Manuals / Brands / Computer Equipment / Network Router / 3Com / Computer Equipment / Network Router

3Com MSR 30, MSR 50 ike-peer (IPSec policy view/IPSec policy template view)

1 2742

Download 2742 pages, 23.79 Mb

2132 CHAPTER 140: IPSEC CONFIGURATION COMMANDS

undo esp encryption-algorithm

View IPSec proposal view

Parameter 3des: Uses triple DES (3DES) in cipher block chaining (CBC) mode as the

encryption algorithm. The 3DES algorithm uses a 168-bit key for encryption.

aes: Uses advanced encryption standard (AES) in CBC mode as the encryption

algorithm. The AES algorithm uses a 128- bit, 192-bit, or 256-bit key for

encryption.

key-length: Key length for the AES algorithm, which can be 128, 192, and 256

and is defaulted to 128. This argument is for AES only.

des: Uses data encryption standard (DES) in CBC mode as the encryption

algorithm, The DES algorithm uses a 56-bit key for encryption.

Description Use the esp encryption-algorithm command to specify the encryption

algorithm for ESP.

Use the undo esp encryption-algorithm command to configure ESP so that

ESP does not encrypt packets.

By default, the DES algorithm is used.

Note that:

■3DES is well suited for environments with high demand on confidentiality and

security, but it is comparatively slow in encryption. DES is enough to satisfy

normal security requirements.

■ESP allows the encryption and/or authentication of a packet.

■ESP supports three IP packet protection schemes: encryption only,

authentication only, or both encryption and authentication. The undo esp

encryption-algorithm command takes effect only if no authentication

algorithm is used.

Related command: ipsec proposal, esp authentication-algorithm, proposal, and transform.

Example # Configure IPSec proposal prop1 to use ESP and 3DES.

<Sysname> system-view

[Sysname] ipsec proposal prop1

[Sysname-ipsec-proposal-prop1] transform esp

[Sysname-ipsec-proposal-prop1] esp encryption-algorithm 3des

ike-peer (IPSec policy view/IPSec policy template view)

