HP 3600 v2 Switch Series switch Command Reference

HP 3600 v2 Switch Series switch Command Reference
Add to My manuals

Below you will find brief information for switch 3600 v2 Switch Series. The HP 3600 v2 Switch Series is a Layer 3 switch that provides a range of IP services, including routing, DHCP, DNS, and security. It's a powerful and flexible solution that can be used in a variety of environments, from small businesses to large enterprises.

advertisement

Assistant Bot

Need help? Our chatbot has already read the manual and is ready to assist you. Feel free to ask any questions about the device, but providing details will make the conversation more productive.

HP 3600 v2 Switch Series Command Reference | Manualzz

HP 3600 v2 Switch Series

Layer 3 - IP Services

Command Reference

Part number: 5998-2362

Software version: Release 2108P01

Document version: 6W100-20131130

Legal and notice information

© Copyright 2013 Hewlett-Packard Development Company, L.P.

No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice.

HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS

MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY

AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material.

The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Contents

ARP configuration commands ····································································································································· 1

 

arp check enable ······················································································································································ 1 arp max-learning-num ·············································································································································· 1

arp static ···································································································································································· 2

arp timer aging ························································································································································· 3

display arp ································································································································································ 4

display arp ip-address ············································································································································· 5

display arp timer aging ··········································································································································· 6 display arp vpn-instance ·········································································································································· 6

mac-address station-move ········································································································································ 7

reset arp ···································································································································································· 8

 

 

 

 

 

 

 

 

 

 

Gratuitous ARP configuration commands ··················································································································· 9

 

arp send-gratuitous-arp ············································································································································ 9

arp ip-conflict prompt ············································································································································ 10 gratuitous-arp-sending enable ······························································································································ 10

gratuitous-arp-learning enable ····························································································································· 11

 

 

 

 

Proxy ARP configuration commands ························································································································· 12

 

display local-proxy-arp ········································································································································· 12 display proxy-arp ·················································································································································· 12

local-proxy-arp enable ·········································································································································· 13

proxy-arp enable ··················································································································································· 14

 

 

 

 

ARP snooping configuration commands ··················································································································· 15

 

arp-snooping enable ············································································································································· 15 display arp-snooping ············································································································································ 15

reset arp-snooping ················································································································································· 16

 

 

 

IP addressing configuration commands···················································································································· 17

 

display ip interface ················································································································································ 17

display ip interface brief ······································································································································· 19

ip address ······························································································································································ 21

ip address unnumbered ········································································································································ 22

 

 

 

 

DHCP server configuration commands ····················································································································· 23

 

bims-server ····························································································································································· 23 bootfile-name ························································································································································· 23

dhcp dscp (for DHCP server) ································································································································ 24

dhcp enable (for DHCP server) ···························································································································· 25 dhcp server apply ip-pool ····································································································································· 25

dhcp select server global-pool ····························································································································· 26

dhcp server client-detect enable ·························································································································· 27 dhcp server detect ················································································································································· 27

dhcp server forbidden-ip ······································································································································ 28

dhcp server ip-pool ··············································································································································· 29 dhcp server ping packets ····································································································································· 29

dhcp server ping timeout ······································································································································ 30

dhcp server relay information enable ················································································································· 31 dhcp server threshold ············································································································································ 31

display dhcp server conflict ·································································································································· 32

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  i

display dhcp server expired ································································································································· 33

display dhcp server free-ip ··································································································································· 34

display dhcp server forbidden-ip ························································································································· 35

display dhcp server ip-in-use ································································································································ 36

display dhcp server statistics ································································································································ 37

display dhcp server tree ······································································································································· 39

dns-list ····································································································································································· 40

domain-name ························································································································································· 41

expired ··································································································································································· 42 forbidden-ip ···························································································································································· 42

gateway-list ···························································································································································· 43

nbns-list ··································································································································································· 44

netbios-type ···························································································································································· 45 network ··································································································································································· 45

network ip range ··················································································································································· 46

network mask ························································································································································· 47

next-server ······························································································································································ 48 option ······································································································································································ 48

reset dhcp server conflict ······································································································································ 49 reset dhcp server ip-in-use ···································································································································· 49

reset dhcp server statistics ···································································································································· 50 static-bind client-identifier ····································································································································· 50

static-bind ip-address ············································································································································ 51

static-bind mac-address ········································································································································· 52

tftp-server domain-name ········································································································································ 53 tftp-server ip-address ············································································································································· 53

vendor-class-identifier ············································································································································ 54

voice-config ···························································································································································· 55

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DHCP relay agent configuration commands ············································································································ 57

 

dhcp dscp (for DHCP relay agent) ······················································································································ 57 dhcp enable (for DHCP relay agent) ··················································································································· 57

dhcp relay address-check enable ························································································································ 58

dhcp relay check mac-address ···························································································································· 59 dhcp relay client-detect enable ···························································································································· 59

dhcp relay information circuit-id format-type ······································································································ 60

dhcp relay information circuit-id string················································································································ 61 dhcp relay information enable ····························································································································· 61

dhcp relay information format ····························································································································· 62

dhcp relay information remote-id format-type ···································································································· 63 dhcp relay information remote-id string ·············································································································· 63

dhcp relay information strategy ··························································································································· 64

dhcp relay release ip ············································································································································ 65 dhcp relay security static ······································································································································ 65

dhcp relay security refresh enable ······················································································································ 66

dhcp relay security tracker ··································································································································· 67 dhcp relay server-detect ········································································································································ 67

dhcp relay server-group ········································································································································ 68

dhcp relay server-select ········································································································································ 69

dhcp select relay ··················································································································································· 70 display dhcp relay ················································································································································· 70

display dhcp relay information ···························································································································· 71

display dhcp relay security··································································································································· 73

display dhcp relay security statistics ··················································································································· 74 display dhcp relay security tracker ······················································································································ 74

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  ii

display dhcp relay server-group ·························································································································· 75

display dhcp relay statistics ································································································································· 76

reset dhcp relay statistics ······································································································································ 78

 

 

 

DHCP client configuration commands ······················································································································ 79

 

display dhcp client ················································································································································ 79

dhcp client dscp ···················································································································································· 81 ip address dhcp-alloc ············································································································································ 81

 

 

 

DHCP snooping configuration commands ··············································································································· 83

 

dhcp-snooping ······················································································································································· 83 dhcp-snooping binding database filename ········································································································ 83

dhcp-snooping binding database update interval ····························································································· 84

dhcp-snooping binding database update now ·································································································· 85 dhcp-snooping check mac-address ······················································································································ 85

dhcp-snooping check request-message ··············································································································· 86 dhcp-snooping information circuit-id format-type ······························································································· 86

dhcp-snooping information circuit-id string ········································································································· 87

dhcp-snooping information enable ······················································································································ 88

dhcp-snooping information format ······················································································································ 89

dhcp-snooping information remote-id format-type ····························································································· 90 dhcp-snooping information remote-id string ······································································································· 90

dhcp-snooping information strategy ···················································································································· 91

dhcp-snooping information sub-option ················································································································ 92

dhcp-snooping trust ··············································································································································· 93

display dhcp-snooping ·········································································································································· 94

display dhcp-snooping binding database ·········································································································· 95

display dhcp-snooping information ····················································································································· 96

display dhcp-snooping packet statistics ·············································································································· 97

display dhcp-snooping trust ·································································································································· 98 reset dhcp-snooping ·············································································································································· 98

reset dhcp-snooping packet statistics ·················································································································· 99

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

BOOTP client configuration commands ················································································································ 100

 

display bootp client ············································································································································· 100

ip address bootp-alloc ········································································································································ 101

 

 

IPv4 DNS configuration commands ······················································································································· 102

 

display dns domain ············································································································································· 102

display dns host ··················································································································································· 103

display dns server ··············································································································································· 104

display ip host ····················································································································································· 105

dns domain ·························································································································································· 106 dns dscp ······························································································································································· 106

dns proxy enable ················································································································································· 107 dns resolve ··························································································································································· 107

dns server ····························································································································································· 108

dns source-interface ············································································································································· 109 dns spoofing ························································································································································ 109

ip host ··································································································································································· 110

reset dns host ······················································································································································· 111

 

 

 

 

 

 

 

 

 

 

 

 

 

IRDP configuration commands ······························································································································· 112

 

ip irdp ··································································································································································· 112 ip irdp address ···················································································································································· 112

ip irdp lifetime ······················································································································································ 113 ip irdp maxadvinterval ········································································································································ 113

 

 

 

  iii

ip irdp minadvinterval ········································································································································· 114

ip irdp multicast ··················································································································································· 115 ip irdp preference················································································································································ 115

 

 

 

IP performance optimization configuration commands ························································································ 117

 

display fib ···························································································································································· 117

display fib ip-address ·········································································································································· 119

display icmp statistics ·········································································································································· 120

display ip socket ·················································································································································· 121

display ip statistics ·············································································································································· 125

display tcp statistics ············································································································································· 126

display udp statistics ··········································································································································· 129

ip forward-broadcast (interface view) ··············································································································· 130 ip forward-broadcast (system view) ··················································································································· 130

ip redirects enable ·············································································································································· 131 ip ttl-expires enable ············································································································································· 131

ip unreachables enable ······································································································································ 132 reset ip statistics ··················································································································································· 132

reset tcp statistics ················································································································································· 133 reset udp statistics ················································································································································ 133

tcp path-mtu-discovery ········································································································································· 134 tcp timer fin-timeout ············································································································································· 134

tcp timer syn-timeout ············································································································································ 135

tcp window ·························································································································································· 136

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

UDP helper configuration commands ···················································································································· 137

 

display udp-helper server ··································································································································· 137 reset udp-helper packet ······································································································································· 137

udp-helper enable ··············································································································································· 138 udp-helper port ···················································································································································· 138

udp-helper server ················································································································································· 139

 

 

 

 

 

IPv6 basics configuration commands ···················································································································· 141

 

display ipv6 fib ···················································································································································· 141

display ipv6 fib ipv6-address ····························································································································· 142

display ipv6 interface ········································································································································· 144

display ipv6 nd snooping ··································································································································· 148

display ipv6 neighbors ······································································································································· 149

display ipv6 neighbors count ····························································································································· 151

display ipv6 neighbors vpn-instance ················································································································· 152

display ipv6 pathmtu ·········································································································································· 153

display ipv6 socket ············································································································································· 154

display ipv6 statistics ·········································································································································· 156

display tcp ipv6 statistics ···································································································································· 160

display tcp ipv6 status ········································································································································ 162

display udp ipv6 statistics ·································································································································· 163

ipv6 ······································································································································································· 164

ipv6 address ························································································································································ 165 ipv6 address anycast ·········································································································································· 165

ipv6 address auto················································································································································ 166

ipv6 address auto link-local ······························································································································· 167 ipv6 address eui-64 ············································································································································ 167

ipv6 address link-local ········································································································································ 168

ipv6 hoplimit-expires enable ······························································································································ 169 ipv6 icmp-error ···················································································································································· 169

ipv6 icmpv6 multicast-echo-reply enable ·········································································································· 170

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  iv

ipv6 nd autoconfig managed-address-flag ······································································································· 170

ipv6 nd autoconfig other-flag ····························································································································· 171

ipv6 nd dad attempts ·········································································································································· 172 ipv6 nd hop-limit ·················································································································································· 172

ipv6 nd ns retrans-timer ······································································································································ 173 ipv6 nd nud reachable-time ······························································································································· 173

ipv6 nd ra halt ····················································································································································· 174

ipv6 nd ra interval ··············································································································································· 175 ipv6 nd ra no-advlinkmtu ···································································································································· 175

ipv6 nd ra prefix ················································································································································· 176

ipv6 nd ra router-lifetime ···································································································································· 177 ipv6 nd snooping enable ··································································································································· 177

ipv6 nd snooping enable global ······················································································································· 178 ipv6 nd snooping enable link-local ··················································································································· 178

ipv6 nd snooping max-learning-num ················································································································· 179

ipv6 nd snooping uplink ····································································································································· 180 ipv6 neighbor ······················································································································································ 180

ipv6 neighbor stale-aging ·································································································································· 181

ipv6 neighbors max-learning-num ····················································································································· 182 ipv6 pathmtu ························································································································································ 182

ipv6 pathmtu age ················································································································································ 183

ipv6 prefer temporary-address ··························································································································· 184 ipv6 unreachables enable ·································································································································· 184

local-proxy-nd enable ·········································································································································· 185 proxy-nd enable ··················································································································································· 185

reset ipv6 nd snooping ······································································································································· 186 reset ipv6 neighbors ··········································································································································· 186

reset ipv6 pathmtu ··············································································································································· 187

reset ipv6 statistics ··············································································································································· 188 reset tcp ipv6 statistics ········································································································································ 188

reset udp ipv6 statistics ······································································································································· 189 tcp ipv6 timer fin-timeout ···································································································································· 189

tcp ipv6 timer syn-timeout ··································································································································· 190 tcp ipv6 window ·················································································································································· 190

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

DHCPv6 configuration commands ························································································································· 191

 

DHCPv6 common configuration commands ············································································································· 191 display ipv6 dhcp duid ······································································································································· 191

DHCPv6 server configuration commands ·················································································································· 191 display ipv6 dhcp pool ······································································································································· 191

display ipv6 dhcp prefix-pool ···························································································································· 193

display ipv6 dhcp server ···································································································································· 194

display ipv6 dhcp server pd-in-use ···················································································································· 195

display ipv6 dhcp server statistics ····················································································································· 197

dns-server ····························································································································································· 199 domain-name ······················································································································································· 199

ds-lite address ······················································································································································ 200 ipv6 dhcp dscp (for DHCPv6 server) ················································································································ 200

ipv6 dhcp pool ···················································································································································· 201

ipv6 dhcp prefix-pool ·········································································································································· 202 ipv6 dhcp server apply pool ······························································································································ 202

ipv6 dhcp server enable ····································································································································· 203

prefix-pool ···························································································································································· 204

reset ipv6 dhcp server pd-in-use ························································································································ 205 reset ipv6 dhcp server statistics ························································································································· 205

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  v

sip-server······························································································································································· 206

static-bind prefix ·················································································································································· 207

DHCPv6 relay agent configuration commands ········································································································ 208 display ipv6 dhcp relay server-address ············································································································ 208

display ipv6 dhcp relay statistics ······················································································································· 209

ipv6 dhcp dscp (for DHCPv6 relay agent) ······································································································· 210

ipv6 dhcp relay server-address ·························································································································· 211

reset ipv6 dhcp relay statistics ··························································································································· 212

DHCPv6 client configuration commands ··················································································································· 212 display ipv6 dhcp client ····································································································································· 212

display ipv6 dhcp client statistics ······················································································································ 214

ipv6 dhcp client dscp ·········································································································································· 215

reset ipv6 dhcp client statistics ··························································································································· 216

DHCPv6 snooping configuration commands ············································································································ 216 display ipv6 dhcp snooping trust ······················································································································ 216

display ipv6 dhcp snooping user-binding ········································································································ 217

ipv6 dhcp snooping enable ······························································································································· 218 ipv6 dhcp snooping max-learning-num ············································································································· 218

ipv6 dhcp snooping option interface-id enable ······························································································· 219

ipv6 dhcp snooping option interface-id string ································································································· 220 ipv6 dhcp snooping option remote-id enable ·································································································· 220

ipv6 dhcp snooping option remote-id string ···································································································· 221 ipv6 dhcp snooping trust ···································································································································· 221

ipv6 dhcp snooping vlan enable ······················································································································· 222

reset ipv6 dhcp snooping user-binding ············································································································· 223

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

IPv6 DNS configuration commands ······················································································································· 224

 

display dns ipv6 server ······································································································································· 224

display ipv6 host ················································································································································· 225

dns ipv6 dscp ······················································································································································ 226 dns server ipv6 ···················································································································································· 226

ipv6 host ······························································································································································· 227

 

 

 

 

 

Tunneling configuration commands ······················································································································· 228

 

default ··································································································································································· 228 description ···························································································································································· 228

destination ···························································································································································· 229

display interface tunnel ······································································································································· 230

display ipv6 interface tunnel ······························································································································ 233

interface tunnel ···················································································································································· 237 mtu ········································································································································································ 237

reset counters interface ······································································································································· 238

service-loopback-group ······································································································································· 239 shutdown ······························································································································································ 239

source ··································································································································································· 240

tunnel bandwidth ················································································································································· 241 tunnel discard ipv4-compatible-packet ·············································································································· 241

tunnel-protocol ····················································································································································· 242

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Support and other resources ·································································································································· 244

 

Contacting HP ······························································································································································ 244

Subscription service ············································································································································ 244

Related information ······················································································································································ 244

Documents ···························································································································································· 244

Websites ······························································································································································· 244

Conventions ·································································································································································· 245

 

 

 

 

 

  vi

Index ········································································································································································ 247

  vii

ARP configuration commands

arp check enable

Syntax arp check enable undo arp check enable

View

System view

Default level

2: System level

Parameters

None

Description

Use arp check enable to enable dynamic ARP entry check.

Use undo arp check enable to disable dynamic ARP entry check.

By default, dynamic ARP entry check is enabled.

Examples

# Enable dynamic ARP entry check.

<Sysname> system-view

[Sysname] arp check enable

arp max-learning-num

Syntax arp max-learning-num number undo arp max-learning-num

View

Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, VLAN interface view, Layer 2 aggregate interface view, Layer 3 aggregate interface view

Default level

2: System level

Parameters

number: Specifies the maximum number of dynamic ARP entries that an interface can learn.

On the HP 3600 v2 EI switch series, the number argument ranges from 0 to 8192.

On the HP 3600 v2 SI switch series, the number argument ranges from 0 to 2048.

1

Description

Use arp max-learning-num to configure the maximum number of dynamic ARP entries that an interface can learn.

Use undo arp max-learning-num to restore the default.

By default, a Layer 2 interface does not limit the number of dynamic ARP entries. A Layer 3 interface on the HP 3600 v2 EI switch series can learn up to 8192 dynamic ARP entries. A Layer 3 interface on the HP

3600 v2 SI switch series can learn up to 2048 dynamic ARP entries.

When the number argument is set to 0, the interface is disabled from learning dynamic ARP entries.

Examples

# Specify VLAN-interface 40 to learn up to 50 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface vlan-interface 40

[Sysname-Vlan-interface40] arp max-learning-num 50

# Specify Ethernet 1/0/1 to learn up to 100 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] arp max-learning-num 100

# Specify Layer 2 aggregate interface bridge-aggregation 1 to learn up to 100 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] arp max-learning-num 100

# Specify Layer 3 aggregate interface route-aggregation 1 to learn up to 100 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface route-aggregation 1

[Sysname-Route-Aggregation1] arp max-learning-num 100

arp static

Syntax arp static ip-address mac-address [ vlan-id interface-type interface-number ] [ vpn-instance

vpn-instance-name ] undo arp ip-address [ vpn-instance-name ]

View

System view

Default level

2: System level

Parameters

ip-address: Specifies the IP address in an ARP entry.

mac-address: Specifies the MAC address in an ARP entry, in the format H-H-H.

vlan-id: Specifies the ID of a VLAN to which a static ARP entry belongs, in the range of 1 to 4094.

interface-type interface-number: Specifies the interface type and interface number.

2

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN for a static ARP entry. The

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Without this option, the static

ARP entry belongs to the public network.

Description

Use arp static to configure a static ARP entry in the ARP mapping table.

Use undo arp to remove an ARP entry.

A static ARP entry is effective when the device works normally. However, when the VLAN or VLAN interface to which an ARP entry corresponds is deleted, the entry, if long, will be deleted, and if short and resolved, will become unresolved.

The vlan-id argument specifies the VLAN corresponding to an ARP entry and must be the ID of an existing

VLAN. In addition, the Ethernet interface following the argument must belong to that VLAN. The VLAN interface of the VLAN must have been created.

If both the vlan-id and ip-address arguments are specified, the IP address of the VLAN interface corresponding to the vlan-id argument must be in the same network segment as the IP address specified by the ip-address argument.

Related commands: reset arp and display arp.

Examples

# Configure a static ARP entry, with IP address 202.38.10.2, MAC address 00e0-fc01-0000, and outbound interface Ethernet 1/0/1 of VLAN 10.

<Sysname> system-view

[Sysname] arp static 202.38.10.2 00e0-fc01-0000 10 Ethernet 1/0/1

arp timer aging

Syntax arp timer aging aging-time undo arp timer aging

View

System view

Default level

2: System level

Parameters

aging-time: Specifies the age timer for dynamic ARP entries in minutes, ranging from 1 to 1440.

Description

Use arp timer aging to set the age timer for dynamic ARP entries.

Use undo arp timer aging to restore the default.

By default, the age timer for dynamic ARP entries is 20 minutes.

Related commands: display arp timer aging.

Examples

# Set the age timer for dynamic ARP entries to 10 minutes.

<Sysname> system-view

3

[Sysname] arp timer aging 10

display arp

Syntax display arp [ [ all | dynamic | static ] [ slot slot-number ] | vlan vlan-id | interface interface-type

interface-number ] [ count | verbose ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays all ARP entries. dynamic: Displays dynamic ARP entries. static: Displays static ARP entries. slot slot-number: Displays the ARP entries on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. vlan vlan-id: Displays the ARP entries of the specified VLAN. The VLAN ID ranges from 1 to 4094. interface interface-type interface-number: Displays the ARP entries of the interface specified by the argument interface-type interface-number. count: Displays the number of ARP entries. verbose: Displays detailed information about ARP entries.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display arp to display ARP entries in the ARP mapping table.

If no parameter is specified, all ARP entries are displayed.

Related commands: arp static and reset arp.

Examples

# Display the information of all ARP entries.

<Sysname> display arp all

Type: S-Static D-Dynamic

IP Address MAC Address VLAN ID Interface Aging Type

192.168.0.235 00e0-fc02-2181 1 Eth1/0/17 20 D

4

192.168.0.3 000d-88f8-4e71 1 Eth1/0/17 15 D

192.168.0.111 0021-86f9-602c 1 Eth1/0/17 19 D

192.168.0.2 000d-88f7-b090 1 Eth1/0/17 20 D

Table 1 Command output

Field Description

IP Address IP address in an ARP entry.

MAC Address

VLAN ID

Interface

Aging

MAC address in an ARP entry.

ID of the VLAN to which the ARP entry belongs.

Outbound interface in an ARP entry.

Aging time for a dynamic ARP entry in minutes. (N/A means unknown aging time or no aging time. To display the aging time of such an entry, display ARP entries on the specified device.)

Type

ARP entry type:

D—Dynamic.

S—Static.

# Display the number of all ARP entries.

<Sysname> display arp all count

Total Entry(ies): 4

display arp ip-address

Syntax display arp ip-address [ slot slot-number ] [ verbose ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

ip-address: Displays the ARP entry for the specified IP address. slot slot-number: Displays the ARP entries on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. verbose: Displays the detailed information about ARP entries.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

5

Description

Use display arp ip-address to display the ARP entry for a specific IP address.

Related commands: arp static and reset arp.

Examples

# Display the corresponding ARP entry for the IP address 20.1.1.1.

<Sysname> display arp 20.1.1.1

Type: S-Static D-Dynamic

IP Address MAC Address VLAN ID Interface Aging Type

20.1.1.1 00e0-fc00-0001 N/A N/A N/A S

display arp timer aging

Syntax display arp timer aging [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

2: System level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display arp timer aging to display the age timer for dynamic ARP entries.

Related commands: arp timer aging.

Examples

# Display the age timer for dynamic ARP entries.

<Sysname> display arp timer aging

Current ARP aging time is 10 minute(s)

display arp vpn-instance

Syntax display arp vpn-instance vpn-instance-name [ count ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

6

Default level

1: Monitor level

Parameters

vpn-instance-name: Specifies the name of an MPLS L3VPN, a case-sensitive string of 1 to 31 characters. count: Displays the number of ARP entries.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display arp vpn-instance to display the ARP entries for a specific VPN.

Related commands: arp static and reset arp.

Examples

# Display ARP entries for the VPN instance named test.

<Sysname> display arp vpn-instance test

Type: S-Static D-Dynamic

IP Address MAC Address VLAN ID Interface Aging Type

20.1.1.1 00e0-fc00-0001 N/A N/A N/A S

mac-address station-move

Syntax mac-address station-move quick-notify enable undo mac-address station-move quick-notify enable

View

System view

Default level

2: System level

Parameters

None

Description

Use mac-address station-move quick-notify enable to enable ARP quick update.

Use undo mac-address station-move quick-notify enable to restore the default.

Example

By default, ARP quick update is disabled.

# Enable ARP quick update.

<Sysname> system-view

7

[Sysname] mac-address station-move quick-notify enable

reset arp

Syntax reset arp { all | dynamic | static | slot slot-number | interface interface-type interface-number }

View

User view

Default level

2: System level

Parameters all: Clears all ARP entries. dynamic: Clears all dynamic ARP entries. static: Clears all static ARP entries. slot slot-number: Clears the ARP entries on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. interface interface-type interface-number: Clears the ARP entries for the interface specified by the argument interface-type interface-number.

Description

Use reset arp to clear ARP entries from the ARP mapping table.

With interface interface-type interface-number specified, the command clears only dynamic ARP entries of the interface.

Related commands: arp static and display arp.

Examples

# Clear all static ARP entries.

<Sysname> reset arp static

8

Gratuitous ARP configuration commands

arp send-gratuitous-arp

Syntax arp send-gratuitous-arp [ interval milliseconds ] undo arp send-gratuitous-arp

View

Layer 3 Ethernet interface view, Layer 3 aggregate interface view, VLAN interface view

Default level

2: System level

Parameters interval milliseconds: Sets the interval at which gratuitous ARP packets are sent, in the range of 200 to

200000 milliseconds. The default value is 2000.

Description

Use arp send-gratuitous-arp to enable periodic sending of gratuitous ARP packets and set the sending interval for the interface.

Use undo arp send-gratuitous-arp to disable the interface from periodically sending gratuitous ARP packets.

By default, an interface is disabled from sending gratuitous ARP packets periodically.

This function takes effect only when the link of the enabled interface goes up and an IP address has been assigned to the interface.

The IP address contained in a gratuitous ARP request can be the VRRP virtual IP address, the primary IP address or a manually configured secondary IP address of the sending interface only. The primary IP address can be configured manually or automatically, whereas the secondary IP address must be configured manually.

If you change the interval for sending gratuitous ARP packets, the configuration is effective at the next sending interval.

The frequency of sending gratuitous ARP packets may be much lower than is expected if this function is enabled on multiple interfaces, or each interface is configured with multiple secondary IP addresses, or a small sending interval is configured in the preceding cases.

Examples

# Enable VLAN-interface 2 to send gratuitous ARP packets every 300 milliseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] arp send-gratuitous-arp interval 300

9

arp ip-conflict prompt

Syntax arp ip-conflict prompt undo arp ip-conflict prompt

View

System view

Default level

2: System level

Description

Use arp ip-conflict prompt to enable IP conflict notification.

Use undo arp ip-coflict prompt to restore the default.

By default, this function is disabled.

Examples

# Enable IP conflict notification.

<Sysname> system-view

[Sysname] arp ip-conflict prompt

gratuitous-arp-sending enable

Syntax gratuitous-arp-sending enable undo gratuitous-arp-sending enable

View

System view

Default level

2: System level

Parameters

None

Description

Use gratuitous-arp-sending enable to enable a device to send gratuitous ARP packets when receiving

ARP requests from another network segment.

Use undo gratuitous-arp-sending enable to restore the default.

By default, a device cannot send gratuitous ARP packets when receiving ARP requests from another network segment.

Examples

# Disable a device from sending gratuitous ARP packets.

<Sysname> system-view

[Sysname] undo gratuitous-arp-sending enable

10

gratuitous-arp-learning enable

Syntax gratuitous-arp-learning enable undo gratuitous-arp-learning enable

View

System view

Default level

2: System level

Parameters

None

Description

Use gratuitous-arp-learning enable to enable the gratuitous ARP packet learning function.

Use undo gratuitous-arp-learning enable to disable the function.

By default, the function is enabled.

With this function enabled, a device receiving a gratuitous ARP packet can add the source IP and MAC addresses to its own dynamic ARP table if it finds that no ARP entry exists in the cache corresponding to the source IP address of the ARP packet. If a matching ARP entry is found in the cache, the device updates the ARP entry regardless of whether this function is enabled.

Examples

# Enable the gratuitous ARP packet learning function.

<Sysname> system-view

[Sysname] gratuitous-arp-learning enable

11

Proxy ARP configuration commands

display local-proxy-arp

Syntax display local-proxy-arp [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

2: System level

Parameters interface interface-type interface-number: Displays the local proxy ARP status of the interface specified by the argument interface-type interface-number.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display local-proxy-arp to display the status of the local proxy ARP.

If no interface is specified, the local proxy ARP status of all interfaces is displayed.

Related commands: local-proxy-arp enable.

Examples

# Display the status of the local proxy ARP on VLAN-interface 2.

<Sysname> display local-proxy-arp interface vlan-interface 2

Interface Vlan-interface2

Local Proxy ARP status: enabled

display proxy-arp

Syntax display proxy-arp [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

12

Default level

2: System level

Parameters interface interface-type interface-number: Displays the proxy ARP status of the interface specified by the argument interface-type interface-number.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display proxy-arp to display the proxy ARP status.

If an interface is specified, the proxy ARP status of the specified interface is displayed; if no interface is specified, the proxy ARP status of all interfaces is displayed.

Related commands: proxy-arp enable.

Examples

# Display the proxy ARP status on VLAN-interface 1.

<Sysname> display proxy-arp interface Vlan-interface 1

Interface Vlan-interface 1

Proxy ARP status: disabled

local-proxy-arp enable

Syntax local-proxy-arp enable [ ip-range startIP to endIP ] undo local-proxy-arp enable

View

VLAN interface view, Layer 3 Ethernet interface view, Layer 3 aggregate interface view

Default level

2: System level

Parameters ip-range startIP to endIP: Specifies the IP address range for which local proxy ARP is enabled. The start

IP address must be lower than or equal to the end IP address.

Description

Use local-proxy-arp enable to enable local proxy ARP.

Use undo local-proxy-arp enable to disable local proxy ARP.

By default, local proxy ARP is disabled.

Only one IP address range can be specified by using the ip-range keyword on an interface.

13

Related commands: display local-proxy-arp.

Examples

# Enable local proxy ARP on VLAN-interface 2.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] local-proxy-arp enable

# Enable local proxy ARP on VLAN-interface 2 for a specific IP address range.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] local-proxy-arp enable ip-range 1.1.1.1 to 1.1.1.20

proxy-arp enable

Syntax proxy-arp enable undo proxy-arp enable

View

VLAN interface view, Layer 3 Ethernet interface view, Layer 3 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use proxy-arp enable to enable proxy ARP.

Use undo proxy-arp enable to disable proxy ARP.

By default, proxy ARP is disabled.

Related commands: display proxy-arp.

Examples

# Enable proxy ARP on VLAN-interface 2.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] proxy-arp enable

14

ARP snooping configuration commands

arp-snooping enable

Syntax arp-snooping enable undo arp-snooping enable

View

VLAN view

Default level

2: System level

Parameters

None

Description

Use arp-snooping enable to enable ARP snooping.

Use undo arp-snooping enable to disable ARP snooping.

By default, ARP snooping is disabled.

Examples

# Enable ARP snooping on VLAN 1.

<Sysname> system-view

[Sysname] vlan 1

[Sysname-vlan1] arp-snooping enable

display arp-snooping

Syntax display arp-snooping [ ip ip-address | vlan vlan-id ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

2: System level

Parameters ip ip-address: Displays the ARP snooping entry information for the IP address. vlan vlan-id: Displays ARP snooping entries of a specific VLAN. The vlan-id argument is in the range of

1 to 4094.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide.

15

begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display arp-snooping to display ARP snooping entries. If no keywords or arguments are specified, the command displays all the ARP snooping entries.

Examples

# Display ARP snooping entries of VLAN 1.

<Sysname> display arp-snooping vlan 1

IP Address MAC Address VLAN ID Interface Aging Status

3.3.3.3 0003-0003-0003 1 Eth1/0/1 20 Valid

3.3.3.4 0004-0004-0004 1 Eth1/0/2 5 Invalid

---- Total entry(ies) on VLAN 1:2 ----

reset arp-snooping

Syntax reset arp-snooping [ ip ip-address | vlan vlan-id ]

View

User view

Default level

2: System level

Parameters ip ip-address: Removes the ARP entry of a specific IP address. vlan vlan-id: Removes the ARP entries of a specific VLAN. The vlan-id argument is in the range of 1 to

4094.

Description

Use reset arp-snooping to remove ARP snooping entries. If no keywords or arguments are specified, the command removes all ARP snooping entries.

Examples

# Remove ARP snooping entries of VLAN 1.

<Sysname> reset arp-snooping vlan 1

16

IP addressing configuration commands

display ip interface

Syntax display ip interface [ interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ip interface to display IP configuration information about a specific Layer 3 interface or all

Layer 3 interfaces.

Examples

# Display IP configuration information about interface VLAN-interface 1.

<Sysname> display ip interface vlan-interface 1

Vlan-interface1 current state :DOWN

Line protocol current state :DOWN

Internet Address is 1.1.1.1/8 Primary

Broadcast address : 1.255.255.255

The Maximum Transmit Unit : 1500 bytes input packets : 0, bytes : 0, multicasts : 0 output packets : 0, bytes : 0, multicasts : 0

ARP packet input number: 0

Request packet: 0

Reply packet: 0

Unknown packet: 0

TTL invalid packet number: 0

ICMP packet input number: 0

Echo reply: 0

Unreachable: 0

17

Source quench: 0

Routing redirect: 0

Echo request: 0

Router advert: 0

Router solicit: 0

Time exceed: 0

IP header bad: 0

Timestamp request: 0

Timestamp reply: 0

Information request: 0

Information reply: 0

Netmask request: 0

Netmask reply: 0

Unknown type: 0

Table 2 Command output

Field Description current state

Current physical state of the interface:

Administrative DOWN—The interface is shut down with the shutdown command.

DOWN—The interface is administratively up but its physical state is down, which may be caused by a connection or link failure.

UP—Both the administrative and physical states of the interface are up.

Line protocol current state

Internet Address

Current state of the link layer protocol, which can be:

DOWN—The protocol state of the interface is down.

UP—The protocol state of the interface is up.

UP (spoofing)—The protocol state of the interface pretends to be up.

However, no corresponding link is present, or the corresponding link is not present permanently but is established as needed.

IP address of an interface:

Primary—Identifies a primary IP address.

Sub—Identifies a secondary IP address.

• unnumbered—Identifies an unnumbered IP address.

• acquired via DHCP—Identifies an IP address obtained through DHCP.

• acquired via BOOTP—Identifies an IP address obtained through BOOTP.

Cluster—Identifies a cluster IP address.

Mad—Identifies a MAD IP address.

Broadcast address Broadcast address of the subnet attached to an interface.

The Maximum Transmit Unit Maximum transmission units on the interface, in bytes. input packets, bytes, multicasts output packets, bytes, multicasts

Unicast packets, bytes, and multicast packets received on an interface (the statistics start at the device startup).

18

Field Description

ARP packet input number:

Request packet:

Reply packet:

Unknown packet:

TTL invalid packet number

Total number of ARP packets received on the interface (the statistics start at the device startup), including:

ARP request packets.

ARP reply packets.

Unknown packets.

Number of TTL-invalid packets received on the interface (the statistics start at the device startup).

ICMP packet input number:

Echo reply:

Unreachable:

Source quench:

Routing redirect:

Echo request:

Router advert:

Router solicit:

Time exceed:

IP header bad:

Timestamp request:

Timestamp reply:

Information request:

Information reply:

Netmask request:

Netmask reply:

Unknown type:

Total number of ICMP packets received on the interface (the statistics start at the device startup), including:

Echo reply packets.

Unreachable packets.

Source quench packets.

Routing redirect packets.

Echo request packets.

Router advertisement packets.

Router solicitation packets.

Time exceeded packets.

IP header bad packets.

Timestamp request packets.

Timestamp reply packets.

Information request packets.

Information reply packets.

Netmask request packets.

Netmask reply packets.

Unknown type packets.

display ip interface brief

Syntax display ip interface [ interface-type [ interface-number ] ] brief [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

interface-type: Specifies an interface by its type.

interface-number: Specifies an interface by its number.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see the Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow.

19

exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ip interface brief to display brief IP configuration information for a specified Layer 3 interface or all Layer 3 interfaces.

Without the interface type and interface number, the brief IP configuration information for all Layer

3 interfaces is displayed.

With only the interface type, the brief IP configuration information for all Layer 3 interfaces of the specified type is displayed.

With both the interface type and interface number, only the brief IP configuration information for the specified interface is displayed.

Related commands: display ip interface.

Examples

# Display brief IP configuration information about VLAN interfaces.

<Sysname> display ip interface vlan-interface brief

*down: administratively down

(s): spoofing

Interface Physical Protocol IP Address Description

Vlan1 up up 6.6.6.6 Vlan-inte...

Vlan2 up up 7.7.7.7 Vlan-inte...

Table 3 Command output

Field Description

*down: administratively down

The interface is administratively shut down with the shutdown command.

(s) : spoofing

Spoofing attribute of the interface. It indicates that an interface may have no link present even when its link layer protocol is displayed up or the link is set up only on demand.

Physical

Protocol

IP Address

Description

Physical state of the interface:

*down—The interface is administratively down; that is, the interface is shut down with the shutdown command.

• down—The interface is administratively up but its physical state is down.

• up—Both the administrative and physical states of the interface are up.

Link layer protocol state of the interface:

• down—The protocol state of the interface is down.

• up—That the protocol state of the interface is up.

• up(s)—The protocol state of the interface is up (spoofing).

IP address of the interface (If no IP address is configured, unassigned is displayed.)

Interface description information, for which up to 12 characters can be displayed.

If there are more than 12 characters, only the first nine characters are displayed.

20

ip address

Syntax ip address ip-address { mask-length | mask } [ sub ] undo ip address [ ip-address { mask-length | mask } [ sub ] ]

View

Interface view

Default level

2: System level

Parameters

ip-address: Specifies the IP address of an interface, in dotted decimal notation.

mask-length: Specifies the subnet mask length, the number of consecutive ones in the mask.

mask: Specifies the subnet mask in dotted decimal notation. sub: Specifies the secondary IP address for the interface.

Description

Use ip address to assign an IP address and mask to the interface.

Use undo ip address to remove all IP addresses from the interface.

Use undo ip address ip-address { mask | mask-length } to remove the primary IP address.

Use the undo ip address ip-address { mask | mask-length } sub command to remove a secondary IP address.

By default, no IP address is assigned to any interface.

When assigning IP addresses to an interface, consider the following:

You can assign only one primary IP address to an interface.

The primary and secondary IP addresses can be located in the same network segment.

Before removing the primary IP address, remove all secondary IP addresses.

You cannot assign a secondary IP address to the interface that is configured to obtain one through

BOOTP or DHCP.

Related commands: display ip interface.

Examples

# Assign VLAN-interface 1 a primary IP address 129.12.0.1 and a secondary IP address 202.38.160.1, with subnet masks being 255.255.255.0.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip address 129.12.0.1 255.255.255.0

[Sysname-Vlan-interface1] ip address 202.38.160.1 255.255.255.0 sub

# Assign Layer 3 Ethernet port Ethernet 1/0/5 a primary IP address 129.12.0.1 and a secondary IP address 202.38.160.1, with subnet masks being 255.255.255.0.

