} Related Documentation
Layer 2 Bridging and Transparent Mode for Security Devices
•
• Interfaces for Security Devices
• Device Configuration
• Upgrades and Downgrades
Protocols Configuration Statement Hierarchy
Use the protocols configuration hierarchy statements to configure routing protocols, including End System-to-Intermediate System (ES-IS), Intermediate
System-to-Intermediate System (IS-IS), Open Shortest Path First (OSPF), Routing Information Protocol (RIP), Routing Information Protocol Next Generation (RIPng), Border Gateway Protocol (BGP), and Layer 2 address learning and forwarding.
protocols { bfd {
traceoptions {
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ;
Chapter 13: Configuration Statements
transmit-interval {
export [ policy-name ];
family {
(inet | inet-mvpn | inet-vpn | inet6 | inet6-mvpn | inet6-vpn | iso-vpn | l2-vpn) { (any | flow | multicast | unicast | signaling) {
prefix-limit {
maximum number ;
teardown < percentage > <idle-timeout (forever | minutes )>;
}
teardown < percentage > <idle-timeout (forever | minutes )>;
}
resolve-vpn;
rib inet.3;
rib-group group-name ; traffic-statistics {
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
interval seconds ;
teardown < percentage > <idle-timeout (forever | minutes )>;
}
group group-name { import [ policy-name ];
include-mp-next-hop;
keep (all | none);
local-address address ;
local-as autonomous-system <private> <loops loops >;
local-preference local-preference ; log-updown;
metric-out ( metric | minimum-igp < offset > | igp < offset >);
multihop < ttl-value >;
no-advertise-peer-as;
(always-compare-med | cisco-non-deterministic | external-router-id);
med-plus-igp {
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
Chapter 13: Configuration Statements
interface interface-name { guest-vlan vlan-name;
mac-radius;
maximum-requests request-number ; quiet-period seconds ;
(reauthentication seconds | no-reauthentication);
retries number ;
server-fail deny | permit | use-cache | vlan vlan-name | vlan vlan-id;
server-timeout seconds ;
supplicant (multiple | single | single-secure);
supplicant-timeout seconds ; transmit-period seconds ; }
server-reject-vlan vlan-name | vlan-id;
static mac-address { interface interface-name;
vlan-assignment ( vlan-id | vlan-name);
} }
traceoptions {
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag <disable>;
} } dvmrp {
disable;
export [ policy-name ];
import [ policy-name ];
interface interface-name { disable;
hold-time seconds ; metric value ;
mode (forwarding | unicast-routing);
}
rib-group group-name ; traceoptions {
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
immediate-leave;
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
} }
igmp-snooping { traceoptions {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable> <match regex>;
flag flag ; }
vlan ( vlan-id | vlan-number { disable;
export [ policy-names ];
graceful-restart {
interface (all | interface-name ) { bfd-liveness-detection {
detection-time {
threshold milliseconds ; }
Chapter 13: Configuration Statements
minimum-interval milliseconds ; version (1 | automatic);
}
checksum;
csnp-interval ( seconds | disable);
disable;
hello-padding (adaptive | loose | strict);
ldp-synchronization { mesh-group ( value | blocked);
no-adjacency-down-notification;
label-switched-path name level level metric metric ; level level-number {
no-adjacency-holddown;
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
bandwidth (ct0 class0 | ct1 class1 | ct2 class2 | ct3 class3 );
community community ;
Chapter 13: Configuration Statements
(control-word | no-control-word);
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
} } lacp {
traceoptions {
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ;
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; }
}
traceoptions {
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; }
} ldp {
(deaggregate | no-deaggregate);
egress-policy [ policy-name ];
explicit-null;
export [ policy-name ];
graceful-restart { disable;
helper-disable;
maximum-recovery-time seconds ; recovery-time seconds ;
}
import [ policy-name ];
interface interface-name { disable;
hello-interval seconds ; hold-time seconds ;
transport-address (interface | router-id);
}
policy [ policy-name ];
}
version (0 | 1 | automatic);
}
file filename <files number > <size maximum-file-size >
Chapter 13: Configuration Statements
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
track-igp-metric;
traffic-statistics {
file filename <files number > < match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
interval seconds ; no-penultimate-hop;
}
transport-address (interface | router-id);
}
link-management { peer peer-name {
address address ;
control-channel [ control-channel-interfaces ];
lmp-control-channel interface-name {
te-link [ te-link-names ];
}
file filename <files number> <size maximum-file-size>
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
}
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
exclude [ group-names ];
include-all [ group-names ];
include-any [ group-names ];
}
class ctnumber (drop | loss-priority-high | loss-priority-low);
