Commands

Mode List

Internal Name

Prompt

Mode Description

abf_interface

config-abf-interface

ACL-Based Forwarding Interface Attachment

abf_policy

config-abf-policy

ACL-Based Forwarding Policy

abf_policy_ipv4_nh

config-abf-policy-ipv4-nh

ACL-Based Forwarding Policy IPv4 Next Hop

abf_policy_ipv6_nh

config-abf-policy-ipv6-nh

ACL-Based Forwarding Policy IPv6 Next Hop

access_list

config-access-list

Dynamic Routing Accesss List

acl

config-acl

Access Control List

acl_rule

config-acl-rule

ACL Rule

aspath

config-aspath

AS Path ordered rule

auth

config-user

User Authentication

auth_server_group

config-auth-server-group

User Authentication Server Group

basic

Initial, priviledged

bfd

config-bfd

Bidirectional Forwarding Detection

bfd_key

config-bfd-key

BFD key

bgp

config-bgp

BGP server

bgp_ip4multi

config-bgp-ip4multi

BGP IPv4 Multicast Address Family

bgp_ip4multi_nbr

config-bgp-ip4multi-nbr

BGP IPv4 Multicast Address Family Neighbor

bgp_ip4uni

config-bgp-ip4uni

BGP IPv4 Unicast Address Family

bgp_ip4uni_nbr

config-bgp-ip4uni-nbr

BGP IPv4 Unicast Address Family Neighbor

bgp_ip6multi

config-bgp-ip6multi

BGP IPv6 Multicast Address Family

bgp_ip6multi_nbr

config-bgp-ip6multi-nbr

BGP IPv6 Multicast Address Family Neighbor

bgp_ip6uni

config-bgp-ip6uni

BGP IPv6 Unicast Address Family

bgp_ip6uni_nbr

config-bgp-ip6uni-nbr

BGP IPv6 Unicast Address Family Neighbor

bgp_neighbor

config-bgp-neighbor

BGP Neighbor

bond

config-bond

Interface bonding

bridge

config-bridge

Bridge

community_list

config-community-list

BGP community list

config

config

Configuration

dhcp_relay

config-dhcp-relay

DHCP Relay Configuration

dns_resolver

config-dns-resolver

DNS Resolver

frr_bgp

config-frr-bgp

Dynamic Routing BGP

frr_ospf

config-frr-ospf

Dynamic Routing OSPF

frr_ospf6

config-frr-ospf6

Dynamic Routing OSPF6

gre

config-gre

Generic Route Encapsulation

host_acl

config-host-acl

Host Access List

host_acl_rule

config-host-acl-rule

Host Access List Rule

host_if

config-host-if

Host interface

host_route

config-host-route

Host Route

host_route_ip4

config-host-route-ip4

IPv4 Host Route

host_route_ip6

config-host-route-ip6

IPv6 Host Route

host_route_table

config-host-route-table

Host Route Table

ike_authentication

config-ike-authentication

IKE peer authentication

ike_authentication_round

config-ike-authentication-round

IKE peer authentication round

ike_child

config-ike-child

IKE child SA

ike_child_proposal

config-ike-child-proposal

IKE child SA proposal

ike_identity

config-ike-identity

IKE peer identity

ike_proposal

config-ike-proposal

IKE proposal

interface

config-interface

Interface

interface_ipv6_ra

config-interface-ipv6-ra

Interface IPv6 RA

interface_ipv6_ra_prefix

config-interface-ipv6-ra-prefix

Interface IPv6 RA Prefix

ipfix_cache

config-ipfix-cache

IPFIX Cache

ipfix_exporter

config-ipfix-exporter

IPFIX Exporter

ipfix_observation_point

config-ipfix-obs-pt

IPFIX Observation Point

ipfix_selection_process

config-ipfix-sel-proc

IPFIX Selection Process

ipip

config-ipip

IPIP Tunnel Configuration

ipsec_crypto_ike

config-ipsec-crypto-ike

IKE

ipsec_crypto_manual

config-crypto-manual

IPsec static keying

ipsec_tunnel

config-ipsec-tunnel

IPsec tunnel

kea_dhcp4

config-kea-dhcp4

DHCP4 Server

kea_dhcp4_log

config-kea-dhcp4-log

DHCP4 Log

kea_dhcp4_log_out

config-kea-dhcp4-log-out

DHCP4 Log output

kea_dhcp4_opt

config-kea-dhcp4-opt

DHCP4 option

kea_dhcp4_optdef

config-kea-dhcp4-optdef

DHCP4 option definition

kea_subnet4

config-kea-dhcp4-subnet4

DHCP4 subnet4

kea_subnet4_opt

config-kea-subnet4-opt

DHCP4 subnet4 option

kea_subnet4_pool

config-kea-subnet4-pool

DHCP4 subnet4 pool

kea_subnet4_pool_opt

config-kea-subnet4-pool-opt

DHCP4 subnet4 pool option

kea_subnet4_reservation

config-kea-subnet4-reservation

DHCP4 subnet4 host reservation

kea_subnet4_reservation_opt

config-kea-subnet4-reservation-opt

DHCP4 subnet4 host res option

ldap

config-ldap

LDAP authentication configuration

log_remote

config-log-remote

Remote Logging configuration

loopback

config-loopback

Loopback interface

macip

config-macip

MAC/IP access control list

macip_rule

config-macip-rule

MACIP Rule

map

config-map

MAP-E/MAP-T

map_param

config-map-param

MAP-E/MAP-T global parameter

memif

config-memif

Memif interface

nacm_group

config-nacm-group

NACM group

nacm_rule

config-nacm-rule

NACM rule

nacm_rule_list

config-nacm-rule-list

NACM rule list

vpf_filter_rule

config-vpf-filter-rule

VPF Filter Rules

vpf_filter_ruleset

config-vpf-filter-ruleset

VPF Filter Rulesets

vpf_ipfix

config-vpf-ipfix

VPF IPFIX Configuration

vpf_nat_rule

config-vpf-nat-rule

VPF NAT Rules

vpf_nat_ruleset

config-vpf-nat-ruleset

VPF NAT Rulesets

vpf_option

config-vpf-option

VPF Options

vpf_table

config-vpf-table

VPF Tables

ntp

config-ntp

NTP

ntp_restrict

config-ntp-restrict

NTP restriction

ntp_server

config-ntp-server

NTP server

ospf

config-ospf

Dynamic routing OSPF Server

ospf_if

config-ospf-if

Dynamic routing OSPF Interface

ospf6

config-ospf6

Dynamic routing OSPF Server

ospf6_if

config-ospf6-if

Dynamic routing OSPF Interface

prefix_list

config-pref-list

Dynamic routing prefix list

radius

config-radius

RADIUS authentication configuration

restconf

config-restconf

RESTCONF server configuration

route_dynamic_manager

config-route-dynamic-manager

Dynamic routing manager

route_map

config-route-map

Route Map

route_map_rule

config-route-map-rule

Route Map Rule

route_table

config-route-table

Static Route Table

rpki

config-rpki

FRR BGP RPKI

rpki_ssh

config-rpki-ssh

FRR BGP RPKI SSH Cache

rpki_tcp

config-rpki-tcp

FRR BGP RPKI TCP Cache

rttbl4_next_hop

config-rttbl4-next-hop

IPv4 Next Hop

rttbl6_next_hop

config-rttbl6-next-hop

IPv6 Next Hop

span

config-span

SPAN

subif

config-subif

Sub-interface VLAN

tap

config-tap

Tap

trace_match

config-trace-match

Packet Trace Match

trace_ether

config-trace-ether

Packet Trace Match Ethernet (L2)

trace_ip4

config-trace-ip4

Packet Trace Match IPv4 (L3)

trace_ip6

config-trace-ip6

Packet Trace Match IPv6 (L3)

trace_tcp

config-trace-tcp

Packet Trace Match TCP (L4)

trace_udp

config-trace-udp

Packet Trace Match UDP (L4)

tunnel_nh_if

config-tunnel-nh-if

Tunnel Next Hop

unbound

config-unbound

Unbound DNS Server

unbound_fwd_zone

config-unbound-fwd-zone

Unbound forward-zone

unbound_local_host

config-unbound-local-host

Unbound local host override

unbound_local_zone

config-unbound-local-zone

Unbound local zone override

vhost_user

config-vhost-user

vHost-user interfaces

vrrp4

config-vrrp4

IPv4 VRRP

vrrp6

config-vrrp6

IPv6 VRRP

vxlan

config-vxlan

VXLAN

wireguard

config-wireguard

WireGuard instances

wireguard_peer

config-wireguard-peer

WireGuard peer instances

Basic Mode Commands

tnsr# configure [terminal]
tnsr# end [<mode-name>]
tnsr# exit
tnsr# ls [-l]
tnsr# [(host|dataplane)] ping (<dest-host>|<dest-ip>) [ipv4|ipv6]
        [interface <if-name>] [source <src-addr>] [count <count>]
        [packet-size <bytes>] [ttl <ttl-hops>] [timeout <wait-sec>]
        [buffered] [interval <seconds:0.000001-6000>]
tnsr# pwd
tnsr# (host|dataplane) shell [<command>]
tnsr# [(host|dataplane)] traceroute (<dest-host>|<dest-ip>) [ipv4|ipv6]
        [interface <if-name>] [source <src-addr>] [packet-size <bytes>]
        [no-dns] [ttl <ttl-hos>] [waittime <wait-sec>] [buffered]
tnsr# whoami

Package Management Commands

tnsr# package cache-clean
tnsr# package (info|list) [available|installed|updates] [<pkg-glob>]
tnsr# package install <pkg-glob>
tnsr# package reinstall <pkg-glob>
tnsr# package remove <pkg-glob>
tnsr# package search <term>
tnsr# package upgrade

Public Key Infrastructure Commands

tnsr# pki ca list
tnsr# pki ca <name> (append <source-name>|delete|enter|get [(full|short)]|import <file>)
tnsr# pki certificate list
tnsr# pki certificate <name> (delete|enter|get [(full|short)]|import <file>)
tnsr# pki generate-restconf-certs [length (2048|3072|4096)] [subject-alt-names <addresses>]
tnsr# pki pkcs12 <certname> generate export-password <password> [ca-name <caname>]
       [key-pbe-algorithm <pbe-algo>] [certificate-pbe-algorithm <pbe-algo>]
       [mac-algorithm <mac-algo>] [verbose]
tnsr# pki pkcs12 <certname> (delete|get [verbose])
tnsr# pki private-key list
tnsr# pki private-key <name> (delete|enter|get|import <file>)
tnsr# pki private-key <name> generate [key-length (2048|3072|4096)]
tnsr# pki signing-request list
tnsr# pki signing-request <name> (delete|generate|get)
tnsr# pki signing-request <name> sign (ca-name <ca>|self) [days-valid <days>]
       [digest (sha224|sha256|sha384|sha512)] [purpose (ca|client|server)]
tnsr# pki signing-request set (city|common-name|country|org|org-unit|state) <text>
tnsr# pki signing-request set digest (sha224|sha256|sha384|sha512)
tnsr# pki signing-request settings (clear|show)
tnsr# pki signing-request set subject-alt-names add
        (email|hostname|ipv4-address|ipv6-address|uri) <value>
tnsr# pki signing-request set subject-alt-names clear
tnsr# pki signing-request set subject-alt-names delete <name>
tnsr# pki ssh-key list
tnsr# pki ssh-key <name> (delete|enter|get) (private|public)
tnsr# pki ssh-key <name> import (private|public) <file>

Packet Trace Commands

tnsr# trace capture node <input-node> [maximum <max>] [verbose] [pre-clear]
tnsr# trace clear
tnsr# trace filter (exclude|include) node <graph-node> [maximum <max>]
tnsr# trace filter none
tnsr# trace match <name>
tnsr# show trace [maximum <max>]

Packet Trace Match Mode

Enter Packet Trace Match Mode

tnsr# trace match <name>
tnsr(config-trace-match)#

Packet Trace Match Mode Commands

tnsr(config-trace-match)# [no] description <text>
tnsr(config-trace-match)# [no] ethernet
tnsr(config-trace-match)# [no] ip4
tnsr(config-trace-match)# [no] ip6
tnsr(config-trace-match)# [no] tcp
tnsr(config-trace-match)# [no] udp

Remove Packet Trace Match

tnsr# no trace match <name>

Packet Trace Match Ethernet Mode

Enter Packet Trace Match Ethernet Mode

tnsr(config-trace-match)# ethernet
tnsr(config-trace-ether)#

Packet Trace Match Ethernet Mode Commands

tnsr(config-trace-ether)# [no] destination mac-address <mac-addr>
tnsr(config-trace-ether)# [no] destination mask <mask-val>
tnsr(config-trace-ether)# [no] ethertype <type-name>
tnsr(config-trace-ether)# [no] source mac-address <mac-addr>
tnsr(config-trace-ether)# [no] source mask <mask-val>
tnsr(config-trace-ether)# [no] vlan-dot1q [(pcp <val>|tag <inner-tag>)]
tnsr(config-trace-ether)# [no] vlan-dot1q vlan-dot1ad [(pcp <val>|tag <outer-tag>)]

Remove Packet Trace Ethernet Match

tnsr(config-trace-match)# no ethernet

Packet Trace Match IPv4 Mode

Enter Packet Trace Match IPv4 Mode

tnsr(config-trace-match)# ip4
tnsr(config-trace-ip4)#

Packet Trace Match IPv4 Mode Commands

tnsr(config-trace-ip4)# [no] checksum <uint16>
tnsr(config-trace-ip4)# [no] destination-ip-prefix <prefix>
tnsr(config-trace-ip4)# [no] dscp <val:0..63>
tnsr(config-trace-ip4)# [no] ecn <val:0..3>
tnsr(config-trace-ip4)# [no] flags <value>
tnsr(config-trace-ip4)# [no] fragmentation-offset <val:0..8191>
tnsr(config-trace-ip4)# [no] identification <uint16>
tnsr(config-trace-ip4)# [no] ihl <val:5-15>
tnsr(config-trace-ip4)# [no] length <val:20..65535>
tnsr(config-trace-ip4)# [no] protocol <uint8>
tnsr(config-trace-ip4)# [no] source-ip-prefix <prefix>
tnsr(config-trace-ip4)# [no] ttl <uint16>
tnsr(config-trace-ip4)# [no] version <val>

Remove Packet Trace IPv4 Match

tnsr(config-trace-match)# no ip4

Packet Trace Match IPv6 Mode

Enter Packet Trace Match IPv6 Mode

tnsr(config-trace-match)# ip6
tnsr(config-trace-ip6)#

Packet Trace Match IPv6 Mode Commands

tnsr(config-trace-ip6)# [no] destination-prefix <prefix>
tnsr(config-trace-ip6)# [no] flow-label <val:0..1048575>
tnsr(config-trace-ip6)# [no] hop-limit <uint8>
tnsr(config-trace-ip6)# [no] next-header <uint8>
tnsr(config-trace-ip6)# [no] payload-length <uint16>
tnsr(config-trace-ip6)# [no] source-prefix <prefix>
tnsr(config-trace-ip6)# [no] traffic-class <val>
tnsr(config-trace-ip6)# [no] version <val>

Remove Packet Trace IPv6 Match

tnsr(config-trace-match)# no ip6

Packet Trace Match TCP Mode

Enter Packet Trace Match TCP Mode

tnsr(config-trace-match)# tcp
tnsr(config-trace-tcp)#

Packet Trace Match TCP Mode Commands

tnsr(config-trace-tcp)# [no] acknowledgement-number <uint16>
tnsr(config-trace-tcp)# [no] checksum <uint16>
tnsr(config-trace-tcp)# [no] data-offset <uint16>
tnsr(config-trace-tcp)# [no] destination-port <port-number>
tnsr(config-trace-tcp)# [no] flags <flag-val>
tnsr(config-trace-tcp)# [no] sequence-number <uint16>
tnsr(config-trace-tcp)# [no] source-port <port-number>
tnsr(config-trace-tcp)# [no] window <uint16>

Remove Packet Trace TCP Match

tnsr(config-trace-match)# no tcp

Packet Trace Match UDP Mode

Enter Packet Trace Match UDP Mode

tnsr(config-trace-match)# udp
tnsr(config-trace-udp)#

Packet Trace Match UDP Mode Commands

tnsr(config-trace-udp)# [no] checksum <uint16>
tnsr(config-trace-udp)# [no] destination-port <port-number>
tnsr(config-trace-udp)# [no] length <uint16>
tnsr(config-trace-udp)# [no] source-port <port-number>

