp keepalive command is used to send IKE keepalives, which detect the continued connectivity of an IKE security association (SA), between two peer points.

crypto isakmp key

Use this command to configure a preshared authentication key in global configuration mode. You must configure this key whenever you specify preshared keys in an IKE policy. Use the no form of this command to remove the configuration.

316

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands

Command Syntax
(no) crypto isakmp key KEY address A.B.C.D/M (no) crypto isakmp key KEY ipv6-address X:X::X:X/M KEY Specify the preshared key. Us any combination of alphanumeric characters up to 128 bytes. A.B.C.D/M IPv4 address X:X::X:X/M IPv6 address

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
Use this command to configure preshared authentication keys. You must perform this command at both peers. If an IKE policy includes preshared keys as the authentication method, these preshared keys must be configured at both peersotherwise the policy cannot be used (the policy will not be submitted for matching by the IKE process). The crypto isakmp key command is the second task required to configure the preshared keys at the peers. (The first task is accomplished with the crypto isakmp identity command.) Use the address keyword if the remote peer ISAKMP identity was set with its IP address.

crypto isakmp policy

Use this command to define an IKE policy in global configuration mode. IKE policies define a set of parameters to be used during the IKE negotiation. Use the no form of this command to delete an IKE policy.

Command Syntax
crypto isakmp policy PRIORITY no crypto isakmp policy PRIORITY PRIORITY Uniquely identifies the IKE policy and assigns a priority to the policy

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
Use this command to specify the parameters to be used during an IKE negotiation. (These parameters are used to create the IKE security association [SA].) This command invokes the ISAKMP policy configuration (config-isakmp) mode. You can configure multiple IKE policies on each peer participating in IPSec. When the IKE negotiation begins, it tries to find a common policy configured on both peers, starting with the highest priority policies as specified on the remote peer.

ISAKMP Policy Configuration Commands

The commands in this section are all entered in the ISAKMP policy configuration (config-isakmp) mode. To invoke this mode, use the crypto isakmp policy command in global configuration mode.

2001-2007 IP Infusion Inc. Confidential

317

Interpeak Security Commands

authentication
Use this command in ISAKMP policy configuration mode to specify the authentication method within an IKE policy. IKE policies define a set of parameters to be used during IKE negotiation. Use the no form of this command to reset the authentication method to the default value.

Command Syntax
authentication (pre-share|rsa-encr|rsa-sig) no authentication pre-share Preshared keys rsa-encr RSA encryption rsa-sig RSA signatures

Defaults
RSA signatures

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
Use this command to specify the authentication method to be used in an IKE policy. If you specify RSA signatures, you must configure your peer routers to obtain certificates from a certification authority (CA). If you specify RSA encryption, you must ensure that each peer has the other peer's RSA public keys. (See the crypto key pubkey-chain rsa, addressed-key, named-key, address, and key-string (IKE) commands.)

encryption
Use this command to specify the encryption algorithm within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. Use the no form of this command to reset the encryption algorithm to the default value.

Command Syntax
encryption (des | 3des) no encryption des Specifies 56-bit DES-CBC as the encryption algorithm 3des Specifies 168-bit DES (3DES) as the encryption algorithm

Command mode
ISAKMP policy configuration mode (config-isakmp)

Usage
Use this command to specify the encryption algorithm to be used in an IKE policy.

318

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands

group
Use this command to specify the Diffie-Hellman group identifier within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. Use the no form of this command to reset the Diffie-Hellman group identifier to the default value.

Command Syntax
group (1 | 2) no group

Command mode
ISAKMP policy configuration mode (config-isakmp)

Defaults
768-bit Diffie-Hellman (group 1)

Usage
Use this command to specify the Diffie-Hellman group to be used in an IKE policy.

hash
Use this command to specify the hash algorithm within an IKE policy in ISAKMP policy configuration mode. IKE policies define a set of parameters to be used during IKE negotiation. Use the no form of this command to reset the hash algorithm to the default SHA-1 hash algorithm.

Command Syntax
hash (md5 | sha) no hash md5 Specifies MD5 (HMAC variant) as the hash algorithm sha Specifies SHA-1 (HMAC variant) as the hash algorithm

Command mode
ISAKMP policy configuration mode (config-isakmp)

Defaults
The SHA-1 hash algorithm

Usage
Use this command to specify the hash algorithm to be used in an IKE policy

lifetime
Use the lifetime (IKE policy) command in ISAKMP policy configuration mode to specify the lifetime of an IKE security association (SA). Use the no form of this command to reset the SA lifetime to the default value.

2001-2007 IP Infusion Inc. Confidential

319

Interpeak Security Commands

Command Syntax
lifetime LIFETIME no lifetime LIFETIME Specifies how many seconds each SA should exist before expiring

Command mode
ISAKMP policy configuration mode (config-isakmp)

Defaults
28,800 seconds

Usage
Use this command to specify how long an IKE SA exists before expiring. When IKE begins negotiations, the first thing it does is agree upon the security parameters for its own session. The agreed-upon parameters are then referenced by an SA at each peer. The SA is retained by each peer until the SA's lifetime expires. Before an SA expires, it can be reused by subsequent IKE negotiations, which can save time when setting up new IPSec SAs. Before an SA expires, it can be reused by subsequent IKE negotiations, which can save time when setting up new IPSec SAs. New IPSec SAs are negotiated before current IPSec SAs expire. So, to save setup time for IPSec, configure a longer IKE SA lifetime. However, shorter lifetimes limit the exposure to attackers of this SA. The longer an SA is used, the more encrypted traffic can be gathered by an attacker and possibly used in an attack. Note that when your local peer initiates an IKE negotiation between itself and a remote peer, an IKE policy can be selected only if the lifetime of the remote peer's policy is longer than or equal to the lifetime of the local peer's policy. Then, if the lifetimes are not equal, the shorter lifetime will be selected. To restate this behavior: If the two peer's policies' lifetimes are not the same, the initiating peer's lifetime must be shorter and the responding peer's lifetime must be longer, and the shorter lifetime will be used.

Interface Configuration Commands

crypto map
Use this command in interface configuration mode to apply a previously defined crypto map set to an interface. Use the no form of the command to remove the crypto map set from the interface.

Command Syntax
crypto map MAP-NAME no crypto map MAP-NAME MAP-NAME The name that identifies the crypto map set

Command mode
Interface configuration mode

320

2001-2007 IP Infusion Inc. Confidential

Interpeak Security Commands

Usage
Use this command to assign a crypto map set to an interface. You must assign a crypto map set to an interface before that interface can provide IPSec services. Only one crypto map set can be assigned to an interface. If multiple crypto map entries have the same map-name but a different seq-num, they are considered to be part of the same set and will all be applied to the interface. The crypto map entry with the lowest seq-num is considered the highest priority and will be evaluated first. A single crypto map set can contain a combination of ipsec-isakmp, and ipsec-manual crypto map entries.

Show Commands
show crypto ipsec sa
Use this command to view the settings used by current security associations in Exec mode.

Command Syntax
show crypto ipsec sa map MAP_NAME MAP_NAME The name that identifies the crypto map set

Command mode
Exec mode

Usage
If no keyword is used, all security associations are displayed.

show crypto ipsec transform-set

Use this command to view all the configured transform sets, or a specific transform set, in Exec mode.

Command Syntax
show crypto ipsec transform-set (NAME) NAME transform set name

Command mode
Exec mode

show crypto isakmp policy

Use this command to view the parameters for each IKE policy in Exec mode.

Command Syntax
show crypto isakmp policy

Command mode
Exec mode

2001-2007 IP Infusion Inc. Confidential

321

Interpeak Security Commands

show crypto isakmp sa

Use this command to view all current IKE security associations (SAs) at a peer in Exec mode.

Command Syntax
show crypto isakmp sa

Command mode
Exec mode

show crypto map

Use this command to view the crypto map configuration in Exec mode.

Command Syntax
show crypto-map interface IFNAME IFNAME interface name

Command mode
Exec mode

322

2001-2007 IP Infusion Inc. Confidential

CHAPTER 18

QoS Commands

This chapter contains QoS commands in alphabetical order. These commands are available only if ZebOS is compiled with the --enable-qos configuration option.

class
Use this command to define a traffic classification. Use the no parameter with this command to delete an existing class-map.

Command Syntax
(no) class NAME NAME name of the class map.

Command Mode
Policy Map mode

Example
The following example shows creating a policy map, and defining the traffic classification.

ZebOS# configure terminal ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)# class cmap1

Related Commands
class-map, policy-map

class-map
Use this command to create a class map. Use the no parameter with this command to delete an existing class-map.

Command Syntax
(no) class-map NAME NAME name of the class map.

Command Mode
Configure mode

Example
The following example shows creating a class map.

ZebOS# configure terminal ZebOS(config)# class-map cmap1

Related Commands
class, policy-map, show class-map

2001-2007 IP Infusion Inc. Confidential

323

QoS Commands

ip-access-list
Use this command to create an IP access-control list (ACL) based on the source address, or create an IP extended ACL based on the source and destination address. Use the no parameter with this command to delete an IP, or IP extended ACL.

Command Syntax
The following syntax creates an IP ACL based on the source address: (no) ip-access-list ACCESS-LIST NUMBER deny|permit SOURCE (SOURCE WILDCARD) ACCESS-LIST NUMBER <1-99> range for IP standard ACL <1300-1999> expanded range for IP standard ACL deny = deny certain traffic if conditions matched permit = permit certain traffic if conditions matched SOURCE = originating network or host sending packet. If the mask is set to 255.255.255.255, the specified source address is ignored, and can be replaced by the word, any. For example, ip-access-list 10 permit 0.0.0.0 255.255.255.255 and ip-access-list 10 permit 33.44.11.34 255.255.255.255 can be replaced by ip-access-list 10 permit any. SOURCE WILDCARD = optional. Wildcard bits in dotted decimal notation to apply to the source. Ones go in bit positions to ignore. The following syntax creates an IP extended ACL based on the source and destination address: (no) ip-access-list ACCESS-LIST NUMBER deny|permit ip SOURCE (SOURCE WILDCARD) DESTINATION (DESTINATION WILDCARD) ACCESS-LIST NUMBER <100-199> range for IP extended ACL <2000-2699> expanded range for IP extended ACL deny = deny certain traffic if conditions matched permit = permit certain traffic if conditions matched SOURCE = originating network or host sending packet. Can be A.B.C.D, host, or any. The host keyword can be used for host IP addresses (where the mask is 0.0.0.0). For example, ip-access-list 10 permit 2.2.2.2 0.0.0.0 can be replaced by ip-access-list 4 permit host 2.2.2.2. SOURCE WILDCARD = optional. Wildcard bits in dotted decimal notation to apply to the source. Ones go in bit positions to ignore. DESTINATION = destination IP address. Can be A.B.C.D, host, or any. DESTINATION WILDCARD = optional. Wildcard bits in dotted decimal notation to apply to the destination. Ones go in bit positions to ignore.

Command Mode
Configure mode

Example
The following example shows allowing access only for hosts on three specified networks. Wildcard bits correspond to the network address host portions. If a host has a source address that does not match the access list statements, it is rejected.

ZebOS# configure terminal ZebOS(config)# ip-access-list 1 permit 192.5.255.0 0.0.0.255 ZebOS(config)# ip-access-list 1 permit 128.88.0.0 0.0.255.255 ZebOS(config)# ip-access-list 1 permit 36.0.0.0 0.0.0.255

324

2001-2007 IP Infusion Inc. Confidential

QoS Commands

mac-access-list
Use this command to create a MAC ACL. Use the no parameter with this command to delete a MAC ACL.