<Sysname> system-view

[Sysname]interface Ethernet 1/0/5

[Sysname–Ethernet1/0/5]port link-mode route

21

[Sysname–Ethernet1/0/5]ip address 129.12.0.1 255.255.255.0

[Sysname–Ethernet1/0/5]ip address 202.38.160.1 255.255.255.0 sub

ip address unnumbered

Syntax ip address unnumbered interface interface-type interface-number undo ip address unnumbered

View

Interface view

Default level

2: System level

Parameters interface interface-type interface-number: Specifies an interface from which the current interface can borrow an IP address.

Description

Use ip address unnumbered to configure the current interface as IP unnumbered to borrow an IP address from another interface.

Use undo ip address unnumbered to disable IP unnumbered on the interface.

By default, the interface does not borrow IP addresses from other interfaces.

Examples

# Configure the interface tunnel 1 to borrow the IP address of the interface VLAN-interface 100.

<Sysname> system-view

[Sysname] interface Tunnel 1

[Sysname-Tunnel1] ip address unnumbered interface vlan-interface 100

22

DHCP server configuration commands

bims-server

Syntax bims-server ip ip-address [ port port-number ] sharekey [ cipher | simple ] key undo bims-server

View

DHCP address pool view

Default level

2: System level

Parameters ip ip-address: Specifies an IP address for the BIMS server. port port-number: Specifies a port number for the BIMS server, in the range of 1 to 65534. cipher: Sets a ciphertext key. simple: Sets a plaintext key.

key: Specifies the key string. This argument is case sensitive. If simple is specified, it must be a string of

1 to 16 characters. If cipher is specified, it must be a ciphertext string of 1 to 53 characters. If neither cipher nor simple is specified, you set a plaintext key string.

Description

Use bims-server to specify the IP address, port number, and shared key of the BIMS server in the DHCP address pool for the client.

Use undo bims-server to remove the specified BIMS server information.

By default, no BIMS server information is specified.

If you execute the bims-server command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the IP address 1.1.1.1, port number 80, and shared key aabbcc of the BIMS server in DHCP address pool 0 for the client.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] bims-server ip 1.1.1.1 port 80 sharekey simple aabbcc

bootfile-name

Syntax bootfile-name bootfile-name undo bootfile-name

23

View

DHCP address pool view

Default level

2: System level

Parameters

bootfile-name: Specifies the boot file name, a string of 1 to 63 characters.

Description

Use bootfile-name to specify a bootfile name in the DHCP address pool for the client.

Use undo bootfile-name to remove the specified bootfile name.

By default, no bootfile name is specified.

If you execute the bootfile-name command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the bootfile name aaa.cfg in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] bootfile-name aaa.cfg

dhcp dscp (for DHCP server)

Syntax dhcp dscp dscp-value undo dhcp dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in DHCP packets, in the range of 0 to 63.

Description

Use dhcp dscp to set the DSCP value for DHCP packets sent by the DHCP server.

Use undo dhcp dscp to restore the default.

By default, the DSCP value in DHCP packets sent by the DHCP server is 56.

Examples

# Set the DSCP value to 30 for DHCP packets.

<Sysname> system-view

[Sysname] dhcp dscp 30

24

dhcp enable (for DHCP server)

Syntax dhcp enable undo dhcp enable

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp enable to enable DHCP.

Use undo dhcp enable to disable DHCP.

By default, DHCP is disabled.

You need to enable DHCP before performing DHCP server and relay agent configurations.

Examples

# Enable DHCP.

<Sysname> system-view

[Sysname] dhcp enable

dhcp server apply ip-pool

Syntax dhcp server apply ip-pool pool-name undo dhcp server apply ip-pool [ pool-name ]

View

Interface view

Default level

2: System level

Parameters

pool-name: DHCP address pool name, a case-insensitive string in the range of 1 to 35 characters.

Description

Use dhcp server apply ip-pool to apply an extended address pool on an interface.

Use undo dhcp server apply ip-pool to remove the configuration.

By default, no extended address pool is applied on an interface, and the server assigns an IP address from a common address pool to a client when the client's request arrives at the interface.

25

If you execute the dhcp server apply ip-pool command on an interface, when a client's request arrives at the interface, the server attempts to assign the client the statically bound IP address first and then an IP address from this extended address pool.

Only an extended address pool can be applied on an interface. The address pool to be referenced must already exist.

Related commands: dhcp server ip-pool.

Examples

# Apply extended DHCP address pool 0 on VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp server apply ip-pool 0

dhcp select server global-pool

Syntax dhcp select server global-pool [ subaddress ] undo dhcp select server global-pool [ subaddress ]

View

Interface view

Default level

2: System level

Parameters subaddress: Supports secondary address allocation. When the DHCP server and client are on the same network segment, the server preferably assigns an IP address from an address pool that resides on the same subnet as the primary IP address of the server interface (connecting to the client). If the address pool contains no assignable IP address, the server assigns an IP address from an address pool that resides on the same subnet as the secondary IP addresses of the server interface. If the interface has multiple secondary IP addresses, each address pool is tried in turn for address allocation. Without the keyword subaddress specified, the DHCP server can only assign an IP address from the address pool that resides on the same subnet as the primary IP address of the server interface.

Description

Use dhcp select server global-pool to enable the DHCP server on specified interfaces. After the interface receives a DHCP request from a client, the DHCP server will allocate an IP address from the address pool.

Use undo dhcp select server global-pool to remove the configuration. Upon receiving a DHCP request from a client, the interface will neither assign an IP address to the client, nor serve as a DHCP relay agent to forward the request.

Use the undo dhcp select server global-pool subaddress command to disable the support for secondary address allocation.

By default, the DHCP server is enabled on an interface.

Examples

# Enable the DHCP server on VLAN-interface 1 to assign IP addresses from the address pool that resides on the same subnet as the primary IP address of the server interface (connecting to the client) for the client.

26

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp select server global-pool

dhcp server client-detect enable

Syntax dhcp server client-detect enable undo dhcp server client-detect enable

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp server client-detect enable to enable client off-line detection on the DHCP server.

Use undo dhcp server client-detect enable to disable the function.

By default, the function is disabled.

With this feature enabled, the DHCP server considers a DHCP client goes offline when the ARP entry for the client ages out. In addition, it removes the client’s IP-to-MAC binding entry.

Examples

# Enable client off-line detection on the DHCP server.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp server client-detect enable

dhcp server detect

Syntax dhcp server detect undo dhcp server detect

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp server detect to enable unauthorized DHCP server detection.

27

Use undo dhcp server detect to disable the function.

By default, the function is disabled.

With this function enabled, upon receiving a DHCP request, the DHCP server resolves from the request the IP addresses of DHCP servers which ever offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can use this information to check for unauthorized DHCP servers.

Examples

# Enable unauthorized DHCP server detection.

<Sysname> system-view

[Sysname] dhcp server detect

dhcp server forbidden-ip

Syntax dhcp server forbidden-ip low-ip-address [ high-ip-address ] undo dhcp server forbidden-ip low-ip-address [ high-ip-address ]

View

System view

Default level

2: System level

Parameters

low-ip-address: Specifies the start IP address of the IP address range to be excluded from dynamic allocation.

high-ip-address: Specifies the end IP address of the IP address range to be excluded from dynamic allocation. The end IP address must have a higher sequence than the start one.

Description

Use dhcp server forbidden-ip to exclude IP addresses from dynamic allocation.

Use undo dhcp server forbidden-ip to remove the configuration.

By default, all IP addresses in a DHCP address pool are assignable except IP addresses of the DHCP server interfaces.

When you use the dhcp server forbidden-ip command to exclude an IP address that is bound to a user from dynamic assignment, the address can be still assigned to the user.

When you use the undo dhcp server forbidden-ip command to remove the configuration, the specified address/address range must be consistent with the one specified with the dhcp server forbidden-ip command. If you have configured to exclude an address range from dynamic assignment, you need to specify the same address range in the undo dhcp server forbidden-ip command instead of specifying one IP address.

Using the dhcp server forbidden-ip command repeatedly can exclude multiple IP address ranges from allocation.

Related commands: display dhcp server forbidden-ip, dhcp server ip-pool, network, and static-bind ip-address.

28

Examples

# Exclude the IP address range 10.110.1.1 to 10.110.1.63 from dynamic allocation.

<Sysname> system-view

[Sysname] dhcp server forbidden-ip 10.110.1.1 10.110.1.63

dhcp server ip-pool

Syntax dhcp server ip-pool pool-name [ extended ] undo dhcp server ip-pool pool-name

View

System view

Default level

2: System level

Parameters

pool-name: Specifies the global address pool name, which is a unique pool identifier, a string of 1 to 35 characters. extended: Specifies the address pool as an extended address pool. If this keyword is not specified, the address pool is a common address pool.

Description

Use dhcp server ip-pool to create a DHCP address pool and enter its view. If the pool was created, you will directly enter its view.

Use undo dhcp server ip-pool to remove the specified DHCP address pool.

By default, no DHCP address pool is created.

Related commands: dhcp enable and display dhcp server tree.

Examples

# Create the common address pool identified by 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0]

dhcp server ping packets

Syntax dhcp server ping packets number undo dhcp server ping packets

View

System view

Default level

2: System level

29

Parameters

number: Specifies the number of ping packets, in the range of 0 to 10. 0 means no ping operation.

Description

Use dhcp server ping packets to specify the maximum number of ping packets on the DHCP server.

Use undo dhcp server ping packets to restore the default.

The number defaults to 1.

To avoid IP address conflicts, the DHCP server checks whether an IP address is in use before assigning it to a DHCP client.

The DHCP server pings the IP address to be assigned by using ICMP. If the server gets a response within the specified period, the server selects and pings another IP address. If not, the server pings the IP address again until the specified number of ping attempts is reached. If still no response is received, the server assigns the IP address to the requesting client.

Examples

# Specify the maximum number of ping packets as 10.

<Sysname> system-view

[Sysname] dhcp server ping packets 10

dhcp server ping timeout

Syntax dhcp server ping timeout milliseconds undo dhcp server ping timeout

View

System view

Default level

2: System level

Parameters

milliseconds: Specifies the response timeout value for ping packets in milliseconds, in the range of 0 to

10,000. 0 means no ping operation.

Description

Use dhcp server ping timeout to configure the ping response timeout time on the DHCP server.

Use undo dhcp server ping timeout to restore the default.

The time defaults to 500 ms.

To avoid IP address conflicts, the DHCP server checks whether an IP address is in use before assigning it to a DHCP client.

The DHCP server pings the IP address to be assigned by using ICMP. If the server gets a response within the specified interval, the server selects and pings another IP address. If not, the server pings the IP address again until the specified number of ping attempts is reached. If still no response is received, the server assigns the IP address to the requesting client.

Examples

# Specify the response timeout time as 1000 ms.

30

<Sysname> system-view

[Sysname] dhcp server ping timeout 1000

dhcp server relay information enable

Syntax dhcp server relay information enable undo dhcp server relay information enable

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp server relay information enable to enable the DHCP server to handle Option 82.

Use undo dhcp server relay information enable to configure the DHCP server to ignore Option 82.

By default, the DHCP server handles Option 82.

Examples

# Configure the DHCP server to ignore Option 82.

<Sysname> system-view

[Sysname] undo dhcp server relay information enable

dhcp server threshold

Syntax dhcp server threshold { allocated-ip threshold-value | average-ip-use threshold-value | max-ip-use

threshold-value } undo dhcp server threshold { allocated-ip | average-ip-use | max-ip-use }

View

System view

Default level

2: System level

Parameters allocated-ip threshold-value: Enables the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within five minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100. average-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the average IP address utilization of an address pool within five minutes

31

reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100. max-ip-use threshold-value: Enables the DHCP server to send trap messages to the network management server when the maximum IP address utilization of an address pool within five minutes reaches the threshold specified by the threshold-value argument. The threshold is a percentage value ranging from 1 to 100.

Description

Use dhcp server threshold to enable the DHCP server to send trap messages to the network management server when the specified threshold is reached.

Use undo dhcp server threshold to restore the default.

By default, the DHCP server does not send trap messages to the network management server.

Examples

# Enable the DHCP server to send trap messages to the network management server when the ratio of successfully allocated IP addresses to received DHCP requests within five minutes exceeds 50%.

<Sysname> system-view

[Sysname] dhcp server threshold allocated-ip 50

# Enable the DHCP server to send trap messages to the network management server when the average

IP address utilization of an address pool within five minutes exceeds 80%.

<Sysname> system-view

[Sysname] dhcp server threshold average-ip-use 80

# Enable the DHCP server to send trap messages to the network management server when the maximum

IP address utilization of an address pool within five minutes exceeds 80%.

<Sysname> system-view

[Sysname] dhcp server threshold max-ip-use 80

display dhcp server conflict

Syntax display dhcp server conflict { all | ip ip-address } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays information about all IP address conflicts.

ip-address: Displays conflict information for a specific IP address.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

32

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server conflict to display information about IP address conflicts.

Related commands: reset dhcp server conflict.

Examples

# Display information about all IP address conflicts.

<Sysname> display dhcp server conflict all

Address Discover time

4.4.4.1 Apr 25 2007 16:57:20

4.4.4.2 Apr 25 2007 17:00:10

--- total 2 entry ---

Table 4 Command output

Field Description

Address Conflicted IP address

Discover Time Time when the conflict was discovered

display dhcp server expired

Syntax display dhcp server expired { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays lease expiration information about all DHCP address pools. ip ip-address: Displays lease expiration information about a specific IP address. pool [ pool-name ]: Displays lease expiration information about a specific address pool. The pool name is a string of 1 to 35 characters. If the pool name is not specified, this command displays lease expiration information about all address pools.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

33

Description

Use display dhcp server expired to display lease expiration information about specified DHCP address pools or an IP address.

DHCP will assign these expired IP addresses to DHCP clients after all addresses have been assigned.

Examples

# Display information about lease expirations in all DHCP address pools.

<Sysname> display dhcp server expired all

IP address Client-identifier/ Lease expiration Type

Hardware address

4.4.4.6 3030-3066-2e65-3230- Apr 25 2007 17:10:47 Release

302e-3130-3234-2d45-

7468-6572-6e65-7430-

2f31

--- total 1 entry ---

Table 5 Command output

Field Description

IP address Expired IP addresses.

Client-identifier/Hardware address

Lease expiration

Type

IDs or MACs of clients whose IP addresses were expired.

The lease expiration time.

Types of lease expirations. This field is set to Release.

display dhcp server free-ip

Syntax display dhcp server free-ip [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server free-ip to display information about assignable IP addresses which have never been assigned.

34

Examples

# Display information about assignable IP addresses.

<Sysname> display dhcp server free-ip

IP Range from 10.0.0.1 to 10.0.0.254

display dhcp server forbidden-ip

Syntax display dhcp server forbidden-ip [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server forbidden-ip to display IP addresses excluded from dynamic allocation in DHCP address pool.

Examples

# Display IP addresses excluded from dynamic allocation in the DHCP address pool.

<Sysname> display dhcp server forbidden-ip

Global:

IP Range from 1.1.0.2 to 1.1.0.3

IP Range from 1.1.1.2 to 1.1.1.3

Pool name: 2

1.1.1.5 1.1.1.6

Table 6 Command output

Field Description

Global

Globally excluded IP addresses specified with the dhcp server forbidden-ip command in system view. No address pool can assign these IP addresses.

Pool name

Excluded IP addresses specified with the forbidden-ip command in DHCP address pool view. They cannot be assigned from the current extended address pool only.

35

display dhcp server ip-in-use

Syntax display dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] } [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays binding information about all DHCP address pools. ip ip-address: Displays binding information about a specific IP address. pool [ pool-name ]: Displays binding information about a specific address pool. The pool name is a string of 1 to 35 characters. If no pool name is specified, this command displays binding information about all address pools.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server ip-in-use to display binding information about DHCP address pools or an IP address.

Related commands: reset dhcp server ip-in-use.

Examples

# Display binding information about all DHCP address pools.

<Sysname> display dhcp server ip-in-use all

Pool utilization: 0.39%

IP address Client-identifier/ Lease expiration Type

Hardware address

10.1.1.1 4444-4444-4444 NOT Used Manual

10.1.1.2 3030-3030-2e30-3030- May 1 2009 14:02:49 Auto:COMMITTED

662e-3030-3033-2d45-

7468-6572-6e65-7430-

2f31

--- total 2 entry ---

36

Table 7 Command output

Field Description

Pool utilization

IP address

Utilization rate of IP addresses in a DHCP address pool, which is the ratio of assigned IP addresses to assignable IP addresses in the

DHCP address pool.

When binding information about all DHCP address pools is displayed, this field displays the total utilization rate of IP addresses in all DHCP address pools.

When binding information about a specific DHCP address pool is displayed, this field displays the utilization rate of IP addresses in the DHCP address pool.

When binding information about a specific IP address is displayed, this field is not displayed.

Bound IP address.

Client-identifier/Hardware address

Lease expiration

Client’s ID or MAC of the binding.

Lease expiration time:

Specific time (May 1 2009 14:02:49 in this example)—Time when the lease expires.

NOT Used—The IP address of the static binding has not been assigned to the specific client.

Unlimited—Infinite lease expiration time.

Type

Binding types:

Manual—Static binding.

Auto:OFFERED—The binding sent in the DHCP-OFFER message from the server to the client.

Auto:COMMITTED—The binding sent in the DHCP-ACK message from the server to the client.

In the output from the display dhcp server ip-in-use command, the lease duration of a used static binding is displayed as Unlimited instead of the actual lease duration. To display the actual lease duration, use the display this command in DHCP address pool view.

display dhcp server statistics

Syntax display dhcp server statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.

37

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server statistics to display the statistics of the DHCP server.

Related commands: reset dhcp server statistics.

Examples

# Display the statistics on the DHCP server.

<Sysname> display dhcp server statistics

Global Pool:

Pool Number: 1

Binding:

Auto: 1

Manual: 0

Expire: 0

BOOTP Request: 10

DHCPDISCOVER: 5

DHCPREQUEST: 3

DHCPDECLINE: 0

DHCPRELEASE: 2

DHCPINFORM: 0

BOOTPREQUEST: 0

BOOTP Reply: 6

DHCPOFFER: 3

DHCPACK: 3

DHCPNAK: 0

BOOTPREPLY: 0

Bad Messages: 0

Table 8 Command output

Field Description

Global Pool Statistics of a DHCP address pool.

Pool Number

Auto

Manual

Expire

The number of address pools.

The number of dynamic bindings.

The number of static bindings.

The number of expired bindings.

BOOTP Request

The number of DHCP requests sent from DHCP clients to the DHCP server. The requests include:

DHCPDISCOVER.

DHCPREQUEST.

DHCPDECLINE.

DHCPRELEASE.

DHCPINFORM.

BOOTPREQUEST.

38

Field Description

BOOTP Reply

Bad Messages

The number of DHCP replies sent from the DHCP server to DHCP clients. The replies include:

DHCPOFFER.

DHCPACK.

DHCPNAK.

BOOTPREPLY.

The number of Erroneous messages.

display dhcp server tree

Syntax display dhcp server tree { all | pool [ pool-name ] } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays information about all DHCP address pools. pool [ pool-name ]: Displays information about a specific address pool. The pool name argument is a string of 1 to 35 characters. If no pool name is specified, this command displays information about all address pools.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp server tree to display information about DHCP address pools.

Examples

# Display information about all DHCP address pools.

<Sysname> display dhcp server tree all

Global pool:

Pool name: 0

network 20.1.1.0 mask 255.255.255.0

Sibling node:1

option 2 ip-address 1.1.1.1

expired 1 0 0 0

39

Pool name: 1

static-bind ip-address 10.10.1.2 mask 255.0.0.0

static-bind mac-address 00e0-00fc-0001

PrevSibling node:0

expired unlimited

Extended pool:

Pool name: 2

network ip range 1.1.1.0 1.1.1.255

network mask 255.255.255.0

expired 0 0 2 0

Table 9 Command output

Field Description

Global pool Information about a common address pool.

Pool name network static-bind ip-address 10.10.1.2 mask

255.0.0.0 static-bind mac-address 00e0-00fc-0001

Address pool name.

Subnet for address allocation.

The IP address and MAC address of the static binding.

Sibling node option expired

Extended pool network ip range network mask

The sibling node of the current node. Nodes of this kind in the output can be:

Child node—The child node (subnet segment) address pool of the current node.

Parent node—The parent node (nature network segment) address pool of the current node.

Sibling node—The latter sibling node of the current node

(another subnet of the same nature network). The earlier the sibling node is configured, the higher order the sibling node has.

PrevSibling node—The previous sibling node of the current node.

Self-defined DHCP options.

The lease duration, in the format of day, hour, minute, and second.

Information about an extended address pool.

Range of assignable IP addresses in the extended address pool.

Mask of IP addresses assigned from the extended address pool.

dns-list

Syntax dns-list ip-address&<1-8> undo dns-list { ip-address | all }

40

View

DHCP address pool view

Default level

2: System level

Parameters

ip-address&<1-8>: Specifies the DNS server IP address. &<1-8> means you can specify up to eight DNS server addresses separated by spaces. all: Specifies all DNS server addresses to be removed.

Description

Use dns-list to specify DNS server addresses in a DHCP address pool.

Use undo dns-list to remove DNS server addresses from a DHCP address pool.

By default, no DNS server address is specified.

If you perform the dns-list command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the DNS server address 10.1.1.254 for the DHCP client in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] dns-list 10.1.1.254

domain-name

Syntax domain-name domain-name undo domain-name

View

DHCP address pool view

Default level

2: System level

Parameters

domain-name: Domain name suffix for DHCP clients, a string of 1 to 50 characters.

Description

Use domain-name to specify a domain name suffix for the DHCP clients in the DHCP address pool.

Use undo domain-name to remove the specified domain name suffix.

No domain name suffix is specified by default.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify a domain name suffix of mydomain.com for the DHCP clients in DHCP address pool 0.

<Sysname> system-view

41

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] domain-name mydomain.com

expired

Syntax expired { day day [ hour hour [ minute minute [ second second ] ] ] | unlimited } undo expired

View

DHCP address pool view

Default level

2: System level

Parameters day day: Specifies the number of days, in the range of 0 to 365. hour hour: Specifies the number of hours, in the range of 0 to 23. minute minute: Specifies the number of minutes, in the range of 0 to 59. second second: Specifies the number of seconds, in the range of 0 to 59. unlimited: Specifies the unlimited lease duration, which is actually 136 years.

Description

Use expired to specify the lease duration in a DHCP address pool.

Use undo expired to restore the default lease duration in a DHCP address pool.

By default, the lease duration of a static address pool is unlimited, and the lease duration of a dynamic address pool is one day.

The lease duration cannot be less than 5 seconds.

The lease duration can be specified and takes effect for a static binding, but the lease duration from the display dhcp server ip-in-use all command output is still Unlimited.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the lease duration as one day, two hours, three minutes, and four seconds in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] expired day 1 hour 2 minute 3 second 4

forbidden-ip

Syntax forbidden-ip ip-address&<1-8> undo forbidden-ip { ip-address&<1-8> | all }

42

View

DHCP extended address pool view

Default level

2: System level

Parameters

ip-address&<1-8>: Specifies the IP addresses to be excluded from dynamic allocation. &<1-8> indicates that you can specify up to eight IP addresses, separated with spaces. all: Excludes all IP addresses from dynamic allocation.

Description

Use forbidden-ip to exclude IP addresses from dynamic allocation in an extended address pool.

Use undo forbidden-ip to cancel specified or all excluded IP addresses.

By default, all IP addresses in an extended address pool are assignable except the IP addresses of the

DHCP server interfaces.

Only the extended address pools support this command.

IP addresses specified with the forbidden-ip command in DHCP address pool view are excluded from dynamic address allocation in the current extended address pool only. They are assignable in other address pools.

Repeatedly using the forbidden-ip command can exclude multiple IP address ranges from dynamic allocation.

Related commands: dhcp server ip-pool and display dhcp server forbidden-ip.

Examples

# Exclude IP addresses 192.168.1.3 and 192.168.1.10 from dynamic allocation for extended address pool

0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0 extended

[Sysname-dhcp-pool-0] forbidden-ip 192.168.1.3 192.168.1.10

gateway-list

Syntax gateway-list ip-address&<1-8> undo gateway-list { ip-address | all }

View

DHCP address pool view

Default level

2: System level

Parameters

ip-address&<1-8>: Specifies the gateway IP address. &<1-8> means you can specify up to eight gateway addresses separated by spaces. all: Specifies all gateway IP addresses to be removed.

43

Description

Use gateway-list to specify gateway addresses in a DHCP address pool.

Use undo gateway-list to remove specified gateway addresses specified for the DHCP client from a

DHCP address pool.

By default, no gateway address is specified.

If you use the gateway-list command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the gateway address 10.110.1.99 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] gateway-list 10.110.1.99

nbns-list

Syntax nbns-list ip-address&<1-8> undo nbns-list { ip-address | all }

View

DHCP address pool view

Default level

2: System level

Parameters

ip-address&<1-8>: Specifies the WINS server IP address. &<1-8> means you can specify up to eight

WINS server addresses separated by spaces. all: Specifies all WINS server addresses to be removed.

Description

Use nbns-list to specify WINS server addresses in a DHCP address pool.

Use undo nbns-list to remove the specified WINS server addresses.

By default, no WINS server address is specified.

If you use the nbns-list command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool, netbios-type, and display dhcp server tree.

Examples

# Specify WINS server address 10.12.1.99 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] nbns-list 10.12.1.99

44

netbios-type

Syntax netbios-type { b-node | h-node | m-node | p-node } undo netbios-type

View

DHCP address pool view

Default level

2: System level

Parameters b-node: Specifies the broadcast node. A b-node client sends the destination name in a broadcast message to get the name-to-IP mapping from a server. h-node: Specifies the hybrid node. An h-node client unicasts the destination name to a WINS server, and if receiving no response, then broadcasts it to get the mapping from a server. m-node: Specifies the mixed node. An m-node client broadcasts the destination name, and if receiving no response, then unicasts the destination name to the WINS server to get the mapping. p-node: Specifies the peer-to-peer node. A p-node client sends the destination name in a unicast message to get the mapping from the WINS server.

Description

Use netbios-type to specify the client NetBIOS node type in a DHCP address pool.

Use undo netbios-type to remove the specified client NetBIOS node type.

By default, no NetBIOS node type is specified.

Related commands: dhcp server ip-pool, nbns-list, and display dhcp server tree.

Examples

# Specify the NetBIOS node type as b-node in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] netbios-type b-node

network

Syntax network network-address [ mask-length | mask mask ] undo network

View

DHCP address pool view

Default level

2: System level

45

Parameters

network-address: Specifies the subnet for dynamic allocation. If no mask length and mask is specified, the natural mask will be used.

mask-length: Specifies the mask length, in the range of 1 to 30. mask mask: Specifies the IP address network mask, in dotted decimal format.

Description

Use network to specify the subnet for dynamic allocation in a DHCP address pool.

Use undo network to remove the specified subnet.

No subnet is specified by default.

You can specify only one subnet for each common address pool. If you use the network command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify 192.168.8.0/24 as the subnet for dynamic allocation in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] network 192.168.8.0 mask 255.255.255.0

network ip range

Syntax network ip range min-address max-address undo network ip range

View

DHCP address pool view

Default level

2: System level

Parameters

min-address: Specifies the lowest IP address for dynamic allocation.

max-address: Specifies the highest IP address for dynamic allocation.

Description

Use network ip range to specify the IP address range for dynamic allocation in an address pool.

Use undo network ip range to remove the specified address range.

No IP address range is specified by default.

In a common address pool, you can use the network ip range command to further specify an IP address range on a subnet for address allocation. The specified IP address range must belong to the subnet.

Otherwise, the common address pool cannot assign IP addresses.

You can specify only one IP address range for each address pool. If you use the network ip range command repeatedly, the latest configuration overwrites the previous one.

46

Related commands: dhcp server ip-pool, network, and display dhcp server tree.

Examples

# Specify addresses 10.1.1.1 through 10.1.1.150 on subnet 10.1.1.0/24 for dynamic address allocation in common address pool 1.

<Sysname> system-view

[Sysname] dhcp server ip-pool 1

[Sysname-dhcp-pool-1] network 10.1.1.0 24

[Sysname-dhcp-pool-1] network ip range 10.1.1.1 10.1.1.150

# Specify addresses 192.168.8.1 through 192.168.8.150 for dynamic address allocation in extended address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0 extended

[Sysname-dhcp-pool-0] network ip range 192.168.8.1 192.168.8.150

network mask

Syntax network mask mask undo network mask

View

DHCP extended address pool view

Default level

2: System level

Parameters

mask: Specifies a network mask, in dotted decimal notation.

Description

Use network mask to specify the IP address mask for dynamic allocation in an extended address pool.

Use undo network mask to remove the specified IP address mask.

No IP address mask is specified by default.

Only the extended address pools support this command.

If you specify an IP address range for an extended address pool without an IP address mask, the extended address pool is not valid, and therefore the system cannot assign IP addresses from the extended address pool.

Related commands: dhcp server ip-pool, display dhcp server tree, and network ip range.

Examples

# Specify 255.255.255.0 as the IP address mask for dynamic allocation in extended address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0 extended

[Sysname-dhcp-pool-0] network mask 255.255.255.0

47

next-server

Syntax next-server ip-address undo next-server

View

DHCP address pool view

Default level

2: System level

Parameters

ip-address: Specifies the IP address of a server.

Description

Use next-server to specify the IP address of a server for DHCP clients.

Use undo next-server to remove the server’s IP address from the DHCP address pool.

By default, no server's IP address is specified in the address pool on the DHCP server.

If you repeatedly execute this command, the new configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify a server’s IP address 1.1.1.1 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] next-server 1.1.1.1

option

Syntax option code { ascii ascii-string | hex hex-string&<1-16> | ip-address ip-address&<1-8> } undo option code

View

DHCP address pool view

Default level

2: System level

Parameters

code: Self-defined option number, in the range of 2 to 254, excluding 12, 50 to 55, 57 to 61, and 82. ascii ascii-string: Specifies an ASCII string with 1 to 255 characters. hex hex-string&<1-16>: Specifies hex digit strings. &<1-16> indicates that you can specify up to 16 hex digit strings, separated by spaces. Each string contains 2, 4, 6 or 8 hex digits. ip-address ip-address&<1-8>: Specifies IP addresses. &<1-8> indicates that you can specify up to eight

IP addresses, separated by spaces.

48

Description

Use option to configure a self-defined DHCP option in a DHCP address pool.

Use undo option to remove a self-defined DHCP option from a DHCP address pool.

The option command is not configured by default.

If you use the option command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Configure the hex digits 0x11 and 0x22 for the self-defined DHCP Option 100 in DHCP address pool

0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] option 100 hex 11 22

reset dhcp server conflict

Syntax reset dhcp server conflict { all | ip ip-address }

View

User view

Default level

2: System level

Parameters all: Clears the statistics of all IP address conflicts. ip ip-address: Clears the conflict statistics of a specific IP address.

Description

Use reset dhcp server conflict to clear statistics of IP address conflicts.

Related commands: display dhcp server conflict.

Examples

# Clears the statistics of all IP address conflicts.

<Sysname> reset dhcp server conflict all

reset dhcp server ip-in-use

Syntax reset dhcp server ip-in-use { all | ip ip-address | pool [ pool-name ] }

View

User view

Default level

2: System level

49

Parameters all: Clears IP address dynamic binding information about all DHCP address pools. ip ip-address: Clears dynamic binding information about a specific IP address. pool [ pool-name ]: Clears dynamic binding information about a specific address pool. The pool name is a string of 1 to 35 characters. If no pool name is specified, this command clears dynamic binding information about all address pools.

Description

Use reset dhcp server ip-in-use to clear dynamic IP address binding information.

Related commands: display dhcp server ip-in-use.

Examples

# Clear binding information about IP address 10.110.1.1.

<Sysname> reset dhcp server ip-in-use ip 10.110.1.1

reset dhcp server statistics

Syntax reset dhcp server statistics

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset dhcp server statistics to clear the statistics of the DHCP server.

Related commands: display dhcp server statistics.

Examples

# Clear the statistics of the DHCP server.

<Sysname> reset dhcp server statistics

static-bind client-identifier

Syntax static-bind client-identifier client-identifier undo static-bind client-identifier

View

DHCP address pool view

Default level

2: System level

50

Parameters

client-identifier: Client ID of a static binding, a string with 4 to 160 characters in the format of H-H-H…, each H indicates 4 hex digits except the last H indicates 2 or 4 hex digits. For example, aabb-cccc-dd is a valid ID, but aabb-c-dddd and aabb-cc-dddd are both invalid.

Description

Use static-bind client-identifier to specify the client ID of a static binding in a DHCP address pool.

Use undo static-bind client-identifier to remove the client ID of a static binding from a DHCP address pool.

By default, no client ID is specified.

Use the static-bind client-identifier command together with the static-bind ip-address command to accomplish a static binding configuration.

The ID of the static binding of a client must be identical to the ID displayed by using the display dhcp client verbose command on the client. Otherwise, the client cannot obtain an IP address.

If you use the static-bind client-identifier or static-bind mac-address command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool, static-bind ip-address, static-bind mac-address, display dhcp server tree, and display dhcp client verbose.

Examples

# Bind the client ID aaaa-bbbb to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0

[Sysname-dhcp-pool-0] static-bind client-identifier aaaa-bbbb

static-bind ip-address

Syntax static-bind ip-address ip-address [ mask-length | mask mask ] undo static-bind ip-address

View

DHCP address pool view

Default level

2: System level

Parameters

ip-address: Specifies the IP address of a static binding. If no mask and mask length is specified, the natural mask is used.

mask-length: Specifies the mask length of the IP address, which is the number of 1s in the mask, in the range of 1 to 30. mask mask: Specifies the IP address mask, in dotted decimal format.

Description

Use static-bind ip-address to specify an IP address in a DHCP address pool for a static binding.

51

Use undo static-bind ip-address to remove the statically bound IP address.

By default, no IP address is statically bound in a DHCP address pool.

Use the static-bind ip-address command together with the static-bind mac-address or static-bind client-identifier command to accomplish a static binding configuration.

The IP address of the static binding cannot be an interface address of the DHCP server. Otherwise, an IP address conflict may occur, and the bound client cannot obtain an IP address correctly.

If you use the static-bind ip-address command repeatedly, the latest configuration overwrites the previous one.

Related commands: dhcp server ip-pool, static-bind client-identifier, static-bind mac-address, and display dhcp server tree.

Examples

# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0

[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305

static-bind mac-address

Syntax static-bind mac-address mac-address undo static-bind mac-address

View

DHCP address pool view

Default level

2: System level

Parameters

mac-address: Specifies the MAC address of a static binding, in the format of H-H-H.

Description

Use static-bind mac-address to statically bind a MAC address to an IP address in a DHCP address pool.

Use undo static-bind mac-address to remove the statically bound MAC address.

By default, no MAC address is statically bound.

Use the static-bind mac-address command together with the static-bind ip-address command to complete a static binding configuration.

If you use the static-bind mac-address or static-bind client-identifier command repeatedly, the latest configuration overwrites the previous one.

Relate commands: dhcp server ip-pool, static-bind client-identifier, static-bind ip-address, display dhcp server tree.

52

Examples

# Bind the client MAC address 0000-e03f-0305 to the IP address 10.1.1.1 with the mask 255.255.255.0 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0

[Sysname-dhcp-pool-0] static-bind mac-address 0000-e03f-0305

tftp-server domain-name

Syntax tftp-server domain-name domain-name undo tftp-server domain-name

View

DHCP address pool view

Default level

2: System level

Parameters

domain-name: Specifies the TFTP server name, a string of 1 to 63 characters.

Description

Use tftp-server domain-name to specify a TFTP server name in a DHCP address pool.

Use undo tftp-server domain-name to remove the TFTP server name from a DHCP address pool.

By default, no TFTP server name is specified.

If you perform the tftp-server domain-name command repeatedly, the last configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the TFTP server name as aaa in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] tftp-server domain-name aaa

tftp-server ip-address

Syntax tftp-server ip-address ip-address undo tftp-server ip-address

View

DHCP address pool view

Default level

2: System level

53

Parameters

ip-address: Specifies the TFTP server IP address.

Description

Use tftp-server ip-address to specify the TFTP server IP address in a DHCP address pool.

Use undo tftp-server ip-address to remove the TFTP server IP address from a DHCP address pool.

By default, no TFTP server address is specified.

If you perform the tftp-server ip-address command repeatedly, the last configuration overwrites the previous one.

Related commands: dhcp server ip-pool and display dhcp server tree.

Examples

# Specify the TFTP server address 10.1.1.1 in DHCP address pool 0.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] tftp-server ip-address 10.1.1.1

vendor-class-identifier

Syntax vendor-class-identifier hex-string&<1-255> ip range min-address max-address undo vendor-class-identifier hex-string&<1-255>

View

DHCP extended address pool view

Default level

2: System level

Parameters

hex-string&<1-255>: A character string, which is used to match against Option 60 (vendor class identifier option). hex-string is a hexadecimal number ranging from 0 to FF. &<1-255> indicates that you can type up to 255 hexadecimal numbers, which are separated by spaces. ip range min-address max-address: Specifies the IP address range for dynamic allocation. min-address is the lowest IP address and max-address is the highest IP address for dynamic allocation.

Description

Use vendor-class-identifier to specify an IP address range for the DHCP clients of a specific vendor.

Use undo vendor-class-identifier to restore the default.

By default, no IP address range is specified for the DHCP clients of any vendor.

After this feature is configured in an extended DHCP address pool, the DHCP server, when using the extended DHCP address pool to assign an IP address to a DHCP client, checks whether Option 60 in the

DHCP request is the same as the character string configured with the vendor-class-identifier command.

If yes, the DHCP server selects an IP address from the address range specified with this command. If not, the DHCP server selects one from the address range specified with the network ip range command.

54

NOTE:

Only extended address pools support this command.

• The IP address range specified with this command must be included in that specified with the network ip range command.

Related commands: network ip range and network mask.

Examples

# Specify IP address rang 10.1.1.1 to 10.1.1.5 for the DHCP clients of vender a0 b0 0c.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0 extended

[Sysname-dhcp-pool-0] vendor-class-identifier a0 b0 0c ip range 10.1.1.1 10.1.1.5

voice-config

Syntax voice-config { as-ip ip-address | fail-over ip-address dialer-string | ncp-ip ip-address | voice-vlan vlan-id

{ disable | enable } } undo voice-config [ as-ip | fail-over | ncp-ip | voice-vlan ]

View

DHCP address pool view

Default level

2: System level

Parameters as-ip ip-address: Specifies the IP address for the backup network calling processor. When the primary network calling processor is unavailable, the DHCP client uses the backup network calling processor. fail-over ip-address dialer-string: Specifies the failover IP address and dialer string. The dialer-string is a string of 1 to 39 characters, which can be 0 to 9, and "*". ncp-ip ip-address: Specifies the IP address for the primary network calling processor. voice-vlan vlan-id: Specifies the voice VLAN ID, in the range of 2 to 4094. disable: Disables the specified voice VLAN ID, meaning DHCP clients will not take this ID as their voice

VLAN. enable: Enables the specified voice VLAN ID, meaning DHCP clients will take this ID as their voice VLAN.

