Commands¶
Mode List¶
Internal Name |
Prompt |
Mode Description |
---|---|---|
abf_interface |
config-abf-interface |
ACL-Based Forwarding Interface Attachment |
abf_policy |
config-abf-policy |
ACL-Based Forwarding Policy |
abf_policy_ipv4_nh |
config-abf-policy-ipv4-nh |
ACL-Based Forwarding Policy IPv4 Next Hop |
abf_policy_ipv6_nh |
config-abf-policy-ipv6-nh |
ACL-Based Forwarding Policy IPv6 Next Hop |
access_list |
config-access-list |
Dynamic Routing Accesss List |
acl |
config-acl |
Access Control List |
acl_rule |
config-acl-rule |
ACL Rule |
aspath |
config-aspath |
AS Path ordered rule |
auth |
config-user |
User Authentication |
auth_server_group |
config-auth-server-group |
User Authentication Server Group |
basic |
Initial, priviledged |
|
bfd |
config-bfd |
Bidirectional Forwarding Detection |
bfd_key |
config-bfd-key |
BFD key |
bgp |
config-bgp |
BGP server |
bgp_ip4multi |
config-bgp-ip4multi |
BGP IPv4 Multicast Address Family |
bgp_ip4multi_nbr |
config-bgp-ip4multi-nbr |
BGP IPv4 Multicast Address Family Neighbor |
bgp_ip4uni |
config-bgp-ip4uni |
BGP IPv4 Unicast Address Family |
bgp_ip4uni_nbr |
config-bgp-ip4uni-nbr |
BGP IPv4 Unicast Address Family Neighbor |
bgp_ip6multi |
config-bgp-ip6multi |
BGP IPv6 Multicast Address Family |
bgp_ip6multi_nbr |
config-bgp-ip6multi-nbr |
BGP IPv6 Multicast Address Family Neighbor |
bgp_ip6uni |
config-bgp-ip6uni |
BGP IPv6 Unicast Address Family |
bgp_ip6uni_nbr |
config-bgp-ip6uni-nbr |
BGP IPv6 Unicast Address Family Neighbor |
bgp_neighbor |
config-bgp-neighbor |
BGP Neighbor |
bond |
config-bond |
Interface bonding |
bridge |
config-bridge |
Bridge |
community_list |
config-community-list |
BGP community list |
config |
config |
Configuration |
dhcp_relay |
config-dhcp-relay |
DHCP Relay Configuration |
dns_resolver |
config-dns-resolver |
DNS Resolver |
frr_bgp |
config-frr-bgp |
Dynamic Routing BGP |
frr_ospf |
config-frr-ospf |
Dynamic Routing OSPF |
frr_ospf6 |
config-frr-ospf6 |
Dynamic Routing OSPF6 |
gre |
config-gre |
Generic Route Encapsulation |
host_acl |
config-host-acl |
Host Access List |
host_acl_rule |
config-host-acl-rule |
Host Access List Rule |
host_if |
config-host-if |
Host interface |
host_route |
config-host-route |
Host Route |
host_route_ip4 |
config-host-route-ip4 |
IPv4 Host Route |
host_route_ip6 |
config-host-route-ip6 |
IPv6 Host Route |
host_route_table |
config-host-route-table |
Host Route Table |
ike_authentication |
config-ike-authentication |
IKE peer authentication |
ike_authentication_round |
config-ike-authentication-round |
IKE peer authentication round |
ike_child |
config-ike-child |
IKE child SA |
ike_child_proposal |
config-ike-child-proposal |
IKE child SA proposal |
ike_identity |
config-ike-identity |
IKE peer identity |
ike_proposal |
config-ike-proposal |
IKE proposal |
interface |
config-interface |
Interface |
interface_ipv6_ra |
config-interface-ipv6-ra |
Interface IPv6 RA |
interface_ipv6_ra_prefix |
config-interface-ipv6-ra-prefix |
Interface IPv6 RA Prefix |
ipfix_cache |
config-ipfix-cache |
IPFIX Cache |
ipfix_exporter |
config-ipfix-exporter |
IPFIX Exporter |
ipfix_observation_point |
config-ipfix-obs-pt |
IPFIX Observation Point |
ipfix_selection_process |
config-ipfix-sel-proc |
IPFIX Selection Process |
ipip |
config-ipip |
IPIP Tunnel Configuration |
ipsec_crypto_ike |
config-ipsec-crypto-ike |
IKE |
ipsec_crypto_manual |
config-crypto-manual |
IPsec static keying |
ipsec_tunnel |
config-ipsec-tunnel |
IPsec tunnel |
kea_dhcp4 |
config-kea-dhcp4 |
DHCP4 Server |
kea_dhcp4_log |
config-kea-dhcp4-log |
DHCP4 Log |
kea_dhcp4_log_out |
config-kea-dhcp4-log-out |
DHCP4 Log output |
kea_dhcp4_opt |
config-kea-dhcp4-opt |
DHCP4 option |
kea_dhcp4_optdef |
config-kea-dhcp4-optdef |
DHCP4 option definition |
kea_subnet4 |
config-kea-dhcp4-subnet4 |
DHCP4 subnet4 |
kea_subnet4_opt |
config-kea-subnet4-opt |
DHCP4 subnet4 option |
kea_subnet4_pool |
config-kea-subnet4-pool |
DHCP4 subnet4 pool |
kea_subnet4_pool_opt |
config-kea-subnet4-pool-opt |
DHCP4 subnet4 pool option |
kea_subnet4_reservation |
config-kea-subnet4-reservation |
DHCP4 subnet4 host reservation |
kea_subnet4_reservation_opt |
config-kea-subnet4-reservation-opt |
DHCP4 subnet4 host res option |
ldap |
config-ldap |
LDAP authentication configuration |
log_remote |
config-log-remote |
Remote Logging configuration |
loopback |
config-loopback |
Loopback interface |
macip |
config-macip |
MAC/IP access control list |
macip_rule |
config-macip-rule |
MACIP Rule |
map |
config-map |
MAP-E/MAP-T |
map_param |
config-map-param |
MAP-E/MAP-T global parameter |
memif |
config-memif |
Memif interface |
nacm_group |
config-nacm-group |
NACM group |
nacm_rule |
config-nacm-rule |
NACM rule |
nacm_rule_list |
config-nacm-rule-list |
NACM rule list |
vpf_filter_rule |
config-vpf-filter-rule |
VPF Filter Rules |
vpf_filter_ruleset |
config-vpf-filter-ruleset |
VPF Filter Rulesets |
vpf_ipfix |
config-vpf-ipfix |
VPF IPFIX Configuration |
vpf_nat_rule |
config-vpf-nat-rule |
VPF NAT Rules |
vpf_nat_ruleset |
config-vpf-nat-ruleset |
VPF NAT Rulesets |
vpf_option |
config-vpf-option |
VPF Options |
vpf_table |
config-vpf-table |
VPF Tables |
ntp |
config-ntp |
NTP |
ntp_restrict |
config-ntp-restrict |
NTP restriction |
ntp_server |
config-ntp-server |
NTP server |
ospf |
config-ospf |
Dynamic routing OSPF Server |
ospf_if |
config-ospf-if |
Dynamic routing OSPF Interface |
ospf6 |
config-ospf6 |
Dynamic routing OSPF Server |
ospf6_if |
config-ospf6-if |
Dynamic routing OSPF Interface |
prefix_list |
config-pref-list |
Dynamic routing prefix list |
radius |
config-radius |
RADIUS authentication configuration |
restconf |
config-restconf |
RESTCONF server configuration |
route_dynamic_manager |
config-route-dynamic-manager |
Dynamic routing manager |
route_map |
config-route-map |
Route Map |
route_map_rule |
config-route-map-rule |
Route Map Rule |
route_table |
config-route-table |
Static Route Table |
rpki |
config-rpki |
FRR BGP RPKI |
rpki_ssh |
config-rpki-ssh |
FRR BGP RPKI SSH Cache |
rpki_tcp |
config-rpki-tcp |
FRR BGP RPKI TCP Cache |
rttbl4_next_hop |
config-rttbl4-next-hop |
IPv4 Next Hop |
rttbl6_next_hop |
config-rttbl6-next-hop |
IPv6 Next Hop |
span |
config-span |
SPAN |
subif |
config-subif |
Sub-interface VLAN |
tap |
config-tap |
Tap |
trace_match |
config-trace-match |
Packet Trace Match |
trace_ether |
config-trace-ether |
Packet Trace Match Ethernet (L2) |
trace_ip4 |
config-trace-ip4 |
