Redundancy

VRRP management

clear vrrp-state

This command stops VRRP protocol execution for time 3 * Advertisement_Interval +1. This enables the router in the backup state to perform a master hijacking.

Syntax

clear vrrp-state 

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example 1

esr# clear vrrp-state 

show vrrp

This command displays information about VRRP.

Syntax

show vrrp [ <ID> ] [ vrf <VRF> ]

Parameters

<ID> – process number, takes values of [1..255];

<VRF> – VRF instance name, set by the string of up to 31 characters.

Required privilege level

1

Command mode

ROOT

Example 1

esr# show vrrp
Virtual router   Virtual IP         Priority   Preemption   State
--------------   ----------------   --------   ----------   ------
4                4.4.4.1            100        Enabled      Master

Example 2

esr# show vrrp 4
Interface                 bridge 50
State:                    Master
Virtual IP address:       4.4.4.1
Source IP address:        4.4.4.4
Virtual MAC address:      00:00:5e:00:01:04
Advertisement interval:   1
Preemption:               Enabled
Priority:                 100
Synchronization group ID: --

vrrp

This command enables VRRP process on IP interface.

The use of a negative form (no) of the command disables VRRP process.

Syntax

[no] vrrp

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp

vrrp authentication algorithm

This command defines authentication algorithm.

The use of a negative form (no) of the command disables the authentication.

Syntax

vrrp authentication algorithm <ALGORITHM>

no vrrp authentication algorithm

Parameters

<ALGORITHM> – authentication algorithm:

• cleartext – password, transmitted in clear text;
• md5 – password is hashed by md5 algorithm.

Required privilege level

15

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp authentication algorithm cleartext

vrrp authentication key

This command sets a password for authentication with a neighbor.

The use of a negative form (no) of the command removes the password.

Syntax

vrrp authentication key ascii-text { <CLEAR-TEXT> | encrypted <ENCRYPTED-TEXT> }

no vrrp authentication key

Parameters

<CLEAR-TEXT> – password of 8 to 16 bytes;
<ENCRYPTED-TEXT> – encrypted password of 8 to 16 bytes (from 16 to 32 characters) in hexadecimal format (0xYYYY ...) or (YYYY ...).

Required privilege level

15

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp authentication key ascii-text 123456789
esr(config-if-gi)# vrrp authentication key ascii-text encrypted CDE65039E5591FA3F1

vrrp force-up

This command sets the mode, in which the virtual IP interface remains in the UP state regardless of the state of the interface itself.

The use of a negative form (no) of the command sets the default mode.

Syntax

[no] vrrp force-up

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp force-up

vrrp group

This command sets the VRRP interface to the group. The group provides the ability to synchronize several VRRP processes, so if in one of the processes there is a wizard change, then in another process roles will also be changed.

The use of a negative form (no) of the command removes VRRP router from the group.

Syntax

vrrp group <GRID>

no vrrp group

Parameters

<GRID> – VRRP router group identifier, takes values in the range of [1..32].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp group 10

vrrp id

This command sets VRRP router identifier.

The use of a negative form (no) of the command removes virtual router identifier.

Syntax

vrrp id <VRID>

no vrrp id

Parameters

<VRID> – VRRP router identifier, takes values in the range of [1..255].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp id 125

vrrp ip

This command sets the virtual IP address of the VRRP router.

The use of a negative form (no) of the command removes the virtual IP address of the router.

Syntax

vrrp ip <ADDR/LEN > [ secondary ]

no vrrp ip

Parameters

<ADDR/LEN> – virtual IP address and mask length, defined as AAA.BBB.CCC.DDD/EE where each part AAA-DDD takes values of [0..255] and EE takes values of [1..32]. You can specify several IP addresses separated by commas. Up to 8 IP addresses can be assigned to the interface.

secondary – key to set an additional IP address.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-bridge)# vrrp ip 115.0.0.1

vrrp preempt delay

This command sets the time interval after which a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.

The use of a negative form (no) of the command returns the default configuration.

Syntax

[no] vrrp preempt delay <TIME>

no vrrp preempt delay

Parameters

<TIME> – timeout, takes value in seconds [1..1000].

Default value

0

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp preempt delay 100

vrrp preempt disable

This command defines whether a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.

An exception is the router, in which the virtual IP address matches the IP address on the interface, it will always take over the Master role regardless of this setting.

The use of a negative form (no) of the command returns the default configuration.

Syntax

[no] vrrp preempt disable

Parameters

The command does not contain parameters.

Default value

Switching enabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp preempt disable

vrrp priority

This command sets VRRP router priority.

The use of a negative form (no) of the command sets the default priority value.

Syntax

vrrp priority <PR>

no vrrp priority

Parameters

<PR> – VRRP router priority, takes values in the range of [1..254].

Default value

100

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# vrrp priority 189

vrrp source-ip

This command sets the IP address that will be used as the sender's IP address for VRRP messages.

The use of a negative form (no) of the command removes a specified IP address.

Syntax

vrrp source-ip <IP>

no vrrp source-ip

Parameters

<IP> – sender IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-bridge)# vrrp source-ip 115.0.0.10

vrrp timers advertise

This command defines the time interval between sending VRRP messages.

The use of a negative form (no) of the command restores the default value.