Syntax ike-peer peer-name

undo ike-peer peer-name

Contents

Main 3Com Corporation 350 Campus Drive Marlborough, MA USA 01752-3064 C 1 2 3 4 6 7 8 9 M 10 M 11 13 14 15 16 17 18 19 20 21 22 23 24 25 26 Page 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 Page 73 74 75 76 Page 77 78 79 80 81 82 Page 83 84 85 86 87 88 89 90 91 92 93 94 95 96 Page 97 98 99 100 101 102 103 104 105 106 107 108 109 111 112 113 114 115 117 118 119 120 121 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 Page 174 175 176 177 178 179 180 ABOUT THIS GUIDE n w n Conventions Related Documentation ALPHABETICAL LISTING OF Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page 1 display interface atm interface atm reset atm interface 2 code differential-delay display interface ima-group Page frame-length ima ima-group n ima-clock ima-standard ima-test n interface ima-group min-active-links Page 3 Page Page Page 4 Page Page Page 5 activate display dsl configuration Syntax display dsl configuration interface atm interface-number Tabl e 1 Description on the fields of the display dsl configuration command display dsl status Syntax display dsl status interface atm interface-number Tabl e 1 Description on the fields of the display dsl configuration command 134 CHAPTER 5: G.SHDSL INTERFACE CONFIGURATION COMMANDS # Display status information about ATM 5/0, which is a four-wire G.SHDSL interface that is up. Tabl e 2 Description on the fields of the display dsl status command display dsl version Syntax display dsl version interface atm interface-number Tabl e 2 Description on the fields of the display dsl status command Tabl e 3 Description on the fields of the display dsl version interface atm command shdsl annex shdsl mode shdsl psd n shdsl rate n shdsl snr-margin shdsl wire Page Page 6 activate adsl standard adsl tx-attenuation bootrom update file display dsl configuration display dsl status Syntax display dsl status interface atm interface-number Tabl e 4 Description on the fields of the display dsl configuration command display dsl version Syntax display dsl version interface atm interface-number Tabl e 5 Description on the fields of the display dsl status command Tabl e 6 Description on the fields of the display adsl version command Page 7 display interface pos Tabl e 7 Description on the fields of the display interface pos command display ip interface pos display ipv6 interface pos flag c Page link-protocol Page n threshold Page 8 combo enable description display brief interface information will be displayed; of interface will be displayed. Tabl e 8 Special characters use d in regular expressions display interface of interface will be displayed. Table11 Description on the fields of the display interface (in route mode) command. # Display the current state of Layer 2 interface Ethernet1/0 and related Table12 Description on the fields of the display interface command (in bridge mode) Table11 Description on the fields of the display interface (in route mode) command. Table12 Description on the fields of the display interface command (in bridge mode) duplex flow-control n interface n port link-mode n reset counters interface speed Page Page 9 ETHERNET INTERFACES IN BRIDGE M broadcast-suppression n display loopback-detection display port display port-group manual flow-interval group-member loopback-detection control enable loopback-detection enable loopback-detection interval-time loopback-detection per-vlan enable mdi n multicast-suppression n port-group unicast-suppression n virtual-cable-test n 186 CHAPTER 9: CONFIGURATION COMMANDS FOR ETHERNET INTERFACES IN BRIDGE MODE 10 ETHERNET INTERFACES IN ROUTE M n 11 async mode baudrate clock (serial interface view) Page code nrzi country-code detect n eliminate-pulse n idle-mark invert receive-clock invert transmit-clock mtu (on serial interfaces) physical-mode phy-mru reverse-rts virtualbaudrate 12 channel-set (CE1/PRI interface view) clock (CE1/PRI interface view) code (CEI/PRI interface view) controller e1 detect-ais display controller e1 error-diffusion restraint config error-diffusion restraint enable n error-diffusion restraint restart-channel n frame-format (CE1/PRI interface view) idlecode (CE1/PRI interface view) itf (CE1/PRI interface view) loopback (CE1/PRI interface view) pri-set (CE1/PRI interface view) reset counters controller e1 n using (CE1/PRI interface view) 13 alarm-threshold bert (CT1/PRI interface view) cable (CT1/PRI interface view) channel-set (CT1/PRI interface view) clock (CT1/PRI interface view) code (CT1/PRI interface view) controller t1 data-coding (CT1/PRI interface view) display controller t1 Page Page error-diffusion restraint config error-diffusion restraint enable n error-diffusion restraint restart-channel n fdl frame-format (CT1/PRI interface view) idlecode (CT1/PRI interface view) itf (CT1/PRI interface view) loopback (CT1/PRI interface view) pri-set (CT1/PRI interface view) reset counters controller t1 n sendloopcode Page 14 display fe1 fe1 cable fe1 clock fe1 code fe1 detect-ais fe1 frame-format fe1 loopback n fe1 timeslot-list n fe1 idlecode fe1 itf fe1 unframed Page 15 display ft1 240 CHAPTER 15: T1-F INTERFACE CONFIGURATION COMMANDS Page ft1 bert (T1-F interface view) ft1 cable ft1 clock ft1 code ft1 data-coding ft1 fdl ft1 frame-format ft1 idlecode ft1 itf ft1 loopback n ft1 timeslot-list ft1 alarm-threshold ft1 sendloopcode Page 16 bert (CE3 Interface) clock (CE3 interface view) controller e3 display controller e3 Page e1 bert e1 channel-set e1 set clock e1 set frame-format e1 set loopback e1 shutdown e1 unframed fe3 Page loopback (CE3 interface view) national-bit using (CE3 interface view) 17 alarm (CT3 interface view) bert (CT3 interface view) cable (CT3 interface view) clock (CT3 interface view) controller t3 display controller t3 Page Page Page feac (CT3 interface view) n frame-format (CT3 interface view) ft3 Page loopback (CT3 interface view) mdl (CT3 interface view) Page t1 alarm t1 bert t1 channel-set t1 sendloopcode t1 set clock t1 set frame-format t1 set loopback t1 set fdl t1 show Example # Display line state of T1 line 1 on CT3 interface T3 2/0. t1 shutdown Syntax t1 line-number shutdown Table22 Description on the fields of the t1 show command t1 unframed using (CT3 interface view) Page 18 loopback (ISDN BRI interface view) c Page 19 atm class atm-class atm-link check n display atm class display atm interface display atm map-info display atm pvc-group display atm pvc-info encapsulation interface atm n ip-precedence map bridge map ip map ppp Page n oam ais-rdi n oam frequency oamping interface pvc n pvc-group pvc max-number n pvp limit service cbr service ubr service vbr-nrt service vbr-rt Page transmit-priority 20 n dialer bundle dialer bundle-member dialer callback-center dialer call-in n dialer circular-group dialer disconnect dialer enable-circular dialer flow-interval dialer isdn-leased (physical interface view) n dialer number n dialer priority dialer queue-length dialer route n dialer threshold dialer timer autodial dialer timer compete dialer timer enable dialer timer idle dialer timer wait-carrier dialer user dialer-group n dialer-rule display dialer display interface dialer Syntax display interface dialer [numb er ] Table31 Description on the fields of the display dialer command Table32 Description on the fields of the display interface dialer command interface dialer ppp callback ppp callback ntstring Page Page 21 code nrzi display dlsw circuits display dlsw information display dlsw remote display dlsw reachable-cache Syntax display dlsw reachable-cache Table35 Description on the fields of the display dlsw remote command display llc2 Syntax display llc2 [circuit circuit-id ] Table36 Description on the fields of the display dlsw reachable-cache command Table37 Description on the fields of the display llc2 command dlsw bridge-set dlsw enable dlsw ethernet-frame-filter dlsw local dlsw reachable dlsw reachable-cache dlsw remote Page dlsw reverse dlsw max-transmission dlsw multicast dlsw timer idle-mark link-protocol sdlc llc2 max-ack llc2 max-pdu llc2 max-send-queue llc2 max-transmission llc2 modulo llc2 receive-window llc2 timer ack llc2 timer ack-delay llc2 timer busy llc2 timer detect llc2 timer poll llc2 timer reject reset dlsw circuits reset dlsw reachable-cache reset dlsw tcp sdlc controller sdlc enable dlsw sdlc mac-map local n sdlc mac-map remote sdlc max-pdu sdlc max-send-queue sdlc max-transmission sdlc modulo sdlc sap-map local sdlc sap-map remote sdlc simultaneous sdlc status sdlc timer ack sdlc timer lifetime sdlc timer poll sdlc window sdlc xid 22 annexg display fr compress display fr dlci-switch display fr inarp-info display fr interface display fr lmi-info display fr iphc Syntax display fr iphc [ interface interface-type interface-number ] Table43 Description on the fields of the display fr lmi-info command display fr map-info display fr map-info pppofr display fr pvc-info display fr statistics display interface mfr display mfr # Display detailed state information about all frame relay bundle links. Table50 Description on the fields of the display mfr command Table51 Description on the fields of the display mfr verbose command display x25 template Syntax display x25 template [ name ] Table51 Description on the fields of the display mfr verbose command Table52 Description on t he fields of the display x25 template command fr compression frf9 fr compression iphc fr dlci fr dlci-switch fr inarp fr interface-type fr iphc fr lmi n391dte fr lmi n392dce fr lmi n392dte fr lmi n393dce fr lmi n393dte fr lmi t392dce fr lmi type fr map ip fr map ppp fr switch fr switching interface mfr interface serial link-protocol fr link-protocol fr mfr mfr bundle-name mfr fragment mfr fragment-size mfr link-name mfr retry mfr stateup-respond-addlink mfr timer ack mfr timer hello mfr window-size reset fr inarp reset fr pvc x25-template x25 template Page 23 display garp statistics display garp timer garp timer garp timer leaveall reset garp statistics 24 display gvrp statistics display gvrp status gvrp n gvrp registration Page 25 link-protocol hdlc Page 26 channel # Add the XOT channel with a destination of 10.1.1.2 to hunt group hg1. display interface Syntax display interface [in terface-type [ interface-number ]] Table55 Description on the fields of the display interface command display x25 alias-policy Syntax display x25 alias-policy [interface interface-type interface-number ] Parameter interface interface-type interface-number: Specifies an interface by its type and number. Table55 Description on the fields of the display interface command display x25 cug display x25 hunt-group-info display x25 map display x25 pad display x25 switch-table pvc Syntax display x25 switch-table pvc display x25 switch-table svc Syntax display x25 switch-table svc {dynamic | static } Table59 Description on the fields of the display x25 pad command display x25 vc Page Table62 Description on the fields of the display x25 vc command display x25 x2t switch-table display x25 xot lapb max-frame lapb modulo lapb retry lapb timer lapb window-size link-protocol lapb link-protocol x25 pad reset xot reset x25 reset lapb statistics translate ip translate x25 c x25 alias-policy x25 call-facility x25 cug-service n x25 default-protocol x25 hunt-group x25 ignore called-address x25 ignore calling-address x25 local-cug n x25 map Table66 Description on the attributes or user facilities of X.25 address mapping x25 modulo n x25 packet-size x25 pvc x25 queue-length x25 receive-threshold x25 response called-address x25 response calling-address x25 reverse-charge-accept x25 roa-list x25 switch pvc Page x25 switch svc Page x25 switch svc hunt-group x25 switch svc xot x25 switching x25 timer hold x25 timer idle x25 timer tx0 x25 timer tx1 x25 timer tx2 x25 timer tx3 x25 vc-per-map x25 vc-range x25 window-size x25 x121-address x25 xot pvc Page x29 timer inviteclear-time 27 n display lacp system-id display link-aggregation interface Page display link-aggregation summary Syntax display link-aggregation summary Table73 Description on the fields of display link-aggregation interface display link-aggregation verbose Table75 Description on the fields of display link-aggregation verbose lacp port-priority Table75 Description on the fields of display link-aggregation verbose lacp system-priority link-aggregation group description link-aggregation group mode port link-aggregation group port-group aggregation reset lacp statistics Page 28 debugging lacp packet Table76 Description on the fields of the debugging lacp packet command Page n debugging lacp state debugging link-aggregation error debugging link-aggregation event Page 29 modem modem auto-answer n modem timer answer n sendat n Table80 Description on common AT commands Example # Send dialing command to call number 169. service modem-callback Syntax service modem-callback Table80 Description on common AT commands Page 30 display mirroring-group mirroring-group mirroring-group mirroring-port mirroring-group monitor-port mirroring-port monitor-port Page 31 display interface mp-group display interface virtual-template display ppp mp Syntax display ppp mp [ interface interface-type interface-number] Table83 Description on the fields of the display ppp mp command display virtual-access n interface mp-group ip address ppp-negotiate link-protocol ppp ppp account-statistics enable ppp authentication-mode n ppp chap password ppp chap user ppp ipcp dns ppp ipcp dns admit-any ppp ipcp dns request n ppp ipcp remote-address forced ppp lqc ppp mp ppp mp binding-mode ppp mp max-bind n ppp mp min-bind ppp mp min-fragment n ppp mp mp-group ppp mp user ppp mp virtual-template ppp pap local-user ppp timer negotiate remote address c Page 32 display ppp compression iphc rtp display ppp compression iphc tcp display ppp compression stac-lzs ip tcp vjcompress ppp compression iphc ppp compression iphc rtp-connections ppp compression iphc tcp-connections ppp compression stac-lzs ppp mp lfi ppp mp lfi delay-per-frag reset ppp compression iphc Page 33 display pppoe-server session n pppoe-server bind pppoe-server log-information off pppoe-server max-sessions local-mac pppoe-server max-sessions remote-mac pppoe-server max-sessions total reset pppoe-server Page Page 34 display pppoe-client session pppoe-client dial-bundle-number n reset pppoe-client Page 35 debugging ppp Page Table89 Description on the fields of the debugging ppp ipcp command Table88 Description on the fields of the debugging ppp event command Page Page Page 36 bridge aging-time bridge bridge-set enable n bridge bridging bridge enable n bridge learning bridge mac-address bridge routing bridge routing-enable bridge-set n display bridge address-table display bridge information Syntax display bridge information [ bridge-set bridge-set ] Table90 Description on the fields of the display bridge address-table command n display bridge traffic display interface bridge-template Syntax display interface bridge-template [interface-number ] Table92 Description on the fields of the display bridge traffic command fr map bridge Syntax fr map bridge dlci broadcast undo fr map bridge dlci Parameters dlci: Local virtual circuit number, in the range of 16 to 1007 Table93 Description on the fields of display interface bridge-template interface bridge-template mac-address (bridge-template interface view) n map bridge-group reset bridge address-table reset bridge traffic x25 map bridge 37 dialer isdn-leased (ISDN BRI interface view) n display isdn active-channel display isdn call-info Table95 Description on the fields of the display isdn call-info command display isdn call-record display isdn parameters display isdn spid isdn bch-local-manage isdn bch-select-way isdn caller-number isdn calling isdn check-called-number isdn check-time isdn crlength n isdn ignore connect-ack isdn ignore hlc isdn ignore llc isdn ignore sending-complete isdn L3-timer isdn link-mode isdn number-property Page Table100 Types and code schemes of ISDN numbers n isdn overlap-sending Syntax isdn overlap-sending [digits ] undo isdn overlap-sending View ISDN interface view Table101 Set the type and code scheme of ISDN numbers n isdn pri-slipwnd-size isdn protocol-mode isdn protocol-type isdn q921-permanent isdn send-restart isdn spid auto_trigger isdn spid nit isdn spid timer isdn spid service isdn spid resend isdn spid1 isdn spid2 isdn statistics isdn two-tei permanent-active n power-source Page Page 38 active region-configuration check region-configuration display stp Page display stp abnormal-port display stp down-port display stp history display stp region-configuration display stp root display stp tc instance region-name reset stp revision-level stp stp bpdu-protection stp bridge-diameter stp compliance stp config-digest-snooping stp cost stp edged-port stp loop-protection stp max-hops stp mcheck stp mode stp no-agreement-check n stp pathcost-standard # Configure the device to calculate the default path cost for ports based on IEEE 802.1t. stp point-to-point Table110 Link speed vs. path cost stp port-log stp port priority stp priority stp region-configuration stp root primary stp root secondary stp root-protection stp tc-protection stp tc-protection threshold stp timer forward-delay stp timer hello stp timer max-age stp timer-factor stp transmit-limit vlan-mapping modulo Page Page 39 description display interface vlan-interface Table111 Description on the fields of the display interface vlan-interface command display vlan interface vlan-interface ip address vlan Page Page 40 port port access vlan port hybrid pvid vlan port hybrid vlan port link-type port trunk permit vlan port trunk pvid vlan Page 41 n display voice vlan oui n display voice vlan state voice vlan voice vlan aging voice vlan enable voice vlan mac-address Page voice vlan mode auto voice vlan security enable Page Page 42 display port-isolate group port-isolate enable Page 43 n standby routing-group n standby routing-rule n standby timer routing-disable 44 n broadcast-limit link display interface loopback display interface mfr Table118 Description on the fields of the display interface mfr command display interface mp-group display interface null display interface virtual-ethernet display interface virtual-template display mfr display virtual-access n interface interface ethernet interface loopback interface mfr n interface mp-group interface null interface virtual-ethernet Page Page 45 n controller cpos display controller cpos Table121 Possible error types (Some information about T1 channels is omitted.) display controller cpos e1 Syntax display controller cpos cpos-number e1 e1-number Table122 Description on the fields of the display controller cpos command display controller cpos t1 Table123 Description on the fields of the display controller cpos t1 command e1 channel-set e1 set clock e1 set frame-format e1 set loopback e1 shutdown e1 unframed flag multiplex mode Page t1 channel-set t1 set clock t1 set frame-format t1 set loopback t1 shutdown t1 unframed Page 46 arp check enable arp max-learning-num arp static arp timer aging display arp Page display arp ip-address display arp timer aging display arp vpn-instance naturemask-arp enable reset arp Page 47 gratuitous-arp-sending enable gratuitous-arp-learning enable Page 48 arp source-suppression enable arp source-suppression limit display arp source-suppression 49 n arp authorized enable arp authorized time-out Page 50 proxy-arp enable local-proxy-arp enable display proxy-arp display local-proxy-arp 51 n bims-server bootfile-name dhcp enable n dhcp select server global-pool dhcp server detect dhcp server forbidden-ip dhcp server ip-pool dhcp server ping packets dhcp server ping timeout dhcp server relay information enable dhcp update arp display dhcp server conflict display dhcp server expired display dhcp server free-ip display dhcp server forbidden-ip display dhcp server ip-in-use display dhcp server statistics Syntax display dhcp server statistics Table128 Description on fields of the display dhcp server ip-in-use command Table129 Description on fields of the display dhcp server statistics command display dhcp server tree Syntax display dhcp server tree {all | pool [ pool-name ]} Table129 Description on fields of the display dhcp server statistics command dns-list domain-name expired gateway-list nbns-list netbios-type network option reset dhcp server conflict reset dhcp server ip-in-use reset dhcp server statistics static-bind client-identifier static-bind ip-address static-bind mac-address tftp-server domain-name tftp-server ip-address voice-config Page Page 52 n dhcp enable n dhcp relay address-check dhcp relay information enable dhcp relay information format n dhcp relay information strategy dhcp relay release ip dhcp relay security static dhcp relay security tracker dhcp relay server-detect dhcp relay server-group dhcp relay server-select dhcp select relay dhcp update arp display dhcp relay display dhcp relay security display dhcp relay security statistics display dhcp relay security tracker display dhcp relay server-group display dhcp relay statistics # Display DHCP packet statistics related to every server group on the relay agent. reset dhcp relay statistics Page 53 n display dhcp client ip address dhcp-alloc n Page 54 dhcp-snooping dhcp-snooping trust display dhcp-snooping n display dhcp-snooping trust Page Page 55 n c display bootp client ip address bootp-alloc 56 debugging dhcp server Table139 Description on the fields of the debugging dhcp server event command Table140 Description on the fields of the debugging dhcp server error command Table138 Description on the fields of the debugging dhcp server packet command // Checking for an expired lease // A DHCP-DISCOVER packet received Table140 Description on the fields of the debugging dhcp server error command // Checking whether the IP address 22.0.0.2 is in use // A DHCP-OFFER message containing the IP address 22.0.0.2 was sent to the DHCP client. // A DHCP-REQUEST message received debugging dhcp relay Table142 Description on the fields of the debugging dhcp relay event command Table143 Description on the fields of the debugging dhcp relay error command Table141 Description on the fields of the debugging dhcp relay packet command // The DHCP relay agent received a DHCP-OFFER message, and then broadcast it. debugging dhcp client Table145 Description on the fields of the debugging dhcp client event command Table146 Description on the fields of the debugging dhcp client error command Table144 Description on the fields of the debugging dhcp client packet command // The state of the DHCP client is changed from HALT to INIT. Table146 Description on the fields of the debugging dhcp client error command Page Page 57 n display dns domain display dns dynamic-host n display dns proxy table display dns server display ip host dns domain dns proxy enable dns resolve dns server n ip host reset dns dynamic-host Page Page 58 display ip count n display ip count rule ip count enable ip count exterior-threshold ip count firewall-denied ip count inbound-packets n ip count interior-threshold ip count outbound-packets ip count rule ip count timeout reset ip count Page 59 display ip interface Syntax display ip interface [ interface-type interface-number] Table154 Description on fields of the display ip interface command display ip interface brief n ip address ip address unnumbered Page 60 display fib # Display FIB information passing ACL 2000 # Display all entries that contain the string 127 and start from the first one. # Display FIB information passing the IP prefix list abc0 Table156 Description on the fields of the display fib command display fib ip-address display fib statistics display icmp statistics display ip socket display ip statistics Syntax display ip statistics Table159 Description on the fields of the display ip socket command display tcp statistics Syntax display tcp statistics Table160 Description on the fields of the display ip statistics command 794 CHAPTER 60: IP PERFORMANCE CONFIGURATION COMMANDS Table161 Description on the fields of the display tcp statistics command display tcp status display udp statistics ip forward-broadcast ip redirects ena ble ip ttl-expires enable ip unreachables enable reset ip statistics reset tcp statistics reset udp statistics tcp anti-naptha enable tcp mss tcp state n tcp syn-cookie enable tcp timer check-state tcp timer fin-timeout tcp timer syn-timeout tcp window Page 61 apply default output-interface apply ip-address default next-hop apply ip-address next-hop apply ip-precedence apply output-interface n display ip policy-based-route display ip policy-based-route setup display ip policy-based-route statistics display policy-based-route if-match acl if-match packet-length ip local policy-based-route ip policy-based-route policy-based-route reset policy-based-route statistics Page Page 62 display udp-helper server reset udp-helper packet udp-helper enable udp-helper port udp-helper server Page 63 ip urpf Page 64 display ip fast-forwarding cache ip fast-forwarding Page reset ip fast-forwarding cache Page 65 display dns ipv6 dynamic-host n display dns ipv6 server Example # Display IPv6 DNS server information. display ipv6 fib Syntax display ipv6 fib [ ipv6-address] Table171 Description on the fields of the display dns ipv6 server command Table172 Description on fields of the display ipv6 fib command display ipv6 fibcache display ipv6 host display ipv6 interface # Display brief IPv6 information of all interfaces for which IPv6 addresses can be configured. Table174 Description on fields of the display ipv6 interface command (on a router) Table175 Description on fields of display ipv6 interface brief (on a router) display ipv6 neighbors display ipv6 neighbors count display ipv6 pathmtu display ipv6 socket display ipv6 statistics Syntax display ipv6 statistics Table178 Description on fields of the display ipv6 socket command 838 CHAPTER 65: IPV6 BASICS CONFIGURATION COMMANDS Field Description IPv6 Protocol: Statistics of IPv6 packets Page display tcp ipv6 statistics Syntax display tcp ipv6 statistics Description Use the display tcp ipv6 statistics command to display TCP connection Example # Display the statistics of IPv6 TCP connections. Table180 Description on fields of the display tcp ipv6 statistics command display tcp ipv6 status Syntax display tcp ipv6 status Table180 Description on fields of the display tcp ipv6 statistics command display udp ipv6 statistics Syntax display udp ipv6 statistics Description Use the display udp ipv6 statistics command to display statistics of UDP Example # Display statistics information of UDP packets. Table181 Description on fields of the display tcp ipv6 status command dns server ipv6 ipv6 ipv6 address ipv6 address auto link-local ipv6 address eui-64 ipv6 address link-local ipv6 fibcache ipv6 fib-loadbalance-type hash-based ipv6 host ipv6 icmp-error ipv6 icmpv6 multicast-echo-reply enable ipv6 mtu ipv6 nd autoconfig managed-address-flag ipv6 nd autoconfig other-flag ipv6 nd dad attempts ipv6 nd hop-limit ipv6 nd ns retrans-timer ipv6 nd nud reachable-time ipv6 nd ra halt ipv6 nd ra interval ipv6 nd ra prefix ipv6 nd ra router-lifetime ipv6 neighbor ipv6 neighbors max-learning-num ipv6 pathmtu ipv6 pathmtu age reset dns ipv6 dynamic-host reset ipv6 fibcache reset ipv6 neighbors reset ipv6 pathmtu reset ipv6 statistics reset tcp ipv6 statistics reset udp ipv6 statistics tcp ipv6 timer fin-timeout tcp ipv6 timer syn-timeout tcp ipv6 window 66 display natpt address-group display natpt address-mapping display natpt aging-time Syntax display natpt aging-time Table184 Description on fields of the display natpt address-mapping command Table185 Description on fields of the display natpt aging-time command display natpt all Syntax display natpt all Description Use the display natpt all command to display all NAT-PT configuration Example # Display all NAT-PT configuration information. Table185 Description on fields of the display natpt aging-time command display natpt frag-sessions display natpt session display natpt statistics natpt address-group natpt aging-time natpt enable natpt max-session natpt prefix natpt turn-off tos natpt turn-off traffic-class natpt v4bound dynamic c natpt v4bound static natpt v6bound dynamic natpt v6bound static reset natpt dynamic-mappings reset natpt statistics 67 ipv6 ipv6 address ipv6 address auto link-local ipv6 address eui-64 ipv6 address link-local Page 68 n destination display interface tunnel display ipv6 interface tunnel Syntax display ipv6 interface tunnel number Table189 Description on fields of the display interface tunnel command encapsulation-limit interface tunnel Page source tunnel-protocol Page 69 apply default output-interface apply destination-based-forwarding apply ipv6-address default next-hop apply ipv6-address next-hop apply ipv6-precedence apply output-interface display ipv6 config policy-based-route display ipv6 policy-based-route display ipv6 policy-based-route setup display ipv6 policy-based-route statistics if-match acl6 if-match packet-length ipv6 local policy-based-route ipv6 policy-based-route (interface view) ipv6 policy-based-route (system view) Page 70 auto-close auto-link bind vpn-instance data protect router-unix data read block data send delay display rta # Display brief information about TTY 1. Table196 Description on the fields of the display rta terminal-number vty-number Table197 Description on the fields of the display rta terminal-number brief command # Display statistics about terminal 1. # Display all the information about terminal access. Table198 Description on the fields of the display rta terminal-number statistics command Table199 Description on the fields of the display rta all command Table197 Description on the fields of the display rta terminal-number brief command driverbuf save driverbuf size idle-timeout menu hotkey menu screencode print connection-info print information print menu print language redrawkey n reset rta connection reset rta statistics resetkey rta bind n rta rtc-server listen-port rta server enable rta source-ip n rta template rta terminal sendbuf bufsize sendbuf threshold tcp testkey n update changed-config vty description vty hotkey vty password vty rtc-client remote vty rtc-server remote vty screencode vty telnet remote vty tty remote vty-switch priority vty-switch threshold Page Page 71 bandwidth-based-sharing display ip routing-table Page # Display detailed information about all routes in the routing table. Table202 Description on the fields of the display ip routing-table command display ip routing-table acl Syntax display ip