Packet Trace Match IPv4 (L3) |
trace_ip6 |
config-trace-ip6 |
Packet Trace Match IPv6 (L3) |
trace_tcp |
config-trace-tcp |
Packet Trace Match TCP (L4) |
trace_udp |
config-trace-udp |
Packet Trace Match UDP (L4) |
tunnel_nh_if |
config-tunnel-nh-if |
Tunnel Next Hop |
unbound |
config-unbound |
Unbound DNS Server |
unbound_fwd_zone |
config-unbound-fwd-zone |
Unbound forward-zone |
unbound_local_host |
config-unbound-local-host |
Unbound local host override |
unbound_local_zone |
config-unbound-local-zone |
Unbound local zone override |
vhost_user |
config-vhost-user |
vHost-user interfaces |
vrrp4 |
config-vrrp4 |
IPv4 VRRP |
vrrp6 |
config-vrrp6 |
IPv6 VRRP |
vxlan |
config-vxlan |
VXLAN |
wireguard |
config-wireguard |
WireGuard instances |
wireguard_peer |
config-wireguard-peer |
WireGuard peer instances |
Basic Mode Commands¶
tnsr# configure [terminal]
tnsr# end [<mode-name>]
tnsr# exit
tnsr# ls [-l]
tnsr# [(host|dataplane)] ping (<dest-host>|<dest-ip>) [ipv4|ipv6]
[interface <if-name>] [source <src-addr>] [count <count>]
[packet-size <bytes>] [ttl <ttl-hops>] [timeout <wait-sec>]
[buffered] [interval <seconds:0.000001-6000>]
tnsr# pwd
tnsr# (host|dataplane) shell [<command>]
tnsr# [(host|dataplane)] traceroute (<dest-host>|<dest-ip>) [ipv4|ipv6]
[interface <if-name>] [source <src-addr>] [packet-size <bytes>]
[no-dns] [ttl <ttl-hos>] [waittime <wait-sec>] [buffered]
tnsr# whoami
Package Management Commands¶
tnsr# package cache-clean
tnsr# package (info|list) [available|installed|updates] [<pkg-glob>]
tnsr# package install <pkg-glob>
tnsr# package reinstall <pkg-glob>
tnsr# package remove <pkg-glob>
tnsr# package search <term>
tnsr# package upgrade
Public Key Infrastructure Commands¶
tnsr# pki ca list
tnsr# pki ca <name> (append <source-name>|delete|enter|get [(full|short)]|import <file>)
tnsr# pki certificate list
tnsr# pki certificate <name> (delete|enter|get [(full|short)]|import <file>)
tnsr# pki generate-restconf-certs [length (2048|3072|4096)] [subject-alt-names <addresses>]
tnsr# pki pkcs12 <certname> generate export-password <password> [ca-name <caname>]
[key-pbe-algorithm <pbe-algo>] [certificate-pbe-algorithm <pbe-algo>]
[mac-algorithm <mac-algo>] [verbose]
tnsr# pki pkcs12 <certname> (delete|get [verbose])
tnsr# pki private-key list
tnsr# pki private-key <name> (delete|enter|get|import <file>)
tnsr# pki private-key <name> generate [key-length (2048|3072|4096)]
tnsr# pki signing-request list
tnsr# pki signing-request <name> (delete|generate|get)
tnsr# pki signing-request <name> sign (ca-name <ca>|self) [days-valid <days>]
[digest (sha224|sha256|sha384|sha512)] [purpose (ca|client|server)]
tnsr# pki signing-request set (city|common-name|country|org|org-unit|state) <text>
tnsr# pki signing-request set digest (sha224|sha256|sha384|sha512)
tnsr# pki signing-request settings (clear|show)
tnsr# pki signing-request set subject-alt-names add
(email|hostname|ipv4-address|ipv6-address|uri) <value>
tnsr# pki signing-request set subject-alt-names clear
tnsr# pki signing-request set subject-alt-names delete <name>
tnsr# pki ssh-key list
tnsr# pki ssh-key <name> (delete|enter|get) (private|public)
tnsr# pki ssh-key <name> import (private|public) <file>
Packet Trace Commands¶
tnsr# trace capture node <input-node> [maximum <max>] [verbose] [pre-clear]
tnsr# trace clear
tnsr# trace filter (exclude|include) node <graph-node> [maximum <max>]
tnsr# trace filter none
tnsr# trace match <name>
tnsr# show trace [maximum <max>]
Packet Trace Match Mode¶
Enter Packet Trace Match Mode¶
tnsr# trace match <name>
tnsr(config-trace-match)#
Packet Trace Match Mode Commands¶
tnsr(config-trace-match)# [no] description <text>
tnsr(config-trace-match)# [no] ethernet
tnsr(config-trace-match)# [no] ip4
tnsr(config-trace-match)# [no] ip6
tnsr(config-trace-match)# [no] tcp
tnsr(config-trace-match)# [no] udp
Remove Packet Trace Match¶
tnsr# no trace match <name>
Packet Trace Match Ethernet Mode¶
Enter Packet Trace Match Ethernet Mode¶
tnsr(config-trace-match)# ethernet
tnsr(config-trace-ether)#
Packet Trace Match Ethernet Mode Commands¶
tnsr(config-trace-ether)# [no] destination mac-address <mac-addr>
tnsr(config-trace-ether)# [no] destination mask <mask-val>
tnsr(config-trace-ether)# [no] ethertype <type-name>
tnsr(config-trace-ether)# [no] source mac-address <mac-addr>
tnsr(config-trace-ether)# [no] source mask <mask-val>
tnsr(config-trace-ether)# [no] vlan-dot1q [(pcp <val>|tag <inner-tag>)]
tnsr(config-trace-ether)# [no] vlan-dot1q vlan-dot1ad [(pcp <val>|tag <outer-tag>)]
Remove Packet Trace Ethernet Match¶
tnsr(config-trace-match)# no ethernet
Packet Trace Match IPv4 Mode¶
Enter Packet Trace Match IPv4 Mode¶
tnsr(config-trace-match)# ip4
tnsr(config-trace-ip4)#
Packet Trace Match IPv4 Mode Commands¶
tnsr(config-trace-ip4)# [no] checksum <uint16>
tnsr(config-trace-ip4)# [no] destination-ip-prefix <prefix>
tnsr(config-trace-ip4)# [no] dscp <val:0..63>
tnsr(config-trace-ip4)# [no] ecn <val:0..3>
tnsr(config-trace-ip4)# [no] flags <value>
tnsr(config-trace-ip4)# [no] fragmentation-offset <val:0..8191>
tnsr(config-trace-ip4)# [no] identification <uint16>
tnsr(config-trace-ip4)# [no] ihl <val:5-15>
tnsr(config-trace-ip4)# [no] length <val:20..65535>
tnsr(config-trace-ip4)# [no] protocol <uint8>
tnsr(config-trace-ip4)# [no] source-ip-prefix <prefix>
tnsr(config-trace-ip4)# [no] ttl <uint16>
tnsr(config-trace-ip4)# [no] version <val>
Remove Packet Trace IPv4 Match¶
tnsr(config-trace-match)# no ip4
Packet Trace Match IPv6 Mode¶
Enter Packet Trace Match IPv6 Mode¶
tnsr(config-trace-match)# ip6
tnsr(config-trace-ip6)#
Packet Trace Match IPv6 Mode Commands¶
tnsr(config-trace-ip6)# [no] destination-prefix <prefix>
tnsr(config-trace-ip6)# [no] flow-label <val:0..1048575>
tnsr(config-trace-ip6)# [no] hop-limit <uint8>
tnsr(config-trace-ip6)# [no] next-header <uint8>
tnsr(config-trace-ip6)# [no] payload-length <uint16>
tnsr(config-trace-ip6)# [no] source-prefix <prefix>
tnsr(config-trace-ip6)# [no] traffic-class <val>
tnsr(config-trace-ip6)# [no] version <val>
Remove Packet Trace IPv6 Match¶
tnsr(config-trace-match)# no ip6
Packet Trace Match TCP Mode¶
Enter Packet Trace Match TCP Mode¶
tnsr(config-trace-match)# tcp
tnsr(config-trace-tcp)#
Packet Trace Match TCP Mode Commands¶
tnsr(config-trace-tcp)# [no] acknowledgement-number <uint16>
tnsr(config-trace-tcp)# [no] checksum <uint16>
tnsr(config-trace-tcp)# [no] data-offset <uint16>
tnsr(config-trace-tcp)# [no] destination-port <port-number>