Remove Packet Trace UDP Match

tnsr(config-trace-match)# no udp

Config Mode Commands

tnsr(config)# [no] acl <acl-name>
tnsr(config)# [no] auth user <user-name>
tnsr(config)# [no] auth method (ldap|radius) server-group <group-name>
tnsr(config)# [no] auth server-group <group-name>
tnsr(config)# bfd conf-key-id <conf-key-id>
tnsr(config)# bfd session <bfd-session>
tnsr(config)# [no] cli history-config (enable|disable)
tnsr(config)# [no] cli history-config lines [<count>]
tnsr(config)# [no] cli option (auto-discard|check-delete-thresholds)
tnsr(config)# configuration candidate clear
tnsr(config)# configuration candidate commit
tnsr(config)# configuration candidate discard
tnsr(config)# configuration candidate load <filename> [(replace|merge)]
tnsr(config)# configuration candidate validate
tnsr(config)# configuration copy candidate startup
tnsr(config)# configuration copy running (candidate|startup)
tnsr(config)# configuration copy startup candidate
tnsr(config)# configuration history (enable|disable)
tnsr(config)# [no] configuration history autosave-period <num>
tnsr(config)# configuration history version (load|save) <version-name>
tnsr(config)# no configuration history [storage]
tnsr(config)# no configuration history version <version-name>
tnsr(config)# configuration rollback timer start minutes <minutes> config-source (running|startup|<filename>)
tnsr(config)# configuration rollback timer restart minutes <minutes>
tnsr(config)# configuration rollback (trigger|cancel)
tnsr(config)# configuration save (candidate|running) <filename>
tnsr(config)# crypto asynchronous dispatch-mode (adaptive|interrupt|polling)
tnsr(config)# [no] crypto asychronous dispatch-mode
tnsr(config)# [no] dataplane api-segment api-size <mem-size>
tnsr(config)# [no] dataplane api-segment global-size <mem-size>
tnsr(config)# [no] dataplane api-segment api-pvt-heap-size <mem-size>
tnsr(config)# [no] dataplane api-segment global-pvt-heap-size <mem-size>
tnsr(config)# [no] dataplane buffers buffers-per-numa [<buffers-per-numa>]
tnsr(config)# [no] dataplane buffers default-data-size [<default-data-size>]
tnsr(config)# [no] dataplane cpu corelist-workers [<core-first> [- <core-last>]]
tnsr(config)# [no] dataplane cpu main-core <main-core>
tnsr(config)# [no] dataplane cpu skip-cores <skip-cores>
tnsr(config)# [no] dataplane cpu workers <workers>
tnsr(config)# dataplane dpdk dev <pci-id> (crypto|crypto-vf)
tnsr(config)# dataplane dpdk dev (<pci-id>|<vmbus-uuid>) network
                   [num-rx-queues [<num-rx-queues>]] [num-tx-queues [<num-tx-queues>]]
                   [num-rx-desc [<num-rx-desc>]] [num-tx-desc [<num-tx-desc>]]
                   [tso (off|on)] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk dev all-inactive-network
tnsr(config)# dataplane dpdk dev default network
                   [num-rx-queues [<num-rx-queues>]] [num-tx-queues [<num-tx-queues>]]
                   [num-rx-desc [<num-rx-desc>]] [num-tx-desc [<num-tx-desc>]]
                   [tso (off|on)] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk dev (<pci-id>|<vmbus-uuid>) network name <name>
tnsr(config)# no dataplane dpdk dev (<pci-id>|<vmbus-uuid>|default) [name] [num-rx-queues] [num-tx-queues]
                   [num-rx-desc] [num-tx-desc] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk blacklist <vendor-id>:<device-id>
tnsr(config)# dataplane dpdk blacklist (<pci-id>|<vmbus-uuid>)
tnsr(config)# [no] dataplane dpdk decimal-interface-names
tnsr(config)# dataplane dpdk iova-mode (pa|va)
tnsr(config)# [no] dataplane dpdk iova-mode
tnsr(config)# [no] dataplane dpdk log-level (alert|critical|debug|emergency|error|info|notice|warning)
tnsr(config)# [no] dataplane dpdk lro
tnsr(config)# [no] dataplane dpdk no-multi-seg
tnsr(config)# [no] dataplane dpdk no-pci
tnsr(config)# [no] dataplane dpdk no-tx-checksum-offload
tnsr(config)# [no] dataplane dpdk outer-checksum-offload
tnsr(config)# [no] dataplane dpdk tcp-udp-checksum
tnsr(config)# [no] dataplane dpdk telemetry
tnsr(config)# [no] dataplane dpdk uio-driver [<uio-driver>]
tnsr(config)# [no] dataplane ethernet default-mtu <size>
tnsr(config)# [no] dataplane ip6 hash-buckets [<size>]
tnsr(config)# [no] dataplane linux-cp nl-rx-buffer-size <n>
tnsr(config)# [no] dataplane linux-cp nl-batch-size <n>
tnsr(config)# [no] dataplane linux-cp nl-batch-delay-ms <n>
tnsr(config)# [no] dataplane logging (default-log-level|default-syslog-log-level)
                (alert|crit|debug|disabled|emerg|err|info|notice|warn)
tnsr(config)# [no] dataplane logging size <message-count>
tnsr(config)# [no] dataplane logging unthrottle-time <seconds>
tnsr(config)# [no] dataplane memory main-heap-size <heap-size>[kKmMgG]
tnsr(config)# [no] dataplane memory main-heap-page-size (default|4k|2m|1g)
tnsr(config)# [no] dataplane plugins plugin <name> [enable]
tnsr(config)# [no] dataplane statseg heap-size <heap-size>[kKmMgG]
tnsr(config)# [no] dataplane statseg per-node-counters enable
tnsr(config)# [no] dataplane statseg socket-name <socket-name>
tnsr(config)# [no] dataplane vhost-user coalesce-frames <num>
tnsr(config)# [no] dataplane vhost-user coalesce-time <us>
tnsr(config)# [no] dataplane vhost-user dont-dump-memory
tnsr(config)# debug cli [level <n>]
tnsr(config)# debug tnsr (clear|set|value) <flags>
tnsr(config)# debug vmgmt (clear|set|value) <flags>
tnsr(config)# no debug (cli|tnsr|vmgmt)
tnsr(config)# [no] dhcp-relay <client-vrf>
tnsr(config)# dhcp4 (enable|disable)
tnsr(config)# [no] dhcp4 server
tnsr(config)# exit
tnsr(config)# [no] gre <gre-name>
tnsr(config)# [no] host acl <acl-name>
tnsr(config)# [no] host interface <host-if-name>
tnsr(config)# host route table default
tnsr(config)# [no] interface <if-name>
tnsr(config)# interface clear counters [<interface>]
tnsr(config)# [no] interface bond <instance>
tnsr(config)# [no] interface bridge domain <domain-id>
tnsr(config)# [no] interface loopback <name>
tnsr(config)# [no] interface memif socket <socket-id> (filename <file>|interface <if-id>)
tnsr(config)# [no] interface subif <interface> <subid>
tnsr(config)# [no] interface tap <host-name>
tnsr(config)# interface vhost-user <instance>
tnsr(config)# no interface vhost-user [<instance>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) expire-walk-interval [<interval-ms>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) max-reassemblies [<max>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) max-reassembly-length [<length>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) timeout [<timeout-ms>]
tnsr(config)# [no] ipfix cache <name>
tnsr(config)# [no] ipfix exporter
tnsr(config)# [no] ipfix observation-point <name>
tnsr(config)# [no] ipfix selection-process <name>
tnsr(config)# [no] ipsec global-options eap-radius server-group <name>
tnsr(config)# [no] ipsec global-options eap-radius accounting enabled
tnsr(config)# [no] ipsec global-options eap-radius accounting interim-interval <interim-interval>
tnsr(config)# [no] ipsec tunnel <tunnel-num>
tnsr(config)# [no] lldp system-name <system-name>
tnsr(config)# [no] lldp tx-hold <transmit-hold>
tnsr(config)# [no] lldp tx-interval <transmit-interval>
tnsr(config)# [no] logging remote-server <name>
tnsr(config)# [no] macip <macip-name>
tnsr(config)# nacm (enable|disable)
tnsr(config)# no nacm enable
tnsr(config)# [no] nacm exec-default (deny|permit)
tnsr(config)# [no] nacm group <group-name>
tnsr(config)# [no] nacm read-default (deny|permit)
tnsr(config)# [no] nacm rule-list <rule-list-name>
tnsr(config)# [no] nacm write-default (deny|permit)
tnsr(config)# [no] nat global-options nat44 enabled (true|false)
tnsr(config)# [no] nat global-options nat44 endpoint-dependent (true|false)
tnsr(config)# [no] nat global-options nat44 forwarding (true|false)
tnsr(config)# [no] nat global-options nat44 max-translations-per-thread <n>
tnsr(config)# [no] nat global-options nat44 max-translations-per-user <n>
tnsr(config)# [no] nat global-options nat44 max-users-per-thread <n>
tnsr(config)# [no] nat global-options nat44 out2in-dpo (true|false)
tnsr(config)# [no] nat global-options nat44 static-mapping-only (true|false)
tnsr(config)# [no] nat global-options timeouts (icmp|tcp_established|tcp_transitory|udp) <seconds>
tnsr(config)# [no] nat ipfix logging enable
tnsr(config)# [no] nat ipfix logging domain <domain-id>
tnsr(config)# [no] nat ipfix logging src-port <src-port>
tnsr(config)# [no] nat nat64 map <domain-name>
tnsr(config)# [no] nat nat64 map parameters
tnsr(config)# [no] nat pool address <ip-first> [- <ip-last>] [twice-nat] [route-table <rt-tbl-name>]
tnsr(config)# [no] nat pool interface <if-name> [twice-nat]
tnsr(config)# [no] nat static mapping (icmp|udp|tcp) local <ip-local> [<port-local>]
                   external (<ip-external>|<if-name>) [<port-external>]
                   [twice-nat] [out-to-in-only] [route-table <rt-tbl-name>]
tnsr(config)# [no] neighbor <interface> <ip-address> <mac-address> [no-adj-route-table-entry]
tnsr(config)# [no] neighbor cache-options (ipv4|ipv6) max-number <max-num-val>
tnsr(config)# [no] neighbor cache-options (ipv4|ipv6) max-age <max-age-sec>
tnsr(config)# no vpf
tnsr(config)# vpf (disable|enable)
tnsr(config)# vpf filter ruleset <name>
tnsr(config)# no vpf filter ruleset [<name> [rule <seq>]]
tnsr(config)# [no] vpf ipfix
tnsr(config)# vpf nat ruleset <name>
tnsr(config)# no vpf nat ruleset [<name> [rule <seq>]]
tnsr(config)# [no] vpf options
tnsr(config)# vpf table <name>
tnsr(config)# no vpf table [<name>]
tnsr(config)# ntp (enable|disable)
tnsr(config)# no ntp enable
tnsr(config)# ntp namespace (host|dataplane)
tnsr(config)# no ntp namespace
tnsr(config)# [no] ntp server
tnsr(config)# prometheus (host|dataplane) (enable|disable)
tnsr(config)# no prometheus (host|dataplane)
tnsr(config)# [no] prometheus (host|dataplane) filter <regex> [<regex> [...]]
tnsr(config)# radius
tnsr(config)# reboot (now|<minutes>) [force]
tnsr(config)# reboot cancel
tnsr(config)# restconf
tnsr(config)# [no] route dynamic access-list <access-list-name>
tnsr(config)# route acl-based-forwarding interface <if-name>
tnsr(config)# route acl-based-forwarding policy <id>
tnsr(config)# no route acl-based-forwarding [interface <if-name>|policy <id>]
tnsr(config)# route dynamic bgp
tnsr(config)# route dynamic manager
tnsr(config)# route dynamic ospf
tnsr(config)# route dynamic ospf6
tnsr(config)# [no] route dynamic prefix-list <prefix-list-name>
tnsr(config)# [no] route dynamic route-map <route-map-name>
tnsr(config)# no route dynamic route-map [<route-map-name>]
tnsr(config)# [no] route table <name>
tnsr(config)# service
                (backend|bgp|dataplane|dhcp4|ike|ntp (dataplane|host)|ospf|ospf6|restconf|
                rip|snmp (dataplane|host)|unbound) coredump (enable|disable)
tnsr(config)# service bgp (start|stop|restart|status)
tnsr(config)# service dataplane (start|stop|restart|status)
tnsr(config)# service dhcp4 (start|stop|reload|status)
tnsr(config)# service ntp (dataplane|host) (start|stop|restart|status)
tnsr(config)# service ospf (start|stop|restart|status)
tnsr(config)# service ospf6 (start|stop|restart|status)
tnsr(config)# service prometheus (dataplane|host) (start|stop|restart|status)
tnsr(config)# service restconf (start|stop|restart|status)
tnsr(config)# service rip (start|stop|restart|status)
tnsr(config)# service rsyslog (start|stop|restart|status)
tnsr(config)# service snmp (dataplane|host) (start|stop|restart|status)
tnsr(config)# service ssh dataplane (start|stop|restart|status)
tnsr(config)# service ssh host status
tnsr(config)# service unbound (start|stop|status|reload|restart)
tnsr(config)# snmp (host|dataplane) (enable|disable)
tnsr(config)# [no] snmp access group-name <group-name>
                               prefix (exact|prefix)
                               model (any|v1|v2c)
                               level (noauth|auth|priv)
                               read <read-view>
                               write <write-view>
tnsr(config)# snmp community community-name <community-name>
                             source (<src-prefix>|default)
                             security-name <security-name>
tnsr(config)# snmp group group-name <group-name>
                         security-name <security-name>
                         security-model (any|v1|v2c)
tnsr(config)# snmp view view-name <view-name>
                        view-type (included|excluded)
                        oid <oid>
tnsr(config)# [no] span <if-name-src>
tnsr(config)# ssh dataplane (enable|disable)
tnsr(config)# [no] sysctl vm nr_hugepages <u64>
tnsr(config)# [no] sysctl vm nr_overcommit_hugepages <u64>
tnsr(config)# [no] sysctl vm max_map_count <u64>
tnsr(config)# [no] sysctl kernel shmmem <u64>
tnsr(config)# system banner <end-character>
tnsr(config)# no system banner
tnsr(config)# [no] system contact <text>
tnsr(config)# [no] system description <text>
tnsr(config)# [no] system kernel arguments auto isolcpus
tnsr(config)# [no] system kernel arguments manual <text>
tnsr(config)# [no] system location <text>
tnsr(config)# [no] system name <text>
tnsr(config)# [no] system dns-resolver (dataplane|host)
tnsr(config)# [no] tunnel ipip <instance>
tnsr(config)# [no] tunnel next-hops <interface>
tnsr(config)# [no] unbound server
tnsr(config)# unbound (enable|disable)
tnsr(config)# no unbound enable
tnsr(config)# [no] vxlan <vxlan-name>
tnsr(config)# write

Show Commands in Both Basic and Config Modes

tnsr# show acl [<acl-name>]
tnsr# show acl-based-forwarding
tnsr# show acl-based-forwarding interface [<if-name>]
tnsr# show acl-based-forwarding policy [<id>]
tnsr# show bfd
tnsr# show bfd keys [conf-key-id <conf-key-id>]
tnsr# show bfd sessions [conf-key-id <conf-key-id> | peer-ip-addr <peer-addr>]
tnsr# show cli
tnsr# show clock
tnsr# show configuration [(candidate|running|startup) [(xml|json) [(explicit|report-all)]]]
tnsr# show configuration [(candidate|running|startup) cli [<section>]]
tnsr# show configuration history (config|versions)
tnsr# show configuration history log [<entry-name>]
tnsr# show configuration history version-diff <old-version> <new-version>
tnsr# show configuration rollback timer
tnsr# show dataplane cpu threads
tnsr# show dhcp-relay [<client-vrf>]
tnsr# show documentation
tnsr# show gre [<tunnel-name>]
tnsr# show history-config
tnsr# show host acl [<acl-name> [rule <seq>]]
tnsr# show host interface (<name>|ipv4|ipv6|link)
tnsr# show host route [<interface>] [(ipv4|ipv6)] [table all]
tnsr# show host ruleset
tnsr# show interface [<if-name>] [(access-list|acl|bonding|link|mac-address|
                                   rx-queues|subif|vlan tag-rewrite|vtr)]
tnsr# show interface [<if-name>] brief
tnsr# show interface [<if-name>] counters [verbose]
tnsr# show interface <if-name> counters rolling [interval <sec>]
tnsr# show interface [<if-name>] ip [nat]
tnsr# show interface [<if-name>] ipv6 [router-advertisements]
tnsr# show interface [<if-name>] [(ip|ipv6)] vrrp-virtual-router
tnsr# show interface bridge domain [<bdi>]
tnsr# show interface loopback [<loopback-name>]
tnsr# show interface memif [<id>]
tnsr# show interface bond [<id>]
tnsr# show interface lacp [<if-name>]
tnsr# show interface tap
tnsr# show interface vhost-user
tnsr# show ip reassembly [(full|virtual) [(ipv4|ipv6)]]
tnsr# show ipsec tunnel [<tunnel_number> [brief|child|ike|verbose]]
tnsr# show kea [(keactrl|dhcp4) [config-file]]
tnsr# show kea dhcp4 leases
tnsr# show ldap [(parameters|servers)]
tnsr# show logging [priority <priority>] [<source(s)>] [<time-filters>] [<modifiers>]
tnsr# show logging [priority <priority>]
                   [kernel|(service <name>]|syslog-facility <name>|syslog-identifier <id>)
                   [<additional-sources>]]
                   [after-time <time>] [before-time <time>] [recent-lines <n>] [reverse]
tnsr# show macip [<macip-name>]
tnsr# show map [<map-domain-name>]
tnsr# show nacm [group [<group-name>] | rule-list [<rule-list-name>]]
tnsr# show nat [config|interface-sides|static-mappings]
tnsr# show nat dynamic (addresses|interfaces)
tnsr# show nat sessions [verbose]
tnsr# show neighbor [(cache-options|interface <if-name>)]
tnsr# show vpf filter ruleset [<name>]
tnsr# show vpf ipfix
tnsr# show vpf nat ruleset [<name>]
tnsr# show vpf options interfaces
tnsr# show vpf options runtime
tnsr# show vpf options startup
tnsr# show vpf status
tnsr# show vpf table [<name>]
tnsr# show ntp [(associations|peers) [associd <id>]]
tnsr# show ntp config-file
tnsr# show packet-counters
tnsr# show prometheus
tnsr# show radius servers
tnsr# show route dynamic access-list [<access-list-name>]
tnsr# show route dynamic bgp as-path [<as-path-name>]
tnsr# show route dynamic bgp community-list [<community-list-name>]
tnsr# show route dynamic bgp config [<as-number>]
tnsr# show route dynamic bgp [vrf <vrf-name>] (ipv4|ipv6) neighbors [<peer>
        [advertised-routes|dampened-routes|flap-statistics|graceful-restart|
        prefix-counts|received|received-routes|routes]]
tnsr# show route dynamic bgp [vrf <vrf-name>] (ipv4|ipv6) network <prefix>
tnsr# show route dynamic bgp [vrf <vrf-name>] [(ipv4|ipv6)] summary
tnsr# show route dynamic bgp [vrf <vrf-name>] neighbors [<peer>]
tnsr# show route dynamic bgp [vrf <vrf-name>] nexthop [detail]
tnsr# show route dynamic bgp [vrf <vrf-name>] peer-group <peer-group-name>
tnsr# show route dynamic manager
tnsr# show route dynamic ospf [vrf <vrf-name>] [(border-routers|config|interface|
        neighbor [detail]|route|router-info)]
tnsr# show route dynamic ospf [vrf <vrf-name>] database [(asbr-summary|external|
        max-age|network|nssa-external|opaque-area|opaque-as|opaque-link|router|
        self-originate|summary)]
tnsr# show route dynamic ospf6 [vrf <vrf-name>] area [<area-id>]
tnsr# show route dynamic ospf6 [vrf <vrf-name>] [(area|border-routers|config|
        database|interface|linkstate|neighbor [detail]|route-table|spf)]
tnsr# show route dynamic prefix-list [<prefix-list-name>]
tnsr# show route dynamic rip [vrf <vrf-name>] [(config|status)]
tnsr# show route dynamic route-map [<route-map-name>]
tnsr# show route [table <route-table-name> [<prefix> [exact]]] [all]
tnsr# show running-configuration [<section>]
tnsr# show span
tnsr# show sysctl
tnsr# show system
tnsr# show trace
tnsr# show tunnel ipip [<instance id>]
tnsr# show tunnel next-hops [<tunnel-interface>]
tnsr# show unbound [config-file]
tnsr# show version [all]
tnsr# show vxlan [<vxlan-name>]
tnsr# show wireguard [<instance>]

