Redundancy
VRRP management
clear vrrp-state
This command stops VRRP protocol execution for time 3 * Advertisement_Interval +1. This enables the router in the backup state to perform a master hijacking.
Syntax
clear vrrp-state
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example 1
show vrrp
This command displays information about VRRP.
Syntax
show vrrp [ <ID> ] [ vrf <VRF> ]
Parameters
<ID> – process number, takes values of [1..255];
<VRF> – VRF instance name, set by the string of up to 31 characters.
Required privilege level
1
Command mode
ROOT
Example 1
Example 2
vrrp
This command enables VRRP process on IP interface.
The use of a negative form (no) of the command disables VRRP process.
Syntax
[no] vrrp
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp authentication algorithm
This command defines authentication algorithm.
The use of a negative form (no) of the command disables the authentication.
Syntax
vrrp authentication algorithm <ALGORITHM>
no vrrp authentication algorithm
Parameters
<ALGORITHM> – authentication algorithm:
- cleartext – password, transmitted in clear text;
- md5 – password is hashed by md5 algorithm.
Required privilege level
15
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp authentication key
This command sets a password for authentication with a neighbor.
The use of a negative form (no) of the command removes the password.
Syntax
vrrp authentication key ascii-text { <CLEAR-TEXT> | encrypted <ENCRYPTED-TEXT> }
no vrrp authentication key
Parameters
<CLEAR-TEXT> – password of 8 to 16 bytes;
<ENCRYPTED-TEXT> – encrypted password of 8 to 16 bytes (from 16 to 32 characters) in hexadecimal format (0xYYYY ...) or (YYYY ...).
Required privilege level
15
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp force-up
This command sets the mode, in which the virtual IP interface remains in the UP state regardless of the state of the interface itself.
The use of a negative form (no) of the command sets the default mode.
Syntax
[no] vrrp force-up
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp group
This command sets the VRRP interface to the group. The group provides the ability to synchronize several VRRP processes, so if in one of the processes there is a wizard change, then in another process roles will also be changed.
The use of a negative form (no) of the command removes VRRP router from the group.
Syntax
vrrp group <GRID>
no vrrp group
Parameters
<GRID> – VRRP router group identifier, takes values in the range of [1..32].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp id
This command sets VRRP router identifier.
The use of a negative form (no) of the command removes virtual router identifier.
Syntax
vrrp id <VRID>
no vrrp id
Parameters
<VRID> – VRRP router identifier, takes values in the range of [1..255].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp ip
This command sets the virtual IP address of the VRRP router.
The use of a negative form (no) of the command removes the virtual IP address of the router.
Syntax
vrrp ip <ADDR/LEN > [ secondary ]
no vrrp ip
Parameters
<ADDR/LEN> – virtual IP address and mask length, defined as AAA.BBB.CCC.DDD/EE where each part AAA-DDD takes values of [0..255] and EE takes values of [1..32]. You can specify several IP addresses separated by commas. Up to 8 IP addresses can be assigned to the interface.
secondary – key to set an additional IP address.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp preempt delay
This command sets the time interval after which a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.
The use of a negative form (no) of the command returns the default configuration.
Syntax
[no] vrrp preempt delay <TIME>
no vrrp preempt delay
Parameters
<TIME> – timeout, takes value in seconds [1..1000].
Default value
0
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp preempt disable
This command defines whether a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.
An exception is the router, in which the virtual IP address matches the IP address on the interface, it will always take over the Master role regardless of this setting.
The use of a negative form (no) of the command returns the default configuration.
Syntax
[no] vrrp preempt disable
Parameters
The command does not contain parameters.
Default value
Switching enabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp priority
This command sets VRRP router priority.
The use of a negative form (no) of the command sets the default priority value.
Syntax
vrrp priority <PR>
no vrrp priority
Parameters
<PR> – VRRP router priority, takes values in the range of [1..254].
Default value
100
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp source-ip
This command sets the IP address that will be used as the sender's IP address for VRRP messages.
The use of a negative form (no) of the command removes a specified IP address.
Syntax
vrrp source-ip <IP>
no vrrp source-ip
Parameters
<IP> – sender IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp timers advertise
This command defines the time interval between sending VRRP messages.
The use of a negative form (no) of the command restores the default value.
Syntax
vrrp timers advertise <TIME>
no vrrp timers advertise
Parameters
<TIME> – time in seconds, takes values of [1..40].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp timers garp delay
This command defines the interval after which the Gratuituous ARP message(s) are sent when the router enters the Master state.
The use of a negative form (no) of the command restores the default value.