Description

Use voice-config to configure specified Option 184 contents in a DHCP address pool.

Use undo voice-config to remove specified Option 184 contents from a DHCP address pool.

By default, no Option 184 content is configured.

You must specify the IP address of a network calling processor first to make other configured parameters take effect.

Related commands: dhcp server ip-pool and display dhcp server tree.

55

Examples

# Configure Option 184 in DHCP address pool 0: the primary network calling processor 10.1.1.1, backup network calling processor 10.2.2.2, voice VLAN ID 3 that is enabled, the failover IP address 10.3.3.3, and dialer string 99*.

<Sysname> system-view

[Sysname] dhcp server ip-pool 0

[Sysname-dhcp-pool-0] voice-config ncp-ip 10.1.1.1

[Sysname-dhcp-pool-0] voice-config as-ip 10.2.2.2

[Sysname-dhcp-pool-0] voice-config voice-vlan 3 enable

[Sysname-dhcp-pool-0] voice-config fail-over 10.3.3.3 99*

56

DHCP relay agent configuration commands

The DHCP relay agent configuration is supported only on Layer 3 Ethernet ports, VLAN interfaces, and

Layer 3 aggregate interfaces.

dhcp dscp (for DHCP relay agent)

Syntax dhcp dscp dscp-value undo dhcp dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in DHCP packets, in the range of 0 to 63.

Description

Use dhcp dscp to set the DSCP value for DHCP packets sent by the DHCP relay agent.

Use undo dhcp dscp to restore the default.

By default, the DSCP value in DHCP packets sent by the DHCP relay agent is 56.

Examples

# Set the DSCP value to 30 for DHCP packets.

<Sysname> system-view

[Sysname] dhcp dscp 30

dhcp enable (for DHCP relay agent)

Syntax dhcp enable undo dhcp enable

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp enable to enable DHCP.

57

Use undo dhcp enable to disable DHCP.

By default, DHCP is disabled.

Enable DHCP before you perform DHCP server and relay agent configurations.

Examples

# Enable DHCP.

<Sysname> system-view

[Sysname] dhcp enable

dhcp relay address-check enable

Syntax dhcp relay address-check enable undo dhcp relay address-check enable

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp relay address-check enable to enable address check on the relay agent.

Use undo dhcp relay address-check enable to disable address check on the relay agent.

By default, the function is disabled.

With this feature enabled, the DHCP relay agent can dynamically record clients’ IP-to-MAC bindings after clients get IP addresses through DHCP. It also supports static bindings. You can manually configure

IP-to-MAC bindings on the DHCP relay agent, so that users can access external networks using fixed IP addresses.

Upon receiving an ARP packet, the DHCP relay agent matches the sender’s IP and MAC addresses in the packet against the bindings (both dynamic and static). If no match is found, the DHCP relay agent does not learn the ARP entry. The sending host cannot access external networks via the DHCP relay agent.

This command can be executed only on Layer 3 Ethernet ports and VLAN interfaces.

The dhcp relay address-check enable command only checks IP and MAC addresses of clients.

Examples

# Enable address check on the DHCP relay agent.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay address-check enable

58

dhcp relay check mac-address

Syntax dhcp relay check mac-address undo dhcp relay check mac-address

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp relay check mac-address to enable MAC address check on the DHCP relay agent.

Use undo dhcp relay check mac-address to disable MAC address check on the DHCP relay agent.

By default, this function is disabled.

With this function enabled, the DHCP relay agent compares the chaddr field of a received DHCP request with the source MAC address field of the frame. If they are the same, the DHCP relay agent decides this request as valid and forwards it to the DHCP server. If not, the DHCP request is discarded.

DHCP relay agents change the source MAC addresses when forwarding DHCP packets. Therefore, you can enable MAC address check only on a DHCP relay agent directly connected to the DHCP clients.

Otherwise, valid DHCP packets may be discarded and clients cannot obtain IP addresses.

Examples

# Enable MAC address check on the DHCP relay agent.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay check mac-address

dhcp relay client-detect enable

Syntax dhcp relay client-detect enable undo dhcp relay client-detect enable

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp relay client-detect enable to enable offline detection on the DHCP relay agent.

59

Use undo dhcp relay client-detect enable to disable offline detection on the DHCP relay agent.

By default, this function is disabled.

With this function enabled on an interface, the DHCP relay agent removes a client’s IP-to-MAC binding entry when it is aged out, and sends a DHCP-RELEASE request to the DHCP server to release the IP address of the client.

Examples

# Enable offline detection on the DHCP relay agent.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay client-detect enable

dhcp relay information circuit-id format-type

Syntax dhcp relay information circuit-id format-type { ascii | hex } undo dhcp relay information circuit-id format-type

View

Interface view

Default level

2: System level

Parameters ascii: Specifies the code type for the circuit ID sub-option as ascii. hex: Specifies the code type for the circuit ID sub-option as hex.

Description

Use dhcp relay information circuit-id format-type to configure the code type for the non-user-defined circuit ID sub-option.

Use undo dhcp relay information circuit-id format-type to restore the default.

By default, the code type for the circuit ID sub-option depends on the specified padding format of Option

82. Each field has its own code type.

This command applies only to configuring the non-user-defined circuit ID sub-option. After you configure the padding content for the circuit ID sub-option using the dhcp relay information circuit-id string command, ASCII is adopted as the code type.

Related commands: display dhcp relay information.

Examples

# Configure the code type for the non-user-defined circuit ID sub-option as ascii.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information circuit-id format-type ascii

60

dhcp relay information circuit-id string

Syntax dhcp relay information circuit-id string circuit-id undo dhcp relay information circuit-id string

View

Interface view

Default level

2: System level

Parameters

circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.

Description

Use dhcp relay information circuit-id string to configure the padding content for the user-defined circuit

ID sub-option.

Use undo dhcp relay information circuit-id string to restore the default.

By default, the padding content for the circuit ID sub-option depends on the padding format of Option

82.

After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.

Related commands: dhcp relay information format and display dhcp relay information.

Examples

# Configure the padding content for the circuit ID sub-option as company001.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information circuit-id string company001

dhcp relay information enable

Syntax dhcp relay information enable undo dhcp relay information enable

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp relay information enable to enable the relay agent to support Option 82.

61

Use undo dhcp relay information enable to disable Option 82 support.

By default, Option 82 support is disabled on the DHCP relay agent.

Related commands: display dhcp relay information.

Examples

# Enable Option 82 support on the relay agent.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information enable

dhcp relay information format

Syntax dhcp relay information format { normal | verbose [ node-identifier { mac | sysname | user-defined

node-identifier } ] } undo dhcp relay information format

View

Interface view

Default level

2: System level

Parameters normal: Specifies the normal padding format. verbose: Specifies the verbose padding format. node-identifier { mac | sysname | user-defined node-identifier }: Specifies the access node identifier. By default, the node MAC address is used as the node identifier.

mac indicates using the MAC address as the node identifier.

sysname indicates using the device name of a node as the node identifier.

user-defined node-identifier indicates using a specific character string as the node identifier, in which node-identifier is a string with 1 to 50 characters.

Description

Use dhcp relay information format to specify a padding format for Option 82.

Use undo dhcp relay information format to restore the default padding format.

The Option 82 padding format defaults to normal.

If configuring the handling strategy of the DHCP relay agent as replace, you need to configure a padding format of Option 82. If the handling strategy is keep or drop, you need not configure any padding format.

If sub-option 1 (node identifier) of Option 82 is padded with the device name (sysname) of a node, the device name must contain no spaces. Otherwise, the DHCP relay agent will drop the message.

Related commands: display dhcp relay information.

Examples

# Specify the verbose padding format for Option 82.

62

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information enable

[Sysname-Vlan-interface1] dhcp relay information strategy replace

[Sysname-Vlan-interface1] dhcp relay information format verbose

dhcp relay information remote-id format-type

Syntax dhcp relay information remote-id format-type { ascii | hex } undo dhcp relay information remote-id format-type

View

Interface view

Default level

2: System view

Parameters ascii: Specifies the code type for the remote ID sub-option as ascii. hex: Specifies the code type for the remote ID sub-option as hex.

Description

Use dhcp relay information remote-id format-type to configure the code type for the non-user-defined remote ID sub-option.

Use undo dhcp relay information remote-id format-type to restore the default.

By default, the code type for the remote ID sub-option is HEX.

This command applies only to configuring the non-user-defined remote ID sub-option. After you configure the padding content for the remote ID sub-option using the dhcp relay information remote-id string command, ASCII is adopted as the code type.

Related commands: display dhcp relay information.

Examples

# Configure the code type for the non-user-defined remote ID sub-option as ascii.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information remote-id format-type ascii

dhcp relay information remote-id string

Syntax dhcp relay information remote-id string { remote-id | sysname } undo dhcp relay information remote-id string

View

Interface view

63

Default level

2: System level

Parameters

remote-id: Padding content for the user-defined remote ID sub-option, a case-sensitive string of 1 to 63 characters. sysname: Specifies the device name as the padding content for the remote ID sub-option.

Description

Use dhcp relay information remote-id string to configure the padding content for the user-defined remote

ID sub-option.

Use undo dhcp relay information remote-id string to restore the default.

By default, the padding content for the remote ID sub-option depends on the padding format of Option

82.

After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.

If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp relay information remote-id string "Sysname" command.

Related commands: dhcp relay information format and display dhcp relay information.

Examples

# Configure the padding content for the remote ID sub-option as device001.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information remote-id string device001

dhcp relay information strategy

Syntax dhcp relay information strategy { drop | keep | replace } undo dhcp relay information strategy

View

Interface view

Default level

2: System level

Parameters drop: Specifies the dropping of messages containing Option 82. keep: Specifies the forwarding of messages containing Option 82 without any change. replace: Specifies the forwarding of messages containing Option 82 after replacing the original Option

82 with the Option 82 padded in the specified padding format.

64

Description

Use dhcp relay information strategy to configure DHCP relay agent handling strategy for messages containing Option 82.

Use undo dhcp relay information strategy to restore the default handling strategy.

The handling strategy for messages containing Option 82 defaults to replace.

Related commands: display dhcp relay information.

Examples

# Configure the DHCP relay agent handling strategy for messages containing Option 82 as keep.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay information enable

[Sysname-Vlan-interface1] dhcp relay information strategy keep

dhcp relay release ip

Syntax dhcp relay release ip client-ip

View

System view

Default level

2: System level

Parameters

client-ip: Specifies the DHCP client IP address.

Description

Use dhcp relay release ip to request the DHCP server to release a specific client IP address.

Examples

# Request the DHCP server to release the IP address 1.1.1.1.

<Sysname> system-view

[Sysname] dhcp relay release ip 1.1.1.1

dhcp relay security static

Syntax dhcp relay security static ip-address mac-address [ interface interface-type interface-number ] undo dhcp relay security { ip-address | all | dynamic | interface interface-type interface-number | static }

View

System view

Default level

2: System level

65

Parameters

ip-address: Specifies the client IP address for creating a static binding.

mac-address: Specifies the client MAC address for creating a static binding, in the format H-H-H. interface interface-type interface-number: Specifies a Layer 3 interface connecting to the DHCP client.

interface-type interface-number specifies the interface type and interface number. all: Specifies that all client entries are to be removed. dynamic: Specifies that dynamic client entries are to be removed. static: Specifies that manual client entries are to be removed.

Description

Use dhcp relay security static to configure a static client entry, which is the binding between IP address,

MAC address, and Layer 3 interface on the relay agent.

Use undo dhcp relay security to remove specified client entries from the relay agent.

No manual client entry is configured on the DHCP relay agent by default.

When using the dhcp relay security static command to bind an interface to a static client entry, make sure that the interface is configured as a DHCP relay agent. Otherwise, entry conflicts may occur.

The undo dhcp relay security interface command is used to remove all the dynamic client entries from the interface.

Related commands: display dhcp relay security.

Examples

# Bind DHCP relay interface VLAN-interface 2 to IP address 10.10.1.1 and MAC address

0005-5d02-f2b3 of the client.

<Sysname> system-view

[Sysname] dhcp relay security static 10.10.1.1 0005-5d02-f2b3 interface vlan-interface

2

dhcp relay security refresh enable

Syntax dhcp relay security refresh enable undo dhcp relay security refresh enable

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp relay security refresh enable to enable the DHCP relay agent to periodically refresh dynamic client entries.

66

Use undo dhcp relay security refresh enable to disable periodic refresh of dynamic client entries.

By default, the DHCP relay agent is enabled to periodically refresh dynamic client entries.

If you disable the DHCP relay agent from periodically refreshing dynamic client entries, such entries do not age automatically. Therefore, if a client relinquishes its IP address, you need to manually remove the corresponding dynamic client entry on the DHCP relay agent.

Related commands: dhcp relay security tracker and dhcp relay security static.

Examples

# Disable the DHCP relay agent from periodically refreshing dynamic client entries.

<Sysname> system-view

[Sysname] undo dhcp relay security refresh enable

dhcp relay security tracker

Syntax dhcp relay security tracker { interval | auto } undo dhcp relay security tracker [ interval ]

View

System view

Default level

2: System level

Parameters

interval: Specifies the refreshing interval in seconds, in the range of 1 to 120. auto: Specifies the auto refreshing interval, which is the value of 60 seconds divided by the number of binding entries. The more entries there are, the shorter the interval. The shortest interval is no less than

500 ms.

Description

Use dhcp relay security tracker to set a refreshing interval at which the relay agent contacts the DHCP server for refreshing dynamic bindings.

Use undo dhcp relay security tracker to restore the default interval.

The default refreshing interval is auto, the value of 60 seconds divided by the number of binding entries.

Related commands: display dhcp relay security tracker.

Examples

# Set the refreshing interval as 100 seconds.

<Sysname> system-view

[Sysname] dhcp relay security tracker 100

dhcp relay server-detect

Syntax dhcp relay server-detect undo dhcp relay server-detect

67

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp relay server-detect to enable unauthorized DHCP server detection.

Use undo dhcp relay server-detect to disable unauthorized DHCP server detection.

By default, unauthorized DHCP server detection is disabled.

With this function enabled, upon receiving a DHCP request, the DHCP relay agent will record from the request the IP addresses of all DHCP servers that ever offered IP addresses to the DHCP client and the receiving interface. Each server detected is recorded only once. The administrator can use this information from logs to check for unauthorized DHCP servers.

After information about recorded DHCP servers is cleared, the relay agent will re-record server information following this mechanism.

Examples

# Enable unauthorized DHCP server detection.

<Sysname> system-view

[Sysname] dhcp relay server-detect

dhcp relay server-group

Syntax dhcp relay server-group group-id ip ip-address undo dhcp relay server-group group-id [ ip ip-address ]

View

System view

Default level

2: System level

Parameters

group-id: Specifies a DHCP server group by its number, in the range of 0 to 19. ip ip-address: Specifies a DHCP server IP address.

Description

Use dhcp relay server-group to specify a DHCP server for a DHCP server group.

Use undo dhcp relay server-group to remove a DHCP server from a DHCP server group, if no ip

ip-address is specified, all servers in the DHCP server group and the server group itself will be removed.

By default, no DHCP server is specified for a DHCP server group.

68

The IP address of a DHCP server and the IP address of the DHCP relay agent’s interface that connects the DHCP client cannot be in the same network segment. Otherwise, the client may fail to obtain an IP address.

If a server group has been correlated to multiple interfaces, you need to cancel these correlations before removing the server group.

Related commands: display dhcp relay server-group.

Examples

# Specify DHCP server 1.1.1.1 for DHCP server group 1 on the relay agent.

<Sysname> system-view

[Sysname] dhcp relay server-group 1 ip 1.1.1.1

dhcp relay server-select

Syntax dhcp relay server-select group-id undo dhcp relay server-select

View

Interface view

Default level

2: System level

Parameters

group-id: Specifies a DHCP server group by its number to be correlated, in the range of 0 to 19.

Description

Use dhcp relay server-select to correlate specified interfaces to a specific DHCP server group.

Use undo dhcp relay server-select to remove a configured correlation.

By default, no DHCP server group is correlated with an interface on the relay agent.

A DHCP server group can correlate with one or multiple DHCP relay agent interfaces.

A relay agent interface can only correlate with one DHCP server group, and a newly configured correlation overwrites the previous one. If the server group in the new correlation does not exist, the new configuration will not work. The interface still maintains the previous correlation.

The DHCP server group referenced in this command should have been configured by using the dhcp relay server-group command.

Related commands: dhcp relay server-group and display dhcp relay.

Examples

# Correlate VLAN-interface 1 to DHCP server group 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp relay server-select 1

69

dhcp select relay

Syntax dhcp select relay undo dhcp select relay

View

Interface view

Default level

2: System level

Parameters

None

Description

Use dhcp select relay to enable the relay agent on the current interface. Upon receiving requests from an enabled interface, the relay agent will forward these requests to outside DHCP servers for IP address allocation.

Use undo dhcp select relay to restore the default.

After DHCP is enabled, the DHCP server is enabled on an interface by default. Upon receiving a client’s request from the interface, the DHCP server allocates an IP address from the DHCP address pool to the client.

When the operating mode of the interface is changed from DHCP server to DHCP relay agent, the IP address leases will not be deleted. To avoid this, delete the existing IP address leases when changing the interface operating mode to DHCP relay agent.

Examples

# Enable the DHCP relay agent on VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] dhcp select relay

display dhcp relay

Syntax display dhcp relay { all | interface interface-type interface-number } [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays information about DHCP server groups that all interfaces correspond to. interface interface-type interface-number: Displays information about the DHCP server group that a specific interface corresponds to.

70

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay to display information about DHCP server groups correlated to an interface or all interfaces.

Examples

# Display information about DHCP server groups correlated to all interfaces.

<Sysname> display dhcp relay all

Interface name Server-group

Vlan-interface1 2

Table 10 Command output

Field Description

Server-group DHCP server group number correlated to the interface

display dhcp relay information

Syntax display dhcp relay information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays Option 82 configuration information about all interfaces. interface interface-type interface-number: Displays Option 82 configuration information about a specific interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

71

Description

Use display dhcp relay information to display Option 82 configuration information on the DHCP relay agent.

Examples

# Display Option 82 configuration information about all interfaces.

<Sysname> display dhcp relay information all

Interface: Vlan-interface100

Status: Enable

Strategy: Replace

Format: Verbose

Circuit ID format-type: HEX

Remote ID format-type: ASCII

Node identifier: aabbcc

User defined:

Circuit ID: company001

Interface: Vlan-interface200

Status: Enable

Strategy: Keep

Format: Normal

Circuit ID format-type: HEX

Remote ID format-type: ASCII

User defined:

Remote ID: device001

Table 11 Command output

Field Description

Status

Strategy

Format

Circuit ID format-type

Remote ID format-type

Node identifier

User defined

Circuit ID

Remote ID

Option 82 state, which can be Enable or Disable.

Handling strategy for requesting messages containing Option 82, which can be Drop, Keep, or Replace.

Padding format of Option 82, which can be Normal or Verbose.

Non-user-defined code type of the circuit ID sub-option, which can be ASCII or

HEX.

Non-user-defined code type of the remote ID sub-option, which can be ASCII or HEX.

Access node identifier.

Content of user-defined sub-options.

User-defined padding content of the circuit ID sub-option.

User-defined padding content of the remote ID sub-option.

72

display dhcp relay security

Syntax display dhcp relay security [ ip-address | dynamic | static ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

ip-address: Displays binding information about an IP address. dynamic: Displays information about dynamic bindings. static: Displays information about static bindings.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay security to display information about bindings of DHCP relay agents. If no parameter is specified, this command displays information about all bindings.

You must enable address check, or IP source guard on the DHCP relay agent before it can generate dynamic client entries. For more information about IP source guard, see Security Configuration Guide.

Examples

# Display information about all bindings.

<Sysname> display dhcp relay security

IP Address MAC Address Type Interface

10.1.1.5 00e0-0000-0000 Static Vlan2

--- 1 dhcp-security item(s) found ---

Table 12 Command output

Field Description

IP Address Client IP address.

MAC Address

Type

Interface

Client MAC address.

Type of binding, dynamic, static, and temporary.

Layer 3 interface connecting to the DHCP client. If no interface is recorded in the binding entry, N/A is displayed.

73

display dhcp relay security statistics

Syntax display dhcp relay security statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay security statistics to display statistics about bindings of DHCP relay agents.

You must enable address check, or IP source guard on the DHCP relay agent before it can generate dynamic client entries. For more information about IP source guard, see Security Configuration Guide.

Examples

# Display statistics about bindings of DHCP relay agents.

<Sysname> display dhcp relay security statistics

Static Items :1

Dynamic Items :0

Temporary Items :0

All Items :1

Table 13 Command output

Field Description

Static Items Static binding items

Dynamic Items

Temporary Items

All Items

Dynamic binding items

Temporary binding items

All binding items

display dhcp relay security tracker

Syntax display dhcp relay security tracker [ | { begin | exclude | include } regular-expression ]

View

Any view

74

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay security tracker to display the interval for refreshing dynamic bindings on the relay agent.

Examples

# Display the interval for refreshing dynamic bindings on the relay agent.

<Sysname> display dhcp relay security tracker

Current tracker interval : 10s

The interval is 10 seconds.

display dhcp relay server-group

Syntax display dhcp relay server-group { group-id | all } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

group-id: Displays information about the specified DHCP server group numbered from 0 to 19. all: Displays information about all DHCP server groups.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay server-group to display configuration information about a specific DHCP server group or all DHCP server groups.

75

Examples

# Display IP addresses of DHCP servers in DHCP server group 1.

<Sysname> display dhcp relay server-group 1

No. Group IP

1 1.1.1.1

2 1.1.1.2

Table 14 Command output

Field Description

Group IP IP address in the server group

display dhcp relay statistics

Syntax display dhcp relay statistics [ server-group { group-id | all } ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

group-id: Specifies a server group by its number, in the range of 0 to 19, about display DHCP packet statistics is to be displayed. all: Specifies all server groups about which DHCP packet statistics is to be displayed. Information for each group is displayed independently.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp relay statistics to display DHCP packet statistics related to a specific DHCP server group or all DHCP server groups.

If no parameter (server-group and all) is specified, all DHCP packet statistics on the relay agent will be displayed.

Related commands: reset dhcp relay statistics.

Examples

# Display all DHCP packet statistics on the relay agent.

76

<Sysname> display dhcp relay statistics

Bad packets received: 0

DHCP packets received from clients: 0

DHCPDISCOVER packets received: 0

DHCPREQUEST packets received: 0

DHCPINFORM packets received: 0

DHCPRELEASE packets received: 0

DHCPDECLINE packets received: 0

BOOTPREQUEST packets received: 0

DHCP packets received from servers: 0

DHCPOFFER packets received: 0

DHCPACK packets received: 0

DHCPNAK packets received: 0

BOOTPREPLY packets received: 0

DHCP packets relayed to servers: 0

DHCPDISCOVER packets relayed: 0

DHCPREQUEST packets relayed: 0

DHCPINFORM packets relayed: 0

DHCPRELEASE packets relayed: 0

DHCPDECLINE packets relayed: 0

BOOTPREQUEST packets relayed: 0

DHCP packets relayed to clients: 0

DHCPOFFER packets relayed: 0

DHCPACK packets relayed: 0

DHCPNAK packets relayed: 0

BOOTPREPLY packets relayed: 0

DHCP packets sent to servers: 0

DHCPDISCOVER packets sent: 0

DHCPREQUEST packets sent: 0

DHCPINFORM packets sent: 0

DHCPRELEASE packets sent: 0

DHCPDECLINE packets sent: 0

BOOTPREQUEST packets sent: 0

DHCP packets sent to clients: 0

DHCPOFFER packets sent: 0

DHCPACK packets sent: 0

DHCPNAK packets sent: 0

BOOTPREPLY packets sent: 0

# Display DHCP packet statistics related to every server group on the relay agent.

<Sysname> display dhcp relay statistics server-group all

DHCP relay server-group #0

Packet type Packet number

Client -> Server:

DHCPDISCOVER 0

DHCPREQUEST 0

DHCPINFORM 0

DHCPRELEASE 0

DHCPDECLINE 0

77

BOOTPREQUEST 0

Server -> Client:

DHCPOFFER 0

DHCPACK 0

DHCPNAK 0

BOOTPREPLY 0

reset dhcp relay statistics

Syntax reset dhcp relay statistics [ server-group group-id ]

View

User view

Default level

1: Monitor level

Parameters server-group group-id: Specifies a server group by its number, in the range of 0 to 19, about which statistics is to be removed from the relay agent.

Description

Use reset dhcp relay statistics to remove statistics from the relay agent.

If no server-group is specified, all statistics will be removed from the relay agent.

Related commands: display dhcp relay statistics.

Examples

# Remove all statistics from the DHCP relay agent.

<Sysname> reset dhcp relay statistics

78

DHCP client configuration commands

The DHCP client configuration is supported only on Layer 3 Ethernet ports, VLAN interfaces, and Layer

3 aggregate interfaces.

When multiple VLAN interfaces having the same MAC address use DHCP for IP address acquisition via a relay agent, the DHCP server cannot be the Windows Server 2000 or Windows Server 2003.

You cannot configure an interface of an aggregation group as a DHCP client.

display dhcp client

Syntax display dhcp client [ verbose ] [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters verbose: Specifies verbose DHCP client information to be displayed. interface interface-type interface-number: Specifies an interface for which to display DHCP client information.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp client to display DHCP client information. If no interface interface-type

interface-number is specified, this command displays DHCP client information about all interfaces.

Examples

# Display DHCP client information about all interfaces.

<Sysname> display dhcp client

Vlan-interface1 DHCP client information:

Current machine state: BOUND

Allocated IP: 40.1.1.20 255.255.255.0

Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds

DHCP server: 40.1.1.2

# Display verbose DHCP client information.

79

<Sysname> display dhcp client verbose

Vlan-interface1 DHCP client information:

Current machine state: BOUND

Allocated IP: 40.1.1.20 255.255.255.0

Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds

Lease from 2005.08.13 15:37:59 to 2005.08.16 15:37:59

DHCP server: 40.1.1.2

Transaction ID: 0x1c09322d

Default router: 40.1.1.2

Classless static route:

Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16

Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16

DNS server: 44.1.1.11

DNS server: 44.1.1.12

Domain name: ddd.com

Boot server: 200.200.200.200 1.1.1.1

Client ID: 3030-3066-2e65-3234-

392e-3830-3438-2d56-

6c61-6e2d-696e-7465-

7266-6163-6531

T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.

Table 15 Command output

Field Description

Vlan-interface1 DHCP client information

Information about the interface acting as the DHCP client.

Current machine state

Current state of the DHCP client:

HALT—Indicates that the client stops applying for an IP address.

INIT—Indicates the initialization state.

SELECTING—Indicates that the client has sent out a DHCP-DISCOVER message in search of a DHCP server and is waiting for the response from

DHCP servers.

REQUESTING—Indicates that the client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from

DHCP servers.

BOUND—Indicates that the client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully.

RENEWING—Indicates that the T1 timer expires.

REBOUNDING—Indicates that the T2 timer expires.

The IP address allocated by the DHCP server. Allocated IP

Allocated lease

T1

T2

Lease from….to….

DHCP server

The allocated lease time.

The 1/2 lease time (in seconds) of the DHCP client IP address.

The 7/8 lease time (in seconds) of the DHCP client IP address.

The start and end time of the lease.

DHCP server IP address that assigned the IP address.

80

Field Description

Transaction ID

Default router

Classless static route

Static route

DNS server

Domain name

Boot server

Client ID

T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.

Transaction ID, a random number chosen by the client to identify an IP address allocation.

The gateway address assigned to the client.

Classless static routes assigned to the client.

Classful static routes assigned to the client.

The DNS server address assigned to the client.

The domain name suffix assigned to the client.

PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43.

Client ID.

How long until the T1 (1/2 lease time) timer times out.

dhcp client dscp

Syntax dhcp client dscp dscp-value undo dhcp client dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in DHCP packets, in the range of 0 to 63.

Description

Use dhcp client dscp to set the DSCP value for DHCP packets sent by the DHCP client.

Use undo dhcp client dscp to restore the default.

By default, the DSCP value in DHCP packets sent by the DHCP client is 56.

Examples

# Set the DSCP value to 30 for DHCP packets.

<Sysname> system-view

[Sysname] dhcp client dscp 30

ip address dhcp-alloc

Syntax ip address dhcp-alloc [ client-identifier mac interface-type interface-number ] undo ip address dhcp-alloc

81

View

Interface view

Default level

2: System level

Parameters client-identifier mac interface-type interface-number: Enables an interface to use its MAC address as the client ID to obtain an IP address.

Description

Use ip address dhcp-alloc to configure an interface to use DHCP for IP address acquisition.

Use undo ip address dhcp-alloc to cancel an interface from using DHCP.

By default, an interface does not use DHCP for IP address acquisition.

If no parameter is specified, the client uses a character string that comprises the current interface name and MAC address as its ID for address acquisition.

The DHCP client sends a DHCP-RELEASE message for releasing the IP address obtained through DHCP.

Examples

# Configure VLAN-interface 1 to use DHCP for IP address acquisition.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip address dhcp-alloc

82

DHCP snooping configuration commands

A DHCP snooping enabled device does not work if it is between the DHCP relay agent and DHCP server.

It can work when it is between the DHCP client and relay agent or between the DHCP client and server.

dhcp-snooping

Syntax dhcp-snooping undo dhcp-snooping

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp-snooping to enable DHCP snooping.

Use undo dhcp-snooping to disable DHCP snooping.

With DHCP snooping disabled, all ports can forward responses from any DHCP servers and does not record binding information about MAC addresses of DHCP clients and the obtained IP addresses.

By default, DHCP snooping is disabled.

Related commands: display dhcp-snooping.

Examples

# Enable DHCP snooping.

<Sysname> system-view

[Sysname] dhcp-snooping

dhcp-snooping binding database filename

Syntax dhcp-snooping binding database filename filename undo dhcp-snooping binding database filename

View

System view

Default level

2: System level

83

Parameters

filename: File name. For how to define the file name, see Fundamentals Configuration Guide.

Description

Use dhcp-snooping binding database filename to specify the name of the file for storing DHCP snooping entries.

Use undo dhcp-snooping binding database filename to restore the default.

By default, no file name is specified.

If no file with the specified name is found, the device will automatically create the file upon storing a

DHCP snooping binding.

DHCP snooping entries are stored immediately after this command is used, and then updated at the interval set by the dhcp-snooping binding database update interval command.

Related commands: dhcp-snooping binding database update interval.

Examples

# Specify the name of the file for storing DHCP snooping entries as database.dhcp.

<Sysname> system-view

[Sysname] dhcp-snooping binding database filename database.dhcp

dhcp-snooping binding database update interval

Syntax dhcp-snooping binding database update interval minutes undo dhcp-snooping binding database update interval

View

System view

Default level

2: System level

Parameters

minutes: Specifies the refresh interval in minutes, in the range of 1 to 14400.

Description

Use dhcp-snooping binding database update interval to set the interval at which the DHCP snooping entry file is refreshed.

Use undo dhcp-snooping binding database update interval to restore the default.

By default, the DHCP snooping entry file is not refreshed periodically.

With this command configured, DHCP snooping will check bindings periodically. If a binding is added or removed during an interval, DHCP snooping will add or remove this binding to or from the file at the end of this interval. If no change occurs within the interval, DHCP snooping will not refresh the file.

This command takes effect only when the DHCP snooping entry file is specified.

Related commands: dhcp-snooping binding database filename.

Examples

# Configure the DHCP snooping entry file to be refreshed every 10 minutes.

84

<Sysname> system-view

[Sysname] dhcp-snoooping binding database update interval 10

dhcp-snooping binding database update now

Syntax dhcp-snooping binding database update now

View

System view

Default level

2: System level

Parameters

None

Description

Use dhcp-snooping binding database update now to store DHCP snooping entries to the file.

DHCP snooping entries will be stored to the file each time this command is used.

This command takes effect only when the DHCP snooping entry file is specified.

Related commands: dhcp-snooping binding database filename.

Examples

# Store DHCP snooping entries to the file.

<Sysname> system-view

[Sysname] dhcp-snooping binding database update now

dhcp-snooping check mac-address

Syntax dhcp-snooping check mac-address undo dhcp-snooping check mac-address

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use dhcp-snooping check mac-address to enable MAC address check on a DHCP snooping device.

Use undo dhcp-snooping check mac-address to disable MAC address check of DHCP snooping.

By default, this function is disabled.

85

With this function enabled, the DHCP snooping device compares the chaddr field of a received DHCP request with the source MAC address field in the frame. If they are the same, the DHCP snooping device decides this request valid and forwards it to the DHCP server. If not, the DHCP request is discarded.

Examples

# Enable MAC address check of DHCP snooping.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping check mac-address

dhcp-snooping check request-message

Syntax dhcp-snooping check request-message undo dhcp-snooping check request-message

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use dhcp-snooping check request-message to enable DHCP-REQUEST message check of DHCP snooping.

Use undo dhcp-snooping check request-message to disable DHCP-REQUEST message check of the

DHCP snooping.

By default, this function is disabled.

With this function enabled, upon receiving a DHCP-REQUEST message, a DHCP snooping device searches local DHCP snooping entries for the corresponding entry of the message. If an entry is found, the DHCP snooping device compares the entry with the message information. If they are consistent, the

DHCP-REQUEST message is considered as valid lease renewal request and forwarded to the DHCP server. If they are not consistent, the messages is considered as forged lease renewal request and discarded. If no corresponding entry is found locally, the message is considered valid and forwarded to the DHCP server.

Examples

# Enable DHCP-REQUEST message check of DHCP snooping.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping check request-message

dhcp-snooping information circuit-id format-type

Syntax dhcp-snooping information circuit-id format-type { ascii | hex }

86

undo dhcp-snooping information circuit-id format-type

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters ascii: Specifies the code type for the circuit ID sub-option as ascii. hex: Specifies the code type for the circuit ID sub-option as hex.

Description

Use dhcp-snooping information circuit-id format-type to configure the code type for the non-user-defined circuit ID sub-option.

Use undo dhcp-snooping information circuit-id format-type to restore the default.

By default, the code type for the circuit ID sub-option depends on the padding format of Option 82. Each field has its own code type.

This command applies to configuring the non-user-defined circuit ID sub-option only. After you configure the padding content for the circuit ID sub-option using the dhcp-snooping information circuit-id string command, ASCII is adopted as the code type. The private padding format supports only the hex code type.

Related commands: display dhcp-snooping information and dhcp-snooping information format.

Examples

# Configure the padding format for the non-user-defined circuit ID sub-option as ascii.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information circuit-id format-type ascii

dhcp-snooping information circuit-id string

Syntax dhcp-snooping information [ vlan vlan-id ] circuit-id string circuit-id undo dhcp-snooping information [ vlan vlan-id ] circuit-id string

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.

circuit-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 3 to 63 characters.

87

Description

Use dhcp-snooping information circuit-id string to configure the padding content for the user-defined circuit ID sub-option.

Use undo dhcp-snooping information circuit-id string to restore the default.

By default, the padding content for the circuit ID sub-option depends on the padding format of Option

82.

After you configure the padding content for the circuit ID sub-option using this command, ASCII is adopted as the code type.

If a VLAN is specified, the configured circuit ID sub-option only takes effect within the VLAN. If no

VLAN is specified, the configured circuit ID sub-option takes effect in all VLANs. The former case has a higher priority. The circuit ID sub-option specified for a VLAN will be padded for packets within the VLAN.

Related commands: dhcp-snooping information format and display dhcp-snooping information.

Examples

# Configure the padding content for the user-defined circuit ID sub-option as company001.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information circuit-id string company001

dhcp-snooping information enable

Syntax dhcp-snooping information enable undo dhcp-snooping information enable

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use dhcp-snooping information enable to configure DHCP snooping to support Option 82.

Use undo dhcp-snooping information enable to disable this function.

By default, DHCP snooping does not support Option 82.

Related commands: display dhcp-snooping information.

Examples

# Configure DHCP snooping to support Option 82.

<Sysname> system-view

[Sysname] interface Ethernet1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information enable

88

dhcp-snooping information format

Syntax dhcp-snooping information format { normal | private private | standard | verbose [ node-identifier

{ mac | sysname | user-defined node-identifier } ] } undo dhcp-snooping information format

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters normal: Specifies the normal padding format. private private: Specifies the private padding format. The private value must be 1. standard: Specifies the standard padding format. verbose: Specifies the verbose padding format. node-identifier { mac | sysname | user-defined node-identifier }: Specifies access node identifier. By default, the node MAC address is used as the node identifier.

mac indicates using MAC address as the node identifier.

sysname indicates using the device name of a node as the node identifier.

user-defined node-identifier indicates using a specific character string as the node identifier, in which node-identifier is a string of 1 to 50 characters.

Description

Use dhcp-snooping information format to specify the padding format for Option 82.

Use undo dhcp-snooping information format to restore the default.

By default, the padding format for Option 82 is normal.

When you use the undo dhcp-snooping information format command:

If the verbose node-identifier argument is not specified, the padding format will be restored to normal.

If the verbose node-identifier argument is specified, the padding format will be restored to verbose with MAC address as the node identifier.

Related commands: display dhcp-snooping information.

Examples

# Specify the padding format as verbose for Option 82.

<Sysname> system-view

[Sysname] interface Ethernet1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information enable

[Sysname-Ethernet1/0/1] dhcp-snooping information strategy replace

[Sysname-Ethernet1/0/1] dhcp-snooping information format verbose

89

dhcp-snooping information remote-id format-type

Syntax dhcp-snooping information remote-id format-type { ascii | hex } undo dhcp-snooping information remote-id format-type

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters ascii: Specifies the code type for the remote ID sub-option as ascii. hex: Specifies the code type for the remote ID sub-option as hex.

Description

Use dhcp-snooping information remote-id format-type to configure the code type for the non-user-defined remote ID sub-option.

Use undo dhcp-snooping information remote-id format-type to restore the default.

By default, the code type for the remote ID sub-option is HEX.

This command applies to configuring a non-user-defined remote ID sub-option only. After you configure the padding content for the remote ID sub-option using the dhcp-snooping information remote-id string command, ASCII is adopted as the code type. The private padding format only supports the hex code type.

Related commands: display dhcp-snooping information and dhcp-snooping information format.

Examples

# Configure the code type for the non-user-defined remote ID sub-option as ascii.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information remote-id format-type ascii

dhcp-snooping information remote-id string

Syntax dhcp-snooping information [ vlan vlan-id ] remote-id string { remote-id | sysname } undo dhcp-snooping information [ vlan vlan-id ] remote-id string

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters vlan vlan-id: Specifies a VLAN ID, in the range of 1 to 4094.

90

remote-id: Padding content for the user-defined circuit ID sub-option, a case-sensitive string of 1 to 63 characters. sysname: Specifies the device name as the padding content for the remote ID sub-option.

Description

Use dhcp-snooping information remote-id string to configure the padding content for the user-defined remote ID sub-option.

Use undo dhcp-snooping information remote-id string to restore the default.