Show Command Output Modifiers

tnsr# show <command> | match <pattern>
tnsr# show <command> | exclude <pattern>
tnsr# show <command> | tail <num>
tnsr# show <command> | count

Access Control List Modes

Enter Access Control List Mode

tnsr(config)# acl <acl-name>
tnsr(config-acl)#

Access Control List Mode Commands

tnsr(config-acl)# rule <seq-number>

Remove Access Control List

tnsr(config)# no acl <acl-name>

Enter ACL Rule Mode

tnsr(config-acl)# rule <seq-number>
tnsr(config-acl-rule)#

ACL Rule Mode Commands

tnsr(config-acl-rule)# action (deny|permit|reflect)
tnsr(config-acl-rule)# ip-version (ipv4|ipv6)
tnsr(config-acl-rule)# no action [deny|permit|reflect]
tnsr(config-acl-rule)# destination address <ip-prefix>
tnsr(config-acl-rule)# no destination address [<ip-prefix>]
tnsr(config-acl-rule)# [no] destination port (any|<first> [- <last>])
tnsr(config-acl-rule)# [no] icmp type (any|<type-first> [- <type-last>])
tnsr(config-acl-rule)# [no] icmp code (any|<code-first> [- <code-last>])
tnsr(config-acl-rule)# protocol (any|icmp|icmpv6|tcp|udp|<proto-number>)
tnsr(config-acl-rule)# no protocol
tnsr(config-acl-rule)# source address <ip-prefix>
tnsr(config-acl-rule)# no source address [<ip-prefix>]
tnsr(config-acl-rule)# [no] source port (any|<first> [- <last>])
tnsr(config-acl-rule)# [no] tcp flags mask <mask> value <value>
tnsr(config-acl-rule)# [no] tcp flags value <value> mask <mask>

Remove ACL Rule

tnsr(config-acl)# no rule <seq>

MACIP ACL Mode

Enter MACIP ACL Mode

tnsr(config)# macip <macip-name>
tnsr(config-macip)#

MACIP ACL Mode Commands

tnsr(config-macip)# rule <seq>

Remove MACIP ACL

tnsr(config-macip)# no macip <macip-name>

Enter MACIP ACL Rule Mode

tnsr(config-macip)# rule <seq-number>
tnsr(config-macip-rule)#

MACIP Rule Mode Commands

tnsr(config-macip-rule)# action (deny|permit)
tnsr(config-macip-rule)# no action [deny|permit]
tnsr(config-macip-rule)# ip-version (ipv4|ipv6)
tnsr(config-macip-rule)# address <ip-prefix>
tnsr(config-macip-rule)# no address [<ip-prefix>]
tnsr(config-macip-rule)# mac address <mac-address> [mask <mac-mask>]
tnsr(config-macip-rule)# mac mask <mac-mask> [address <mac-address>]
tnsr(config-macip-rule)# no mac
tnsr(config-macip-rule)# no mac address [<mac-address>] [mask [<mac-mask>]]
tnsr(config-macip-rule)# no mac mask [<mac-mask>] [address [<mac-address>]]

Remove MACIP ACL Rule

tnsr(config-macip)# no rule <seq-number>

GRE Mode

Enter GRE Mode

tnsr(config)# gre <gre-name>
tnsr(config-gre)#

GRE Mode Commands

tnsr(config-gre)# encapsulation route-table <rt-table-name>
tnsr(config-gre)# instance <id>
tnsr(config-gre)# destination <ip-address>
tnsr(config-gre)# source <ip-address>
tnsr(config-gre)# tunnel-type erspan session-id <session-id>
tnsr(config-gre)# tunnel-type (l3|teb)

Remove GRE Instance

tnsr(config)# no gre <gre-name>

Interface Mode

Enter Interface mode

tnsr(config)# interface <if-name>
tnsr(config-interface)#

Interface Mode Commands

tnsr(config-interface)# access-list (input|output) acl <acl-name> sequence <number>
tnsr(config-interface)# access-list macip <macip-name>
tnsr(config-interface)# no access-list
tnsr(config-interface)# no access-list acl <acl-name>
tnsr(config-interface)# no access-list macip [<macip-name>]
tnsr(config-interface)# no access-list [(input|output) [acl <acl-name> [sequence <number>]]]
tnsr(config-interface)# bond <instance> [long-timeout] [passive]
tnsr(config-interface)# [no] bond <instance>
tnsr(config-interface)# bridge domain <bridge-domain-id> [bvi <bvi>] [shg <shg>]
tnsr(config-interface)# description <string-description>
tnsr(config-interface)# detailed-stats (enable|disable)
tnsr(config-interface)# [no] dhcp client ipv4 [hostname <host-name>]
tnsr(config-interface)# disable
tnsr(config-interface)# [no] enable
tnsr(config-interface)# [no] ip address <ip-prefix>
tnsr(config-interface)# ip mtu <mtu>
tnsr(config-interface)# no ip mtu [<mtu>]
tnsr(config-interface)# [no] ip nat (inside|outside|none)
tnsr(config-interface)# [no] ip reassembly enable
tnsr(config-interface)# [no] ip reassembly type (full|virtual)
tnsr(config-interface)# ip tcp mss <mss-value> (Tx|Rx|TxRx)
tnsr(config-interface)# no ip tcp mss [<mss-value> [Tx|Rx|TxRx]]
tnsr(config-interface)# [no] ip vrrp-virtual-router <vrid>
tnsr(config-interface)# [no] ipv6 address <ipv6-prefix>
tnsr(config-interface)# ipv6 mtu <mtu>
tnsr(config-interface)# no ipv6 mtu [<mtu>]
tnsr(config-interface)# [no] ipv6 reassembly enable
tnsr(config-interface)# [no] ipv6 reassembly type (full|virtual)
tnsr(config-interface)# [no] ipv6 router-advertisements
tnsr(config-interface)# ipv6 tcp mss <mss-value> (Tx|Rx|TxRx)
tnsr(config-interface)# no ipv6 tcp mss [<mss-value> [Tx|Rx|TxRx]]
tnsr(config-interface)# [no] ipv6 vrrp-virtual-router <vrid>
tnsr(config-interface)# lldp port-name <port-name>
tnsr(config-interface)# lldp management ipv4 <ip-address>
tnsr(config-interface)# lldp management ipv6 <ipv6-address>
tnsr(config-interface)# lldp management oid <oid>
tnsr(config-interface)# map (disable|enable|translate)
tnsr(config-interface)# no map (enable|translate)
tnsr(config-interface)# mac-address <mac-address>
tnsr(config-interface)# mtu <mtu>
tnsr(config-interface)# no mtu [<mtu>]
tnsr(config-interface)# rx-mode (adaptive|interrupt|polling)
tnsr(config-interface)# no rx-mode
tnsr(config-interface)# rx-queue <queue_num> cpu <core-id>
tnsr(config-interface)# no rx-queue [<queue_num> [cpu <core-id>]]
tnsr(config-interface)# vlan tag-rewrite (disable|pop-1|pop-2)
tnsr(config-interface)# vlan tag-rewrite push-1 (dot1ad|dot1q) <tag1>
tnsr(config-interface)# vlan tag-rewrite push-2 (dot1ad|dot1q) <tag1> <tag2>
tnsr(config-interface)# vlan tag-rewrite (translate-1-1|translate-2-1) (dot1ad|dot1q) <tag1>
tnsr(config-interface)# vlan tag-rewrite (translate-1-2|translate-2-2) (dot1ad|dot1q) <tag1> <tag2>
tnsr(config-interface)# vrf <vrf-name>

Remove Interface

tnsr(config)# no interface <if-name>

Interface IPv6 RA Mode

Enter Interface IPv6 RA Mode

tnsr(config-interface)# ipv6 router-advertisements
tnsr(config-interface-ipv6-ra)#

Interface IPv6 RA Mode Commands

tnsr(config-interface-ipv6-ra)# [no] default-lifetime <seconds>
tnsr(config-interface-ipv6-ra)# [no] managed-flag (true|false)
tnsr(config-interface-ipv6-ra)# [no] max-rtr-adv-interval <seconds>
tnsr(config-interface-ipv6-ra)# [no] min-rtr-adv-interval <seconds>
tnsr(config-interface-ipv6-ra)# [no] other-config-flag (true|false)
tnsr(config-interface-ipv6-ra)# [no] prefix <ipv6-prefix>
tnsr(config-interface-ipv6-ra)# no prefix
tnsr(config-interface-ipv6-ra)# [no] send-advertisements (true|false)

Interface IPv6 RA Prefix Mode

Enter Interface IPv6 RA Prefix Mode

tnsr(config-interface-ipv6-ra)# prefix <ipv6-prefix>
tnsr(config-interface-ipv6-ra-prefix)#

Interface IPv6 RA Prefix Mode Commands

tnsr(config-interface-ipv6-ra-prefix)# [no] autonomous-flag (true|false)
tnsr(config-interface-ipv6-ra-prefix)# [no] no-advertise
tnsr(config-interface-ipv6-ra-prefix)# [no] on-link-flag (true|false)
tnsr(config-interface-ipv6-ra-prefix)# [no] preferred-lifetime <time-in-seconds>
tnsr(config-interface-ipv6-ra-prefix)# [no] valid-lifetime <time-in-seconds>

Loopback Mode

Enter Loopback Mode

tnsr(config)# interface loopback <loopback-name>
tnsr(config-loopback)#

Loopback Mode Commands

tnsr(config-loopback)# instance <u16>
tnsr(config-loopback)# mac-address <mac-addr>
tnsr(config-loopback)# description <rest>

Remove Loopback interface

tnsr(config)# no interface <loop<n>>
tnsr(config)# no interface loopback <loopback-name>

Bridge Mode

Enter Bridge Mode

tnsr(config)# interface bridge <bdi>
tnsr(config-bridge)#

Bridge Mode commands

tnsr(config-bridge)# [no] arp entry ip <ip-addr> mac <mac-addr>
tnsr(config-bridge)# [no] arp term
tnsr(config-bridge)# [no] description <text>
tnsr(config-bridge)# [no] flood
tnsr(config-bridge)# [no] forward
tnsr(config-bridge)# [no] learn
tnsr(config-bridge)# [no] mac-age <mins>
tnsr(config-bridge)# [no] rewrite
tnsr(config-bridge)# [no] uu-flood

Remove Bridge

tnsr(config)# no interface bridge <bdi>

NAT Commands in Configure Mode

tnsr(config)# [no] nat global-options nat44 forwarding (true|false)
tnsr(config)# [no] nat global-options timeouts (icmp|tcp_established|tcp_transitory|udp) <seconds>
tnsr(config)# [no] nat ipfix logging enable
tnsr(config)# [no] nat ipfix logging domain <domain-id>
tnsr(config)# [no] nat ipfix logging src-port <src-port>
tnsr(config)# [no] nat nat64 map <domain-name>
tnsr(config)# [no] nat nat64 map parameters
tnsr(config)# [no] nat pool address <ip-first> [- <ip-last>] [twice-nat] [route-table <rt-tbl-name>]
tnsr(config)# [no] nat pool interface <if-name> [twice-nat]
tnsr(config)# [no] nat static mapping (icmp|udp|tcp) local <ip-local> [<port-local>]
                   external (<ip-external>|<if-name>) [<port-external>]
                   [twice-nat] [out-to-in-only] [route-table <rt-tbl-name>]

Tap Mode

Enter Tap Mode

tnsr(config)# interface tap <tap-name>
tnsr(config-tap)#

Tap Mode commands

tnsr(config-tap)# [no] host bridge <bridge-name>
tnsr(config-tap)# [no] host ipv4 gateway <ipv4-addr>
tnsr(config-tap)# [no] host ipv4 prefix <ipv4-prefix>
tnsr(config-tap)# [no] host ipv6 gateway <ipv6-addr>
tnsr(config-tap)# [no] host ipv6 prefix <ipv6-prefix>
tnsr(config-tap)# [no] host mac-address <host-mac-address>
tnsr(config-tap)# [no] host name-space <netns>
tnsr(config-tap)# [no] instance <instance>
tnsr(config-tap)# [no] mac-address <mac-address>
tnsr(config-tap)# [no] rx-ring-size <size>
tnsr(config-tap)# [no] tx-ring-size <size>

Remove Tap

tnsr(config)# no interface tap <tap-name>

BFD Key Mode

Enter BFD Key Mode

tnsr(config)# bfd conf-key-id <conf-key-id>
tnsr(config-bfd-key)#

BFD Key Mode Commands

tnsr(config-bfd-key)# authentication type (keyed-sha1|meticulous-keyed-sha1)
tnsr(config-bfd-key)# secret < (<hex-pair>)[1-20] >

Remove BFD Key Configuration

tnsr(config)# no bfd conf-key-id <conf-key-id>

BFD Mode

Enter BFD Mode

tnsr(config)# bfd session <bfd-session>
tnsr(config-bfd)#

BFD Mode Commands

tnsr(config-bfd)# [no] bfd-key-id <bfd-key-id>
tnsr(config-bfd)# [no] conf-key-id <conf-key-id>
tnsr(config-bfd)# delayed (true|false)
tnsr(config-bfd)# desired-min-tx <microseconds>
tnsr(config-bfd)# detect-multiplier <n-packets>
tnsr(config-bfd)# disable
tnsr(config-bfd)# [no] enable (true|false)
tnsr(config-bfd)# interface <if-name>
tnsr(config-bfd)# local address <ip-address>
tnsr(config-bfd)# peer address <ip-address>
tnsr(config-bfd)# remote address <ip-address>
tnsr(config-bfd)# required-min-rx <microseconds>

Remove BFD Configuration

tnsr(config)# no bfd session <bfd-session>

Change BFD Admin State

tnsr# bfd session <bfd-session>
tnsr(config-bfd)# enable false
tnsr(config-bfd)# enable true
tnsr(config-bfd)#

Change BFD Authentication

tnsr(config)# bfd session <bfd-session>
tnsr(config-bfd)# bfd-key-id <bfd-key-id>
tnsr(config-bfd)# conf-key-id <conf-key-id>
tnsr(config-bfd)# delayed (true|false)

Host Interface Mode

Enter Host Interface Mode

tnsr(config)# host interface <if-name>
tnsr(config-host-if)#

Host Interface Mode Commands

tnsr(config-host-if)# [no] description <text>
tnsr(config-host-if)# disable
tnsr(config-host-if)# [no] enable
tnsr(config-host-if)# [no] ip address <ipv4-prefix>
tnsr(config-host-if)# [no] ip dhcp-client (enable|disable)
tnsr(config-host-if)# [no] ip dhcp-client hostname <name>
tnsr(config-host-if)# [no] ipv6 address <ipv6-prefix>
tnsr(config-host-if)# [no] ipv6 dhcp-client (enable|disable)
tnsr(config-host-if)# mtu <mtu-value>