Syntax
vrrp timers garp delay <TIME>
no vrrp timers garp delay
Parameters
<TIME> – time in seconds, takes values of [1..60].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp timers garp refresh
This command defines the interval after which the Gratuituous ARP message(s) will be sent while the router is in the Master state.
The use of a negative form (no) of the command restores the default value.
Syntax
vrrp timers garp refresh <TIME>
no vrrp timers garp refresh
Parameters
<TIME> – time in seconds, takes values of [1..65535].
Default value
Periodic sending is disabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp timers garp refresh-repeat
This command defines the number of Gratuituous ARP messages that will be sent with a garp refresh period while the router is in the Master state.
The use of a negative form (no) of the command restores the default value.
Syntax
vrrp timers garp refresh-repeat <COUNT>
no vrrp timers garp refresh-repeat
Parameters
<COUNT> – amount of messages, takes values of [1..60].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp timers garp repeat
This command defines the number of Gratuituous ARP messages that will be sent when the router transitions to the Master state.
The use of a negative form (no) of the command restores the default value.
Syntax
vrrp timers garp repeat <COUNT>
no vrrp timers garp repeat
Parameters
<COUNT> – amount of messages, takes values of [1..60].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp track-ip
This command enables vrrp status management based on icmp-reply from a specific IP address.
The use of a negative form (no) of the command disables vrrp status management based on icmp-reply from a specific IP address.
Syntax
[no] vrrp track-ip <ADDR>
Parameters
<ADDR> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp track-ip interval
This command sets the check interval using icmp-request to manage the vrrp status based on icmp-reply from a specific IP address.
The use of a negative form (no) of the command sets the default interval value.
Syntax
vrrp track-ip interval <TIME>
no vrrp track-ip interval
Parameters
<TIME> – icmp-request send interval in seconds [3..60].
Default value
10
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp track-ip packets
This command sets the number of icmp-request at each check to manage the vrrp status based on icmp-reply from a specific IP address.
The use of a negative form (no) of the command sets the default value of number of packets.
Syntax
vrrp track-ip packets <COUNT>
no vrrp track-ip packets
Parameters
<COUNT> – icmp-request send interval in seconds [1..5]
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
vrrp version
The command sets VRRP version.
The use of a negative form (no) of the command sets the default value.
Syntax
vrrp version <VERSION>
no vrrp version
Parameters
<VERSION> – VRRP version: 2, 3.
Default value
2
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
IPv6 VRRP management
ipv6 vrrp
This command enables VRRP process on IPv6 interface.
The use of a negative form (no) of the command disables VRRP process.
Syntax
[no] ipv6 vrrp
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp group
This command sets the VRRP router to the group. The group provides the ability to synchronize several VRRP processes, so if in one of the processes there is a wizard change, then in another process roles will also be changed.
The use of a negative form (no) of the command removes VRRP router from the group.
Syntax
ipv6 vrrp group <GRID>
no ipv6 vrrp group
Parameters
<GRID> – VRRP router group identifier, takes values in the range of [1..32].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp id
This command sets VRRP router identifier.
The use of a negative form (no) of the command removes virtual router identifier.
Syntax
ipv6 vrrp id <VRID>
no ipv6 vrrp id
Parameters
<VRID> – VRRP router identifier, takes values in the range of [1..255].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp ip
This command sets the virtual IPv6 address of the VRRP router.
The use of a negative form (no) of the command removes the virtual IPv6 address of the router.
Syntax
ipv6 vrrp ip <IPV6-ADDR> [secondary]
no ipv6 vrrp ip
Parameters
<IPV6-ADDR> – virtual IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF]. You can specify several IPv6 addresses separated by commas. Up to 8 IPv6 addresses can be assigned to the interface.
secondary – key to set an additional IP address.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp preempt delay
This command sets the time interval after which a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.
The use of a negative form (no) of the command returns the default configuration.
Syntax
ipv6 vrrp preempt delay <TIME>
no ipv6 vrrp preempt delay
Parameters
<TIME> – timeout, takes value in seconds [1..1000].
Default value
0
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp preempt disable
This command defines whether a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.
An exception is the router, in which the virtual IPv6 address matches the IPv6 address on the interface, it will always take over the Master role regardless of this setting.
The use of a negative form (no) of the command returns the default configuration.
Syntax
[no] ipv6 vrrp preempt disable
Parameters
The command does not contain parameters.
Default value
Switching enabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp priority
This command sets VRRP router priority.
The use of a negative form (no) of the command sets the default priority value.