routing-table acl acl-number [ verbose ] Parameters acl-number: Basic ACL number, in the range of 2000 to 2999. Table203 Description on the fields of the display ip routing-table verbose command n Table204 Description on the fields of the display ip routing-table command display ip routing-table ip-address Table204 Description on the fields of the display ip routing-table command Page Page display ip routing-table ip-prefix display ip routing-table protocol display ip routing-table statistics display ip relay-route display ip relay-tunnel display load-sharing ip address display ipv6 routing-table display ipv6 routing-table acl display ipv6 routing-table ipv6-address display ipv6 routing-table ipv6-address1 ipv6-address2 display ipv6 routing-table ipv6-prefix display ipv6 routing-table protocol display ipv6 routing-table statistics display ipv6 routing-table verbose Syntax display ipv6 routing-table verbose display ipv6 relay-route Syntax display ipv6 relay-route Table211 Description on the fields of the display ipv6 routing-table verbose command display ipv6 relay-tunnel load-bandwidth reset load-sharing reset ip routing-table statistics protocol reset ipv6 routing-table statistics Page 72 n aggregate balance (BGP/BGP-VPN instance view) bestroute as-path-neglect (BGP/BGP-VPN instance view) bestroute compare-med (BGP/BGP-VPN instance view) bestroute med-confederation (BGP/BGP-VPN instance view) bgp compare-different-as-med (BGP/BGP-VPN instance view) confederation id confederation nonstandard confederation peer-as dampening (BGP/BGP-VPN instance view) default ipv4-unicast default local-preference (BGP/BGP-VPN instance view) default med (BGP/BGP-VPN instance view) default-route imported (BGP/BGP-VPN instance view) display bgp group display bgp network Syntax display bgp network Table215 Description on the fields of the display bgp group command Table216 Description on the fields of the display bgp network command display bgp paths display bgp peer Table218 Description on the fields of the display bgp peer command display bgp routing-table display bgp routing-table as-path-acl Syntax display bgp routing-table as-path-acl as-path-acl-number Table219 Description on the fields of the display bgp routing command 970 CHAPTER 72: BGP CONFIGURATION COMMANDS Refer to Table219 for description on the fields abo ve. display bgp routing-table cidr Refer to Table219 for description on the above fields. Syntax display bgp routing-table cidr display bgp routing-table community display bgp routing-table community-list display bgp routing-table dampened display bgp routing-table dampening parameter display bgp routing-table different-origin-as display bgp routing-table flap-info display bgp routing-table peer display bgp routing-table regular-expression display bgp routing-table statistic ebgp-interface-sensitive filter-policy export (BGP/BGP-VPN instance view) filter-policy import (BGP/BGP-VPN instance view) graceful-restart (BGP view) n graceful-restart timer restart graceful-restart timer wait-for-rib n group (BGP/BGP-VPN instance view) import-route (BGP/BGP-VPN instance view) Page network (BGP/BGP-VPN instance view) peer advertise-community (BGP/BGP-VPN instance view) peer advertise-ext-community (BGP/BGP-VPN instance view) peer allow-as-loop (BGP/BGP-VPN instance view) peer as-number (BGP/BGP-VPN instance view) peer as-path-acl (BGP/BGP-VPN instance view) peer capability-advertise conventional peer capability-advertise route-refresh peer connect-interface (BGP/BGP-VPN instance view) peer default-route-advertise (BGP/BGP-VPN instance view) peer description (BGP/BGP-VPN instance view) peer ebgp-max-hop (BGP/BGP-VPN instance view) peer enable (BGP view) peer fake-as (BGP/BGP-VPN instance view) n peer filter-policy (BGP/BGP-VPN instance view) peer group (BGP/BGP-VPN instance view) peer ignore (BGP/BGP-VPN instance view) peer ip-prefix peer keep-all-routes (BGP/BGP-VPN instance view) peer log-change (BGP/BGP-VPN instance view) peer next-hop-local (BGP/BGP-VPN instance view) peer password peer preferred-value (BGP/BGP-VPN instance view) peer public-as-only (BGP/BGP-VPN instance view) peer reflect-client (BGP/BGP-VPN instance view) peer route-limit (BGP/BGP-VPN instance view) peer route-policy (BGP/BGP-VPN instance view) peer route-update-interval (BGP/BGP-VPN instance view) peer substitute-as (BGP/BGP-VPN instance view) peer timer (BGP/BGP-VPN instance view) preference (BGP/BGP-VPN instance view) reflect between-clients (BGP view) reflector cluster-id (BGP view) refresh bgp reset bgp reset bgp dampening reset bgp flap-info reset bgp ipv4 all summary automatic synchronization (BGP view) timer (BGP/BGP-VPN instance view) Page Page 73 debugging bgp all // BGP configuration information // Upon expiration of the connect timer, BGP initiated a connection with the peer. // After the connection is established, BGP sent an OPEN message to the peer. // BGP received an OPEN message from the peer n debugging bgp detail debugging bgp event debugging bgp graceful-restart Page debugging bgp // Information about the sent BGP Open message Table227 Description on the fields of the debugging bgp open command Table228 Description on the fields of the debugging bgp refresh command Page debugging bgp timer debugging bgp update debugging bgp update ipv4 // Update messages of IPv4 address family debugging bgp update ipv6 Page debugging bgp update l2vpn debugging bgp update label-route Page debugging bgp update peer debugging bgp update vpls debugging bgp update vpn-instance debugging bgp update vpnv4 1036 CHAPTER 73: BGP DEBUGGING COMMANDS // Update message information of VPNv4 74 area-authentication-mode n auto cost enable bandwidth-reference (IS-IS view) circuit-cost cost-style default-route-advertise (IS-IS view) n display isis brief display isis debug-switches display isis graceful-restart status display isis interface Examples # Display IS-IS enabled interface information. # Display detailed IS-IS interface information. Table235 Description on the fields of the display isis interface command 1046 CHAPTER 74: IS-IS CONFIGURATION COMMANDS display isis license Syntax display isis license Table235 Description on the fields of the display isis interface command Field Description n display isis lsdb n display isis mesh-group display isis name-table display isis peer display isis route n display isis spf-log Syntax display isis spf-log [process-id | vpn-instance vpn-instance-name ] Table240 Description on the fields of the display isis route command Table241 Description on the fields of the display isis spf-log command display isis statistics domain-authentication-mode filter-policy export (IS-IS view) filter-policy import (IS-IS view) flash-flood graceful-restart (IS-IS view) graceful-restart interval (IS-IS view) graceful-restart suppress-sa import-route (IS-IS view) Page n import-route isis level-2 into level-1 isis isis authentication-mode n isis circuit-level isis circuit-type isis cost isis dis-name isis dis-priority isis enable isis mesh-group n isis peer-ip-ignore isis enable n isis small-hello isis timer csnp n isis timer hello n isis timer holding-multiplier n isis timer lsp isis timer retransmit n is-level is-name is-name map is-snmp-traps enable log-peer-change (IS-IS view) n lsp-fragments-extend lsp-length originate n lsp-length receive maximum load-balancing (IS-IS view) network-entity preference (IS-IS view) reset isis all reset isis peer set-overload spf-slice-size summary (IS-IS view) timer isp-generation n timer lsp-max-age timer lsp-refresh n timer spf virtual-system Page 75 debugging isis Page Table243 Description on the fields of the debugging isis adjacency command Table244 Description on the fields of the debugging isis authentication-error command Table243 Description on the fields of the debugging isis adjacency command Table245 Description on the fields of the debugging isis checksum-error command Table246 Description on the fields of the debugging isis circuit-information command Table247 Description on the fields of the debugging isis datalink-receiving-packet Table248 Description on the fields of the debugging isis datalink-sending-packet Table249 Description on the fields of the debugging isis general-error command Table250 Description on the fields of the debugging isis graceful-restart command Table251 Description on the fields of the debugging isis ha-events command Table252 Description on the fields of the debugging isis interface-information command Table250 Description on the fields of the debugging isis graceful-restart command Table253 Description on the fields of the debugging isis receiving-packet-content Table254 Description on the fields of the debugging isis self-originate-update command Table255 Description on the fields of the debugging isis sending-packet-content Table256 Description on the fields of the debugging isis snp-packet command Table254 Description on the fields of the debugging isis self-originate-update command Table256 Description on the fields of the debugging isis snp-packet command Page Page Table258 Description on the fields of the debugging isis spf-summary command Table259 Description on the fields of the debugging isis spf-timer command Table261 Description on the fields of the debugging isis update-packet command Page Page // L1 SPF calculation was running and the L1 IS-IS routing table was updated. // L2 SPF calculation was running, and IP routing table and default routes were updated. Page 76 n abr-summary (OSPF area view) area (OSPF view) asbr-summary authentication-mode bandwidth-reference (OSPF view) default default-cost (OSPF area view) default-route-advertise (OSPF view) description (OSPF/OSPF area view) display ospf abr-asbr display ospf asbr-summary display ospf brief Table264 Description on the fields of the display ospf brief command display ospf cumulative Syntax display ospf [ process-id] cumulative Table264 Description on the fields of the display ospf brief command display ospf error Syntax display ospf [ process-id] error Table265 Description on the fields of the display ospf cumulative command Table266 Description on the fields of the display ospf error command display ospf interface display ospf lsdb # Display Type2 LSA (Network LSA) information in the LSDB. Table268 Description on the fields of the display ospf lsdb command display ospf nexthop display ospf peer # Display brief OSPF neighbor information. display ospf peer statistics Syntax display ospf [ process-id] peer statistics Description Use the display ospf peer statistics command to display OSPF neighbor Table272 Description on the fields of the display ospf peer command Table271 Description on the fields of the display ospf peer verbose command display ospf request-queue display ospf retrans-queue display ospf routing display ospf vlink Syntax display ospf [ process-id] vlink Table276 Description on the fields of the display ospf routing command Table277 Description on the fields of the display ospf vlink command enable link-local-signaling enable log enable out-of-band-resynchronization filter import/export n filter-policy export (OSPF view) filter-policy import (OSPF view) graceful-restart (OSPF view) graceful-restart help graceful-restart interval (OSPF view) host-advertise import-route (OSPF view) n lsa-arrival-interval lsa-generation-interval lsdb-overflow-limit maximum load-balancing (OSPF view) maximum-routes network (OSPF area view) nssa opaque-capability enable ospf ospf authentication-mode Page ospf cost ospf dr-priority ospf mib-binding ospf mtu-enable ospf network-type n ospf timer dead ospf timer hello ospf timer poll ospf timer retransmit ospf trans-delay Page reset ospf counters reset ospf process reset ospf redistribution rfc1583 compatible silent-interface (OSPF view) snmp-agent trap enable ospf Page spf-schedule-interval stub (OSPF area view) stub-router vlink-peer (OSPF area view) Page 77 checkzero default cost (RIP view) default-route originate display rip Page display rip database Syntax display rip process-id database Table278 Description on the fields of the display rip command Table279 Description on fields of the display rip database command display rip interface display rip route Page # Display the routing statistics of RIP process 1. filter-policy export (RIP view) Table281 Description on the fields of the display rip route command Table282 Description on the fields of the display rip route statistics command filter-policy import (RIP view) host-route n import-route (RIP view) maximum load-balancing (RIP view) network Page reset rip statistics rip rip authentication-mode n rip input rip metricin rip metricout rip mib-binding rip output rip poison-reverse rip split-horizon n rip summary-address rip triggered rip version silent-interface (RIP view) summary timers trip retransmit count trip retransmit timer validate-source-address version Page 78 n apply as-path apply comm-list delete apply community apply cost apply cost-type apply extcommunity apply isis apply local-preference apply mpls-label apply origin apply preference apply preferred-value apply tag display ip as-path display ip community-list display ip extcommunity-list display route-policy if-match as-path if-match community if-match cost if-match extcommunity if-match interface if-match mpls-label if-match route-type if-match tag ip as-path ip community-list Page ip extcommunity-list route-policy Page 79 apply ip-address next-hop display ip ip-prefix if-match acl if-match ip if-match ip-prefix ip ip-prefix reset ip ip-pref ix Page 80 apply ipv6 next-hop display ip ipv6-prefix if-match ipv6 ip ipv6-prefix reset ip ipv6-prefix 81 delete static-routes all ip route-static Page n ip route-static default-preference 82 balance (IPv6 address family view) bestroute as-path-neglect (IPv6 address family view) bestroute compare-med (IPv6 address family view) bestroute med-confederation (IPv6 address family view) compare-different-as-med (IPv6 address family view) dampening (IPv6 address family view) default local-preference(IPv6 address family view) default med (IPv6 address family view) default-route imported (IPv6 address family view) display bgp ipv6 group Examples # Display the information of the IPv6 peer group aaa. display bgp ipv6 network Syntax display bgp ipv6 network Table287 Description on the fields of the display bgp ipv6 group command display bgp ipv6 paths display bgp ipv6 peer display bgp ipv6 routing-table Syntax display bgp ipv6 routing-table [ipv6-address prefix-length ] Table290 Description on the fields of the display bgp ipv6 peer command Table291 Description on the fields of the display bgp ipv6 routing-table command display bgp ipv6 routing-table as-path-acl Syntax display bgp ipv6 routing-table as-path-acl as-path-acl-number Table291 Description on the fields of the display bgp ipv6 routing-table command display bgp ipv6 routing-table community display bgp ipv6 routing-table community-list display bgp ipv6 routing-table dampened display bgp ipv6 routing-table dampening parameter display bgp ipv6 routing-table different-origin-as display bgp ipv6 routing-table flap-info display bgp ipv6 routing-table label display bgp ipv6 routing-table peer display bgp ipv6 routing-table regular-expression display bgp ipv6 routing-table statistic filter-policy export(IPv6 address family