Remove Host Interface

tnsr(config)# no host interface <if-name>

Host Route Table Mode

Enter Host Route Table Mode

tnsr(config)# host route table default
tnsr(config-host-route-table)#

Host Route Table Mode Commands

tnsr(config-host-route-table)# [no] description <text>
tnsr(config-host-route-table)# [no] interface <host-if>

Host Route Mode

Enter Host Route Mode

tnsr(config-host-route-table)# interface <host-if>
tnsr(config-host-route)#

Host Route Mode Commands

tnsr(config-host-route)# [no] route (<ip4-prefix>|<ip6-prefix>)

Remove Host Routes from Interface

tnsr(config-host-route-table)# no interface <host-if>

Host Route IPv4/IPv6 Mode

Enter Host Route IPv4/IPv6 Mode

tnsr(config-host-route)# route (<ip4-prefix>|<ip6-prefix>)
tnsr(config-host-route-ip46)#

Host Route IPv4/IPv6 Mode Commands

tnsr(config-host-route-ip46)# [no] advertised-receive-window <1..max>
tnsr(config-host-route-ip46)# [no] congestion-window <1..max>
tnsr(config-host-route-ip46)# [no] description <text>
tnsr(config-host-route-ip46)# [no] from <ipv[46]-addr>
tnsr(config-host-route-ip46)# [no] metric <1..max>
tnsr(config-host-route-ip46)# [no] mtu <1..max>
tnsr(config-host-route-ip46)# [no] on-link
tnsr(config-host-route-ip46)# [no] scope (global|link|host)
tnsr(config-host-route-ip46)# [no] table <1..max>
tnsr(config-host-route-ip46)# [no] type (unicast|anycast|blackhole|broadcast
                                    |local|multicast|prohibit|throw|unreachable)
tnsr(config-host-route-ip46)# [no] via <gateway-ipv[46]-address>

Remove Host Route

tnsr(config-host-route)# no route (<ip4-prefix>|<ip6-prefix>)

IPsec Tunnel Mode

Enter IPsec Tunnel Mode

tnsr(config)# ipsec tunnel <tunnel-num>
tnsr(config-ipsec-tunnel)#

IPsec Tunnel Mode Commands

tnsr(config-ipsec-tunnel)# enable
tnsr(config-ipsec-tunnel)# disable
tnsr(config-ipsec-tunnel)# crypto config-type (ike|manual)
tnsr(config-ipsec-tunnel)# crypto (ike|manual)
tnsr(config-ipsec-tunnel)# [no] local-address <ip-address>
tnsr(config-ipsec-tunnel)# [no] remote-address (<ip-address>|<hostname>)

Remove IPsec Tunnel

tnsr(config)# no ipsec tunnel <tunnel-num>

IKE mode

Enter IKE mode

tnsr(config-ipsec-tunnel)# crypto ike
tnsr(config-ipsec-crypto-ike)#

IKE Mode Commands

tnsr(config-ipsec-crypto-ike)# [no] authentication (local|remote)
tnsr(config-ipsec-crypto-ike)# [no] child <name>
tnsr(config-ipsec-crypto-ike)# [no] dpd-interval <dpd-poll-interval>
tnsr(config-ipsec-crypto-ike)# [no] identity (local|remote)
tnsr(config-ipsec-crypto-ike)# [no] key-renewal (reauth|rekey)
tnsr(config-ipsec-crypto-ike)# lifetime <seconds>
tnsr(config-ipsec-crypto-ike)# no lifetime
tnsr(config-ipsec-crypto-ike)# [no] mobike
tnsr(config-ipsec-crypto-ike)# [no] proposal <number>
tnsr(config-ipsec-crypto-ike)# [no] remote-access address-pools (ipv4-range|ipv6-range) <first-addr> to <last-addr>
tnsr(config-ipsec-crypto-ike)# [no] remote-access address-pools radius
tnsr(config-ipsec-crypto-ike)# remote-access dns internal-domain <num> domain-name <domain-name>
tnsr(config-ipsec-crypto-ike)# [no] remote-access dns internal-domain <num> [domain-name <domain-name>]
tnsr(config-ipsec-crypto-ike)# remote-access dns resolver <num> address <address>
tnsr(config-ipsec-crypto-ike)# [no] remote-access dns resolver <num> [address <address>]
tnsr(config-ipsec-crypto-ike)# [no] udp-encapsulation
tnsr(config-ipsec-crypto-ike)# [no] unique-id-policy (keep|never|no|replace)
tnsr(config-ipsec-crypto-ike)# version (1|2)
tnsr(config-ipsec-crypto-ike)# no version

Remove IKE configuration

tnsr(config-ipsec-tunnel)# no crypto ike

IKE Peer Authentication Mode

Enter IKE Peer Authentication Mode

tnsr(config-ipsec-crypto-ike)# authentication (local|remote)
tnsr(config-ike-authentication)#

IKE Peer Authentication Mode Commands

tnsr(config-ike-authentication)# [no] round (1|2)

Remove IKE Peer Authentication Configuration

tnsr(config-ipsec-crypto-ike)# no authentication (local|remote)

IKE Peer Authentication Round Mode

Enter IKE Peer Authentication Round Mode

tnsr(config-ike-authentication)# round (1|2)
tnsr(config-ike-authentication-round)#

IKE Peer Authentication Round Mode Commands

tnsr(config-ike-authentication-round)# ca-certificate <ca-name>
tnsr(config-ike-authentication-round)# no ca-certificate
tnsr(config-ike-authentication-round)# certificate <cert-name>
tnsr(config-ike-authentication-round)# no certificate
tnsr(config-ike-authentication-round)# eap-tls-ca-certificate <ca-name>
tnsr(config-ike-authentication-round)# no eap-tls-ca-certificate
tnsr(config-ike-authentication-round)# [no] eap-radius
tnsr(config-ike-authentication-round)# psk <pre-shared-key>
tnsr(config-ike-authentication-round)# no psk

Remove IKE Peer Authentication Round Configuration

tnsr(config-ike-authentication)# no round (1|2)

IKE Child SA Mode

Enter IKE Child SA Mode

tnsr(config-ipsec-crypto-ike)# child <name>
tnsr(config-ike-child)#

IKE Child SA Mode Commands

tnsr(config-ike-child)# lifetime <seconds>
tnsr(config-ike-child)# no lifetime
tnsr(config-ike-child)# [no] proposal <number>
tnsr(config-ike-child)# [no] replay-window (0|64)
tnsr(config-ike-child)# [no] traffic-selector <num> local <prefix>

Remove IKE Child SA

tnsr(config-ipsec-crypto-ike)# no child <name>

IKE Child SA Proposal Mode

Enter IKE Child SA Proposal Mode

tnsr(config-ike-child)# proposal <number>
tnsr(config-ike-child-proposal)#

IKE Child SA Proposal Mode Commands

tnsr(config-ike-child-proposal)# encryption <crypto-algorithm>
tnsr(config-ike-child-proposal)# no encryption
tnsr(config-ike-child-proposal)# group <pfs-group>
tnsr(config-ike-child-proposal)# no group
tnsr(config-ike-child-proposal)# integrity <integrity-algorithm>
tnsr(config-ike-child-proposal)# no integrity
tnsr(config-ike-child-proposal)# sequence-number (esn|noesn)
tnsr(config-ike-child-proposal)# no sequence-number

Remove IKE Child SA Proposal

tnsr(config-ike-child)# no proposal <number>

IKE Peer Identity Mode

Enter IKE Peer Identity Mode

tnsr(config-ipsec-crypto-ike)# identity (local|remote)
tnsr(config-ike-identity)#

IKE Peer Identity Mode Commands

tnsr(config-ike-identity)# type (none|address|email|fqdn|dn|key-id)
tnsr(config-ike-identity)# no type
tnsr(config-ike-identity)# value <identity>
tnsr(config-ike-identity)# no value

Remove IKE Peer Identity Configuration

tnsr(config-ipsec-crypto-ike)# no identity (local|remote)

IKE Proposal Mode

Enter IKE Proposal Mode

tnsr(config-ipsec-crypto-ike)# proposal <number>
tnsr(config-ike-proposal)#

IKE Proposal Mode Commands

tnsr(config-ike-proposal)# encryption <crypto-algorithm>
tnsr(config-ike-proposal)# no encryption
tnsr(config-ike-proposal)# group <diffie-hellman-group>
tnsr(config-ike-proposal)# no group
tnsr(config-ike-proposal)# integrity <integrity-algorithm>
tnsr(config-ike-proposal)# no integrity
tnsr(config-ike-proposal)# prf <prf-algorithm>
tnsr(config-ike-proposal)# no prf

Remove IKE Proposal Configuration

tnsr(config-ipsec-crypto-ike)# no proposal <number>

Map Mode

Enter Map Mode

tnsr(config)# nat nat64 map <domain-name>

Map Mode Commands

tnsr(config-map)# [no] description <desc>
tnsr(config-map)# [no] embedded-address bit-length <ea-width>
tnsr(config-map)# [no] ipv4 prefix <ip4-prefix>
tnsr(config-map)# [no] ipv6 prefix <ip6-prefix>
tnsr(config-map)# [no] ipv6 source <ip6-src>
tnsr(config-map)# [no] mtu <mtu-val>
tnsr(config-map)# [no] port-set length <psid-length>
tnsr(config-map)# [no] port-set offset <psid-offset>
tnsr(config-map)# [no] rule port-set <psid> ipv6-destination <ip6-address>

Remove Map Entry

tnsr(config)# [no] nat nat64 map <domain-name>

Map Parameters Mode

Enter Map Parameters Mode

tnsr(config)# nat nat64 map parameters

Map Parameters Mode Commands

tnsr(config-map-param)# [no] fragment (inner|outer)
tnsr(config-map-param)# [no] fragment ignore-df
tnsr(config-map-param)# [no] icmp source-address <ipv4-address>
tnsr(config-map-param)# [no] icmp6 unreachable-msgs (disable|enable)
tnsr(config-map-param)# [no] pre-resolve (ipv4|ipv6) next-hop <ip46-address>
tnsr(config-map-param)# [no] security-check (disable|enable)
tnsr(config-map-param)# [no] security-check fragments (disable|enable)
tnsr(config-map-param)# [no] traffic-class copy (disable|enable)
tnsr(config-map-param)# [no] traffic-class tc <tc-value>

memif Mode

Enter memif Mode

tnsr(config)# interface memif socket <socket-id> interface <if-id>
tnsr(config-memif)#

memif mode Commands

tnsr(config-memif)# buffer-size <u16>
tnsr(config-memif)# mac-address <mac-addr>
tnsr(config-memif)# mode (ethernet|ip|punt/inject)
tnsr(config-memif)# ring-size <power-of-2>
tnsr(config-memif)# role server
tnsr(config-memif)# role client [rx-queues <u8>|tx-queues <u8>]
tnsr(config-memif)# secret <string-24>

Remove memif Interface

tnsr(config)# no interface memif socket <socket-id> interface <if-id>

Dynamic Routing Access List Mode

Enter Dynamic Routing Access List Mode

tnsr(config)# route dynamic access-list <access-list-name>
tnsr(config-access-list)#

Dynamic Routing Access List Mode Commands

tnsr(config-access-list)# [no] remark <text>
tnsr(config-access-list)# sequence <seq> (permit|deny) <ip-prefix>
tnsr(config-access-list)# no sequence <seq> [(permit|deny) [<ip-prefix>]]

Remove Dynamic Routing Access List

tnsr(config)# no route dynamic access-list <access-list-name>

Dynamic Routing Prefix List Mode

Enter Dynamic Routing Prefix List Mode

tnsr(config)# route dynamic prefix-list <pl-name>
tnsr(config-pref-list)#

Dynamic Routing Prefix List Mode Commands

tnsr(config-pref-list)# [no] descripton <text>
tnsr(config-pref-list)# sequence <seq> (permit|deny) <prefix> [ge <lower-bound>] [le <upper-bound>]
tnsr(config-pref-list)# no sequence <seq> [(permit|deny) <prefix> [ge <lower-bound>] [le <upper-bound>]]

Remove Dynamic Routing Prefix List

tnsr(config)# no route dynamic prefix-list <pl-name>

Dynamic Routing Route Map Mode

Enter Dynamic Routing Route Map

tnsr(config)# route dynamic route-map <route-map-name>
tnsr(config-route-map)#

Dynamic Routing Route Map Mode Commands

tnsr(config-route-map)# [no] description <string>
tnsr(config-route-map)# [no] sequence <number>

Remove Dynamic Routing Route Map

tnsr(config-route-map)# no route dynamic route-map <route-map-name>

Enter Dynamic Routing Route Map Rule Mode

tnsr(config-route-map)# sequence <number>
tnsr(config-route-map-rule)#

Dynamic Routing Route Map Rule Mode Commands

tnsr(config-route-map-rule)# [no] description <string>
tnsr(config-route-map-rule)# [no] policy (deny|permit)

tnsr(config-route-map-rule)# [no] match as-path <as-path-name>
tnsr(config-route-map-rule)# [no] match community <comm-list-name> [exact-match]
tnsr(config-route-map-rule)# [no] match extcommunity <extcomm-list-name>
tnsr(config-route-map-rule)# [no] match interface <if-name>
tnsr(config-route-map-rule)# [no] match ip address access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ip address prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match ip next-hop access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ip next-hop <ipv4-address>
tnsr(config-route-map-rule)# [no] match ip next-hop prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match ipv6 address access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ipv6 address prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match large-community <large-comm-list-name>
tnsr(config-route-map-rule)# [no] match local-preference <preference-uint32>
tnsr(config-route-map-rule)# [no] match metric <metric-uint32>
tnsr(config-route-map-rule)# [no] match origin (egp|igp|incomplete)
tnsr(config-route-map-rule)# [no] match peer <peer-ip-address>
tnsr(config-route-map-rule)# [no] match probability <percent>
tnsr(config-route-map-rule)# [no] match rpki (invalid|notfound|valid)
tnsr(config-route-map-rule)# [no] match source-protocol <src-protocol>
tnsr(config-route-map-rule)# [no] match tag <value-(1-4294967295)>

tnsr(config-route-map-rule)# [no] set aggregator as <asn> ip address <ipv4-address>
tnsr(config-route-map-rule)# [no] set as-path exclude <as-number> [<as-number> [...]]
tnsr(config-route-map-rule)# [no] set as-path prepend <as-number> [<as-number> [...]]
tnsr(config-route-map-rule)# [no] set as-path prepend last-as <asn>
tnsr(config-route-map-rule)# [no] set atomic-aggregate
tnsr(config-route-map-rule)# [no] set community none
tnsr(config-route-map-rule)# [no] set community <community-value> [additive]
tnsr(config-route-map-rule)# [no] set comm-list <community-list-name> delete
tnsr(config-route-map-rule)# [no] set extcommunity (rt|soo) <extcommunity-value>
tnsr(config-route-map-rule)# [no] set forwarding-address <ipv6-address>
tnsr(config-route-map-rule)# [no] set ip next-hop <ipv4-address>|peer-address|unchanged
tnsr(config-route-map-rule)# [no] set ipv4 vpn next-hop (<ipv4-address>|<ipv6-address>)
tnsr(config-route-map-rule)# [no] set ipv6 next-hop global <ipv6-address>
tnsr(config-route-map-rule)# [no] set ipv6 next-hop local <ipv6-address>
tnsr(config-route-map-rule)# [no] set ipv6 next-hop peer-address
tnsr(config-route-map-rule)# [no] set ipv6 next-hop prefer-global
tnsr(config-route-map-rule)# [no] set ipv6 vpn next-hop (<ipv4-address>|<ipv6-address>)
tnsr(config-route-map-rule)# [no] set large-community none
tnsr(config-route-map-rule)# [no] set large-community <large-community-value> [additive]
tnsr(config-route-map-rule)# [no] set large-comm-list <large-comm-list-name> delete
tnsr(config-route-map-rule)# [no] set local-preference <preference>
tnsr(config-route-map-rule)# [no] set metric [+]<metric-uint32>
tnsr(config-route-map-rule)# [no] set metric-type (type-1|type-2)
tnsr(config-route-map-rule)# [no] set origin (egp|igp|unknown)
tnsr(config-route-map-rule)# [no] set originator <ipv4-addr>
tnsr(config-route-map-rule)# [no] set src <ip-address>
tnsr(config-route-map-rule)# [no] set tag <tag-(1-4294967295)>
tnsr(config-route-map-rule)# [no] set weight <weight>

tnsr(config-route-map-rule)# [no] call <rt-map-name>

tnsr(config-route-map-rule)# [no] on-match next
tnsr(config-route-map-rule)# [no] on-match goto <sequence>