Syntax
ipv6 vrrp priority <PR>
no ipv6 vrrp priority
Parameters
<PR> – VRRP router priority, takes values in the range of [1..254].
Default value
100
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp source-ip
This command sets the IPv6 address that will be used as the sender's IPv6 address for VRRP messages.
The use of a negative form (no) of the command removes a specified IPv6 address.
Syntax
ipv6 vrrp source-ip <IPV6-ADDR>
no ipv6 vrrp source-ip
Parameters
<IPV6-ADDR> – sender IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp timers advertise
This command defines the time interval between sending VRRP messages.
The use of a negative form (no) of the command restores the default value.
Syntax
ipv6 vrrp timers advertise <TIME>
no ipv6 vrrp timers advertise
Parameters
<TIME> – time in seconds, takes values of [1..40].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp timers nd delay
This command defines the delay between the establishment of the IPv6 VRRP MASTER state and the start of the distribution of ND messages.
The use of a negative form (no) of the command restores the default value.
Syntax
ipv6 vrrp timers nd delay <TIME>
no ipv6 vrrp timers nd delay
Parameters
<TIME> – time in seconds, takes values of [1..60].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp timers nd refresh
This command defines the update period of the ND protocol information for IPv6 VRRP in the MASTER state.
The use of a negative form (no) of the command restores the default value.
Syntax
ipv6 vrrp timers nd refresh <TIME>
no ipv6 vrrp timers nd refresh
Parameters
<TIME> – time in seconds, takes values of [1..65535].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp timers nd refresh-repeat
This command defines the number of ND messages sent over the update period for an IPv6 VRRP in the MASTER state.
The use of a negative form (no) of the command restores the default value.
Syntax
ipv6 vrrp timers nd refresh-repeat <NUM>
no ipv6 vrrp timers nd refresh-repeat
Parameters
<NUM> – amount, takes values of [1..60].
Default value
0
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ipv6 vrrp timers nd repeat
This command defines the number of ND packets sent after setting IPv6 VRRP to the MASTER state.
The use of a negative form (no) of the command restores the default value.
Syntax
ipv6 vrrp timers nd repeat <NUM>
no ipv6 vrrp timers nd repeat
Parameters
<NUM> – amount, takes values of [1..60].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
show ipv6 vrrp
This command displays information about VRRP.
Syntax
show ipv6 vrrp [ <ID> ] [ vrf <VRF> ]
Parameters
<ID> – process number, takes values of [1..255];
<VRF> – VRF instance name, set by the string of up to 31 characters.
Required privilege level
1
Command mode
ROOT
Example 1
Example 2
DHCP redundancy configuration
ip dhcp-server failover
This command enables DHCP server redundancy. The use of a negative form (no) of the command disables DHCP server redundancy.
Syntax
[no] ip dhcp-server failover
Parameters
The command does not contain parameters.
Default value
Disabled
Required privilege level
10
Command mode
CONFIG
Example
ip dhcp-server failover auto-partner-down
This command sets the DHCP-lease run time at which a lease can be extended by one of the fault tolerance hosts without contacting the other.
The use of a negative form (no) of the command sets the default value.
Syntax
ip dhcp-server failover auto-partner-down <TIME>
no ip dhcp-server failover auto-partner-down
Parameters
<TIME> – time, takes value in seconds [1..86400].
Default value
0
Required privilege level
10
Command mode
CONFIG
Example
ip dhcp-server failover local-address
This command sets the IP address, port (TCP 647), on which the DHCP server receives Failover messages when operating in redundant mode.
The use of a negative form (no) of the command removes set IP address.
Syntax
ip dhcp-server failover local-address <ADDR>
no ip dhcp-server failover local-address
Parameters
<ADDR> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
10
Command mode
CONFIG
Example
ip dhcp-server failover maximum-client-lead-time
This command sets the maximum time for which the DHCP server can extend the lease time of the IP address.
The use of a negative form (no) of the command sets the default value.
Syntax
ip dhcp-server failover maximum-client-lead-time <TIME>
no ip dhcp-server failover maximum-client-lead-time
Parameters
<TIME> – time, takes value in seconds [1..86400].
Default value
1800
Required privilege level
10
Command mode
CONFIG
Example
ip dhcp-server failover remote-address
This command sets the IP address of the backup DHCP server to which the failover messages are sent when working in redundancy mode.
The use of a negative form (no) of the command removes redundant DHCP server IP address.
Syntax
ip dhcp-server failover remote-address <ADDR>
no ip dhcp-server failover remote-address
Parameters
<ADDR> – redundant DHCP server IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
10
Command mode
CONFIG
Example
ip dhcp-server failover role
This command defines the role of the DHCP server when operating in redundant mode.