view) filter-policy import (IPv6 address family view) group (IPv6 address family view) import-route (IPv6 address family view) ipv6-family network (IPv6 address family view) peer advertise-community (IPv6 address family view) peer advertise-ext-community (IPv6 address family view) peer allow-as-loop (IPv6 address family view) peer as-number (IPv6 address family view) peer as-path-acl (IPv6 address family view) peer capability-advertise route-refresh peer connect-interface (IPv6 address family view) peer default-route-advertise peer description (IPv6 address family view) peer ebgp-max-hop (IPv6 address family view) peer enable (IPv6 address family view) peer fake-as (IPv6 address family view) peer filter-policy (IPv6 address family view) peer group (IPv6 address family view) peer ignore (IPv6 address family view) peer ipv6-prefix peer keep-all-routes (IPv6 address family view) peer label-route-capability (IPv6 address family view) peer log-change (IPv6 address family view) peer next-hop-local (IPv6 address family view) peer preferred-value (IPv6 address family view) peer public-as-only (IPv6 address family view) peer reflect-client (IPv6 address family view) peer route-limit (IPv6 address family view) peer route-policy (IPv6 address family view) peer route-update-interval (IPv6 address family view) peer substitute-as (IPv6 address family view) peer timer (IPv6 address family view) preference (IPv6 address family view) reflect between-clients (IPv6 address family view) reflector cluster-id (IPv6 address family view) refresh bgp ipv6 reset bgp ipv6 reset bgp ipv6 dampening reset bgp ipv6 flap-info synchronization (IPv6 address family view) timer (IPv6 address family view) Page Page 83 n display isis route ipv6 n # Display detailed IPv6 IS-IS routing information. Table296 Description on the fields of the display isis route ipv6 command Table297 Description on the fields of the display isis route ipv6 verbose command ipv6 default-route-advertise n ipv6 enable ipv6 filter-policy export ipv6 filter-policy import ipv6 import-route c ipv6 import-route isisv6 level-2 into level-1 ipv6 maximum load-balancing n ipv6 preference ipv6 summary n isis ipv6 enable 84 abr-summary (OSPFv3 area view) area (OSPFv3 view) n default cost default-cost (OSPFv3 area view) display debugging ospfv3 display ospfv3 Syntax display ospfv3 [ process-id] Table298 Description on the fields of the display isofv3 command display ospfv3 interface Syntax display ospfv3 interface [ interface-type interface-number | statistic] Examples # Display OSPFv3 interface information. Table298 Description on the fields of the display isofv3 command Table299 Description on the fields of the display ospfv3 interface command display ospfv3 lsdb # Display Link-local LSA information in the LSDB. Table300 Description on the fields of the display isofv3 lsdb command Table301 Description on the fields of the display ospfv3 lsdb command display ospfv3 lsdb statistic Syntax display ospfv3 lsdb statistic Table301 Description on the fields of the display ospfv3 lsdb command Table302 Descriptions on the fields of the display ospfv3 lsdb statistic command display ospfv3 next-hop display ospfv3 peer # Display detailed neighbor information of OSPFv3 process 100 of an interface. Table304 Description on the fields of the display isofv3 peer command Table305 Description on the fields of the display isofv3 peer verbose command display ospfv3 peer statistic display ospfv3 request-list display ospfv3 retrans-list display ospfv3 routing Page display ospfv3 statistic display ospfv3 topology display ospfv3 vlink filter-policy export(OSPFv3 view) n filter-policy import(OSPFv3 view) n import-route(OSPFv3 view) c maximum load-balancing(OSPFv3 view) ospfv3 n ospfv3 area ospfv3 cost ospfv3 dr-priority ospfv3 mtu-ignore ospfv3 timer dead ospfv3 timer hello ospfv3 timer retransmit ospfv3 trans-delay Page n silent-interface(OSPFv3 view) spf timers stub(OSPFv3 area view) vlink-peer(OSPFv3 area view) Page 85 checkzero default cost (RIPng view) display ripng display ripng database Syntax display ripng process-id database Table316 Description on the fields of the display ripng command Table317 Description on fields of the display ripng database command display ripng interface display ripng route Syntax display ripng process-id route Table319 Description on the fields of the display ripng route command filter-policy export filter-policy import (RIPng view) import-route maximum load-balancing (RIPng view) n ripng ripng default-route ripng enable ripng metricin ripng metricout ripng poison-reverse ripng split-horizon n ripng summary-address timers Page Page 86 delete ipv6 static-routes all ipv6 route-static Page 87 FORWARDING CONFIGURATION display multicast boundary display multicast forwarding-table Table321 Description on the fields of display multicast forwarding-table Table322 Major values of the flags field display multicast minimum-ttl display multicast routing-table display multicast routing-table static display multicast rpf-info ip rpf-route-static Page mtracert multicast boundary multicast forwarding-table downstream-limit multicast forwarding-table route-limit multicast load-splitting multicast longest-match multicast minimum-ttl multicast routing-enable reset multicast forwarding-table reset multicast routing-table Page 88 display igmp group display igmp interface Table329 Description on the fields of the display igmp interface command display igmp routing-table fast-leave (IGMP view) n igmp igmp enable igmp fast-leave igmp group-policy n igmp last-member-query-interval igmp max-response-time igmp require-router-alert igmp robust-count igmp send-router-alert igmp static-group igmp timer other-querier-present n igmp timer query igmp version last-member-query-interval max-response-time (IGMP view) require-router-alert (IGMP view) reset igmp group robust-count (IGMP view) send-router-alert (IGMP view) timer other-querier-present (IGMP view) n timer query (IGMP view) version (IGMP view) Page 89 cache-sa-enable display msdp brief display msdp peer-status Table332 Description on the fields of the display msdp peer-status command display msdp sa-cache Table332 Description on the fields of the display msdp peer-status command Page display msdp sa-count encap-data-enable import-source n msdp originating-rp peer connect-interface peer description peer mesh-group peer minimum-ttl peer request-sa-enable peer sa-cache-maximum peer sa-policy peer sa-request-policy reset msdp peer reset msdp sa-cache reset msdp statistics shutdown (MSDP View) static-rpf-peer timer retry 90 auto-rp enable bsr-policy (PIM view) c-bsr (PIM view) c-bsr admin-scope c-bsr global c-bsr group c-bsr hash-length (PIM view) c-bsr holdtime (PIM view) n c-bsr interval (PIM view) n c-bsr priority (PIM view) c-rp (PIM view) c-rp advertisement-interval (PIM view) c-rp holdtime (PIM view) crp-policy (PIM view) display pim bsr-info display pim claimed-route display pim control-message counters Page display pim grafts display pim interface # View the detailed PIM information on Ethernet 1/0 in the public instance. Table339 Description on the fields of the display pim interface command display pim join-prune Table340 Description on the fields of the display pim interface verbose command display pim neighbor Page display pim routing-table Page display pim rp-info Syntax display pim [vpn- instance vpn-instance-name | all-instance ] rp-info [group-address] Table343 Description on the fields of the display pim routing-table command Page hello-option dr-priority (PIM view) hello-option holdtime (PIM view) hello-option lan-delay (PIM view) hello-option neighbor-tracking (PIM view) hello-option override-interval (PIM view) holdtime assert (PIM view) holdtime join-prune (PIM view) jp-pkt-size (PIM view) jp-queue-size (PIM view) pim pim bsr-boundary pim dm pim hello-option dr-priority pim hello-option holdtime pim hello-option lan-delay pim hello-option neighbor-tracking pim hello-option override-interval pim holdtime assert pim holdtime join-prune pim require-genid pim sm pim state-refresh-capable pim timer graft-retry pim timer hello pim timer join-prune pim triggered-hello-delay probe-interval (PIM view) register-policy (PIM view) register-suppression-timeout (PIM view) register-whole-checksum (PIM view) reset pim control-message counters source-lifetime (PIM view) source-policy (PIM view) spt-switch-threshold (PIM view) Page ssm-policy (PIM view) state-refresh-interval (PIM view) state-refresh-rate-limit (PIM view) state-refresh-ttl (PIM view) static-rp (PIM view) timer hello (PIM view) timer join-prune (PIM view) timer spt-switch (PIM view) Page 91 FORWARDING CONFIGURATION display multicast ipv6 boundary display multicast ipv6 forwarding-table Page display multicast ipv6 minimum-hoplimit Syntax display multicast ipv6 minimum-hoplimit [ interface-type interface-number ] Table346 Description on the fields of the display multicast ipv6 forwarding-table Table347 Values and meanings of the Flags field display multicast ipv6 routing-table display multicast ipv6 rpf-info multicast ipv6 boundary multicast ipv6 forwarding-table downstream-limit multicast ipv6 forwarding-table route-limit multicast ipv6 load-splitting multicast ipv6 longest-match multicast ipv6 minimum-hoplimit multicast ipv6 routing-enable reset multicast ipv6 forwarding-table reset multicast IPv6 routing-table Page 92 display mld group display mld interface display mld routing-table fast-leave (MLD view) n last-listener-query-interval max-response-time (MLD view) mld mld enable mld fast-leave mld group-policy n mld last-listener-query-interval mld max-response-time mld require-router-alert mld robust-count mld send-router-alert mld static-group mld timer other-querier-present n mld timer query mld version require-router-alert (MLD view) reset mld group robust-count (MLD view) send-router-alert (MLD view) timer other-querier-present (MLD view) n timer query (MLD view) version (MLD view) 93 bsr-policy (IPv6 PIM view) c-bsr (IPv6 PIM view) c-bsr hash-length (IPv6 PIM view) c-bsr holdtime (IPv6 PIM view) n c-bsr interval (IPv6 PIM view) n c-bsr priority (IPv6 PIM view) c-rp (IPv6 PIM view) c-rp advertisement-interval (IPv6 PIM view) c-rp holdtime (IPv6 PIM view) crp-policy (IPv6 PIM view) display pim ipv6 bsr-info display pim ipv6 claimed-route Syntax display pim ipv6 claimed-route [ ipv6-source-address] Table354 Description on the fields of the display pim ipv6 bsr-info command display pim ipv6 control-message counters Page display pim ipv6 grafts display pim ipv6 interface Table358 Description on the fields of the display pim ipv6 interface command display pim ipv6 join-prune display pim ipv6 neighbor display pim ipv6 routing-table Page display pim ipv6 rp-info embedded-rp n hello-option dr-priority (IPv6 PIM view) hello-option holdtime (IPv6 PIM view) hello-option lan-delay (IPv6 PIM view) hello-option neighbor-tracking (IPv6 PIM view) hello-option override-interval (IPv6 PIM view) holdtime assert (IPv6 PIM view) holdtime join-prune (IPv6 PIM view) jp-pkt-size (IPv6 PIM view) jp-queue-size (IPv6 PIM view) pim ipv6 pim ipv6 bsr-boundary pim ipv6 dm pim ipv6 hello-option dr-priority pim ipv6 hello-option holdtime pim ipv6 hello-option lan-delay pim ipv6 hello-option neighbor-tracking pim ipv6 hello-option override-interval pim ipv6 holdtime assert pim ipv6 holdtime join-prune pim ipv6 require-genid pim ipv6 sm pim ipv6 state-refresh-capable pim ipv6 timer graft-retry pim ipv6 timer hello pim ipv6 timer join-prune pim ipv6 triggered-hello-delay probe-interval (IPv6 PIM view) register-policy (IPv6 PIM view) register-suppression-timeout (IPv6 PIM view) register-whole-checksum (IPv6 PIM view) reset pim ipv6 control-message counters source-lifetime (IPv6 PIM view) source-policy (IPv6 PIM view) spt-switch-threshold (IPv6 PIM view) ssm-policy (IPv6 PIM view) state-refresh-hoplimit state-refresh-interval (IPv6 PIM view) state-refresh-rate-limit (IPv6 PIM view) static-rp (IPv6 PIM view) timer hello (IPv6 PIM view) timer join-prune (IPv6 PIM view) timer spt-switch (IPv6 PIM view) Page Page 94 display multicast-domain vpn-instance share-group display multicast-domain vpn-instance switch-group receive Page display multicast-domain vpn-instance switch-group send multicast-domain holddown-time multicast-domain log switch-group-reuse multicast-domain share-group multicast-domain switch-delay multicast-domain switch-group-pool Page 95 n display mpls fast-forwarding cache n display mpls ilm display mpls interface n display mpls label display mpls ldp display mpls ldp cr-lsp display mpls ldp interface 1520 CHAPTER 95: MPLS BASICS CONFIGURATION COMMANDS Example # Display information about all LDP interfaces. # Display detailed information about all interfaces. display mpls ldp Isp display mpls ldp peer Example # Display information about all peers. # Display detailed information about all peers. Table374 Description on the fields of the display mpls ldp peer command display mpls ldp remote-peer display mpls ldp session Example # Display information about sessions. # Display detailed information about all sessions. Table377 Description on the fields of the display mpls ldp session command display mpls ldp vpn-instance Table378 Description on the fields of display mpls ldp session verbose n display mpls lsp n Example # Display information about all LSPs. # Display detailed information about all LSPs. Table379 Description on the fields of the display mpls lsp command Table380 Description on the fields of the display mpls lsp verbose command display mpls lsp statistics Syntax display mpls lsp statistics display mpls nhlfe Syntax display mpls nhlfe [token ] [ include text] Table380 Description on the fields of the display mpls lsp verbose command display mpls route-state display mpls static-lsp Example # Display brief information about static LSPs. # Display detailed information about static LSPs. display mpls statistics interface Syntax display mpls statistics interface { interface-type interface-number | all} Table384 Description on the fields of the display mpls static-lsp command Table385 Description on the fields of the display mpls static-lsp verbose command Page display mpls statistics lsp Syntax display mpls statistics lsp { index | all | name lsp-name } Table386 Description on the fields of display mpls statistics interface Table387 Description on the fields of the display mpls statistics lsp command n du-readvertise du-readvertise timer graceful-restart (MPLS LDP view) graceful-restart mpls ldp graceful-restart timer neighbor-liveness graceful-restart timer reconnect graceful-restart timer recovery hops-count label advertise n label-distribution n label-retention n loop-detect lsp-trigger lsr-id md5-password mpls mpls ldp (system view) mpls ldp (interface view) n mpls ldp advertisement mpls ldp remote-peer mpls ldp timer hello-hold n mpls ldp timer keepalive-hold mpls ldp transport-address mpls lsr-id mtu-signalling path-vectors ping lsp remote-ip reset mpls fast-forwarding cache reset mpls ldp reset mpls statistics interface reset mpls statistics lsp snmp-agent trap enable mpls static-lsp egress static-lsp ingress static-lsp transit statistics interval tracert lsp ttl expiration ttl propagate 96 n add hop delete hop display explicit-path display isis traffic-eng