Remove Dynamic Routing Route Map Rule

tnsr(config-route-map-rule)# no sequence <sequence>

Dynamic Routing BGP Mode

Enter Dynamic Routing BGP Mode

tnsr(config)# route dynamic bgp
tnsr(config-frr-bgp)#

Dynamic Routing BGP Mode Commands

tnsr(config-frr-bgp)# [no] as-path <as-path-name>
tnsr(config-frr-bgp)# [no] community-list <comm-list-name> (standard|expanded)
                                  [extended|large]
tnsr(config-frr-bgp)# disable
tnsr(config-frr-bgp)# [no] enable
tnsr(config-frr-bgp)# [no] option debug (nht|update-groups)
tnsr(config-frr-bgp)# [no] option debug as4 [segment]
tnsr(config-frr-bgp)# [no] option debug bestpath <ipv6-prefix>
tnsr(config-frr-bgp)# [no] option debug keepalive [<peer>]
tnsr(config-frr-bgp)# [no] option debug neighbor-events [<peer>]
tnsr(config-frr-bgp)# [no] option debug updates
                                  [in <peer>|out <peer>|prefix (<ipv4-prefix>|<ipv6-prefix>)]
tnsr(config-frr-bgp)# [no] option debug zebra [prefix (<ipv4-prefix>|<ipv6-prefix>)]
tnsr(config-frr-bgp)# [no] route-map delay-timer <interval-sec>
tnsr(config-frr-bgp)# [no] rpki
tnsr(config-frr-bgp)# [no] server vrf <vrf-name>
tnsr(config-frr-bgp)# session clear [vrf <vrf-name>] (*|<peer>|<asn>) [soft]

Dynamic Routing BGP Server Mode

Enter Dynamic Routing BGP Server Mode

tnsr(config-frr-bgp)# server vrf <vrf-name>
tnsr(config-bgp)#

Dynamic Routing BGP Server Mode Commands

tnsr(config-bgp)# [no] address-family (ipv4|ipv6) (unicast|multicast)
tnsr(config-bgp)# [no] allow-martian-nexthop
tnsr(config-bgp)# [no] always-compare-med
tnsr(config-bgp)# [no] as-number <asn>
tnsr(config-bgp)# [no] bestpath as-path (confed|ignore|multipath-relax|as-set|no-as-set)
tnsr(config-bgp)# [no] bestpath compare-routerid
tnsr(config-bgp)# [no] bestpath med [confed|missing-as-worst]
tnsr(config-bgp)# [no] client-to-client reflection
tnsr(config-bgp)# [no] cluster-id (<ipv4>|<value>)
tnsr(config-bgp)# [no] coalesce-time <value>
tnsr(config-bgp)# [no] confederation identifier <asn>
tnsr(config-bgp)# [no] confederation peer <asn>
tnsr(config-bgp)# [no] dampening [penalty <value> [reuse <value> [suppress <value>
                         [maximum <value>]]]]
tnsr(config-bgp)# [no] deterministic-med
tnsr(config-bgp)# [no] disable-ebgp-connected-route-check
tnsr(config-bgp)# [no] ebgp-requires-policy
tnsr(config-bgp)# [no] graceful-restart (enable|helper|disable)
tnsr(config-bgp)# [no] graceful-restart notification
tnsr(config-bgp)# [no] graceful-restart preserve-fw-state
tnsr(config-bgp)# [no] graceful-restart restart-time <value>
tnsr(config-bgp)# [no] graceful-restart rib-stale-time <value>
tnsr(config-bgp)# [no] graceful-restart select-defer-time <value>
tnsr(config-bgp)# [no] graceful-restart stalepath-time <value>
tnsr(config-bgp)# [no] ipv4-unicast-enabled
tnsr(config-bgp)# [no] listen limit <value>
tnsr(config-bgp)# [no] listen range (<ip4-prefix>|<ip6-prefx>) peer-group <peer-group-name>
tnsr(config-bgp)# [no] log-neighbor-changes
tnsr(config-bgp)# [no] long-lived-graceful-restart-stale-time <value>
tnsr(config-bgp)# [no] max-med administrative [<med>]
tnsr(config-bgp)# [no] max-med on-startup period <seconds> [<med>]
tnsr(config-bgp)# [no] neighbor <peer>
tnsr(config-bgp)# [no] network import-check
tnsr(config-bgp)# [no] route-reflector allow-outbound-policy
tnsr(config-bgp)# [no] router-id <router-id>
tnsr(config-bgp)# [no] timers keep-alive <interval> hold-time <hold-time>
tnsr(config-bgp)# [no] update-delay <delay>
tnsr(config-bgp)# [no] write-quanta <packets>

Remove Dynamic Routing BGP Server

tnsr(config-frr-bgp)# no server vrf <vrf-name>

Dynamic Routing BGP Neighbor Mode

Enter Dynamic Routing BGP Neighbor Mode

tnsr(config-bgp)# neighbor <peer>
tnsr(config-bgp-neighbor)#

Dynamic Routing BGP Neighbor Mode Commands

tnsr(config-bgp-neighbor)# [no] advertisement-interval <interval>
tnsr(config-bgp-neighbor)# [no] bfd enabled (true|false)
tnsr(config-bgp-neighbor)# [no] capability (dynamic|extended-nexthop)
tnsr(config-bgp-neighbor)# [no] description <string>
tnsr(config-bgp-neighbor)# disable
tnsr(config-bgp-neighbor)# [no] disable-connected-check
tnsr(config-bgp-neighbor)# [no] dont-capability-negotiate
tnsr(config-bgp-neighbor)# [no] ebgp-multihop [hop-maximum <hops>]
tnsr(config-bgp-neighbor)# [no] enable
tnsr(config-bgp-neighbor)# [no] enforce-first-as
tnsr(config-bgp-neighbor)# [no] graceful-restart (enable|helper|disable)
tnsr(config-bgp-neighbor)# [no] local-as <asn> [no-prepend [replace-as]]
tnsr(config-bgp-neighbor)# [no] override-capability
tnsr(config-bgp-neighbor)# [no] passive
tnsr(config-bgp-neighbor)# [no] password <line>
tnsr(config-bgp-neighbor)# [no] peer-group [<peer-group-name>]
tnsr(config-bgp-neighbor)# [no] port <port>
tnsr(config-bgp-neighbor)# [no] remote-as <asn>
tnsr(config-bgp-neighbor)# [no] solo
tnsr(config-bgp-neighbor)# [no] strict-capability-match
tnsr(config-bgp-neighbor)# [no] timers keepalive <interval> holdtime <hold>
tnsr(config-bgp-neighbor)# [no] timers connect <seconds>
tnsr(config-bgp-neighbor)# [no] ttl-security hops <hops>
tnsr(config-bgp-neighbor)# [no] update-source (<if-name>|<ip-address>)

Remove Dynamic Routing BGP Neighbor

tnsr(config-bgp)# no neighbor <peer>

Dynamic Routing BGP Address Family Mode

Enter Dynamic Routing BGP Address Family Mode

tnsr(config-bgp)# address-family ipv4 unicast
tnsr(config-bgp-ip4uni)#
tnsr(config-bgp)# address-family ipv4 multicast
tnsr(config-bgp-ip4multi)#
tnsr(config-bgp)# address-family ipv6 unicast
tnsr(config-bgp-ip6uni)#
tnsr(config-bgp)# address-family ipv6 multicast
tnsr(config-bgp-ip6multi)#

Dynamic Routing BGP IPv4 Unicast Address Family Mode Commands

tnsr(config-bgp-ip4uni)# [no] aggregate-address <ipv4-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip4uni)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip4uni)# [no] distance administrative <dist> prefix <ipv4-prefix>
                                [access-list <access-list-name>]
tnsr(config-bgp-ip4uni)# [no] import vrf (<route-table-name>|route-map <route-map-name>)
tnsr(config-bgp-ip4uni)# [no] maximum-paths <non-ibgp-paths> [igbp <ibgp-paths>
                                [equal-cluster-length]]
tnsr(config-bgp-ip4uni)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip4uni)# [no] network <ipv4-prefix> [route-map <route-map>]
tnsr(config-bgp-ip4uni)# [no] redistribute <route-source> [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip4uni)# [no] redistribute ospf [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip4uni)# [no] table-map <route-map-name>

Dynamic Routing BGP IPv4 Multicast Address Family Mode Commands

tnsr(config-bgp-ip4multi)# [no] aggregate-address <ipv4-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip4multi)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip4multi)# [no] distance administrative <dist> prefix <ipv4-prefix>
                                [access-list <access-list-name>]
tnsr(config-bgp-ip4multi)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip4multi)# [no] network <ipv4-prefix> [route-map <route-map>]
tnsr(config-bgp-ip4multi)# [no] table-map <route-map-name>

Dynamic Routing BGP IPv6 Unicast Address Family Mode Commands

tnsr(config-bgp-ip6uni)# [no] aggregate-address <ipv6-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip6uni)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip6uni)# [no] distance administrative <dist> prefix <ipv6-prefix>
                                [access-list <access-list-name>]
tnsr(config-bgp-ip6uni)# [no] import vrf (<route-table-name>|route-map <route-map-name>)
tnsr(config-bgp-ip6uni)# [no] maximum-paths <non-ibgp-paths> [igbp <ibgp-paths>
                                [equal-cluster-length]]
tnsr(config-bgp-ip6uni)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip6uni)# [no] network <ipv6-prefix> [route-map <route-map>]
tnsr(config-bgp-ip6uni)# [no] redistribute <route-source> [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip6uni)# [no] redistribute ospf [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip6uni)# [no] table-map <route-map-name>

Dynamic Routing BGP IPv6 Multicast Address Family Mode Commands

tnsr(config-bgp-ip6multi)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip6multi)# [no] distance administrative <dist> prefix <ipv6-prefix>
                                access-list <access-list-name>
tnsr(config-bgp-ip6multi)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip6multi)# [no] network <ipv6-prefix> [route-map <route-map>]

Remove Dynamic Routing BGP Address Family

tnsr(config-bgp)# no address-family (ipv4|ipv6) (unicast|multicast)

Dynamic Routing BGP Address Family Neighbor Mode

Note

Though the samples below indicate IPv4 unicast, the same syntax is used for all address families.

Enter Dynamic Routing BGP Address Family Neighbor Mode

tnsr(config-bgp-ip4uni)# neighbor <existing-neighbor>
tnsr(config-bgp-ip4uni-nbr)#

Dynamic Routing BGP Address Family Neighbor Mode Commands

tnsr(config-bgp-ip4uni-nbr)# [no] activate
tnsr(config-bgp-ip4uni-nbr)# [no] addpath-tx-all-paths
tnsr(config-bgp-ip4uni-nbr)# [no] addpath-tx-bestpath-per-as
tnsr(config-bgp-ip4uni-nbr)# [no] allowas-in [<occurrence>|origin]
tnsr(config-bgp-ip4uni-nbr)# [no] as-override
tnsr(config-bgp-ip4uni-nbr)# [no] attribute-unchanged [as-path|next-hop|med]
tnsr(config-bgp-ip4uni-nbr)# [no] capability orf prefix-list (send|receive|both)
tnsr(config-bgp-ip4uni-nbr)# [no] default-originate [route-map <route-map>]
tnsr(config-bgp-ip4uni-nbr)# [no] distribute-list <access-list-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] filter-list <aspath-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix limit <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix restart <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix threshold <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix warning-only
tnsr(config-bgp-ip4uni-nbr)# [no] next-hop-self [force]
tnsr(config-bgp-ip4uni-nbr)# [no] prefix-list <prefix-list-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] remove-private-AS [all] [replace-AS]
tnsr(config-bgp-ip4uni-nbr)# [no] route-map <name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] route-reflector-client
tnsr(config-bgp-ip4uni-nbr)# [no] route-server-client
tnsr(config-bgp-ip4uni-nbr)# [no] send-community (standard|large|extended)
tnsr(config-bgp-ip4uni-nbr)# [no] soft-reconfiguration inbound
tnsr(config-bgp-ip4uni-nbr)# [no] unsuppress-map <route-map>
tnsr(config-bgp-ip4uni-nbr)# [no] weight <weight>

Remove Dynamic Routing BGP Address Family Neighbor

tnsr(config-bgp-ip4uni)# no neighbor <existing-neighbor>

Dynamic Routing BGP Community List Mode

Enter Dynamic Routing BGP Community List Mode

tnsr(config-frr-bgp)# community-list <name> (standard|expanded) [normal|extended|large]
tnsr(config-community-list)#

Dynamic Routing BGP Community List Mode Commands

tnsr(config-community-list)# description <text>
tnsr(config-community-list)# sequence <seq> (permit|deny) <community-value>
tnsr(config-community-list)# sequence <seq> (permit|deny) (rt|soo) <extcommunity-value>
tnsr(config-community-list)# no description [<text>]
tnsr(config-community-list)# no sequence <seq> [(permit|deny) [(rt|soo)] [<community-value>]]

Remove Dynamic Routing BGP Community List

tnsr(config-frr-bgp)# no community-list <name> (standard|expanded) [extended|large]

Dynamic Routing BGP AS Path Mode

Enter Dynamic Routing BGP AS Path Mode

tnsr(config-frr-bgp)# as-path <as-path-name>
tnsr(config-aspath)#

Dynamic Routing BGP AS Path Mode Commands

tnsr(config-aspath)# [no] rule <seq> (permit|deny) <pattern>

Remove Dynamic Routing BGP AS Path

tnsr(config-frr-bgp)# no as-path <as-path-name>

Dynamic Routing BGP RPKI Mode

Enter Dynamic Routing BGP RPKI Mode

tnsr(config-frr-bgp)# rpki
tnsr(config-rpki)#

Dynamic Routing BGP RPKI Mode Commands

tnsr(config-rpki)# cache (ssh|tcp) <host> port <port-val>
tnsr(config-rpki)# no cache [(ssh|tcp) <host> port <port-val>]
tnsr(config-rpki)# expire-interval <interval>
tnsr(config-rpki)# no expire-interval [<interval>]
tnsr(config-rpki)# polling-period <period>
tnsr(config-rpki)# no polling-period [<period>]
tnsr(config-rpki)# retry-interval <interval>
tnsr(config-rpki)# no retry-interval [<interval>]

Remove Dynamic Routing BGP RPKI Mode

tnsr(config-frr-bgp)# no rpki

Dynamic Routing BGP RPKI SSH Mode

Enter Dynamic Routing BGP RPKI SSH Mode

tnsr(config-rpki)# cache ssh <host> port <port-val>
tnsr(config-rpki-ssh)#

Dynamic Routing BGP RPKI SSH Mode Commands

tnsr(config-rpki-ssh)# preference <pref>
tnsr(config-rpki-ssh)# no preference [<pref>]
tnsr(config-rpki-ssh)# private-key <key-ref>
tnsr(config-rpki-ssh)# no private-key [<key-ref>]
tnsr(config-rpki-ssh)# server-public-key <key-ref>
tnsr(config-rpki-ssh)# no server-public-key [<key-ref>]
tnsr(config-rpki-ssh)# source <ip4addr>
tnsr(config-rpki-ssh)# no source [<ip4addr>]
tnsr(config-rpki-ssh)# user-name <name>
tnsr(config-rpki-ssh)# no user-name [<name>]

Dynamic Routing BGP RPKI TCP Mode

Enter Dynamic Routing BGP RPKI TCP Mode

tnsr(config-rpki)# cache tcp <host> port <port-val>
tnsr(config-rpki-tcp)#

Dynamic Routing BGP RPKI TCP Mode Commands

tnsr(config-rpki-tcp)# preference <pref>
tnsr(config-rpki-tcp)# no preference [<pref>]

Dynamic Routing OSPF Mode

Enter Dynamic Routing OSPF Mode

tnsr(config)# route dynamic ospf
tnsr(config-frr-ospf)#

OSPF Mode Commands

tnsr(config-frr-ospf)# [no] enable
tnsr(config-frr-ospf)# disable
tnsr(config-frr-ospf)# [no] debug (event|nssa|sr|te)
tnsr(config-frr-ospf)# [no] debug (ism|nsm) (events|status|timers)
tnsr(config-frr-ospf)# [no] debug lsa (flooding|generate|install|refresh)
tnsr(config-frr-ospf)# [no] debug packet (dd|hello|ls-acknowledgment|ls-request|ls-update)
                         (send|recv) [detail]
tnsr(config-frr-ospf)# [no] debug zebra (interface|redistribute)
tnsr(config-frr-ospf)# [no] interface <if-name>
tnsr(config-frr-ospf)# [no] server vrf <vrf-name>

Dynamic Routing OSPF Server Mode

Entering OSPF Server Mode

tnsr(config-frr-ospf)# server vrf <vrf-name>
tnsr(config-ospf)#

OSPF Server Mode Commands

tnsr(config-ospf)# [no] area <area-id>
tnsr(config-ospf)# [no] auto-cost reference-bandwidth <bw>
tnsr(config-ospf)# [no] capability opaque-lsa
tnsr(config-ospf)# [no] compatible rfc-1583-compatibility
tnsr(config-ospf)# [no] default-information originate
                         [(always|metric <val>|type (1|2)|route-map <map>)]
tnsr(config-ospf)# [no] default-metric <val>
tnsr(config-ospf)# [no] distance [(external|inter-area|intra-area)] <dist>
tnsr(config-ospf)# [no] distribution-list out
                         (bgp|connected|kernel)
                         access-list <name>
tnsr(config-ospf)# [no] log-adjacency-changes [detail]
tnsr(config-ospf)# [no] max-metric router-lsa (on-shutdown|on-startup) <seconds>
tnsr(config-ospf)# [no] neighbor <ip4-address> [(poll-interval <interval>|priority <prio>)]
tnsr(config-ospf)# [no] ospf abr-type (cisco|ibm|shortcut|standard)
tnsr(config-ospf)# [no] ospf router-id <router-id>
tnsr(config-ospf)# [no] ospf write-multiplier <write>
tnsr(config-ospf)# [no] passive-interface <if-name> [<ip4-address>]
tnsr(config-ospf)# [no] pce address
                         (<ip4-address>|domain <asn>|flags <bits>|neighbor <asn>|scope <bits>)
tnsr(config-ospf)# [no] redistribute
                         (bgp|connected|kernel)
                         [(metric <val>|route-map <map>|type <type>)]
tnsr(config-ospf)# [no] refresh timer <time>
tnsr(config-ospf)# [no] router-info as
tnsr(config-ospf)# [no] timers lsa min-arrival <min>
tnsr(config-ospf)# [no] timers throttle lsa all <delay>
tnsr(config-ospf)# [no] timers throttle spf (delay|initial-hold|maximum-hold) <val>