Syntax

vrrp timers advertise <TIME>

no vrrp timers advertise

Parameters

<TIME> – time in seconds, takes values of [1..40].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp timers advertise 4

vrrp timers garp delay

This command defines the interval after which the Gratuituous ARP message(s) are sent when the router enters the Master state.

The use of a negative form (no) of the command restores the default value.

Syntax

vrrp timers garp delay <TIME>

no vrrp timers garp delay

Parameters

<TIME> – time in seconds, takes values of [1..60].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp timers garp delay 4

vrrp timers garp refresh

This command defines the interval after which the Gratuituous ARP message(s) will be sent while the router is in the Master state.

The use of a negative form (no) of the command restores the default value.

Syntax

vrrp timers garp refresh <TIME>

no vrrp timers garp refresh

Parameters

<TIME> – time in seconds, takes values of [1..65535].

Default value

Periodic sending is disabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp timers garp refresh 4

vrrp timers garp refresh-repeat

This command defines the number of Gratuituous ARP messages that will be sent with a garp refresh period while the router is in the Master state.

The use of a negative form (no) of the command restores the default value.

Syntax

vrrp timers garp refresh-repeat <COUNT>

no vrrp timers garp refresh-repeat

Parameters

<COUNT> – amount of messages, takes values of [1..60].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp timers garp refresh-repeat 10

vrrp timers garp repeat

This command defines the number of Gratuituous ARP messages that will be sent when the router transitions to the Master state.

The use of a negative form (no) of the command restores the default value.

Syntax

vrrp timers garp repeat <COUNT>

no vrrp timers garp repeat

Parameters

<COUNT> – amount of messages, takes values of [1..60].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp timers garp repeat 10

vrrp track-ip

This command enables vrrp status management based on icmp-reply from a specific IP address.

The use of a negative form (no) of the command disables vrrp status management based on icmp-reply from a specific IP address.

Syntax

[no] vrrp track-ip <ADDR>

Parameters

<ADDR> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if)# vrrp track-ip 192.168.154.22

vrrp track-ip interval

This command sets the check interval using icmp-request to manage the vrrp status based on icmp-reply from a specific IP address.

The use of a negative form (no) of the command sets the default interval value.

Syntax

vrrp track-ip interval <TIME>

no vrrp track-ip interval

Parameters

<TIME> – icmp-request send interval in seconds [3..60].

Default value

10

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp track-ip interval 20

vrrp track-ip packets

This command sets the number of icmp-request at each check to manage the vrrp status based on icmp-reply from a specific IP address.

The use of a negative form (no) of the command sets the default value of number of packets.

Syntax

vrrp track-ip packets <COUNT>

no vrrp track-ip packets

Parameters

<COUNT> – icmp-request send interval in seconds [1..5]

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp track-ip packets 3

vrrp version

The command sets VRRP version.

The use of a negative form (no) of the command sets the default value.

Syntax

vrrp version <VERSION>

no vrrp version

Parameters

<VERSION> – VRRP version: 2, 3.

Default value

2

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-gre)# vrrp version 3

IPv6 VRRP management

ipv6 vrrp

This command enables VRRP process on IPv6 interface.

The use of a negative form (no) of the command disables VRRP process.

Syntax

[no] ipv6 vrrp

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp

ipv6 vrrp group

This command sets the VRRP router to the group. The group provides the ability to synchronize several VRRP processes, so if in one of the processes there is a wizard change, then in another process roles will also be changed.

The use of a negative form (no) of the command removes VRRP router from the group.

Syntax

ipv6 vrrp group <GRID>

no ipv6 vrrp group

Parameters

<GRID> – VRRP router group identifier, takes values in the range of [1..32].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp group 10

ipv6 vrrp id

This command sets VRRP router identifier.

The use of a negative form (no) of the command removes virtual router identifier.

Syntax

ipv6 vrrp id <VRID>

no ipv6 vrrp id

Parameters

<VRID> – VRRP router identifier, takes values in the range of [1..255].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp id 125

ipv6 vrrp ip

This command sets the virtual IPv6 address of the VRRP router.

The use of a negative form (no) of the command removes the virtual IPv6 address of the router.

Syntax

ipv6 vrrp ip <IPV6-ADDR> [secondary]

no ipv6 vrrp ip

Parameters

<IPV6-ADDR> – virtual IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF]. You can specify several IPv6 addresses separated by commas. Up to 8 IPv6 addresses can be assigned to the interface.

secondary – key to set an additional IP address.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-bridge)# ipv6 vrrp ip fc00::1

ipv6 vrrp preempt delay

This command sets the time interval after which a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.

The use of a negative form (no) of the command returns the default configuration.

Syntax

ipv6 vrrp preempt delay <TIME>

no ipv6 vrrp preempt delay

Parameters

<TIME> – timeout, takes value in seconds [1..1000].

Default value

0

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp preempt delay 100

ipv6 vrrp preempt disable

This command defines whether a Backup router with a higher priority will attempt to pickup the Master role for the current Master router with a lower priority.

An exception is the router, in which the virtual IPv6 address matches the IPv6 address on the interface, it will always take over the Master role regardless of this setting.

The use of a negative form (no) of the command returns the default configuration.

Syntax

[no] ipv6 vrrp preempt disable

Parameters

The command does not contain parameters.

Default value

Switching enabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp preempt disable

ipv6 vrrp priority

This command sets VRRP router priority.