Command Syntax
(no) mac-access-list <2000-2699> deny|permit SRC_MAC MASK DEST_MAC MASK <1-8> <2000-2699> range for MAC ACL deny = deny certain traffic if conditions matched permit = permit certain traffic if conditions matched SRC_MAC = source MAC address; in HHHH.HHHH.HHHH format. DEST_MAC = destination MAC address; in HHHH.HHHH.HHHH format. MASK = specify which part of the MAC address will be ignored. In hexadecimal format. Note: any = can replace either the SRC_MAC MASK pair or the corresponding DEST_MAC MASK pair, but not both pairs.

<1-8> = specify packet format. For example, 1 for Ethernet II, 2 for 802.3, 8 for LLC.

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# mac-access-list 2002 permit 2222.2222.2222 8 any 2

match access-group
Use this command to define match criterion for a class map.

Command Syntax
match access-group NAME NAME number of name of the ACL

Command Mode
Class Map mode

Example
The following example shows configuring a class map named cmap1 with 1 match criterion: access list 103, which allows traffic from any source to any destination.

ZebOS# configure terminal ZebOS(config)# ip-access-list 103 permit any any ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match access-group 103

Related Commands
class-map

2001-2007 IP Infusion Inc. Confidential

325

QoS Commands

match ip-dscp
Use this command to define the list to match against incoming packets.

Command Syntax
match ip-dscp LIST LIST list to match against incoming packets. Up to 8 IP DSCP values separated by a space. Range is 063.

Command Mode
Class Map mode

Usage
Use the match ip-dscp command to define the match criterion after creating a class map.

Example
The following example shows configuring a class map named cmap1 with criterion that matches IP DSCP 56.

ZebOS# configure terminal ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match ip-dscp 56

Related Commands
class-map, match vlan-range

match ip-precedence
Use this command to identify IP precedence values as match criteria. Use the no parameter with this command to remove IP precedence values from a class map.

Command Syntax
(no) match ip-precedence VALUE VALUE <0-7> Specifies the exact value from 0 to 7 used to identify a precedence value. Can be up to 8 precedence values.

Command Mode
Class Map mode

Example
The following example shows configuring a class-map named cmap1 to evaluate all IPv4 packets for a precedence value of 5.

ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match ip-precedence 5 6 4 3

match layer4
Use this command to identify UDP or TCP ports as the match criteria. Use the no parameter with this command to remove the match criteria.

326

2001-2007 IP Infusion Inc. Confidential

QoS Commands

Command Syntax
(no) match layer4 source-port|destination-port <1-65535> source-port source UDP or TCP port. Range is 1-655535. destination-port destination UDP or TCP port. Range is 1-655535.

Command Mode
Class Map mode

Example ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match layer4 source-port 20

match mpls exp-bit topmost

Use this command to define the match criterion of the MPLS experimental bit value in the topmost label for a class map. Use the no parameter with this command to remove this criterion from a class map.

Command Syntax
(no) match mpls exp-bit topmost <0-7> <0-7> experimental value. Can be up to 8 values

Command Mode
Class Map mode

Example
The following example shows configuring a class-map named cmap1 with criterion that matches MPLS experimental bit, 0 1 2 3 4 5 6 7.

ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match mpls exp-bit topmost 0 1 2 3 4 5 6 7

match vlan
Use this command to define the VLAN ID used as match criteria to classify a traffic class. Use the no parameter with this command to disable the VLAN ID used as match criteria.

Command Syntax
(no) match vlan <1-4094>

Command Mode
Class Map mode

Example
The following example shows configuring a class-map named cmap1 to include traffic from VLAN 3.

ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match vlan 3

2001-2007 IP Infusion Inc. Confidential

327

QoS Commands

match vlan-range
Use this command to specify the range of VLANs for classifying traffic on a per-port-per-VLAN basis.

Command Syntax
match vlan-range <1-4094> to <1-4094>

Command Mode
Class Map mode

Usage
Use the match vlan-range command to specify the range of VLANs after defining the match criterion, and creating a class map when classifying traffic on a per-port-per-VLAN basis.

Example
The following example shows configuring a class map named cmap1 with criterion that matches IP DSCP 56, with a VLAN range of 20 to 30.

ZebOS# configure terminal ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match ip-dscp 56 ZebOS(config-cmap)# match vlan-range 20 to 30

Related Commands
class-map, match ip-dscp

mls qos
Use this command to globally enable QoS, and define queueing. Use the no parameter with this command to globally disable QoS.

Command Syntax
(no) mls qos QUEUE_WEIGHT COS_VALUE QUEUE_WEIGHT weight of each of the 8 egress queues; range is 0-10 COS_VALUE CoS values mapped to each of the 8 egress queues; range is 0-7 Note: The following describes a stub command used in non-standard configurations. In this case, this command is used to globally enable or disable QoS without defining queueing. (no) mls qos

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# mls QoS 1 0 2 1 3 2 4 3 5 4 6 5 7 6 0 7

328

2001-2007 IP Infusion Inc. Confidential

QoS Commands

mls qos aggregate-police

Use this command to specify policer parameters to apply to multiple traffic classes in the same policy map. Use the no parameter with this command to delete an aggregate policer, along with its parameters.

Command Syntax
(no) mls qos aggregate-police NAME RATE BURST exceed-action drop NAME name of the aggregate policer. RATE average traffic rate in bits per second (bps). Range is 1-1000000. BURST normal burst size in bytes. Range is 1-20000. exceed-action drop specify dropping the packet when rates are exceeded.

Command Mode
Configure mode

Example
The following example shows specifying policer parameters with a traffic rate of 48000 bps and a burst size of 8000 bps.

ZebOS# configure terminal ZebOS(config)# mls qos aggregate-police transmit1 48000 8000 exceed-action drop

Related Commands
police-aggregate, show mls qos aggregate policer

mls qos dscp-cos

Use this command to apply a DSCP-to-CoS map to a specified interface. Use the no parameter with this command to remove a DSCP-to-CoS map from an interface.

Command Syntax
(no) mls qos dscp-cos NAME NAME DSCP-to-CoS map created using the mls qos map dscp-cos command.

Command Mode
Interface mode

Usage
Use the mls qos map dscp-cos command to create a DSCP-to-CoS map, then use the mls qos dscp-cos command to apply the map to an interface.

Example ZebOS# configure terminal ZebOS(config)# mls qos map dscp-cos dc1 0 8 16 24 32 40 48 50 to 0 ZebOS(config)# interface fe0 ZebOS(config-if)# mls qos dscp-cos dc1

2001-2007 IP Infusion Inc. Confidential

329

QoS Commands

Related Commands
mls qos map dscp-cos

mls qos dscp-mutation

Use this command to specify the name of a DSCP-to-DSCP mutation map to apply to an interface. Use the no parameter with this command to delete a DSCP-to-DSCP mutation map.

Command Syntax
(no) mls qos dscp-mutation DSCP_MUTATION_NAME DSCP_MUTATION_NAME DSCP mutation map name

Command Mode
Interface mode

Usage
Use the mls qos dscp-mutation command to apply a DSCP-to-DSCP mutation map specified in the mls qos map dscp-mutation command to an ingress DSCP port.

Example ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# mls qos dscp-mutation mutation1 Related Commands
mls qos map dscp-mutation, show mls qos maps dscp-mutation

mls qos map dscp-cos

Use this command to create a DSCP-to-CoS map. Use the no parameter with this command to remove a configured DSCP-to-CoS mapping table.

Command Syntax
(no) mls qos map dscp-cos DSCP_COS_MAP_NAME LIST to VALUE DSCP_COS_MAP_NAME name of DSCP-to-CoS mapping table. LIST up to 8 DSCP values, each separated by a space. Range is 0-63. VALUE CoS value: DSCP values correspond to this value. Range is 0-7.

Command Mode
Configure mode

Example
The following example shows mapping DSCP values 0, 8, 16, 24, 32, 40, 48, and 50 to CoS value 0.

ZebOS# configure terminal ZebOS(config)# mls qos map dscp-cos dc1 0 8 16 24 32 40 48 50 to 0

330

2001-2007 IP Infusion Inc. Confidential

QoS Commands

Related Commands
mls qos dscp-cos, show mls qos maps dscp-cos

mls qos map dscp-mutation

Use this command to modify the DSCP-to-DSCP mutation map. Use the no parameter with this command to return to the default map.

Command Syntax
(no) mls qos map dscp-mutation MUTATION_MAP_NAME IN_DSCP to OUT_DSCP MUTATION_MAP_NAME DSCP mutation map name IN_DSCP 8 DSCP values separated by spaces; range is 0-63 OUT_DSCP single DSCP value; range is 0-63

Command Mode
Configure mode

Example
The following example shows defining a DSCP-to-DSCP mutation map.

ZebOS# configure terminal ZebOS(config)# mls qos map dscp-mutation mutation1 ZebOS(config)# mls qos map dscp-mutation mutation1 ZebOS(config)# mls qos map dscp-mutation mutation1 ZebOS(config)# mls qos map dscp-mutation mutation1 ZebOS(config)# interface fe0 ZebOS(config-if)# mls qos dscp-mutation mutation1

1 2 3 4 5 6 7 to 0 8 9 10 11 12 13 to 10 20 21 22 to 20 30 31 32 33 34 to 30

Related Commands
show mls qos maps dscp-mutation

mls qos min-reserve

Use this command to specify the minimum reserve-level and buffer size on all Ethernet ports. Use the no parameter with this command to return to the default minimum reserve buffer size.

Command Syntax
(no) mls qos min-reserve <1-8> <10-170> <1-8> minimum-reserve level <10-170> minimum-reserve buffer size, in packets

Command Mode
Configure mode

Default
The buffer size for all minimum-reserve levels is 0 packets.

2001-2007 IP Infusion Inc. Confidential

331

QoS Commands

Example
The following example shows configuring minimum-reserve level 4 to 21 packets.

ZebOS# configure terminal ZebOS(config)# mls qos min-reserve 4 21

The following example shows configuring minimum-reserve level 4 to 21 packets, and assigning minimum-reserve level 4 to egress queue 2 on interface, fe1.

ZebOS# configure terminal ZebOS(config)# mls qos min-reserve 4 21 ZebOS(config)# interface fe1 ZebOS(config-if)# wrr-queue min-reserve 2 4

Related Commands
wrr-queue min-reserve

police
Use this command to specify a policer. Use the no parameter with this command to remove an existing policer.

Command Syntax
(no) police RATE BURST exceed-action drop RATE average traffic rate in bps. Range is 1-1000000. BURST normal burst size in bytes. Range is 1-20000. exceed-action drop specify dropping the packet when rates are exceeded.

Command Mode
Class mode

Example ZebOS# configure terminal ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)# class cmap1 ZebOS(config-pmap-c)# police 48000 8000 exceed-action drop Related Commands
class, policy map, show policy-map

police-aggregate
Use this command to apply an aggregate policer to multiple classes in the same policy map. Use the no parameter with this command to delete an aggregate policer from a policy map.

Command Syntax
(no) police-aggregate NAME NAME aggregate-policer name

Command Mode
Class mode

332

2001-2007 IP Infusion Inc. Confidential

QoS Commands

Usage
Use the police-aggregate command to apply the aggregate policer named in the mls qos aggregate-police command to multiple classes in the same policy map.