Remove OSPF Server Configuration

tnsr(config-frr-ospf)# no server

Dynamic Routing OSPF Interface Mode

Enter Dynamic Routing OSPF Interface Mode

tnsr(config-frr-ospf)# interface <if-name>
tnsr(config-ospf-if)#

Dynamic Routing OSPF Interface Mode Commands

tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) area <area-id>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) authentication [message-digest|null]
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) authentication-key <key>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) cost <link-cost>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) dead-interval minimal hello <multiplier>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) dead-interval <time>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) hello-interval <interval>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) message-digest-key key-id <id>
                            md5-key <key>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) mtu-ignore
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) retransmit-interval <interval>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) priority <priority>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) transmit-delay <delay>
tnsr(config-ospf-if)# [no] ip bfd enabled (true|false)
tnsr(config-ospf-if)# [no] ip network
                            (broadcast|non-broadcast|point-to-multipoint|point-to-point)

Remove Dynamic Routing OSPF Interface

tnsr(config-ospf)# no interface <if-name>

Dynamic Routing OSPF Area Mode

Enter Dynamic Routing OSPF Area Mode

tnsr(config-ospf)# area <area-id>
tnsr(config-ospf-area)#

Dynamic Routing OSPF Area Mode Commands

tnsr(config-ospf-area)# authentication [message-digest]
tnsr(config-ospf-area)# default-cost <cost>
tnsr(config-ospf-area)# export-list <acl-name>
tnsr(config-ospf-area)# filter-list (in|out) prefix-list <prefix-list-name>
tnsr(config-ospf-area)# import-list <acl-name>
tnsr(config-ospf-area)# nssa [(no-summary|translate (always|candidate|never))]
tnsr(config-ospf-area)# range <prefix> [cost <val>|not-advertise|substitute <sub-prefix>]
tnsr(config-ospf-area)# shortcut (default|disable|enable)
tnsr(config-ospf-area)# stub [no-summary]
tnsr(config-ospf-area)# virtual-link <router-id>

Remove Dynamic Routing OSPF Area

tnsr(config-ospf)# no area <area-id>

Dynamic Routing OSPF6 Mode

Enter Dynamic Routing OSPF6 Mode

tnsr(config)# route dynamic ospf6
tnsr(config-frr-ospf6)#

OSPF6 Mode Commands

tnsr(config-frr-ospf6)# [no] enable
tnsr(config-frr-ospf6)# disable
tnsr(config-frr-ospf6)# [no] debug (abr|asbr|flooding|interface)
tnsr(config-frr-ospf6)# [no] debug border-routers (area <area-id>|router <router-id>)
tnsr(config-frr-ospf6)# [no] debug lsa (as-external|inter-prefix|inter-router|intra-prefix|link|network|router|unknown) [(examine|flooding|originate)]
tnsr(config-frr-ospf6)# [no] debug message (dd|hello|ls-acknowledgment|ls-request|ls-update|unknown) (recv|send)
tnsr(config-frr-ospf6)# [no] debug neighbor [(event|state)]
tnsr(config-frr-ospf6)# [no] debug route [(inter-area|intra-area|memory|table)]
tnsr(config-frr-ospf6)# [no] debug spf (database|process|time)
tnsr(config-frr-ospf6)# [no] debug zebra [(recv|send)]
tnsr(config-frr-ospf6)# [no] interface <if-name>
tnsr(config-frr-ospf6)# [no] server vrf <vrf-name>

Dynamic Routing OSPF6 Server Mode

Entering OSPF6 Server Mode

tnsr(config-frr-ospf6)# server vrf <vrf-name>
tnsr(config-ospf6)#

OSPF6 Server Mode Commands

tnsr(config-ospf6)# [no] area <area-id>
tnsr(config-ospf6)# [no] auto-cost reference-bandwidth <bw>
tnsr(config-ospf6)# [no] default-information originate
                          [(always|metric <val>|metric-type (1|2)|route-map <map>)]
tnsr(config-ospf6)# [no] distance [(external|inter-area|intra-area)] <dist>
tnsr(config-ospf6)# [no] interface <if-name> area <area-id>
tnsr(config-ospf6)# [no] log-adjacency-changes [detail]
tnsr(config-ospf6)# [no] ospf6 router-id <router-id>
tnsr(config-ospf6)# [no] redistribute
                         (bgp|connected|kernel) [route-map <map>]
tnsr(config-ospf6)# [no] stub-router administrative
tnsr(config-ospf6)# [no] timers lsa min-arrival <min>
tnsr(config-ospf6)# [no] timers throttle spf (delay|initial-hold|maximum-hold) <val>

Remove OSPF6 Server Configuration

tnsr(config-frr-ospf6)# no server

Dynamic Routing OSPF6 Interface Mode

Enter Dynamic Routing OSPF6 Interface Mode

tnsr(config-frr-ospf6)# interface <if-name>
tnsr(config-ospf6-if)#

Dynamic Routing OSPF6 Interface Mode Commands

tnsr(config-ospf6-if)# [no] advertise prefix-list <name>
tnsr(config-ospf6-if)# [no] bfd enabled (true|false)
tnsr(config-ospf6-if)# [no] cost outgoing <outgoing-cost>
tnsr(config-ospf6-if)# [no] dead-interval <time>
tnsr(config-ospf6-if)# [no] hello-interval <interval>
tnsr(config-ospf6-if)# [no] instance-id <value>
tnsr(config-ospf6-if)# [no] mtu <value>
tnsr(config-ospf6-if)# [no] mtu-ignore
tnsr(config-ospf6-if)# [no] network (broadcast|point-to-point)
tnsr(config-ospf6-if)# [no] passive
tnsr(config-ospf6-if)# [no] priority <priority>
tnsr(config-ospf6-if)# [no] retransmit-interval <interval>
tnsr(config-ospf6-if)# [no] transmit-delay <delay>

Remove Dynamic Routing OSPF6 Interface

tnsr(config-ospf6)# no interface <if-name>

Dynamic Routing OSPF6 Area Mode

Enter Dynamic Routing OSPF6 Area Mode

tnsr(config-ospf6)# area <area-id>
tnsr(config-ospf6-area)#

Dynamic Routing OSPF6 Area Mode Commands

tnsr(config-ospf6-area)# range <prefix> [cost <val>|not-advertise]
tnsr(config-ospf6-area)# stub [no-summary]

Remove Dynamic Routing OSPF6 Area

tnsr(config-ospf6)# no area <area-id>

Dynamic Routing RIP Mode

Enter Dynamic Routing RIP Mode

tnsr(config)# route dynamic rip
tnsr(config-frr-rip)#

RIP Mode Commands

tnsr(config-frr-rip)# [no] enable
tnsr(config-frr-rip)# disable
tnsr(config-frr-rip)# [no] debug (events|zebra)
tnsr(config-frr-rip)# [no] debug packet (send|recv)
tnsr(config-frr-rip)# [no] key-chain <name>
tnsr(config-frr-rip)# [no] interface <if-name>
tnsr(config-frr-rip)# [no] server vrf <vrf-name>

Dynamic Routing RIP Server Mode

Entering RIP Server Mode

tnsr(config-frr-rip)# server vrf <vrf-name>
tnsr(config-rip)#

RIP Server Mode Commands

tnsr(config-rip)# [no] allow-ecmp
tnsr(config-rip)# [no] default-information originate
tnsr(config-rip)# [no] distance default <value>
tnsr(config-rip)# [no] distance <prefix> distance <value> [access-list <acl-name>]
tnsr(config-rip)# [no] distribution-list interface (*|<if-name>)
                        (access-list|prefix-list) (in|out) <name>
tnsr(config-rip)# [no] neighbor <ip4-address>
tnsr(config-rip)# [no] network (interface <if-name>|prefix <prefix>)
tnsr(config-rip)# [no] offset-list (*|<if-name>) (in|out) <acl-name> metric <metric>
tnsr(config-rip)# [no] passive-interface (default|<if-name>) [<ip4-address>]
tnsr(config-rip)# [no] redistribute (bgp|connected|kernel|ospf)
                        [(metric <value>|route-map <name>)]
tnsr(config-rip)# [no] route prefix <ip4-prefix>
tnsr(config-rip)# [no] route-map-filter interface (default|<if-name>) (in|out) route-map <name>
tnsr(config-rip)# [no] timers (garbage-collection|table-update|timeout) <value>
tnsr(config-rip)# [no] version (1|2)

Remove RIP Server Configuration

tnsr(config-frr-rip)# no server

Dynamic Routing RIP Interface Mode

Enter Dynamic Routing RIP Interface Mode

tnsr(config-rip)# interface <if-name>
tnsr(config-rip-if)#

Dynamic Routing RIP Interface Mode Commands

tnsr(config-rip-if)# [no] authentication key-chain
tnsr(config-rip-if)# [no] authentication mode (md5|text) [auth-length (old-ripd|rfc)]
tnsr(config-rip-if)# [no] authentication string <auth-string>
tnsr(config-rip-if)# [no] receive version (1|2|both)
tnsr(config-rip-if)# [no] send version (1|2|both)
tnsr(config-rip-if)# [no] split-horizon [poisoned-reverse]
tnsr(config-rip-if)# [no] v2-broadcast

Remove Dynamic Routing RIP Interface

tnsr(config-rip)# no interface <if-name>

Dynamic Routing RIP Key Chain Mode

Enter Dynamic Routing RIP Key Chain Mode

tnsr(config-rip)# key-chain <name>
tnsr(config-rip-key-chain)#

Dynamic Routing RIP Key Chain Mode Commands

tnsr(config-rip-key-chain)# [no] key <key-id> string <key-string>

Remove Dynamic Routing RIP Key Chain

tnsr(config-rip)# no key-chain <name>

Dynamic Routing Manager Mode

Enter Dynamic Routing Manager Mode

tnsr(config)# route dynamic manager
tnsr(config-route-dynamic-manager)#

Dynamic Routing Manager Mode Commands

tnsr(config-route-dynamic-manager)# [no] debug (events|fpm|nht)
tnsr(config-route-dynamic-manager)# [no] debug kernel [msgdump [send|receive]]
tnsr(config-route-dynamic-manager)# [no] debug packet [send|receive] [detail]
tnsr(config-route-dynamic-manager)# [no] debug rib [detail]
tnsr(config-route-dynamic-manager)# [no] (ipv4|ipv6) nht resolve-via-default
tnsr(config-route-dynamic-manager)# [no] log file <filename> [<level>]
tnsr(config-route-dynamic-manager)# [no] log syslog [<level>]

Route Table Mode

Enter Route Table Mode

tnsr(config)# route table <name>
tnsr(config-route-table)#

Route Table Mode Commands

tnsr(config-route-table)# [no] description <rest-of-line>
tnsr(config-route-table)# [no] id <n>
tnsr(config-route-table)# [no] route <destination-prefix>

Remove Route Table

tnsr(config-route-table)# no route table <name>

Route Table Next Hop Mode

Enter Route Table Next Hop Mode

tnsr(config-route-table)# route <destination-prefix>
tnsr(config-rttbl46-next-hop)#

Route Table Next Hop Mode Commands

tnsr(config-rttbl46-next-hop)# [no] description <rest-of-line>
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via <ip46-addr>
                                   [(<if-name>|next-hop-table <route-table-name>)]
                                   [weight <multi-path-weight>]
                                   [resolve-via-host] [resolve-via-attached]

tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via drop
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via local
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via null-send-unreach
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via null-send-prohibit
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> classify <classify-table-name>
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> lookup [in] route-table <route-table-name>
tnsr(config-rttbl46-next-hop)# [no] priority <admin-priority>

Remove Route Table Next Hop

tnsr(config-rttbl46-next-hop)# no next-hop <hop-id>

SPAN Mode

Enter SPAN Mode

tnsr(config)# span <if-name-src>
tnsr(config-span)#

SPAN Mode Commands

tnsr(config-span)# onto <if-name-dst> (hw|l2) (rx|tx|both|disabled)

Remove Single SPAN Destination

tnsr(config-span)# no onto <if-name-dst> [(hw|l2)]

Remove SPAN

tnsr(config)# no span <if-name-src>

VXLAN Mode

Enter VXLAN Mode

tnsr(config)# vxlan <tunnel-name>
tnsr(config-vxlan)#

VXLAN Mode Commands

tnsr(config-vxlan)# [no] destination <ip-addr>
tnsr(config-vxlan)# [no] encapsulation (ipv4|ipv6) route-table <rt-table-name>
tnsr(config-vxlan)# [no] instance <id>
tnsr(config-vxlan)# [no] multicast interface <if-name>
tnsr(config-vxlan)# [no] source <ip-addr>
tnsr(config-vxlan)# [no] vni <u24>

Remove VXLAN Tunnel

tnsr(config)# no vxlan [<tunnel-name>]

Local User Authentication Configuration Mode

Enter Local User Authentication Configuration Mode

tnsr(config)# auth user <user-name>
tnsr(config-user)#

Local User Authentication Mode Commands

tnsr(config-user)# [no] password <user-password>
tnsr(config-user)# [no] user-keys <key-name>

Remove Local Authentication User

tnsr(config)# no auth user <user-name>

RADIUS Authentication Configuration Mode

Enter RADIUS Authentication Configuration Mode

tnsr(config)# radius
tnsr(config-radius)#

RADIUS Authentication Mode Commands

tnsr(config-radius)# server name <name> host <address> [port <auth-port>] secret <secret>
                       [timeout <timeout:3-60>] [source-address <ip-addr>]
tnsr(config-radius)# no server name <name>

LDAP Authentication Configuration Mode

Enter LDAP Authentication Configuration Mode

tnsr(config)# ldap
tnsr(config-ldap)#

LDAP Authentication Mode Commands

tnsr(config-ldap)# attribute-override gecos <value>
tnsr(config-ldap)# attribute-override gidNumber <value>
tnsr(config-ldap)# attribute-override homeDirectory <value>
tnsr(config-ldap)# attribute-override loginShell <value>
tnsr(config-ldap)# attribute-override uidNumber <value>
tnsr(config-ldap)# attribute-override userPassword <value>
tnsr(config-ldap)# basedn <dn-string>
tnsr(config-ldap)# binddn <dn-string> <secret>
tnsr(config-ldap)# groupdn <dn-string>
tnsr(config-ldap)# peer-ca <ca-name>
tnsr(config-ldap)# scope (base|one|sub)
tnsr(config-ldap)# server <name> <host> [port <port>]
tnsr(config-ldap)# timeout <sec>
tnsr(config-ldap)# transport (tcp|tcl-ssltls|tcp-starttls)
tnsr(config-ldap)# version (2|3)

Authentication Server Group Configuration Mode

Enter Server Group Configuration Mode

tnsr(config)# auth server-group <group-name>
tnsr(config-auth-server-group)#

Server Group Configuration Mode Commands

tnsr(config-auth-server-group)# all-servers
tnsr(config-auth-server-group)# priority <value> (ldap|radius) <server-name>
tnsr(config-auth-server-group)# type (ldap|radius)

NTP Configuration Mode

Enter NTP Configuration Mode

tnsr(config)# ntp server
tnsr(config-ntp)#

NTP Mode Commands

tnsr(config-ntp)# [no] disable monitor
tnsr(config-ntp)# [no] enable monitor
tnsr(config-ntp)# [no] driftfile <file-path>
tnsr(config-ntp)# [no] interface sequence <seq> (drop|ignore|listen)
                    (all|interface <if-name>|prefix <ip-prefix>)
tnsr(config-ntp)# [no] logconfig sequence <seq> (add|delete|set)
                    (all|clock|peer|sync|sys) (all|events|info|statistics|status)
tnsr(config-ntp)# [no] restrict (default|<fqdn>|<ip-prefix>|source)
tnsr(config-ntp)# [no] server (address <ip-address>|host <fqdn>)
tnsr(config-ntp)# [no] statsdir <directory-path>
tnsr(config-ntp)# [no] tinker panic <n-secs>
tnsr(config-ntp)# [no] tos orphan <stratum>

Remove NTP Server

tnsr(config)# no ntp server

NTP Restrict Mode

Enter NTP Restrict Mode

tnsr(config-ntp)# restrict (default|<fqdn>|<ip-prefix>|source)