The use of a negative form (no) of the command removes the role of the DHCP server when operating in redundant mode.
Syntax
ip dhcp-server failover role <ROLE>
no ip dhcp-server failover role
Parameters
<ROLE> – role of the DHCP server when operating in redundant mode:
- primary – active DHCP server mode;
- secondary – redundant DHCP server mode.
Required privilege level
10
Command mode
CONFIG
Example
show ip dhcp server failover
This command displays status of DHCP server redundancy.
Syntax
show ip dhcp server failover
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
Firewall redundancy configuration
ip firewall failover
This command enables Firewall sessions redundancy.
The use of a negative form (no) of the command disables Firewall sessions redundancy.
Syntax
[no] ip firewall failover
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG
Example
ip firewall failover source-address
This command sets the IP address of the network interface from which messages will be sent when the Firewall is running in session redundancy mode.
The use of a negative form (no) of the command removes IP address of the outgoing interface.
Syntax
ip firewall failover source-address <ADDR>
no ip firewall failover source-address
Parameters
<ADDR> – network interface IP address from which messages will be sent, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
15
Command mode
CONFIG
Example
ip firewall failover destination-address
This command sets the IP address of the neighbor when the Firewall session redundancy are running in unicast mode.
The use of a negative form (no) of the command removes neighbor IP address.
Syntax
ip firewall failover destination-address <ADDR>
no ip firewall failover destination-address
Parameters
<ADDR> – neighbor’s IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
10
Command mode
CONFIG
Example
ip firewall failover port
This command sets the UDP port number of the Firewall session redundancy service, through which information is exchanged when working in unicast mode.
The use of a negative form (no) of the command removes Firewall session redundancy service port number.
Syntax
ip firewall failover port <PORT>
no ip firewall failover port
Parameters
<PORT> – port number of the Firewall session redundancy service, may take values [1..65535].
Required privilege level
15
Command mode
CONFIG
Example
ip firewall failover sync-type
This command defines the mode of information exchange between the primary and redundant routers.
The use of a negative form (no) of the command removes Firewall redundancy operation mode.
Syntax
ip firewall failover sync-type <MODE>
no ip firewall failover sync-type
Parameters
<MODE> – information exchange mode:
- unicast – unicast mode;
- multicast – multicast mode.
Required privilege level
10
Command mode
CONFIG
Example
ip firewall failover multicast-address
This command sets the multicast IP address that will be used to exchange information when working on the redundancy of Firewall sessions in multicast mode.
The use of a negative form (no) of the command removes multicast IP address.
Syntax
ip firewall failover multicast-address <ADDR>
no ip firewall failover multicast-address
Parameters
<ADDR> – multicast IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];
Required privilege level
10
Command mode
CONFIG
Example
ip firewall failover multicast-group
This command sets the multicast group identifier for information exchange when working on the redundancy of Firewall sessions in multicast mode.
The use of a negative form (no) of the command removes the group identifier.
Syntax
ip firewall failover multicast-group <GROUP>
no ip firewall failover multicast-group
Parameters
<GROUP> – multicast group, may take values in range [1000..9999].
Required privilege level
10
Command mode
CONFIG
Example
ip firewall failover vrrp-group
This command defines the VRRP group, on the basis of which the state (master/redundant) of the router is defined when reserving Firewall sessions.
The use of a negative form (no) of the command removes the VRRP group identifier.
Syntax
ip firewall failover vrrp-group <GRID>
no ip firewall failover vrrp-group
Parameters
<GRID> – VRRP router group identifier, takes values in the range of [1..32].
Required privilege level
10
Command mode
CONFIG
Example
show ip firewall failover
This command displays Firewall sessions redundancy status.
Syntax
show ip firewall failover
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
show high-availability state
This command allows you to view the overall state of the redundancy systems and the role of the device.
Syntax
show high-availability state
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
Dual-Homing management
backup interface
This command specifies the redundancy interface to which the switch will occur when communication is lost on the primary. Redundancy is enabled only on those interfaces on which the Spanning Tree protocol is disabled and VLAN Ingress Filtering is enabled.
The use of a negative form (no) of the command removes configuration from the interface.
Syntax
backup interface <IF> vlan <VID>
no backup interface
Parameters
<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.
<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
backup-interface mac-duplicate
This command defines the number of copies of packets with the same MAC address that will be sent to the active interface when switching.
The use of a negative form (no) of the command restores the default value.
Syntax
backup-interface mac-duplicate <COUNT>
no backup-interface mac-duplicate
Parameters
<COUNT> – packet copies amount, take values [1..4].