Example
The following example shows creating an aggregate policer, and attaching it to multiple classes within a policy map. In this example, the IP ACLs allow traffic from network 10.1.0.0 and host 11.3.1.1. The traffic rate from network 10.1.0.0 and host 11.3.1.1 is policed. If the traffic exceeds a 48000-bps average traffic rate and a 8000-byte normal burst size, it is considered out of profile, and is dropped. The policy map is attached to an ingress interface.

ZebOS# configure terminal ZebOS(config)# ip-access-list 1 permit 10.1.0.0 0.0.255.255 ZebOS(config)# ip-access-list 2 permit 11.3.1.1 ZebOS(config)# mls qos aggregate-police transmit1 48000 8000 exceed-action drop ZebOS(config)# class-map cmap1 ZebOS(config-cmap)# match access-group 1 ZebOS(config-cmap)# exit ZebOS(config)# class-map map cmap2 ZebOS(config-cmap)# match access-group 2 ZebOS(config-cmap)# exit ZebOS(config)# policy-map aggflow1 ZebOS(config-pmap)# class cmap1 ZebOS(config-pmap-c)# police-aggregate transmit1 ZebOS(config-pmap-c)# exit ZebOS(config-pmap)# class cmap2 ZebOS(config-pmap-c)# set ip-dscp 56 ZebOS(config-pmap-c)# police-aggregate transmit1 ZebOS(config-pmap-c)# exit ZebOS(config-pmap)# exit ZebOS(config)# interface fe0 ZebOS(config-if)# service-policy input aggflow1

Related Commands
class, policy map, mls qos aggregate-police

policy-map
Use this command to create a policy map. Use the no parameter with this command to delete an existing policy map.

Command Syntax
(no) policy-map NAME NAME name of the policy map

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# policy-map pmap1

2001-2007 IP Infusion Inc. Confidential

333

QoS Commands

Related Commands
class, class-map, police, show policy-map

service-policy input
Use this command to apply a policy map to the input of an interface. Use the no parameter with this command to remove a policy map and interface association.

Command Syntax
(no) service-policy input INPUT NAME INPUT NAME policy map name

Command Mode
Interface mode

Example ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# service-policy input pmap1 Related Commands
policy-map

set cos
Use this command to set a CoS value to assign to classified traffic, or enable copying of priority bit (pbit) from the inner VLAN to the outer VLAN, based on policy. Use the no parameter with this command to remove a CoS value, or disable pbit copying.

Command Syntax
(no) set cos COS_VALUE|cos-inner COS_VALUE CoS value to assign to classified traffic. Range is 0-7. cos-inner copy pbit from the inner VLAN to the outer VLAN, based on policy.

Command Mode
Class mode

Example ZebOS# configure terminal ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)# class cmap1 ZebOS(config-pmap-c)# set cos 2 Related Commands
class, policy-map, set ip-dscp, set ip-precedence

334

2001-2007 IP Infusion Inc. Confidential

QoS Commands

set ip-dscp
Use this command to set a DSCP value to assign to classified traffic. Use the no parameter with this command to remove a DSCP value.

Command Syntax
(no) set ip-dscp <0-63>

Command Mode
Class mode

Example ZebOS# configure terminal ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)# class cmap1 ZebOS(config-pmap-c)# set ip-dscp 40 Related Commands
class, policy-map, set cos, set ip-precedence

set ip-precedence
Use this command to set an IP-precedence value to assign to classified traffic. Use the no parameter with this command to remove an IP-precedence value.

Command Syntax
(no) set cos ip-precedence <0-7>

Command Mode
Class mode

Example ZebOS# configure terminal ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)# class cmap1 ZebOS(config-pmap-c)# set ip-precedence 2 Related Commands
class, policy-map, set ip cos, set ip dscp

set mpls exp-bit topmost

Use this command to set the MPLS experimental-bit value in the topmost label for a policy map. Use the no parameter with this command to remove this setting from a policy map.

Command Syntax
(no) set mpls exp-bit topmost <0-7> <0-7> experimental value.

2001-2007 IP Infusion Inc. Confidential

335

QoS Commands

Command Mode
Policy Map Class mode

Usage
Set a new MPLS experimental-bit value in a packet to classify MPLS traffic.

Example
The following example shows configuring a policy map named pmap1 for class map cmap 1, and setting the MPLS experimental-bit value to 7 in a packet.

ZebOS(config)# policy-map pmap1 ZebOS(config-pmap)#class cmap1 ZebOS(config-pmap-c)#set mpls exp-bit topmost 7

show class-map
Use this command to display the QoS class maps to define the match criteria to classify traffic.

Command Syntax
show class-map NAME NAME name of the class map.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS# show class-map cmap1

CLASS-MAP-NAME: cmap1 Set IP DSCP: 56 Match IP DSCP: 7

Related Commands
class-map

show mls qos aggregator-policer

Use this command to display the aggregate policer configuration.

Command Syntax
show mls qos aggregator-policer NAME NAME name of the aggregate policer.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show mls qos aggregator-policer agp1

AGGREGATOR-POLICER-NAME: agp1

336

2001-2007 IP Infusion Inc. Confidential

QoS Commands

Police:

Average rate(1 kbps), burst size(1 bytes)

Exceed-action drop

Related Commands
mls qos aggregate-police

show mls qos interface

Use this command to display queueing and scheduling information for an interface.

Command Syntax
show mls qos interface IFNAME IFNAME interface name.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show mls qos interface fe0 Schedule mode: weighted round-robin The number of egress queue: 8 Weights (priority): 0(1), 0(1), 0(1), 0(1), 0(1), 0(1), 0(1), 0(1)

show mls qos maps dscp-cos

Use this command to display DSCP-to-CoS mapping information.

Command Syntax
show mls qos maps dscp-cos NAME NAME name of the DSCP-to-CoS map.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show mls qos maps dscp-cos dc1

DSCP-TO-COS-MAP: dc1 d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------0 : 4 4 4 4 4 4 4 4 1 1 1 : 1 1 1 1 1 1 2 2 2 2 2 : 2 2 2 2 3 3 3 3 3 3 3 : 3 3 4 4 4 4 4 4 4 4 4 : 5 5 5 5 5 5 5 5 6 6 5 : 6 6 6 6 6 6 7 7 7 7 6 : 7 7 7 7

Related Commands
mls qos map dscp-cos

2001-2007 IP Infusion Inc. Confidential

337

QoS Commands

show mls qos maps dscp-mutation

Use this command to display DSCP-to-DSCP mutation mapping information.

Command Syntax
show mls qos maps dscp-mutation NAME NAME name of the DSCP-to-DSCP mutation map.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show mls qos maps dscp-mutation dm1

DSCP-TO-DSCP-MUTATION-MAP: dm1 d1 : d2 0 1 2 3 4 5 6 7 8 9 ------------------------------------------------0 : 0 1 2 3 4 5 6 7 8 9 1 : 4 4 4 4 4 4 4 17 18 19 2 : 20 21 22 23 24 25 26 27 28 29 3 : 30 31 32 33 34 35 36 37 38 39 4 : 40 41 42 43 44 45 46 47 48 49 5 : 50 51 52 53 54 55 56 57 58 59 6 : 60 61 62 63

Related Commands
mls qos map dscp-mutation

show policy-map
Use this command to display QoS policy map information.

Command Syntax
show policy-map NAME NAME name of the policy map.

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show policy-map mapa class pmap1

POLICY-MAP-NAME: pmap1 State: detached CLASS-MAP-NAME: cmap1 Set IP DSCP: 56 Match IP DSCP: 7

338

2001-2007 IP Infusion Inc. Confidential

QoS Commands

Related Commands
policy-map

show qos-access-list
Use this command to display IP and MAC ACLs.

Command Syntax
show qos-access-list ACCESS-LIST NUMBER|WORD NUMBER access-list number <1-99> range for IP standard ACL <100-199> range for IP extended ACL <1300-1999> expanded range for IP standard ACL <2000-2699> expanded range for IP extended ACL WORD access-list name

Command Mode
Exec mode and Privileged Exec mode

Example ZebOS#show qos-access-list 1 Standard IP-QOS-ACCESS-LIST: 1 permit 11.11.11.50 Related Commands

ip-access-list, mac-access list

wrr-queue bandwidth
Use this command to specify the bandwidth ratios of the transmit queues. Use the no parameter with this command to return to the default bandwidth.

Command Syntax
wrr-queue bandwidth WRR_WTS (no) wrr-queue bandwidth WRR_WTS Weighted Round Robin (WRR) weights for the 8 queues (8 values separated by spaces). Range is 1-65535.

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue bandwidth 100 300 400 200 600 800 700 1000

2001-2007 IP Infusion Inc. Confidential

339

QoS Commands

Related Commands
wrr-queue queue-limit

wrr-queue cos-map
Use this command to specify CoS values for a queue. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue cos-map QUEUE_ID COS_VALUE (no) wrr-queue cos-map QUEUE_ID Queue ID. Range is 0-7. COS_VALUE CoS values. Up to 8 values (separated by spaces). Range is 0-7.

Command Mode
Configure mode

Usage
A maximum of 8 CoS values can be used to create the CoS map.

Example
The following example shows mapping CoS values 0 and 1 to queue 1.

ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue cos-map 1 0 1

wrr-queue dscp-map
Use this command to map the DSCP values to the Weighted Random Early Detection (WRED) thresholds of an egress queue. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue dscp-map THRESHOLD_ID DSCP_VALS (no) wrr-queue dscp-map THRESHOLD_ID THRESHOLD_ID Queue threshold ID. Range is 1-2. DSCP_VALS DSCP values mapped to a threshold ID; each value separated by 1 space. Range is 0-63. A maximum of 8 DSCP values can be entered per command.

Command Mode
Configure mode

Example
The following example shows mapping DSCP values 0 to 9 to threshold 1, and DSCP values 10 to 14 to threshold 2.

ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue dscp-map 1 0 1 2 3 4 5 6 7

340

2001-2007 IP Infusion Inc. Confidential

QoS Commands

ZebOS(config-if)# wrr-queue dscp-map 1 8 9 ZebOS(config-if)# wrr-queue dscp-map 2 10 11 12 13 14

Related Commands
show mls qos interface, wrr-queue cos-map, wrr-queue threshold

wrr-queue min-reserve
Use this command to configure the buffer size of the minimum-reserve level for a specific queue. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue min-reserve QUEUE_ID MINRES_LVL (no) wrr-queue min-reserve QUEUE_ID QUEUE_ID Queue ID. Range is 0-7. MINRES_LVL Minimum reserve level. Range is 1-8.

Command Mode
Configure mode

Example
The following example shows assigning a minimum reserve level of 5 to egress queue 1 on fe0.

ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue min-reserve 1 5

Related Commands
show mls qos interface

wrr-queue queue-limit
Use this command to configure the egress queue size ratios. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue queue-limit QUEUE_WTS (no) wrr-queue queue-limit QUEUE_WTS Queue weight ratio for up to 8 queues. Range is 1-100.

Command Mode
Configure mode

Usage
Ratio should total 100 percent.

2001-2007 IP Infusion Inc. Confidential

341

QoS Commands

Example
The following example shows configuring a 75:25 ratio for queues 1 and 2, respectively.

ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue queue-limit 75 25

Related Commands
wrr-queue bandwidth

wrr-queue random-detect max-threshold

Use this command to configure the WRED drop threshold percentages for an egress queue. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue random-detect max-threshold QUEUE_ID THRESHOLD_WT1 THRESHOLD_WT2 (no) wrr-queue random-detect max-threshold QUEUE_ID QUEUE_ID Queue ID. Range is 0-7. THRESHOLD_WT1 Low WRED value. Threshold weight in percent. Range is 1-100. THRESHOLD_WT2 High WRED value. Threshold weight in percent. Range is 1-100.

Command Mode
Configure mode

Usage
WRED values are a percentage of queue capacity.

Example
The following example shows configuring threshold percentage weights of 60 and 100 on queue 1.

ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue random-detect max-threshold 1 60 100

Related Commands
wrr-queue random-detect max-threshold, wrr-queue queue-limit

wrr-queue threshold
Use this command to configure the tail-drop threshold percentages for a queue. Use the no parameter with this command to return to the default setting.

Command Syntax
wrr-queue threshold QUEUE_ID THRESHOLD_WT1 THRESHOLD_WT2 (no) wrr-queue threshold QUEUE_ID QUEUE_ID Queue ID. Range is 0-7. THRESHOLD_WT1 Number of weights in percent for threshold 1. Range is 1-100.

342

2001-2007 IP Infusion Inc. Confidential

QoS Commands THRESHOLD_WT2 Number of weights in percent for threshold 2. Range is 1-100.

Command Mode
Configure mode

Example ZebOS# configure terminal ZebOS(config)# interface fe0 ZebOS(config-if)# wrr-queue threshold 1 60 100 Related Commands
wrr-queue queue-limit

2001-2007 IP Infusion Inc. Confidential

343

QoS Commands

344

2001-2007 IP Infusion Inc. Confidential

CHAPTER 19

NSM Firewall Commands

This chapter contains all NSM Firewall-related commands in alphabetical order.

access-list ipv6
Use this command to specify the ZebOS IPv6 extended access-list to be used for the rules for the specified firewall group. Use the no form of this command to disassociate the IPv6 access list from the group.

Command Syntax
(no) access-list ipv6 NAME NAME ZebOS IPv6 extended access-list name

Command Mode
Firewall mode

Usage
See access-list.

access-list
Use this command to specify the ZebOS extended access-list to be used for the rules for the specified firewall group. Use the no form of this command to disassociate the access list from the group.

Command Syntax
(no) access-list NAME NAME ZebOS extended access-list name

Command Mode
Firewall mode

Usage
The rules in the specified access-list are used by the firewall module to configure the firewall rules at the kernel level. If a group is already applied to an interface, or applied globally, associating another access-list to the group adds the new access-list rules to the existing group, and in turn, directly updates the kernel rules. Disassociating an access list from a configured group results in deletion of the access-list rules from the kernel.

Example ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#access-list AT

2001-2007 IP Infusion Inc. Confidential

345

NSM Firewall Commands

firewall group
Use this command to specify a firewall group, and enter Firewall mode. Use the no form of this command to negate a firewall group.

Command Syntax
(no) firewall group <1-30> <1-30> Group number.

Command Mode
Configure mode

Usage
This command can be used to enter Firewall mode to configure, or reconfigure, parameters of a firewall group. To configure a firewall group, use this command to create a firewall group with the specified number, then use the access-list command to specify the list containing the rules. The no keyword negates the group (deletes the rule if the rule is not already applied). To negate a group if the rules are already applied, use the no access-list command to negate the rules, then use the no firewall group command to negate the group.

Example
The following example shows specifying a firewall group.

ZebOS#configure terminal ZebOS(config)#firewall group 1

The following example shows configuring incoming traffic on firewall group 1, globally, to use the rule list, AT.

ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#access-list AT ZebOS(config-ipfirewall)#exit ZebOS(config)#firewall enable group 1 in

The following example shows deleting firewall group 1, globally, with rules already applied.

ZebOS#configure terminal ZebOS(config)#firewall group 1 ZebOS(config-ipfirewall)#no access-list AT ZebOS(config-ipfirewall)#exit ZebOS(config)#no firewall group 1 ZebOS(config)#firewall disable group 1

346

2001-2007 IP Infusion Inc. Confidential

NSM Firewall Commands

firewall group in|out

Use this command to apply the rules of a group to a particular interface. Use the no form of this command to negate a firewall group on a particular interface.

Command Syntax
(no) firewall group <1-30> in|out <1-30> Group number. in Incoming traffic. out Outgoing traffic.

Command Mode
Interface mode

Usage
Use this command to apply the group rules on a particular interface. The in and out keywords specify whether to apply the rules on incoming or outgoing traffic.

Example ZebOS#configure terminal ZebOS(config)#interface eth0 ZebOS(config-if)#firewall group 1 in

show firewall rule

Use this command to display all firewall rules configured at the kernel level.

Command Syntax
show firewall rule

Command Mode
Exec mode

Example ZebOS#show firewall rule AF_INET @1 pass in log on eth0 proto icmp from 2.2.2.2/24 to 4.4.4.4/24 icmp_type 13group 1

2001-2007 IP Infusion Inc. Confidential

347

NSM Firewall Commands

348

2001-2007 IP Infusion Inc. Confidential

CHAPTER 20

NSM Broadcom Stacking Commands

This chapter contains all Broadcom Stacking-related commands in alphabetical order. Note: All show commands in this chapter work properly only when stacking is enabled in the SDK.

show stacking db
Use this command to display the CPU key (MAC address) of each CPU in the hardware stack.

Command Syntax
show stacking db (all)

Command Mode
Exec mode

Default
None

Example ZebOS# show stacking db -------------------------------------------STACKING DATABASE -------------------------------------------Total Number of CPU's = 2 MAC ADDRESSES (KEY) 12:34:23:45:34:56 ab:34:23:45:34:56 Related Commands
show stacking db

show stacking dump db

Use this command to display detailed information about each CPU in the hardware stack.

Command Syntax
show stacking dump db

Command Mode
Exec mode

Default
None

2001-2007 IP Infusion Inc. Confidential

349

NSM Broadcom Stacking Commands

Example ZebOS# show stacking dump db -------------------------------------------DETAILED STACKING DATABASE -------------------------------------------Total Number of CPU's = 1 Master CPU : 12:34:23:45:34:56 Local CPU : 12:34:23:45:34:56 MASTER: Total number of ports = 53 LOCAL : Total number of ports = 53 SYSTEM[1] KEY: 12:34:23:45:34:56 Num of units: 1 Master Pri: 0 StackPort[1]-> Unit: 0 Port: 23 Weight: 10000 Flags: 0 Info: Related Commands
show stacking db

show stacking local

Use this command to display the MAC address (CPU key) of the local CPU.

Command Syntax
show stacking local

Command Mode
Exec mode

Default
None

Example ZebOS# show stacking local Local CPU : 12:34:23:45:34:56 Related Commands
show stacking master

show stacking master

Use this command to display the MAC address (CPU key) of the master CPU.

Command Syntax
show stacking master

Command Mode
Exec mode

350

2001-2007 IP Infusion Inc. Confidential

NSM Broadcom Stacking Commands

Default
None

Example ZebOS# show stacking master Local CPU : 12:34:23:45:34:56 Related Commands
show stacking local, stacking masterdev

show stacking numCPU

Use this command to display the number of CPUs in the hardware stack.

Command Syntax
show stacking numCPU

Command Mode
Exec mode

Default
None

Example ZebOS# show stacking numCPU Number of CPU entries in the system 1 Related Commands
stacking masterdev, show stacking local, show stacking master

stacking masterdev
Use this command to set the MAC address of the master device in the stacking system.

Command Syntax
stacking masterdev MAC_ADDRESS MAC_ADDRESS MAC (hardware) address of the CPU in HHHH.HHHH.HHHH format

Command Mode
Configure mode

Default
None

Example ZebOS# stacking masterdev 1234.2345.3456 CPU has been made the master CPU

2001-2007 IP Infusion Inc. Confidential

351

NSM Broadcom Stacking Commands

Related Commands
show stacking local, show stacking master

352

2001-2007 IP Infusion Inc. Confidential

Index

Symbols
(), meaning in command syntax notation 4 , meaning in command syntax notation 4 , meaning in command syntax notation 4 ?, meaning in command syntax notation 4 |, meaning in command syntax notation 4

A
abbreviated commands 2 about this command reference 1 access-class 13, 28 access-list 13, 28, 345 extended 14 standard 15 access-list ipv6 345 access-list zebos 16 add a vrf entry 119 admin-group 77 advanced-vty service 47 Angle brackets 4 ANSI/ETSI PDH 136 Arbitrary SONET/SDH 139 arp A.B.C.D MAC 77 authentication 318

switchport 214 bridge group 207 bridge protocol ieee 207 bridge protocol ieee vlan-bridge 208 bridge protocol mstp 208 bridge protocol provider-mstp 273 bridge protocol provider-rstp 274 bridge protocol rstp 208 bridge protocol rstp vlan-bridge 209 Broadcom Stacking Commands show stacking db 349 show stacking dump db 349 show stacking local 350 show stacking master 350 show stacking numCPU 351 stacking masterdev 351

C
ce-vlan preserve-cos 284 channel-group mode 287 class 323 class command mode 11 class map command mode 11 class-map 323 clear crypto isakmp 307 clear crypto sa 307 clear crypto sa entry 308 clear crypto sa map 308 clear crypto sa peer 308 clear gmrp statistics 231 clear gvrp statistics 240 clear ip igmp 141 clear ip igmp groups 141 clear ip igmp interface 142 clear ip mroute 177 clear ip mroute statistics 177 clear ip prefix-list 18 clear ip route kernel 78 clear ipv6 mld 159 clear ipv6 mld groups 159 clear ipv6 mld interface 160 clear ipv6 mroute 178 clear ipv6 mroute statistics 178 clear ipv6 neighbors 79 clear mac address-table 209 clear mac address-table bridge 210 clear mac address-table dynamic 211 clear mac address-table dynamic bridge 211 clear mmrp statistics 246 clear mmrp statistics vlanid 247 clear mvrp interface statistics 261 clear mvrp statistics all 261

B
bandwidth 78 bandwidth-constraint 197 banner 17 bc-mode 197 bridge acquire 205 bridge address 206 bridge ageing-time 206 Bridge commands bridge acquire 205 bridge address 206 bridge ageing-time 206 bridge group 207 bridge protocol ieee 207 bridge protocol ieee vlan-bridge 208 bridge protocol mstp 208 bridge protocol rstp 208 bridge protocol rstp vlan-bridge 209 clear mac address-table 209 clear mac address-table bridge 210 clear mac address-table dynamic 211 clear mac address-table dynamic bridge 211 mac-address-table static 212 show bridge 212 show interfaces switchport bridge 213