The use of a negative form (no) of the command sets the default priority value.

Syntax

ipv6 vrrp priority <PR>

no ipv6 vrrp priority

Parameters

<PR> – VRRP router priority, takes values in the range of [1..254].

Default value

100

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp priority 189

ipv6 vrrp source-ip

This command sets the IPv6 address that will be used as the sender's IPv6 address for VRRP messages.

The use of a negative form (no) of the command removes a specified IPv6 address.

Syntax

ipv6 vrrp source-ip <IPV6-ADDR>

no ipv6 vrrp source-ip

Parameters

<IPV6-ADDR> – sender IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-bridge)# ipv6 vrrp source-ip fc00::2

ipv6 vrrp timers advertise

This command defines the time interval between sending VRRP messages.

The use of a negative form (no) of the command restores the default value.

Syntax

ipv6 vrrp timers advertise <TIME>

no ipv6 vrrp timers advertise

Parameters

<TIME> – time in seconds, takes values of [1..40].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp timers advertise 4

ipv6 vrrp timers nd delay

This command defines the delay between the establishment of the IPv6 VRRP MASTER state and the start of the distribution of ND messages.

The use of a negative form (no) of the command restores the default value.

Syntax

ipv6 vrrp timers nd delay <TIME>

no ipv6 vrrp timers nd delay

Parameters

<TIME> – time in seconds, takes values of [1..60].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp timers nd delay 30

ipv6 vrrp timers nd refresh

This command defines the update period of the ND protocol information for IPv6 VRRP in the MASTER state.

The use of a negative form (no) of the command restores the default value.

Syntax

ipv6 vrrp timers nd refresh <TIME>

no ipv6 vrrp timers nd refresh

Parameters

<TIME> – time in seconds, takes values of [1..65535].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp timers nd refresh 32768

ipv6 vrrp timers nd refresh-repeat

This command defines the number of ND messages sent over the update period for an IPv6 VRRP in the MASTER state.

The use of a negative form (no) of the command restores the default value.

Syntax

ipv6 vrrp timers nd refresh-repeat <NUM>

no ipv6 vrrp timers nd refresh-repeat

Parameters

<NUM> – amount, takes values of [1..60].

Default value

0

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp timers nd refresh-repeat 12

ipv6 vrrp timers nd repeat

This command defines the number of ND packets sent after setting IPv6 VRRP to the MASTER state.

The use of a negative form (no) of the command restores the default value.

Syntax

ipv6 vrrp timers nd repeat <NUM>

no ipv6 vrrp timers nd repeat

Parameters

<NUM> – amount, takes values of [1..60].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-if-gi)# ipv6 vrrp timers nd repeat 4

show ipv6 vrrp

This command displays information about VRRP.

Syntax

show ipv6 vrrp [ <ID> ] [ vrf <VRF> ]

Parameters

<ID> – process number, takes values of [1..255];

<VRF> – VRF instance name, set by the string of up to 31 characters.

Required privilege level

1

Command mode

ROOT

Example 1

esr# show ipv6 vrrp
Virtual router   Virtual IP                                        Priority   Preemption   State
--------------   -----------------------------------------------   --------   ----------   ------
2                fc00::3                                           100        Disabled     Master

Example 2

esr# show ipv6 vrrp 2
Interface                 gi1/0/1
State:                    Master
Source IP address:        fe80::aaf9:4bff:feaa:3a1
Virtual IP address:       fc00::3
Virtual MAC address:      00:00:5e:00:01:02
Advertisement interval:   1
Preemption:               Disabled
Priority:                 100
Synchronization group ID: --

DHCP redundancy configuration

ip dhcp-server failover

This command enables DHCP server redundancy. The use of a negative form (no) of the command disables DHCP server redundancy.

Syntax

[no] ip dhcp-server failover

Parameters

The command does not contain parameters.

Default value

Disabled

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover

ip dhcp-server failover auto-partner-down

This command sets the DHCP-lease run time at which a lease can be extended by one of the fault tolerance hosts without contacting the other.

The use of a negative form (no) of the command sets the default value.

Syntax

ip dhcp-server failover auto-partner-down <TIME>

no ip dhcp-server failover auto-partner-down

Parameters

<TIME> – time, takes value in seconds [1..86400].

Default value

0

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover auto-partner-down 200

ip dhcp-server failover local-address

This command sets the IP address, port (TCP 647), on which the DHCP server receives Failover messages when operating in redundant mode.

The use of a negative form (no) of the command removes set IP address.

Syntax

ip dhcp-server failover local-address <ADDR>

no ip dhcp-server failover local-address

Parameters

<ADDR> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover local-address 192.168.1.1

ip dhcp-server failover maximum-client-lead-time

This command sets the maximum time for which the DHCP server can extend the lease time of the IP address.

The use of a negative form (no) of the command sets the default value.

Syntax

ip dhcp-server failover maximum-client-lead-time <TIME>

no ip dhcp-server failover maximum-client-lead-time

Parameters

<TIME> – time, takes value in seconds [1..86400].

Default value

1800

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover maximum-client-lead-time 200

ip dhcp-server failover remote-address

This command sets the IP address of the backup DHCP server to which the failover messages are sent when working in redundancy mode.

The use of a negative form (no) of the command removes redundant DHCP server IP address.