Default value
1
Required privilege level
10
Command mode
CONFIG
Example
backup-interface mac-per-second
This command defines the number of packets per second that will be sent to the active interface when switching.
The use of a negative form (no) of the command restores the default value.
Syntax
backup-interface mac-per-second <COUNT>
no backup-interface mac-per-second
Parameters
<COUNT> – number of packets per second, takes values [50..400].
Default value
400
Required privilege level
10
Command mode
CONFIG
Example
backup-interface preemption
This command indicates that it is necessary to switch to the main interface when restoring communication. If the recovery of the main interface is configured while the backup is active, then when the link is raised on the main interface, the traffic will be switched to it.
The use of a negative form (no) of the command restores the default configuration.
Syntax
[no] backup-interface preemption
Parameters
The command does not contain parameters.
Default value
Switch disabled.
Required privilege level
10
Command mode
CONFIG
Example
show interfaces backup
This command displays information about the status of the main and backup interfaces.
Syntax
show interfaces backup
Required privilege level
1
Command mode
ROOT
Example
MultiWAN configuration
description
This command defines rule description.
The use of a negative form (no) of the command removes description.
Syntax
description <DESCRIPTION>
no description
Parameters
<DESCRIPTION> – wan rule description, set by the string of up to 255 characters.
Required privilege level
10
Command mode
CONFIG-WAN-RULE
CONFIG-IPV6-WAN-RULE
CONFIG-WAN-TARGET
CONFIG-IPV6-WAN-TARGET
Example
enable
This command enables wan rule, check of the target.
The use of negative form (no) of the command disables wan rule, check of the target.
Syntax
[no] enable
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-WAN-RULE
CONFIG-WAN-TARGET
CONFIG-IPV6-WAN-RULE
CONFIG-IPV6-WAN-TARGET
Example
Target check:
extended count
This command defines number of simultaneously sent ICMP requests.
The use of a negative form (no) of the command sets the default value.
Syntax
extended count <NUM>
no extended count
Parameters
<NUM> – number of simultaneously sent ICMP requests, takes values in range [10..100].
Default value
10
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
extended jitter
This command defines the jitter threshold value, above which the channel quality is unsatisfactory.
The use of a negative form (no) of the command sets the default value.
Syntax
extended jitter <TIME>
no extended jitter
Parameters
<TIME> – the jitter threshold in milliseconds, takes value in the range [50-1000].
Default value
50
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
extended loss
This command defines the loss percent threshold value, above which the channel quality is unsatisfactory.
The use of a negative form (no) of the command sets the default value.
Syntax
extended loss <NUM>
no extended loss
Parameters
<NUM> – loss percent threshold [1..100]
Default value
1
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
extended period
This command defines the period of sending ICMP requests.
The use of a negative form (no) of the command sets the default value.
Syntax
extended period <TIME>
no extended period
Parameters
<TIME> – period of ICMP requests sending in seconds, takes a value in the range [10..600].
Default value
240
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
extended rtt
This command defines maximal radial delay threshold value, above which the channel quality is unsatisfactory.
The use of a negative form (no) of the command sets the default value.
Syntax
extended rtt <TIME>
no extended rtt
Parameters
<TIME> – maximal RTT threshold in milliseconds, takes value in the range [200..1000].
Default value
240
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
extended timeout
This command defines maximal waiting time for a response to an ICMP request.
The use of a negative form (no) of the command sets the default value.
Syntax
extended timeout <TIME>
no extended timeout
Parameters
<TIME> – maximum waiting time for a response to an ICMP request in milliseconds, takes a vlue in the range [500..10000].
Default value
1000
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
failover
This command switchs from balance mode to redundancy mode.
The use of a negative form (no) of the command returns balance mode.
Syntax
[no] failover
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-WAN-RULE
CONFIG-IPV6-WAN-RULE
Example
ip address
This command sets IP address of the check.
The use of a negative form (no) of the command removes a specified address.
Syntax
ip address <ADDR>
no ip address
Parameters
<ADDR> – destination IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
ipv6 address
This command sets IPv6 address of the check.
The use of a negative form (no) of the command removes a specified address.
Syntax
ipv6 address <IPV6-ADDR>
no ipv6 address
Parameters
<IPV6-ADDR> – destination IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].
Required privilege level
10
Command mode
CONFIG-IPV6-WAN-TARGET
Example
ipv6 wan load-balance enable
This command enables WAN mode on the interface for IPv6 stack.
The use of a negative form (no) of the command disables WAN mode on the interface for IPv6 stack.