2001-2007 IP Infusion Inc. Confidential

Index - 1

Index

clear mvrp statistics bridge 262 command abbreviation 2 command abbreviations 2 command line errors 3 command line help 1 command line interface online help access 1 syntax 2 Command Modes class 11 class map 11 illustration QoS modes 11 policy map 11 command modes definitions 10 command negation 6 command nodes see command modes 10 commands common to multiple protocols 13 Commands Common to Protocols access-class 13 access-list 13 access-list extended 14 access-list standard 15 access-list zebos 16 banner 17 clear ip prefix-list 18 configure terminal 18 copy running-config startup-config 18 description 19 disable 19 enable 20 enable password 20 end 22 exec-timeout 22 exit 23 help 23 hostname 24 ip prefix-list 24 ip remote-address 25 ip unnumbered 26 ipv6 access-class 28 ipv6 access-list 28 ipv6 access-list zebos 29 ipv6 prefix-list 30 ipv6 unnumbered 31 line vty 33 log file 33 log record-priority 34 log stdout 34 log syslog 35 log trap 35 login 36 match as-path 37 match community 37 match interface 38 match ip address 39 match ip address prefix-list 39 match ip next-hop 40

match ip next-hop prefix-list 41 match ipv6 address 41 match ipv6 address prefix-list 42 match ipv6 next-hop 43 match metric 43 match origin 44 match route-type 45 match tag 45 password 46 route-map 46 service advanced-vty 47 service password-encryption 48 service terminal-length 48 set aggregator 49 set as-path 49 set atomic-aggregate 50 set comm-list delete 51 set community 51 set dampening 52 set extcommunity 53 set ip next-hop 54 set ipv6 next-hop 54 set level 55 set metric 55 set metric-type 56 set origin 57 set originator-id 57 set tag 58 set vpnv4 next-hop 58 set weight 59 show access-list 60 show cli 60 show history 61 show ip prefix-list 62 show list 62 show memory all 63 show memory free 65 show memory lib 66 show memory summary 68 show route-map 69 show running-config 69 show startup-config 71 show version 72 terminal length 73 terminal monitor 73 who 73 write file 74 write memory 74 write terminal 74 common commands 13 Common NSM Layer-2 commands flowcontrol off 201 flowcontrol on 201 mirror interface 202 show flowcontrol interface 202 show mirror 203 show mirror interface 203 show storm-control 204 show storm-control broadcast interface 204

Index - 2

2001-2007 IP Infusion Inc. Confidential

Index

storm-control level 205 configure terminal 18 Configure, command mode definition 10 copy running-config start-config 18 crypto ipsec security-association lifetime 309 crypto ipsec transform-set 309 crypto isakmp enable 316 crypto isakmp keepalive 316 crypto isakmp key 316 crypto isakmp policy 317 crypto map 320 crypto map ipsec-manual | ipsec-isakmp 310 crypto map local-address 311 cvlan registration table 274 cvlan svlan 275

E
enable 20 enable password 20 encryption 318 end 22 Ethernet 135 ethernet uni 285 ethernet unit id NAME 285 Exec, command mode definition 10 exec-timeout 22 exit 23 extended access-list 14

F
fib retain 80 Fiber 136 Fiber Channel 136 Firewall Commands access-list 345 access-list ipv6 345 firewall group 346 firewall group in|out 347 show firewall rule 347 firewall group 346 firewall group in|out 347 flowcontrol off 201 flowcontrol on 201 fsc 135

D
Debug Commands debug igmp 142 debug mld 160 debug nsm 79 debug nsm events 79 debug nsm kernel 80 debug nsm packet 80 no debug nsm events 91 no debug nsm kernel 91 no debug nsm packet 91 undebug nsm all 102 undebug nsm events 102 undebug nsm kernel 102 undebug nsm packet 103 debug gmrp 231 debug gvrp 240 debug igmp 142 debug mld 160 debug nsm 79 events 79 kernel 80 packet 80 debug nsm mcast 178 description 19 DiffServ Commands 193 mpls class-to-exp-bit 193 mpls support-diffserv-class 193 show mpls diffserv 193 show mpls diffserv class-to-exp 195 show mpls diffserv configurable-dscp 195 show mpls diffserv supported-dscp 196 Digital Wrapper 135 disable 19 display configurable dscp value 195 display diffserv class-to-exp 195 display LSPs originating from router 121 display mpls diffserv 193 display supported dscp value 196

G
gmpls capability-type 135 GMPLS Commands gmpls capability-type 135 gmpls encoding-type 135 gmpls link-id 136 gmpls min-lsp-bandwidth 137 gmpls protection-type 137 gmpls risk-group 138 gmpls sdh-indication 139 gmpls encoding-type 135 gmpls link-id 136 gmpls min-lsp-bandwidth 137 gmpls protection-type 137 gmpls risk-group 138 gmpls sdh-indication 139 GMRP commands clear gmrp statistics 231 debug gmrp 231 set gmrp 232 set gmrp bridge 232 set gmrp extended-filtering bridge 233 set gmrp fwdall 233 set gmrp registration 234 set gmrp timer 234 set gmrp vlan 235 set port gmrp 236

2001-2007 IP Infusion Inc. Confidential

Index - 3

Index

set port gmrp vlan 236 show gmrp configuration 237 show gmrp configuration bridge 237 show gmrp machine 238 show gmrp machine bridge 238 show gmrp statistics 239 show gmrp timer 239 group 319 GVRP Commands clear gvrp statistics 240 debug gvrp 240 show gvrp configuration bridge 244 GVRP commands set gvrp 241 set gvrp applicant 241 set gvrp bridge 242 set gvrp dynamic-vlan-creation 242 set gvrp dynamic-vlan-creation bridge 242 set gvrp registration 243 set gvrp timer 243 set port gvrp 244 show gvrp machine bridge 245 show gvrp statistics 245 show gvrp timer 246

H
hash 319 help 23 hostname 24

I
if-arbiter 81 IGMP Commands clear ip igmp 141 clear ip igmp groups 141 clear ip igmp interface 142 debug igmp 142 debug mld 160 ip igmp 143 ip igmp access-group 143 ip igmp immediate-leave 144 ip igmp last-member-query-count 145 ip igmp last-member-query-interval 145 ip igmp limit 146 ip igmp mroute-proxy 147 ip igmp proxy-service 147 ip igmp querier-timeout 148 ip igmp query-interval 148 ip igmp query-max-response-time 149 ip igmp robustness-variable 150 ip igmp snooping 150 ip igmp snooping fast-leave 151 ip igmp snooping mrouter 151 ip igmp snooping querier 152 ip igmp snooping report-suppression 152 ip igmp ssm-map enable 153 ip igmp ssm-map static 153

ip igmp static-group 154 ip igmp version 155 ipv6 mld proxy-service 165 show ip igmp groups 156 show ip igmp interface 157 show ip igmp snooping mrouter 158 show ip igmp snooping statistics 158 interface 82 Interface Switching Capability Descriptor 135 interface tunnel 297 Interface, command mode definition 10 Interpeak Security Commands 307 authentication 318 clear crypto isakmp 307 clear crypto sa 307 clear crypto sa entry 308 clear crypto sa map 308 clear crypto sa peer 308 crypto ipsec security-association lifetime 309 crypto ipsec transform-set 309 crypto isakmp enable 316 crypto isakmp keepalive 316 crypto isakmp key 316 crypto isakmp policy 317 crypto map 320 crypto map ipsec-manual | ipsec-isakmp 310 crypto map local-address 311 encryption 318 group 319 hash 319 lifetime 319 match address 311 mode 312 set peer 313 set security-association lifetime 313 set session-key 314 set transform-set 315 show crypto ipsec sa 321 show crypto ipsec transform-set 321 show crypto isakmp policy 321 show crypto isakmp sa 322 show crypto map 322 ip address 82 ip forwarding 83 ip igmp 143 ip igmp access-group 143 ip igmp immediate-leave 144 ip igmp last-member-query-count 145 ip igmp last-member-query-interval 145 ip igmp limit 146 ip igmp mroute-proxy 147 ip igmp proxy-service 147 ip igmp querier-timeout 148 ip igmp query-interval 148 ip igmp query-max-response-time 149 ip igmp robustness-variable 150 ip igmp snooping 150 ip igmp snooping fast-leave 151 ip igmp snooping mrouter 151

Index - 4

2001-2007 IP Infusion Inc. Confidential

Index

ip igmp snooping querier 152 ip igmp snooping report-suppression 152 ip igmp ssm-map enable 153 ip igmp ssm-map static 153 ip igmp static-group 154 ip igmp version 155 ip mroute 179 ip multicast route-limit command 180 ip multicast ttl-threshold 180 ip multicast-routing 181 ip prefix-list 24 ip proxy-arp 83 ip remote-address 25 ip route 84 ip route vrf 105 ip unnumbered 26 ip vrf 105 ip vrf forwarding 106 ip-access-list 324 ipv6 access-class 28 ipv6 access-list zebos 29 ipv6 forwarding 84 ipv6 mld 161 ipv6 mld access-group 161 ipv6 mld immediate-leave 162 ipv6 mld last-member-query-count 163 ipv6 mld last-member-query-interval 163 ipv6 mld limit 164 ipv6 mld mroute-proxy 165 ipv6 mld proxy-service 165 ipv6 mld querier-timeout 166 ipv6 mld query-interval 166 ipv6 mld query-max-response-time 167 ipv6 mld robustness-variable 167 ipv6 mld snooping 168 ipv6 mld snooping fast-leave 169 ipv6 mld snooping mrouter 169 ipv6 mld snooping querier 170 ipv6 mld snooping report-suppression 170 ipv6 mld ssm-map enable 171 ipv6 mld ssm-map static 171 ipv6 mld static-group 172 ipv6 mld version 173 ipv6 mroute 181 ipv6 multicast route-limit 182 ipv6 multicast-routing 183 ipv6 nd prefix 85 ipv6 neighbor 88 ipv6 prefix-list command 30 ipv6 route 89 ipv6 unnumbered 31

channel-group mode 287 no channel-group 287 no static-channel-group 289 show etherchannel 288 show static-channel-group 288 static-channel-group 289 Lambda (photonic) 136 Layer 2 commands vlan type 283 lifetime 319 line vty 33 Line, command mode definition 10 link protection type 138 log file 33 log record-priority 34 log stdout 34 log syslog 35 log trap 35 login 36 lowercase, meaning in command syntax notation 4 lsc 135

M
mac-access-list 325 mac-address-table static 212 managed-config-flag 84 manual conventions, procedures and syntax 4 match access-group 325 match address 311 Match and Set Commands match as-path 37 match community 37 match interface 38 match ip address 39 match ip address prefix-list 39 match ip next-hop 40 match ip next-hop prefix-list 41 match ipv6 address 41 match ipv6 address prefix-list 42 match ipv6 next-hop 43 match metric 43 match origin 44 match route-type 45 match tag 45 set aggregator 49 set as-path 49 set atomic-aggregate 50 set comm-list delete 51 set community 51 set dampening 52 set extcommunity 53 set ip next-hop 54 set ipv6 next-hop 54 set level 55 set metric 55 set metric-type 56 set origin 57

L
l2-protocol 275 l2protocol-tunnel 285 l2sc 135 label-switching 109 LACP Commands