NTP Restrict Mode Commands

tnsr(config-ntp-restrict)# kod
tnsr(config-ntp-restrict)# limited
tnsr(config-ntp-restrict)# nomodify
tnsr(config-ntp-restrict)# nopeer
tnsr(config-ntp-restrict)# noquery
tnsr(config-ntp-restrict)# noserve
tnsr(config-ntp-restrict)# notrap

Remove NTP Restriction

tnsr(config-ntp)# no restrict (default|<fqdn>|<ip-prefix>|source)

NTP Upstream Server Mode

Enter NTP Upstream Server Mode

tnsr(config-ntp)# server (address <ip-address>|host <fqdn>)

NTP Upstream Server Mode Commands

tnsr(config-ntp-server)# iburst
tnsr(config-ntp-server)# maxpoll <power-of-2-sec>
tnsr(config-ntp-server)# noselect
tnsr(config-ntp-server)# operational-mode (pool|server)
tnsr(config-ntp-server)# prefer

Remove NTP Upstream Server

tnsr(config-ntp)# no server (address <ip-address>|host <fqdn>)

NACM Group Mode

Enter NACM Group Mode

tnsr(config)# nacm group <group-name>
tnsr(config-nacm-group)#

NACM Group Mode Commands

tnsr(config-nacm-group)# [no] member <user-name>

Remove NACM Group

tnsr(config)# no nacm group <group-name>

NACM Rule-list Mode

Enter NACM Rule-list Mode

tnsr(config)# nacm rule-list <rule-list-name>
tnsr(config-nacm-rule-list)#

NACM Rule-list Mode Commands

tnsr(config-nacm-rule-list)# [no] group (*|<group-name>)
tnsr(config-nacm-rule-list)# [no] rule <rule-name>

Remove NACM Rule-list

tnsr(config)# no nacm rule-list <rule-list-name>

NACM Rule Mode

Enter NACM Rule Mode

tnsr(config-nacm-rule-list)# rule <rule-name>
tnsr(config-nacm-rule)#

NACM Rule Mode Commands

tnsr(config-nacm-rule)# [no] access-operations *
tnsr(config-nacm-rule)# [no] access-operations [create] [read] [update] [delete] [exec]
tnsr(config-nacm-rule)# [no] action (deny|permit)
tnsr(config-nacm-rule)# [no] module (*|<module-name>)
tnsr(config-nacm-rule)# [no] comment <rest>
tnsr(config-nacm-rule)# [no] rpc (*|<rpc-name>)
tnsr(config-nacm-rule)# [no] notification (*|<notification-name>)
tnsr(config-nacm-rule)# [no] path <node-id>

Remove NACM Rule

tnsr(config-nacm-rule-list)# no rule <rule-name>

DHCP IPv4 Server Config Mode

tnsr(config)# dhcp4 {disable|enable}
tnsr(config)# no dhcp4 enable
tnsr(config)# [no] dhcp4 server

Enter DHCP IPv4 Server Mode

tnsr(config)# dhcp4 server
tnsr(config-kea-dhcp4)#

DHCP IPv4 Server Mode Commands

tnsr(config-kea-dhcp4)# [no] authoritative (true|false)
tnsr(config-kea-dhcp4)# [no] decline-probation-period <seconds>
tnsr(config-kea-dhcp4)# [no] description <desc>
tnsr(config-kea-dhcp4)# [no] echo-client-id <boolean>
tnsr(config-kea-dhcp4)# [no] interface listen <if-name>
tnsr(config-kea-dhcp4)# [no] interface listen *
tnsr(config-kea-dhcp4)# [no] interface socket (raw|udp)
tnsr(config-kea-dhcp4)# [no] lease filename <filename>
tnsr(config-kea-dhcp4)# [no] lease lfc-interval <seconds>
tnsr(config-kea-dhcp4)# [no] lease persist <boolean>
tnsr(config-kea-dhcp4)# [no] logging <logger-name>
tnsr(config-kea-dhcp4)# [no] match-client-id <boolean>
tnsr(config-kea-dhcp4)# [no] next-server <ipv4-address>
tnsr(config-kea-dhcp4)# [no] option <dhcp4-option>
tnsr(config-kea-dhcp4)# [no] option-def <name>
tnsr(config-kea-dhcp4)# [no] rebind-timer <seconds>
tnsr(config-kea-dhcp4)# [no] renew-timer <seconds>
tnsr(config-kea-dhcp4)# [no] valid-lifetime <seconds>

Remove DHCP IPv4 Server Configuration

tnsr(config)# no dhcp4 server

DHCP4 Subnet4 Mode

Enter DHCP4 Subnet4 Mode

tnsr(config-kea-dhcp4)# subnet <ipv4-prefix>
tnsr(config-kea-subnet4)#

DHCP4 Subnet4 Mode Commands

tnsr(config-kea-subnet4)# [no] authoritative (true|false)
tnsr(config-kea-subnet4)# [no] id <uint32>
tnsr(config-kea-subnet4)# [no] interface <if-name>
tnsr(config-kea-subnet4)# [no] option <dhcp4-option>
tnsr(config-kea-subnet4)# [no] pool <ipv4-prefix>|<ipv4-range>
tnsr(config-kea-subnet4)# [no] reservation <ipv4-address>

Remove DHCP4 IPv4 Subnet4 Configuration

tnsr(config-kea-dhcp4)# no subnet <ipv4-prefix>|<ipv4-range>

DHCP4 Subnet4 Pool Mode

Enter DHCP4 Subnet4 Pool Mode

tnsr(config-kea-subnet4)# pool <ipv4-prefix>|<ipv4-range>
tnsr(config-kea-subnet4-pool)#

DHCP4 Subnet4 Pool Mode Commands

tnsr(config-kea-subnet4-pool)# [no] option <dhcp4-option>

Remove DHCP4 IPv4 Subnet4 Pool

tnsr(config-kea-subnet4)# no pool <ipv4-prefix>|<ipv4-range>

DHCP4 Subnet4 Reservation Mode

Enter DHCP4 Subnet4 Reservation Mode

tnsr(config-kea-subnet4)# reservation <ipv4-address>
tnsr(config-kea-subnet4-reservation)#

DHCP4 Subnet4 Reservation Mode Commands

tnsr(config-kea-subnet4-reservation)# [no] hostname <hostname>
tnsr(config-kea-subnet4-reservation)# mac-address <mac-address>
tnsr(config-kea-subnet4-reservation)# [no] option <dhcp4-option>

Remove DHCP4 IPv4 Subnet4 Reservation

tnsr(config-kea-subnet4)# no reservation <ipv4-address>

Kea DHCP4, Subnet4, Pool, or Reservation Option Mode

Enter DHCP4 Option Mode

tnsr(config-kea-*)# option <dhcp4-option|option-def-nam>
tnsr(config-kea-*-opt)#

DHCP4 Option Mode Commands

tnsr(config-kea-*-opt)# [no] always-send <boolean>
tnsr(config-kea-*-opt)# [no] csv-format <boolean>
tnsr(config-kea-*-opt)# [no] data <option-data>
tnsr(config-kea-*-opt)# [no] space <space-name>

Remove DHCP4 Option Configuration

tnsr(config-kea-*)# no option <dhcp4-option>

Kea DHCP4 Option Definition Mode

Enter DHCP4 Option Definition Mode

tnsr(config-kea-dhcp4)# option-def <name>
tnsr(config-kea-dhcp4-optdef)#

DHCP4 Option Definition Mode Commands

tnsr(config-kea-dhcp4-optdef)# array <array-val>
tnsr(config-kea-dhcp4-optdef)# code <code-val>
tnsr(config-kea-dhcp4-optdef)# encapsulate <encap>
tnsr(config-kea-dhcp4-optdef)# record-types <types>
tnsr(config-kea-dhcp4-optdef)# space <space-name>
tnsr(config-kea-dhcp4-optdef)# type <type>

Remove DHCP4 Option Definition

tnsr(config-kea-dhcp4)# no option-def <name>

DHCP4 Log Mode

Enter DHCP4 Log Mode

tnsr(config-kea-dhcp4)# logging <logger-name>
tnsr(config-kea-dhcp4-log)#

DHCP4 Log Mode Commands

tnsr(config-kea-dhcp4-log)# [no] debug-level <level>
tnsr(config-kea-dhcp4-log)# [no] output <location>
tnsr(config-kea-dhcp4-log)# [no] severity (debug|error|fatal|info|warn)

Remove DHCP4 Log Configuration

tnsr(config-kea-dhcp4)# no logging <logger-name>

DHCP4 Log Output Mode

Enter DHCP4 Log Output Mode

tnsr(config-kea-dhcp4-log)# output <location>
tnsr(config-kea-dhcp4-log-out)#

DHCP4 Log Output Mode Commands

tnsr(config-kea-dhcp4-log-out)# [no] flush (false|true)
tnsr(config-kea-dhcp4-log-out)# [no] maxsize <size>
tnsr(config-kea-dhcp4-log-out)# [no] maxver <rotate>

Remove DHCP4 Log Output Configuration

tnsr(config-kea-dhcp4-log)# no output [<location>]

Unbound Server Mode

Enter Unbound Server Mode

tnsr(config)# unbound server
tnsr(config-unbound)#

Unbound Server Mode Commands

tnsr(config-unbound)# [no] caps-for-id
tnsr(config-unbound)# [no] do-ip4
tnsr(config-unbound)# [no] do-ip6
tnsr(config-unbound)# [no] do-tcp
tnsr(config-unbound)# [no] do-udp
tnsr(config-unbound)# [no] edns reassembly size <s>
tnsr(config-unbound)# [no] forward-zone <zone-name>
tnsr(config-unbound)# [no] harden (dnssec-stripped|glue)
tnsr(config-unbound)# [no] hide (version|identity)
tnsr(config-unbound)# [no] host cache (num-hosts <num> | slabs <s> | ttl <t>)
tnsr(config-unbound)# [no] interface <ip4-address>
tnsr(config-unbound)# [no] jostle timeout <t>
tnsr(config-unbound)# [no] key cache slabs <s>
tnsr(config-unbound)# [no] key prefetch
tnsr(config-unbound)# [no] message cache (size <s> | slabs <s>)
tnsr(config-unbound)# [no] message prefetch
tnsr(config-unbound)# [no] outgoing-interface <ip-address>
tnsr(config-unbound)# [no] port outgoing range <n>
tnsr(config-unbound)# [no] rrset cache (size <s> | slabs <s>)
tnsr(config-unbound)# [no] rrset-message cache ttl (minimum <min> | maximum <max>)
tnsr(config-unbound)# [no] serve-expired
tnsr(config-unbound)# [no] socket receive-buffer size <s>
tnsr(config-unbound)# [no] tcp buffers (incoming <n> | outgoing <n>)
tnsr(config-unbound)# [no] thread (num-queries <n> | num-threads <n> |
                         unwanted-reply-threshold <threshold>)
tnsr(config-unbound)# [no] verbosity <level-0..5>

Remove Unbound Server

tnsr(config)# no unbound server

Unbound Forward-Zone Mode

Enter Unbound Forward-Zone Mode

tnsr(config-unbound)# forward-zone <zone-name>
tnsr(config-unbound-fwd-zone)#

Unbound Forward-Zone Mode Commands

tnsr(config-unbound-fwd-zone)# [no] forward-first
tnsr(config-unbound-fwd-zone)# [no] forward-tls-upstream
tnsr(config-unbound-fwd-zone)# [no] nameserver address <ip-address> [port <port>] [auth-name <name>]
tnsr(config-unbound-fwd-zone)# [no] nameserver host <host-name>

Remove Unbound Forward-Zone

tnsr(config-unbound)# no forward-zone <zone-name>

Subif Mode

Enter Subif Mode

tnsr(config)# interface subif <if-name> <subid>
tnsr(config-subif)#

Subif Mode Commands

tnsr(config-subif)# default
tnsr(config-subif)# dot1q <outer-vlan-id>
tnsr(config-subif)# exact-match
tnsr(config-subif)# inner-dot1q (inner-vlan-id>|any)
tnsr(config-subif)# outer-dot1ad <outer-vlan-id>
tnsr(config-subif)# outer-dot1q <outer-vlan-id>

Remove Subif

tnsr(config)# no interface subif <if-name> <subid>

Bond Mode

Enter Bond Mode

tnsr(config)# interface bond <instance>
tnsr(config-bond)#

Bond Mode Commands

tnsr(config-bond)# [no] load-balance (l2|l23|l34)
tnsr(config-bond)# [no] mode (round-robin|active-backup|xor|broadcast|lacp)
tnsr(config-bond)# [no] mac-address <mac-address>

Remove Bond

tnsr(config)# no interface bond <instance>

Host ACL Mode

Enter Host ACL Mode

tnsr(config)# host acl <acl-name>
tnsr(config-host-acl)#

Host ACL Mode Commands

tnsr(config-host-acl)# [no] description <text>
tnsr(config-host-acl)# [no] rule <rule-seq>
tnsr(config-host-acl)# [no] sequence <acl-seq>

Remove Host ACL

tnsr(config)# no host acl <acl-name>

Host ACL Rule Mode

Enter Host ACL Rule Mode

tnsr(config-host-acl)# rule <rule-seq>
tnsr(config-host-acl-rule)#

Host ACL Rule Mode Commands

tnsr(config-host-acl-rule)# [no] action (deny|permit)
tnsr(config-host-acl-rule)# [no] description <text>
tnsr(config-host-acl-rule)# [no] match input-interface <host-interface>
tnsr(config-host-acl-rule)# [no] match ip address (source|destination) <prefix>
tnsr(config-host-acl-rule)# [no] match ip icmp type
                              (address-mask-reply|address-mask-request|destination-unreachable|
                               echo-reply|echo-request|info-reply|info-request|parameter-problem|
                               redirect|router-advertisement|router-solicitation|source-quench|
                               time-exceeded|timestamp-reply|timestamp-request) [code <code>]
tnsr(config-host-acl-rule)# [no] match ip icmpv6 type
                              (destination-unreachable|echo-reply|echo-request|
                               mld-listener-query|mld-listener-reduction|mld-listener-report|
                               nd-neighbor-advert|nd-neighbor-solicit|nd-redirect|
                               nd-router-advert|nd-router-solicit|packet-too-big|
                               parameter-problem|router-renumbering|time-exceeded) [code <code>]
tnsr(config-host-acl-rule)# [no] match ip port (source|destination) <port-num>
tnsr(config-host-acl-rule)# [no] match ip port (source|destination) range start <low-port-num>
                              [end <high-port-num>]
tnsr(config-host-acl-rule)# [no] match ip protocol (icmp|tcp|udp|<proto-number>)
tnsr(config-host-acl-rule)# [no] match ip tcp flag (ack|cwr|ece|fin|psh|rst|syn|urg)
tnsr(config-host-acl-rule)# [no] match ip version (4|6)
tnsr(config-host-acl-rule)# [no] match mac address (source|destination) <mac>

Remove Host ACL Rule

tnsr(config-host-acl)# no rule <rule-seq>

VRRP Mode

Enter VRRP Mode

IPv4:

tnsr(config-interface)# ip vrrp-virtual-router <vrid>
tnsr(config-vrrp4)#

IPv6:

tnsr(config-interface)# ipv6 vrrp-virtual-router <vrid>
tnsr(config-vrrp6)#

VRRP Mode Commands

tnsr(config-vrrp46)# [no] accept-mode (false|true)
tnsr(config-vrrp46)# [no] preempt (false|true)
tnsr(config-vrrp46)# [no] priority <priority>
tnsr(config-vrrp46)# [no] track-interface <interface> priority-decrement <value>
tnsr(config-vrrp46)# [no] v3-advertisement-interval <advertise-interval-centi-sec>
tnsr(config-vrrp46)# [no] virtual-address <ipv4-address>

Remove VRRP

IPv4:

tnsr(config-interface)# no ip vrrp-virtual-router [<vrid>]

IPv6:

tnsr(config-interface)# no ipv6 vrrp-virtual-router [<vrid>]

DNS Resolver Mode

Enter DNS Resolver Mode

tnsr(config)# system dns-resolver (dataplane|host)
tnsr(config-dns-resolver)#

DNS Resolver Mode Commands

tnsr(config-dns-resolver)# [no] search <domain>
tnsr(config-dns-resolver)# [no] server <name> <ip-addr>

Remove DNS Resolver Configuration

tnsr(config)# no system dns-resolver (dataplane|host)

IPFIX Exporter Mode

Enter IPFIX Exporter Mode

tnsr(config)# ipfix exporter <name>
tnsr(config-ipfix-exporter)#

IPFIX Exporter Mode Commands

tnsr(config-ipfix-exporter)# [no] checksum (true|false)
tnsr(config-ipfix-exporter)# [no] collector <ip4-addr> port <port>
tnsr(config-ipfix-exporter)# [no] pmtu <mtu:68-1450>
tnsr(config-ipfix-exporter)# [no] source <ip4-addr>
tnsr(config-ipfix-exporter)# [no] template-interval <sec>
tnsr(config-ipfix-exporter)# [no] vrf <vrf-name>

Remove IPFIX Exporter Configuration

tnsr(config)# no ipfix exporter <name>

IPFIX Observation Point Mode

Enter IPFIX Observation Point Mode

tnsr(config)# ipfix observation-point <name>
tnsr(config-ipfix-obs-pt)#

IPFIX Observation Point Mode Commands

tnsr(config-ipfix-obs-pt)# direction (both|egress|ingress)
tnsr(config-ipfix-obs-pt)# interface <if-name>