Syntax

ip dhcp-server failover remote-address <ADDR>

no ip dhcp-server failover remote-address

Parameters

<ADDR> – redundant DHCP server IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover remote-address 192.168.1.2

ip dhcp-server failover role

This command defines the role of the DHCP server when operating in redundant mode.

The use of a negative form (no) of the command removes the role of the DHCP server when operating in redundant mode.

Syntax

ip dhcp-server failover role <ROLE>

no ip dhcp-server failover role

Parameters

<ROLE> – role of the DHCP server when operating in redundant mode:

• primary – active DHCP server mode;
• secondary – redundant DHCP server mode.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip dhcp-server failover role primary

show ip dhcp server failover

This command displays status of DHCP server redundancy.

Syntax

show ip dhcp server failover

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show ip dhcp server failover

Status:                                      Disabled

Firewall redundancy configuration

ip firewall failover

This command enables Firewall sessions redundancy.

The use of a negative form (no) of the command disables Firewall sessions redundancy.

Syntax

[no] ip firewall failover

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall failover

ip firewall failover source-address

This command sets the IP address of the network interface from which messages will be sent when the Firewall is running in session redundancy mode.

The use of a negative form (no) of the command removes IP address of the outgoing interface.

Syntax

ip firewall failover source-address <ADDR>

no ip firewall failover source-address

Parameters

<ADDR> – network interface IP address from which messages will be sent, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

15

Command mode

CONFIG

Example

esr(config)# ip firewall failover source-address 192.168.1.1

ip firewall failover destination-address

This command sets the IP address of the neighbor when the Firewall session redundancy are running in unicast mode.

The use of a negative form (no) of the command removes neighbor IP address.

Syntax

ip firewall failover destination-address <ADDR>

no ip firewall failover destination-address

Parameters

<ADDR> – neighbor’s IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall failover destination-address 192.168.1.2

ip firewall failover port

This command sets the UDP port number of the Firewall session redundancy service, through which information is exchanged when working in unicast mode.

The use of a negative form (no) of the command removes Firewall session redundancy service port number.

Syntax

ip firewall failover port <PORT>

no ip firewall failover port

Parameters

<PORT> – port number of the Firewall session redundancy service, may take values [1..65535].

Required privilege level

15

Command mode

CONFIG

Example

esr(config)# ip firewall failover port 3333

ip firewall failover sync-type

This command defines the mode of information exchange between the primary and redundant routers.

The use of a negative form (no) of the command removes Firewall redundancy operation mode.

Syntax

ip firewall failover sync-type <MODE>

no ip firewall failover sync-type

Parameters

<MODE> – information exchange mode:

• unicast – unicast mode;
• multicast – multicast mode.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall failover sync-type multicast

ip firewall failover multicast-address

This command sets the multicast IP address that will be used to exchange information when working on the redundancy of Firewall sessions in multicast mode.

The use of a negative form (no) of the command removes multicast IP address.

Syntax

ip firewall failover multicast-address <ADDR>

no ip firewall failover multicast-address

Parameters

<ADDR> – multicast IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall failover multicast-address 238.0.0.10

ip firewall failover multicast-group

This command sets the multicast group identifier for information exchange when working on the redundancy of Firewall sessions in multicast mode.

The use of a negative form (no) of the command removes the group identifier.

Syntax

ip firewall failover multicast-group <GROUP>

no ip firewall failover multicast-group

Parameters

<GROUP> – multicast group, may take values in range [1000..9999].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall multicast-group 1028

ip firewall failover vrrp-group

This command defines the VRRP group, on the basis of which the state (master/redundant) of the router is defined when reserving Firewall sessions.

The use of a negative form (no) of the command removes the VRRP group identifier.

Syntax

ip firewall failover vrrp-group <GRID>

no ip firewall failover vrrp-group

Parameters

<GRID> – VRRP router group identifier, takes values in the range of [1..32].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ip firewall failover vrrp-group 10

show ip firewall failover

This command displays Firewall sessions redundancy status.

Syntax

show ip firewall failover

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show ip firewall failover
Communication interface:                    br6
Status:                                     Running
Bytes sent:                                 6407688
Bytes received:                             6355040
Packets sent:                               430149
Packets received:                           429844
Send errors:                                0
Receive errors:                             0

show high-availability state

This command allows you to view the overall state of the redundancy systems and the role of the device.

Syntax

show high-availability state

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show high-availability state
VRRP role:                         Master
AP Tunnels:
    State:                         successful synchronization
    Last synchronization:          17:22:11 08.06.2015
DHCP server:
    State:                         successful synchronization
    Last state change:             17:49:42 03.06.2015
Firewall sessions:
    State:                         successful synchronization
    Last synchronization:          17:22:18 08.06.2015

Dual-Homing management

In the current firmware version, this functionality is supported only by ESR-1000 router.

backup interface

This command specifies the redundancy interface to which the switch will occur when communication is lost on the primary. Redundancy is enabled only on those interfaces on which the Spanning Tree protocol is disabled and VLAN Ingress Filtering is enabled.

The use of a negative form (no) of the command removes configuration from the interface.

Syntax

backup interface <IF> vlan <VID>

no backup interface

Parameters

<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.