2001-2007 IP Infusion Inc. Confidential

Index - 5

Index

set originator-id 57 set tag 58 set vpnv4 next-hop 58 set weight 59 match command origin 44 match ip-dscp 326 match ip-precedence 326 match layer4 326 match mpls exp-bit topmost 327 match vlan 327 match vlan-range 328 MEF UNI commands 2protocol-tunnel 285 ce-vlan preserve-cos 284 ethernet uni 285 ethernet uni id NAME 285 mirror interface 202 MLD Commands clear ipv6 mld 159 clear ipv6 mld groups 159 clear ipv6 mld interface 160 ipv6 mld 161 ipv6 mld access-group 161 ipv6 mld immediate-leave 162 ipv6 mld last-member-query-count 163 ipv6 mld last-member-query-interval 163 ipv6 mld limit 164 ipv6 mld mroute-proxy 165 ipv6 mld querier-timeout 166 ipv6 mld query-interval 166 ipv6 mld query-max-response-time 167 ipv6 mld robustness-variable 167 ipv6 mld snooping 168 ipv6 mld snooping fast-leave 169 ipv6 mld snooping mrouter 169 ipv6 mld snooping querier 170 ipv6 mld snooping report-suppression 170 ipv6 mld ssm-map enable 171 ipv6 mld ssm-map static 171 ipv6 mld static-group 172 ipv6 mld version 173 show ipv6 mld groups 174 show ipv6 mld interface 174 show ipv6 mld snooping mrouter 175 show ipv6 mld snooping statistics 176 show ipv6 mroute 187 mls qos 328 mls qos aggregate-police 329 mls qos dscp-cos 329 mls qos dscp-mutation 330 mls qos map dscp-cos 330 mls qos map dscp-mutation 331 mls qos min-reserve 331 MMRP commands clear mmrp statistics 246 clear mmrp statistics vlanid 247 set mmrp 247 set mmrp bridge 248

set mmrp disable bridge 248 set mmrp disable bridge vlan 249 set mmrp enable bridge 249 set mmrp enable bridge vlan 250 set mmrp extended-filtering 250 set mmrp extended-filtering disable bridge 251 set mmrp extended-filtering enable bridge 251 set mmrp fwdall disable 252 set mmrp fwdall enable 252 set mmrp ltimer leavealll 253 set mmrp pointtopoint enable 254 set mmrp registration fixed 254 set mmrp registration forbidden 254 set mmrp registration normal 255 set mmrp timer join 253 set port mmrp disable 255 set port mmrp disable vlan 256 set port mmrp enable 257 set port mmrp enable vlan 257 show mmrp configuration 258 show mmrp configuration bridge 258 show mmrp machine 259 show mmrp machine bridge 259 show mmrp statistics vlanid bridge 259 show mmrp timer 260 mode 312 mpls admin-groups 109 mpls class-to-exp-bit 193 mpls class-type 197 mpls disable-all-interfaces 110 mpls egress-ttl 110 mpls enable-all-interfaces 110 mpls ftn-entry 111 mpls ilm-entry 112 mpls ingress-ttl 112 mpls l2-circuit 113 mpls l2-circuit-ftn-entry 114 mpls l2-circuit-ilm-entry 114 MPLS Layer-2 VC Commands see VC Commands mpls local-packet-handling 115 mpls log 115 mpls lsp-model pipe 116 mpls lsp-tunneling 116 mpls map-route 117 mpls max-label-value 117 mpls min-label-value 118 mpls propagate-ttl 118 mpls support-diffserv-class 193 mpls te-class 198 mpls vpls 291 mpls vrf-entry 119 mpls-l2-circuit 113 mpls-vpls 291 multicast 90 Multicast Commands clear ip mroute 177 clear ip mroute statistics 177 clear ipv6 mroute 178

Index - 6

2001-2007 IP Infusion Inc. Confidential

Index

clear ipv6 mroute statistics 178 debug nsm mcast 178 ip mroute 179 ip multicast route-limit 180 ip multicast ttl-threshold 180 ip multicast-routing 181 ipv6 mroute 181 ipv6 multicast route-limit 182 ipv6 multicast-routing 183 multicast 90 show ip mroute 183 show ip mroute count 184 show ip mroute summary 185 show ip mvif 186 show ip rpf 186 show ipv6 mif 187 show ipv6 mroute 187 show ipv6 mroute count 188 show ipv6 mroute summary 189 show ipv6 rpf 190 multicast routing 181, 183 MVRP Ccmmands set mvrp dynamic-vlan-creation enable bridge 265 MVRP commands clear mvrp interface statistics 261 clear mvrp statistics all 261 clear mvrp statistics bridge 262 set mvrp 262 set mvrp applicant state active 262 set mvrp applicant state normal 263 set mvrp disable bridge 263 set mvrp dynamic-vlan-creation 264 set mvrp dynamic-vlan-creation disable bridge 264 set mvrp enable bridge 265 set mvrp pointtopoint enable 267 set mvrp registration fixed 267 set mvrp registration forbidden 268 set mvrp registration normal 268 set mvrp timer join 266 set mvrp timer leave 266 set mvrp timer leaveall 267 set port mvrp disable 269 set port mvrp enable 269 show mvrp configuration 270 show mvrp configuration all 271 show mvrp interface statistics 271 show mvrp machine bridge 272 show mvrp statistics 272 show mvrp timer 273

NSM DiffServ-TE Commands 197 bandwidth-constraint 197 bc-mode 197 mpls class-type 197 mpls te-class 198 show mpls dste 198 show mpls dste class-type 199 show mpls dste te-class 199 NSM GMPLS Commands 135 NSM LACP Commands 287 NSM Layer-2 Commands 201 NSM MPLS Commands 109 NSM MPLS OAM Commands 126 NSM Multicast Commands 177 NSM VPLS Commands 291 mpls vpls 291 mpls-vpls 291 show mpls vpls 291 show mpls vpls detail 292 show mpls vpls mesh 293 show mpls vpls spoke 293 vpls-description 294 vpls-mtu 294 vpls-peer 295 vpls-vc 295 NSM VPN Commands 105

O
other-config-flag 85

P
parameter expansion 7 parenthesis not part of command 4 password 46 password-encryption service 48 ping mpls ipv4 126 ping mpls l2-circuit 127 ping mpls l3vpn 127 ping mpls ldp 128 ping mpls rsvp 129 ping mpls vpls 130 police command 332 police-aggregate 332 policy map command mode 11 policy-map 333 prefix-list 24 private-vlan association bridge 228 private-vlan bridge 228 Private-VLAN commands private-vlan association bridge 228 private-vlan bridge 228 show vlan private-vlan bridge 230 switchport mode private-vlan 229 switchport private-vlan host-association 229 switchport private-vlan mapping 230 Privileged Exec, command mode definition 10 Provider Bridging commands

N
no channel-group 287 no debug nsm kernel 91 packet 91 no debug nsm kernel command 91, 103 no parameter, action of 6 no static-channel-group 289

2001-2007 IP Infusion Inc. Confidential

Index - 7

Index

bridge protocol provider-mstp 273 bridge protocol provider-rstp 274 cvlan registration table 274 cvlan svlan 275 l2-protocol 275 switchport allowed vlan 276 switchport customer-edge access vlan 276 switchport customer-edge hybrid allowed vlan 277 switchport customer-edge hybrid vlan 277 switchport customer-edge vlan registration 278 switchport customer-network vlan translation 278 switchport mode 279 switchport mode customer-edge access 279 switchport mode customer-edge hybrid 280 switchport mode customer-edge trunk 281 switchport provider-edge vlan 281 switchport provider-network vlan translationswitchport provider-network vlan translation 282 switchport trunk customer-edge allowed vlan 282 vlan type access-map 283 vlan type bridge 284 psc1 135 psc2 135 psc3 135 psc4 135

show mls qos maps dscp-cos 337 show mls qos maps dscp-mutation 338 show policy-map 338 show qos-access-list 339 wrr-queue bandwidth 339 wrr-queue cos-map 340 wrr-queue dscp-map 340 wrr-queue min-reserve 341 wrr-queue queue-limit 341 wrr-queue random-detect max-threshold 342 wrr-queue threshold 342 Question mark 4

R
ra-interval 86 ra-lifetime 87 reachable-time 87 reservable bandwidth 191 reservable-bandwidth 191 rmon alarm 303 rmon collection history 303 rmon collection stats 304 RMON Commands 303 rmon alarm 303 rmon collection history 303 rmon collection stats 304 rmon event 305 show rmon alarm 305 show rmon event 306 show rmon history 306 show rmon statistics 306 rmon event 305 route-map 46 Router Advertised Commands ipv6 nd managed-config-flag 84 ipv6 nd other-config-flag 85 ipv6 nd prefix 85 ipv6 nd ra-interval 86 ipv6 nd ra-lifetime 87 ipv6 nd reachable-time 87 ipv6 nd suppress-ra 88

Q
QoS Command Modes 11 QoS commands class 323 class-map 323 ip-access-list 324 mac-access-list 325 match access-group 325 match ip-dscp 326 match ip-precedence 326 match layer4 326 match mpls exp-bit topmost 327 match vlan 327 match vlan-range 328 mls qos 328 mls qos aggregate-police 329 mls qos dscp-cos 329 mls qos map dscp-cos 330 mls qos map dscp-mutation 331 mls qos min-reserve 331 mos qos dscp-mutation 330 police 332 police-aggregate 332 policy-map 333 service-policy input 334 set cos| 334 set ip-dscp 335 set ip-precedence 335 set mpls exp-bit topmost 335 show class-map 336 show mls qos aggregator-policer 336 show mls qos interface 337

S
SDH ITU-T G.707 136 service advanced-vty 47 password-encryption 48 terminal-length 48 service advanced-vty 47 service password-encryption 48 service terminal-length 48 service-policy input 334 set cos 334 set gmrp 232 set gmrp bridge 232 set gmrp extended-filtering bridge 233 set gmrp fwdall 233

Index - 8

2001-2007 IP Infusion Inc. Confidential

Index

set gmrp registration 234 set gmrp timer 234 set gmrp vlan 235 set gvrp 241 set gvrp applicant 241 set gvrp bridge 242 set gvrp dynamic-vlan-creation 242 set gvrp dynamic-vlan-creation bridge 242 set gvrp registration 243 set gvrp timer 243 set ip-dscp 335 set ip-precedence 335 set mmrp 247 set mmrp bridge 248 set mmrp disable bridge 248 set mmrp disable bridge vlan 249 set mmrp enable bridge 249 set mmrp enable bridge vlan 250 set mmrp extended-filtering 250 set mmrp extended-filtering disable bridge 251 set mmrp extended-filtering enable bridge 251 set mmrp fwdall disable 252 set mmrp fwdall enable 252 set mmrp pointtopoint enable 254 set mmrp registration fixed 254 set mmrp registration forbidden 254 set mmrp registration norma 255 set mmrp timer join 253 set mmrp timer leaveall 253 set mpls exp-bit topmost 335 set mvrp 262 set mvrp applicant state active 262 set mvrp applicant state normal 263 set mvrp disable bridge 263 set mvrp dynamic-vlan-creation 264 set mvrp dynamic-vlan-creation disable bridge 264 set mvrp dynamic-vlan-creation enable bridge 265 set mvrp enable bridge 265 set mvrp pointtopoint enable 267 set mvrp registration fixed 267 set mvrp registration forbidden 268 set mvrp registration normal 268 set mvrp timer join 266 set mvrp timer leave 266 set mvrp timer leaveall 267 set peer 313 set port gmrp 236 set port gmrp vlan 236 set port gvrp 244 set port mmrp disable 255 set port mmrp disable vlan 256 set port mmrp enable 257 set port mmrp enable vlan 257 set port mvrp disable 269 set port mvrp enable 269 set security-association lifetime 313 set session-key 314 set transform-set 315 Shared Risk Link Group 138

show history 61 ip access-list 93 ip route vrf 106 ip vrf 107 show access-list 60 show bridge 212 show class-map 336 show cli 60 show crypto ipsec sa 321 show crypto ipsec transform-set 321 show crypto isakmp policy 321 show crypto isakmp sa 322 show crypto map 322 show debugging nsm 92 show etherchannel 288 show firewall rule 347 show flowcontrol interface 202 show gmrp configuration 237 show gmrp configuration bridge 237 show gmrp machine 238 show gmrp machine bridge 238 show gmrp statistics 239 show gmrp timer 239 show gvrp configuration bridge 244 show gvrp machine bridge 245 show gvrp statistics 245 show gvrp timer 246 show interface 92 show interfaces switchport bridge 213 show ip access-list 93 show ip forwarding 94 show ip igmp groups 156 show ip igmp interface 157 show ip igmp snooping mrouter 158 show ip igmp snooping statistics 158 show ip interface brief 94 show ip mroute 183 show ip mroute count 184 show ip mroute summary 185 show ip mvif 186 show ip prefix-list 62 show ip route 95 show ip route database 96 show ip route summary 97 show ipv6 interface brief 98 show ipv6 mif 187 show ipv6 mld groups 174 show ipv6 mld interface 174 show ipv6 mld snooping mrouter 175 show ipv6 mld snooping statistics 176 show ipv6 mroute count 188 show ipv6 mroute summary 189 show ipv6 neighbors 99 show ipv6 route summary 100 show list 62 show memory all 63 show memory free 65