advertisements 1568 CHAPTER 96: MPLS TE CONFIGURATION COMMANDS Table389 Description on the fields of display isis traffic-eng advertisements Field Description LSPID LSP ID LSP Seq Num LSP sequence number display isis traffic-eng link display isis traffic-eng network display isis traffic-eng statistics Syntax display isis traffic-eng statistics [ process-id | vpn-instance vpn-instance-name] Parameter process-id: IS-IS process ID, in the range 1 to 65535. Table391 Description on the fields of the display isis traffic-eng network command display isis traffic-eng sub-tlvs display mpls rsvp-te # Display the RSVP-TE configuration on interface Ethernet 1/0. Table394 Description on the fields of the display mpls rsvp-te command Table395 Description on the fields of the display mpls rsvp-te interface command display mpls rsvp-te established display mpls rsvp-te peer display mpls rsvp-te psb-content Table398 Description on the fields of display mpls rsvp-te psb content display mpls rsvp-te request display mpls rsvp-te reservation display mpls rsvp-te rsb-content Table401 Description on the fields of display mpls rsvp-te rsb content display mpls rsvp-te sender display mpls rsvp-te statistics # Display the RSVP-TE statistics of interface Serial 1/0. Table403 Description on the fields of the display mpls rsvp-te statistics command display mpls static-cr-lsp # Display detailed information about all static CR-LSPs. display mpls te cspf tedb Table404 Description on the fields of the display mpls static-cr-lsp command Table405 Description on the fields of display mpls static-cr-lsp verbose Page # Display all TEDB information. # Display the TEDB information of IGP area 1. Table407 Description on the fields of the display mpls te cspf tedb all command Table408 Description on the fields of the display mpls te cspf tedb area command Table406 Description on the fields of the display mpls te cspf tedb command # Display the TEDB information of all nodes. Table408 Description on the fields of the display mpls te cspf tedb area command # Display TEDB information for a specified interface address. Table409 Description on the fields of the display mpls te cspf tedb node command display mpls te link-administration admission-control display mpls te link-administration bandwidth-allocation display mpls te tunnel Page display mpls te tunnel path display mpls te tunnel statistics display mpls te tunnel-interface Table417 Description on the fields of display mpls te tunnel-interface command display ospf mpls-te Table418 Description on the fields of the display ospf mpls-te command display ospf traffic-adjustment Syntax display ospf [ process-id] traffic-adj ustment Table418 Description on the fields of the display ospf mpls-te command Table419 Description on the fields of the display ospf traffic-adjustment command display tunnel-info enable traffic-adjustment enable traffic-adjustment advertise explicit-path list hop modify hop mpls rsvp-te mpls rsvp-te authentication mpls rsvp-te blockade-multiplier mpls rsvp-te graceful-restart mpls rsvp-te hello mpls rsvp-te hello-lost mpls rsvp-te keep-multiplier mpls rsvp-te reliability mpls rsvp-te resvconfirm mpls rsvp-te srefresh mpls rsvp-te timer graceful-restart recovery mpls rsvp-te timer graceful-restart restart mpls rsvp-te timer hello mpls rsvp-te timer refresh mpls rsvp-te timer retransmission mpls te c mpls te affinity property mpls te auto-bandwidth n mpls te backup n mpls te backup bandwidth n mpls te bandwidth mpls te bandwidth change thresholds mpls te commit mpls te cspf mpls te cspf timer failed-link mpls te fast-reroute n mpls te fast-reroute bypass-tunnel n mpls te igp advertise n mpls te igp metric mpls te igp shortcut n mpls te link administrative group mpls te loop-detection mpls te max-link-bandwidth mpls te max-reservable-bandwidth mpls te metric mpls te path explicit-path mpls te path metric-type mpls te priority mpls te record-ro ute mpls te reoptimization (user view) mpls te reoptimization (tunnel interface view) n mpls te resv-style mpls te retry mpls te route-pinning n mpls te signal-protocol c mpls te tie-breaking n mpls te timer auto-bandwidth n mpls te timer fast-reroute n mpls te timer retry mpls te tunnel-id n mpls te vpn-binding mpls-te enable next hop opaque-capability reset mpls rsvp-te statistics reset mpls te auto-bandwidth adjustment timers n static-cr-lsp egress static-cr-lsp ingress n static-cr-lsp transit n te-set-subtlv traffic-eng n Page 97 ccc interface in-label out-label n ccc interface out-interface ce connection display bgp l2vpn Example # Display all information about L2VPN in the BGP routing table. # Display brief information about L2VPN peers in the BGP routing table. Table421 Description on the fields of the display bgp l2vpn all command Table422 Description on the fields of the display bgp l2vpn peer command # Display detailed information about L2VPN peer 3.3.3.9 in the BGP routing table. Table423 Description on the fields of the display bgp l2vpn peer verbose command Table422 Description on the fields of the display bgp l2vpn peer command # Display L2VPN information with the RD being 100:1 in the BGP routing table. # Display L2VPN information with the RD being 100:1 and the CE ID being 4 in the BGP routing table. Table424 Description on the fields of display bgp l2vpn route-distinguisher Table423 Description on the fields of the display bgp l2vpn peer verbose command Table425 Description on the fields of display bgp l2vpn route-distinguisher ce-id Table426 Fields of display bgp l2vpn route-distinguisher ce-id label-offset display ccc display l2vpn ccc-interface vc-type display mpls l2vc # Display information about all Martini VCs configured on interface Ethernet 1/0. # Display information about Martini VCs received from the remote peer. Table429 Description on the fields of the display mpls l2vc command Table430 Description on the fields of the display mpls l2vc interface command display mpls l2vpn # Display information about L2VPN vpn1. # Display information about local CEs of L2VPN vpn1. Table433 Description on the fields of the display mpls l2vpn command Table434 Description on the fields of the display mpls l2vpn vpn-name command Table435 Description on the fields of display mpls l2vpn vpn-name local-ce display mpls l2vpn connection # Display information about Kompella L2VPN connections for VPN vpn1. Table437 Description on the fields of the display mpls l2vpn connection command # Display summary information about all Kompella L2VPN connections. Table438 Description on the fields of display mpls l2vpn connection interface Table439 Description on the fields of mpls l2vpn connection summary display mpls l2vpn forwarding-info display mpls static-l2vc # Display information about static VCs configured on interface Serial 2/0. l2vpn-family Syntax l2vpn-family Table441 Description on the fields of the display mpls static-l2vc command Table442 Description on the fields of display mpls static-l2vc interface mpls l2vc mpls l2vpn mpls l2vpn vpn-name mpls static-l2vc destination mtu (MPLS L2VPN view) n reset bgp l2vpn route-distinguisher (MPLS L2VPN view) n vpn-target (MPLS L2VPN view) Page 98 n apply access-vpn vpn-instance default local-preference (BGP-VPNv4 subaddress family view) default med (BGP-VPNv4 subaddress family view) description (VPN instance view) display bgp vpnv4 all routing-table Page display bgp vpnv4 group Syntax display bgp vpnv4 { all | vpn-instance vpn-instance-name } group [ group-name] Table443 Description on the fields of display bgp vpnv4 all routing-table display bgp vpnv4 network Syntax display bgp vpnv4 { all | vpn-instance vpn-instance-name} network Table444 Description on the fields of the display bgp vpnv4 group command display bgp vpnv4 paths display bgp vpnv4 peer # Display detailed information about BGP VPNv4 peers of VPN instance vpn1. Table448 Description on the fields of the display bgp vpnv4 peer verbose command Table447 Description on the fields of display bgp vpnv4 vpn-instance peer # Display all BGP VPNv4 peer information. # Display detailed information about BGP VPNv4 peer 1.1.1.1. Table449 Description on the fields of the display bgp vpnv4 all peer command Table448 Description on the fields of the display bgp vpnv4 peer verbose command Table450 Description on the fields of display bgp vpnv4 all peer verbose display bgp vpnv4 route-distinguisher routing-table Page Table451 Fields of the above output Table452 Fields of the above output display bgp vpnv4 routing-table label display bgp vpnv4 vpn-instance routing-table Page display fib statistics vpn-instance display fib vpn-instance display ip vpn-instance display ospf sham-link display tunnel-policy domain-id export route-policy filter-policy export (BGP-VPNv4 subaddress family view) filter-policy import (BGP-VPNv4 subaddress family view) import route-policy ip binding vpn-instance ip vpn-instance ipv4-family peer advertise-community (BGP-VPNv4 subaddress family view) peer allow-as-loop peer as-path-acl (BGP-VPNv4 subaddress family view) peer default-route-advertise vpn-instance peer enable peer filter-policy (BGP-VPNv4 subaddress family view) peer group peer ip-prefix (BGP-VPNv4 subaddress family view) peer label-route-capability (BGP view/BGP VPN instance view) peer next-hop-invariable (BGP-VPNv4 subaddress family view) peer next-hop-local peer public-as-only (BGP-VPNv4 subaddress family view) peer reflect-client peer route-policy (BGP-VPNv4 subaddress family view) peer upe policy vpn-target n reflect between-clients reflector culster-id refresh bgp vpn-instance refresh bgp vpnv4 reset bgp vpn-instance reset bgp vpn-instance dampening reset bgp vpn-instance flap-info reset bgp vpnv4 route-distinguisher (VPN instance view) n route-tag n routing-table limit rr-filter sham-link Page tnl-policy (VPN instance view) tunnel-policy tunnel select-seq load-balance-number vpn-instance-capability simple vpn-target (VPN instance view) Page 99 authentication-algorithm authentication-method display vam server address-map display vam server statistic Example # Display statistics of the VAM server. # Display statistics of VPN domain 1 on the VAM server. Table463 Description on the fields of the display vam server statistic command encryption-algorithm hub private-ip keepalive interval keepalive retry pre-shared-key (VPN domain view) server enable vam server enable vam server ip-address vam server vpn VAM CLIENT CONFIGURATION client enable display vam client Page pre-shared-key (VAM client view) resend interval server primary ip-address server secondary ip-address vam client enable vam client name vpn IPSEC PROFILE CONFIGURATION display ipsec profile ipsec profile (system view) Page Page DVPN TUNNEL CONFIGURATION display dvpn session dvpn session dumb-time dvpn session idle-time ipsec profile (tunnel interface view) keepalive reset dvpn session tunnel-protocol dvpn udp vam client 103 destination display interface tunnel display ipv6 interface tunnel Syntax display ipv6 interface tunnel number Table468 Description on the fields of the display interface tunnel command encapsulation-limit gre checksum gre key interface tunnel keepalive source tunnel-protocol gre 104 allow l2tp display l2tp session display l2tp tunnel l2tp enable l2tp sendaccm enable l2tpmoreexam enable l2tp-group mandatory-chap mandatory-lcp reset l2tp tunnel start l2tp tunnel authentication tunnel avp-hidden tunnel flow-control tunnel name tunnel password tunnel timer hello Page 105 display qos car interface display qos carl qos car Page qos carl Page Page T display qos gts interface qos gts n Page LINE RATE CONFIGURATION display qos lr interface qos lr (interface view) qos lr (layer 2 interface view or port group view) Page Page DEFINING CLASS COMMANDS display traffic classifier if-match Table477 Values of matching rules for class n Page Page Page traffic classifier Page D EFINING T car display traffic behavior filter gts n redirect c remark atm-clp remark dot1p remark dscp remark fr-de remark ip-precedence remark mpls-exp remark qos-local-id traffic behavior Examples # Define a traffic behavior named behavior1. DEFINING POLICY COMMANDS classifier behavior display qos policy Page display qos policy interface qos apply policy (interface view) Table481 Description on the fields of the display qos policy interface command qos apply policy (layer 2 interface view or port group view) qos policy Page Page FIFO QUEUING CONFIGURATION qos fifo queue-length Page PQ CONFIGURATION COMMANDS display qos pq interface display qos pql qos pq qos pql default-queue qos pql inbound-interface qos pql protocol qos pql queue Page CQ CONFIGURATION COMMANDS display qos cq interface display qos cql qos cq qos cql default-queue qos cql inbound-interface qos cql protocol qos cql queue qos cql queue serving WFQ CONFIGURATION COMMANDS display qos wfq interface qos wfq CBQ CONFIGURATION COMMANDS display qos cbq interface qos max-bandwidth n queue af queue ef queue wfq queue-length wred wred dscp wred ip-precedence wred weighting-constant RTP PRIORITY QUEUE display qos rtpq interface qos reserved-bandwidth qos rtpq Page Page QOS TOKEN CONFIGURATION qos qmtoken n Page PRIORITY MAPPING TABLE display qos map-table qos map-table dot1p-Ip import Page Page PORT PRIORITY CONFIGURATION qos priority Page PORT PRIORITY TRUST MODE Page WRED CONFIGURATION COMMANDS display qos wred interface qos wred enable qos wred dscp qos wred ip-precedence qos wred weighting-constant Page Page WRED T display qos wred table qos wred queue table qos wred apply queue Page MPLS QOS CONFIGURATION if-match mpls-exp qos cql protocol mpls exp qos pql protocol mpls exp remark mpls-exp Page DAR CONFIGURATION COMMANDS dar max-session-count dar protocol Page Table493 Protocols of pre-defined ports dar protocol-rename dar protocol-statistic display dar information display dar protocol Page display dar protocol-rename Syntax display dar protocol-rename Table495 Description on the fields of the display dar protocol command Table496 Description on the fields of the display dar protocol-rename command display dar protocol-statistic if-match protocol if-match protocol http if-match protocol rtp reset dar protocol-statistic reset dar session Page FR QOS CONFIGURATION COMMANDS apply policy outbound cbs cir n cir allow n congestion-threshold cq display fr class-map display fr fragment-info Examples # Display FR fragment information of all the interfaces. # Display FR fragment information of a certain interfaces. Table501 Description on the fields of the display fr fragment-info command Table502 Description on the fields of the display fr fragment-info interface display fr switch-table display qos policy interface Table504 Description on the fields of the display qos policy interface command display qos pvc-pq interface Syntax display qos pvc-pq interface [ interface-type interface-number] Table504 Description on the fields of the display qos policy interface command Table505 Description on the fields of the display qos pvc-pq interface command ebs fifo queue-length fr class fr congestion-threshold n fr de del fr del inbound-interface fr del protocol fr pvc-pq fr traffic-policing fr traffic-shaping fragment fr-class pq pvc-pq rtpq traffic-shaping adaptation wfq 126 display dot1x Table506 Descriptions on the fields of the display dot1x command