Remove IPFIX Observation Point Configuration

tnsr(config)# no ipfix observation-point <name>

IPFIX Selection Process Mode

Enter IPFIX Selection Process Mode

tnsr(config)# ipfix selection-process <name>
tnsr(config-ipfix-sel-proc)#

IPFIX Selection Process Mode Commands

tnsr(config-ipfix-sel-proc)# selector (all|ipv4|ipv6)

Remove IPFIX Selection Process Configuration

tnsr(config)# no ipfix selection-process <name>

IPFIX Cache Mode

Enter IPFIX Cache Mode

tnsr(config)# ipfix cache <name>
tnsr(config-ipfix-cache)#

IPFIX Cache Mode Commands

tnsr(config-ipfix-cache)# [no] timeout-cache active-timeout <seconds>
tnsr(config-ipfix-cache)# [no] timeout-cache idle-timeout <seconds>

Remove IPFIX Cache Configuration

tnsr(config)# no ipfix cache <name>

RESTCONF mode

Enter RESTCONF mode

tnsr(config)# restconf
tnsr(config-restconf)#

RESTCONF Mode Commands

tnsr(config-restconf)# enable (true|false)
tnsr(config-restconf)# global authentication-type (client-certificate|user)
tnsr(config-restconf)# global server-ca-cert-path <ca-name>
tnsr(config-restconf)# global server-certificate <cert-name>
tnsr(config-restconf)# global server-key <key-name>
tnsr(config-restconf)# server (host|dataplane) <ip-address> <port> (true|false)

WireGuard Mode

Enter WireGuard Mode

tnsr(config)# interface wireguard <instance>
tnsr(config-wireguard)#

WireGuard Mode Commands

tnsr(config-wireguard)# description <desc>
tnsr(config-wireguard)# peer <peer-id>
tnsr(config-wireguard)# port <port-value>
tnsr(config-wireguard)# private-key base64 <key>
tnsr(config-wireguard)# private-key generate
tnsr(config-wireguard)# source-address <ip-addr>

WireGuard Peer Mode

Enter WireGuard Peer Mode

tnsr(config-wireguard)# peer <peer-id>
tnsr(config-wireguard-peer)#

WireGuard Peer Mode Commands

tnsr(config-wireguard-peer)# allowed-prefix <prefix>
tnsr(config-wireguard-peer)# description <desc>
tnsr(config-wireguard-peer)# endpoint-address <endpoint-addr>
tnsr(config-wireguard-peer)# keep-alive <interval>
tnsr(config-wireguard-peer)# public-key base64 <key>
tnsr(config-wireguard-peer)# route-table <table-name>

Tunnel Next Hop Mode

Enter Tunnel Next Hop Mode

tnsr(config)# [no] tunnel next-hops <interface>
tnsr(config-tunnel-nh-if)#

Tunnel Next Hop Mode Commands

tnsr(config-tunnel-nh-if)# [no] ipv4-tunnel-destination <inner-address> ipv4-next-hop-address <outer-address>
tnsr(config-tunnel-nh-if)# [no] ipv6-tunnel-destination <inner-address> ipv6-next-hop-address <outer-address>

IPIP Tunnel Mode

Enter IPIP Tunnel Mode

tnsr(config)# [no] tunnel ipip <instance>
tnsr(config-ipip)#

IPIP Tunnel Mode Commands

tnsr(config-ipip)# [no] destination (ipv4|ipv6) (address|hostname) <remote-address>
tnsr(config-ipip)# [no] encapsulation route-table <route-table-name>
tnsr(config-ipip)# [no] encapsulation copy-dscp
tnsr(config-ipip)# [no] encapsulation dscp <uint8>
tnsr(config-ipip)# [no] encapsulation set-df
tnsr(config-ipip)# [no] source (ipv4|ipv6) address <local-address>

ACL-Based Forwarding Interface Attachment Mode

Enter ACL-Based Forwarding Interface Attachment Mode

tnsr(config)# route acl-based-forwarding interface <if-name>
tnsr(config-abf-interface)#

ACL-Based Forwarding Interface Attachment Mode Commands

tnsr(config)# policy <policy-id> (ipv4|ipv6) priority <uint32>
tnsr(config)# no policy <policy-id> [(ipv4|ipv6) priority <uint32>]

ACL-Based Forwarding Policy Mode

Enter ACL-Based Forwarding Policy Mode

tnsr(config)# route acl-based-forwarding policy <id>
tnsr(config-abf-policy)#

ACL-Based Forwarding Policy Mode Commands

tnsr(config-abf-policy)# [no] acl <acl-name>
tnsr(config-abf-policy)# [no] (ipv4-next-hop|ipv6-next-hop) <hop-id>

ACL-Based Forwarding Policy Next Hop Mode

Enter ACL-Based Forwarding Policy Next Hop Mode

tnsr(config-abf-policy)# ipv4-next-hop <id>
tnsr(config-abf-policy-ipv4-nh)#
tnsr(config-abf-policy)# ipv6-next-hop <id>
tnsr(config-abf-policy-ipv6-nh)#

ACL-Based Forwarding Policy Next Hop Mode Commands

tnsr(config-abf-policy-ipv46-nh)# [no] drop
tnsr(config-abf-policy-ipv46-nh)# [no] interface <if-name>
tnsr(config-abf-policy-ipv46-nh)# [no] (ipv4-address|ipv6-address) <addr>
tnsr(config-abf-policy-ipv46-nh)# [no] local
tnsr(config-abf-policy-ipv46-nh)# [no] prohibited
tnsr(config-abf-policy-ipv46-nh)# [no] unreachable
tnsr(config-abf-policy-ipv46-nh)# [no] weight <uint8>

vHost User Interface Mode

Enter vHost User Interface Mode

tnsr(config)# interface vhost-user <instance>
tnsr(config-vhost-user)#

vHost User Interface Mode Commands

tnsr(config-vhost-user)# [no] sock-filename <sock-filename-val>
tnsr(config-vhost-user)# [no] server-mode
tnsr(config-vhost-user)# [no] disable (merge-rx-buffers|indirect-descriptors)
tnsr(config-vhost-user)# [no] enable (gso|packed-ring|event-index)

Remote Logging Mode

Enter Remote Logging Mode

tnsr(config)# logging remote-server <name>
tnsr(config-log-remote)#

Remote Logging Mode Commands

tnsr(config-log-remote)# address (<fqdn>|<ipv4-addr>|<ipv6-addr>)
tnsr(config-log-remote)# port <port>
tnsr(config-log-remote)# transport-protocol (tcp|udp)
tnsr(config-log-remote)# filter syslog-facility (all|<facility-name>)
                         [priority <priority-name>]

VPF Filter Ruleset Mode

Enter VPF Filter Ruleset Mode

tnsr(config)# vpf filter ruleset <name>
tnsr(config-vpf-filter-ruleset)#

VPF Filter Ruleset Mode Commands

tnsr(config-vpf-filter-ruleset)# description <text>
tnsr(config-vpf-filter-ruleset)# no description
tnsr(config-vpf-filter-ruleset)# rule <seq>
tnsr(config-vpf-filter-ruleset)# no rule [<seq>]

VPF Filter Rule Mode

Enter VPF Filter Rule Mode

tnsr(config-vpf-filter-ruleset)# rule <seq>
tnsr(config-vpf-filter-rule)#

VPF Filter Rule Mode Commands

tnsr(config-vpf-filter-rule)# description <text>
tnsr(config-vpf-filter-rule)# no description
tnsr(config-vpf-filter-rule)# dest-route-table <route-table>
tnsr(config-vpf-filter-rule)# no dest-route-table [<route-table>]
tnsr(config-vpf-filter-rule)# from ifaddrs <if-name>
tnsr(config-vpf-filter-rule)# no from ifaddrs [<if-name>]
tnsr(config-vpf-filter-rule)# [no] from inverted
tnsr(config-vpf-filter-rule)# from port <start-port> [<end-port>]
tnsr(config-vpf-filter-rule)# no from port [<start-port> [<end-port>]]
tnsr(config-vpf-filter-rule)# from (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-filter-rule)# no from (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-filter-rule)# from table <name>
tnsr(config-vpf-filter-rule)# no from table [<name>]
tnsr(config-vpf-filter-rule)# no from
tnsr(config-vpf-filter-rule)# direction (both|in|out)
tnsr(config-vpf-filter-rule)# no direction [(both|in|out)]
tnsr(config-vpf-filter-rule)# icmp (code|type) <value>
tnsr(config-vpf-filter-rule)# no icmp [(code|type) [<value>]]
tnsr(config-vpf-filter-rule)# ip-version (ipv4|ipv6)
tnsr(config-vpf-filter-rule)# no ip-version [(ipv4|ipv6)]
tnsr(config-vpf-filter-rule)# [no] pass
tnsr(config-vpf-filter-rule)# protocol <values>
tnsr(config-vpf-filter-rule)# no protocol [<values>]
tnsr(config-vpf-filter-rule)# [no] return-icmp
tnsr(config-vpf-filter-rule)# [no] return-rst
tnsr(config-vpf-filter-rule)# [no] stateful
tnsr(config-vpf-filter-rule)# tcp flags mask <flag-name> [<flag-name> [...]]
tnsr(config-vpf-filter-rule)# no tcp flags [mask [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-filter-rule)# tcp flags value <flag-name> [<flag-name> [...]]
tnsr(config-vpf-filter-rule)# no tcp flags [value [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-filter-rule)# no tcp
tnsr(config-vpf-filter-rule)# [no] tentative
tnsr(config-vpf-filter-rule)# to ifaddrs <if-name>
tnsr(config-vpf-filter-rule)# no to ifaddrs [<if-name>]
tnsr(config-vpf-filter-rule)# [no] to inverted
tnsr(config-vpf-filter-rule)# to port <start-port> [<end-port>]
tnsr(config-vpf-filter-rule)# no to port [<start-port> [<end-port>]]
tnsr(config-vpf-filter-rule)# to (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-filter-rule)# no to (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-filter-rule)# to table <name>
tnsr(config-vpf-filter-rule)# no to table [<name>]
tnsr(config-vpf-filter-rule)# no to

VPF IPFIX Configuration Mode

Enter VPF IPFIX Configuration Mode

tnsr(config)# vpf ipfix
tnsr(config-vpf-ipfix)#

VPF IPFIX Configuration Mode Commands

tnsr(config-vpf-ipfix)# (disable|enable)
tnsr(config-vpf-ipfix)# domain <value>
tnsr(config-vpf-ipfix)# no domain [<value>]
tnsr(config-vpf-ipfix)# src-port <port-number>
tnsr(config-vpf-ipfix)# no src-port [<port-number>]

VPF NAT Ruleset Mode

Enter VPF NAT Ruleset Mode

tnsr(config)# vpf nat ruleset <name>
tnsr(config-vpf-nat-ruleset)#

VPF NAT Ruleset Mode Commands

tnsr(config-vpf-nat-ruleset)# description <text>
tnsr(config-vpf-nat-ruleset)# no description
tnsr(config-vpf-nat-ruleset)# rule <seq>
tnsr(config-vpf-nat-ruleset)# no rule [<seq>]

VPF NAT Rules Mode

Enter VPF NAT Rules Mode

tnsr(config-vpf-nat-ruleset)# rule <seq>
tnsr(config-vpf-nat-rule)#

VPF NAT Rules Mode Commands

tnsr(config-vpf-nat-rule)# [no] algorithm (ip-hash|netmap|npt66|one-to-one|round-robin)
tnsr(config-vpf-nat-rule)# description <text>
tnsr(config-vpf-nat-rule)# no description
tnsr(config-vpf-nat-rule)# dest-route-table <route-table>
tnsr(config-vpf-nat-rule)# no dest-route-table [<route-table>]
tnsr(config-vpf-nat-rule)# direction (in|out)
tnsr(config-vpf-nat-rule)# [no] dynamic
tnsr(config-vpf-nat-rule)# from ifaddrs <if-name>
tnsr(config-vpf-nat-rule)# no from ifaddrs [<if-name>]
tnsr(config-vpf-nat-rule)# [no] from inverted
tnsr(config-vpf-nat-rule)# from port <start-port> [<end-port>]
tnsr(config-vpf-nat-rule)# no from port [<start-port> [<end-port>]]
tnsr(config-vpf-nat-rule)# from (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-nat-rule)# no from (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-nat-rule)# from table <name>
tnsr(config-vpf-nat-rule)# no from table [<name>]
tnsr(config-vpf-nat-rule)# no from
tnsr(config-vpf-nat-rule)# icmp (code|type) <value>
tnsr(config-vpf-nat-rule)# no icmp [(code|type) [<value>]]
tnsr(config-vpf-nat-rule)# nat-interface <name>
tnsr(config-vpf-nat-rule)# no nat-interface [<name>]
tnsr(config-vpf-nat-rule)# nat-port <port-number>
tnsr(config-vpf-nat-rule)# no nat-port [<port-number>]
tnsr(config-vpf-nat-rule)# nat-prefix <ip-prefix>
tnsr(config-vpf-nat-rule)# no nat-prefix [<ip-prefix>]
tnsr(config-vpf-nat-rule)# nat-table <name>
tnsr(config-vpf-nat-rule)# no nat-table [<name>]
tnsr(config-vpf-nat-rule)# [no] no-port-translation
tnsr(config-vpf-nat-rule)# protocol <values>
tnsr(config-vpf-nat-rule)# no protocol [<values>]
tnsr(config-vpf-nat-rule)# tcp flags mask <flag-name> [<flag-name> [...]]
tnsr(config-vpf-nat-rule)# no tcp flags [mask [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-nat-rule)# tcp flags value <flag-name> [<flag-name> [...]]
tnsr(config-vpf-nat-rule)# no tcp flags [value [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-nat-rule)# to ifaddrs <if-name>
tnsr(config-vpf-nat-rule)# no to ifaddrs [<if-name>]
tnsr(config-vpf-nat-rule)# [no] to inverted
tnsr(config-vpf-nat-rule)# to port <start-port> [<end-port>]
tnsr(config-vpf-nat-rule)# no to port [<start-port> [<end-port>]]
tnsr(config-vpf-nat-rule)# to (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-nat-rule)# no to (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-nat-rule)# to table <name>
tnsr(config-vpf-nat-rule)# no to table [<name>]
tnsr(config-vpf-nat-rule)# no to

VPF Options

Enter VPF Options Mode

tnsr(config)# vpf options
tnsr(config-vpf-option)#

VPF Options Mode Commands

tnsr(config-vpf-option)# interface <name> filter-ruleset <name>
tnsr(config-vpf-option)# no interface <name> filter-ruleset [<name>]
tnsr(config-vpf-option)# interface <name> nat-ruleset <name>
tnsr(config-vpf-option)# no interface <name> nat-ruleset [<name>]
tnsr(config-vpf-option)# no interface
tnsr(config-vpf-option)# runtime drop-options (ip4|ip6) (false|true)
tnsr(config-vpf-option)# no runtime drop-options [(ip4|ip6)]
tnsr(config-vpf-option)# runtime tcp max-ack-win <value>
tnsr(config-vpf-option)# no runtime tcp max-ack-win
tnsr(config-vpf-option)# runtime tcp strict-rst-order (false|true)
tnsr(config-vpf-option)# no runtime tcp strict-rst-order
tnsr(config-vpf-option)# runtime timeouts generic (closed|established|new) <sec>
tnsr(config-vpf-option)# no runtime timeouts generic [(closed|established|new)]
tnsr(config-vpf-option)# runtime timeouts tcp (closed|established|half-closed|new|time-wait) <sec>
tnsr(config-vpf-option)# no runtime timeouts tcp [(closed|established|half-closed|new|time-wait)]
tnsr(config-vpf-option)# no runtime timeouts
tnsr(config-vpf-option)# no runtime
tnsr(config-vpf-option)# startup max-connections-per-thread (ip4|ip6) <value>
tnsr(config-vpf-option)# no startup max-connections-per-thread [(ip4|ip6)]
tnsr(config-vpf-option)# startup port-mapping (max-port|min-port) <port-number>
tnsr(config-vpf-option)# no startup port-mapping [(max-port|min-port) [<port-number>]]
tnsr(config-vpf-option)# no startup

VPF Table Mode

Enter VPF Table Mode

tnsr(config)# vpf table <name>
tnsr(config-vpf-table)#

VPF Table Mode Commands

tnsr(config-vpf-table)# description <text>
tnsr(config-vpf-table)# no description
tnsr(config-vpf-table)# [no] prefix <ip-prefix>

DHCP Relay Mode

Enter DHCP Relay Mode

tnsr(config)# dhcp-relay <client-vrf>
tnsr(config-dhcp-relay)#

DHCP Relay Mode Commands

tnsr(config-dhcp-relay)# description <text>
tnsr(config-dhcp-relay)# no description
tnsr(config-dhcp-relay)# source-ipv4-address <ip-addr>
tnsr(config-dhcp-relay)# source-ipv6-address <ip-addr>
tnsr(config-dhcp-relay)# no source-ipv4-address [<ip-addr>]
tnsr(config-dhcp-relay)# no source-ipv6-address [<ip-addr>]
tnsr(config-dhcp-relay)# [no] server-ipv4 <server-vrf> <ip-addr>
tnsr(config-dhcp-relay)# [no] server-ipv6 <server-vrf> <ip-addr>