tnsr(config-trace-tcp)# [no] flags <flag-val>
tnsr(config-trace-tcp)# [no] sequence-number <uint16>
tnsr(config-trace-tcp)# [no] source-port <port-number>
tnsr(config-trace-tcp)# [no] window <uint16>
Remove Packet Trace TCP Match¶
tnsr(config-trace-match)# no tcp
Packet Trace Match UDP Mode¶
Enter Packet Trace Match UDP Mode¶
tnsr(config-trace-match)# udp
tnsr(config-trace-udp)#
Packet Trace Match UDP Mode Commands¶
tnsr(config-trace-udp)# [no] checksum <uint16>
tnsr(config-trace-udp)# [no] destination-port <port-number>
tnsr(config-trace-udp)# [no] length <uint16>
tnsr(config-trace-udp)# [no] source-port <port-number>
Remove Packet Trace UDP Match¶
tnsr(config-trace-match)# no udp
Config Mode Commands¶
tnsr(config)# [no] acl <acl-name>
tnsr(config)# [no] auth user <user-name>
tnsr(config)# [no] auth method (ldap|radius) server-group <group-name>
tnsr(config)# [no] auth server-group <group-name>
tnsr(config)# bfd conf-key-id <conf-key-id>
tnsr(config)# bfd session <bfd-session>
tnsr(config)# [no] cli history-config (enable|disable)
tnsr(config)# [no] cli history-config lines [<count>]
tnsr(config)# [no] cli option (auto-discard|check-delete-thresholds)
tnsr(config)# configuration candidate clear
tnsr(config)# configuration candidate commit
tnsr(config)# configuration candidate discard
tnsr(config)# configuration candidate load <filename> [(replace|merge)]
tnsr(config)# configuration candidate validate
tnsr(config)# configuration copy candidate startup
tnsr(config)# configuration copy running (candidate|startup)
tnsr(config)# configuration copy startup candidate
tnsr(config)# configuration history (enable|disable)
tnsr(config)# [no] configuration history autosave-period <num>
tnsr(config)# configuration history version (load|save) <version-name>
tnsr(config)# no configuration history [storage]
tnsr(config)# no configuration history version <version-name>
tnsr(config)# configuration rollback timer start minutes <minutes> config-source (running|startup|<filename>)
tnsr(config)# configuration rollback timer restart minutes <minutes>
tnsr(config)# configuration rollback (trigger|cancel)
tnsr(config)# configuration save (candidate|running) <filename>
tnsr(config)# crypto asynchronous dispatch-mode (adaptive|interrupt|polling)
tnsr(config)# [no] crypto asychronous dispatch-mode
tnsr(config)# [no] dataplane api-segment api-size <mem-size>
tnsr(config)# [no] dataplane api-segment global-size <mem-size>
tnsr(config)# [no] dataplane api-segment api-pvt-heap-size <mem-size>
tnsr(config)# [no] dataplane api-segment global-pvt-heap-size <mem-size>
tnsr(config)# [no] dataplane buffers buffers-per-numa [<buffers-per-numa>]
tnsr(config)# [no] dataplane buffers default-data-size [<default-data-size>]
tnsr(config)# [no] dataplane cpu corelist-workers [<core-first> [- <core-last>]]
tnsr(config)# [no] dataplane cpu main-core <main-core>
tnsr(config)# [no] dataplane cpu skip-cores <skip-cores>
tnsr(config)# [no] dataplane cpu workers <workers>
tnsr(config)# dataplane dpdk dev <pci-id> (crypto|crypto-vf)
tnsr(config)# dataplane dpdk dev (<pci-id>|<vmbus-uuid>) network
[num-rx-queues [<num-rx-queues>]] [num-tx-queues [<num-tx-queues>]]
[num-rx-desc [<num-rx-desc>]] [num-tx-desc [<num-tx-desc>]]
[tso (off|on)] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk dev all-inactive-network
tnsr(config)# dataplane dpdk dev default network
[num-rx-queues [<num-rx-queues>]] [num-tx-queues [<num-tx-queues>]]
[num-rx-desc [<num-rx-desc>]] [num-tx-desc [<num-tx-desc>]]
[tso (off|on)] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk dev (<pci-id>|<vmbus-uuid>) network name <name>
tnsr(config)# no dataplane dpdk dev (<pci-id>|<vmbus-uuid>|default) [name] [num-rx-queues] [num-tx-queues]
[num-rx-desc] [num-tx-desc] [devargs <name>=<value>]
tnsr(config)# dataplane dpdk blacklist <vendor-id>:<device-id>
tnsr(config)# dataplane dpdk blacklist (<pci-id>|<vmbus-uuid>)
tnsr(config)# [no] dataplane dpdk decimal-interface-names
tnsr(config)# dataplane dpdk iova-mode (pa|va)
tnsr(config)# [no] dataplane dpdk iova-mode
tnsr(config)# [no] dataplane dpdk log-level (alert|critical|debug|emergency|error|info|notice|warning)
tnsr(config)# [no] dataplane dpdk lro
tnsr(config)# [no] dataplane dpdk no-multi-seg
tnsr(config)# [no] dataplane dpdk no-pci
tnsr(config)# [no] dataplane dpdk no-tx-checksum-offload
tnsr(config)# [no] dataplane dpdk outer-checksum-offload
tnsr(config)# [no] dataplane dpdk tcp-udp-checksum
tnsr(config)# [no] dataplane dpdk telemetry
tnsr(config)# [no] dataplane dpdk uio-driver [<uio-driver>]
tnsr(config)# [no] dataplane ethernet default-mtu <size>
tnsr(config)# [no] dataplane ip6 hash-buckets [<size>]
tnsr(config)# [no] dataplane linux-cp nl-rx-buffer-size <n>
tnsr(config)# [no] dataplane linux-cp nl-batch-size <n>
tnsr(config)# [no] dataplane linux-cp nl-batch-delay-ms <n>
tnsr(config)# [no] dataplane logging (default-log-level|default-syslog-log-level)
(alert|crit|debug|disabled|emerg|err|info|notice|warn)
tnsr(config)# [no] dataplane logging size <message-count>
tnsr(config)# [no] dataplane logging unthrottle-time <seconds>
tnsr(config)# [no] dataplane memory main-heap-size <heap-size>[kKmMgG]
tnsr(config)# [no] dataplane memory main-heap-page-size (default|4k|2m|1g)
tnsr(config)# [no] dataplane plugins plugin <name> [enable]
tnsr(config)# [no] dataplane statseg heap-size <heap-size>[kKmMgG]
tnsr(config)# [no] dataplane statseg per-node-counters enable
tnsr(config)# [no] dataplane statseg socket-name <socket-name>
tnsr(config)# [no] dataplane vhost-user coalesce-frames <num>
tnsr(config)# [no] dataplane vhost-user coalesce-time <us>
tnsr(config)# [no] dataplane vhost-user dont-dump-memory
tnsr(config)# debug cli [level <n>]
tnsr(config)# debug tnsr (clear|set|value) <flags>
tnsr(config)# debug vmgmt (clear|set|value) <flags>
tnsr(config)# no debug (cli|tnsr|vmgmt)
tnsr(config)# [no] dhcp-relay <client-vrf>
tnsr(config)# dhcp4 (enable|disable)
tnsr(config)# [no] dhcp4 server
tnsr(config)# exit
tnsr(config)# [no] gre <gre-name>
tnsr(config)# [no] host acl <acl-name>
tnsr(config)# [no] host interface <host-if-name>
tnsr(config)# host route table default
tnsr(config)# [no] interface <if-name>
tnsr(config)# interface clear counters [<interface>]
tnsr(config)# [no] interface bond <instance>
tnsr(config)# [no] interface bridge domain <domain-id>
tnsr(config)# [no] interface loopback <name>
tnsr(config)# [no] interface memif socket <socket-id> (filename <file>|interface <if-id>)