<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# backup interface gigabitethernet 1/0/15 vlan 10-200

backup-interface mac-duplicate

This command defines the number of copies of packets with the same MAC address that will be sent to the active interface when switching.

The use of a negative form (no) of the command restores the default value.

Syntax

backup-interface mac-duplicate <COUNT>

no backup-interface mac-duplicate

Parameters

<COUNT> – packet copies amount, take values [1..4].

Default value

1

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# backup-interface mac-duplicate 4

backup-interface mac-per-second

This command defines the number of packets per second that will be sent to the active interface when switching.

The use of a negative form (no) of the command restores the default value.

Syntax

backup-interface mac-per-second <COUNT>

no backup-interface mac-per-second

Parameters

<COUNT> – number of packets per second, takes values [50..400].

Default value

400

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# backup-interface mac-per-second 200

backup-interface preemption

This command indicates that it is necessary to switch to the main interface when restoring communication. If the recovery of the main interface is configured while the backup is active, then when the link is raised on the main interface, the traffic will be switched to it.

The use of a negative form (no) of the command restores the default configuration.

Syntax

[no] backup-interface preemption

Parameters

The command does not contain parameters.

Default value

Switch disabled.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# backup-interface preemption

show interfaces backup

This command displays information about the status of the main and backup interfaces.

Syntax

show interfaces backup

Required privilege level

1

Command mode

ROOT

Example

esr# show interfaces backup
   Backup Interface Options:
      Preemption is disabled.
      MAC recovery packets rate 400 pps.
      Recovery packets repeats count 1.
VID    Master Interface            Backup Interface            State
----   -------------------------   -------------------------   ------------------------------
10     gigabitethernet 1/0/3       gigabitethernet 1/0/4       Master Up/Backup Down
----   -------------------------   -------------------------   ------------------------------
11     gigabitethernet 1/0/3       gigabitethernet 1/0/4       Master Up/Backup Down
----   -------------------------   -------------------------   ------------------------------
12     gigabitethernet 1/0/3       gigabitethernet 1/0/4       Master Up/Backup Down

MultiWAN configuration

description

This command defines rule description.

The use of a negative form (no) of the command removes description.

Syntax

description <DESCRIPTION>

no description

Parameters

<DESCRIPTION> – wan rule description, set by the string of up to 255 characters.

Required privilege level

10

Command mode

CONFIG-WAN-RULE

CONFIG-IPV6-WAN-RULE

CONFIG-WAN-TARGET

CONFIG-IPV6-WAN-TARGET

Example

esr(config-wan-rule)# description "tunnel to branch"

enable

This command enables wan rule, check of the target.

The use of negative form (no) of the command disables wan rule, check of the target.

Syntax

[no] enable

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-WAN-RULE

CONFIG-WAN-TARGET

CONFIG-IPV6-WAN-RULE

CONFIG-IPV6-WAN-TARGET

Example

Target check:

esr(config-ipv6-wan-rule)# enable

extended count

This command defines number of simultaneously sent ICMP requests.

The use of a negative form (no) of the command sets the default value.

Syntax

extended count <NUM>

no extended count

Parameters

<NUM> – number of simultaneously sent ICMP requests, takes values in range [10..100].

Default value

10

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended count 75

extended jitter

This command defines the jitter threshold value, above which the channel quality is unsatisfactory.

The use of a negative form (no) of the command sets the default value.

Syntax

extended jitter <TIME>

no extended jitter

Parameters

<TIME> – the jitter threshold in milliseconds, takes value in the range [50-1000].

Default value

50

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended jitter 78500

extended loss

This command defines the loss percent threshold value, above which the channel quality is unsatisfactory.

The use of a negative form (no) of the command sets the default value.

Syntax

extended loss <NUM>

no extended loss

Parameters

<NUM> – loss percent threshold [1..100]

Default value

1

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended loss 80

extended period

This command defines the period of sending ICMP requests.

The use of a negative form (no) of the command sets the default value.

Syntax

extended period <TIME>

no extended period

Parameters

<TIME> – period of ICMP requests sending in seconds, takes a value in the range [10..600].

Default value

240

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended period 120

extended rtt

This command defines maximal radial delay threshold value, above which the channel quality is unsatisfactory.

The use of a negative form (no) of the command sets the default value.

Syntax

extended rtt <TIME>

no extended rtt

Parameters

<TIME> – maximal RTT threshold in milliseconds, takes value in the range [200..1000].

Default value

240

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended rtt 800

extended timeout

This command defines maximal waiting time  for a response to an ICMP request.

The use of a negative form (no) of the command sets the default value.

Syntax

extended timeout <TIME>

no extended timeout

Parameters

<TIME> – maximum waiting time for a response to an ICMP request in milliseconds, takes a vlue in the range [500..10000].

Default value

1000

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# extended timeout 5000

failover

This command switchs from balance mode to redundancy mode.

The use of a negative form (no) of the command returns balance mode.

Syntax

[no] failover

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-WAN-RULE

CONFIG-IPV6-WAN-RULE

Example

esr(config-wan-rule)# failover

ip address

This command sets IP address of the check.

The use of a negative form (no) of the command removes a specified address.

Syntax

ip address <ADDR>

no ip address

Parameters

<ADDR> – destination IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# ip address 18.168.1.25

ipv6 address

This command sets IPv6 address of the check.

The use of a negative form (no) of the command removes a specified address.