}
ctnumber priority priority ; }
interface ( interface-name | all) { disable;
admin-group { group-name ; }
label-map ( in-label | default-route) {
Chapter 13: Configuration Statements
class-of-service value ;
(discard | next-hop ( address | hostname | interface-name ) | reject);
(pop | swap out-label );
preference preference ;
swap-push swap-label push-label ; }
exclude [ group-names ];
include-all [ group-names ];
include-any [ group-names ];
}
(exclude group-names | no-exclude);
hop-limit number ;
(include-all group-names | no-include-all);
(include-any group-names | no-include-any);
}
from address ; hop-limit number ; install {
destination-prefix / prefix-length <active>;
}
detection-time threshold milliseconds ; failure-action teardown;
minimum-interval milliseconds ; minimum-receive-interval milliseconds ; multiplier detection-time-multiplier ;
no-adaptation;
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ;
exclude [ group-names ];
include-all [ group-names ];
include-any [ group-names ];
}
detection-time threshold milliseconds ; failure-action teardown;
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; }
}
optimize-timer seconds ;
Chapter 13: Configuration Statements
preference preference ;
priority setup-priority hold-priority ; (record | no-record);
priority setup-priority hold-priority ; (random | least-fill | most-fill);
(record | no-record);
exclude [ group-names ];
include-all [ group-names ];
include-any [ group-names ];
}
detection-time threshold milliseconds ; failure-action teardown;
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; }
}
optimize-timer seconds ; preference preference ;
priority setup-priority hold-priority ; (record | no-record);
select { manual;
unconditional;
}
standby;
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; }
}
log-updown { (syslog | no-syslog);
(trap | no-trap (mpls-lsp-traps | rfc3812-traps) );
trap-path-down;
detection-time threshold milliseconds ; failure-action teardown;
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ; address <loose | strict>;
}
priority setup-priority hold-priority ; (record | no-record);
revert-timer seconds ;
Chapter 13: Configuration Statements
rsvp-error-hold-time seconds ;
double-push bottom-value top-value ; next-hop ( address | interface-name );
preference preference ; push out-label ;
triple-push bottom-value middle-value top-value ; }
}
statistics { auto-bandwidth;
file filename <files number> <size maximum-file-size >
<world-readable | no-world-readable>;
interval seconds ; }
traceoptions {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag ; }
traffic-engineering (bgp | bgp-igp | bgp-igp-both-ribs | mpls-forwarding);
}
mode (point-to-point | shared);
no-root-port;
}
vlan [vlan-id];
}
revision-level number ; traceoptions {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
name-format (character-string | dns | mac+2oct | none);
maintenance-association association-name {
direction (up | down);
interface interface-name ;
short-name-format (2octet | character-string | rfc-2685-vpn-id | vlan);
} }
traceoptions {
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ;
Chapter 13: Configuration Statements
send-critical-event;
link-discovery (active | passive);
negotiation-options {
file filename <files number > <match regular-expression >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag ;
area-range network/mask-length <restrict> <exact> <override-metric metric >;
interface interface-name {
area-range network/mask-length <restrict> <exact>
stub <default-metric metric > <(no-summaries | summaries)>;
} disable;
export [ policy-names ];
external-preference preference ; import [ policy-names ];
overload {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
Chapter 13: Configuration Statements
minimum-receive-interval milliseconds ; version (0 | 1 | automatic);
}
export [ policy-names ];
metric-out metric ; version (0 | 1 | automatic);
}
(check-zero | no-check-zero);
import [ policy-names ];
message-size number ; import [ policy-names ];
message-size number ;
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
} } ripng {
ripng-options ;
}
(priority number | ineligible);
}
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
mode (point-to-point | shared);
no-root-port;
priority interface-priority ; }
max-age seconds ; traceoptions {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
Chapter 13: Configuration Statements
disable;
mode (point-to-point | shared);
no-root-port;
priority interface-priority ; }
max-age seconds ; traceoptions {
file filename <files number > <size maximum-file-size >
<world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
}
mode (p2p | shared);
no-root-port;
mode (p2p | shared);
no-root-port;
priority interface-priority ; }
max-age seconds ; traceoptions {
file filename <files number >
<size maximum-file-size > <world-readable | no-world-readable>;
flag flag < flag-modifier > <disable>;
} } } } Related Documentation
Ethernet Port Switching for Security Devices
•
• Layer 2 Bridging and Transparent Mode for Security Devices
• MPLS for Security Devices