tnsr(config)# [no] interface subif <interface> <subid>
tnsr(config)# [no] interface tap <host-name>
tnsr(config)# interface vhost-user <instance>
tnsr(config)# no interface vhost-user [<instance>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) expire-walk-interval [<interval-ms>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) max-reassemblies [<max>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) max-reassembly-length [<length>]
tnsr(config)# [no] ip reassembly (full|virtual) (ipv4|ipv6) timeout [<timeout-ms>]
tnsr(config)# [no] ipfix cache <name>
tnsr(config)# [no] ipfix exporter
tnsr(config)# [no] ipfix observation-point <name>
tnsr(config)# [no] ipfix selection-process <name>
tnsr(config)# [no] ipsec global-options eap-radius server-group <name>
tnsr(config)# [no] ipsec global-options eap-radius accounting enabled
tnsr(config)# [no] ipsec global-options eap-radius accounting interim-interval <interim-interval>
tnsr(config)# [no] ipsec tunnel <tunnel-num>
tnsr(config)# [no] lldp system-name <system-name>
tnsr(config)# [no] lldp tx-hold <transmit-hold>
tnsr(config)# [no] lldp tx-interval <transmit-interval>
tnsr(config)# [no] logging remote-server <name>
tnsr(config)# [no] macip <macip-name>
tnsr(config)# nacm (enable|disable)
tnsr(config)# no nacm enable
tnsr(config)# [no] nacm exec-default (deny|permit)
tnsr(config)# [no] nacm group <group-name>
tnsr(config)# [no] nacm read-default (deny|permit)
tnsr(config)# [no] nacm rule-list <rule-list-name>
tnsr(config)# [no] nacm write-default (deny|permit)
tnsr(config)# [no] nat global-options nat44 enabled (true|false)
tnsr(config)# [no] nat global-options nat44 endpoint-dependent (true|false)
tnsr(config)# [no] nat global-options nat44 forwarding (true|false)
tnsr(config)# [no] nat global-options nat44 max-translations-per-thread <n>
tnsr(config)# [no] nat global-options nat44 max-translations-per-user <n>
tnsr(config)# [no] nat global-options nat44 max-users-per-thread <n>
tnsr(config)# [no] nat global-options nat44 out2in-dpo (true|false)
tnsr(config)# [no] nat global-options nat44 static-mapping-only (true|false)
tnsr(config)# [no] nat global-options timeouts (icmp|tcp_established|tcp_transitory|udp) <seconds>
tnsr(config)# [no] nat ipfix logging enable
tnsr(config)# [no] nat ipfix logging domain <domain-id>
tnsr(config)# [no] nat ipfix logging src-port <src-port>
tnsr(config)# [no] nat nat64 map <domain-name>
tnsr(config)# [no] nat nat64 map parameters
tnsr(config)# [no] nat pool address <ip-first> [- <ip-last>] [twice-nat] [route-table <rt-tbl-name>]
tnsr(config)# [no] nat pool interface <if-name> [twice-nat]
tnsr(config)# [no] nat static mapping (icmp|udp|tcp) local <ip-local> [<port-local>]
external (<ip-external>|<if-name>) [<port-external>]
[twice-nat] [out-to-in-only] [route-table <rt-tbl-name>]
tnsr(config)# [no] neighbor <interface> <ip-address> <mac-address> [no-adj-route-table-entry]
tnsr(config)# [no] neighbor cache-options (ipv4|ipv6) max-number <max-num-val>
tnsr(config)# [no] neighbor cache-options (ipv4|ipv6) max-age <max-age-sec>
tnsr(config)# no vpf
tnsr(config)# vpf (disable|enable)
tnsr(config)# vpf filter ruleset <name>
tnsr(config)# no vpf filter ruleset [<name> [rule <seq>]]
tnsr(config)# [no] vpf ipfix
tnsr(config)# vpf nat ruleset <name>
tnsr(config)# no vpf nat ruleset [<name> [rule <seq>]]
tnsr(config)# [no] vpf options
tnsr(config)# vpf table <name>
tnsr(config)# no vpf table [<name>]
tnsr(config)# ntp (enable|disable)
tnsr(config)# no ntp enable
tnsr(config)# ntp namespace (host|dataplane)
tnsr(config)# no ntp namespace
tnsr(config)# [no] ntp server
tnsr(config)# prometheus (host|dataplane) (enable|disable)
tnsr(config)# no prometheus (host|dataplane)
tnsr(config)# [no] prometheus (host|dataplane) filter <regex> [<regex> [...]]
tnsr(config)# radius
tnsr(config)# reboot (now|<minutes>) [force]
tnsr(config)# reboot cancel
tnsr(config)# restconf
tnsr(config)# [no] route dynamic access-list <access-list-name>
tnsr(config)# route acl-based-forwarding interface <if-name>
tnsr(config)# route acl-based-forwarding policy <id>
tnsr(config)# no route acl-based-forwarding [interface <if-name>|policy <id>]
tnsr(config)# route dynamic bgp
tnsr(config)# route dynamic manager
tnsr(config)# route dynamic ospf
tnsr(config)# route dynamic ospf6
tnsr(config)# [no] route dynamic prefix-list <prefix-list-name>
tnsr(config)# [no] route dynamic route-map <route-map-name>
tnsr(config)# no route dynamic route-map [<route-map-name>]
tnsr(config)# [no] route table <name>
tnsr(config)# service
(backend|bgp|dataplane|dhcp4|ike|ntp (dataplane|host)|ospf|ospf6|restconf|
rip|snmp (dataplane|host)|unbound) coredump (enable|disable)
tnsr(config)# service bgp (start|stop|restart|status)
tnsr(config)# service dataplane (start|stop|restart|status)
tnsr(config)# service dhcp4 (start|stop|reload|status)
tnsr(config)# service ntp (dataplane|host) (start|stop|restart|status)
tnsr(config)# service ospf (start|stop|restart|status)
tnsr(config)# service ospf6 (start|stop|restart|status)
tnsr(config)# service prometheus (dataplane|host) (start|stop|restart|status)
tnsr(config)# service restconf (start|stop|restart|status)
tnsr(config)# service rip (start|stop|restart|status)
tnsr(config)# service rsyslog (start|stop|restart|status)
tnsr(config)# service snmp (dataplane|host) (start|stop|restart|status)
tnsr(config)# service ssh dataplane (start|stop|restart|status)
tnsr(config)# service ssh host status
tnsr(config)# service unbound (start|stop|status|reload|restart)
tnsr(config)# snmp (host|dataplane) (enable|disable)
tnsr(config)# [no] snmp access group-name <group-name>
prefix (exact|prefix)
model (any|v1|v2c)
level (noauth|auth|priv)
read <read-view>
write <write-view>
tnsr(config)# snmp community community-name <community-name>
source (<src-prefix>|default)
security-name <security-name>
tnsr(config)# snmp group group-name <group-name>
security-name <security-name>
security-model (any|v1|v2c)
tnsr(config)# snmp view view-name <view-name>
view-type (included|excluded)
oid <oid>
tnsr(config)# [no] span <if-name-src>
tnsr(config)# ssh dataplane (enable|disable)
tnsr(config)# [no] sysctl vm nr_hugepages <u64>
tnsr(config)# [no] sysctl vm nr_overcommit_hugepages <u64>
tnsr(config)# [no] sysctl vm max_map_count <u64>
tnsr(config)# [no] sysctl kernel shmmem <u64>
tnsr(config)# system banner <end-character>
tnsr(config)# no system banner
tnsr(config)# [no] system contact <text>
tnsr(config)# [no] system description <text>