Syntax

ipv6 address <IPV6-ADDR>

no ipv6 address

Parameters

<IPV6-ADDR> – destination IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].

Required privilege level

10

Command mode

CONFIG-IPV6-WAN-TARGET

Example

esr(config-ipv6-wan-target)# ipv6 address fc00::2

ipv6 wan load-balance enable

This command enables WAN mode on the interface for IPv6 stack.

The use of a negative form (no) of the command disables WAN mode on the interface for IPv6 stack.

Syntax

[no] ipv6 wan load-balance enable

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-SERIAL

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config-if-gi)# ipv6 wan load-balance enable

ipv6 wan load-balance failure-count

This command defines the number of unsuccessful attempts to check the connection through the IPv6 stack, after which, in the absence of a response from the opposite side, the connection is considered inactive.

The use of a negative form (no) of the command sets the default value.

Syntax

ipv6 wan load-balance failure-count <VALUE>

no ipv6 wan load-balance failure-count

Parameters

<VALUE> – number of attempts, takes values in the range of [1..10].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config-if-gi)# ipv6 wan load-balance failure-count 3

ipv6 wan load-balance nexthop

Set a neighbor's IPv6 address that will be indicated as one of the gateways in a static route created by MultiWAN service.

The use of a negative form (no) of the command removes a specified neighbor IPv6 address.

Syntax

ipv6 wan load-balance nexthop <IPV6-ADDR>

no ipv6 wan load-balance nexthop

Parameters

<IPV6-ADDR> – destination (gateway) IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config-if-gi)#ipv6 wan load-balance nexthop 220::71

ipv6 wan load-balance rule

This command creates WAN rule and switch to the rule for IPv6 parameters configuration mode.

The use of a negative form (no) of the command removes a specified WAN rule.

Syntax

ipv6 wan load-balance rule <ID>

no ipv6 wan load-balance rule { <ID> | all }

Parameters

<ID> – identifier of the rule being created, may take values:

• For ESR-10/12V/12VF/14VF – [1..25];
• For ESR-20/21/100/200/1000/1200/1500/1511/1700/3100 – [1..50].

The value 'all' is used when deleting all WAN rules for IPv6.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ipv6 wan load-balance rule 1

ipv6 wan load-balance source-address

This command defines the IPv6 address of the router that will be used as the source IPv6 address in ICMPv6 sent packets for verification purposes.

The use of a negative form (no) of the command removes a specified source IPv6 address.

Syntax

ipv6 wan load-balance source-address <IPV6-ADDR>

no ipv6 wan load-balance source-address

Parameters

<IPV6-ADDR> – source IPv6 address, defined as X:X:X:X::X where each part takes values in hexadecimal format [0..FFFF].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-LT

Example

esr(config-if-gi)#ipv6 wan load-balance source-address 220::71

ipv6 wan load-balance success-count

Set the amount of successful attempts to check the IPv6 connection, after which, if successful, the connection is considered to be active again.

The use of a negative form (no) of the command sets the default value.

Syntax

ipv6 wan load-balance success-count <VALUE>

no ipv6 wan load-balance success-count

Parameters

<VALUE> – number of attempts, takes values in the range of [1..10].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config-if-gi)# ipv6 wan load-balance success-count 3

ipv6 wan load-balance target-list

These command creates a list of IPv6 addresses to check the connection integrity and performs the switching to the list parameters configuration mode.

The use of a negative form (no) of the command removes a created list.

Syntax

ipv6 wan load-balance target-list <NAME>

no ipv6 wan load-balance target-list { <NAME> | all }

Parameters

<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IPv6 addresses to verify the integrity of the connection.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# ipv6 wan load-balance target-list ten1

ipv6 wan load-balance target-list

This command binds the list of IPv6 addresses to verify the integrity of the connection on the network interface.

The use of a negative form (no) of the command removes the list from the interface.

Syntax

ipv6 wan load-balance target-list <NAME>

no ipv6 wan load-balance target-list (удаление привязки списка в режиме конфигурирования сетевых интерфейсов)

Parameters

<NAME> – list name, set by the string of up to 31 characters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config)# ipv6 wan load-balance target-list ten1

ipv6 wan load-balance target-list check-all

This command checks the IPv6 addresses from the integrity check list.

The use of a negative form (no) of the command cancells the check of the IPv6 addresses from the integrity check list. If one of the nodes being checked is unavailable, the gateway will be considered to be unavailable.

Syntax

[no] ipv6 wan load-balance target-list check-all

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-LT

Example

esr(config-if-te)# ipv6 wan load-balance target-list check-all

mode

This command defines the target availability check mode, to check the channel status.

The use of a negative form (no) of the command sets the default value.

Syntax

mode { basic | extended }

no mode

Parameters

basic – basic method, regulated by a valid value of positive responses to ICMP requests;

extended – extended method, it estimates the level of losses, delays, jitter.

Default value

basic

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

Example

esr(config-wan-target)# mode extended

outbound

This command defines the interfaces or tunnels that are gateways in the route created by the MultiWAN service. The number of gateways in the route depends on the MultiWAN operation mode:

when balancing, the IP addresses of the gateways (section wan load-balance nexthop) of all active interfaces are added to the nexthop route list;

when reserving, the IP address of the gateway (section wan load-balance nexthop) of the active interface with the highest weight is selected as the nexthop route.