By default, the padding content for the remote ID sub-option depends on the padding format of Option

82.

After you configure the padding content for the remote ID sub-option using this command, ASCII is adopted as the code type.

If a VLAN is specified, the configured remote ID sub-option only takes effect within the VLAN. If no

VLAN is specified, the configured remote ID sub-option takes effect in all VLANs. The former case has a higher priority. The remote ID sub-option configured for a VLAN will be padded for the packets within the VLAN.

If you want to specify the character string sysname (a case-insensitive character string) as the padding content for the remote ID sub-option, you need to use quotation marks to make it take effect. For example, if you want to specify Sysname as the padding content for the remote ID sub-option, you need to enter the dhcp-snooping information remote-id string "Sysname" command.

Related commands: dhcp-snooping information format and display dhcp-snooping information.

Examples

# Configure the padding content for the remote ID sub-option as device001.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information remote-id string device001

dhcp-snooping information strategy

Syntax dhcp-snooping information strategy { append |drop | keep | replace } undo dhcp-snooping information strategy

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters append: Forwards the message containing Option 82 after adding content to the sub-option 9 of option

82. The append strategy is supported only when the private padding format and sub-option 9 are configured. In other cases, the device forwards the message without changing Option 82. drop: Drops the message containing Option 82. keep: Forwards the message containing Option 82 without changing Option 82.

91

replace: Forwards the message containing Option 82 after replacing the original Option 82 with the one padded in specified format.

Description

Use dhcp-snooping information strategy to configure the handling strategy for Option 82 in requesting messages.

Use undo dhcp-snooping information strategy to restore the default.

By default, the handling strategy for Option 82 in requesting messages is replace.

Related commands: display dhcp-snooping information, dhcp-snooping information format and dhcp-snooping information sub-option.

Examples

# Configure the handling strategy for Option 82 in requesting messages as keep.

<Sysname> system-view

[Sysname] interface Ethernet1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information enable

[Sysname-Ethernet1/0/1] dhcp-snooping information strategy keep

dhcp-snooping information sub-option

Syntax dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code [ string user-string&<1-8> ] undo dhcp-snooping information [ vlan vlan-id ] sub-option sub-option-code

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters vlan vlan-id: Specifies the ID of a VLAN, in the range of 1 to 4094. sub-option sub-option-code: Specifies the number of the sub-option. Currently, only sub-option 9 is supported. string user-string&<1-8>: Configures the content of the sub-option, a case-sensitive string of 1 to 63 characters. &<1-8> represents that you can enter a maximum of 8 strings separated by spaces.

Description

Use dhcp-snooping information sub-option to configure a sub-option.

Use undo dhcp-snooping information sub-option to restore the default.

By default, no sub-option is configured.

This configuration applies to the private padding format only. To configure the private padding format, use the dhcp-snooping information format private 1 command.

If no content is configured for sub-option 9 with the string user-string option, the primary device uses sysname and the primary address of the Loopback0 interface to pad sub-option 9 and the secondary device uses sysname to pad sub-option 9. The device configured with the dhcp-snooping information

92

strategy append command is the primary device and a device configured with some other strategy is a secondary device.

After you use the string user-string option to configure sub-option 9, the device uses the ASCII code type to pad the characters into sub-option 9 in the order that they are configured. When the total length of all sub-options reaches 255, the device stops padding automatically.

The sub-option 9 content configured only applies to the VLAN that is specified by the vlan vlan-id option.

If no VLAN ID is specified, the sub-option 9 content applies to all VLANs. A VLAN prefers its own sub-option 9 content over the one configured for all VLANs.

Related commands: dhcp-snooping information format, dhcp-snooping information strategy, and display dhcp-snooping information.

Examples

# Configure the user-defined sub-option 9 as group001.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping information sub-option 9 string group001

dhcp-snooping trust

Syntax dhcp-snooping trust [ no-user-binding ] undo dhcp-snooping trust

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters no-user-binding: Specifies the port not to record the clients’ IP-to-MAC bindings in DHCP requests it receives. The command without this keyword records the IP-to-MAC bindings of clients.

Description

Use dhcp-snooping trust to configure a port as a trusted port.

Use undo dhcp-snooping trust to restore the default state of a port.

All ports are untrusted by default.

After enabling DHCP snooping, you need to specify the ports connected to the valid DHCP servers as trusted to make sure that DHCP clients can obtain valid IP addresses.

Related commands: display dhcp-snooping trust.

Examples

# Specify Ethernet 1/0/1 as a trusted port and enable it to record the IP-to-MAC bindings of clients.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] dhcp-snooping trust

93

display dhcp-snooping

Syntax display dhcp-snooping [ ip ip-address ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters ip ip-address: Displays the DHCP snooping entries corresponding to the specified IP address.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp-snooping to display DHCP snooping entries.

Only the DHCP snooping entries containing IP-to-MAC bindings that are present both in the DHCP-ACK and DHCP-REQUEST messages are displayed by using the display dhcp-snooping command.

Related commands: dhcp-snooping and reset dhcp-snooping.

Examples

# Display all DHCP snooping entries.

<Sysname> display dhcp-snooping

DHCP Snooping is enabled.

The client binding table for all untrusted ports.

Type : D--Dynamic , S--Static , R--Recovering

Type IP Address MAC Address Lease VLAN SVLAN Interface

==== =============== ============== ============ ==== ===== =================

D 10.1.1.1 00e0-fc00-0006 286 1 2 Ethernet1/0/1

--- 1 dhcp-snooping item(s) found ---

Table 16 Command output

Field Description

Type

IP Address

Entry type:

D—Dynamic.

S—Static. Static DHCP snooping entries are not supported.

R—The DHCP snooping entry is being restored through the DHCP snooping entry file, and the interface in the entry is invalid.

IP address assigned to the DHCP client.

MAC Address MAC address of the DHCP client.

94

Field Description

Lease

VLAN

SVLAN

Interface

Lease period left in seconds.

Outer VLAN tag when DHCP snooping and QinQ are both enabled or the

DHCP snooping device receives a packet with two VLAN tags, or VLAN where the port connecting the DHCP client resides.

Inner VLAN tag when DHCP snooping and QinQ are both enabled or the

DHCP snooping device receives a packet with two VLAN tags, or N/A.

Port to which the DHCP client is connected.

display dhcp-snooping binding database

Syntax display dhcp-snooping binding database [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp-snooping binding database to display the DHCP snooping entry file information.

Examples

# Display the DHCP snooping entry file information.

<Sysname> display dhcp-snooping binding database

File name

Update interval

Latest read time

Latest write time

Status

Table 17 Command output

: flash:/database.dhcp

: 10 minutes

: Jul 15 2008 16:38:22

: Jul 15 2008 16:38:24

: Last write succeeded.

Field Description

File name File name.

Update interval

Latest read time

Interval at which the DHCP snooping entry file is refreshed.

Last time when the file is read.

95

Field Description

Latest write time

Status

Last time when the file is written.

Indicates whether the file was written successfully last time.

display dhcp-snooping information

Syntax display dhcp-snooping information { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays Option 82 configuration information about all Layer 2 Ethernet ports. interface interface-type interface-number: Displays Option 82 configuration information about a specific interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp-snooping information to display Option 82 configuration information on the DHCP snooping device.

Examples

# Display Option 82 configuration information about all interfaces.

<Sysname> display dhcp-snooping information all

Interface: Ethernet 1/0/1

Status: Enable

Strategy: Replace

Format: Verbose

Circuit ID format-type: HEX

Remote ID format-type: ASCII

Node identifier: aabbcc

Sub-option 9: Enabled

User defined:

Circuit ID: company001

Sub-option 9 content: group1

Interface: Ethernet 1/0/2

96

Status: Disable

Strategy: Keep

Format: Normal

Circuit ID format-type: HEX

Remote ID format-type: ASCII

User defined:

Circuit ID: company001

Remote ID: device001

VLAN 10:

Circuit ID: vlan10@company001

Sub-option 9: Enable

Sub-option 9 content: group1

VLAN 20:

Remote ID: device001

Sub-option 9: Enabled

display dhcp-snooping packet statistics

Syntax display dhcp-snooping packet statistics [ slot slot-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters slot slot-number: Displays the DHCP packet statistics of a specific IRF member switch. The slot-number argument specifies the ID of the IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters

Description

Use display dhcp-snooping packet statistics to display DHCP packet statistics on the DHCP snooping device.

Related commands: reset dhcp-snooping packet statistics.

Examples

# Display DHCP packet statistics on the DHCP snooping device.

<Sysname> display dhcp-snooping packet statistics

97

DHCP packets received : 100

DHCP packets sent : 200

Packets dropped due to rate limitation : 20

Dropped invalid packets : 0

display dhcp-snooping trust

Syntax display dhcp-snooping trust [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dhcp-snooping trust to display information about trusted ports.

Related commands: dhcp-snooping trust.

Examples

# Display information about trusted ports.

<Sysname> display dhcp-snooping trust

DHCP Snooping is enabled.

DHCP Snooping trust becomes active.

Interface Trusted

========================= ============

Ethernet1/0/1 Trusted

The above output shows that DHCP snooping is enabled, DHCP snooping trust is active, and port

Ethernet 1/0/1 is trusted.

reset dhcp-snooping

Syntax reset dhcp-snooping { all | ip ip-address }

View

User view

98

Default level

2: System level

Parameters all: Clears all DHCP snooping entries. ip ip-address: Clears the DHCP snooping entries of the specified IP address.

Description

Use reset dhcp-snooping to clear DHCP snooping entries.

Related commands: display dhcp-snooping.

Examples

# Clear all DHCP snooping entries.

<Sysname> reset dhcp-snooping all

reset dhcp-snooping packet statistics

Syntax reset dhcp-snooping packet statistics [ slot slot-number ]

View

User view

Default level

1: Monitor level

Parameters slot slot-number: Clears the DHCP packet statistics on a specific IRF member switch. The slot-number argument specifies the ID of the IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

Description

Use reset dhcp-snooping packet statistics to clear DHCP packet statistics on the DHCP snooping device.

Related commands: display dhcp-snooping packet statistics.

Examples

# Clear DHCP packet statistics on the DHCP snooping device.

<Sysname> reset dhcp-snooping packet statistics

99

BOOTP client configuration commands

BOOTP client configuration can only be used on Layer 3 Ethernet ports, Layer 3 aggregate interfaces, and VLAN interfaces.

If several VLAN interfaces sharing the same MAC address obtain IP addresses through a BOOTP relay agent, the BOOTP server cannot be a Windows Server 2000 or Windows Server 2003.

You cannot configure an interface of an aggregation group as a BOOTP client.

display bootp client

Syntax display bootp client [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters interface interface-type interface-number: Displays BOOTP client information about the interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display bootp client to display related information about a BOOTP client.

If interface interface-type interface-number is not specified, the command displays information about BOOTP clients on all interfaces.

If interface interface-type interface-number is specified, the command displays information about the BOOTP client on the specified interface.

Examples

# Display related information about the BOOTP client on VLAN-interface 1.

<Sysname> display bootp client interface vlan-interface 1

Vlan-interface1 BOOTP client information:

Allocated IP: 169.254.0.2 255.255.0.0

Transaction ID = 0x3d8a7431

Mac Address 00e0-fc0a-c3ef

100

Table 18 Command output

Field

Vlan-interface1 BOOTP client information

Allocated IP

Transaction ID

Mac Address

Description

Information about the interface serving as a BOOTP client.

IP address assigned to the BOOTP client.

Value of the XID field in a BOOTP message, which is a random number chosen when the BOOTP client sends a BOOTP request to the BOOTP server. It is used to match a response message from the BOOTP server. If the values of the XID field are different in the BOOTP response and request, the BOOTP client will drop the BOOTP response.

MAC address of a BOOTP client.

ip address bootp-alloc

Syntax ip address bootp-alloc undo ip address bootp-alloc

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ip address bootp-alloc to enable an interface to obtain an IP address through BOOTP.

Use undo ip address bootp-alloc to disable the interface from obtaining an IP address through BOOTP.

By default, an interface does not obtain an IP address through BOOTP.

Related commands: display bootp client.

Examples

# Configure VLAN-interface 1 to obtain IP address through the BOOTP protocol.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip address bootp-alloc

101

IPv4 DNS configuration commands

The term "interface" in this chapter refers to Layer 3 interfaces, including VLAN interfaces and route-mode (or Layer 3) Ethernet ports. You can set an Ethernet port to operate in route mode by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

display dns domain

Syntax display dns domain [ dynamic ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters dynamic: Displays the domain name suffixes dynamically obtained through DHCP or other protocols.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dns domain to display the domain name suffixes.

Related commands: dns domain.

Examples

# Display domain name suffixes.

<Sysname> display dns domain

Type:

D:Dynamic S:Static

No. Type Domain-name

1 S com

Table 19 Command output

Field Description

102

Field Description

Type

Domain-name

Type of domain name suffix:

S—A statically configured domain name suffix.

D—A domain name suffix obtained dynamically through DHCP.

Domain name suffix.

display dns host

Syntax display dns host [ ip | ipv6 | naptr | srv ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters ip: Displays dynamic cache information about type A queries. A type A query resolves a domain name to the mapped IPv4 address. ipv6: Displays dynamic cache information about type AAAA queries. A type AAAA query resolves a domain name to the mapped IPv6 address. naptr: Displays dynamic cache information about NAPTR queries. A NAPTR query offers the replacement rule of a character string to convert the character string to a domain name. srv: Displays dynamic cache information about SRV queries. An SRV query offers the domain name of a certain service site.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dns host to display dynamic DNS cache information.

Without any keyword, this command displays dynamic DNS cache information about all query types.

Related commands: reset dns host.

Examples

# Display dynamic DNS cache information about all query types.

<Sysname> display dns host

No. Host TTL Type Reply Data

1 sample.com 3132 IP 192.168.10.1

2 sample.net 2925 IPv6 FE80::4904:4448

3 sip.sample.com 3122 NAPTR 100 10 u sip+E2U !^.*$!sip:info.se!i

103

4 website.tcp.sample.com 3029 SRV 10 10 8080 iis.sample.com

Table 20 Command output

Field Description

Host

TTL

Domain name for query.

Time that a mapping can be stored in the cache, in seconds.

Reply Data

Reply data concerning the query type:

For an IP query, the reply data is an IPv4 address.

For an IPv6 query, the reply data is an IPv6 address.

For a NAPTR query, the reply data comprises order, preference, flags, services, regular expression, and replacement.

For an SRV query, the reply data comprises the priority, weight, port, and target domain name.

display dns server

Syntax display dns server [ dynamic ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters dynamic: Displays the DNS server information dynamically obtained through DHCP or other protocols

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dns server to display the IPv4 DNS server information.

Related commands: dns server.

Examples

# Display the IPv4 DNS server information.

<Sysname> display dns server

Type:

D:Dynamic S:Static

104

DNS Server Type IP Address

1 S 169.254.65.125

Table 21 Command output

Field Description

DNS Server

Sequence number of the DNS server, configured automatically by the device, starting from 1.

Type

IP Address

Type of domain name server:

S—A statically configured DNS server.

D—A DNS server obtained dynamically through DHCP.

IPv4 address of the DNS server.

display ip host

Syntax display ip host [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ip host to display the host names and corresponding IPv4 addresses in the static domain name resolution table.

Examples

# Display the host names and corresponding IPv4 addresses in the static domain name resolution table.

<Sysname> display ip host

Table 22 Command output

Field Description

105

Field Description

Age

Flags

Address

Time to live. 0 means that the static mapping will never age out.

You can only manually remove the static mappings between host names and IPv4 addresses.

Mapping type.

Static represents static IPv4 domain name resolution.

Host IPv4 address.

dns domain

Syntax dns domain domain-name undo dns domain [ domain-name ]

View

System view

Default level

2: System level

Parameters

domain-name: Domain name suffix, consisting of character strings separated by a dot (for example, aabbcc.com). Each separated string contains no more than 63 characters. A domain name suffix may include case-insensitive letters, digits, hyphens (-), underscores (_), and dots (.), with a total length of 238 characters.

Description

Use dns domain to configure a domain name suffix. The system can automatically add the suffix to part of the domain name you entered for resolution.

Use undo dns domain to delete a domain name suffix (with a domain name suffix specified) or all domain name suffixes (with no domain name suffix specified).

No domain name suffix is configured by default. Only the provided domain name is resolved.

The domain name suffix configured with the dns domain command is applicable to both IPv4 DNS and

IPv6 DNS.

You can configure a maximum of 10 domain name suffixes.

Related commands: display dns domain.

Examples

# Configure com as a DNS suffix.

<Sysname> system-view

[Sysname] dns domain com

dns dscp

Syntax dns dscp dscp-value

106

undo dns dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in DNS packets, in the range of 0 to 63.

Description

Use dns dscp to set the DSCP value for DNS packets.

Use undo dns dscp to restore the default.

By default, the DSCP value in DNS packets is 0.

Examples

# Set the DSCP value to 30 for DNS packets.

<Sysname> system-view

[Sysname] dns dscp 30

dns proxy enable

Syntax dns proxy enable undo dns proxy enable

View

System view

Default level

2: System level

Parameters

None

Description

Use dns proxy enable to enable DNS proxy.

Use undo dns proxy enable to disable DNS proxy.

By default, DNS proxy is disabled.

Examples

# Enable DNS proxy.

<Sysname> system-view

[Sysname] dns proxy enable

dns resolve

Syntax dns resolve

107

undo dns resolve

View

System view

Default level

2: System level

Parameters

None

Description

Use dns resolve to enable dynamic domain name resolution.

Use undo dns resolve to disable dynamic domain name resolution.

Dynamic domain name resolution is disabled by default.

This command is applicable to both IPv4 DNS and IPv6 DNS.

Examples

# Enable dynamic domain name resolution.

<Sysname> system-view

[Sysname] dns resolve

dns server

Syntax

In system view: dns server ip-address undo dns server [ ip-address ]

In interface view: dns server ip-address undo dns server ip-address

View

System view, interface view

Default level

2: System level

Parameters

ip-address: Specifies the IPv4 address of the DNS server.

Description

Use dns server to specify a DNS server.

Use undo dns server to remove DNS servers.

No DNS server is specified by default.

You can configure up to six DNS servers, including those with IPv6 addresses, in system view, and up to six DNS servers on all interfaces of a device.

108

A DNS server configured in system view has a higher priority than one configured in interface view.

A DNS server configured earlier has a higher priority than one configured later in the same view.

A DNS server manually configured has a higher priority than one dynamically obtained through

DHCP.

Running the undo dns server command in system view will delete all DNS servers configured in system view and interface view. Running the undo dns server ip-address command in system view or interface view will delete the specific DNS server in system view or interface view.

Related commands: display dns server.

Examples

# Specify the DNS server 172.16.1.1 in system view.

<Sysname> system-view

[Sysname] dns server 172.16.1.1

dns source-interface

Syntax dns source-interface interface-type interface-number undo dns source-interface

View

System view

Default level

2: System level

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Description

Use dns source-interface to specify the source interface for DNS packets.

Use undo dns source-interface to restore the default.

By default, no source interface for DNS packets is specified. The device uses the primary IP address of the output interface of the matching route as the source IP address of a DNS request.

The device uses the primary IP address of the specified source interface as the source IP address of a

DNS request, which however is still forwarded through the output interface of the matching route.

Examples

# Specify VLAN-interface 2 as the source interface of DNS requests.

<Sysname> system-view

[Sysname] dns source-interface vlan-interface2

dns spoofing

Syntax dns spoofing ip-address undo dns spoofing

109

View

System view

Default level

2: System level

Parameters

ip-address: Specifies the IP address used to spoof name query requests.

Description

Use dns spoofing to enable DNS spoofing.

Use undo dns spoofing to disable DNS spoofing.

By default, DNS spoofing is disabled.

With DNS proxy enabled but no DNS server specified or no DNS server reachable, a device cannot forward a DNS request, or answer the request. In this case, you can enable DNS spoofing on the device to spoof a reply with the configured IP address. Once a DNS server is reachable, the device will send

DNS requests to the server and return replies to the requesting DNS clients.

If you repeatedly execute the dns spoofing command with different IP addresses specified, the latest configuration will overwrite the previous one.

Examples

# Enable DNS spoofing and specify the IP address as 1.1.1.1.

<Sysname> system-view

[Sysname] dns spoofing 1.1.1.1

ip host

Syntax ip host hostname ip-address undo ip host hostname [ ip-address ]

View

System view

Default level

2: System level

Parameters

hostname: Specifies the host name, consisting of 1 to 255 characters, including case-insensitive letters, numbers, hyphens (-), underscores (_), or dots (.). The host name must include at least one letter.

ip-address: Specifies the IPv4 address of the specified host in dotted decimal notation.

Description

Use ip host to create a host name to IPv4 address mapping in the static resolution table.

Use undo ip host to remove a mapping.

No mappings are created by default.

Each host name can correspond to only one IPv4 address. The IPv4 address you last assign to the host name will overwrite the previous one if there is any.

110

Related commands: display ip host.

Examples

# Map the IP address 10.110.0.1 to the host name aaa.

<Sysname> system-view

[Sysname] ip host aaa 10.110.0.1

reset dns host

Syntax reset dns host [ ip | ipv6 | naptr | srv ]

View

User view

Default level

2: System level

Parameters ip: Clears dynamic cache information about type A queries. A type A query resolves a domain name to the mapped IPv4 address. ipv6: Clears dynamic cache information about type AAAA queries. A type AAAA query resolves a domain name to the mapped IPv6 address. naptr: Clears dynamic cache information about NAPTR queries. A NAPTR query offers the replacement rule of a character string to convert the character string to a domain name. srv: Clears dynamic cache information about SRV queries. An SRV query offers the domain name of a certain service site.

Description

Use reset dns host to clear information about the dynamic DNS cache.

Without any keyword, this command clears dynamic DNS cache information about all query types.

Related commands: display dns host.

Examples

# Clear dynamic DNS cache information about all query types.

<Sysname> reset dns host

111

IRDP configuration commands

ip irdp

Syntax ip irdp undo ip irdp

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ip irdp to enable IRDP on an interface.

Use undo ip irdp to disable IRDP on an interface.

IRDP is disabled on an interface by default.

IRDP configuration takes effect only when IRDP is enabled.

Examples

# Enable IRDP on VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp

ip irdp address

Syntax ip irdp address ip-address preference undo ip irdp address ip-address

View

Interface view

Default level

2: System level

Parameters

ip-address: Specifies the proxy-advertised IP address.

preference: Specifies the preference of the proxy-advertised IP address, in the range of -2147483648 to

2147483647.

112

Description

Use ip irdp address to configure an IP address to be proxy-advertised by the interface.

Use undo ip irdp address to remove the proxy-advertised IP address.

Examples

# Specify the IP address 192.168.0.8 and its preference for VLAN-interface 1 to proxy-advertise.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp address 192.168.0.8 1600

ip irdp lifetime

Syntax ip irdp lifetime lifetime-value undo ip irdp lifetime

View

Interface view

Default level

2: System level

Parameters

lifetime-value: Specifies the lifetime of IP addresses advertised on the interface, in the range of 4 to 9000 seconds.

Description

Use ip irdp lifetime to set the lifetime of IP addresses advertised on an interface.

Use undo ip irdp lifetime to restore the default.

By default, the lifetime is 1800 seconds.

The lifetime of IP addresses cannot be shorter than the maximum advertising interval on an interface.

Otherwise, a configuration error prompt is displayed.

Related commands: ip irdp maxadvinterval.

Examples

# Set the lifetime of IP addresses advertised on VLAN-interface 1 to 2000 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp lifetime 2000

ip irdp maxadvinterval

Syntax ip irdp maxadvinterval interval-value undo ip irdp maxadvinterval

View

Interface view

113

Default level

2: System level

Parameters

interval-value: Specifies the maximum advertising interval in seconds, in the range of 4 to 1800.

Description

Use ip irdp maxadvinterval to set the maximum interval for advertising RAs on an interface.

Use undo ip irdp maxadvinterval to restore the default.

By default, the maximum advertising interval is 600 seconds.

The maximum advertising interval must be larger than the minimum interval. If not, the minimum interval will be automatically adjusted to 75% of the maximum interval.

The maximum advertising interval cannot be longer than the lifetime of advertised IP addresses.

Otherwise, the lifetime will be automatically adjusted to a value three times the maximum interval.

Related commands: ip irdp lifetime and ip irdp minadvinterval.

Examples

# Set the maximum advertising interval on VLAN-interface 1 to 500 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp maxadvinterval 500

ip irdp minadvinterval

Syntax ip irdp minadvinterval interval-value undo ip irdp minadvinterval

View

Interface view

Default level

2: System level

Parameters

interval-value: Specifies the minimum advertising interval in seconds, in the range of 3 to 1800.

Parameters

Use ip irdp minadvinterval to set the minimum interval for advertising RAs on an interface.

Use undo ip irdp minadvinterval to restore the default.

By default, the minimum interval is 450 seconds.

The minimum advertising interval must be shorter than the maximum advertising interval. Otherwise, errors occur.

Related commands: ip irdp maxadvinterval.

Examples

# Set the minimum advertising interval on VLAN-interface 1 to 400 seconds.

114

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp minadvinterval 400

ip irdp multicast

Syntax ip irdp multicast undo ip irdp multicast

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ip irdp multicast to specify the multicast address 224.0.0.1 as the destination IP address of RAs sent on an interface.

Use undo ip irdp multicast to restore the default.

By default, the destination IP address is 255.255.255.255.

Examples

# Specify the multicast address 224.0.0.1 as the destination IP address for VLAN-interface 1 to send RAs.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp multicast

ip irdp preference

Syntax ip irdp preference preference-value undo ip irdp preference

View

Interface view

Default level

2: System level

Parameters

preference-value: Specifies the preference of IP addresses advertised on an interface, in the range of

-2147483648 to 2147483647. The bigger the value, the higher the preference.

Description

Use ip irdp preference to configure the preference of IP addresses advertised on the interface.

115

Use undo ip irdp preference to restore the default.

By default, the preference of advertised IP addresses is 0.

Examples

# Configure preference 1 for IP addresses advertised on VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] ip irdp preference 1

116

IP performance optimization configuration commands

The term "interface" in this chapter refers to Layer 3 interfaces, including VLAN interfaces and route-mode (or Layer 3) Ethernet ports. You can set an Ethernet port to operate in route mode by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

display fib

Syntax display fib [ vpn-instance vpn-instance-name ] [ acl acl-number | ip-prefix ip-prefix-name ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters vpn-instance vpn-instance-name: Displays the FIB entries of the specified VPN. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Without this option specified, FIB entries of the public network are displayed. acl acl-number: Displays FIB entries matching a specific ACL numbered from 2000 to 2999. If the specified ACL does not exist, all FIB entries are displayed. ip-prefix ip-prefix-name: Displays FIB entries matching a specific IP prefix list, a string of 1 to 19 characters. If the specified IP prefix list does not exist, all FIB entries are displayed.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display fib to display FIB entries. If no parameters are specified, this command displays all FIB entries.

Examples

# Display all FIB entries.

<Sysname> display fib

Destination count: 4 FIB entry count: 4

117

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay

Destination/Mask Nexthop Flag OutInterface InnerLabel Token

10.2.0.0/16 10.2.1.1 U Vlan1 Null Invalid

10.2.1.1/32 127.0.0.1 UH InLoop0 Null Invalid

127.0.0.0/8 127.0.0.1 U InLoop0 Null Invalid

127.0.0.1/32 127.0.0.1 UH InLoop0 Null Invalid

# Display FIB information matching ACL 2000.

<Sysname> system-view

[Sysname] acl number 2000

[Sysname-acl-basic-2000] rule permit source 10.2.0.0 0.0.255.255

[Sysname-acl-basic-2000] display fib acl 2000

Destination count: 2 FIB entry count: 2

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay

Destination/Mask Nexthop Flag OutInterface InnerLabel Token

10.2.0.0/16 10.2.1.1 U Vlan1 Null Invalid

10.2.1.1/32 127.0.0.1 UH InLoop0 Null Invalid

# Display all entries that contain the string 127 and start from the first one.

<Sysname> display fib | begin 127

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay

Destination/Mask Nexthop Flag OutInterface InnerLabel Token

10.2.1.1/32 127.0.0.1 UH InLoop0 Null Invalid

127.0.0.0/8 127.0.0.1 U InLoop0 Null Invalid

127.0.0.1/32 127.0.0.1 UH InLoop0 Null Invalid

# Display FIB information passing the IP prefix list abc0.

<Sysname> system-view

[Sysname] ip ip-prefix abc0 permit 10.2.0.0 16

[Sysname] display fib ip-prefix abc0

Destination count: 1 FIB entry count: 1

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay

Destination/Mask Nexthop Flag OutInterface InnerLabel Token

10.2.0.0/16 10.2.1.1 U Vlan1 Null Invalid

118

Table 23 Command output

Field

Destination count

FIB entry count

Destination/Mask

Nexthop

Flag

Description

Total number of destination addresses

Total number of FIB entries

Destination address/length of mask

Next hop address

Flags of routes:

U—Usable route

G—Gateway route

H—Host route

B—Blackhole route

D—Dynamic route

S—Static route

R—Relay route

Token Link-state packet (LSP) index number

display fib ip-address

Syntax display fib [ vpn-instance vpn-instance-name ] ip-address [ mask | mask-length ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters vpn-instance vpn-instance-name: Displays the FIB entries of the specified VPN. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Without this option specified, FIB entries of the public network are displayed.

ip-address: Destination IP address, in dotted decimal notation.

mask: IP address mask.

mask-length: Length of IP address mask.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

119

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display fib ip-address to display FIB entries that match the specified destination IP address.

If no mask or mask length is specified, the FIB entry that matches the destination IP address and has the longest mask will be displayed. If the mask is specified, the FIB entry that exactly matches the specified destination IP address will be displayed.

Examples

# Display the FIB entries that match the destination IP address of 10.2.1.1.

<Sysname> display fib 10.2.1.1

Destination count: 1 FIB entry count: 1

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

R:Relay

Destination/Mask Nexthop Flag OutInterface InnerLabel Token

10.2.1.1/32 127.0.0.1 UH InLoop0 Null Invalid

For description about the output, see

Table 23 .

display icmp statistics

Syntax display icmp statistics [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters slot slot-number: Displays the ICMP statistics on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display icmp statistics to display ICMP statistics.

Related commands: display ip interface and reset ip statistics.

120

Examples

# Display ICMP statistics.

<Sysname> display icmp statistics

Input: bad formats 0 bad checksum 0

echo 5 destination unreachable 0

source quench 0 redirects 0

echo reply 10 parameter problem 0

timestamp 0 information request 0

mask requests 0 mask replies 0

time exceeded 0

Output:echo 10 destination unreachable 0

source quench 0 redirects 0

echo reply 5 parameter problem 0

timestamp 0 information reply 0

mask requests 0 mask replies 0

time exceeded 0

Table 24 Command output

Field bad formats bad checksum echo destination unreachable source quench redirects echo reply parameter problem timestamp information request mask requests mask replies information reply time exceeded

Description

Number of input wrong format packets

Number of input wrong checksum packets

Number of input/output echo packets

Number of input/output destination unreachable packets

Number of input/output source quench packets

Number of input/output redirection packets

Number of input/output replies

Number of input/output parameter problem packets

Number of input/output time stamp packets

Number of input request packets

Number of input/output mask requests

Number of input/output mask replies

Number of output reply packets

Number of input/output expiration packets

display ip socket

Syntax display ip socket [ socktype sock-type ] [ task-id socket-id ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

121

Default level

1: Monitor level

Parameters socktype sock-type: Displays socket information about this type. The sock type is in the range of 1 to 3, corresponding to TCP, UDP, and raw IP.

task-id: Displays socket information about this task. Task ID is in the range of 1 to 255.

socket-id: Displays information about the socket. Socket ID is in the range of 0 to 3072. slot slot-number: Displays socket information on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ip socket to display socket information.

Examples

# Display TCP socket information.

<Sysname> display ip socket

SOCK_STREAM:

Task = VTYD(38), socketid = 1, Proto = 6,

LA = 0.0.0.0:23, FA = 0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_KEEPALIVE SO_REUSEPORT SO_SETKEEPALIVE, socket state = SS_PRIV SS_ASYNC

Task = HTTP(36), socketid = 1, Proto = 6,

LA = 0.0.0.0:80, FA = 0.0.0.0:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_REUSEPORT, socket state = SS_PRIV SS_NBIO

Task = ROUT(69), socketid = 10, Proto = 6,

LA = 0.0.0.0:179, FA = 192.168.1.45:0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_REUSEADDR SO_REUSEPORT SO_SENDVPNID(0), socket state = SS_PRIV SS_ASYNC

Task = VTYD(38), socketid = 4, Proto = 6,

LA = 192.168.1.40:23, FA = 192.168.1.52:1917,

122

sndbuf = 8192, rcvbuf = 8192, sb_cc = 237, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_REUSEPORT SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC

Task = VTYD(38), socketid = 3, Proto = 6,

LA = 192.168.1.40:23, FA = 192.168.1.84:1503, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_KEEPALIVE SO_OOBINLINE SO_REUSEPORT SO_SETKEEPALIVE, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC

Task = ROUT(69), socketid = 11, Proto = 6,

LA = 192.168.1.40:1025, FA = 192.168.1.45:179, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEADDR SO_LINGER, socket state = SS_ISCONNECTED SS_PRIV SS_ASYNC

SOCK_DGRAM:

Task = NTPT(37), socketid = 1, Proto = 17,

LA = 0.0.0.0:123, FA = 0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV

Task = AGNT(51), socketid = 1, Proto = 17,

LA = 0.0.0.0:161, FA = 0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV SS_NBIO SS_ASYNC

Task = RDSO(56), socketid = 1, Proto = 17,

LA = 0.0.0.0:1024, FA = 0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV

Task = TRAP(52), socketid = 1, Proto = 17,

LA = 0.0.0.0:1025, FA = 0.0.0.0:0, sndbuf = 9216, rcvbuf = 0, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV

Task = RDSO(56), socketid = 2, Proto = 17,

LA = 0.0.0.0:1812, FA = 0.0.0.0:0, sndbuf = 9216, rcvbuf = 41600, sb_cc = 0, rb_cc = 0, socket option = SO_UDPCHECKSUM, socket state = SS_PRIV

SOCK_RAW:

123

Task = ROUT(69), socketid = 8, Proto = 89,

LA = 0.0.0.0, FA = 0.0.0.0, sndbuf = 262144, rcvbuf = 262144, sb_cc = 0, rb_cc = 0, socket option = SO_SENDVPNID(0), socket state = SS_PRIV SS_ASYNC

Task = ROUT(69), socketid = 3, Proto = 2,

LA = 0.0.0.0, FA = 0.0.0.0, sndbuf = 32767, rcvbuf = 256000, sb_cc = 0, rb_cc = 0, socket option = SO_SENDVPNID(0), socket state = SS_PRIV SS_NBIO SS_ASYNC

Task = ROUT(69), socketid = 2, Proto = 103,

LA = 0.0.0.0, FA = 0.0.0.0, sndbuf = 65536, rcvbuf = 256000, sb_cc = 0, rb_cc = 0, socket option = SO_SENDVPNID(0), socket state = SS_PRIV SS_NBIO SS_ASYNC

Task = ROUT(69), socketid = 1, Proto = 65,

LA = 0.0.0.0, FA = 0.0.0.0, sndbuf = 32767, rcvbuf = 256000, sb_cc = 0, rb_cc = 0, socket option = 0, socket state = SS_PRIV SS_NBIO SS_ASYNC

Task = RSVP(73), socketid = 1, Proto = 46,

LA = 0.0.0.0, FA = 0.0.0.0, sndbuf = 4194304, rcvbuf = 4194304, sb_cc = 0, rb_cc = 0, socket option = 0, socket state = SS_PRIV SS_NBIO SS_ASYNC

Table 25 Command output

Field

SOCK_STREAM

SOCK_DGRAM

SOCK_RAW

Description

TCP socket

UDP socket

Raw IP socket

Proto

LA

FA sndbuf rcvbuf sb_cc

Protocol number of the socket, indicating the protocol type that IP carries

Local address and local port number

Remote address and remote port number

Sending buffer size of the socket, in bytes

Receiving buffer size of the socket, in bytes

Current data size in the sending buffer (available only for a TCP that can buffer data)

124

Field rb_cc socket option socket state

Description

Data size currently in the receiving buffer

Socket option

Socket state

display ip statistics

Syntax display ip statistics [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters slot slot-number: Displays the IP packet statistics on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ip statistics to display statistics of IP packets.

Related commands: display ip interface and reset ip statistics.

Examples

# Display statistics of IP packets.

<Sysname> display ip statistics

Input: sum 7120 local 112

bad protocol 0 bad format 0

bad checksum 0 bad options 0

Output: forwarding 0 local 27

dropped 0 no route 2

compress fails 0

Fragment:input 0 output 0

dropped 0

fragmented 0 couldn't fragment 0

Reassembling:sum 0 timeouts 0

125

Table 26 Command output

Field Description sum Total number of packets received

Input:

Output:

Fragment:

Reassembling local bad protocol bad format bad checksum bad options forwarding local dropped no route compress fails input output dropped fragmented couldn't fragment sum timeouts

Total number of packets with destination being local

Total number of unknown protocol packets

Total number of packets with incorrect format

Total number of packets with incorrect checksum

Total number of packets with incorrect option

Total number of packets forwarded

Total number of packets sent from the local

Total number of packets discarded

Total number of packets for which no route is available

Total number of packets failed to be compressed

Total number of fragments received

Total number of fragments sent

Total number of fragments dropped

Total number of packets successfully fragmented

Total number of packets that failed to be fragmented

Total number of packets reassembled

Total number of reassembly timeout fragments

display tcp statistics

Syntax display tcp statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

126

Description

Use display tcp statistics to display statistics of TCP traffic.

Related commands: display tcp status and reset tcp statistics.

Examples

# Display statistics of TCP traffic.

<Sysname> display tcp statistics

Received packets:

Total: 8457

packets in sequence: 3660 (5272 bytes)

window probe packets: 0, window update packets: 0

checksum error: 0, offset error: 0, short error: 0

duplicate packets: 1 (8 bytes), partially duplicate packets: 0 (0 bytes)

out-of-order packets: 17 (0 bytes)

packets of data after window: 0 (0 bytes)

packets received after close: 0

ACK packets: 4625 (141989 bytes)

duplicate ACK packets: 1702, too much ACK packets: 0

Sent packets:

Total: 6726

urgent packets: 0

control packets: 21 (including 0 RST)

window probe packets: 0, window update packets: 0

data packets: 6484 (141984 bytes) data packets retransmitted: 0 (0 bytes)

ACK-only packets: 221 (177 delayed)

Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0

Keepalive timeout: 1682, keepalive probe: 1682, Keepalive timeout, so connections disconnected : 0

Initiated connections: 0, accepted connections: 22, established connections: 22

Closed connections: 49 (dropped: 0, initiated dropped: 0)

Packets dropped with MD5 authentication: 0

Packets permitted with MD5 authentication: 0

Table 27 Command output

Field

Received packets:

Total packets in sequence window probe packets window update packets checksum error offset error

Description

Total number of packets received.

Number of packets arriving in sequence.

Number of window probe packets received.