Syntax
[no] ipv6 wan load-balance enable
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
ipv6 wan load-balance failure-count
This command defines the number of unsuccessful attempts to check the connection through the IPv6 stack, after which, in the absence of a response from the opposite side, the connection is considered inactive.
The use of a negative form (no) of the command sets the default value.
Syntax
ipv6 wan load-balance failure-count <VALUE>
no ipv6 wan load-balance failure-count
Parameters
<VALUE> – number of attempts, takes values in the range of [1..10].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
ipv6 wan load-balance nexthop
Set a neighbor's IPv6 address that will be indicated as one of the gateways in a static route created by MultiWAN service.
The use of a negative form (no) of the command removes a specified neighbor IPv6 address.
Syntax
ipv6 wan load-balance nexthop <IPV6-ADDR>
no ipv6 wan load-balance nexthop
Parameters
<IPV6-ADDR> – destination (gateway) IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
ipv6 wan load-balance rule
This command creates WAN rule and switch to the rule for IPv6 parameters configuration mode.
The use of a negative form (no) of the command removes a specified WAN rule.
Syntax
ipv6 wan load-balance rule <ID>
no ipv6 wan load-balance rule { <ID> | all }
Parameters
<ID> – identifier of the rule being created, may take values:
- For ESR-10/12V/12VF/14VF – [1..25];
- For ESR-20/21/100/200/1000/1200/1500/1511/1700/3100 – [1..50].
The value 'all' is used when deleting all WAN rules for IPv6.
Required privilege level
10
Command mode
CONFIG
Example
ipv6 wan load-balance source-address
This command defines the IPv6 address of the router that will be used as the source IPv6 address in ICMPv6 sent packets for verification purposes.
The use of a negative form (no) of the command removes a specified source IPv6 address.
Syntax
ipv6 wan load-balance source-address <IPV6-ADDR>
no ipv6 wan load-balance source-address
Parameters
<IPV6-ADDR> – source IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-LT
Example
ipv6 wan load-balance success-count
Set the amount of successful attempts to check the IPv6 connection, after which, if successful, the connection is considered to be active again.
The use of a negative form (no) of the command sets the default value.
Syntax
ipv6 wan load-balance success-count <VALUE>
no ipv6 wan load-balance success-count
Parameters
<VALUE> – number of attempts, takes values in the range of [1..10].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
ipv6 wan load-balance target-list
These command creates a list of IPv6 addresses to check the connection integrity and performs the switching to the list parameters configuration mode.
The use of a negative form (no) of the command removes a created list.
Syntax
ipv6 wan load-balance target-list <NAME>
no ipv6 wan load-balance target-list { <NAME> | all }
Parameters
<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IPv6 addresses to verify the integrity of the connection.
Required privilege level
10
Command mode
CONFIG
Example
ipv6 wan load-balance target-list
This command binds the list of IPv6 addresses to verify the integrity of the connection on the network interface.
The use of a negative form (no) of the command removes the list from the interface.
Syntax
ipv6 wan load-balance target-list <NAME>
no ipv6 wan load-balance target-list (удаление привязки списка в режиме конфигурирования сетевых интерфейсов)
Parameters
<NAME> – list name, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
ipv6 wan load-balance target-list check-all
This command checks the IPv6 addresses from the integrity check list.
The use of a negative form (no) of the command cancells the check of the IPv6 addresses from the integrity check list. If one of the nodes being checked is unavailable, the gateway will be considered to be unavailable.
Syntax
[no] ipv6 wan load-balance target-list check-all
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-LT
Example
mode
This command defines the target availability check mode, to check the channel status.
The use of a negative form (no) of the command sets the default value.
Syntax
mode { basic | extended }
no mode
Parameters
basic – basic method, regulated by a valid value of positive responses to ICMP requests;
extended – extended method, it estimates the level of losses, delays, jitter.
Default value
basic
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
Example
outbound
This command defines the interfaces or tunnels that are gateways in the route created by the MultiWAN service. The number of gateways in the route depends on the MultiWAN operation mode:
when balancing, the IP addresses of the gateways (section wan load-balance nexthop) of all active interfaces are added to the nexthop route list;
when reserving, the IP address of the gateway (section wan load-balance nexthop) of the active interface with the highest weight is selected as the nexthop route.
The use of a negative form (no) of the command excludes specified interface or tunnel from the MultiWAN rule.