The use of a negative form (no) of the command excludes specified interface or tunnel from the MultiWAN rule.

Syntax

[no] outbound { interface <IF> | tunnel <TUN> } [<WEIGHT> ]

Parameters

<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces;

<TUN> – the name of the tunnel is specified as described in section Types and naming order of router tunnels (only for IPv4);

<WEIGHT> – weight of the tunnel or interface, defines in range [1..255]. If you set the value to 2, then this interface will transmit 2 times more traffic than the interface with the default value. In redundancy mode, the route with the highest weight will be active.

Default value

WEIGHT – 1

Required privilege level

10

Command mode

CONFIG-WAN-RULE

CONFIG-IPV6-WAN-RULE

Example 1

esr(config-wan-rule)# outbound interface gigabitethernet 1/0/15

Example 2

esr(config-ipv6-wan-rule)# outbound interface bridge 2

resp-time

This command defines response waiting time to a request via the ICMP.

The use of a negative form (no) of the command sets the default value.

Syntax

resp-time <TIME>

no resp-time

Parameters

<TIME> – timeout, takes value in seconds [1..30].

Default value

5

Required privilege level

10

Command mode

CONFIG-WAN-TARGET

CONFIG-IPV6-WAN-TARGET

Example

esr(config-wan-target)# resp-time 3

target

This command creates check target and switch to the target parameters configuration mode.

The use of a negative form (no) of the command removes created target.

Syntax

target <ID>

no target { <ID> | all }

Parameters

<ID> – target identifier, defines in range [1..50]. If the 'all' parameter value is used when removing, all targets for the configured target list will be removed.

 all – delete all targets.

Required privilege level

10

Command mode

CONFIG-WAN-TARGET-LIST

CONFIG-IPV6-WAN-TARGET-LIST

Example

esr(config-target-list)# target 1

wan load-balance enable

This command enables WAN mode on the interface for IPv4 stack.

The use of a negative form (no) of the command disables WAN mode on the interface for IPv4 stack.

Syntax

[no] wan load-balance enable

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-SERIAL

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config-if-gi)# wan load-balance enable

wan load-balance failure-count

This command defines the number of unsuccessful attempts to check the connection, after which, in the absence of a response from the opposite side, the connection is considered inactive.

The use of a negative form (no) of the command sets the default value.

Syntax

wan load-balance failure-count <VALUE>

no wan load-balance failure-count

Parameters

<VALUE> – number of attempts, takes values in the range of [1..10].

Default value

5

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-SERIAL

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config-if-gi)# wan load-balance failure-count 3

wan load-balance nexthop

This command sets a neighbor's IP address that will be indicated as one of the gateways in a static route created by MultiWAN service.

The use of a negative form (no) of the command removes a specified neighbor IP address.

Syntax

wan load-balance nexthop { <ADDR> | dhcp enable | tunnel enable }

no wan load-balance nexthop

Parameters

<IP> – destination IP address (gateway), defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].

dhcp enable – if on the interface an IP address is obtained through a DHCP client, the gateway from the DHCP server is used.

tunnel enable – use peer address as nexthop. Applicable for the interfaced being connected that operate via ppp.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-SERIAL

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config-gre)# wan load-balance nexthop 16.168.1.25

wan load-balance rule

This command creates WAN rule and switch to the rule parameters configuration mode.

The use of a negative form (no) of the command removes a specified WAN rule.

Syntax

wan load-balance rule <ID>

no wan load-balance rule { <ID> | all }

Parameters

<ID> – identifier of the rule being created, may take values:

• For ESR-10/12V/12VF/14VF – [1..25];
• For ESR-20/21/100/200/1000/1200/1500/1511/1700/3100 – [1..50].

The value 'all' is used when deleting all WAN rules for IPv6.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# wan load-balance rule 1

wan load-balance source-address

This command defines the IP address of the router that will be used as the source IP address in ICMP sent packets for verification purposes.

The use of a negative form (no) of the command removes a specified source IP address.

Syntax

wan load-balance source-address <ADDR>

no wan load-balance source-address

Parameters

<ADDR> – source IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255];

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-SERIAL

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-LT

Example

esr(config-gre)# wan load-balance source-address 16.168.1.25

wan load-balance success-count

Set the amount of successful attempts to check the connection, after which, if successful, the connection is considered to be active again.

The use of a negative form (no) of the command sets the default value.

Syntax

wan load-balance success-count <VALUE>

no wan load-balance success-count

Parameters

<VALUE> – number of attempts, takes values in the range of [1..10].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config-if-gi)# wan load-balance success-count 3

wan load-balance target-list

These command creates a list of IP addresses to check the connection integrity and performs the switching to the list parameters configuration mode.

The use of a negative form (no) of the command removes a created list.

Syntax

wan load-balance target-list <NAME>

no wan load-balance target-list { <NAME> | all }

Parameters

<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IP addresses to verify the integrity of the connection.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# wan load-balance target-list ten1

wan load-balance target-list

This command binds the list of IP addresses to verify the integrity of the connection on the network interface.

The use of a negative form (no) of the command removes a created list.