tnsr(config)# [no] system kernel arguments auto isolcpus
tnsr(config)# [no] system kernel arguments manual <text>
tnsr(config)# [no] system location <text>
tnsr(config)# [no] system name <text>
tnsr(config)# [no] system dns-resolver (dataplane|host)
tnsr(config)# [no] tunnel ipip <instance>
tnsr(config)# [no] tunnel next-hops <interface>
tnsr(config)# [no] unbound server
tnsr(config)# unbound (enable|disable)
tnsr(config)# no unbound enable
tnsr(config)# [no] vxlan <vxlan-name>
tnsr(config)# write
Show Commands in Both Basic and Config Modes¶
tnsr# show acl [<acl-name>]
tnsr# show acl-based-forwarding
tnsr# show acl-based-forwarding interface [<if-name>]
tnsr# show acl-based-forwarding policy [<id>]
tnsr# show bfd
tnsr# show bfd keys [conf-key-id <conf-key-id>]
tnsr# show bfd sessions [conf-key-id <conf-key-id> | peer-ip-addr <peer-addr>]
tnsr# show cli
tnsr# show clock
tnsr# show configuration [(candidate|running|startup) [(xml|json) [(explicit|report-all)]]]
tnsr# show configuration [(candidate|running|startup) cli [<section>]]
tnsr# show configuration history (config|versions)
tnsr# show configuration history log [<entry-name>]
tnsr# show configuration history version-diff <old-version> <new-version>
tnsr# show configuration rollback timer
tnsr# show dataplane cpu threads
tnsr# show dhcp-relay [<client-vrf>]
tnsr# show documentation
tnsr# show gre [<tunnel-name>]
tnsr# show history-config
tnsr# show host acl [<acl-name> [rule <seq>]]
tnsr# show host interface (<name>|ipv4|ipv6|link)
tnsr# show host route [<interface>] [(ipv4|ipv6)] [table all]
tnsr# show host ruleset
tnsr# show interface [<if-name>] [(access-list|acl|bonding|link|mac-address|
rx-queues|subif|vlan tag-rewrite|vtr)]
tnsr# show interface [<if-name>] brief
tnsr# show interface [<if-name>] counters [verbose]
tnsr# show interface <if-name> counters rolling [interval <sec>]
tnsr# show interface [<if-name>] ip [nat]
tnsr# show interface [<if-name>] ipv6 [router-advertisements]
tnsr# show interface [<if-name>] [(ip|ipv6)] vrrp-virtual-router
tnsr# show interface bridge domain [<bdi>]
tnsr# show interface loopback [<loopback-name>]
tnsr# show interface memif [<id>]
tnsr# show interface bond [<id>]
tnsr# show interface lacp [<if-name>]
tnsr# show interface tap
tnsr# show interface vhost-user
tnsr# show ip reassembly [(full|virtual) [(ipv4|ipv6)]]
tnsr# show ipsec tunnel [<tunnel_number> [brief|child|ike|verbose]]
tnsr# show kea [(keactrl|dhcp4) [config-file]]
tnsr# show kea dhcp4 leases
tnsr# show ldap [(parameters|servers)]
tnsr# show logging [priority <priority>] [<source(s)>] [<time-filters>] [<modifiers>]
tnsr# show logging [priority <priority>]
[kernel|(service <name>]|syslog-facility <name>|syslog-identifier <id>)
[<additional-sources>]]
[after-time <time>] [before-time <time>] [recent-lines <n>] [reverse]
tnsr# show macip [<macip-name>]
tnsr# show map [<map-domain-name>]
tnsr# show nacm [group [<group-name>] | rule-list [<rule-list-name>]]
tnsr# show nat [config|interface-sides|static-mappings]
tnsr# show nat dynamic (addresses|interfaces)
tnsr# show nat sessions [verbose]
tnsr# show neighbor [(cache-options|interface <if-name>)]
tnsr# show vpf filter ruleset [<name>]
tnsr# show vpf ipfix
tnsr# show vpf nat ruleset [<name>]
tnsr# show vpf options interfaces
tnsr# show vpf options runtime
tnsr# show vpf options startup
tnsr# show vpf status
tnsr# show vpf table [<name>]
tnsr# show ntp [(associations|peers) [associd <id>]]
tnsr# show ntp config-file
tnsr# show packet-counters
tnsr# show prometheus
tnsr# show radius servers
tnsr# show route dynamic access-list [<access-list-name>]
tnsr# show route dynamic bgp as-path [<as-path-name>]
tnsr# show route dynamic bgp community-list [<community-list-name>]
tnsr# show route dynamic bgp config [<as-number>]
tnsr# show route dynamic bgp [vrf <vrf-name>] (ipv4|ipv6) neighbors [<peer>
[advertised-routes|dampened-routes|flap-statistics|graceful-restart|
prefix-counts|received|received-routes|routes]]
tnsr# show route dynamic bgp [vrf <vrf-name>] (ipv4|ipv6) network <prefix>
tnsr# show route dynamic bgp [vrf <vrf-name>] [(ipv4|ipv6)] summary
tnsr# show route dynamic bgp [vrf <vrf-name>] neighbors [<peer>]
tnsr# show route dynamic bgp [vrf <vrf-name>] nexthop [detail]
tnsr# show route dynamic bgp [vrf <vrf-name>] peer-group <peer-group-name>
tnsr# show route dynamic manager
tnsr# show route dynamic ospf [vrf <vrf-name>] [(border-routers|config|interface|
neighbor [detail]|route|router-info)]
tnsr# show route dynamic ospf [vrf <vrf-name>] database [(asbr-summary|external|
max-age|network|nssa-external|opaque-area|opaque-as|opaque-link|router|
self-originate|summary)]
tnsr# show route dynamic ospf6 [vrf <vrf-name>] area [<area-id>]
tnsr# show route dynamic ospf6 [vrf <vrf-name>] [(area|border-routers|config|
database|interface|linkstate|neighbor [detail]|route-table|spf)]
tnsr# show route dynamic prefix-list [<prefix-list-name>]
tnsr# show route dynamic rip [vrf <vrf-name>] [(config|status)]
tnsr# show route dynamic route-map [<route-map-name>]
tnsr# show route [table <route-table-name> [<prefix> [exact]]] [all]
tnsr# show running-configuration [<section>]
tnsr# show span
tnsr# show sysctl
tnsr# show system
tnsr# show trace
tnsr# show tunnel ipip [<instance id>]
tnsr# show tunnel next-hops [<tunnel-interface>]
tnsr# show unbound [config-file]
tnsr# show version [all]
tnsr# show vxlan [<vxlan-name>]
tnsr# show wireguard [<instance>]
Show Command Output Modifiers¶
tnsr# show <command> | match <pattern>
tnsr# show <command> | exclude <pattern>
tnsr# show <command> | tail <num>
tnsr# show <command> | count
Access Control List Modes¶
Enter Access Control List Mode¶
tnsr(config)# acl <acl-name>
tnsr(config-acl)#
Access Control List Mode Commands¶
tnsr(config-acl)# rule <seq-number>
Remove Access Control List¶
tnsr(config)# no acl <acl-name>
Enter ACL Rule Mode¶
tnsr(config-acl)# rule <seq-number>
tnsr(config-acl-rule)#
ACL Rule Mode Commands¶
tnsr(config-acl-rule)# action (deny|permit|reflect)
tnsr(config-acl-rule)# ip-version (ipv4|ipv6)
tnsr(config-acl-rule)# no action [deny|permit|reflect]
tnsr(config-acl-rule)# destination address <ip-prefix>
tnsr(config-acl-rule)# no destination address [<ip-prefix>]
tnsr(config-acl-rule)# [no] destination port (any|<first> [- <last>])
tnsr(config-acl-rule)# [no] icmp type (any|<type-first> [- <type-last>])
tnsr(config-acl-rule)# [no] icmp code (any|<code-first> [- <code-last>])
tnsr(config-acl-rule)# protocol (any|icmp|icmpv6|tcp|udp|<proto-number>)