Syntax
[no] outbound { interface <IF> | tunnel <TUN> } [<WEIGHT> ]
Parameters
<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces;
<TUN> – the name of the tunnel is specified as described in section Types and naming order of router tunnels (only for IPv4);
<WEIGHT> – weight of the tunnel or interface, defines in range [1..255]. If you set the value to 2, then this interface will transmit 2 times more traffic than the interface with the default value. In redundancy mode, the route with the highest weight will be active.
Default value
WEIGHT – 1
Required privilege level
10
Command mode
CONFIG-WAN-RULE
CONFIG-IPV6-WAN-RULE
Example 1
Example 2
resp-time
This command defines response waiting time to a request via the ICMP.
The use of a negative form (no) of the command sets the default value.
Syntax
resp-time <TIME>
no resp-time
Parameters
<TIME> – timeout, takes value in seconds [1..30].
Default value
5
Required privilege level
10
Command mode
CONFIG-WAN-TARGET
CONFIG-IPV6-WAN-TARGET
Example
target
This command creates check target and switch to the target parameters configuration mode.
The use of a negative form (no) of the command removes created target.
Syntax
target <ID>
no target { <ID> | all }
Parameters
<ID> – target identifier, defines in range [1..50]. If the 'all' parameter value is used when removing, all targets for the configured target list will be removed.
all – delete all targets.
Required privilege level
10
Command mode
CONFIG-WAN-TARGET-LIST
CONFIG-IPV6-WAN-TARGET-LIST
Example
wan load-balance enable
This command enables WAN mode on the interface for IPv4 stack.
The use of a negative form (no) of the command disables WAN mode on the interface for IPv4 stack.
Syntax
[no] wan load-balance enable
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
wan load-balance failure-count
This command defines the number of unsuccessful attempts to check the connection, after which, in the absence of a response from the opposite side, the connection is considered inactive.
The use of a negative form (no) of the command sets the default value.
Syntax
wan load-balance failure-count <VALUE>
no wan load-balance failure-count
Parameters
<VALUE> – number of attempts, takes values in the range of [1..10].
Default value
5
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
wan load-balance nexthop
This command sets a neighbor's IP address that will be indicated as one of the gateways in a static route created by MultiWAN service.
The use of a negative form (no) of the command removes a specified neighbor IP address.
Syntax
wan load-balance nexthop { <ADDR> | dhcp enable | tunnel enable }
no wan load-balance nexthop
Parameters
<IP> – destination IP address (gateway), defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
dhcp enable – if on the interface an IP address is obtained through a DHCP client, the gateway from the DHCP server is used.
tunnel enable – use peer address as nexthop. Applicable for the interfaced being connected that operate via ppp.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
wan load-balance rule
This command creates WAN rule and switch to the rule parameters configuration mode.
The use of a negative form (no) of the command removes a specified WAN rule.
Syntax
wan load-balance rule <ID>
no wan load-balance rule { <ID> | all }
Parameters
<ID> – identifier of the rule being created, may take values:
- For ESR-10/12V/12VF/14VF – [1..25];
- For ESR-20/21/100/200/1000/1200/1500/1511/1700/3100 – [1..50].
The value 'all' is used when deleting all WAN rules for IPv6.
Required privilege level
10
Command mode
CONFIG
Example
wan load-balance source-address
This command defines the IP address of the router that will be used as the source IP address in ICMP sent packets for verification purposes.
The use of a negative form (no) of the command removes a specified source IP address.
Syntax
wan load-balance source-address <ADDR>
no wan load-balance source-address
Parameters
<ADDR> – source IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-SERIAL
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-LT
Example
wan load-balance success-count
Set the amount of successful attempts to check the connection, after which, if successful, the connection is considered to be active again.
The use of a negative form (no) of the command sets the default value.
Syntax
wan load-balance success-count <VALUE>
no wan load-balance success-count
Parameters
<VALUE> – number of attempts, takes values in the range of [1..10].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
wan load-balance target-list
These command creates a list of IP addresses to check the connection integrity and performs the switching to the list parameters configuration mode.
The use of a negative form (no) of the command removes a created list.
Syntax
wan load-balance target-list <NAME>
no wan load-balance target-list { <NAME> | all }
Parameters
<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IP addresses to verify the integrity of the connection.
Required privilege level
10
Command mode
CONFIG
Example
wan load-balance target-list
This command binds the list of IP addresses to verify the integrity of the connection on the network interface.
The use of a negative form (no) of the command removes a created list.
Syntax
wan load-balance target-list <NAME>
no wan load-balance target-list
Parameters
<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IP addresses to verify the integrity of the connection.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
wan load-balance target-list check-all
This command will be checking the IP addresses from the integrity check list. If one of the nodes being checked is unavailable, the gateway will be considered to be unavailable.