Number of window update packets received.

Number of checksum error packets received.

Number of offset error packets received.

127

Field

Sent packets:

Keepalive timeout keepalive probe short error duplicate packets partially duplicate packets

Description

Number of received packets with length being too small.

Number of completely duplicate packets received.

Number of partially duplicate packets received. out-of-order packets Number of out-of-order packets received. packets of data after window Number of packets outside the receiving window. packets received after close

ACK packets duplicate ACK packets too much ACK packets

Total urgent packets control packets window probe packets window update packets data packets data packets retransmitted

ACK-only packets

Retransmitted timeout connections dropped in retransmitted timeout

Keepalive timeout, so connections disconnected

Initiated connections accepted connections established connections

Closed connections

Packets dropped with MD5 authentication

Packets permitted with MD5 authentication

Number of packets that arrived after connection is closed.

Number of ACK packets received.

Number of duplicate ACK packets received.

Number of ACK packets for data unsent.

Total number of packets sent.

Number of urgent packets sent.

Number of control packets sent.

Number of window probe packets sent. In the brackets are resent packets.

Number of window update packets sent.

Number of data packets sent.

Number of data packets retransmitted.

Number of ACK packets sent. In brackets are delayed ACK packets.

Number of retransmission timer timeouts.

Number of connections broken due to retransmission timeouts.

Number of keepalive timer timeouts.

Number of keepalive probe packets sent.

Number of connections broken due to timeout of the keepalive timer.

Number of connections initiated.

Number of connections accepted.

Number of connections established.

Number of connections closed. In brackets are connections closed accidentally (before receiving SYN from the peer) and connections closed initiatively (after receiving SYN from the peer).

Number of packets dropped by MD5 authentication.

Number of packets permitted by MD5 authentication.

128

display udp statistics

Syntax display udp statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display udp statistics to display statistics of UDP packets.

Related commands: reset udp statistics.

Examples

# Display statistics of UDP packets.

<Sysname> display udp statistics

Received packets:

Total: 0

checksum error: 0

shorter than header: 0, data length larger than packet: 0

unicast(no socket on port): 0

broadcast/multicast(no socket on port): 0

not delivered, input socket full: 0

input packets missing pcb cache: 0

Sent packets:

Total: 0

Table 28 Command output

Field Description

Received packets:

Total checksum error shorter than header data length larger than packet unicast(no socket on port) broadcast/multicast(no socket on port)

Total number of UDP packets received

Total number of packets with incorrect checksum

Number of packets with data shorter than head

Number of packets with data longer than packet

Number of unicast packets with no socket on port

Number of broadcast/multicast packets without socket on port

129

Field Description not delivered, input socket full input packets missing pcb cache

Sent packets: Total

Number of packets not delivered to an upper layer due to a full socket cache

Number of packets without matching protocol control block (PCB) cache

Total number of UDP packets sent

ip forward-broadcast (interface view)

Syntax ip forward-broadcast [ acl acl-number ] undo ip forward-broadcast

View

Interface view

Default level

2: System level

Parameters acl acl-number: Specifies the ACL number, in the range of 2000 to 3999. Numbers between 2000 and

2999 are for basic ACLs, and between 3000 and 3999 are for advanced ACLs. Only directed broadcasts permitted by the ACL can be forwarded.

Description

Use ip forward-broadcast to enable the interface to forward directed broadcasts to a directly connected network.

Use undo ip forward-broadcast to disable the interface from forwarding directed broadcasts to a directly connected network.

By default, an interface is disabled from forwarding directed broadcasts to a directly connected network.

Examples

# Enable VLAN-interface 2 to forward the directed broadcasts to a directly-connected network matching

ACL 2001.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] ip forward-broadcast acl 2001

ip forward-broadcast (system view)

Syntax ip forward-broadcast undo ip forward-broadcast

View

System view

130

Default level

2: System level

Parameters

None

Description

Use ip forward-broadcast to enable the switch to receive directed broadcasts.

Use undo ip forward-broadcast to disable the switch from receiving directed broadcasts.

By default, the switch is disabled from receiving directed broadcast.

Examples

# Enable the switch to receive directed broadcasts.

<Sysname> system-view

[Sysname] ip forward-broadcast

ip redirects enable

Syntax ip redirects enable undo ip redirects

View

System view

Default level

2: System level

Parameters

None

Description

Use ip redirects enable to enable sending ICMP redirection packets.

Use undo ip redirects to disable sending ICMP redirection packets.

This feature is disabled by default.

Examples

# Enable sending ICMP redirect packets.

<Sysname> system-view

[Sysname] ip redirects enable

ip ttl-expires enable

Syntax ip ttl-expires enable undo ip ttl-expires

View

System view

131

Default level

2: System level

Parameters

None

Description

Use ip ttl-expires enable to enable sending ICMP timeout packets.

Use undo ip ttl-expires to disable sending ICMP timeout packets.

Sending ICMP timeout packets is disabled by default.

If the feature is disabled, the device will not send TTL timeout ICMP packets, but still send "reassembly timeout" ICMP packets.

Examples

# Enable sending ICMP timeout packets.

<Sysname> system-view

[Sysname] ip ttl-expires enable

ip unreachables enable

Syntax ip unreachables enable undo ip unreachables

View

System view

Default level

2: System level

Parameters

None

Description

Use ip unreachables enable to enable sending ICMP destination unreachable packets.

Use undo ip unreachables to disable sending ICMP destination unreachable packets.

Sending ICMP destination unreachable packets is disabled by default.

Examples

# Enable sending ICMP destination unreachable packets.

<Sysname> system-view

[Sysname] ip unreachables enable

reset ip statistics

Syntax reset ip statistics [ slot slot-number ]

132

View

User view

Default level

1: Monitor level

Parameters slot slot-number: Clears the IP packet statistics on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

Description

Use reset ip statistics to clear statistics of IP packets.

Related commands: display ip statistics and display ip interface.

Examples

# Clear statistics of IP packets.

<Sysname> reset ip statistics

reset tcp statistics

Syntax reset tcp statistics

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset tcp statistics to clear statistics of TCP traffic.

Related commands: display tcp statistics.

Examples

# Display statistics of TCP traffic.

<Sysname> reset tcp statistics

reset udp statistics

Syntax reset udp statistics

View

User view

133

Default level

1: Monitor level

Parameters

None

Description

Use reset udp statistics to clear statistics of UDP traffic.

Examples

# Display statistics of UDP traffic.

<Sysname> reset udp statistics

tcp path-mtu-discovery

Syntax tcp path-mtu-discovery [ aging minutes | no-aging ] undo tcp path-mtu-discovery

View

System view

Default level

2: System level

Parameters aging minutes: Specifies the aging time of the path MTU, in the range of 10 to 30 minutes. The default aging time is 10 minutes. no-aging: Do not age out the path MTU.

Description

Use tcp path-mtu-discovery to enable TCP path MTU discovery.

Use undo tcp path-mtu-discovery to disable TCP path MTU discovery, and disable all running path MTU timers. New TCP connections do not perform TCP path MTU discovery but existing TCP connections can still use TCP path MTU discovery.

By default, TCP path MTU discovery is disabled.

Examples

# Enable TCP path MTU discovery and set the path MTU age timer to 20 minutes.

<Sysname> system-view

[Sysname] tcp path-mtu-discovery aging 20

tcp timer fin-timeout

Syntax tcp timer fin-timeout time-value undo tcp timer fin-timeout

134

View

System view

Default level

2: System level

Parameters

time-value: Specifies the TCP finwait timer in seconds, in the range of 76 to 3600.

Description

Use tcp timer fin-timeout to configure the length of the TCP finwait timer.

Use undo tcp timer fin-timeout to restore the default.

By default, the length of the TCP finwait timer is 675 seconds.

The actual length of the finwait timer is determined by the following formula:

Actual length of the finwait timer = (Configured length of the finwait timer – 75) + configured length of the synwait timer

Related commands: tcp timer syn-timeout and tcp window.

Examples

# Set the length of the TCP finwait timer to 800 seconds.

<Sysname> system-view

[Sysname] tcp timer fin-timeout 800

tcp timer syn-timeout

Syntax tcp timer syn-timeout time-value undo tcp timer syn-timeout

View

System view

Default level

2: System level

Parameters

time-value: Specifies the TCP synwait timer in seconds, in the range of 2 to 600.

Description

Use tcp timer syn-timeout to configure the length of the TCP synwait timer.

Use undo tcp timer syn-timeout to restore the default.

By default, the value of the TCP synwait timer is 75 seconds.

Related commands: tcp timer fin-timeout and tcp window.

Examples

# Set the length of the TCP synwait timer to 80 seconds.

<Sysname> system-view

[Sysname] tcp timer syn-timeout 80

135

tcp window

Syntax tcp window window-size undo tcp window

View

System view

Default level

2: System level

Parameters

window-size: Specifies the size of the send/receive buffer in KB, in the range of 1 to 32.

Description

Use tcp window to configure the size of the TCP send/receive buffer.

Use undo tcp window to restore the default.

The size of the TCP send/receive buffer is 8 KB by default.

Related commands: tcp timer fin-timeout and tcp timer syn-timeout.

Examples

# Configure the size of the TCP send/receive buffer as 3 KB.

<Sysname> system-view

[Sysname] tcp window 3

136

UDP helper configuration commands

display udp-helper server

Syntax display udp-helper server [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

2: System level

Parameters interface interface-type interface-number: Displays information about forwarded UDP packets on a specific interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display udp-helper server to display information about forwarded UDP packets on the specified interface or all interfaces.

If interface-type interface-number is not specified, this command displays information about forwarded

UDP packets on all interfaces.

Examples

# Display information about forwarded UDP packets on the interface VLAN-interface 1.

<Sysname> display udp-helper server interface vlan-interface 1

Interface name Server VPN Server address Packets

Vlan1 20.1.1.1 0

The output shows that the destination server corresponding to the interface VLAN-interface 1 is in the public network, the IP address of the destination server is 20.1.1.1, and that no packets are forwarded to the destination server.

reset udp-helper packet

Syntax reset udp-helper packet

137

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset udp-helper packet to clear the statistics of forwarded UDP packets.

Related commands: display udp-helper server.

Examples

# Clear the statistics of the forwarded UDP packets.

<Sysname> reset udp-helper packet

udp-helper enable

Syntax udp-helper enable undo udp-helper enable

View

System view

Default level

2: System level

Parameters

None

Description

Use udp-helper enable to enable UDP helper. A device enabled with UDP helper functions as a relay agent that converts UDP broadcast packets into unicast packets and forwards them to a specific destination server.

Use undo udp-helper enable to disable UDP helper.

By default, UDP helper is disabled.

Examples

# Enable UDP helper.

<Sysname> system-view

[Sysname] udp-helper enable

udp-helper port

Syntax udp-helper port { port-number | dns | netbios-ds | netbios-ns | tacacs | tftp | time } undo udp-helper port { port-number | dns | netbios-ds | netbios-ns | tacacs | tftp | time }

138

View

System view

Default level

2: System level

Parameters

port-number: Specifies the UDP port number with which packets need to be forwarded, in the range of

1 to 65535 (except 67 and 68). dns: Forwards DNS data packets. The corresponding UDP port number is 53. netbios-ds: Forwards NetBIOS data packets. The corresponding UDP port number is 138. netbios-ns: Forwards NetBIOS name service data packets. The corresponding UDP port number is 137. tacacs: Forwards terminal access controller access control system (TACACS) data packet. The corresponding UDP port number is 49. tftp: Forwards TFTP data packets. The corresponding UDP port number is 69. time: Forwards time service data packets. The corresponding UDP port number is 37.

Description

Use udp-helper port to enable the forwarding of packets with the specified UDP port number.

Use undo udp-helper port to remove the configured UDP port numbers.

By default, no UDP port number is specified.

You can configure up to 256 UDP ports on a device.

All of the specified UDP port numbers will be removed if UDP helper is disabled.

Examples

# Forward broadcast packets with the UDP destination port number 100.

<Sysname> system-view

[Sysname] udp-helper port 100

udp-helper server

Syntax udp-helper server [ vpn-instance vpn-instance-name ] ip-address undo udp-helper server [ [ vpn-instance vpn-instance-name ] ip-address ]

View

Interface view

Default level

2: System level

Parameters vpn-instance vpn-instance-name: Specifies the name of a MPLS L3VPN, a case-sensitive string of 1 to 31 characters. Without this option specified, the command indicates that the destination server is in the public network.

ip-address: Specifies the IP address of the destination server, in dotted decimal notation.

139

Description

Use udp-helper server to specify the destination server to which UDP packets are forwarded.

Use undo udp-helper server to remove the destination server.

No destination server is configured by default.

You can configure up to 20 destination servers on an interface.

Without the ip-address argument, the undo udp-helper server command removes all the destination servers on an interface.

Related commands: display udp-helper server.

Examples

# Specify the IP address of the destination server in the public network as 192.1.1.2 on the VLAN-interface

100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] udp-helper server 192.1.1.2

140

IPv6 basics configuration commands

The term interface in this document refers to Layer 3 interfaces, including VLAN interfaces and route-mode (or Layer 3) Ethernet ports. You can set an Ethernet port to operate in route mode by using the port link-mode route command (see Layer 2—LAN Switching Configuration Guide).

display ipv6 fib

Syntax display ipv6 fib [ vpn-instance vpn-instance-name ] [ acl6 acl6-number | ipv6-prefix ipv6-prefix-name ]

[ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters vpn-instance vpn-instance-name: Displays the IPv6 FIB entries of the specified MPLS L3VPN. The

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Without this option specified, the display ipv6 fib command displays the IPv6 FIB entries of the public network. acl6 acl6-number: Displays the IPv6 FIB entries permitted by a specific ACL. The ACL number is in the range of 2000 to 2999. If the specified ACL does not exist, all IPv6 FIB entries are displayed. ipv6-prefix ipv6-prefix-name: Displays the IPv6 FIB entries matching a specific prefix list. The

ipv6-prefix-name argument is a case-sensitive string of 1 to 19 characters. If the specified prefix list does not exist, all IPv6 FIB entries are displayed.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 fib to display IPv6 FIB entries. If no argument is specified, all IPv6 FIB entries will be displayed.

The device looks up a matching IPv6 FIB entry for forwarding an IPv6 packet.

Examples

# Display all IPv6 FIB entries.

<Sysname> display ipv6 fib

FIB Table:

141

Total number of Routes : 1

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

Destination: ::1 PrefixLength : 128

NextHop : ::1 Flag : HU

Label : NULL Token : 0

Interface : InLoopBack0

Table 29 Command output

Field Description

Total number of Routes Total number of routes in the FIB

PrefixLength Prefix length of the destination address

Flag

Route flag:

U—Usable route

G—Gateway route

H—Host route

B—Black hole route

D—Dynamic route

S—Static route

Label Label

Token LSP index number

display ipv6 fib ipv6-address

Syntax display ipv6 fib [ vpn-instance vpn-instance-name ] ipv6-address [ prefix-length ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters vpn-instance vpn-instance-name: Displays the IPv6 FIB entries for a specific MPLS L3VPN. The

vpn-instance-name argument is case-sensitive string of 1 to 31 characters. Without this option specified, the display ipv6 fib ipv6-address command displays IPv6 FIB entries on the public network and all private networks.

ipv6-address: Specifies the destination IPv6 address.

142

prefix-length: Specifies the Prefix length of the destination IPv6 address, in the range of 0 to 128.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 fib ipv6-address to display the IPv6 FIB entry of the specified destination IPv6 address.

Without the prefix-length argument specified, this command displays the matching IPv6 FIB entry with the longest prefix.

With the prefix-length argument specified, this command displays the IPv6 FIB entry exactly matching the specified destination IPv6 address and prefix length.

Examples

# Display the matching IPv6 FIB entry with the longest prefix.

<Sysname> display ipv6 fib ::1

Flag:

U:Useable G:Gateway H:Host B:Blackhole D:Dynamic S:Static

Destination: ::1 PrefixLength : 128

NextHop : ::1 Flag : HU

Label : NULL Token : 0

Interface : InLoopBack0

Table 30 Command output

Field Description

Total number of Routes Total number of routes in the FIB.

PrefixLength Prefix length of the destination address.

Flag

Route flag:

U—Usable route.

G—Gateway route.

H—Host route.

B—Black hole route.

D—Dynamic route.

S—Static route.

Label Label.

Token LSP index number.

143

display ipv6 interface

Syntax display ipv6 interface [ interface-type [ interface-number ] ] [ brief ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

interface-type: Interface type.

interface-number: Interface number. brief: Displays brief IPv6 information about an interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 interface to display IPv6 information about an interface.

If interface-type interface-number is not specified, this command displays IPv6 information about all interfaces.

If only interface-type is specified, this command displays IPv6 information about the interfaces of the specified type.

If interface-type interface-number is specified, this command displays IPv6 information about the specified interface. If the brief keyword is also specified, this command displays brief IPv6 information about the interface.

Examples

# Display IPv6 information about VLAN-interface 2.

<Sysname> display ipv6 interface vlan-interface 2

Vlan-interface2 current state :UP

Line protocol current state :UP

IPv6 is enabled, link-local address is FE80::1234:56FF:FE65:4322

Global unicast address(es):

2001::1, subnet is 2001::/64

10::1234:56FF:FE65:4322, subnet is 10::/64 [AUTOCFG]

[valid lifetime 4641s/preferred lifetime 4637s]

Joined group address(es):

FF02::1:FF00:1

FF02::1:FF65:4322

FF02::2

144

FF02::1

MTU is 1500 bytes

ND DAD is enabled, number of DAD attempts: 1

ND reachable time is 30000 milliseconds

ND retransmit interval is 1000 milliseconds

Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

InReceives: 0

InTooShorts: 0

InTruncatedPkts: 0

InHopLimitExceeds: 0

InBadHeaders: 0

InBadOptions: 0

ReasmReqds: 0

ReasmOKs: 0

InFragDrops: 0

InFragTimeouts: 0

OutFragFails: 0

InUnknownProtos: 0

InDelivers: 0

OutRequests: 0

OutForwDatagrams: 0

InTooBigErrors: 0

OutFragOKs: 0

OutFragCreates: 0

InMcastPkts: 0

InMcastNotMembers: 0

OutMcastPkts: 0

InAddrErrors: 0

Table 31 Command output

Field Description

Vlan-interface2 current state

Physical state of the interface:

Administratively DOWN—The VLAN interface is administratively down. The interface is shut down by using the shutdown command.

DOWN—The VLAN interface is administratively up but its physical state is down. No ports in the VLAN are up due to a connection or link failure.

UP—The administrative and physical states of the VLAN interface are both up.

Line protocol current state

Link layer protocol state of the interface:

DOWN—The link layer protocol state of the VLAN interface is down.

UP—The link layer protocol state of the VLAN interface is up.

145

Field Description

IPv6 is enabled

IPv6 packet forwarding state of the interface. (After an IPv6 address is configured for an interface, IPv6 is automatically enabled on it. IPv6 packet forwarding is enabled in the example.) link-local address Link-local address configured for the interface.

Global unicast address(es) valid lifetime preferred lifetime

Joined group address(es)

MTU

Global unicast addresses configured for the interface.

Valid lifetime of the global unicast address obtained through stateless autoconfiguration.

Preferred lifetime of the global unicast address obtained through stateless autoconfiguration.

Addresses of multicast groups that the interface has joined.

Maximum transmission unit of the interface.

ND DAD is enabled, number of

DAD attempts

ND reachable time

Whether Duplicate Address Detection (DAD) is enabled. In this example, DAD is enabled.

If DAD is enabled, the number of attempts to send a Neighbor

Solicitation (NS) message for DAD (configured by using the ipv6 nd dad attempts command) is also displayed.

If DAD is disabled, ND DAD is disabled is displayed. (You can disable DAD by setting the number of attempts to send an NS message for DAD to 0.)

Time that a neighboring node is considered reachable after reachability has been confirmed.

Interval for retransmitting an NS message. ND retransmit interval

Hosts use stateless autoconfig for addresses

Hosts use stateless autoconfiguration mode to acquire IPv6 addresses.

InReceives

InTooShorts

InTruncatedPkts

All IPv6 packets received by the interface, including all types of error packets.

Received IPv6 packets that are too short, with a length less than 40 bytes, for example.

Received IPv6 packets with a length less than that specified in the packets.

InBadHeaders

InBadOptions

ReasmReqds

ReasmOKs

InFragDrops

InFragTimeouts

OutFragFails

InUnknownProtos

Received IPv6 packets with bad basic headers.

Received IPv6 packets with bad extension headers.

Received IPv6 fragments.

Number of packets after reassembly rather than the number of fragments.

IPv6 fragments discarded due to certain error.

IPv6 fragments discarded because the interval for which they had stayed in the system buffer exceeded the specified period.

Packets failed in fragmentation on the outbound interface.

Received IPv6 packets with unknown or unsupported protocol type.

146

Field Description

InDelivers

Received IPv6 packets that were delivered to application layer protocols

(such as ICMPv6, TCP, and UDP).

OutRequests Local IPv6 packets sent by IPv6 application protocols.

InNoRoutes

InTooBigErrors

OutFragOKs

OutFragCreates

InMcastPkts

InMcastNotMembers

IPv6 packets that were discarded because no matched route can be found.

IPv6 packets that were discarded because they exceeded the path MTU.

Packets that were fragmented on the outbound interface.

Number of packet fragments after fragmentation on the outbound interface.

IPv6 multicast packets received on the interface.

Incoming IPv6 multicast packets that were discarded because the interface did not belong to the corresponding multicast groups.

IPv6 multicast packets sent by the interface.

IPv6 packets that were discarded due to invalid destination addresses.

OutMcastPkts

InAddrErrors

InDiscards

Received IPv6 packets that were discarded due to resource problems rather than packet content errors.

OutDiscards

Sent packets that were discarded due to resource problems rather than packet content errors.

# Display brief IPv6 information about all interfaces.

<Sysname> display ipv6 interface brief

*down: administratively down

(s): spoofing

IPv6 Address

Table 32 Command output

Field Description

*down: administratively down

The interface is down. The interface is shut down by using the shutdown command.

(s): spoofing

Interface

Spoofing attribute of the interface. The link protocol state of the interface is up, but the link does not exist, or the link is established on demand, instead of being permanent.

Name of the interface.

147

Field Description

Physical

Physical state of the interface:

*down—The VLAN interface is administratively down. The interface is shut down using the shutdown command.

• down—The VLAN interface is administratively up but its physical state is down. No port in the VLAN is up due to a connection or link failure.

• up—The administrative and physical states of the VLAN interface are both up.

Protocol

IPv6 Address

Link layer protocol state of the interface:

• down—The network layer protocol state of the VLAN interface is down.

• up—The network layer protocol state of the VLAN interface is up.

IPv6 address of the interface. Only the first of configured IPv6 addresses is displayed. If no address is configured for the interface,

Unassigned will be displayed.

display ipv6 nd snooping

Syntax display ipv6 nd snooping [ ipv6-address | vlan vlan-id ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

ipv6-address: Specifies an IPv6 address. vlan vlan-id: Displays ND snooping entries in the specified VLAN whose ID ranges from 1 to 4094.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 nd snooping to display ND snooping entries.

If no parameter is specified, this command displays all ND snooping entries.

Examples

# Display the ND snooping entries of VLAN 1.

<Sysname> display ipv6 nd snooping vlan 1

148

IPv6 Address MAC Address VID Interface Aging Status

4001::1 0015-e944-a947 1 Eth1/0/1 25 Bound

---- Total entries on VLAN 1: 1 ----

Table 33 Command output

Field Description

IPv6 Address

MAC Address

IPv6 address of an ND snooping entry.

MAC address of an ND snooping entry.

Interface

Aging

Status

Total entries on VLAN 1

Receiving port of an ND snooping entry.

Aging time of an ND snooping entry, in minutes.

ND snooping entry status, Bound or Probe.

Total number of ND snooping entries of VLAN 1.

display ipv6 neighbors

Syntax display ipv6 neighbors { { ipv6-address | all | dynamic | static } [ slot slot-number ] | interface

interface-type interface-number | vlan vlan-id } [ verbose ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

ipv6-address: Specifies the IPv6 address whose neighbor information is to be displayed. all: Displays information about all neighbors, including neighbors acquired dynamically and configured statically on the public network and all private networks. dynamic: Displays information about all neighbors acquired dynamically. static: Displays information about all neighbors configured statically. slot slot-number: Displays the neighbor information on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. interface interface-type interface-number: Displays information about the neighbors of a specific interface. vlan vlan-id: Displays information about the neighbors of a specific VLAN whose ID ranges from 1 to

4094. verbose: Displays detailed information about neighbors.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.

149

begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 neighbors to display neighbor information.

You can use the reset ipv6 neighbors command to clear specific IPv6 neighbor information.

Related commands: ipv6 neighbor, reset ipv6 neighbors.

Examples

<Sysname> display ipv6 neighbors all verbose

Type: S-Static D-Dynamic

IPv6 Address : FE80::200:5EFF:FE32:B800

Link-layer : 0000-5e32-b800 VID : N/A Interface : Eth1/0/1

State : REACH Type: S Age : -

Vpn-instance : vpn1

Table 34 Command output

Field Description

IPv6 Address IPv6 address of a neighbor.

Link-layer

VID

Interface

Link layer address (MAC address) of a neighbor.

VLAN to which the interface connected with a neighbor belongs.

State

Type

Interface connected with a neighbor.

State of a neighbor:

INCMP—The address is being resolved. The link layer address of the neighbor is unknown.

REACH—The neighbor is reachable.

STALE—The reachability of the neighbor is unknown. The device will not verify the reachability any longer unless data is sent to the neighbor.

DELAY—The reachability of the neighbor is unknown. The device sends an NS message after a delay.

PROBE—The reachability of the neighbor is unknown. The device sends an NS message to verify the reachability of the neighbor.

Type of neighbor information, including static configuration (represented by S) and dynamic acquisition (represented by D).

Age

Vpn-instance

For a static entry, a hyphen (-) is displayed. For a dynamic entry, the reachable time

(in seconds) elapsed is displayed, and if it is never reachable, a pound sign (#) is displayed (for a neighbor acquired dynamically).

Name of a VPN. [No Vrf] indicates no VPN is configured.

150

display ipv6 neighbors count

Syntax display ipv6 neighbors { { all | dynamic | static } [ slot slot-number ] | interface interface-type

interface-number | vlan vlan-id } count [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays the total number of all neighbor entries, including neighbor entries acquired dynamically and configured statically. dynamic: Displays the total number of all neighbor entries acquired dynamically. static: Displays the total number of neighbor entries configured statically. slot slot-number: Displays the total number of neighbor entries on a specific IRF member switch. The

slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. interface interface-type interface-number: Displays the total number of neighbor entries of a specific interface. vlan vlan-id: Displays the total number of neighbor entries of a specific VLAN whose ID ranges from 1 to

4094.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 neighbors count to display the total number of neighbor entries satisfying the specified condition.

Examples

# Display the total number of neighbor entries acquired dynamically.

<Sysname> display ipv6 neighbors dynamic count

Total dynamic entry(ies): 2

151

display ipv6 neighbors vpn-instance

Syntax display ipv6 neighbors vpn-instance vpn-instance-name [ count ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

vpn-instance-name: Specifies the MPLS L3VPN for which neighbor entries are to be displayed. The

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. count: Displays the total number of neighbor entries in the specified VPN.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 neighbors vpn-instance to display neighbor information about the specified VPN.

Examples

# Display neighbor information about the VPN vpn1.

<Sysname> display ipv6 neighbors vpn-instance vpn1

Type: S-Static D-Dynamic

IPv6 Address Link-layer VID Interface State T Age

FE80::200:5EFF:FE32:B800 0000-5e32-b800 N/A Eth1/0/1 REACH S -

Table 35 Command output

Field Description

IPv6 Address IPv6 address of a neighbor.

Link-layer Link layer address (MAC address) of a neighbor.

VID

Interface

VLAN to which the interface connected with a neighbor belongs.

Interface connected with a neighbor.

152

Field Description

State

State of a neighbor:

INCMP—The address is being resolved. The link layer address of the neighbor is unknown.

REACH—The neighbor is reachable.

STALE—The reachability of the neighbor is unknown. The device will not verify the reachability any longer unless data is sent to the neighbor.

DELAY—The reachability of the neighbor is unknown. The device sends an

NS message after a delay.

PROBE—The reachability of the neighbor is unknown. The device sends an

NS message to verify the reachability of the neighbor.

T

Type of neighbor information, which can be static (represented by S) or dynamic (represented by D).

Age

For a static entry, a hyphen (-) is displayed. For a dynamic entry, the time (in seconds) elapsed since it became reachable is displayed, and if it is never reachable, a pound sign (#) is displayed.

display ipv6 pathmtu

Syntax display ipv6 pathmtu [ vpn-instance vpn-instance-name ] { ipv6-address | all | dynamic | static } [ |

{ begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters vpn-instance vpn-instance-name: Displays IPv6 path MTU information about the specified MPLS L3VPN.

The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Without this option specified, the display ipv6 pathmtu command displays the IPv6 path MTU information for the public network.

ipv6-address: Destination IPv6 address for which the path MTU information is to be displayed. all: Displays all path MTU information on the public network. dynamic: Displays all dynamic path MTU information. static: Displays all static path MTU information.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

153

Description

Use display ipv6 pathmtu to display IPv6 path MTU information.

Examples

# Display all path MTU information.

<Sysname> display ipv6 pathmtu all

IPv6 Destination Address ZoneID PathMTU Age Type

Table 36 Command output

Field Description

IPv6 Destination Address

ZoneID

PathMTU

Age

Type

Destination IPv6 address.

VPN index. If the information is for the public network, this field displays 0.

Path MTU value on the network path to an IPv6 address.

Time for a path MTU to live. For a static path MTU, two consecutive hyphens (--) are displayed.

The path MTU is dynamically negotiated or statically configured.

display ipv6 socket

Syntax display ipv6 socket [ socktype socket-type ] [ task-id socket-id ] [ slot slot-number ] [ | { begin | exclude

| include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters socktype socket-type: Displays socket information about this type. The socket type is in the range of 1 to

3. The value 1 represents a TCP socket, value 2 a UDP socket, and value 3 a raw socket.

task-id: Displays socket information about the task. The task ID is in the range of 1 to 255.

socket-id: Displays information about the socket. The socket ID is in the range of 0 to 3072. slot slot-number: Displays the socket information on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

154

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 socket to display socket information.

With no parameter specified, this command displays information about all sockets. With only the socket type specified, the command displays information about sockets of the specified type. With the socket type, task ID and socket ID specified, the command displays information about the specified socket.

Examples

# Display information about all sockets.

<Sysname> display ipv6 socket

SOCK_STREAM:

Task = VTYD(14), socketid = 4, Proto = 6,

LA = ::->22, FA = ::->0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_REUSEPORT SO_SENDVPNID, socket state = SS_PRIV SS_ASYNC

Task = VTYD(14), socketid = 3, Proto = 6,

LA = ::->23, FA = ::->0, sndbuf = 8192, rcvbuf = 8192, sb_cc = 0, rb_cc = 0, socket option = SO_ACCEPTCONN SO_REUSEPORT SO_SENDVPNID, socket state = SS_PRIV SS_ASYNC

SOCK_DGRAM:

Task = AGNT(51), socketid = 2, Proto = 17,

LA = ::->161, FA = ::->0, sndbuf = 9216, rcvbuf = 42080, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEPORT, socket state = SS_PRIV SS_NBIO SS_ASYNC

Task = TRAP(52), socketid = 2, Proto = 17,

LA = ::->1024, FA = ::->0, sndbuf = 9216, rcvbuf = 42080, sb_cc = 0, rb_cc = 0, socket option =, socket state = SS_PRIV

SOCK_RAW:

Task = ROUT(86), socketid = 5, Proto = 89,

LA = ::, FA = ::, sndbuf = 262144, rcvbuf = 262144, sb_cc = 0, rb_cc = 0, socket option = SO_REUSEADDR, socket state = SS_PRIV SS_ASYNC

Table 37 Command output

Field Description

155

Field Description

SOCK_RAW Raw IP socket.

Task socketid

Proto

LA

FA sndbuf rcvbuf sb_cc rb_cc

Task name and ID of the created socket.

ID assigned by the kernel to the created socket.

Protocol type. For example, 6 indicates TCP and 17 indicates UDP.

Local address and local port number.

Remote address and remote port number.

Size of the send buffer.

Size of the receive buffer.

Number of bytes sent by the send buffer. socket option socket state

Number of bytes received by the receive buffer.

Socket option set by the application:

SO_ACCEPTCONN—Detects connection request at the server end.

SO_REUSEADDR—Allows for reuse of a local address.

SO_REUSEPORT—Allows for reuse of a local port.

SO_SENDVPNID—Enables sending of the VPN ID.

State of the socket.

display ipv6 statistics

Syntax display ipv6 statistics [ slot slot-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters slot slot-number: Displays the IPv6 and ICMPv6 packets statistics on a specific IRF member switch. The

slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

156

Description

Use display ipv6 statistics to display statistics of IPv6 packets and ICMPv6 packets.

You can use the reset ipv6 statistics command to clear all IPv6 and ICMPv6 packet statistics.

Examples

# Display the statistics of IPv6 packets and ICMPv6 packets.

<Sysname> display ipv6 statistics

IPv6 Protocol:

Sent packets:

Total: 0

Local sent out:

raw packets:

0 forwarded:

0 discarded:

routing failed: 0 fragments:

fragments failed: 0

Received packets:

Total: 0

local host:

format error:

0 hopcount exceeded: 0

0 option error: 0

protocol error:

reassembled:

0 fragments:

0 reassembly failed:

0

0

reassembly timeout: 0

ICMPv6 protocol:

0

0

0

Sent packets:

Total: 0

unreached: 0 too big: 0

hopcount exceeded: 0 reassembly timeout: 0

parameter problem: 0

echo request: 0 echo replied: 0

neighbor solicit: 0 neighbor advert: 0

router solicit:

redirected:

0 router advert: 0

0 router renumbering: 0

Send failed:

ratelimited:

Received packets:

Total: 0

checksum error:

bad code:

unreached:

0 too short:

0

0 too big:

0

0

hopcount exceeded: 0 reassembly timeout: 0

parameter problem: 0 unknown error type: 0

echo request: 0 echo replied: 0

neighbor solicit: 0 neighbor advert:

router solicit: 0 router advert:

0

0

157

redirected: 0 router renumbering: 0

unknown info type: 0

Deliver failed:

bad length: 0 ratelimited: 0

Table 38 Command output

Field Description

IPv6 Protocol: Statistics of IPv6 packets.

Sent packets:

Total: 0

Local sent out: 0 forwarded: 0

raw packets: 0 discarded:

routing failed: 0 fragments: 0

fragments failed: 0

0

Statistics of sent IPv6 packets:

Total number of packets sent and forwarded locally.

Number of packets sent locally.

Number of forwarded packets.

Number of packets sent via raw socket.

Number of discarded packets.

Number of packets failing to be routed.

Number of sent fragment packets.

Number of fragments failing to be sent.

Received packets:

Total: 0

local host: 0 hopcount exceeded: 0

format error: 0 option error:

protocol error:0 fragments:

reassembled: 0 reassembly failed: 0

reassembly timeout: 0

0

0

ICMPv6 protocol:

Statistics of received IPv6 packets:

Total number of received packets.

Number of packets received locally.

Number of packets exceeding the hop limit.

Number of packets in an incorrect format.

Number of packets with incorrect options.

Number of packets with incorrect protocol.

Number of received fragment packets.

Number of reassembled packets.

Number of packets failing to be reassembled.

Number of packets whose reassembly times out.

Statistics of ICMPv6 packets.

158

Field Description

Sent packets:

Total: 0

unreached: 0 too big: 0

hopcount exceeded: 0 reassembly timeout: 0

parameter problem: 0

echo request: 0 echo replied: 0

neighbor solicit: 0 neighbor advert: 0

router solicit: 0 router advert 0

redirected: 0 router renumbering: 0

Send failed:

ratelimited: 0 other errors: 0

Statistics of sent ICMPv6 packets:

Total number of sent packets.

Number of Destination Unreachable packets.

Number of Packet Too Big packets.

Number of Hop Limit Exceeded packets.

Number of Fragment Reassembly Time Exceeded packets.

Number of Parameter Problem packets.

Number of Echo Request packets.

Number of Echo Reply packets.

Number of neighbor solicitation packets.

Number of neighbor advertisement packets.

Number of router solicitation packets.

Number of router advertisement packets.

Number of Redirect packets.

Number of router renumber (RR) packets.

Number of packets failing to be sent due to rate limitation.

Number of packets with other errors.

Received packets:

Total: 0

checksum error: 0 too short: 0

bad code: 0

unreached: 0 too big: 0

hopcount exceeded: 0 reassembly timeout: 0

parameter problem: 0 unknown error type: 0

echo request: 0 echo replied: 0

neighbor solicit: 0 neighbor advert: 0

router solicit: 0 router advert 0

redirected: 0 router renumbering 0

unknown info type: 0

Deliver failed:

bad length: 0 ratelimited: 0

Statistics of received ICMPv6 packets:

Total number of received packets.

Number of packets with checksum errors.

Number of too small packets.

Number of packets with error codes.

Number of Destination Unreachable packets.

Number of Packet Too Big packets.

Number of Hop Limit Exceeded packets.

Number of Fragment Reassembly Times Exceeded packets.

Number of Parameter Problem packets.

Number of packets with unknown errors.

Number of Echo Request packets.

Number of Echo Reply packets.

Number of neighbor solicitation messages.

Number of neighbor advertisement packets.

Number of router solicitation packets.

Number of router advertisement packets.

Number of Redirect packets.

Number of RR packets.

Number of unknown type of packets.

Number of packets with a incorrect size.

Number of packets failing to be received due to rate limitation.

159

display tcp ipv6 statistics

Syntax display tcp ipv6 statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display tcp ipv6 statistics to display IPv6 TCP connection statistics.

You can use the reset tcp ipv6 statistics command to clear statistics of all IPv6 TCP packets.