2001-2007 IP Infusion Inc. Confidential

Index - 9

Index

show memory lib 66 show memory summary 68 show mirror 203 show mirror interface 203 show mls qos aggregator-policer 336 show mls qos interface 337 show mls qos maps dscp-cos 337 show mls qos maps dscp-mutation 338 show mmrp configuration 258 show mmrp configuration bridge 258 show mmrp machine 259 show mmrp machine bridge 259 show mmrp statistics vlanid bridge 259 show mmrp timer 260 show mpls 119 show mpls admin-groups 120 show mpls cross-connect-table 120 show mpls diffserv 193 show mpls diffserv class-to-exp 195 show mpls diffserv configurable-dscp 195 show mpls diffserv supported-dscp 196 show mpls dste 198 show mpls dste class-type 199 show mpls dste te-class 199 show mpls forwarding-table 121 show mpls ftn-table 122 show mpls ilm-table 122 show mpls in-segment-table 123 show mpls l2-circuit 123 show mpls l2-circuit-group 124 show mpls log 124 show mpls mapped-routes 125 show mpls out-segment-table 125 show mpls vc-table 125 show mpls vpls 291 show mpls vpls detail 292 show mpls vpls mesh 293 show mpls vpls spoke 293 show mpls vrf-table 126 show mvrp configuration 270 show mvrp configuration all 271 show mvrp interface statistics 271 show mvrp machine bridge 272 show mvrp statistics 272 show mvrp timer 273 show nsm client 101 show policy-map 338 show qos-access-list 339 show rmon alarm 305 show rmon event 306 show rmon history 306 show rmon statistics 306 show route-map 69 show router-id 101 show stacking db 349 show stacking dump db 349 show stacking local 350 show stacking master 350 show stacking numCPU 351

show startup-config 71 show static-channel-group 288 show storm-control 204 show storm-control broadcast interface 204 show unning-config 69 show version 72 show vlan 215 show vlan all 215 show vlan all bridge 215 show vlan brief 216 show vlan classifier group 216 show vlan classifier interface group 217 show vlan classifier rule 217 show vlan dynamic bridge 218 show vlan private-vlan bridge 230 show vlan static bridge 218 Square brackets 4 stacking masterdev 351 standard access-list 15 Standard SONET/SDH 139 static-channel-group 289 storm-control level 205 suppress-ra 88 switching capability 136 switchport 214 switchport access vlan 219 switchport allowed vlan 276 switchport customer-edge access vlan 276 switchport customer-edge hybrid allowed vlan 277 switchport customer-edge hybrid vlan 277 switchport customer-edge vlan registration 278 switchport customer-network vlan translation 278 switchport hybrid allowed vlan 219 switchport hybrid vlan 220 switchport mode 279 switchport mode access 221 switchport mode customer-edge access 279 switchport mode customer-edge hybrid 280 switchport mode customer-edge trunk 281 switchport mode hybrid 221 switchport mode private-vlan 229 switchport mode trunk 222 switchport private-vlan host-association 229 switchport private-vlan mapping 230 switchport provider-edge vlan 281 switchport trunk allowed vlan 223 switchport trunk customer-edge allowed vlan 282 switchport trunk native vlan 224 syntax conventions 4 syntax help 2

T
tdm 135 terminal length 73 terminal monitor 73 terminal-length 48 Time Division Multiplexing 139 trace mpls ipv4 130

Index - 10

2001-2007 IP Infusion Inc. Confidential

Index

trace mpls l2-circuit 131 trace mpls l3vpn 132 trace mpls ldp 132 trace mpls rsvp 133 trace mpls vpls 134 tunnel checksum 297 tunnel destination 298 tunnel mode 298 tunnel mode ipv6ip 299 tunnel path-mtu-discovery 300 tunnel source 300 tunnel tos 301 tunnel ttl 301 Tunneling Commands 297 interface tunnel 297 tunnel checksum 297 tunnel destination 298 tunnel mode 298 tunnel mode ipv6ip 299 tunnel path-mtu-discovery 300 tunnel source 300 tunnel tos 301 tunnel ttl 301

U
undebug nsm kernel 102 packet 103 undebug nsm all 102 UPPERCASE, meaning in command syntax notation 4

V
variable parameter expansion 7 VC Commands label-switching 109 mpls admin-groups 109 mpls disable-all-interfaces 110 mpls egress-ttl 110 mpls enable-all-interfaces 110 mpls ftn-entry 111 mpls ilm-entry 112 mpls ingress-ttl 112 mpls l2-circuit 113 mpls l2-circuit-ftn-entry 114 mpls l2-circuit-ilm-entry 114 mpls local-packet-handling 115 mpls log 115 mpls max-label-value 117 mpls min-label-value 118 mpls-l2-circuit 113 show mpls admin-groups 120 show mpls cross-connect-table 120 show mpls l2-circuit 123 show mpls l2-circuit-group 124 show mpls log 124 vertical bar 4 vlan bridge 224

vlan classifier ipv4 225 vlan classifier mac 225 vlan classifier proto 226 VLAN commands show vlan 215 show vlan all 215 show vlan all bridge 215 show vlan brief 216 show vlan classifier group 216 show vlan classifier interface group 217 show vlan classifier rule 217 show vlan dynamic bridge 218 show vlan static bridge 218 switchport access vlan 219 switchport hybrid allowed vlan 219 switchport hybrid vlan 220 switchport mode access 221 switchport mode hybrid 221 switchport mode trunk 222 switchport trunk allowed vlan 223 switchport trunk native vlan 224 vlan bridge 224 vlan classifier ipv4 225 vlan classifier mac 225 vlan classifier proto 226 vlan database 226 vlan mtu bridge 227 vlan state 227 vlan database command 226 vlan mtu bridge 227 vlan state 227 vlan type 283 vlan type access-map 283 vlan type bridge 284 vpls-description 294 vpls-mtu 294 vpls-peer 295 vpls-vc 295 VPN Commands ip route vrf 105 ip vrf 105 ip vrf forwarding 106 show ip route vrf 106 show ip vrf 107

W
who 73 write file 74 write memory 74 write terminal 74 wrr-queue bandwidth 339 wrr-queue cos-map 340 wrr-queue dscp-map 340 wrr-queue min-reserve 341 wrr-queue queue-limit 341 wrr-queue random-detect max-threshold 342 wrr-queue threshold 342

2001-2007 IP Infusion Inc. Confidential

Index - 11

Index

Z
ZebOS Commands maximum-paths 90 mtu 90 ZebOS ipv6 Commands ipv6 address 89 ipv6 route 89 show ipv6 forwarding 98 show ipv6 route 99 ZebOS MPLS Commands egress-ttl 110 enable-all-interfaces 110 ftn-entry 111 ilm-entry 112 ingress-ttl 112 l2-circuit 113 l2-circuit-ftn-entry 114 l2-circuit-ilm-entry 114 label-switching 109 local-packet-handling 115 log 115 lsp-tunneling 116 map-route 117 max-label-value 117 min-label-value 118 mpls admin-groups 109 mpls disable-all-interfaces 110 mpls lsp-model pipe 116 mpls propagate-ttl 118 mpls-l2-circuit 113 show mpls 119 show mpls admin-groups 120 show mpls cross-connect-table 120 show mpls forwarding-table 121 show mpls ftn-table 122 show mpls ilm-table 122 show mpls in-segment-table 123 show mpls l2-circuit 123 show mpls l2-circuit-group 124 show mpls log 124 show mpls mapped-routes 125 show mpls out-segment-table 125 show mpls vc-table 125 show mpls vrf-table 126 vrf entry 119 ZebOS MPLS OAM Commands ping mpls ipv4 126 ping mpls l2-circuit 127 ping mpls l3vpn 127 ping mpls ldp 128 ping mpls rsvp 129 ping mpls vpls 130 trace mpls ipv4 130 trace mpls l2-circuit 131 trace mpls l3vpn 132 trace mpls ldp 132 trace mpls rsvp 133

trace mpls vpls 134 ZebOS NSM Commands 77 admin-group 77 arp A.B.C.D MAC 77 bandwidth 78 clear ip route kernel 78 clear ipv6 neighbors 79 debug nsm 79 events 79 kernel 80 no debug nsm kernel 91 packet 80, 91, 103 undebug nsm all 102 undebug nsm events 102 undebug nsm kernel 102 fib retain 80 if-arbiter 81 interface 82 ip address 82 ip forwarding 83 ip proxy-arp 83 ip route 84 ipv6 address 89 ipv6 forwarding 84 ipv6 nd managed-config-flag 84 ipv6 nd other-config-flag 85 ipv6 nd prefix 85 ipv6 nd ra-interval 86 ipv6 nd ra-lifetime 87 ipv6 nd reachable-time 87 ipv6 nd suppress-ra 88 ipv6 neighbor 88 ipv6 route 89 maximum-paths 90 mtu 90 multicast 90 no debug nsm no debug nsm events 91 show debugging nsm 92 show interface 92 show ip access-list 93 show ip forwarding 94 show ip interface brief 94 show ip route 95 show ip route database 96 show ip route summary 97 show ipv6 forwarding 98 show ipv6 interface brief 98 show ipv6 neighbors 99 show ipv6 route 99 show ipv6 route summary 100 show nsm client 101 show router-id 101 shutdown 102 ZebOS TE Commands reservable-bandwidth 191