dot1x dot1x authentication-method dot1x guest-vlan Page dot1x handshake dot1x max-user dot1x multicast-trigger dot1x port-control dot1x port-method dot1x quiet-period dot1x retry dot1x supp-proxy-check Page dot1x timer reset dot1x statistics Page 127 access-limit accounting default Page accounting lan-access accounting login accounting optional accounting portal accounting ppp accounting voip attribute authentication default authentication lan-access authentication login authentication portal authentication ppp authentication voip authorization command authorization default authorization lan-access authorization login authorization portal authorization ppp authorization voip cut connection display connection n display domain Table508 Description on the fields of the display domain command display local-user domain domain default idle-cut ip pool level local-user local-user password-display-mode password self-service-url service-type service-type ftp service-type ppp Page work-directory Page Page RADIUS CONFIGURATION accounting-on enable accounting-on enable interval accounting-on enable send data-flow-format (RADIUS scheme view) display radius scheme display radius statistics Syntax display radius statistics Description Use the display radius statistics command to display statistics about RADIUS Related command: radius scheme. Example # Display statistics about RADIUS packets. Table510 Description on the fields of the display radius scheme command Page Table511 Description on the fields of the display radius statistics command display stop-accounting-buffer n key (RADIUS scheme view) nas-ip (RADIUS scheme view) primary accounting (RADIUS scheme view) primary authentication (RADIUS scheme view) radius client radius nas-ip radius scheme radius trap reset radius statistics reset stop-accounting-buffer retry retry realtime-accounting retry stop-accounting (RADIUS scheme view) secondary accounting (RADIUS scheme view) secondary authentication (RADIUS scheme view) security-policy-server server-type Page stop-accounting-buffer enable (RADIUS scheme view) timer quiet (RADIUS scheme view) timer realtime-accounting (RADIUS scheme view) timer response-timeout (RADIUS scheme view) user-name-format (RADIUS scheme view) Page HWTACACS CONFIGURATION data-flow-format (HWTACACS scheme view) display hwtacacs Table513 Description on the fields of the display hwtacacs command display stop-accounting-buffer hwtacacs nas-ip hwtacacs scheme key (HWTACACS scheme view) nas-ip (HWTACACS scheme view) primary accounting (HWTACACS scheme view) primary authentication (HWTACACS scheme view) primary authorization reset hwtacacs statistics reset stop-accounting-buffer retry stop-accounting (HWTACACS scheme view) secondary accounting (HWTACACS scheme view) secondary authentication (HWTACACS scheme view) secondary authorization stop-accounting-buffer enable (HWTACACS scheme view) timer quiet (HWTACACS scheme view) timer realtime-accounting (HWTACACS scheme view) timer response-timeout (HWTACACS scheme view) user-name-format (HWTACACS scheme view) Page 130 n display firewall ethernet-frame-filter display firewall-statistics n firewall default firewall enable firewall ethernet-frame-filter firewall fragments-inspect firewall fragments-inspect [ high | low ] firewall ipv6 fragments-inspect firewall packet-filter firewall packet-filter ipv6 reset firewall ethernet-frame-filter reset firewall-statistics ASPF CONFIGURATION COMMANDS aging-time aspf-policy detect display aspf all display aspf interface Syntax display aspf interface Table517 Description of the fields of the display aspf all command display aspf policy display aspf session # Display the detailed information of the current ASPF session. display port-mapping Syntax display port-mapping [ application-name | port port-number ] Table519 Description of the fields of the display aspf session command firewall aspf log enable port-mapping reset aspf session Page 132 n display mac-authentication mac-authentication Table520 Description on the fields of the display mac-authentication command mac-authentication domain mac-authentication timer mac-authentication user-name-format reset mac-authentication statistics 133 connection-limit default action connection-limit default amount connection-limit enable connection-limit policy display connection-limit policy display connection-limit statistics Example # Display connection-limit statistics. display nat address-group Syntax display nat address-group Description Use the display nat address-group command to display the NAT address pool Example # Display the NAT address pool information. Table522 Description on the fields of the display connection-limit statistics command display nat aging-time Syntax display nat aging-time display nat all Syntax display nat all Table524 Description on the fields of the display nat aging-time command Table525 Description on some fields of the display nat all command display nat connection-limit display nat log display nat outbound display nat server display nat session Example # Display the active NAT sessions. display nat statistics Syntax display nat statistics Table530 Description on the fields of the display nat session command Table531 Description on the fields of the display nat statistics command display userlog export limit acl limit mode nat address-group n nat aging-time nat alg nat connection-limit-policy nat log enable nat log flow-active nat log flow-begin nat outbound n nat outbound static nat server Page c nat static reset nat session reset userlog export reset userlog nat logbuffer c userlog nat export host userlog nat export source-ip userlog nat export version userlog nat syslog 134 attribute ca identifier certificate request entity certificate request from certificate request mode certificate request polling certificate request url common-name country crl check crl update-period crl url display pki certificate Table532 Description on the fields of the display pki certificate command display pki certificate access-control-policy display pki certificate attribute-group display pki crl domain Syntax display pki crl domain domain-name Table534 Description on the fields of display pki certificate attribute-group fqdn ip (PKI entity view) ldap-server locality organization organizational-unit pki certificate access-control-policy pki certificate attribute-group pki delete-certificate pki domain pki entity pki import-certificate pki request-certificate domain pki retrieval-certificate pki retrieval-crl domain pki validate-certificate root-certificate fingerprint rule (access control policy view) Page 135 display portal acl display portal connection statistics Syntax display portal connection statistics { all | interface interface-type interface-number} Table536 Description on the fields of the display portal acl command Table537 Description on the fields of the display portal connection statistics command display portal free-rule display portal interface display portal server display portal server statistics display portal tcp-cheat statistics Syntax display portal tcp-cheat statistics Description Use the display portal tcp-cheat statistics command to display TCP spoofing Example # Display all TCP spoofing statistics. Table541 Description on the fields of the display portal server statistics command display portal user portal auth-network portal delete-user portal free-rule portal resource-name n portal server portal server method reset portal connection statistics reset portal server statistics reset portal tcp-cheat statistics Page 136 rsh # Set the system time of remote server 169.254.1.100, which is running Windows 2000. 137 display time-range time-range Page Page Page IPV4 ACL CONFIGURATION acl n acl copy acl name description (for IPv4) display acl n reset acl counter rule (in basic IPv4 ACL view) Page rule (in advanced IPv4 ACL view) If the protocol argument is set to tcp or udp, you may define the parameters in If the protocol argument is set to icmp, you may define the parameters in the Table547 TCP/UDP-specific parameters for advanced IPv4 ACL rules Table546 Parameters for advanced IPv4 ACL rules Page rule (in Ethernet frame header ACL view) rule (in user-defined ACL view) n rule comment (for IPv4) step (for IPv4) Page Page IPV6 ACL CONFIGURATION acl ipv6 acl ipv6 copy acl ipv6 name description (for IPv6) display acl ipv6 reset acl ipv6 counter rule (in basic IPv6 ACL view) rule (in advanced IPv6 ACL view) Table551 Match criteria and other rule information for advanced IPv6 ACL rules If the protocol argument is set to ICMPv6, you may define the parameters in the The following table provides the ICMPv6 messages that you can specify in advanced IPv6 ACL rules. Table552 TCP/UDP-specific match criteria for advanced IPv6 ACL rules Table553 ICMPv6-specific match criteria for advanced IPv6 ACL rules Table554 Available ICMPv6 messages rule (in simple IPv6 ACL view) If the protocol argument is set to tcp or udp, you may define the parameters in Table555 Parameters for simple IPv6 ACL rules If the protocol argument is set to ICMPv6, you may define the parameters in the The following table provides the ICMPv6 messages that you can specify in simple IPv6 ACL rules. Table556 TCP/UDP-specific parameters for simple IPv6 ACL rules Table557 ICMPv6-specific parameters for simple IPv6 ACL rules Table558 ICMPv6 messages definable in simple IPv4 ACL rules n rule comment (for IPv6) step (for IPv6) Page Page 140 ah authentication-algorithm cryptoswitch fabric enable display encrypt-card fast-switch display ipsec policy 2122 CHAPTER 140: IPSEC CONFIGURATION COMMANDS # Display detailed information about all IPSec policies Table560 Description on the fields of the display ipsec policy brief command display ipsec policy-template display ipsec proposal display ipsec sa Page Table565 Description on the fields of the display ipsec sa command display ipsec session display ipsec statistics Syntax display ipsec statistics Table566 Description on the fields of the display ipsec session command display ipsec tunnel Syntax display ipsec tunnel Table567 Description on the fields of the display ipsec statistics command encapsulation-mode encrypt-card fast-switch esp authentication-algorithm esp encryption-algorithm ike-peer (IPSec policy view/IPSec policy template view) ipsec binding policy ipsec cpu-backup ipsec policy (interface view) ipsec policy (system view) ipsec policy isakmp template ipsec policy-template ipsec proposal ipsec sa global-duration ipsec session idle-time pfs proposal reset encrypt-card fast-switch reset ipsec sa reset ipsec session reset ipsec statistics sa authentication-hex sa duration sa encryption-hex sa spi sa string-key security acl transform tunnel local tunnel remote Page IKE C ONFIGURATION C authentication-algorithm authentication-method certificate domain dh display ike dpd display ike peer display ike proposal display ike sa Example # Display brief information about the current IKE SAs. # Display detailed information about the current IKE SAs. Table572 Description on the fields of the display ike sa command # Display detailed information about the IKE SA with the connection ID of 2. # Display detailed information about the IKE SA with the remote address of 4.4.4.5.. dpd encryption-algorithm exchange-mode id-type ike dpd ike local-name ike next-payload check disabled ike peer (system view) ike proposal ike sa keepalive-timer interval ike sa keepalive-timer timeout ike sa nat-keepalive-timer interval interval-time local local-address nat traversal pre-shared-key remote-address remote-name reset ike sa sa duration time-out 142 display public-key local display public-key peer display sftp client source display ssh client source display ssh server # Display the session information of the SSH server. display ssh server-info Syntax display ssh server-info Table576 Description on fields of the display ssh server status command Table577 Description on fields of the display ssh server session command display ssh user-information peer-public-key end public-key-code begin public-key-code end public-key local create n public-key local destroy public-key local export rsa public-key local export dsa public-key peer public-key peer import sshkey sftp sftp client ipv6 source sftp client source sftp ipv6 Page sftp server enable sftp server idle-timeout ssh client authentication server ssh client first-time enable ssh client ipv6 source ssh client source ssh server authentication-retries ssh server authentication-timeout ssh server compatible-ssh1x enable ssh server enable ssh server rekey-interval c ssh user ssh2 ssh2 ipv6 Page Page Page SFTP CONFIGURATION COMMANDS bye n cdup exit get help ls put Page remove rename Page 144 ciphersuite client-verify enable close-mode wait display ssl client-policy display ssl server-policy handshake timeout pki-domain prefer-cipher session ssl client-policy ssl server-policy version 145 display standby flow display standby state Syntax display standby state The following tables describe the meanings of each state. Table583 States of main and backup interfaces Table584 Backup states of the main interface standby bandwidth Syntax standby bandwidth size undo standby bandwidth Table586 Backup flags Table587 Load sharing states Table585 Backup states of the backup interface standby interface standby threshold standby timer delay standby timer flow-check standby track n 146 n display vrrp display vrrp statistics Table588 Description on the fields of the display vrrp command Page reset vrrp statistics vrrp vrid authentication-mode vrrp method vrrp ping-enable vrrp un-check ttl vrrp vrid preempt-mode vrrp vrid priority vrrp vrid timer advertise vrrp vrid track n vrrp vrid track interface vrrp vrid virtual-ip Page VRRP CONFIGURATION COMMANDS FOR IPV6 display vrrp ipv6 display vrrp ipv6 statistics Table590 Description on the fields of the display vrrp ipv6 command Page reset vrrp ipv6 statistics vrrp ipv6 method vrrp ipv6 ping-enable vrrp ipv6 vrid authentication-mode vrrp ipv6 vrid preempt-mode vrrp ipv6 vrid priority vrrp ipv6 vrid timer advertise vrrp ipv6 vrid track vrrp ipv6 vrid virtual-ip 148 n boot-loader bootrom n buzzer enable n display boot-loader display cpu-usage # Display the last fifth and sixth records of the CPU usage statistics history. display device Syntax display device [ cf-card | usb ] [ slot slot-number | verbose] Table593 Description on fields of the display boot-loader command Page Table594 Description on fields on the display device command display device manuinfo display environment display fan display license n display memory display power display reboot-type display schedule reboot license register n reboot remove n reset unused porttag schedule reboot at c schedule reboot delay c temperature-alarm enable temperature-limit 149 data-fill data-size description (any NQA test type view) destination ip destination port display nqa Table600 Description on the fields of the display nqa result command # Display the history records of tests. Table601 Description on the fields of the display nqa history command Table600 Description on the fields of the display nqa result command filename frequency n history-records http-version next-hop nqa nqa agent enable nqa agent max-concurrent nqa schedule operation (FTP test type view) operation (HTTP test type view) operation interface password (FTP test type view) probe count probe packet-interval probe packet-number probe packet-timeout probe timeout reaction reaction trap route-option bypass-route source interface source ip source port tos ttl type url username (FTP test type view) vpn-instance (ICMP-echo test type view) NQA SERVER CONFIGURATION n display nqa server status nqa server enable nqa server tcp-connect nqa server udp-echo Page 151 display ip netstream cache Syntax display ip netstream cache Table603 Description on the fields of the display ip netstream cache command display ip netstream export Syntax display ip netstream export Table603 Description on the fields of the display ip netstream cache command enable ip netstream ip netstream aggregation ip netstream export host ip netstream export source ip netstream export version ip netstream max-entry ip netstream timeout active c ip netstream timeout inactive c reset ip netstream statistics 152 display ntp-service sessions n display ntp-service status display ntp-service trace ntp-service access n ntp-service authentication enable ntp-service authentication-keyid ntp-service broadcast-client ntp-service broadcast-server ntp-service in-interface disable ntp-service max-dynamic-sessions ntp-service multicast-client ntp-service multicast-server ntp-service refclock-master n ntp-service reliable authentication-keyid ntp-service source-interface ntp-service unicast-peer n ntp-service unicast-server Page Page 153 display rmon alarm display rmon event n display rmon eventlog display rmon history Table611 Description on the fields of the display rmon history command display rmon prialarm display rmon statistics Syntax display rmon statistics [ interface-type interface-number] Table612 Description on the fields of the display rmon prialarm command Table613 Description on the fields of the display rmon statistics command rmon alarm n rmon event n rmon history n rmon prialarm n rmon statistics Page 154 display snmp-agent local-switch fabricid display snmp-agent community display snmp-agent group display snmp-agent mib-view display snmp-agent statistics Syntax display snmp-agent statistics Table616 Descriptions on the fields of the display snmp-agent mib-view command Table617 Descriptions on the fields of the display snmp-agent statistics command display snmp-agent sys-info Syntax display snmp-agent sys-info [ contact | location | version ] * Table617 Descriptions on the fields of the display snmp-agent statistics command display snmp-agent trap-list display snmp-agent usm-user enable snmp trap updown snmp-agent snmp-agent community snmp-agent group snmp-agent local-switch fabricid snmp-agent log snmp-agent mib-view snmp-agent packet max-size snmp-agent sys-info n snmp-agent target-host Page snmp-agent trap enable snmp-agent trap if-mib link extended snmp-agent trap life snmp-agent trap queue-size snmp-agent trap source n snmp-agent usm-user Page Page Page 155 n copy c execute file prompt fixdisk format c more mount n move rename reset recycle-bin umount undelete CONFIGURATION FILE MANAGEMENT backup startup-configuration display saved-configuration Page display startup reset saved-configuration c restore startup-configuration save startup saved-configuration Page Page FTP SERVER CONFIGURATION display ftp-server display ftp-user free ftp user ftp server enable ftp timeout ftp update Page FTP CLIENT CONFIGURATION n ascii binary bye cdup close debugging Syntax delete remotefile View FTP client view Parameter remotefile: File name. Table620 Description on the fields of the debugging command n disconnect display ftp client configuration n ftp ftp client source ftp ipv6 get lcd ls n open open ipv6 passive put remotehelp # Display the help information for the user command. Table621 Description on the fields of the remotehelp command Page verbose Page TFTP CLIENT CONFIGURATION display tftp client configuration n tftp-server acl tftp tftp client source tftp ipv6 Page Page 160 ping ping ipv6 Page tracert tracert ipv6 Page SYSTEM DEBUGGING COMMANDS debugging display debugging 162 clock datetime clock summer-time one-off Page clock summer-time repeating clock timezone command-privilege configure-user count n display clipboard display clock display configure-user display current-configuration Page display diagnostic-information display history-command display hotkey display this display version header n hotkey # Display the configuration of hotkeys. Syntax quit return super super password sysname system-view 163 display channel display info-center Syntax display info-center Table625 Description on the fields of the display channel command n after the execution of the display info-center command. Table626 Description on the fields of the display info-center command display logbuffer The rest is omitted here. Table628 Meanings of characters in text Table629 Descriptions on the fields of the display logbuffer command display logbuffer summary display logfile buffer display logfile summary display trapbuffer info-center channel name info-center console channel info-center enable info-center logbuffer info-center logfile enable info-center logfile frequency info-center logfile size-quota info-center logfile switch-directory info-center loghost info-center loghost source info-center monitor channel info-center snmp channel info-center source Page info-center synchronous n info-center timestamp info-center timestamp loghost info-center trapbuffer logfile save reset logbuffer reset trapbuffer terminal debugging terminal logging terminal monitor terminal trapping Page 164 acl activation-key n auto-execute command c authentication-mode c databits display history-command display user-interface # Display summary about all user interfaces. Table634 Description on the fields of the display user-interface command display users Syntax display users [ all ] Table635 Description on the fields of the display user-interface summary command Table636 Description on the fields of the display users command escape-key flow-control free user-interface history-command max-size idle-timeout n lock modem modem auto-answer modem timer answer parity n protocol inbound c redirect disconnect redirect enable redirect listen-port redirect refuse-negotiation redirect return -deal from-telnet redirect return-deal from-terminal redirect timeout screen-length send set authentication password shell speed (in user interface view) stopbits terminal type user privilege level n user-interface Page 165 n display mac-address display mac-address aging-time display mac-address mac-learning mac-address (Ethernet interface view) mac-address (system view) mac-address mac-learning disable mac-address max-mac-count (Ethernet interface view) mac-address timer Page 166 n apply poe-profile display poe device display poe interface Table640 Description on fields of the display poe interface ethernet command # Display the state of all PoE interfaces. Table641 Description on fields of the display poe interface command Table640 Description on fields of the display poe interface ethernet command display poe interface power Syntax display poe interface power [interface-type interface-number ] Table641 Description on fields of the display poe interface command # Display the power information of all PoE interfaces. display poe power-usage Syntax display poe power-usage Table642 Description on fields of the display poe interface power command display poe pse display poe-power Syntax display poe-power Table644 Description on fields of the display poe pse command Table645 Description on fields of the display poe-power command display poe-profile Table646 Description on fields of the display poe-profile command Table647 Description on fields of the display poe-profile index command Table648 Description on fields of the display poe-profile name command display poe-profile interface n poe disconnect poe enable poe enable pse poe legacy enable poe max-power poe max-power (system view) poe mode poe pd-description poe pd-policy priority poe priority poe priority (system view) poe pse-policy priority poe update poe utilization-threshold poe-profile Page 167 n oap connect slot oap reboot slot c 168 acfp enable display acfp client-info display acfp policy-info Page display acfp rule-cache display acfp rule-info Note the following: # Display ACFP rule information in order of policy. Table653 Description on the fields of the display acfp rule-info command display acfp server-info Syntax display acfp server-info Table653 Description on the fields of the display acfp rule-info command Table654 Description on the fields of the display acfp server-info command reset acfp rule-cache 169 acsei server enable acsei server acsei timer clock-sync acsei timer monitor acsei client close acsei client reboot display acsei client summary display acsei client info # Display information about all ACSEI clients. Table656 Description on the fields of the display acsei client info command ACSEI CLIENT CONFIGURATION n acsei-client debug disable acsei-client debug enable acsei-client debug show chkconfig acseid off chkconfig acseid on service acseid condrestart service acseid reload service acseid restart service acseid start service acseid status service acseid stop 171 display track track Page 172 display ipx interface display ipx routing-table Syntax display ipx routing-table [network ] Table658 Description on the fields of the display ipx interface command display ipx routing-table verbose display ipx routing-table protocol display ipx routing-table statistics display ipx service-table display ipx statistics Table663 Description on the fields of the display ipx statistics command ipx enable c ipx encapsulation ipx netbios-propagation ipx network ipx rip import-route static ipx rip mtu ipx rip multiplier ipx rip timer update ipx route-static ipx route load-balance-path ipx route max-reserve-path ipx sap disable ipx sap gns-disable-reply ipx sap gns-load-balance ipx sap max-reserve-servers ipx sap mtu ipx sap multiplier ipx sap timer update ipx service ipx split-horizon ipx tick ipx update-change-only ping ipx reset ipx statistics reset ipx routing-table statistics protocol Page 173 n address area area-id busytone-t-th cid display cid receive cid send cid type cng-on compression Page Table665 G.711 algorithm (A-law and -law) Table666 G.723 r63 algorithm Table667 G.723 r53 algorithm Table668 G.726 r16 algorithm Table669 G.726 r24 algorithm Table670 G.726 r32 algorithm Table671 G.726 r40 algorithm Table668 G.726 r16 algorithm n Example # Configure to use g723r53 coding/decoding algorithm first, then the g729r8. cptone country-type Table674 Countries or regions with supported call progress tones c cptone tone-type default entity compression default entity payload-size default entity vad-on default subscriber-line delay hold delay rising delay send-dtmf delay send-wink delay wink-hold delay wink-rising delay start-dial description (voice entity view) description (voice subscriber line view) dial-program display voice call-info display voice cmc # Display LGS statistics information related to the CMC module display voice default all Example # Display the current default values and the system-default values. Table677 Description on fields of the display voice default command display voice entity display voice ipp statistic Page display voice iva statistic display voice subscriber-line Page Table681 Description on fields of the display voice subscriber-line command dscp media dtmf amplitude dtmf sensitivity-level dtmf time dtmf threshold Table682 Meaning of the index numbers echo-canceller n echo-canceller parameter em-phy-parm em-signal entity n fast-connect hookoff-mode hookoff-mode delay bind n hookoff-time impedance line match-template Page n nlp-on n outband payload-size plc-mode receive gain c register-number reset voice cmc statistic reset voice ipp statistic reset voice iva statistic rtp payload-type nte n send-busytone send-ring shutdown (voice entity view) shutdown (voice subscriber line view) silence-th-span slic-gain subscriber-line timer dial-interval timer first-dial timer hookoff-interval timer ring-back timer wait-digit transmit gain c tunnel-on type vad-on vi-card busy-tone-detect c vi-card cptone-custom vi-card reboot c voice-setup voip called-tunnel enable n voip called-start voip timer vqa dscp n vqa dsp-monitor buffer-time Page 174 caller-permit n dial-prefix display voice number-substitute dot-match n first-rule max-call (in voice dial program view) max-call (in voice entity view) number-match n number-priority number-substitute priority private-line rule Page Page Page select-rule rule-order select-rule search-stop select-rule type-first select-stop send-number substitute (subscriber line view/voice entity view) n substitute (voice dial program view) n terminator Page 175 ani n ani-offset answer enable callmode cas clear-forward-ack enable display voice subscriber line dl-bits Table694 Description on fields of the display voice subscriber line command Page dtmf enable dtmf threshold digital final-callednum enable force-metering enable group-b enable line mode pcm n pri-set n re-answer enab le register-value Page n renew reverse seizure-ack enable select-mode sendring ringbusy enable signal-value special-character n subscriber line tdm-clock timer dl timer dtmf n timer register-pulse persistence timer register-complete group-b timer ring timeslot-set n trunk-direction ts Page 176 default entity fax n display voice fax Page Table696 Description on fields of the display voice fax statistics command fax baudrate fax ecm fax level fax local-train threshold n fax nsf-on fax protocol fax train-mode n reset voice fax statistics voip h323-conf tcs-t38 Page 177 area-id display voice gateway gk-client Syntax gk-client View Voice v iew Table697 Description on the fields of the display voice gateway command gk-2nd-id n gk-id gk-security call enable c gk-security register-pwd gw-address gw-id ras-on voip h323-descriptor Page 178 display voice sip call-statistics Syntax display voice sip call-statistics Table698 Description on fields of the display voice sip call-statistics command display voice sip register-state outband sip proxy register-enable registrar ipv4 reset voice sip sip sip-comp sip-comp agent sip-comp server sip-domain source-ip Page wildcard-register enable n Page 179 address call-mode n cid select-mode display fr vofr-info entity vofr outband vofr seq-number n timestamp trunk-id voice bandwidth vofr Page vofr frf11-timer Page 180 aaa-client accounting accounting-did acct-method authentication authentication-did authorization authorization-did callednumber receive-method card-digit cdr Page display voice access-number Table701 Description on fields of the display voice access-number command display voice call-history-record Related command: cdr. Example # Display call records by calling number. Table702 Description on fields of the display voice call-history-record command display voice radius statistic Syntax display voice radius statistic Table702 Description on fields of the display voice call-history-record command Table703 Description on fields of the display voice radius statistic command gw-access-number password-digit process-config Page redialtimes reset voice radius statistic selectlanguage