tnsr(config-acl-rule)# no protocol
tnsr(config-acl-rule)# source address <ip-prefix>
tnsr(config-acl-rule)# no source address [<ip-prefix>]
tnsr(config-acl-rule)# [no] source port (any|<first> [- <last>])
tnsr(config-acl-rule)# [no] tcp flags mask <mask> value <value>
tnsr(config-acl-rule)# [no] tcp flags value <value> mask <mask>
Remove ACL Rule¶
tnsr(config-acl)# no rule <seq>
MACIP ACL Mode¶
Enter MACIP ACL Mode¶
tnsr(config)# macip <macip-name>
tnsr(config-macip)#
MACIP ACL Mode Commands¶
tnsr(config-macip)# rule <seq>
Remove MACIP ACL¶
tnsr(config-macip)# no macip <macip-name>
Enter MACIP ACL Rule Mode¶
tnsr(config-macip)# rule <seq-number>
tnsr(config-macip-rule)#
MACIP Rule Mode Commands¶
tnsr(config-macip-rule)# action (deny|permit)
tnsr(config-macip-rule)# no action [deny|permit]
tnsr(config-macip-rule)# ip-version (ipv4|ipv6)
tnsr(config-macip-rule)# address <ip-prefix>
tnsr(config-macip-rule)# no address [<ip-prefix>]
tnsr(config-macip-rule)# mac address <mac-address> [mask <mac-mask>]
tnsr(config-macip-rule)# mac mask <mac-mask> [address <mac-address>]
tnsr(config-macip-rule)# no mac
tnsr(config-macip-rule)# no mac address [<mac-address>] [mask [<mac-mask>]]
tnsr(config-macip-rule)# no mac mask [<mac-mask>] [address [<mac-address>]]
Remove MACIP ACL Rule¶
tnsr(config-macip)# no rule <seq-number>
GRE Mode¶
Enter GRE Mode¶
tnsr(config)# gre <gre-name>
tnsr(config-gre)#
GRE Mode Commands¶
tnsr(config-gre)# encapsulation route-table <rt-table-name>
tnsr(config-gre)# instance <id>
tnsr(config-gre)# destination <ip-address>
tnsr(config-gre)# source <ip-address>
tnsr(config-gre)# tunnel-type erspan session-id <session-id>
tnsr(config-gre)# tunnel-type (l3|teb)
Remove GRE Instance¶
tnsr(config)# no gre <gre-name>
Interface Mode¶
Enter Interface mode¶
tnsr(config)# interface <if-name>
tnsr(config-interface)#
Interface Mode Commands¶
tnsr(config-interface)# access-list (input|output) acl <acl-name> sequence <number>
tnsr(config-interface)# access-list macip <macip-name>
tnsr(config-interface)# no access-list
tnsr(config-interface)# no access-list acl <acl-name>
tnsr(config-interface)# no access-list macip [<macip-name>]
tnsr(config-interface)# no access-list [(input|output) [acl <acl-name> [sequence <number>]]]
tnsr(config-interface)# bond <instance> [long-timeout] [passive]
tnsr(config-interface)# [no] bond <instance>
tnsr(config-interface)# bridge domain <bridge-domain-id> [bvi <bvi>] [shg <shg>]
tnsr(config-interface)# description <string-description>
tnsr(config-interface)# detailed-stats (enable|disable)
tnsr(config-interface)# [no] dhcp client ipv4 [hostname <host-name>]
tnsr(config-interface)# disable
tnsr(config-interface)# [no] enable
tnsr(config-interface)# [no] ip address <ip-prefix>
tnsr(config-interface)# ip mtu <mtu>
tnsr(config-interface)# no ip mtu [<mtu>]
tnsr(config-interface)# [no] ip nat (inside|outside|none)
tnsr(config-interface)# [no] ip reassembly enable
tnsr(config-interface)# [no] ip reassembly type (full|virtual)
tnsr(config-interface)# ip tcp mss <mss-value> (Tx|Rx|TxRx)
tnsr(config-interface)# no ip tcp mss [<mss-value> [Tx|Rx|TxRx]]
tnsr(config-interface)# [no] ip vrrp-virtual-router <vrid>
tnsr(config-interface)# [no] ipv6 address <ipv6-prefix>
tnsr(config-interface)# ipv6 mtu <mtu>
tnsr(config-interface)# no ipv6 mtu [<mtu>]
tnsr(config-interface)# [no] ipv6 reassembly enable
tnsr(config-interface)# [no] ipv6 reassembly type (full|virtual)
tnsr(config-interface)# [no] ipv6 router-advertisements
tnsr(config-interface)# ipv6 tcp mss <mss-value> (Tx|Rx|TxRx)
tnsr(config-interface)# no ipv6 tcp mss [<mss-value> [Tx|Rx|TxRx]]
tnsr(config-interface)# [no] ipv6 vrrp-virtual-router <vrid>
tnsr(config-interface)# lldp port-name <port-name>
tnsr(config-interface)# lldp management ipv4 <ip-address>
tnsr(config-interface)# lldp management ipv6 <ipv6-address>
tnsr(config-interface)# lldp management oid <oid>
tnsr(config-interface)# map (disable|enable|translate)
tnsr(config-interface)# no map (enable|translate)
tnsr(config-interface)# mac-address <mac-address>
tnsr(config-interface)# mtu <mtu>
tnsr(config-interface)# no mtu [<mtu>]
tnsr(config-interface)# rx-mode (adaptive|interrupt|polling)
tnsr(config-interface)# no rx-mode
tnsr(config-interface)# rx-queue <queue_num> cpu <core-id>
tnsr(config-interface)# no rx-queue [<queue_num> [cpu <core-id>]]
tnsr(config-interface)# vlan tag-rewrite (disable|pop-1|pop-2)
tnsr(config-interface)# vlan tag-rewrite push-1 (dot1ad|dot1q) <tag1>
tnsr(config-interface)# vlan tag-rewrite push-2 (dot1ad|dot1q) <tag1> <tag2>
tnsr(config-interface)# vlan tag-rewrite (translate-1-1|translate-2-1) (dot1ad|dot1q) <tag1>
tnsr(config-interface)# vlan tag-rewrite (translate-1-2|translate-2-2) (dot1ad|dot1q) <tag1> <tag2>
tnsr(config-interface)# vrf <vrf-name>
Remove Interface¶
tnsr(config)# no interface <if-name>
Interface IPv6 RA Mode¶
Enter Interface IPv6 RA Mode¶
tnsr(config-interface)# ipv6 router-advertisements
tnsr(config-interface-ipv6-ra)#
Interface IPv6 RA Mode Commands¶
tnsr(config-interface-ipv6-ra)# [no] default-lifetime <seconds>
tnsr(config-interface-ipv6-ra)# [no] managed-flag (true|false)
tnsr(config-interface-ipv6-ra)# [no] max-rtr-adv-interval <seconds>
tnsr(config-interface-ipv6-ra)# [no] min-rtr-adv-interval <seconds>
tnsr(config-interface-ipv6-ra)# [no] other-config-flag (true|false)
tnsr(config-interface-ipv6-ra)# [no] prefix <ipv6-prefix>
tnsr(config-interface-ipv6-ra)# no prefix
tnsr(config-interface-ipv6-ra)# [no] send-advertisements (true|false)
Interface IPv6 RA Prefix Mode¶
Enter Interface IPv6 RA Prefix Mode¶
tnsr(config-interface-ipv6-ra)# prefix <ipv6-prefix>
tnsr(config-interface-ipv6-ra-prefix)#
Interface IPv6 RA Prefix Mode Commands¶
tnsr(config-interface-ipv6-ra-prefix)# [no] autonomous-flag (true|false)
tnsr(config-interface-ipv6-ra-prefix)# [no] no-advertise
tnsr(config-interface-ipv6-ra-prefix)# [no] on-link-flag (true|false)
tnsr(config-interface-ipv6-ra-prefix)# [no] preferred-lifetime <time-in-seconds>
tnsr(config-interface-ipv6-ra-prefix)# [no] valid-lifetime <time-in-seconds>
Loopback Mode¶
Enter Loopback Mode¶
tnsr(config)# interface loopback <loopback-name>
tnsr(config-loopback)#
Loopback Mode Commands¶
tnsr(config-loopback)# instance <u16>
tnsr(config-loopback)# mac-address <mac-addr>
tnsr(config-loopback)# description <rest>
Remove Loopback interface¶
tnsr(config)# no interface <loop<n>>
tnsr(config)# no interface loopback <loopback-name>
Bridge Mode¶
Enter Bridge Mode¶
tnsr(config)# interface bridge <bdi>