Index - 12

2001-2007 IP Infusion Inc. Confidential

Big-Ip Advanced Routing™: Integrated Management Interface Command Line Interface Reference Guide
No ratings yet
Big-Ip Advanced Routing™: Integrated Management Interface Command Line Interface Reference Guide
162 pages
AP9635 User Guide EN
No ratings yet
AP9635 User Guide EN
105 pages
S55 CLI 8.3.5.2 30-Nov-2011
No ratings yet
S55 CLI 8.3.5.2 30-Nov-2011
1,116 pages
Force10-S25v-S50v-N - Reference Guide4 - En-Us PDF
No ratings yet
Force10-S25v-S50v-N - Reference Guide4 - En-Us PDF
1,686 pages
TCS CLI 8.4.2.7 Oct-01-2012
No ratings yet
TCS CLI 8.4.2.7 Oct-01-2012
1,640 pages
CLI Reference Guide Panorama 5.1 PAN OS 5.0
No ratings yet
CLI Reference Guide Panorama 5.1 PAN OS 5.0
562 pages
CLI Reference Guide Panorama 5.1 PAN OS 5.0
No ratings yet
CLI Reference Guide Panorama 5.1 PAN OS 5.0
562 pages
Pdu Rack APC
No ratings yet
Pdu Rack APC
140 pages
PAN-OS 5.0 CLI Reference Guide
No ratings yet
PAN-OS 5.0 CLI Reference Guide
560 pages
PAN-OS 4.1 CLI Reference Guide
No ratings yet
PAN-OS 4.1 CLI Reference Guide
500 pages
User Guide: Metered Rack Power Distribution Unit
No ratings yet
User Guide: Metered Rack Power Distribution Unit
104 pages
Check Point 600 1100 1200R Cli Guide PDF
No ratings yet
Check Point 600 1100 1200R Cli Guide PDF
263 pages
Pan Os 6.0 Cli Ref
No ratings yet
Pan Os 6.0 Cli Ref
770 pages
PAN OS 31 CLI Reference Guide
No ratings yet
PAN OS 31 CLI Reference Guide
322 pages
LANTIME OS 7 CLI Reference Guide
No ratings yet
LANTIME OS 7 CLI Reference Guide
26 pages
Pan Os 6.0 Cli Ref
No ratings yet
Pan Os 6.0 Cli Ref
770 pages
PAN-OS ™ Command Line Interface Reference Guide
No ratings yet
PAN-OS ™ Command Line Interface Reference Guide
466 pages
Nios Cliguide 8.0
No ratings yet
Nios Cliguide 8.0
218 pages
RIB Command
No ratings yet
RIB Command
60 pages
PAN-OS 2.1 CLI Reference Guide
No ratings yet
PAN-OS 2.1 CLI Reference Guide
258 pages
NIOS CLIGuide 8.2 PDF
No ratings yet
NIOS CLIGuide 8.2 PDF
234 pages
PAN-OS 3.0 CLI Reference Guide
100% (1)
PAN-OS 3.0 CLI Reference Guide
262 pages
Mobility 05200 ControllerCLIGuide PDF
No ratings yet
Mobility 05200 ControllerCLIGuide PDF
854 pages
NIOS 6.0.0 CLIGuide
No ratings yet
NIOS 6.0.0 CLIGuide
114 pages
Infoblox CLI Guide: NIOS 6.1 For Infoblox Network Core Services Appliances
No ratings yet
Infoblox CLI Guide: NIOS 6.1 For Infoblox Network Core Services Appliances
118 pages
OcNOS-SP VXLAN Guide PDF
No ratings yet
OcNOS-SP VXLAN Guide PDF
462 pages
'Docslide - Us - Infoblox Cli Guide 612 PDF
No ratings yet
'Docslide - Us - Infoblox Cli Guide 612 PDF
182 pages
CLI-Reference Latest
No ratings yet
CLI-Reference Latest
410 pages
Ocnos DC Vxlan Guide
No ratings yet
Ocnos DC Vxlan Guide
592 pages
VTAM Quick Ref Guide
No ratings yet
VTAM Quick Ref Guide
233 pages
AP8853
No ratings yet
AP8853
118 pages
Pan-Os Cli Quick Start
No ratings yet
Pan-Os Cli Quick Start
44 pages
OcNOS System Management Quick Config
No ratings yet
OcNOS System Management Quick Config
22 pages
Gnu Inetutils: Alain Magloire Et Al
No ratings yet
Gnu Inetutils: Alain Magloire Et Al
91 pages
Teldat Dm704-I Configuration Monitoring
No ratings yet
Teldat Dm704-I Configuration Monitoring
238 pages
NIOS 4.3r2 CLIGuide
No ratings yet
NIOS 4.3r2 CLIGuide
96 pages
Nortel Command Line
100% (1)
Nortel Command Line
286 pages
Onyx HPE M-Series Switch Manual
No ratings yet
Onyx HPE M-Series Switch Manual
1,666 pages
Powerconnect-6248 Reference Guide En-Us
No ratings yet
Powerconnect-6248 Reference Guide En-Us
1,356 pages
Powerconnect-6224 - Reference Guide - PTBR PDF
No ratings yet
Powerconnect-6224 - Reference Guide - PTBR PDF
1,356 pages
Ocnos DC Layer 3 Guide
No ratings yet
Ocnos DC Layer 3 Guide
1,744 pages
Deploymentfromscratch 1st
No ratings yet
Deploymentfromscratch 1st
507 pages
Pan-Os Cli Command PDF
100% (1)
Pan-Os Cli Command PDF
48 pages
Nios Cliguide 7.3
No ratings yet
Nios Cliguide 7.3
198 pages
Infusion Zebos Advanced Routing Suite: June, 2003
No ratings yet
Infusion Zebos Advanced Routing Suite: June, 2003
24 pages
Ipcop Admin
No ratings yet
Ipcop Admin
77 pages
PAN-OS® 8.0 CLI Quick Start
No ratings yet
PAN-OS® 8.0 CLI Quick Start
48 pages
TCS CLI 8.4.2.4 20-Jul-2011
No ratings yet
TCS CLI 8.4.2.4 20-Jul-2011
1,822 pages
Freenas Documentation: Release 9.10-Stable
No ratings yet
Freenas Documentation: Release 9.10-Stable
296 pages
Debian-Reference en
No ratings yet
Debian-Reference en
258 pages
Multikey Manual
No ratings yet
Multikey Manual
10 pages
3GPP Specification List
100% (1)
3GPP Specification List
491 pages
WCDMA Events
No ratings yet
WCDMA Events
1 page
Cell Ref
No ratings yet
Cell Ref
16 pages
Call Flow 3G
No ratings yet
Call Flow 3G
2 pages
Excel Latitude, Longitude & Great Circle
No ratings yet
Excel Latitude, Longitude & Great Circle
6 pages
OllyDbg 2.0 Brief Help PDF
100% (1)
OllyDbg 2.0 Brief Help PDF
32 pages
Atoll To Aircom Conversion Propagation Model
No ratings yet
Atoll To Aircom Conversion Propagation Model
2 pages
Lucent RF Calltrace
No ratings yet
Lucent RF Calltrace
72 pages
UMTS RF Troubleshooting Guideline Draft V21
100% (1)
UMTS RF Troubleshooting Guideline Draft V21
106 pages
ReleaseNotes Master
No ratings yet
ReleaseNotes Master
13 pages
TEMS DISCOVERY Training
100% (5)
TEMS DISCOVERY Training
147 pages
Choicotuong
No ratings yet
Choicotuong
67 pages
Choi Co Tuong Nhu The Nao Tap 1
No ratings yet
Choi Co Tuong Nhu The Nao Tap 1
74 pages
TEMS DISCOVERY Training
100% (5)
TEMS DISCOVERY Training
147 pages
BlueCoat ISP
No ratings yet
BlueCoat ISP
39 pages
CDMA RF Network Optimization Guidebook
No ratings yet
CDMA RF Network Optimization Guidebook
223 pages
RF Model Tunning Guide
No ratings yet
RF Model Tunning Guide
13 pages
BIG-IP LTM Architecture and High Availability
50% (2)
BIG-IP LTM Architecture and High Availability
19 pages
Infusion Zebos Advanced Routing Suite: June, 2003
No ratings yet
Infusion Zebos Advanced Routing Suite: June, 2003
118 pages
BIG IP Reference
No ratings yet
BIG IP Reference
504 pages
BGP Configuration
100% (1)
BGP Configuration
140 pages
BIG IP Traffic
100% (1)
BIG IP Traffic
328 pages
Swaziland Public Administration Profile
No ratings yet
Swaziland Public Administration Profile
16 pages
BlueCoat ISP
No ratings yet
BlueCoat ISP
39 pages
Big-Ip Systems: Getting Started Guide
No ratings yet
Big-Ip Systems: Getting Started Guide
96 pages
Cambodia Report
No ratings yet
Cambodia Report
237 pages
Huawei SmartAX MA5600T Series OLT Brochure PDF
No ratings yet
Huawei SmartAX MA5600T Series OLT Brochure PDF
4 pages
H12-821 (490 Questions)
100% (1)
H12-821 (490 Questions)
10 pages
Array Network - App User Guide PDF
No ratings yet
Array Network - App User Guide PDF
313 pages
Get (Ebook PDF) Network+ Guide To Networks 7th Edition Free All Chapters
100% (2)
Get (Ebook PDF) Network+ Guide To Networks 7th Edition Free All Chapters
45 pages
Dual-Band Wi-Fi 6 Mesh Ethernet Gateway With Voice Support: Benefits
No ratings yet
Dual-Band Wi-Fi 6 Mesh Ethernet Gateway With Voice Support: Benefits
4 pages
05 SkyEdge II Inbound Overview v6.1
No ratings yet
05 SkyEdge II Inbound Overview v6.1
44 pages
Understanding Cisco Cybersecurity Fundamentals (210-250) Blueprint
No ratings yet
Understanding Cisco Cybersecurity Fundamentals (210-250) Blueprint
6 pages
Bluetooth & Wi-Fi Security Protocol
No ratings yet
Bluetooth & Wi-Fi Security Protocol
17 pages
CISSP Study Notes
100% (1)
CISSP Study Notes
11 pages
Advanced Network Design
No ratings yet
Advanced Network Design
3 pages
Licensure Assessment Review Evaluation 4 Answers: Rizal Technological University
No ratings yet
Licensure Assessment Review Evaluation 4 Answers: Rizal Technological University
3 pages
CCNA II Chapter 2 Summary
No ratings yet
CCNA II Chapter 2 Summary
3 pages
CS6411 Network Lab Manual - 2013 - Regulation PDF
No ratings yet
CS6411 Network Lab Manual - 2013 - Regulation PDF
71 pages
Controlling Searches in Mixed APPN-Subarea Networks
No ratings yet
Controlling Searches in Mixed APPN-Subarea Networks
30 pages
VFD Com (XGB-iG5A) - Modbus
100% (1)
VFD Com (XGB-iG5A) - Modbus
27 pages
Network IDS IPS Deployment Strategies
No ratings yet
Network IDS IPS Deployment Strategies
5 pages
F0af6 Clevo W830T W840T
No ratings yet
F0af6 Clevo W830T W840T
46 pages
Unit-1 - Java Networking
No ratings yet
Unit-1 - Java Networking
38 pages
SmartBro Enterprise Packages EXTERNAL (UPDATED)
No ratings yet
SmartBro Enterprise Packages EXTERNAL (UPDATED)
3 pages
TCP/IP Protocols and Ethernet Guide
No ratings yet
TCP/IP Protocols and Ethernet Guide
26 pages
AT Command 4G ELIPS SYSTEM NG-1
No ratings yet
AT Command 4G ELIPS SYSTEM NG-1
2 pages
VLSM and Classless Routing
No ratings yet
VLSM and Classless Routing
20 pages
IoT Protocols
No ratings yet
IoT Protocols
26 pages
Topics: 18-345 - Fall 08 Circuit-Switching Networks 2 Circuit Switching Networks 2
No ratings yet
Topics: 18-345 - Fall 08 Circuit-Switching Networks 2 Circuit Switching Networks 2
7 pages
Chapter 1
No ratings yet
Chapter 1
21 pages
Lte3316-M604 2
No ratings yet
Lte3316-M604 2
4 pages
ID-20MF-WR-FV - 13.56mhz RFID Reader Module HF Read Write
No ratings yet
ID-20MF-WR-FV - 13.56mhz RFID Reader Module HF Read Write
18 pages
Data Communication Basics
No ratings yet
Data Communication Basics
15 pages
MCQs Communication Theory
No ratings yet
MCQs Communication Theory
16 pages
8 Profinet Security
No ratings yet
8 Profinet Security
6 pages