Examples

# Display the statistics of IPv6 TCP connections.

<Sysname> display tcp ipv6 statistics

Received packets:

Total: 0

packets in sequence: 0 (0 bytes)

window probe packets: 0, window update packets: 0

checksum error: 0, offset error: 0, short error: 0

duplicate packets: 0 (0 bytes), partially duplicate packets: 0 (0 bytes)

out-of-order packets: 0 (0 bytes)

packets with data after window: 0 (0 bytes)

packets after close: 0

ACK packets: 0 (0 bytes)

duplicate ACK packets: 0, too much ACK packets: 0

Sent packets:

Total: 0

urgent packets: 0

control packets: 0 (including 0 RST)

window probe packets: 0, window update packets: 0

data packets: 0 (0 bytes) data packets retransmitted: 0 (0 bytes)

ACK only packets: 0 (0 delayed)

160

Retransmitted timeout: 0, connections dropped in retransmitted timeout: 0

Keepalive timeout: 0, keepalive probe: 0, Keepalive timeout, so connections disconnected :

0

Initiated connections: 0, accepted connections: 0, established connections: 0

Closed connections: 0 (dropped: 0, initiated dropped: 0)

Packets dropped with MD5 authentication: 0

Packets permitted with MD5 authentication: 0

Table 39 Command output

Field Description

Received packets:

Total: 0

packets in sequence:

window probe packets: 0

window update packets: 0

checksum error:

offset error:

short error:

0 (0 bytes)

0

0

0

duplicate packets: 0 (0 bytes), partially duplicate packets: 0 (0 bytes)

out-of-order packets: 0 (0 bytes)

packets with data after window: 0 (0 bytes)

packets after close: 0

ACK packets: 0 (0 bytes)

duplicate ACK packets: 0

too much ACK packets: 0

Statistics of received packets:

Total number of received packets

Number of packets received in sequence

Number of window probe packets

Number of window size update packets

Number of packets with checksum errors

Number of packets with offset errors

Number of packets whose total length is less than specified by the packet header

Number of duplicate packets

Number of partially duplicate packets

Number of out-of-order packets

Number of packets exceeding the size of the receiving window

Number of packets received after the connection is closed

Number of ACK packets

Number of duplicate ACK packets

Number of excessive ACK packets

Sent packets:

Total: 0

urgent packets: 0

control packets: 0 (including 0 RST)

window probe packets: 0

window update packets: 0

data packets: 0 (0 bytes) data

packets retransmitted: 0 (0 bytes)

ACK only packets: 0 (0 delayed)

Statistics of sent packets:

Total number of packets

Number of packets containing an urgent indicator

Number of control packets

Number of window probe packets

Number of window update packets

Number of data packets

Number of retransmitted packets

Number of ACK packets

Retransmitted timeout connections dropped in retransmitted timeout

Keepalive timeout

Number of packets whose retransmission times out

Number of connections dropped because of retransmission timeout

Number of keepalive timeouts

161

Field Description keepalive probe Number of keepalive probes

Keepalive timeout, so connections disconnected

Initiated connections accepted connections established connections

Closed connections dropped initiated dropped

Packets dropped with MD5 authentication

Packets permitted with MD5 authentication

Number of connections dropped because of keepalive response timeout

Number of initiated connections

Number of accepted connections

Number of established connections

Number of closed connections

Number of dropped connections (after SYN is received from the peer)

Number of initiated but dropped connections (before

SYN is received from the peer)

Number of packets that fail the MD5 authentication and are dropped

Number of packets that pass the MD5 authentication

display tcp ipv6 status

Syntax display tcp ipv6 status [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display tcp ipv6 status to display the IPv6 TCP connection status, including the IPv6 TCP control block address, local and peer IPv6 addresses, and status of the IPv6 TCP connection.

Examples

# Display the IPv6 TCP connection status.

<Sysname> display tcp ipv6 status

*: TCP6 MD5 Connection

TCP6CB Local Address Foreign Address State

045d8074 ::->21 ::->0 Listening

162

Table 40 Command output

Field Description

*: TCP6 MD5 Connection

The asterisk (*) indicates that the TCP6 connection is secured with

MD5 authentication.

TCP6CB IPv6 TCP control block address (hexadecimal).

Local Address

Foreign Address

State

Local IPv6 address.

Remote IPv6 address.

IPv6 TCP connection status:

Closed.

Listening.

Syn_Sent.

Syn_Rcvd.

Established.

Close_Wait.

Fin_Wait1.

Closing.

Last_Ack.

Fin_Wait2.

Time_Wait.

display udp ipv6 statistics

Syntax display udp ipv6 statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display udp ipv6 statistics to display the statistics of IPv6 UDP packets.

You can use the reset udp ipv6 statistics command to clear the statistics of all IPv6 UDP packets.

Examples

# Display the statistics of IPv6 UDP packets.

163

<Sysname> display udp ipv6 statistics

Received packets:

Total: 0

checksum error: 0

shorter than header: 0, data length larger than packet: 0

unicast(no socket on port): 0

broadcast/multicast(no socket on port): 0

not delivered, input socket full: 0

input packets missing pcb cache: 0

Sent packets:

Total: 0

Table 41 Command output

Field Description

Total Total number of received/sent packets checksum error Total number of packets with a checksum error shorter than header data length larger than packet unicast(no socket on port) broadcast/multicast(no socket on port) not delivered, input socket full input packet missing pcb cache

Total number of IPv6 UDP packets whose total length is less than that specified by the packet header

Total number of packets whose data length exceeds that specified by the packet header

Total number of received unicast packets without any socket

Total number of received broadcast/multicast packets without any socket

Number of packets not handled because of the receive buffer being full

Number of packets failing to match the protocol control block

(PCB) cache

ipv6

Syntax ipv6 undo ipv6

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 to enable IPv6.

Use undo ipv6 to disable IPv6.

164

By default, IPv6 is disabled.

Examples

# Enable IPv6.

<Sysname> system-view

[Sysname] ipv6

ipv6 address

Syntax ipv6 address { ipv6-address prefix-length | ipv6-address/prefix-length } undo ipv6 address [ ipv6-address prefix-length | ipv6-address/prefix-length ]

View

Interface view

Default level

2: System level

Parameters

ipv6-address: Specifies the IPv6 address.

prefix-length: Specifies the prefix length of the IPv6 address, in the range of 1 to 128.

Description

Use ipv6 address to configure an IPv6 global unicast address for an interface.

Use undo ipv6 address to remove the IPv6 address from the interface.

By default, no global unicast address is configured for an interface.

Except for the link-local address automatically obtained and the link-local address generated through stateless autoconfiguration, all IPv6 addresses will be removed from the interface if the undo ipv6 address command is executed without any parameter specified.

Examples

# Set the global IPv6 unicast address of VLAN-interface 100 to 2001::1 with prefix length 64.

Method 1:

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address 2001::1/64

Method 2:

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address 2001::1 64

ipv6 address anycast

Syntax ipv6 address ipv6-address/prefix-length anycast undo ipv6 address ipv6-address/prefix-length anycast

165

View

Interface view

Default level

2: System level

Parameters

ipv6-address/prefix-length: Specifies an IPv6 anycast address and its prefix length. The prefix length ranges 1 to 128.

Description

Use ipv6 address anycast to configure an IPv6 anycast address for an interface.

Use undo ipv6 address anycast to remove the IPv6 anycast address from the interface.

By default, no IPv6 anycast address is configured for an interface.

Examples

# Set the IPv6 anycast address of VLAN-interface 100 to 2001::1 with prefix length 64.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address 2001::1/64 anycast

ipv6 address auto

Syntax ipv6 address auto undo ipv6 address auto

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 address auto to enable the stateless address autoconfiguration function on the interface. With this function enabled, the interface can automatically generate a global unicast address.

Use undo ipv6 address auto to disable this function.

The stateless address autoconfiguration function is disabled by default.

After a global unicast address is generated through stateless autoconfiguration, a link-local address is generated automatically, which can be removed only by executing the undo ipv6 address auto command.

Examples

# Enable stateless address autoconfiguration on VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

166

[Sysname-Vlan-interface100] ipv6 address auto

ipv6 address auto link-local

Syntax ipv6 address auto link-local undo ipv6 address auto link-local

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 address auto link-local to automatically generate a link-local address for an interface.

Use undo ipv6 address auto link-local to remove the automatically generated link-local address for the interface.

By default, no link-local address is configured on an interface, and a link-local address will be automatically generated after a global IPv6 unicast address is configured for the interface.

After an IPv6 global unicast address is configured for an interface, a link-local address is generated automatically. The automatically generated link-local address is the same as the one generated by using the ipv6 address auto link-local command.

The undo ipv6 address auto link-local command can only remove the link-local addresses generated through the ipv6 address auto link-local command. After the undo ipv6 address auto link-local command is used on an interface that has an IPv6 global unicast address configured, the interface still has a link-local address. If the interface has no IPv6 global unicast address configured, it will have no link-local address.

Manual assignment takes precedence over automatic generation. If you first adopt automatic generation and then manual assignment, the manually assigned link-local address will overwrite the automatically generated address. If you first use manual assignment and then automatic generation, the automatically generated link-local address will not take effect and the link-local address of an interface is still the manually assigned address. If you delete the manually assigned address, the automatically generated link-local address is validated. For more information about manual assignment of an IPv6 link-local address, see the ipv6 address link-local command.

Examples

# Configure VLAN-interface 100 to automatically generate a link-local address.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address auto link-local

ipv6 address eui-64

Syntax ipv6 address ipv6-address/prefix-length eui-64

167

undo ipv6 address ipv6-address/prefix-length eui-64

View

Interface view

Default level

2: System level

Parameters

ipv6-address/prefix-length: IPv6 address and IPv6 prefix. The ipv6-address and prefix-length arguments jointly specify the prefix of an EUI-64 IPv6 address.

Description

Use ipv6 address eui-64 to configure an EUI-64 IPv6 address for an interface.

Use undo ipv6 address eui-64 to remove the configured EUI-64 IPv6 address for the interface.

By default, no EUI-64 IPv6 address is configured for an interface.

An EUI-64 IPv6 address is generated based on the specified prefix and the automatically generated interface identifier and is displayed by using the display ipv6 interface command.

The prefix length of an EUI-64 IPv6 address cannot be greater than 64.

Examples

# Configure an EUI-64 IPv6 address for VLAN-interface 100. The prefix length of the address is the same as that of 2001::1/64, and the interface ID is generated based on the MAC address of the device.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address 2001::1/64 eui-64

ipv6 address link-local

Syntax ipv6 address ipv6-address link-local undo ipv6 address ipv6-address link-local

View

Interface view

Default level

2: System level

Parameters

ipv6-address: IPv6 link-local address. The first 10 bits of an address must be 1111111010 (binary). The first group of hexadecimals in the address must be FE80 to FEBF.

Description

Use ipv6 address link-local to configure a link-local address for the interface.

Use undo ipv6 address link-local to remove the configured link-local address for the interface.

Manual assignment takes precedence over automatic generation. If you first adopt automatic generation and then manual assignment, the manually assigned link-local address will overwrite the automatically generated one. If you first adopt manual assignment and then automatic generation, the automatically

168

generated link-local address will not take effect and the link-local address of an interface is still the manually assigned one. If you delete the manually assigned address, the automatically generated link-local address is validated. For automatic generation of an IPv6 link-local address, see the ipv6 address auto link-local command.

Examples

# Configure a link-local address for VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 address fe80::1 link-local

ipv6 hoplimit-expires enable

Syntax ipv6 hoplimit-expires enable undo ipv6 hoplimit-expires

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 hoplimit-expires enable to enable the sending of ICMPv6 Time Exceeded packets.

Use undo ipv6 hoplimit-expires to disable the sending of ICMPv6 Time Exceeded packets.

By default, the sending of ICMPv6 Time Exceeded packets is enabled.

After you disable the sending of ICMPv6 Time Exceeded packets, the device will still send Fragment

Reassembly Time Exceeded packets.

Examples

# Disable the sending of ICMPv6 Time Exceeded packets.

<Sysname> system-view

[Sysname] undo ipv6 hoplimit-expires

ipv6 icmp-error

Syntax ipv6 icmp-error { bucket bucket-size | ratelimit interval } * undo ipv6 icmp-error

View

System view

Default level

2: System level

169

Parameters bucket bucket-size: Number of tokens in the token bucket, in the range of 1 to 200. ratelimit interval: Update period of the token bucket in milliseconds, in the range of 0 to 2,147,483,647.

The update period "0" indicates that the number of ICMPv6 error packets sent is not restricted.

Description

Use ipv6 icmp-error to configure the size and update period of the token bucket.

Use undo ipv6 icmp-error to restore the defaults.

By default, the size is 10 and the update period is 100 milliseconds. A maximum of 10 ICMPv6 error packets can be sent within 100 milliseconds.

Examples

# Set the capacity of the token bucket to 50 and the update period to 100 milliseconds.

<Sysname> system-view

[Sysname] ipv6 icmp-error bucket 50 ratelimit 100

ipv6 icmpv6 multicast-echo-reply enable

Syntax ipv6 icmpv6 multicast-echo-reply enable undo ipv6 icmpv6 multicast-echo-reply

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 icmpv6 multicast-echo-reply enable to enable replying to multicast echo requests.

Use undo ipv6 icmpv6 multicast-echo-reply to disable replying to multicast echo requests.

By default, the device is disabled from replying to multicast echo requests.

Examples

# Enable replying to multicast echo requests.

<Sysname> system-view

[Sysname] ipv6 icmpv6 multicast-echo-reply enable

ipv6 nd autoconfig managed-address-flag

Syntax ipv6 nd autoconfig managed-address-flag undo ipv6 nd autoconfig managed-address-flag

170

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd autoconfig managed-address-flag to set the managed address configuration (M) flag to 1 so that the host can acquire an IPv6 address through stateful autoconfiguration (for example, from a

DHCP server).

Use undo ipv6 nd autoconfig managed-address-flag to restore the default.

By default, the M flag is set to 0 so that the host can acquire an IPv6 address through stateless autoconfiguration.

Examples

# Configure the host to acquire an IPv6 address through stateful autoconfiguration.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd autoconfig managed-address-flag

ipv6 nd autoconfig other-flag

Syntax ipv6 nd autoconfig other-flag undo ipv6 nd autoconfig other-flag

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd autoconfig other-flag to set the other stateful configuration flag (O) to 1 so that the host can acquire information other than IPv6 address through stateful autoconfiguration (for example, from a

DHCP server).

Use undo ipv6 nd autoconfig other-flag to restore the default.

By default, the O flag is set to 0 so that the host can acquire other information through stateless autoconfiguration.

Examples

# Configure the host to acquire information other than IPv6 address through stateless autoconfiguration.

<Sysname> system-view

[Sysname] interface vlan-interface 100

171

[Sysname-Vlan-interface100] undo ipv6 nd autoconfig other-flag

ipv6 nd dad attempts

Syntax ipv6 nd dad attempts value undo ipv6 nd dad attempts

View

Interface view

Default level

2: System level

Parameters

value: Specifies the number of attempts to send an NS message for DAD, in the range of 0 to 600. The default value is 1. When it is set to 0, DAD is disabled.

Description

Use ipv6 nd dad attempts to configure the number of attempts to send an NS message for DAD.

Use undo ipv6 nd dad attempts to restore the default.

By default, the number of attempts to send an NS message for DAD is 1.

Related commands: display ipv6 interface.

Examples

# Set the number of attempts to send an NS message for DAD to 20.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd dad attempts 20

ipv6 nd hop-limit

Syntax ipv6 nd hop-limit value undo ipv6 nd hop-limit

View

System view

Default level

2: System level

Parameters

value: Specifies the number of hops, in the range of 0 to 255. When it is set to 0, the Hop Limit field in

RA messages sent by the device is 0. The number of hops is determined by the requesting device itself.

Description

Use ipv6 nd hop-limit to configure the hop limit advertised by the device.

Use undo ipv6 nd hop-limit to restore the default hop limit.

172

By default, the hop limit advertised by the device is 64.

Examples

# Set the hop limit advertised by the device to 100.

<Sysname> system-view

[Sysname] ipv6 nd hop-limit 100

ipv6 nd ns retrans-timer

Syntax ipv6 nd ns retrans-timer value undo ipv6 nd ns retrans-timer

View

Interface view

Default level

2: System level

Parameters

value: Specifies the interval for retransmitting an NS message in milliseconds, in the range of 1000 to

4294967295.

Description

Use ipv6 nd ns retrans-timer to set the interval for retransmitting an NS message. The local interface retransmits an NS message at intervals of this value. Furthermore, the Retrans Timer field in RA messages sent by the local interface is equal to this value.

Use undo ipv6 nd ns retrans-timer to restore the default.

By default, the local interface sends NS messages at an interval of 1000 millisecond and the Retrans

Timer field in the RA messages sent is 0, so that the interval for retransmitting an NS message is determined by the receiving device.

Related commands: display ipv6 interface.

Examples

# Specify VLAN-interface 100 to retransmit NS messages at intervals of 10,000 milliseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ns retrans-timer 10000

ipv6 nd nud reachable-time

Syntax ipv6 nd nud reachable-time value undo ipv6 nd nud reachable-time

View

Interface view

173

Default level

2: System level

Parameters

value: Specifies the neighbor reachable time in milliseconds, in the range of 1 to 3600000.

Description

Use ipv6 nd nud reachable-time to configure the neighbor reachable time on an interface. This time value serves as not only the neighbor reachable time on the local interface, but also the value of the

Reachable Time field in RA messages sent by the local interface.

Use undo ipv6 nd nud reachable-time to restore the default.

By default, the neighbor reachable time on the local interface is 30000 milliseconds and the value of the

Reachable Time field in RA messages is 0, so that the reachable time is determined by the receiving device.

Related commands: display ipv6 interface.

Examples

# Set the neighbor reachable time on VLAN-interface 100 to 10,000 milliseconds.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd nud reachable-time 10000

ipv6 nd ra halt

Syntax ipv6 nd ra halt undo ipv6 nd ra halt

View

Interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd ra halt to enable RA message suppression.

Use undo ipv6 nd ra halt to disable RA message suppression.

By default, RA messages are suppressed.

Examples

# Suppress RA messages on VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ra halt

174

ipv6 nd ra interval

Syntax ipv6 nd ra interval max-interval-value min-interval-value undo ipv6 nd ra interval

View

Interface view

Default level

2: System level

Parameters

max-interval-value: Specifies the maximum interval for advertising RA messages in seconds, in the range of 4 to 1800.

min-interval-value: Specifies the minimum interval for advertising RA messages in seconds, in the range of 3 to 1350.

Description

Use ipv6 nd ra interval to set the maximum and minimum intervals for advertising RA messages. The device advertises RA messages at intervals of a random value between the maximum interval and the minimum interval.

Use undo ipv6 nd ra interval to restore the default.

By default, the maximum interval between RA messages is 600 seconds, and the minimum interval is

200 seconds.

The minimum interval should be three-fourths of the maximum interval or less.

The maximum interval for sending RA messages should be less than or equal to the router lifetime in RA messages.

Examples

# Set the maximum interval for advertising RA messages to 1,000 seconds and the minimum interval to

700 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ra interval 1000 700

ipv6 nd ra no-advlinkmtu

Syntax ipv6 nd ra no-advlinkmtu undo ipv6 nd ra no-advlinkmtu

View

Interface view

Default level

2: System level

175

Parameters

None

Description

Use ipv6 nd ra no-advlinkmtu to turn off the MTU option in RA messages.

Use undo ipv6 nd ra no-advlinkmtu to restore the default.

By default, RA messages contain the MTU option.

Examples

# Turn off the MTU option in RA messages on VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ra no-advlinkmtu

ipv6 nd ra prefix

Syntax ipv6 nd ra prefix { ipv6-prefix prefix-length | ipv6-prefix/prefix-length } valid-lifetime preferred-lifetime

[ no-autoconfig | off-link ] * undo ipv6 nd ra prefix { ipv6-prefix | ipv6-prefix/prefix-length }

View

Interface view

Default level

2: System level

Parameters

ipv6-prefix: Specifies the IPv6 prefix.

prefix-length: Specifies the prefix length of the IPv6 address.

valid-lifetime: Specifies the valid lifetime of a prefix in seconds, in the range of 0 to 4294967295.

preferred-lifetime: Specifies the preferred lifetime of a prefix used for stateless autoconfiguration in seconds, in the range of 0 to 4294967295. no-autoconfig: Specifies a prefix not to be used for stateless autoconfiguration. If this keyword is not provided, the prefix is used for stateless autoconfiguration. off-link: Indicates that the address with the prefix is not directly reachable on the link. If this keyword is not provided, the address with the prefix is directly reachable on the link.

Description

Use ipv6 nd ra prefix to configure the prefix information in RA messages.

Use undo ipv6 nd ra prefix to remove the prefix information from RA messages.

By default, no prefix information is configured in RA messages and the IPv6 address of the interface sending RA messages is used as the prefix information with valid lifetime 2592000 seconds (30 days) and preferred lifetime 604800 seconds (seven days).

Examples

# Configure the prefix information for RA messages on VLAN-interface 100.

176

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ra prefix 2001:10::100/64 100 10

ipv6 nd ra router-lifetime

Syntax ipv6 nd ra router-lifetime value undo ipv6 nd ra router-lifetime

View

Interface view

Default level

2: System level

Parameters

value: Specifies the router lifetime in seconds, in the range of 0 to 9000. When it is set to 0, the device does not serve as the default router.

Description

Use ipv6 nd ra router-lifetime to configure the router lifetime in RA messages.

Use undo ipv6 nd ra router-lifetime to restore the default.

By default, the router lifetime in RA messages is 1800 seconds.

The router lifetime in RA messages should be greater than or equal to the advertising interval.

Examples

# Set the router lifetime in RA messages on VLAN-interface 100 to 1000 seconds.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 nd ra router-lifetime 1000

ipv6 nd snooping enable

Syntax ipv6 nd snooping enable undo ipv6 nd snooping enable

View

VLAN view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd snooping enable to enable ND snooping.

177

Use undo ipv6 nd snooping enable to restore the default.

By default, ND snooping is disabled.

Examples

# Enable ND snooping for VLAN 1.

<Sysname> system-view

[Sysname] vlan 1

[Sysname-vlan1] ipv6 nd snooping enable

ipv6 nd snooping enable global

Syntax ipv6 nd snooping enable global undo ipv6 nd snooping enable global

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd snooping enable global to enable ND snooping based on global unicast addresses (the devices use DAD NS messages containing global unicast addresses to create ND snooping entries).

Use undo ipv6 nd snooping enable global to restore the default.

By default, ND snooping based on global unicast addresses is disabled.

Examples

# Enable ND snooping based on global unicast addresses.

<Sysname> system-view

[Sysname] ipv6 nd snooping enable global

ipv6 nd snooping enable link-local

Syntax ipv6 nd snooping enable link-local undo ipv6 nd snooping enable link-local

View

System view

Default level

2: System level

Parameters

None

178

Description

Use ipv6 nd snooping enable link-local to enable ND snooping based on link local addresses (the devices use DAD NS messages containing link local addresses to create ND snooping entries).

Use undo ipv6 nd snooping enable link-local to restore the default.

By default, ND snooping based on link local addresses is disabled.

Examples

# Enable ND snooping based on link local addresses.

<Sysname> system-view

[Sysname] ipv6 nd snooping enable link-local

ipv6 nd snooping max-learning-num

Syntax ipv6 nd snooping max-learning-num number undo ipv6 nd snooping max-learning-num

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

number: Specifies the maximum number of ND snooping entries that can be learned by the interface.

On the HP 3600 v2 EI switch series, the number argument ranges from 0 to 4096.

On the HP 3600 v2 SI switch series, the number argument ranges from 0 to 1024.

Description

Use ipv6 nd snooping max-learning-num to configure the maximum number of ND snooping entries that can be learned on the interface.

Use undo ipv6 nd snooping max-learning-num to restore the default.

By default, the number of ND snooping entries that an interface can learn is not limited.

Examples

# Set the maximum number of ND snooping entries that can be learned on Layer 2 Ethernet port Ethernet

1/0/1 to 1000.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 nd snooping max-learning-num 1000

# Set the maximum number of ND snooping entries that can be learned on Layer 2 aggregate interface

1 to 1000.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] ipv6 nd snooping max-learning-num 1000

179

ipv6 nd snooping uplink

Syntax ipv6 nd snooping uplink undo ipv6 nd snooping uplink

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 nd snooping uplink to configure the interface as an uplink interface and disable it from learning

ND snooping entries.

Use undo ipv6 nd snooping uplink to restore the default.

By default, when ND snooping is enabled on the device, an interface is allowed to learn ND snooping entries.

Examples

# Configure Layer 2 Ethernet port Ethernet 1/0/1 as an uplink interface and disable it from learning ND snooping entries.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 nd snooping uplink

# Configure Layer 2 aggregate interface Bridge-Aggregation 1 as an uplink interface and disable it form learning ND snooping entries.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] ipv6 nd snooping uplink

ipv6 neighbor

Syntax ipv6 neighbor ipv6-address mac-address { vlan-id port-type port-number | interface interface-type

interface-number } [ vpn-instance vpn-instance-name ] undo ipv6 neighbor ipv6-address interface-type interface-number undo ipv6 neighbor ipv6-address mac-address { vlan-id port-type port-number | interface interface-type

interface-number } [ vpn-instance vpn-instance-name ]

View

System view

Default level

2: System level

180

Parameters

ipv6-address: Specifies the IPv6 address of the static neighbor entry.

mac-address: Specifies the MAC address of the static neighbor entry (48 bits long, in the format of

H-H-H).

vlan-id: Specifies the VLAN ID of the static neighbor entry, in the range of 1 to 4094.

port-type port-number: Specifies a Layer 2 port of the static neighbor entry by its type and number . interface interface-type interface-number: Specifies a Layer 3 interface of the static neighbor entry by its type and number. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN that the static neighbor entry belongs to. The

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the static neighbor entry is for the public network, do not specify this option.

Description

Use ipv6 neighbor to configure a static neighbor entry.

Use undo ipv6 neighbor to remove a static neighbor entry.

You can use a Layer 3 VLAN interface or a Layer 2 port in the VLAN to configure a static neighbor entry.

If the first method is used, the neighbor entry is in INCMP state. After the device obtains the corresponding Layer 2 port information, the neighbor entry will go into REACH state.

If the second method is used, the corresponding VLAN interface must exist and the port specified by

port-type port-number must belong to the VLAN specified by vlan-id. After the static neighbor entry is configured, the device will relate the VLAN interface with the IPv6 address to identify the static neighbor entry uniquely and the entry will be in REACH state.

To remove a static neighbor entry, you only need to specify the corresponding VLAN interface and the neighbor address.

Related commands: display ipv6 neighbors.

Examples

# Configure a static neighbor entry for Layer 2 port Ethernet 1/0/1 of VLAN 100.

<Sysname> system-view

[Sysname] ipv6 neighbor 2000::1 fe-e0-89 100 Ethernet 1/0/1

ipv6 neighbor stale-aging

Syntax ipv6 neighbor stale-aging aging-time undo ipv6 neighbor stale-aging

View

System view

Default level

2: System level

Parameters

aging-time: Age timer for ND entries in stale state, in the range of 1 to 24 hours.

181

Description

Use ipv6 neighbor stale-aging to set the age timer for ND entries in stale state.

Use undo ipv6 neighbor stale-aging to restore the default.

By default, the age timer for ND entries in stale state is four hours.

Examples

# Set the age timer for ND entries in stale state to two hours.

<Sysname> system-view

[Sysname] ipv6 neighbor stale-aging 2

ipv6 neighbors max-learning-num

Syntax ipv6 neighbors max-learning-num number undo ipv6 neighbors max-learning-num

View

Layer 2 Ethernet port view, Layer 3 Ethernet port view, VLAN interface view, Layer 2 aggregate interface view, Layer 3 aggregate interface view

Default level

2: System level

Parameters

number: Maximum number of neighbors that can be dynamically learned by the interface.

On the HP 3600 v2 EI switch series, the number argument ranges from 1 to 4096.

On the HP 3600 v2 SI switch series, the number argument ranges from 1 to 1024.

Description

Use ipv6 neighbors max-learning-num to configure the maximum number of neighbors that can be dynamically learned on the interface.

Use undo ipv6 neighbors max-learning-num to restore the default.

By default, a Layer 2 interface does not limit the number of neighbors dynamically learned. A Layer 3 interface on the HP 3600 v2 EI switch series can learn up to 4096 neighbors dynamically. A Layer 3 interface on the HP 3600 v2 SI switch series can learn up to 1024 neighbors dynamically.

Examples

# Set the maximum number of neighbors that can be dynamically learned on VLAN-interface 100 to 10.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] ipv6 neighbors max-learning-num 10

ipv6 pathmtu

Syntax ipv6 pathmtu [ vpn-instance vpn-instance-name ] ipv6-address [ value ] undo ipv6 pathmtu [ vpn-instance vpn-instance-name ] ipv6-address

182

View

System view

Default level

2: System level

Parameters vpn-instance vpn-instance-name: Specifies the MPLS L3VPN that the path MTU belongs to. The

vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the path MTU is for the public network, do not specify this option.

ipv6-address: IPv6 address.

value: Path MTU of a specific IPv6 address, in the range of 1280 to 10000 bytes.

Description

Use ipv6 pathmtu to configure a static path MTU for a specific IPv6 address.

Use undo ipv6 pathmtu to remove the path MTU configuration for a specific IPv6 address.

By default, no static path MTU is configured.

Examples

# Configure a static path MTU for a specific IPv6 address.

<Sysname> system-view

[Sysname] ipv6 pathmtu fe80::12 1300

ipv6 pathmtu age

Syntax ipv6 pathmtu age age-time undo ipv6 pathmtu age

View

System view

Default level

2: System level

Parameters

age-time: Specifies the aging time for path MTU in minutes, in the range of 10 to 100.

Description

Use ipv6 pathmtu age to configure the aging time for a dynamic path MTU.

Use undo ipv6 pathmtu age to restore the default.

By default, the aging time is 10 minutes.

The aging time is invalid for a static path MTU.

Related commands: display ipv6 pathmtu.

Examples

# Set the aging time for a dynamic path MTU to 40 minutes.

<Sysname> system-view

183

[Sysname] ipv6 pathmtu age 40

ipv6 prefer temporary-address

Syntax ipv6 prefer temporary-address [ valid-lifetime preferred-lifetime ] undo ipv6 prefer temporary-address

View

System view

Default level

2: System level

Parameters

valid-lifetime: Specifies the valid lifetime of temporary IPv6 addresses in seconds, in the range of 600 to

4294967295. The default valid lifetime is 604800 seconds, that is, seven days.

preferred-lifetime: Specifies the preferred lifetime of temporary IPv6 addresses in seconds, in the range of 600 to 4294967295. The default valid lifetime is 86400 seconds, that is, one day.

Description

Use ipv6 prefer temporary-address to configure the system to generate and preferably use the temporary

IPv6 address of the sending interface as the source address of the packet to be sent.

Use undo ipv6 prefer temporary-address to disable the system from generating temporary IPv6 addresses and remove existing temporary IPv6 addresses.

By default, the system does not generate or use any temporary IPv6 address.

Configure the valid lifetime greater than (or equal to) the preferred lifetime.

Enable stateless address autoconfiguration before configuring this function.

The preferred lifetime of a temporary IPv6 address takes the value of the preferred lifetime of the address prefix, or the value of the preferred lifetime you configure for temporary IPv6 addresses minus DESYNC_FACTOR (which is a random number ranging 0 to 600, in seconds), whichever is smaller.

The valid lifetime of a temporary IPv6 address takes the value of the valid lifetime of the address prefix, or the value of the valid lifetime you configure for temporary IPv6 addresses, whichever is smaller.

Examples

# Configure the system to generate and preferably use the temporary IPv6 address of the sending interface as the source address of the packet to be sent.

<Sysname> system-view

[Sysname] ipv6 prefer temporary-address

ipv6 unreachables enable

Syntax ipv6 unreachables enable undo ipv6 unreachables

184

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 unreachables enable to enable sending of ICMPv6 destination unreachable packets.

Use undo ipv6 unreachables to disable sending of ICMPv6 destination unreachable packets.

By default, sending of ICMPv6 destination unreachable packets is disabled.

Examples

# Enable sending of ICMPv6 destination unreachable packets.

<Sysname> system-view

[Sysname] ipv6 unreachables enable

local-proxy-nd enable

Syntax local-proxy-nd enable undo local-proxy-nd enable

View

VLAN interface view, Layer 3 Ethernet port view

Default level

2: System level

Parameters

None

Description

Use local-proxy-nd enable to enable local ND proxy.

Use undo local-proxy-nd enable to restore the default.

By default, local ND proxy is disabled.

Examples

# Enable local ND proxy on VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] local-proxy-nd enable

proxy-nd enable

Syntax proxy-nd enable

185

undo proxy-nd enable

View

VLAN interface view, Layer 3 Ethernet port view

Default level

2: System level

Parameters

None

Description

Use proxy-nd enable to enable ND proxy.

Use undo proxy-nd enable to restore the default.

By default, ND proxy is disabled.

Examples

# Enable ND proxy on VLAN-interface 100.

<Sysname> system-view

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] proxy-nd enable

reset ipv6 nd snooping

Syntax reset ipv6 nd snooping [ ipv6-address | vlan vlan-id ]

View

User view

Default level

2: System level

Parameters

ipv6-address: Clears the ND snooping entries of the specified IPv6 address. vlan vlan-id: Clears the ND snooping entries of the specified VLAN. The VLAN ID ranges 1 to 4094.

Description

Use reset ipv6 nd snooping to clear ND snooping entries.

If no parameter is specified, this command clears all ND snooping entries.

Examples

# Clear all ND snooping entries on VLAN 1.

<Sysname> reset ipv6 nd snooping vlan 1

reset ipv6 neighbors

Syntax reset ipv6 neighbors { all | dynamic | interface interface-type interface-number | slot slot-number | static }

186

View

User view

Default level

2: System level

Parameters all: Clears static and dynamic neighbor information on all interfaces. dynamic: Clears dynamic neighbor information on all interfaces. interface interface-type interface-number: Clears dynamic neighbor information on a specific interface. slot slot-number: Clears dynamic neighbor information on a specific IRF member switch. The slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device. static: Clears static neighbor information on all interfaces.

Description

Use reset ipv6 neighbors to clear IPv6 neighbor information.

You can use the display ipv6 neighbors command to display the current IPv6 neighbor information.

Examples

# Clear neighbor information on all interfaces.

<Sysname> reset ipv6 neighbors all

# Clear dynamic neighbor information on all interfaces.

<Sysname> reset ipv6 neighbors dynamic

# Clear all neighbor information on Ethernet 1/0/1.

<Sysname> reset ipv6 neighbors interface Ethernet 1/0/1

reset ipv6 pathmtu

Syntax reset ipv6 pathmtu { all | static | dynamic }

View

User view

Default level

2: System level

Parameters all: Clears all path MTUs. static: Clears all static path MTUs. dynamic: Clears all dynamic path MTUs.

Description

Use reset ipv6 pathmtu to clear the path MTU information.

187

Examples

# Clear all path MTUs.

<Sysname> reset ipv6 pathmtu all

reset ipv6 statistics

Syntax reset ipv6 statistics [ slot slot-number ]

View

User view

Default level

1: Monitor level

Parameters slot slot-number: Clears the IPv6 and ICMPv6 packets statistics on a specific IRF member switch. The

slot-number argument specifies the ID of an IRF member switch. The value range for the argument depends on the number of member switches and their member IDs in the IRF fabric, which you can display with the display irf command. On a standalone device, the slot-number argument specifies the ID of the device.

Description

Use reset ipv6 statistics to clear the statistics of IPv6 packets and ICMPv6 packets.

You can use the display ipv6 statistics command to display the statistics of IPv6 and ICMPv6 packets.

Examples

# Clear the statistics of IPv6 packets and ICMPv6 packets.

<Sysname> reset ipv6 statistics

reset tcp ipv6 statistics

Syntax reset tcp ipv6 statistics

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset tcp ipv6 statistics to clear the statistics of all IPv6 TCP connections.

You can use the display tcp ipv6 statistics command to display the statistics of IPv6 TCP connections.

Examples

# Clear the statistics of all IPv6 TCP connections.

<Sysname> reset tcp ipv6 statistics

188

reset udp ipv6 statistics

Syntax reset udp ipv6 statistics

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset udp ipv6 statistics to clear the statistics of all IPv6 UDP packets.

You can use the display udp ipv6 statistics command to display the statistics of IPv6 UDP packets.

Examples

# Clear the statistics of all IPv6 UDP packets.

<Sysname> reset udp ipv6 statistics

tcp ipv6 timer fin-timeout

Syntax tcp ipv6 timer fin-timeout wait-time undo tcp ipv6 timer fin-timeout

View

System view

Default level

2: System level

Parameters

wait-time: Specifies the finwait timer for IPv6 TCP connections in seconds, in the range of 76 to 3600.

Description

Use tcp ipv6 timer fin-timeout to set the finwait timer for IPv6 TCP connections.

Use undo tcp ipv6 timer fin-timeout to restore the default.

By default, the length of the finwait timer is 675 seconds.

Examples

# Set the finwait timer length of IPv6 TCP connections to 800 seconds.

<Sysname> system-view

[Sysname] tcp ipv6 timer fin-timeout 800

189

tcp ipv6 timer syn-timeout

Syntax tcp ipv6 timer syn-timeout wait-time undo tcp ipv6 timer syn-timeout

View

System view

Default level

2: System level

Parameters

wait-time: Specifies the synwait timer for IPv6 TCP connections in seconds, in the range of 2 to 600.

Description

Use tcp ipv6 timer syn-timeout to set the synwait timer for IPv6 TCP connections

Use undo tcp ipv6 timer syn-timeout to restore the default.

By default, the length of the synwait timer of IPv6 TCP connections is 75 seconds.

Examples

# Set the synwait timer length of IPv6 TCP connections to 100 seconds.

<Sysname> system-view

[Sysname] tcp ipv6 timer syn-timeout 100

tcp ipv6 window

Syntax tcp ipv6 window size undo tcp ipv6 window

View

System view

Default level

2: System level

Parameters

size: Specifies the size of the IPv6 TCP send/receive buffer in KB (kilobyte), in the range of 1 to 32.

Description

Use tcp ipv6 window to set the size of the IPv6 TCP send/receive buffer.

Use undo tcp ipv6 window to restore the default.

By default, the size of the IPv6 TCP send/receive buffer is 8 KB.

Examples

# Set the size of the IPv6 TCP send/receive buffer to 4 KB.

<Sysname> system-view

[Sysname] tcp ipv6 window 4

190

DHCPv6 configuration commands

DHCPv6 common configuration commands

display ipv6 dhcp duid

Syntax display ipv6 dhcp duid [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp duid to display the DUID of the local device.

Examples

# Display the DUID of the device.

<Sysname> display ipv6 dhcp duid

The DUID of this device: 0003-0001-00e0-fc00-5552

DHCPv6 server configuration commands

display ipv6 dhcp pool

Syntax display ipv6 dhcp pool [ pool-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

191

Parameters

pool-number: Displays the details about the address pool specified by the pool number. If no pool number is specified, this command displays all address pool information.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp pool to display DHCPv6 address pool information.

Examples

# Display all address pool information.

<Sysname> display ipv6 dhcp pool

Pool Prefix-pool

1 1

2 Not configured

Table 42 Command output

Field Description

Pool DHCPv6 address pool number.

Prefix-pool

Prefix pool referenced by the address pool. If no referenced prefix pool is specified, this field displays Not configured.

# Display detailed information about a specific address pool.

<Sysname> display ipv6 dhcp pool 1

DHCPv6 pool: 1

Static bindings:

DUID: 0003000100E0FC000001

IAID: 0000003F

Prefix: 2::/64

preferred lifetime 604800, valid lifetime 2592000

Prefix pool: 1

preferred lifetime 201600, valid lifetime 864000

DNS server address:

2::2

2::3

Domain name: aaa.com

SIP server address:

5::1

SIP server domain name:

bbb.com

192

Table 43 Command output

Field Description

DHCPv6 pool DHCPv6 address pool number.

Static bindings

Static prefix information configured in the address pool. If no static prefix is configured, this field is not displayed.

IAID

Prefix preferred lifetime valid lifetime

Prefix Pool

DNS server address

Domain name

SIP server address

Client IAID. If the IAID is not configured, this field displays Not configured.

IPv6 address prefix.

Preferred lifetime of the prefix, in seconds.