Syntax

wan load-balance target-list <NAME>

no wan load-balance target-list 

Parameters

<NAME> – list name, set by the string of up to 31 characters. The value 'all' is used when deleting all lists of IP addresses to verify the integrity of the connection.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config)# wan load-balance target-list ten1

wan load-balance target-list check-all

This command will be checking the IP addresses from the integrity check list. If one of the nodes being checked is unavailable, the gateway will be considered to be unavailable.

The use of a negative form (no) of the command cancells the check of the IP addresses from the integrity check list.

Syntax

[no] wan load-balance target-list check-all

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

CONFIG-E1

CONFIG-MULTILINK

CONFIG-IP4IP4

CONFIG-GRE

CONFIG-VTI

CONFIG-LT

CONFIG-CELLULAR-MODEM

CONFIG-L2TP

CONFIG-OPENVPN

CONFIG-PPPOE

CONFIG-PPTP

Example

esr(config-gre)# wan load-balance target-list check-all

show wan rules

This command displays the operational information on the WAN rules for IPv4.

Syntax

show wan rules <ID>

Parameters

<ORDER>  – rule number, takes values of [1..50].

Required privilege level

1

Command mode

ROOT

Example

esr# sh wan rules 1
Rule 1 detailed information:
    Failover:     Enabled
    Network: 11.11.11.0/24 Metric: 50
        gi1/0/1 Weight: 2 Nexthop: 3.3.3.1 [Active]

show wan cellular status modem

This command displays operational information about the state of interfaces with WAN enabled for the IPv4 stack.

Syntax

show wan cellular status modem [ <MODEM-ID> ]

Parameters

<MODEM-ID> – identifier of a previously created 2G/3G/4G modem (only for IPv4).

You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv4 stack will be shown.

Required privilege level

1

Command mode

ROOT

Example

esr# show wan  interfaces status gigabitethernet 1/0/1
Interface 'gigabitethernet 1/0/1' detailed information:
    State:             Active
    Nexthop address:   3.3.3.1
    Last time success: 0 secs
    Last time failure: 1 hour, 48 minutes and 9 seconds
    Uptime:            --
    Targets:
        3.3.3.1 Test/Ping State: pass Attempts: 1/1

show wan interfaces status

This command displays operational information about the state of interfaces with WAN enabled for the IPv4 stack.

Syntax

show wan interfaces status [ <IF> ]

Parameters

<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.

You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv4 stack will be shown.

Required privilege level

1

Command mode

ROOT

Example

esr# show wan  interfaces status gigabitethernet 1/0/1
Interface 'gigabitethernet 1/0/1' detailed information:
    State:             Active
    Nexthop address:   3.3.3.1
    Last time success: 0 secs
    Last time failure: 1 hour, 48 minutes and 9 seconds
    Uptime:            --
    Targets:
        3.3.3.1 Test/Ping State: pass Attempts: 1/1

show wan tunnels status

This command displays operational information about the state of tunnels with WAN enabled for the IPv4 stack.

Syntax

show wan tunnels status [ <TUN> ]

Parameters

<INDEX> – the identifier of the tunnel is specified as described in Section Types and naming order of router tunnels.

You may specify several tunnels in command. If you do not specify interface indexes, then the statuses of all tunnels of the specified group with the WAN mode enabled for the IPv4 stack will be displayed. If a certain tunnel is specified, the detailed information on this tunnel will be displayed. If the command is executed without a parameter, the status of all tunnels with the WAN mode enabled for the IPv4 stack will be shown.

Required privilege level

1

Command mode

ROOT

Example

esr# show wan tunnels status gre 1
Tunnel 'gre 1' detailed information:
    State:             Active
    Nexthop address:   5.5.5.2
    Last time success: 0 secs
    Last time failure: 50 minutes and 2 seconds
    Uptime:            --
    Targets:
        5.5.5.2 Test/Ping State: pass Attempts: 1/1

show ipv6 wan rules

This command displays the operational information on the WAN rules for IPv6.

Syntax

show ipv6 wan rules <ID>

Parameters

<ORDER>  – rule number, takes values of [1..50].

Required privilege level

1

Command mode

ROOT

Example

esr# show ipv6 wan rules 1
Rule 1 detailed information:
    Failover:     Enabled
    Network: 2a14::/120 Metric: 0
        bridge 1 Weight: 1 Nexthop: 2a12::1 [Active]

show ipv6 wan interfaces status

This command displays operational information about the state of interfaces with WAN enabled for the IPv6 stack.

Syntax

show ipv6 wan interfaces status [ <IF> ]

Parameters

<IF> – an interface, specified in the form described in Section Types and naming order of router interfaces.

You may specify several interfaces in the command. If you do not specify interface indexes, then the statuses of all interfaces of the specified group with the WAN mode enabled for the IPv6 stack will be displayed. If a certain interface is specified, the detailed information on this interface will be displayed. If the command is executed without a parameter, the status of all system interfaces with the WAN mode enabled for the IPv6 stack will be shown.

Required privilege level

1

Command mode

ROOT

Example

esr# show ipv6 wan interfaces status bridge 1
Interface 'bridge 1' detailed information:
    State:             Active
    Nexthop address:   2a12::1
    Source address:    fe80::aaf9:4bff:feaa:2dcf
    Last time success: 0 secs
    Last time failure: 19 minutes and 29 seconds
    Uptime:            --
    Targets:
        2a12::1 Test/Ping State: pass Attempts: 1/1