tnsr(config-bridge)#
Bridge Mode commands¶
tnsr(config-bridge)# [no] arp entry ip <ip-addr> mac <mac-addr>
tnsr(config-bridge)# [no] arp term
tnsr(config-bridge)# [no] description <text>
tnsr(config-bridge)# [no] flood
tnsr(config-bridge)# [no] forward
tnsr(config-bridge)# [no] learn
tnsr(config-bridge)# [no] mac-age <mins>
tnsr(config-bridge)# [no] rewrite
tnsr(config-bridge)# [no] uu-flood
Remove Bridge¶
tnsr(config)# no interface bridge <bdi>
NAT Commands in Configure Mode¶
tnsr(config)# [no] nat global-options nat44 forwarding (true|false)
tnsr(config)# [no] nat global-options timeouts (icmp|tcp_established|tcp_transitory|udp) <seconds>
tnsr(config)# [no] nat ipfix logging enable
tnsr(config)# [no] nat ipfix logging domain <domain-id>
tnsr(config)# [no] nat ipfix logging src-port <src-port>
tnsr(config)# [no] nat nat64 map <domain-name>
tnsr(config)# [no] nat nat64 map parameters
tnsr(config)# [no] nat pool address <ip-first> [- <ip-last>] [twice-nat] [route-table <rt-tbl-name>]
tnsr(config)# [no] nat pool interface <if-name> [twice-nat]
tnsr(config)# [no] nat static mapping (icmp|udp|tcp) local <ip-local> [<port-local>]
external (<ip-external>|<if-name>) [<port-external>]
[twice-nat] [out-to-in-only] [route-table <rt-tbl-name>]
Tap Mode¶
Enter Tap Mode¶
tnsr(config)# interface tap <tap-name>
tnsr(config-tap)#
Tap Mode commands¶
tnsr(config-tap)# [no] host bridge <bridge-name>
tnsr(config-tap)# [no] host ipv4 gateway <ipv4-addr>
tnsr(config-tap)# [no] host ipv4 prefix <ipv4-prefix>
tnsr(config-tap)# [no] host ipv6 gateway <ipv6-addr>
tnsr(config-tap)# [no] host ipv6 prefix <ipv6-prefix>
tnsr(config-tap)# [no] host mac-address <host-mac-address>
tnsr(config-tap)# [no] host name-space <netns>
tnsr(config-tap)# [no] instance <instance>
tnsr(config-tap)# [no] mac-address <mac-address>
tnsr(config-tap)# [no] rx-ring-size <size>
tnsr(config-tap)# [no] tx-ring-size <size>
Remove Tap¶
tnsr(config)# no interface tap <tap-name>
BFD Key Mode¶
Enter BFD Key Mode¶
tnsr(config)# bfd conf-key-id <conf-key-id>
tnsr(config-bfd-key)#
BFD Key Mode Commands¶
tnsr(config-bfd-key)# authentication type (keyed-sha1|meticulous-keyed-sha1)
tnsr(config-bfd-key)# secret < (<hex-pair>)[1-20] >
Remove BFD Key Configuration¶
tnsr(config)# no bfd conf-key-id <conf-key-id>
BFD Mode¶
Enter BFD Mode¶
tnsr(config)# bfd session <bfd-session>
tnsr(config-bfd)#
BFD Mode Commands¶
tnsr(config-bfd)# [no] bfd-key-id <bfd-key-id>
tnsr(config-bfd)# [no] conf-key-id <conf-key-id>
tnsr(config-bfd)# delayed (true|false)
tnsr(config-bfd)# desired-min-tx <microseconds>
tnsr(config-bfd)# detect-multiplier <n-packets>
tnsr(config-bfd)# disable
tnsr(config-bfd)# [no] enable (true|false)
tnsr(config-bfd)# interface <if-name>
tnsr(config-bfd)# local address <ip-address>
tnsr(config-bfd)# peer address <ip-address>
tnsr(config-bfd)# remote address <ip-address>
tnsr(config-bfd)# required-min-rx <microseconds>
Remove BFD Configuration¶
tnsr(config)# no bfd session <bfd-session>
Change BFD Admin State¶
tnsr# bfd session <bfd-session>
tnsr(config-bfd)# enable false
tnsr(config-bfd)# enable true
tnsr(config-bfd)#
Change BFD Authentication¶
tnsr(config)# bfd session <bfd-session>
tnsr(config-bfd)# bfd-key-id <bfd-key-id>
tnsr(config-bfd)# conf-key-id <conf-key-id>
tnsr(config-bfd)# delayed (true|false)
Host Interface Mode¶
Enter Host Interface Mode¶
tnsr(config)# host interface <if-name>
tnsr(config-host-if)#
Host Interface Mode Commands¶
tnsr(config-host-if)# [no] description <text>
tnsr(config-host-if)# disable
tnsr(config-host-if)# [no] enable
tnsr(config-host-if)# [no] ip address <ipv4-prefix>
tnsr(config-host-if)# [no] ip dhcp-client (enable|disable)
tnsr(config-host-if)# [no] ip dhcp-client hostname <name>
tnsr(config-host-if)# [no] ipv6 address <ipv6-prefix>
tnsr(config-host-if)# [no] ipv6 dhcp-client (enable|disable)
tnsr(config-host-if)# mtu <mtu-value>
Remove Host Interface¶
tnsr(config)# no host interface <if-name>
Host Route Table Mode¶
Enter Host Route Table Mode¶
tnsr(config)# host route table default
tnsr(config-host-route-table)#
Host Route Table Mode Commands¶
tnsr(config-host-route-table)# [no] description <text>
tnsr(config-host-route-table)# [no] interface <host-if>
Host Route Mode¶
Enter Host Route Mode¶
tnsr(config-host-route-table)# interface <host-if>
tnsr(config-host-route)#
Host Route Mode Commands¶
tnsr(config-host-route)# [no] route (<ip4-prefix>|<ip6-prefix>)
Remove Host Routes from Interface¶
tnsr(config-host-route-table)# no interface <host-if>
Host Route IPv4/IPv6 Mode¶
Enter Host Route IPv4/IPv6 Mode¶
tnsr(config-host-route)# route (<ip4-prefix>|<ip6-prefix>)
tnsr(config-host-route-ip46)#
Host Route IPv4/IPv6 Mode Commands¶
tnsr(config-host-route-ip46)# [no] advertised-receive-window <1..max>
tnsr(config-host-route-ip46)# [no] congestion-window <1..max>
tnsr(config-host-route-ip46)# [no] description <text>
tnsr(config-host-route-ip46)# [no] from <ipv[46]-addr>
tnsr(config-host-route-ip46)# [no] metric <1..max>
tnsr(config-host-route-ip46)# [no] mtu <1..max>
tnsr(config-host-route-ip46)# [no] on-link
tnsr(config-host-route-ip46)# [no] scope (global|link|host)
tnsr(config-host-route-ip46)# [no] table <1..max>
tnsr(config-host-route-ip46)# [no] type (unicast|anycast|blackhole|broadcast
|local|multicast|prohibit|throw|unreachable)
tnsr(config-host-route-ip46)# [no] via <gateway-ipv[46]-address>
Remove Host Route¶
tnsr(config-host-route)# no route (<ip4-prefix>|<ip6-prefix>)
IPsec Tunnel Mode¶
Enter IPsec Tunnel Mode¶
tnsr(config)# ipsec tunnel <tunnel-num>
tnsr(config-ipsec-tunnel)#
IPsec Tunnel Mode Commands¶
tnsr(config-ipsec-tunnel)# enable
tnsr(config-ipsec-tunnel)# disable
tnsr(config-ipsec-tunnel)# crypto config-type (ike|manual)
tnsr(config-ipsec-tunnel)# crypto (ike|manual)
tnsr(config-ipsec-tunnel)# [no] local-address <ip-address>
tnsr(config-ipsec-tunnel)# [no] remote-address (<ip-address>|<hostname>)
Remove IPsec Tunnel¶
tnsr(config)# no ipsec tunnel <tunnel-num>
IKE mode¶
Enter IKE mode¶
tnsr(config-ipsec-tunnel)# crypto ike
tnsr(config-ipsec-crypto-ike)#
IKE Mode Commands¶
tnsr(config-ipsec-crypto-ike)# [no] authentication (local|remote)
tnsr(config-ipsec-crypto-ike)# [no] child <name>
tnsr(config-ipsec-crypto-ike)# [no] dpd-interval <dpd-poll-interval>
tnsr(config-ipsec-crypto-ike)# [no] identity (local|remote)
tnsr(config-ipsec-crypto-ike)# [no] key-renewal (reauth|rekey)
tnsr(config-ipsec-crypto-ike)# lifetime <seconds>
tnsr(config-ipsec-crypto-ike)# no lifetime