Valid lifetime of the prefix, in seconds.

Prefix pool referenced by the address pool. If no prefix pool is referenced, this field is not displayed.

DNS server address. If no DNS server address is configured, this field is not displayed.

Domain name. If no domain name is configured, this field is not displayed.

SIP server address. If no SIP server address is configured, this field is not displayed.

Domain name of the SIP server. If no domain name of the SIP server is configured, this field is not displayed.

SIP server domain name

display ipv6 dhcp prefix-pool

Syntax display ipv6 dhcp prefix-pool [ prefix-pool-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

prefix-pool-number: Displays details about the prefix pool specified by the prefix pool number. If no prefix pool number is specified, this command displays brief information about all prefix pools.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp prefix-pool to display prefix pool information.

193

Examples

# Display brief information about all prefix pools.

<Sysname> display ipv6 dhcp prefix-pool

Prefix-pool Prefix Available In-use Static

1 5::/64 64 0 0

# Display details about the specified prefix pool.

<Sysname> display ipv6 dhcp prefix-pool 1

Prefix: 5::/64

Assigned length: 70

Total prefix number: 64

Available: 64

In-use: 0

Static: 0

Table 44 Command output

Field Description

Prefix-pool Prefix pool number.

Prefix

Available

In-use

Static

Assigned length

Total prefix number

Prefix contained in the prefix pool.

Number of idle prefixes.

Number of assigned prefixes.

Number of static prefixes.

Length of prefixes to be assigned.

Total number of prefixes.

display ipv6 dhcp server

Syntax display ipv6 dhcp server [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters interface interface-type interface-number: Displays DHCPv6 server information about the interface specified by interface type and number. If no interface is specified, this command displays DHCPv6 server information about all interfaces.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.

194

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp server to display DHCPv6 server information.

Examples

# Display DHCPv6 server information about all interfaces.

<Sysname> display ipv6 dhcp server

DHCPv6 server status: Enabled

Interface Pool

Vlan-interface2 1

Vlan-interface3 2

# Display DHCPv6 server information about the specified interface.

<Sysname> display ipv6 dhcp server interface vlan-interface 2

Using pool: 1

Preference value: 0

Allow-hint: Enabled

Rapid-commit: Disabled

Table 45 Command output

Field Description

DHCPv6 server status DHCPv6 server status, Enabled or Disabled.

Interface Interface on which the DHCPv6 server is enabled.

Pool

Using pool

Preference value

Allow-hint

Rapid-commit

Address pool applied to the interface.

Address pool applied to the interface.

Server priority in the DHCPv6 Advertise message. The value ranges from 0 to 255.

Support for desired prefix assignment. The status can be Enabled or Disabled.

Support for rapid prefix assignment. The status can be Enabled or Disabled.

display ipv6 dhcp server pd-in-use

Syntax display ipv6 dhcp server pd-in-use { all | pool pool-number | prefix prefix/prefix-len | prefix-pool

prefix-pool-number } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays all PD information. pool pool-number: Displays PD information about the address pool specified by the pool number.

195

prefix prefix/prefix-len: Displays PD information about the specified prefix. The prefix/prefix-len indicates the IPv6 prefix and prefix length. The value of the prefix length ranges from 1 to 128. prefix-pool prefix-pool-number: Displays PD information about the prefix pool specified by the prefix pool number.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp server pd-in-use to display PD information.

The PD information generated for static prefixes is not displayed when you display PD information about a specific prefix pool.

Examples

# Display all PD information.

<Sysname> display ipv6 dhcp server pd-in-use all

Total number = 3

Prefix Type Pool Lease-expiration

2:1::/24 Auto(O) 1 Jul 10 2008 19:45:01

1:1::/64 Static(F) 2 Not available

1:2::/64 Static(O) 3 Oct 9 2008 09:23:31

# Display PD information about the specified address pool.

<Sysname> display ipv6 dhcp server pd-in-use pool 1

Total number = 2

Prefix Type Pool Lease-expiration

2:1::/24 Auto(O) 1 Jul 10 2008 22:22:22

3:1::/64 Static(C) 1 Jan 1 2008 11:11:11

# Display PD information about the specified prefix pool.

<Sysname> display ipv6 dhcp server pd-in-use prefix-pool 1

Total number = 1

Prefix Type Pool Lease-expiration

2:1:1:2::/64 Auto(C) 2 Jan 1 2008 14:45:56

# Display PD information about the specified prefix.

<Sysname> display ipv6 dhcp server pd-in-use prefix 2:1::3/24

Pool: 1

Prefix pool: 1

Client: FE80::C800:CFF:FE18:0

Type: Auto(O)

DUID: 00030001CA000C180000

IAID: 0x00030001

Prefix: 2:1::/24

Preferred lifetime 400, valid lifetime 500

expires at Jul 10 2008 09:45:01 (288 seconds left)

196

Table 46 Command output

Field Description

Total number Total number of PDs.

Type

Pool

Lease-expiration

Prefix Pool

Client

PD type:

Static(F)—Generated for the static prefix that has not been assigned to the client, and is also called the ineffective static PD.

Static(O)—Temporarily generated for the static prefix to be assigned when the server receives a Solicit message from the corresponding client.

Static(C)—Generated for the static prefix that is officially assigned.

Auto(O)—Temporarily generated for the prefix selected from a prefix pool after the server receives a Solicit message from the client.

Auto(C)—Generated for the prefix to be assigned officially after the server receives a Request message, or the server supporting rapid assignment receives the Solicit message containing a Rapid Commit option.

Address pool to which the PD belongs.

Lease expiration time. If the lease expires after the year 2100, this field displays after 2100. For the ineffective static PD, this field displays Not available.

Prefix pool to which the PD belongs. For the static PD, this field displays null.

IPv6 address of the DHCPv6 client. For the ineffective static PD, this field displays null.

IAID preferred lifetime valid lifetime expires at

Client IAID. For the ineffective static PD with no IAID configured, this field displays null.

Preferred lifetime of the prefix, in seconds.

Valid lifetime of the prefix, in seconds.

Lease expiration time. If the lease expires after the year 2100, this field displays expires after 2100.

display ipv6 dhcp server statistics

Syntax display ipv6 dhcp server statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.

197

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp server statistics to display packet statistics on the DHCPv6 server.

Examples

# Display packet statistics on the DHCPv6 server.

<Sysname> display ipv6 dhcp server statistics

Packets received : 0

SOLICIT : 0

REQUEST : 0

CONFIRM : 0

RENEW : 0

REBIND : 0

RELEASE : 0

DECLINE : 0

INFORMATION-REQUEST: 0

RELAY-FORWARD : 0

Packets dropped : 0

Packets sent : 0

ADVERTISE : 0

RECONFIGURE : 0

REPLY : 0

RELAY-REPLY : 0

Table 47 Command output

Field Description

Packets received

Number of messages received by the DHCPv6 server. The message types include:

SOLICIT.

REQUEST.

CONFIRM.

RENEW.

REBIND.

RELEASE.

DECLINE.

INFORMATION-REQUEST.

RELAY-FORWARD.

Packets dropped

Packets sent

Number of packets discarded.

Number of messages sent out from the DHCPv6 server. The message types include:

ADVERTISE.

RECONFIGURE.

REPLY.

RELAY-REPLY.

198

dns-server

Syntax dns-server ipv6-address undo dns-server ipv6-address

View

DHCPv6 address pool view

Default level

2: System level

Parameters

ipv6-address: Specifies the IPv6 address of a DNS server.

Description

Use dns-server to specify a DNS server for the client.

Use undo dns-server to remove the specified DNS server.

No DNS server address is specified by default.

You can configure multiple DNS server addresses by using the dns-server command repeatedly.

The precedence of the specified DNS servers depends on the configuration sequence. The formerly specified DNS server takes precedence over the latter one.

NOTE:

You can configure up to eight DNS servers in an address pool.

Examples

# Specify the DNS server address to be assigned to the client as 2:2::3.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] dns-server 2:2::3

domain-name

Syntax domain-name domain-name undo domain-name

View

DHCPv6 address pool view

Default level

2: System level

Parameters

domain-name: Domain name, a string of 1 to 50 characters.

199

Description

Use domain-name to configure the domain name for the client.

Use undo domain-name to remove the configuration.

By default, no domain name is configured for the client.

You can configure only one domain name in an address pool.

If you repeatedly use the domain-name command, the latest configuration overwrites the previous one.

Examples

# Configure the domain name to be assigned to the client as aaa.com.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] domain-name aaa.com

ds-lite address

Syntax ds-lite address ipv6-address undo ds-lite address

View

DHCPv6 address pool view

Default level

2: System level

Parameters

ipv6-address: Specifies the IPv6 address of the Address Family Translation Router (AFTR).

Description

Use ds-lite address to specify the address of the AFTR.

Use undo ds-lite address to delete the address of the AFTR.

The address of the AFTR is not specified by default.

When you configure a DS-Lite tunnel, the Customer Premises Equipment (CPE) sends a DHCPv6 request to obtain the address of the AFTR. Upon receiving the request, the DHCPv6 server sends the address of the AFTR to the CPE.

You can specify only one AFTR address for an address pool. The latest setting overrides the previous one.

Examples

# Specify the AFTR address as 2::1.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] ds-lite address 2::1

ipv6 dhcp dscp (for DHCPv6 server)

Syntax ipv6 dhcp dscp dscp-value

200

undo ipv6 dhcp dscp

View

System view

Default level

2: System level

Parameter

dscp-value: Specifies the DSCP value in DHCPv6 packets, in the range of 0 to 63.

Description

Use ipv6 dhcp dscp to set the DSCP value for the DHCPv6 packets sent by the DHCPv6 server.

Use undo ipv6 dhcp dscp to restore the default.

By default, the DSCP value in DHCPv6 packets is 56.

Examples

# Set the DSCP value to 30 in DHCPv6 packets sent by the DHCPv6 server.

<Sysname> system-view

[Sysname] ipv6 dhcp dscp 30

ipv6 dhcp pool

Syntax ipv6 dhcp pool pool-number undo ipv6 dhcp pool pool-number

View

System view

Default level

2: System level

Parameters

pool-number: Specifies an address pool number.

Description

Use ipv6 dhcp pool to create a DHCPv6 address pool and enter DHCPv6 address pool view, or enter

DHCPv6 address pool view if the specified address pool already exists.

Use undo ipv6 dhcp pool to remove the address pool.

No DHCPv6 address pool is configured by default.

Examples

# Create DHCPv6 address pool 1 and enter its view.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1]

201

ipv6 dhcp prefix-pool

Syntax ipv6 dhcp prefix-pool prefix-pool-number prefix prefix/prefix-len assign-len assign-len undo ipv6 dhcp prefix-pool prefix-pool-number

View

System view

Default level

2: System level

Parameters

prefix-pool-number: Specifies a prefix pool number. prefix prefix/prefix-len: Specifies the prefix contained in the specified prefix pool. The prefix indicates the

IPv6 prefix. The prefix-len indicates the prefix length, in the range of 1 to 128. assign-len assign-len: Specifies the length of the prefix assigned. The value ranges from 1 to 128. The

assign-len must be higher than or equal to the prefix-len, and the difference between them must be less than or equal to 16.

Description

Use ipv6 dhcp prefix-pool to create a prefix pool and specify the prefix and the length of the prefix assigned.

Use undo ipv6 dhcp prefix-pool to remove the prefix pool.

No prefix pool is configured by default.

The prefix ranges of the prefix pools cannot overlap.

You cannot modify an existing prefix pool.

Removing a prefix pool clears all PDs assigned from the prefix pool.

Examples

# Create prefix pool 1 that contains the prefix 2001:0410::/32 and specify the length of prefixes to be assigned as 42. Prefix pool 1 can assign 1024 prefixes in the range of 2001:0410::/42 to

2001:0410:FFC0::/42.

<Sysname> system-view

[Sysname] ipv6 dhcp prefix-pool 1 prefix 2001:0410::/32 assign-len 42

ipv6 dhcp server apply pool

Syntax ipv6 dhcp server apply pool pool-number [ allow-hint | preference preference-value | rapid-commit ] * undo ipv6 dhcp server apply pool

View

Interface view

Default level

2: System level

202

Parameters

pool-number: Specifies an address pool number. allow-hint: Configure the server to support desired prefix assignment. If this keyword is not specified, the server does not support assignment of desired prefixes. preference preference-value: Specifies the server priority in Advertise messages, in the range of 0 to 255.

The default value is 0. A higher value indicates a higher priority. rapid-commit: Configure the server to support rapid prefix assignment. If this keyword is not specified, the server does not support rapid prefix assignment.

Description

Use ipv6 dhcp server apply pool to apply a DHCPv6 address pool to the interface.

Use undo ipv6 dhcp server apply pool to remove the configuration.

No address pool is applied to an interface by default.

Upon receiving a request from a DHCPv6 client on an interface, the DHCPv6 server selects a prefix from the address pool applied to the interface and assigns it to the client.

With the allow-hint keyword specified, the server assigns the desired prefix to the requesting client. If the desired prefix is not included in the assignable prefix pool of the interface, or is already assigned to another client, the server ignores the desired prefix and assigns the client a prefix from the idle prefixes.

An interface cannot serve as a DHCPv6 server and DHCPv6 relay agent at the same time. HP recommends that you do not enable the DHCPv6 server and DHCPv6 client on the same interface.

You can apply a non-existing address pool to an interface. However, the server cannot assign any prefix or other configuration information from the address pool until the address pool is created.

You cannot modify the address pool applied to an interface or parameters such as the server priority by using the ipv6 dhcp server apply pool command. You need to remove the applied address pool before you can apply another address pool to the interface or modify parameters such as the server priority.

NOTE:

Only one address pool can be applied to an interface.

Examples

# Apply prefix pool 1 to VLAN-interface 2, configure the server to support desired prefix assignment and rapid prefix assignment, and set the highest priority of 255.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] ipv6 dhcp server apply pool 1 allow-hint preference 255 rapid-commit

ipv6 dhcp server enable

Syntax ipv6 dhcp server enable undo ipv6 dhcp server enable

View

System view

203

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp server enable to enable the DHCPv6 server.

Use undo ipv6 dhcp server enable to disable the DHCPv6 server.

By default, the DHCPv6 server is disabled.

Other DHCPv6 server related configuration is effective only when the DHCPv6 server is enabled.

Examples

# Enable the DHCPv6 server.

<Sysname> system-view

[Sysname] ipv6 dhcp server enable

prefix-pool

Syntax prefix-pool prefix-pool-number [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ] undo prefix-pool

View

DHCPv6 address pool view

Default level

2: System level

Parameters

prefix-pool-number: Prefix pool number. preferred-lifetime preferred-lifetime: Specifies the preferred lifetime of prefixes to be assigned. The value ranges from 60 to 4294967295, in seconds. The default value is 604800 seconds, that is, seven days. valid-lifetime valid-lifetime: Specifies the valid lifetime of the prefixes to be assigned. The value ranges from 60 to 4294967295, in seconds. The default value is 2592000 seconds, that is, 30 days. The valid lifetime must be greater than or equal to the preferred lifetime.

Description

Use prefix-pool to apply a prefix pool to the DHCPv6 address pool, so that the DHCPv6 server can dynamically select a prefix from the prefix pool and assign it to the client.

Use undo prefix-pool to remove the configuration.

No prefix pool is referenced by an address pool by default.

Only one prefix pool can be referenced by an address pool.

A non-existing prefix pool can be referenced by an address pool. However, no prefix is available in the prefix pool for dynamic prefix assignment until the prefix pool is created.

204

You cannot modify the prefix pool referenced by an address pool, or the preferred lifetime or valid lifetime by using the prefix-pool command. You need to remove the configuration before you can have another prefix pool referenced by the address pool, or modify the preferred lifetime and valid lifetime.

Examples

# Apply prefix pool 1 to address pool 1, and use the default preferred lifetime and valid lifetime.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] prefix-pool 1

# Apply prefix pool 1 to address pool 1, and set the valid lifetime to three days, the preferred lifetime to one day.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] prefix-pool 1 preferred-lifetime 86400 valid-lifetime 259200

reset ipv6 dhcp server pd-in-use

Syntax reset ipv6 dhcp server pd-in-use { all | pool pool-number | prefix prefix/prefix-len }

View

User view

Default level

2: System level

Parameters all: Clears all PD information. pool pool-number: Clears PD information about the address pool specified by the pool number. prefix prefix/prefix-len: Clears PD information about the specified prefix. The prefix/prefix-len indicates the IPv6 prefix and prefix length. The value of the prefix length ranges from 1 to 128.

Description

Use reset ipv6 dhcp server pd-in-use to clear PD information about the DHCPv6 server.

After PD information about assigned static prefixes is removed, the PDs become ineffective static PDs.

Examples

# Clear all PD information.

<Sysname> reset ipv6 dhcp server pd-in-use all

# Clear PD information about the specified address pool.

<Sysname> reset ipv6 dhcp server pd-in-use pool 1

# Clear PD information about the specified prefix.

<Sysname> reset ipv6 dhcp server pd-in-use prefix 2001:0:0:1::/64

reset ipv6 dhcp server statistics

Syntax reset ipv6 dhcp server statistics

205

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset ipv6 dhcp server statistics to remove packet statistics on the DHCPv6 server.

Examples

# Clear packet statistics on the DHCPv6 server.

<Sysname> reset ipv6 dhcp server statistics

sip-server

Syntax sip-server { address ipv6-address | domain-name domain-name } undo sip-server { address ipv6-address | domain-name domain-name }

View

DHCPv6 address pool view

Default level

2: System level

Parameters address ipv6-address: Specifies the IPv6 address of a SIP server. domain-name domain-name: Specifies the domain name of a SIP server. The domain name is a string of

1 to 50 characters.

Description

Use sip-server to configure the IPv6 address or domain name of a SIP server for the client.

Use undo sip-server to remove the configuration.

No SIP server address or domain name is specified by default.

You can configure up to eight SIP server addresses and eight SIP server domain names in an address pool. The priorities of the specified SIP servers depend on the configuration sequence. The formerly specified SIP server takes precedence over the latter one.

If you repeatedly use the sip-server command, the last configuration does not overwrite the previous one.

Examples

# Specify the SIP server address as 2:2::4 for the client.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] sip-server address 2:2::4

# Specify the domain name of the SIP server as bbb.com for the client.

[Sysname-dhcp6-pool-1] sip-server domain-name bbb.com

206

static-bind prefix

Syntax static-bind prefix prefix/prefix-len duid duid [ iaid iaid ] [ preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime ] undo static-bind prefix prefix/prefix-len

View

DHCPv6 address pool view

Default level

2: System level

Parameters

prefix/prefix-len: Static prefix and prefix length. duid duid: Client DUID. The value is an even hexadecimal number, in the range of 2 to 256. iaid iaid: Client IAID. The value is a hexadecimal number in the range of 0 to FFFFFFFF. If no IAID is specified, the server does not match against the client IAID for prefix assignment. preferred-lifetime preferred-lifetime: Specifies the preferred lifetime of the prefix to be assigned. The value ranges from 60 to 4294967295, in seconds. The default value is 604800 seconds, that is, seven days. valid-lifetime valid-lifetime: Specifies the valid lifetime of the prefix to be assigned. The value ranges from

60 to 4294967295, in seconds. The default value is 2592000 seconds, that is, 30 days. The valid lifetime must be greater than or equal to the preferred lifetime.

Description

Use static-bind prefix to configure a static prefix.

Use undo static-bind prefix to remove a static prefix.

No static prefix is configured by default.

After a static prefix is bound to a client, the configuration cannot be modified. You need to delete the static prefix before you can bind the prefix to another client.

Examples

# Configure static prefix 2001:0410::/35 in address pool 1, and specify the DUID as

00030001CA0006A400, the IAID as A1A1A1A1, the preferred lifetime as one day, and the valid lifetime as three days.

<Sysname> system-view

[Sysname] ipv6 dhcp pool 1

[Sysname-dhcp6-pool-1] static-bind prefix 2001:0410::/35 duid 00030001CA0006A400 iaid

A1A1A1A1 preferred-lifetime 86400 valid-lifetime 259200

207

DHCPv6 relay agent configuration commands

display ipv6 dhcp relay server-address

Syntax display ipv6 dhcp relay server-address { all | interface interface-type interface-number } [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters all: Displays all DHCPv6 server address information. interface interface-type interface-number: Displays DHCPv6 server address information about the specified interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp relay server-address to display information about DHCPv6 server addresses specified on the DHCPv6 relay agent.

Examples

# Display all DHCPv6 server address information.

<Sysname> display ipv6 dhcp relay server-address all

Interface: Vlan2

Server address(es) Output Interface

1::1

FF02::1:2 Vlan4

Interface: Vlan3

Server address(es) Output Interface

1::1

FF02::1:2 Vlan4

# Display DHCPv6 server address information about VLAN-interface 2.

<Sysname> display ipv6 dhcp relay server-address interface vlan-interface 2

Interface: Vlan2

Server address(es) Output Interface

1::1

208

FF02::1:2 Vlan4

Table 48 Command output

Field Description

Interface Interface that serves as the DHCPv6 relay agent.

Server address(es)

Output Interface

DHCPv6 server addresses specified on the interface.

Outgoing interface of DHCPv6 packets.

display ipv6 dhcp relay statistics

Syntax display ipv6 dhcp relay statistics [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp relay statistics to display packet statistics on the DHCPv6 relay agent.

Related commands: reset ipv6 dhcp relay statistics.

Examples

# Display packet statistics on the DHCPv6 relay agent.

<Sysname> display ipv6 dhcp relay statistics

Packets dropped : 4

Error : 4

Excess of rate limit : 0

Packets received : 14

SOLICIT : 0

REQUEST : 0

CONFIRM : 0

RENEW : 0

REBIND : 0

RELEASE : 0

DECLINE : 0

INFORMATION-REQUEST : 7

RELAY-FORWARD : 0

209

RELAY-REPLY : 7

Packets sent : 14

ADVERTISE : 0

RECONFIGURE : 0

REPLY : 7

RELAY-FORWARD : 7

RELAY-REPLY : 0

Table 49 Command output

Field Description

Packets dropped Number of discarded packets.

Error

Excess of rate limit

Packets received

SOLICIT

REQUEST

CONFIRM

RENEW

REBIND

RELEASE

DECLINE

INFORMATION-REQUEST

RELAY-FORWARD

RELAY-REPLY

Packets sent

ADVERTISE

RECONFIGURE

REPLY

RELAY-FORWARD

RELAY-REPLY

Number of discarded error packets.

Number of packets discarded due to excess of rate limit.

Number of received packets.

Number of received solicit packets.

Number of received request packets.

Number of received confirm packets.

Number of received renew packets.

Number of received rebind packets.

Number of received release packets.

Number of received decline packets.

Number of received information request packets.

Number of received relay-forward packets.

Number of received relay-reply packets.

Number of sent packets.

Number of sent advertise packets.

Number of sent reconfigure packets.

Number of sent reply packets.

Number of sent Relay-forward packets.

Number of sent Relay-reply packets.

ipv6 dhcp dscp (for DHCPv6 relay agent)

Syntax ipv6 dhcp dscp dscp-value undo ipv6 dhcp dscp

View

System view

Default level

2: System level

210

Parameters

dscp-value: Specifies the DSCP value in DHCPv6 packets, in the range of 0 to 63.

Description

Use ipv6 dhcp dscp to set the DSCP value for the DHCPv6 packets sent by the DHCPv6 relay agent.

Use undo ipv6 dhcp dscp to restore the default.

By default, the DSCP value in DHCPv6 packets is 56.

Examples

# Set the DSCP value to 30 in DHCPv6 packets sent by the DHCPv6 relay agent.

<Sysname> system-view

[Sysname] ipv6 dhcp dscp 30

ipv6 dhcp relay server-address

Syntax ipv6 dhcp relay server-address ipv6-address [ interface interface-type interface-number ] undo ipv6 dhcp relay server-address ipv6-address [ interface interface-type interface-number ]

View

Interface view

Default level

2: System level

Parameters

ipv6-address: Specifies the IPv6 address of the DHCPv6 server. interface interface-type interface-number: Specifies an outgoing interface for DHCPv6 packets.

Description

Use ipv6 dhcp relay server-address to enable DHCPv6 relay agent on the interface and specify a

DHCPv6 server.

Use undo ipv6 dhcp relay server-address to remove the DHCPv6 server from the interface.

By default, DHCPv6 relay agent is disabled and no DHCPv6 server is specified on the interface.

Upon receiving a request from a DHCPv6 client, the interface that operates as a DHCPv6 relay agent encapsulates the request into a Relay-forward message and forwards the message to the specified

DHCPv6 server, which then assigns an IPv6 address and other configuration parameters to the DHCPv6 client.

Executing the ipv6 dhcp relay server-address command repeatedly can specify multiple DHCPv6 servers, and up to eight DHCP servers can be specified for an interface. After receiving requests from DHCPv6 clients, the DHCPv6 relay agent forwards the requests to all the specified DHCPv6 servers.

If the DHCPv6 server address is a link-local address or link-scoped multicast address on the local link, you must specify an outgoing interface. If no outgoing interface is specified, DHCPv6 packets may fail to be forwarded to the DHCPv6 server.

After you remove all the specified DHCPv6 servers from an interface with the undo ipv6 dhcp relay server-address command, DHCPv6 relay agent is disabled on the interface.

211

An interface cannot serve as a DHCPv6 client and DHCPv6 relay agent at the same time.

Related commands: display ipv6 dhcp relay server-address.

Examples

# Enable DHCPv6 relay agent on VLAN-interface 2, and specify the DHCPv6 server address as

2001:1::3.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] ipv6 dhcp relay server-address 2001:1::3

reset ipv6 dhcp relay statistics

Syntax reset ipv6 dhcp relay statistics

View

User view

Default level

1: Monitor level

Parameters

None

Description

Use reset ipv6 dhcp relay statistics to clear packets statistics on the DHCPv6 relay agent.

After this command is executed, the packets statistics is displayed as 0 when you use the display ipv6 dhcp relay statistics command.

Related commands: display ipv6 dhcp relay statistics.

Examples

# Clear packet statistics on the DHCPv6 relay agent.

<Sysname> reset ipv6 dhcp relay statistics

DHCPv6 client configuration commands

display ipv6 dhcp client

Syntax display ipv6 dhcp client [ interface interface-type interface-number ] [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

212

Parameters interface interface-type interface-number: Displays DHCPv6 client information about a specific interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp client to display DHCPv6 client information.

With no parameters specified, this command displays DHCPv6 client information about all interfaces.

Examples

# Display DHCPv6 client information about VLAN-interface 2.

<Sysname> display ipv6 dhcp client interface vlan-interface 2

Vlan-interface2 is in stateless DHCPv6 client mode

State is OPEN

Preferred Server:

Reachable via address : FE80::213:7FFF:FEF6:C818

DUID : 0003000100137ff6c818

DNS servers : 1:2:3::5

1:2:4::7

Domain names : abc.com

Table 50 Command output

Field Description in stateless DHCPv6 client mode

Indicates the client is in the stateless DHCPv6 configuration mode.

State is OPEN

Current state of the DHCPv6 client:

INIT—After enabled, the DHCPv6 client enters the INIT state.

IDLE—After receiving an RA message with the "M" flag set to 0 and "O" flag set to 1 and enabled with stateless DHCPv6, the DHCPv6 client enters the

IDLE state.

INFO-REQUESTING—The DHCPv6 client is requesting configuration information.

OPEN—The DHCPv6 client successfully obtained configuration parameters and completed stateless configuration based on the obtained parameters.

Preferred Server

Reachable via address

DUID

DNS servers

Domain names

Information about the DHCPv6 server selected by the DHCPv6 client.

Reachable address, which is the link local address of the DHCPv6 server or relay agent.

DHCP unique identifier (DUID) of the DHCPv6 server.

DNS server address sent by the DHCPv6 server.

Domain name information sent by the DHCPv6 server.

213

display ipv6 dhcp client statistics

Syntax display ipv6 dhcp client statistics [ interface interface-type interface-number ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters interface interface-type interface-number: Displays the DHCPv6 client statistics of a specific interface.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp client statistics to display DHCPv6 client statistics.

With no parameters specified, DHCPv6 client statistics of all interfaces is displayed.

Related commands: reset ipv6 dhcp client statistics.

Examples

# Display DHCPv6 client statistics of VLAN-interface 2.

<Sysname> display ipv6 dhcp client statistics interface vlan-interface 2

Interface : Vlan-interface2

Packets Received : 1

Reply : 1

Advertise : 0

Reconfigure : 0

Invalid : 0

Packets Sent : 5

Solicit : 0

Request : 0

Confirm : 0

Renew : 0

Rebind : 0

Information-request : 5

Release : 0

Decline : 0

214

Table 51 Command output

Field Description

Interface Interface that servers as the DHCPv6 client.

Packets Received

Reply

Advertise

Reconfigure

Invalid

Packets Sent

Solicit

Request

Confirm

Renew

Rebind

Number of received packets.

Number of received reply packets.

Number of received advertise packets.

Number of received reconfigure packets.

Number of invalid packets.

Number of sent packets.

Number of sent solicit packets.

Number of sent request packets.

Number of sent confirm packets.

Number of sent renew packets.

Number of sent rebind packets.

Information-request

Release

Decline

Number of sent information request packets.

Number of sent release packets.

Number of sent decline packets.

ipv6 dhcp client dscp

Syntax ipv6 dhcp client dscp dscp-value undo ipv6 dhcp client dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in DHCPv6 packets, in the range of 0 to 63.

Description

Use ipv6 dhcp client dscp to set the DSCP value in DHCPv6 packets sent by the DHCPv6 client.

Use undo ipv6 dhcp client dscp to restore the default value.

By default, the DSCP value in DHCPv6 packets is 56.

Examples

# Set the DSCP value to 30 in the DHCPv6 packets sent by the DHCPv6 client.

<Sysname> system-view

[Sysname] ipv6 dhcp client dscp 30

215

reset ipv6 dhcp client statistics

Syntax reset ipv6 dhcp client statistics [ interface interface-type interface-number ]

View

User view

Default level

1: Monitor level

Parameters interface interface-type interface-number: Clears DHCPv6 client statistics of a specific interface.

Description

Use reset ipv6 dhcp client statistics to clear DHCPv6 client statistics.

With no parameters specified, DHCPv6 client statistics of all interfaces is cleared.

After this command is executed, the packets statistics is displayed as 0 when you use the display ipv6 dhcp client statistics command.

Related commands: display ipv6 dhcp client statistics.

Examples

# Clear DHCPv6 client statistics of all interfaces.

<Sysname> reset ipv6 dhcp client statistics

DHCPv6 snooping configuration commands

display ipv6 dhcp snooping trust

Syntax display ipv6 dhcp snooping trust [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

216

Description

Use display ipv6 dhcp snooping trust to display DHCPv6 snooping trusted ports.

Examples

# Display DHCPv6 snooping trusted ports.

<Sysname> display ipv6 dhcp snooping trust

Trusted ports include:

Ethernet1/0/1

Ethernet1/0/2

display ipv6 dhcp snooping user-binding

Syntax display ipv6 dhcp snooping user-binding { ipv6-address | dynamic } [ | { begin | exclude | include }

regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

ipv6-address: Displays DHCPv6 snooping entries of the specified IPv6 address. dynamic: Displays all DHCPv6 snooping entries.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 dhcp snooping user-binding to display DHCPv6 snooping entries.

Examples

# Display all DHCPv6 snooping entries.

<Sysname> display ipv6 dhcp snooping user-binding dynamic

IPv6 Address MAC Address Lease VLAN Interface

============================== ============== ========== ==== ==================

2::1 00e0-fc00-0006 286 1 Ethernet1/0/1

--- 1 DHCPv6 snooping item(s) found ---

Table 52 Command output

Field Description

IPv6 Address IPv6 address in the DHCPv6 snooping entry.

MAC Address MAC address in the DHCPv6 snooping entry.

217

Field Description

Lease Remaining lease of the DHCPv6 snooping entry, in seconds.

VLAN

Interface

VLAN to which the interface belongs.

Interface through which the DHCPv6 client is connected.

ipv6 dhcp snooping enable

Syntax ipv6 dhcp snooping enable undo ipv6 dhcp snooping enable

View

System view

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp snooping enable to enable DHCPv6 snooping globally.

Use undo ipv6 dhcp snooping enable to disable DHCPv6 snooping globally.

By default, global DHCPv6 snooping is disabled.

After DHCPv6 snooping is enabled in system view, the DHCPv6 snooping device discards DHCPv6 reply messages received by an untrusted port if any, and does not record these DHCPv6 snooping entries.

Examples

# Enable DHCPv6 snooping globally.

<Sysname> system-view

[Sysname] ipv6 dhcp snooping enable

ipv6 dhcp snooping max-learning-num

Syntax ipv6 dhcp snooping max-learning-num number undo ipv6 dhcp snooping max-learning-num

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

number: Maximum number of DHCPv6 snooping entries an interface can learn.

On the HP 3600 v2 EI switch series, the number argument ranges from 0 to 4096.

218

On the HP 3600 v2 SI switch series, the number argument ranges from 0 to 1024.

Description

Use ipv6 dhcp snooping max-learning-num to configure the maximum number of DHCPv6 snooping entries an interface can learn.

Use undo ipv6 dhcp snooping max-learning-num to restore the default.

By default, the number of DHCPv6 snooping entries learned by an interface is not limited.

Examples

# Set the maximum number of DHCPv6 snooping entries Layer 2 Ethernet port Ethernet 1/0/1 can learn to 1000.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping max-learning-num 1000

ipv6 dhcp snooping option interface-id enable

Syntax ipv6 dhcp snooping option interface-id enable undo ipv6 dhcp snooping option interface-id enable

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp snooping option interface-id enable to enable DHCPv6 snooping support for Option 18.

Use undo ipv6 dhcp snooping option interface-id enable to restore the default.

By default, DHCPv6 snooping support for Option 18 is disabled.

The ipv6 dhcp snooping option interface-id enable command is effective only when you enable DHCPv6 snooping globally in system view, and enable DHCPv6 snooping in VLAN view.

Examples

# Enable DHCPv6 snooping support for Option 18.

<Sysname> system-view

[Sysname] ipv6 dhcp snooping enable

[Sysname] vlan 1

[Sysname-vlan1] ipv6 dhcp snooping vlan enable

[Sysname-vlan1] quit

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet 1/0/1] ipv6 dhcp snooping option interface-id enable

219

ipv6 dhcp snooping option interface-id string

Syntax ipv6 dhcp snooping option interface-id string interface-id undo ipv6 dhcp snooping option interface-id string

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

interface-id: Specifies the DUID in user-defined Option 18, a string of 1 to 128 characters.

Description

Use ipv6 dhcp snooping option interface-id string to configure the DUID in Option 18.

Use undo ipv6 dhcp snooping option interface-id string to restore the default.

By default, the DUID in Option 18 is the DUID of the device.

Examples

# Specify company001 as the DUID in Option 18.

<Sysname> system-view

[Sysname] ipv6 dhcp snooping enable

[Sysname] vlan 1

[Sysname-vlan1] ipv6 dhcp snooping vlan enable

[Sysname-vlan1] quit

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping option interface-id enable

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping option interface-id string company001

ipv6 dhcp snooping option remote-id enable

Syntax ipv6 dhcp snooping option remote-id enable undo ipv6 dhcp snooping option remote-id enable

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp snooping option remote-id enable to enable DHCPv6 snooping support for Option 37.

Use undo ipv6 dhcp snooping option remote-id enable to restore the default.

220

By default, DHCPv6 snooping support for Option 37 is disabled.

The ipv6 dhcp snooping option remote-id enable command is effective only when you enable DHCPv6 snooping globally in system view, and enable DHCPv6 snooping in VLAN view.

Examples

# Enable DHCPv6 snooping support for Option 37.

<Sysname> system-view

[Sysname] ipv6 dhcp snooping enable

[Sysname] vlan 1

[Sysname-vlan1] ipv6 dhcp snooping vlan enable

[Sysname-vlan1] quit

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping option remote-id enable

ipv6 dhcp snooping option remote-id string

Syntax ipv6 dhcp snooping option remote-id string remote-id undo ipv6 dhcp snooping option remote-id string

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

string: Specifies the DUID value in user-defined Option 37, a string of 1 to 128 characters.

Description

Use ipv6 dhcp snooping option remote-id string to configure the DUID in Option 37.

Use undo ipv6 dhcp snooping option remote-id string to restore the default.

By default, the DUID in Option 37 is the DUID of the device.

Examples

# Specify device001 as the DUID in Option 37.

<Sysname> system-view

[Sysname] ipv6 dhcp snooping enable

[Sysname] vlan 1

[Sysname-vlan1] ipv6 dhcp snooping vlan enable

[Sysname-vlan1] quit

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping option remote-id enable

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping option remote-id string device001

ipv6 dhcp snooping trust

Syntax ipv6 dhcp snooping trust

221

undo ipv6 dhcp snooping trust

View

Layer 2 Ethernet port view, Layer 2 aggregate interface view

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp snooping trust to configure a DHCPv6 trusted port.

Use undo ipv6 dhcp snooping trust to restore the default.

By default, all interfaces of a device with DHCPv6 snooping enabled globally are untrusted ports.

After DHCPv6 snooping is enabled, to make sure that DHCPv6 clients can obtain IPv6 addresses from an authorized DHCPv6 server, you need to configure the port that connects to the authorized DHCPv6 server as a trusted port.

Examples

# Configure Ethernet port Ethernet 1/0/1 as a trusted port.

<Sysname> system-view

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] ipv6 dhcp snooping trust

ipv6 dhcp snooping vlan enable

Syntax ipv6 dhcp snooping vlan enable undo ipv6 dhcp snooping vlan enable

View

VLAN view

Default level

2: System level

Parameters

None

Description

Use ipv6 dhcp snooping vlan enable to enable DHCPv6 snooping for a specific VLAN.

Use undo ipv6 dhcp snooping vlan enable to disable DHCPv6 snooping for a specific VLAN.

By default, DHCPv6 snooping is disabled for a VLAN.

After DHCPv6 snooping is enabled globally and then enabled for a VLAN, the DHCPv6 snooping device records DHCPv6 snooping entries according to the DHCPv6 packets received in the VLAN.

Meanwhile, upon receiving a DHCPv6 request from a client in the VLAN, the device forwards the packet through trusted ports rather than any untrusted port in the VLAN, thus reducing network traffic.

222

Examples

# Enable DHCPv6 snooping for VLAN 1.

<Sysname> system-view

[Sysname] vlan 1

[Sysname-vlan1] ipv6 dhcp snooping vlan enable

reset ipv6 dhcp snooping user-binding

Syntax reset ipv6 dhcp snooping user-binding { ipv6-address | dynamic }

View

User view

Default level

2: System level

Parameters

ipv6-address: Clears DHCPv6 snooping entries of the specified IPv6 address. dynamic: Clears all DHCPv6 snooping entries.

Description

Use reset ipv6 dhcp snooping user-binding to clear DHCPv6 snooping entries.

Examples

# Clear all DHCPv6 snooping entries.

<Sysname> reset ipv6 dhcp snooping user-binding dynamic

223

IPv6 DNS configuration commands

display dns ipv6 server

Syntax display dns ipv6 server [ dynamic ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters dynamic: Displays IPv6 DNS server information acquired dynamically through DHCP or other protocols.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display dns ipv6 server to display IPv6 DNS server information.