The use of a negative form (no) of the command cancells the check of the IP addresses from the integrity check list.
Syntax
[no] wan load-balance target-list check-all
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
CONFIG-E1
CONFIG-MULTILINK
CONFIG-IP4IP4
CONFIG-GRE
CONFIG-VTI
CONFIG-LT
CONFIG-CELLULAR-MODEM
CONFIG-L2TP
CONFIG-OPENVPN
CONFIG-PPPOE
CONFIG-PPTP
Example
show wan rules
This command displays the operational information on the WAN rules for IPv4.
Syntax
show wan rules <ID>
Parameters
<ORDER> – rule number, takes values of [1..50].
Required privilege level
1
Command mode
ROOT
Example
show wan cellular status modem
This command displays operational information about the state of interfaces with WAN enabled for the IPv4 stack.
Syntax
show wan cellular status modem [ <MODEM-ID> ]
Parameters
<MODEM-ID> – identifier of a previously created 2G/3G/4G modem (only for IPv4).
You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv4 stack will be shown.
Required privilege level
1
Command mode
ROOT
Example
show wan interfaces status
This command displays operational information about the state of interfaces with WAN enabled for the IPv4 stack.
Syntax
show wan interfaces status [ <IF> ]
Parameters
<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.
You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv4 stack will be shown.
Required privilege level
1
Command mode
ROOT
Example
show wan tunnels status
This command displays operational information about the state of tunnels with WAN enabled for the IPv4 stack.
Syntax
show wan tunnels status [ <TUN> ]
Parameters
<INDEX> – the identifier of the tunnel is specified as described in Section Types and naming order of router tunnels.
You may specify several tunnels in command. If you do not specify interface indexes, then the statuses of all tunnels of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain tunnel is specified, the detailed information on this tunnel will be displayed. If the command is executed without a parameter, the status of all tunnels with the WAN mode enabled for the IPv4 stack will be shown.
Required privilege level
1
Command mode
ROOT
Example
show ipv6 wan rules
This command displays the operational information on the WAN rules for IPv6.
Syntax
show ipv6 wan rules <ID>
Parameters
<ORDER> – rule number, takes values of [1..50].
Required privilege level
1
Command mode
ROOT
Example
show ipv6 wan interfaces status
This command displays operational information about the state of interfaces with WAN enabled for the IPv6 stack.
Syntax
show ipv6 wan interfaces status [ <IF> ]
Parameters
<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.
You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv6 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv6 stack will be shown.
Required privilege level
1
Command mode
ROOT
Example
- VRRP management
- clear vrrp-state
- show vrrp
- vrrp
- vrrp authentication algorithm
- vrrp authentication key
- vrrp force-up
- vrrp group
- vrrp id
- vrrp ip
- vrrp preempt delay
- vrrp preempt disable
- vrrp priority
- vrrp source-ip
- vrrp timers advertise
- vrrp timers garp delay
- vrrp timers garp refresh
- vrrp timers garp refresh-repeat
- vrrp timers garp repeat
- vrrp track-ip
- vrrp track-ip interval
- vrrp track-ip packets
- vrrp version
- IPv6 VRRP management
- DHCP redundancy configuration
- Firewall redundancy configuration
- ip firewall failover
- ip firewall failover source-address
- ip firewall failover destination-address
- ip firewall failover port
- ip firewall failover sync-type
- ip firewall failover multicast-address
- ip firewall failover multicast-group
- ip firewall failover vrrp-group
- show ip firewall failover
- show high-availability state
- Dual-Homing management
- MultiWAN configuration
- description
- enable
- extended count
- extended jitter
- extended loss
- extended period
- extended rtt
- extended timeout
- failover
- ip address
- ipv6 address
- ipv6 wan load-balance enable
- ipv6 wan load-balance failure-count
- ipv6 wan load-balance nexthop
- ipv6 wan load-balance rule
- ipv6 wan load-balance source-address
- ipv6 wan load-balance success-count
- ipv6 wan load-balance target-list
- ipv6 wan load-balance target-list
- ipv6 wan load-balance target-list check-all
- mode
- outbound
- resp-time
- target
- wan load-balance enable
- wan load-balance failure-count
- wan load-balance nexthop
- wan load-balance rule
- wan load-balance source-address
- wan load-balance success-count
- wan load-balance target-list
- wan load-balance target-list
- wan load-balance target-list check-all
- show wan rules
- show wan cellular status modem
- show wan interfaces status
- show wan tunnels status
- show ipv6 wan rules
- show ipv6 wan interfaces status