Examples

# Display IPv6 DNS server information.

<Sysname> display dns ipv6 server

Type:

D:Dynamic S:Static

DNS Server Type IPv6 Address (Interface Name)

1 S 1::1

2 S FE80::1 Vlan999

Table 53 Command output

Field Description

DNS Server

Sequence number of the DNS server, which is assigned automatically by the system, starting from 1.

Type

IPv6 Address

Type of the DNS server:

S—A statically configured DNS server.

D—A DNS server obtained dynamically through DHCP or other protocols.

IPv6 address of the DNS server.

224

Field Description

Interface Name

Interface name, which is available only for a DNS server with an IPv6 link-local address configured.

display ipv6 host

Syntax display ipv6 host [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 host to display the mappings between host names and IPv6 addresses in the static domain name resolution table.

Related commands: ipv6 host.

Examples

# Display the mappings between host names and IPv6 addresses in the static domain name resolution table.

<Sysname> display ipv6 host

Host Age Flags IPv6Address aaa 0 static 2002::1 bbb 0 static 2002::2

Table 54 Command output

Field Description

Age

Flags

IPv6Address

Time for the entry to live. 0 is displayed in the case of static configuration.

Mapping type. Static indicates a static mapping.

IPv6 address of a host.

225

dns ipv6 dscp

Syntax dns ipv6 dscp dscp-value undo dns ipv6 dscp

View

System view

Default level

2: System level

Parameters

dscp-value: Specifies the DSCP value in IPv6 DNS packets, in the range of 0 to 63.

Description

Use dns ipv6 dscp to set the DSCP value for IPv6 DNS packets.

Use undo dns ipv6 dscp to restore the default.

By default, the DSCP value in IPv6 DNS packets is 0.

Examples

# Set the DSCP value to 30 in IPv6 DNS packets.

<Sysname> system-view

[Sysname] dns ipv6 dscp 30

dns server ipv6

Syntax dns server ipv6 ipv6-address [ interface-type interface-number ] undo dns server ipv6 ipv6-address [ interface-type interface-number ]

View

System view

Default level

2: System level

Parameters

ipv6-address: Specifies the IPv6 address of a DNS server.

interface-type interface-number: Specifies an interface by its type and number. When the IPv6 address of the DNS server is a link-local address, the two arguments must be specified.

Description

Use dns server ipv6 to specify a DNS server.

Use undo dns server ipv6 to remove the specified DNS server.

By default, no DNS server is configured.

You can configure a maximum of six DNS servers, including those with IPv4 addresses.

226

Examples

# Specify a DNS server at 2002::1.

<Sysname> system-view

[Sysname] dns server ipv6 2002::1

ipv6 host

Syntax ipv6 host hostname ipv6-address undo ipv6 host hostname [ ipv6-address ]

View

System view

Default level

2: System level

Parameters

hostname: Specifies the host name, a string of up to 255 characters. The character string can contain letters, numbers, underscores (_), hyphens (-), or dots (.) and must contain at least one letter.

ipv6-address: Specifies the IPv6 address.

Description

Use ipv6 host to configure a mapping between host name and IPv6 address.

Use undo ipv6 host to remove a mapping between host name and IPv6 address.

No mappings are created by default.

Each host name can correspond to only one IPv6 address. The IPv6 address you last assign to the host name will overwrite the previous one if there is any.

Related commands: display ipv6 host.

Examples

# Configure the mapping between a host name and an IPv6 address.

<Sysname> system-view

[Sysname] ipv6 host aaa 2001::1

227

Tunneling configuration commands

default

Syntax default

View

Tunnel interface view

Default level

2: System level

Parameters

None

Description

CAUTION:

The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you perform it on a live network.

Use default to restore the default settings for the tunnel interface.

This command might fail to restore the default settings for some commands for reasons such as command dependencies and system restrictions. You can use the display this command in interface view to check for these commands, and perform their undo forms or follow the command reference to individually restore their default settings. If your restoration attempt still fails, follow the error message to resolve the problem.

Examples

# Restore the default settings of interface tunnel 1.

<Sysname> system-view

[Sysname] interface tunnel 1

[Sysname-Tunnel1] default

This command will restore the default settings. Continue? [Y/N]:y

description

Syntax description text undo description

View

Tunnel interface view

Default level

2: System level

228

Parameters

text: Description of an interface, a string of 1 to 80 characters.

Description

Use description to configure a description for the current interface.

Use undo description to restore the default.

By default, the description of a tunnel interface is Tunnelnumber Interface, for example, Tunnel1

Interface.

Related commands: display interface tunnel.

Examples

# Configure the description of interface Tunnel 1 as tunnel1.

<Sysname> system-view

[Sysname] interface tunnel 1

[Sysname-Tunnel1] description tunnel1

destination

Syntax destination { ip-address | ipv6-address } undo destination

View

Tunnel interface view

Default level

2: System level

Parameters

ip-address: Specifies the tunnel destination IPv4 address.

ipv6-address: Specifies the tunnel destination IPv6 address.

Description

Use destination to specify the destination address for the tunnel interface.

Use undo destination to remove the configured tunnel destination address.

By default, no tunnel destination address is configured.

The tunnel destination address must be a public address.

The tunnel destination address is the address of the peer interface receiving packets and should be configured as the source address of the peer tunnel interface.

Automatic tunnel interfaces using the same encapsulation protocol must have different source addresses.

Manual tunnel interfaces using the same encapsulation protocol must have different source and destination addresses.

Related commands: source, interface tunnel, display interface tunnel, and display ipv6 interface tunnel.

Examples

# Configure interface VLAN-interface 100 (193.101.1.1) of Sysname 1 and interface VLAN-interface 100

(192.100.1.1) of Sysname 2 as the source and destination interfaces of a tunnel between the two devices.

229

<Sysname1> system-view

[Sysname1] interface tunnel 0

[Sysname1-Tunnel0] source 193.101.1.1

[Sysname1-Tunnel0] destination 192.100.1.1

<Sysname2> system-view

[Sysname2] interface tunnel 1

[Sysname2-Tunnel1] source 192.100.1.1

[Sysname2-Tunnel1] destination 193.101.1.1

display interface tunnel

Syntax display interface [ tunnel ] [ brief [ down ] ] [ | { begin | exclude | include } regular-expression ] display interface tunnel number [ brief ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

number: Specifies the number of a tunnel interface. With this argument, the command displays information about the specified tunnel interface. brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information. down: Displays information about interfaces in the DOWN state and the causes. If you do not specify this keyword, this command displays information about interfaces in all states.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression. include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display interface tunnel to display information about tunnel interfaces, such as the source address, destination address, and tunnel mode.

If you do not specify the tunnel keyword, this command displays information about all interfaces on the device.

If you specify the tunnel keyword without the number argument, this command displays information about all existing tunnel interfaces.

Related commands: interface tunnel, source, destination, and tunnel-protocol.

Examples

# Display detailed information about interface Tunnel 0.

<Sysname> display interface tunnel 0

230

Tunnel0 current state: UP

Line protocol current state: UP

Description: Tunnel0 Interface

The Maximum Transmit Unit is 1476

Internet Address is 58.0.0.1/24 Primary

Encapsulation is TUNNEL, service-loopback-group ID is 1.

Tunnel source 20.0.0.2 (Vlan-interface2000), destination 20.0.0.1

Tunnel bandwidth 64 (kbps)

Tunnel protocol/transport GRE/IP

GRE key disabled

Checksumming of GRE packets disabled

Output queue : (Urgent queuing : Size/Length/Discards) 0/100/0

Output queue : (Protocol queuing : Size/Length/Discards) 0/500/0

Output queue : (FIFO queuing : Size/Length/Discards) 0/75/0

Last clearing of counters: Never

Last 300 seconds input: 0 bytes/sec, 0 packets/sec

Last 300 seconds output: 28 bytes/sec, 0 packets/sec

1847 packets input, 136451 bytes

0 input error

5572 packets output, 428860 bytes

0 output error

Table 55 Command output

Field Description

Tunnel0 current state

Physical state of the tunnel interface:

DOWN (Administratively)—The interface is administratively down.

That is, the interface is shut down with the shutdown command.

DOWN—The interface is administratively up but its physical state is down.

UP—Both the administrative and physical states of the interface are up.

Line protocol current state

Link layer state of the tunnel interface:

DOWN—The protocol state of the interface is down.

UP—The protocol state of the interface is up.

Description

Maximum Transmit Unit

Internet Address

Encapsulation is TUNNEL service-loopback-group ID

Description of the tunnel interface.

Maximum transmit unit allowed on the tunnel interface.

IP address of the tunnel interface.

If no IP address is assigned to the interface, Internet protocol processing : disabled is displayed, which means that packets cannot be processed.

Primary indicates the primary IP address of the interface. Sub indicates a secondary IP address of the interface.

The encapsulation protocol is tunnel.

ID of the service loopback group referenced by the tunnel.

If service loopback group is not specified, service-loopback-group ID not set is displayed.

231

Field Description

Tunnel source Source address of the tunnel. destination

Tunnel bandwidth

Destination address of the tunnel.

Bandwidth of the tunnel interface.

Tunnel protocol/transport

Tunnel mode and transport protocol:

GRE/IP—GRE over IPv4 tunnel mode.

GRE/IPv6—GRE over IPv6 tunnel mode.

IP/IP—IPv4 over IPv4 tunnel mode.

IP/IPv6—IPv4 over IPv6 tunnel mode.

IPv6/IP—IPv6 over IPv4 manual tunnel mode.

IPv6/IP 6to4—IPv6 over IPv4 6to4 tunnel mode.

IPv6/IP ISATAP—IPv6 over IPv4 ISATAP tunnel mode.

IPv6/IPv6—IPv6 over IPv6 tunnel mode.

The tunnel interface key option of GRE is not configured. GRE key disabled

Checksumming of GRE packets disabled

Last clearing of counters

Last 300 seconds input: 0 bytes/sec,

0 packets/sec

Last 300 seconds output: 0 bytes/sec, 0 packets/sec packets input input error

The GRE packet checksum function is disabled.

Last time of clearing of counters.

Average input rate in the last 300 seconds in bytes/sec or packets/sec.

Average output rate in the last 300 seconds in bytes/sec or packets/sec.

Total number of input packets.

Number of input error packets. packets output output error

Total number of output packets.

Number of output error packets.

# Display brief information about interface Tunnel 0.

<Sysname> display interface tunnel 0 brief

The brief information of interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface Link Protocol Main IP Description

Tun0 UP UP 1.1.1.1

# Display brief information about interface Tunnel 1 in DOWN state.

<Sysname> display interface tunnel brief down

The brief information of interface(s) under route mode:

Link: ADM - administratively down; Stby - standby

Interface Link Cause

Tun1 DOWN Not connected

232

Table 56 Command output

Field Description

The brief information of interface(s) under route mode

Brief information about Layer 3 interfaces.

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Link status. If the interface has been administratively shut down, ADM is displayed. To recover its physical state, perform the undo shutdown command.

(s) indicates that the network layer protocol state is UP, but the link is not available because it is an on-demand link or not present at all.

Interface

Link

Protocol

Abbreviated interface name.

Physical link state of the interface:

UP—The link is up.

DOWN—The link is down.

ADM—The link has been administratively shut down. To bring it up, perform the undo shutdown command.

Protocol state:

DOWN—The protocol is disabled.

UP—The protocol is enabled.

Main IP

Description

Cause

Primary IP address of the interface.

Description of the interface.

Cause of a DOWN physical link. If the port has been shut down with the shutdown command, this field displays Administratively. To bring up the port, use the undo shutdown command.

display ipv6 interface tunnel

Syntax display ipv6 interface tunnel [ number ] [ brief ] [ | { begin | exclude | include } regular-expression ]

View

Any view

Default level

1: Monitor level

Parameters

number: Displays IPv6 information on a specific tunnel interface. If no interface number is specified, IPv6 information about all tunnel interfaces will be displayed. brief: Displays brief information about tunnel interfaces. If this keyword is not specified, detailed information and IPv6 packet statistics for tunnel interfaces are displayed.

|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line that matches the specified regular expression and all lines that follow. exclude: Displays all lines that do not match the specified regular expression.

233

include: Displays all lines that match the specified regular expression.

regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.

Description

Use display ipv6 interface tunnel to display IPv6 information for tunnel interfaces.

Examples

# Display detailed IPv6 information and IPv6 packet statistics for interface Tunnel 0.

<Sysname> display ipv6 interface tunnel 0

Tunnel0 current state :UP

Line protocol current state :UP

IPv6 is enabled, link-local address is FE80::202:201

Global unicast address(es):

3000::1, subnet is 3000::/64

Joined group address(es):

FF02::1:FF02:201

FF02::1:FF00:1

FF02::1:FF00:0

FF02::2

FF02::1

MTU is 1480 bytes

ND reachable time is 30000 milliseconds

ND retransmit interval is 1000 milliseconds

Hosts use stateless autoconfig for addresses

IPv6 Packet statistics:

InReceives: 45

InTooShorts: 0

InTruncatedPkts: 0

InHopLimitExceeds: 0

InBadHeaders: 0

InBadOptions: 0

ReasmReqds: 0

ReasmOKs: 0

InFragDrops: 0

InFragTimeouts: 0

OutFragFails: 0

InUnknownProtos: 0

InDelivers: 45

OutRequests: 45

OutForwDatagrams: 0

InNoRoutes: 0

InTooBigErrors: 0

OutFragOKs: 0

OutFragCreates: 0

InMcastPkts: 0

InMcastNotMembers: 0

OutMcastPkts: 0

InAddrErrors: 0

InDiscards: 0

234

OutDiscards: 0

Table 57 Command output

Field Description

Tunnel0 current state

Physical state of the tunnel interface:

Administratively DOWN—The interface is administratively down. That is, the interface is shut down with the shutdown command.

DOWN—The interface is administratively up but its physical state is down.

UP—Both the administrative and physical states of the interface are up.

Line protocol current state

Link layer state of the tunnel interface:

DOWN—The protocol state of the interface is down.

UP—The protocol state of the interface is up.

IPv6 is enabled link-local address

Global unicast address(es)

Joined group address(es)

MTU is 1480 bytes

ND reachable time

ND retransmit interval

Hosts use stateless autoconfig for addresses

IPv6 packet forwarding state of the tunnel interface. IPv6 packet forwarding is automatically enabled after an IPv6 address is assigned to the interface. IPv6 packet forwarding is enabled in the example.

Link-local address configured for the tunnel interface.

Global unicast addresses configured for the tunnel interface.

Multicast addresses of the tunnel interface.

Maximum transmission unit of the tunnel interface. It is 1480 bytes in the example.

Neighbor reachable time.

Interval for retransmitting a neighbor solicitation message.

Hosts use stateless autoconfiguration mode to acquire IPv6 addresses.

InReceives

InTooShorts

InTruncatedPkts

All IPv6 packets received by the tunnel interface, including types of error packets.

Received IPv6 packets that are too short, with a length less than 40 bytes, for example.

Received IPv6 packets with a length less than that specified in the packets.

InBadHeaders

InBadOptions

ReasmReqds

ReasmOKs

InFragDrops

InFragTimeouts

OutFragFails

InUnknownProtos

Received IPv6 packets with bad basic headers.

Received IPv6 packets with bad extension headers.

Received IPv6 fragments.

Number of packets after reassembly rather than the number of fragments.

IPv6 fragments discarded due to certain errors.

IPv6 fragments discarded because the interval for which they had stayed in the system buffer exceeded the specified period.

Packets failed in fragmentation on the outbound interface.

Received IPv6 packets with unknown or unsupported protocol type.

235

Field Description

InDelivers

Received IPv6 packets that were delivered to application layer protocols

(such as ICMPv6, TCP, and UDP).

OutRequests

OutForwDatagrams

InNoRoutes

InTooBigErrors

OutFragOKs

OutFragCreates

InMcastPkts

InMcastNotMembers

OutMcastPkts

InAddrErrors

InDiscards

Local IPv6 packets sent by IPv6 application protocols.

Packets forwarded by the outbound interface.

IPv6 packets that were discarded because no matched route can be found.

IPv6 packets that were received normally but discarded before they were forwarded because they exceeded the PMTU.

Packets that were fragmented on the outbound interface.

Number of packet fragments after fragmentation on the outbound interface.

IPv6 multicast packets received on the interface.

Incoming IPv6 multicast packets that were discarded because the interface did not belong to the corresponding multicast groups.

IPv6 multicast packets sent by the interface.

IPv6 packets that were discarded due to invalid destination addresses.

Received IPv6 packets that were discarded due to resource problems rather than packet content errors.

OutDiscards

Sent packets that were discarded due to resource problems rather than packet content errors.

# Display brief IPv6 information for interface Tunnel 0.

<Sysname> display ipv6 interface tunnel 0 brief

*down: administratively down

(s): spoofing

Interface Physical Protocol IPv6 Address

Tunnel0 up up 3000::1

Table 58 Command output

Field Description

*down

The tunnel interface is administratively down, that is, the interface is closed by using the shutdown command.

(s)

Interface

Spoofing attribute of the tunnel interface, that is, the link protocol state of the tunnel interface is up, but the link does not exist, or the link is established on demand, instead of being permanent.

Name of the tunnel interface.

Physical

Physical state of the tunnel interface:

*down—The interface is administratively down. That is, the interface is shut down with the shutdown command.

• down—The interface is administratively up but its physical state is down.

• up—Both the administrative and physical states of the interface are up.

236

Field Description

Protocol

Link layer protocol state of the tunnel interface:

• down—The protocol state of the interface is down.

• up—The protocol state of the interface is up.

IPv6 Address

IPv6 address of the tunnel interface. Only the first of configured IPv6 addresses is displayed. If no address is configured for the interface, Unassigned is displayed.

interface tunnel

Syntax interface tunnel number undo interface tunnel number

View

System view

Default level

2: System level

Parameters

number: Specifies the number of the tunnel interface. The number of tunnels that can be created is restricted by the total number of interfaces and the memory.

Description

Use interface tunnel to create a tunnel interface and enter its view.

Use undo interface tunnel to delete a specific tunnel interface.

By default, no tunnel interface is created on the device.

Use the interface tunnel command to enter the interface view of a specific tunnel. If the specified tunnel interface does not exist, the system will create the interface and enter its view.

A tunnel interface number is only locally significant. Thus, the tunnel interfaces on the two ends of a tunnel can use the same or different interface numbers.

Related commands: display interface tunnel, display ipv6 interface tunnel, source, destination, and tunnel-protocol.

Examples

# Create interface Tunnel 3 and enter its view.

<Sysname> system-view

[Sysname] interface tunnel 3

[Sysname-Tunnel3]

mtu

Syntax mtu mtu-size undo mtu

237

View

Tunnel interface view

Default level

2: System level

Parameters

mtu-size: Specifies the MTU on the tunnel interface, in the range of 100 to 64000 bytes.

Description

Use mtu to set the MTU on a tunnel interface.

Use undo mtu to restore the default.

By default, the MTU on a tunnel interface is 64000 bytes.

Examples

# Set the MTU for IPv4 packets on interface Tunnel 3 to 1432 bytes.

<Sysname> system-view

[Sysname] interface tunnel 3

[Sysname-Tunnel3] mtu 1432

reset counters interface

Syntax reset counters interface [ tunnel [ number ] ]

View

User view

Default level

2: System level

Parameters

number: Specifies the tunnel interface number.

Description

Use reset counters interface to clear the statistics of tunnel interfaces.

Before sampling network traffic within a specific period of time on an interface, you need to clear the existing statistics.

If neither the tunnel keyword nor interface number is specified, this command clears the statistics of all interfaces.

If only the tunnel keyword is specified, this command clears the statistics of all tunnel interfaces.

If both the tunnel keyword and interface number are specified, this command clears the statistics of the specified tunnel interface.

Examples

# Clear the statistics of Tunnel 3.

<Sysname> reset counters interface tunnel 3

238

service-loopback-group

Syntax service-loopback-group number undo service-loopback-group

View

Tunnel interface view

Default level

2: System level

Parameters

number: Specifies the service loopback group ID.

Description

Use service-loopback-group to reference a service loopback group on the tunnel interface.

Use undo service-loopback-group to remove the referenced service loopback group from the tunnel interface.

By default, no service loopback group is referenced on a tunnel interface.

The service loopback group to be referenced must have been configured and have the service type set to tunnel in system view.

One tunnel interface can reference only one service loopback group.

Related commands: display interface tunnel; service-loopback group (Layer 2—LAN Switching

Command Reference).

Examples

# Create service loopback group 1 of tunnel type.

<Sysname> system-view

[Sysname] service-loopback group 1 type tunnel

# Add a Layer 2 Ethernet port to service loopback group 1.

[Sysname] interface Ethernet 1/0/1

[Sysname-Ethernet1/0/1] undo stp enable

[Sysname-Ethernet1/0/1] undo ndp enable

[Sysname-Ethernet1/0/1] undo lldp enable

[Sysname-Ethernet1/0/1] port service-loopback group 1

[Sysname-Ethernet1/0/1] quit

# Reference service loopback group 1 on interface Tunnel 2.

[Sysname] interface tunnel 2

[Sysname-Tunnel2] service-loopback-group 1

shutdown

Syntax shutdown undo shutdown

239

View

Tunnel interface view

Default level

2: System level

Parameters

None

Description

Use shutdown to shut down a tunnel interface.

Use undo shutdown to bring up a tunnel interface.

By default, a tunnel interface is in the up state.

Examples

# Shut down interface Tunnel 1.

<Sysname> system-view

[Sysname] interface tunnel 1

[Sysname-Tunnel1] shutdown

source

Syntax source { ip-address | ipv6-address | interface-type interface-number } undo source

View

Tunnel interface view

Default level

2: System level

Parameters

ip-address: Specifies the tunnel source IPv4 address.

ipv6-address: Specifies the tunnel source IPv6 address.

interface-type interface-number: Specifies an source interface by its type and number.

Description

Use source to specify the source address or interface of the tunnel interface.

Use undo source to remove the configured source address or interface of the tunnel interface.

By default, no source address or interface is specified for the tunnel interface.

The tunnel source address or interface must be a public address or interface.

The tunnel source address is the address of the interface sending packets and should be configured as the destination address of the peer tunnel interface.

Automatic tunnel interfaces using the same encapsulation protocol must have different source addresses.

Manual tunnel interfaces using the same encapsulation protocol must have different source and destination addresses.

240

Related commands: destination, interface tunnel, display interface tunnel, and display ipv6 interface tunnel.

Examples

# Set the tunnel source address to 192.100.1.1 (or the interface VLAN-interface 100) on the interface

Tunnel 5.

<Sysname> system-view

[Sysname] interface tunnel 5

[Sysname-Tunnel5] source 192.100.1.1

Or

<Sysname> system-view

[Sysname] interface tunnel 5

[Sysname-Tunnel5] source vlan-interface 100

tunnel bandwidth

Syntax tunnel bandwidth bandwidth-value undo tunnel bandwidth

View

Tunnel interface view

Default level

2: System level

Parameters

bandwidth-value: Specifies the bandwidth value of the tunnel interface in kbps, in the range of 1 to

10000000.

Description

Use tunnel bandwidth to set the bandwidth of the tunnel interface.

Use undo tunnel bandwidth to restore the default.

By default, the bandwidth of the tunnel interface is 64 kbps.

The tunnel interface bandwidth set with the tunnel bandwidth command is for dynamical routing protocols to calculate the cost of a tunnel path, rather than changes the bandwidth of the tunnel interface.

Refer to the bandwidth of the output interface of the packet when you set the bandwidth of the tunnel interface.

Examples

# Configure the bandwidth of Tunnel 0 as 100 kbps.

<Sysname> system-view

[Sysname] interface tunnel 0

[Sysname-Tunnel0] tunnel bandwidth 100

tunnel discard ipv4-compatible-packet

Syntax tunnel discard ipv4-compatible-packet

241

undo tunnel discard ipv4-compatible-packet

View

System view

Default level

2: System level

Parameters

None

Description

Use tunnel discard ipv4-compatible-packet to enable dropping of IPv6 packets using IPv4-compatible

IPv6 addresses.

Use undo tunnel discard ipv4-compatible-packet to restore the default.

By default, IPv6 packets using IPv4-compatible IPv6 addresses are not dropped.

The tunnel discard ipv4-compatible-packet command enables the device to check the source and destination IPv6 addresses of the de-encapsulated IPv6 packets from the tunnel and discard packets that use a source or destination IPv4-compatible IPv6 address.

Examples

# Enable dropping of IPv6 packets using IPv4-compatible IPv6 addresses.

<Sysname> system-view

[Sysname] tunnel discard ipv4-compatible-packet

tunnel-protocol

Syntax tunnel-protocol { gre [ ipv6 ] | ipv4-ipv4 | ipv4-ipv6 | ipv6-ipv4 [ 6to4 | isatap ] | ipv6-ipv6 } undo tunnel-protocol

View

Tunnel interface view

Default level

2: System level

Parameters gre: Specifies the GRE over IPv4 tunnel mode. gre ipv6: Specifies the GRE over IPv6 tunnel mode. ipv4-ipv4: Specifies the IPv4 over IPv4 tunnel mode. ipv4-ipv6: Specifies the IPv4 over IPv6 tunnel mode. ipv6-ipv4: Specifies the IPv6 over IPv4 manual tunnel mode. ipv6-ipv4 6to4: Specifies the IPv6 over IPv4 6to4 tunnel mode. ipv6-ipv4 isatap: Specifies the IPv6 over IPv4 ISATAP tunnel mode. ipv6-ipv6: Specifies the IPv6 over IPv6 tunnel mode.

242

Description

Use tunnel-protocol to specify the tunnel mode for the tunnel interface.

Use undo tunnel-protocol to restore the default.

The default tunnel is a GRE over IPv4 tunnel.

You can select a tunnel mode according to the actual network topology and application. The two ends of a tunnel must have the same tunnel mode specified. Otherwise, traffic transmission may fail.

Only one automatic tunnel can be created at the start point of a tunnel.

Examples

# Specify the 6to4 tunnel mode for interface Tunnel 2.

<Sysname> system-view

[Sysname] interface tunnel 2

[Sysname-Tunnel2] tunnel-protocol ipv6-ipv4 6to4

243

Support and other resources

Contacting HP

For worldwide technical support information, see the HP support website: http://www.hp.com/support

Before contacting HP, collect the following information:

Product model names and numbers

Technical support registration number (if applicable)

Product serial numbers

Error messages

Operating system type and revision level

Detailed questions

Subscription service

HP recommends that you register your product at the Subscriber's Choice for Business website: http://www.hp.com/go/wwalerts

After registering, you will receive email notification of product enhancements, new driver versions, firmware updates, and other product resources.

Related information

Documents

To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals

For related documentation, navigate to the Networking section, and select a networking category.

For a complete list of acronyms and their definitions, see HP FlexNetwork Technology Acronyms.

Websites

HP.com http://www.hp.com

HP Networking http://www.hp.com/go/networking

HP manuals http://www.hp.com/support/manuals

HP download drivers and software http://www.hp.com/support/downloads

HP software depot http://www.software.hp.com

HP Education http://www.hp.com/learn

244

Conventions

This section describes the conventions used in this documentation set.

Command conventions

Convention Description

Boldface Bold text represents commands and keywords that you enter literally as shown.

Italic

[ ]

{ x | y | ... }

[ x | y | ... ]

{ x | y | ... } *

[ x | y | ... ] *

&<1-n>

Italic text represents arguments that you replace with actual values.

Square brackets enclose syntax choices (keywords or arguments) that are optional.

Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.

Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none.

Asterisk-marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one.

Asterisk-marked square brackets enclose optional syntax choices separated by vertical bars, from which you select one choice, multiple choices, or none.

The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times.

A line that starts with a pound (#) sign is comments. #

GUI conventions

Symbols

Convention Description

Boldface

Window names, button names, field names, and menu items are in bold text. For example, the New User window appears; click OK.

> Multi-level menus are separated by angle brackets. For example, File > Create > Folder.

Convention Description

WARNING

An alert that calls attention to important information that if not understood or followed can result in personal injury.

CAUTION

An alert that calls attention to important information that if not understood or followed can result in data loss, data corruption, or damage to hardware or software.

IMPORTANT

NOTE

An alert that calls attention to essential information.

An alert that contains additional or supplementary information.

TIP

An alert that provides helpful information.

245

Network topology icons

Represents a generic network device, such as a router, switch, or firewall.

Represents a routing-capable device, such as a router or Layer 3 switch.

Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports

Layer 2 forwarding and other Layer 2 features.

Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch.

Represents an access point.

 

Represents a security product, such as a firewall, a UTM, or a load-balancing or security card that is installed in a device.

Port numbering in examples

Represents a security card, such as a firewall card, a load-balancing card, or a

NetStream card.

The port numbers in this document are for illustration only and might be unavailable on your device.

246

Index

A B D E F G I L M N O P R S T U V

A

arp check enable, 1

arp ip-conflict prompt,

10

arp max-learning-num,

1

arp send-gratuitous-arp, 9

arp static,

2

arp timer aging, 3

arp-snooping enable,

15

B bims-server,

23

bootfile-name,

23

D default,

228 description, 228

destination, 229

dhcp client dscp, 81

dhcp dscp (for DHCP relay agent),

57

dhcp dscp (for DHCP server),

24

dhcp enable (for DHCP relay agent),

57

dhcp enable (for DHCP server),

25

dhcp relay address-check enable,

58

dhcp relay check mac-address, 59

dhcp relay client-detect enable,

59

dhcp relay information circuit-id format-type,

60

dhcp relay information circuit-id string,

61

dhcp relay information enable,

61

dhcp relay information format, 62

dhcp relay information remote-id format-type, 63 dhcp relay information remote-id string, 63

dhcp relay information strategy,

64

dhcp relay release ip, 65

dhcp relay security refresh enable,

66

dhcp relay security static,

65

dhcp relay security tracker, 67 dhcp relay server-detect, 67

dhcp relay server-group,

68

dhcp relay server-select,

69

dhcp select relay, 70

dhcp select server global-pool,

26

dhcp server apply ip-pool, 25

dhcp server client-detect enable,

27

dhcp server detect,

27

dhcp server forbidden-ip,

28

dhcp server ip-pool, 29 dhcp server ping packets, 29

dhcp server ping timeout, 30

dhcp server relay information enable,

31 dhcp server threshold, 31

dhcp-snooping,

83 dhcp-snooping binding database filename, 83

dhcp-snooping binding database update interval, 84

dhcp-snooping binding database update now, 85 dhcp-snooping check mac-address, 85

dhcp-snooping check request-message,

86

dhcp-snooping information circuit-id format-type,

86

dhcp-snooping information circuit-id string,

87

dhcp-snooping information enable,

88

dhcp-snooping information format, 89

dhcp-snooping information remote-id format-type, 90

dhcp-snooping information remote-id string,

90

dhcp-snooping information strategy,

91

dhcp-snooping information sub-option,

92

dhcp-snooping trust,

93

display arp,

4

display arp ip-address, 5

display arp timer aging,

6 display arp vpn-instance, 6

display arp-snooping,

15

display bootp client, 100

display dhcp client,

79

display dhcp relay, 70

display dhcp relay information, 71

display dhcp relay security,

73

display dhcp relay security statistics, 74

display dhcp relay security tracker,

74

247

display dhcp relay server-group, 75

display dhcp relay statistics, 76

display dhcp server conflict, 32

display dhcp server expired, 33

display dhcp server forbidden-ip, 35

display dhcp server free-ip, 34

display dhcp server ip-in-use, 36

display dhcp server statistics,

37

display dhcp server tree,

39

display dhcp-snooping, 94

display dhcp-snooping binding database, 95

display dhcp-snooping information,

96

display dhcp-snooping packet statistics,

97

display dhcp-snooping trust, 98

display dns domain, 102

display dns host, 103

display dns ipv6 server,

224

display dns server,

104

display fib,

117

display fib ip-address, 119

display icmp statistics,

120

display interface tunnel,

230

display ip host,

105

display ip interface, 17

display ip interface brief, 19

display ip socket, 121

display ip statistics, 125

display ipv6 dhcp client, 212

display ipv6 dhcp client statistics,

214

display ipv6 dhcp duid, 191 display ipv6 dhcp pool, 191

display ipv6 dhcp prefix-pool, 193

display ipv6 dhcp relay server-address, 208

display ipv6 dhcp relay statistics, 209

display ipv6 dhcp server,

194

display ipv6 dhcp server pd-in-use,

195

display ipv6 dhcp server statistics,

197

display ipv6 dhcp snooping trust, 216

display ipv6 dhcp snooping user-binding,

217

display ipv6 fib,

141

display ipv6 fib ipv6-address,

142

display ipv6 host,

225

display ipv6 interface,

144

display ipv6 interface tunnel,

233

display ipv6 nd snooping, 148

248

display ipv6 neighbors, 149

display ipv6 neighbors count, 151

display ipv6 neighbors vpn-instance, 152

display ipv6 pathmtu, 153

display ipv6 socket,

154

display ipv6 statistics, 156

display local-proxy-arp, 12

display proxy-arp,

12

display tcp ipv6 statistics, 160

display tcp ipv6 status,

162

display tcp statistics, 126

display udp ipv6 statistics, 163

display udp statistics, 129

display udp-helper server, 137

dns domain,

106 dns dscp, 106

dns ipv6 dscp, 226

dns proxy enable,

107

dns resolve,

107

dns server, 108

dns server ipv6, 226

dns source-interface, 109 dns spoofing, 109

dns-list, 40

dns-server,

199

domain-name, 41

domain-name, 199

ds-lite address,

200

E

expired, 42

F forbidden-ip,

42

G gateway-list,

43

gratuitous-arp-learning enable, 11

gratuitous-arp-sending enable,

10

I

interface tunnel, 237

ip address, 21

ip address bootp-alloc, 101

ip address dhcp-alloc, 81

ip address unnumbered,

22

ip forward-broadcast (interface view),

130

ip forward-broadcast (system view), 130

ip host, 110

ip irdp, 112 ip irdp address, 112

ip irdp lifetime,

113

ip irdp maxadvinterval,

113

ip irdp minadvinterval,

114

ip irdp multicast,

115 ip irdp preference, 115

ip redirects enable,

131 ip ttl-expires enable, 131

ip unreachables enable,

132

ipv6,

164

ipv6 address,

165 ipv6 address anycast, 165

ipv6 address auto, 166

ipv6 address auto link-local,

167

ipv6 address eui-64,

167

ipv6 address link-local, 168

ipv6 dhcp client dscp, 215

ipv6 dhcp dscp (for DHCPv6 relay agent), 210

ipv6 dhcp dscp (for DHCPv6 server), 200

ipv6 dhcp pool, 201

ipv6 dhcp prefix-pool,

202

ipv6 dhcp relay server-address, 211

ipv6 dhcp server apply pool,

202

ipv6 dhcp server enable, 203

ipv6 dhcp snooping enable,

218 ipv6 dhcp snooping max-learning-num, 218

ipv6 dhcp snooping option interface-id enable, 219

ipv6 dhcp snooping option interface-id string,

220 ipv6 dhcp snooping option remote-id enable, 220

ipv6 dhcp snooping option remote-id string,

221 ipv6 dhcp snooping trust, 221

ipv6 dhcp snooping vlan enable, 222

ipv6 hoplimit-expires enable, 169

ipv6 host,

227

ipv6 icmp-error, 169

ipv6 icmpv6 multicast-echo-reply enable,

170

ipv6 nd autoconfig managed-address-flag,

170

ipv6 nd autoconfig other-flag,

171

ipv6 nd dad attempts,

172

ipv6 nd hop-limit,

172

ipv6 nd ns retrans-timer,

173 ipv6 nd nud reachable-time, 173

249

ipv6 nd ra halt, 174

ipv6 nd ra interval,

175

ipv6 nd ra no-advlinkmtu,

175

ipv6 nd ra prefix, 176

ipv6 nd ra router-lifetime,

177 ipv6 nd snooping enable, 177

ipv6 nd snooping enable global, 178

ipv6 nd snooping enable link-local,

178

ipv6 nd snooping max-learning-num,

179

ipv6 nd snooping uplink,

180

ipv6 neighbor,

180

ipv6 neighbor stale-aging, 181

ipv6 neighbors max-learning-num,

182 ipv6 pathmtu, 182

ipv6 pathmtu age, 183

ipv6 prefer temporary-address,

184

ipv6 unreachables enable,

184

L local-proxy-arp enable,

13

local-proxy-nd enable, 185

M mac-address station-move,

7

mtu, 237

N

nbns-list, 44

netbios-type, 45 network, 45

network ip range,

46

network mask, 47

next-server,

48

O

option, 48

P prefix-pool,

204

proxy-arp enable,

14

proxy-nd enable, 185

R reset arp,

8

reset arp-snooping,

16

reset counters interface,

238

reset dhcp relay statistics,

78

reset dhcp server conflict, 49

reset dhcp server ip-in-use, 49

reset dhcp server statistics,

50

reset dhcp-snooping,

98

reset dhcp-snooping packet statistics,

99

reset dns host, 111

reset ip statistics, 132

reset ipv6 dhcp client statistics, 216

reset ipv6 dhcp relay statistics, 212

reset ipv6 dhcp server pd-in-use, 205 reset ipv6 dhcp server statistics, 205

reset ipv6 dhcp snooping user-binding, 223

reset ipv6 nd snooping, 186 reset ipv6 neighbors, 186

reset ipv6 pathmtu,

187

reset ipv6 statistics, 188 reset tcp ipv6 statistics, 188

reset tcp statistics, 133

reset udp ipv6 statistics,

189

reset udp statistics,

133

reset udp-helper packet,

137

S

service-loopback-group, 239

shutdown,

239

sip-server, 206

source,

240

static-bind client-identifier, 50

static-bind ip-address,

51

static-bind mac-address,

52

static-bind prefix,

207

T tcp ipv6 timer fin-timeout,

189

tcp ipv6 timer syn-timeout,

190

tcp ipv6 window,

190

tcp path-mtu-discovery,

134

tcp timer fin-timeout,

134

tcp timer syn-timeout,

135

tcp window,

136

tftp-server domain-name,

53

tftp-server ip-address,

53

tunnel bandwidth, 241 tunnel discard ipv4-compatible-packet, 241

tunnel-protocol, 242

U udp-helper enable,

138

udp-helper port,

138

udp-helper server, 139

V

vendor-class-identifier, 54

voice-config, 55

250

advertisement

Key Features

  • Layer 3 switching
  • Routing
  • DHCP server and client support
  • DNS server and client support
  • Security features
  • IPv6 support
  • High performance and scalability

Frequently Answers and Questions

What are the key features of the HP 3600 v2 Switch Series?
The HP 3600 v2 Switch Series offers Layer 3 switching, routing, DHCP, DNS, security, IPv6 support, and high performance and scalability.
What is the purpose of the HP 3600 v2 Switch Series?
The HP 3600 v2 Switch Series is a Layer 3 switch that provides a wide range of IP services, making it suitable for use in various environments.
What kind of environments can the HP 3600 v2 Switch Series be used in?
The HP 3600 v2 Switch Series is a versatile switch, suitable for small businesses, large enterprises, and other network environments.

Related manuals

Download PDF

advertisement

Table of contents