tnsr(config-ipsec-crypto-ike)# [no] mobike
tnsr(config-ipsec-crypto-ike)# [no] proposal <number>
tnsr(config-ipsec-crypto-ike)# [no] remote-access address-pools (ipv4-range|ipv6-range) <first-addr> to <last-addr>
tnsr(config-ipsec-crypto-ike)# [no] remote-access address-pools radius
tnsr(config-ipsec-crypto-ike)# remote-access dns internal-domain <num> domain-name <domain-name>
tnsr(config-ipsec-crypto-ike)# [no] remote-access dns internal-domain <num> [domain-name <domain-name>]
tnsr(config-ipsec-crypto-ike)# remote-access dns resolver <num> address <address>
tnsr(config-ipsec-crypto-ike)# [no] remote-access dns resolver <num> [address <address>]
tnsr(config-ipsec-crypto-ike)# [no] udp-encapsulation
tnsr(config-ipsec-crypto-ike)# [no] unique-id-policy (keep|never|no|replace)
tnsr(config-ipsec-crypto-ike)# version (1|2)
tnsr(config-ipsec-crypto-ike)# no version
Remove IKE configuration¶
tnsr(config-ipsec-tunnel)# no crypto ike
IKE Peer Authentication Mode¶
Enter IKE Peer Authentication Mode¶
tnsr(config-ipsec-crypto-ike)# authentication (local|remote)
tnsr(config-ike-authentication)#
IKE Peer Authentication Mode Commands¶
tnsr(config-ike-authentication)# [no] round (1|2)
Remove IKE Peer Authentication Configuration¶
tnsr(config-ipsec-crypto-ike)# no authentication (local|remote)
IKE Peer Authentication Round Mode¶
Enter IKE Peer Authentication Round Mode¶
tnsr(config-ike-authentication)# round (1|2)
tnsr(config-ike-authentication-round)#
IKE Peer Authentication Round Mode Commands¶
tnsr(config-ike-authentication-round)# ca-certificate <ca-name>
tnsr(config-ike-authentication-round)# no ca-certificate
tnsr(config-ike-authentication-round)# certificate <cert-name>
tnsr(config-ike-authentication-round)# no certificate
tnsr(config-ike-authentication-round)# eap-tls-ca-certificate <ca-name>
tnsr(config-ike-authentication-round)# no eap-tls-ca-certificate
tnsr(config-ike-authentication-round)# [no] eap-radius
tnsr(config-ike-authentication-round)# psk <pre-shared-key>
tnsr(config-ike-authentication-round)# no psk
Remove IKE Peer Authentication Round Configuration¶
tnsr(config-ike-authentication)# no round (1|2)
IKE Child SA Mode¶
Enter IKE Child SA Mode¶
tnsr(config-ipsec-crypto-ike)# child <name>
tnsr(config-ike-child)#
IKE Child SA Mode Commands¶
tnsr(config-ike-child)# lifetime <seconds>
tnsr(config-ike-child)# no lifetime
tnsr(config-ike-child)# [no] proposal <number>
tnsr(config-ike-child)# [no] replay-window (0|64)
tnsr(config-ike-child)# [no] traffic-selector <num> local <prefix>
Remove IKE Child SA¶
tnsr(config-ipsec-crypto-ike)# no child <name>
IKE Child SA Proposal Mode¶
Enter IKE Child SA Proposal Mode¶
tnsr(config-ike-child)# proposal <number>
tnsr(config-ike-child-proposal)#
IKE Child SA Proposal Mode Commands¶
tnsr(config-ike-child-proposal)# encryption <crypto-algorithm>
tnsr(config-ike-child-proposal)# no encryption
tnsr(config-ike-child-proposal)# group <pfs-group>
tnsr(config-ike-child-proposal)# no group
tnsr(config-ike-child-proposal)# integrity <integrity-algorithm>
tnsr(config-ike-child-proposal)# no integrity
tnsr(config-ike-child-proposal)# sequence-number (esn|noesn)
tnsr(config-ike-child-proposal)# no sequence-number
Remove IKE Child SA Proposal¶
tnsr(config-ike-child)# no proposal <number>
IKE Peer Identity Mode¶
Enter IKE Peer Identity Mode¶
tnsr(config-ipsec-crypto-ike)# identity (local|remote)
tnsr(config-ike-identity)#
IKE Peer Identity Mode Commands¶
tnsr(config-ike-identity)# type (none|address|email|fqdn|dn|key-id)
tnsr(config-ike-identity)# no type
tnsr(config-ike-identity)# value <identity>
tnsr(config-ike-identity)# no value
Remove IKE Peer Identity Configuration¶
tnsr(config-ipsec-crypto-ike)# no identity (local|remote)
IKE Proposal Mode¶
Enter IKE Proposal Mode¶
tnsr(config-ipsec-crypto-ike)# proposal <number>
tnsr(config-ike-proposal)#
IKE Proposal Mode Commands¶
tnsr(config-ike-proposal)# encryption <crypto-algorithm>
tnsr(config-ike-proposal)# no encryption
tnsr(config-ike-proposal)# group <diffie-hellman-group>
tnsr(config-ike-proposal)# no group
tnsr(config-ike-proposal)# integrity <integrity-algorithm>
tnsr(config-ike-proposal)# no integrity
tnsr(config-ike-proposal)# prf <prf-algorithm>
tnsr(config-ike-proposal)# no prf
Remove IKE Proposal Configuration¶
tnsr(config-ipsec-crypto-ike)# no proposal <number>
Map Mode¶
Enter Map Mode¶
tnsr(config)# nat nat64 map <domain-name>
Map Mode Commands¶
tnsr(config-map)# [no] description <desc>
tnsr(config-map)# [no] embedded-address bit-length <ea-width>
tnsr(config-map)# [no] ipv4 prefix <ip4-prefix>
tnsr(config-map)# [no] ipv6 prefix <ip6-prefix>
tnsr(config-map)# [no] ipv6 source <ip6-src>
tnsr(config-map)# [no] mtu <mtu-val>
tnsr(config-map)# [no] port-set length <psid-length>
tnsr(config-map)# [no] port-set offset <psid-offset>
tnsr(config-map)# [no] rule port-set <psid> ipv6-destination <ip6-address>
Remove Map Entry¶
tnsr(config)# [no] nat nat64 map <domain-name>
Map Parameters Mode¶
Enter Map Parameters Mode¶
tnsr(config)# nat nat64 map parameters
Map Parameters Mode Commands¶
tnsr(config-map-param)# [no] fragment (inner|outer)
tnsr(config-map-param)# [no] fragment ignore-df
tnsr(config-map-param)# [no] icmp source-address <ipv4-address>
tnsr(config-map-param)# [no] icmp6 unreachable-msgs (disable|enable)
tnsr(config-map-param)# [no] pre-resolve (ipv4|ipv6) next-hop <ip46-address>
tnsr(config-map-param)# [no] security-check (disable|enable)
tnsr(config-map-param)# [no] security-check fragments (disable|enable)
tnsr(config-map-param)# [no] traffic-class copy (disable|enable)
tnsr(config-map-param)# [no] traffic-class tc <tc-value>
memif Mode¶
Enter memif Mode¶
tnsr(config)# interface memif socket <socket-id> interface <if-id>
tnsr(config-memif)#
memif mode Commands¶
tnsr(config-memif)# buffer-size <u16>
tnsr(config-memif)# mac-address <mac-addr>
tnsr(config-memif)# mode (ethernet|ip|punt/inject)
tnsr(config-memif)# ring-size <power-of-2>
tnsr(config-memif)# role server
tnsr(config-memif)# role client [rx-queues <u8>|tx-queues <u8>]
tnsr(config-memif)# secret <string-24>
Remove memif Interface¶
tnsr(config)# no interface memif socket <socket-id> interface <if-id>
Dynamic Routing Access List Mode¶
Enter Dynamic Routing Access List Mode¶
tnsr(config)# route dynamic access-list <access-list-name>
tnsr(config-access-list)#
Dynamic Routing Access List Mode Commands¶
tnsr(config-access-list)# [no] remark <text>
tnsr(config-access-list)# sequence <seq> (permit|deny) <ip-prefix>
tnsr(config-access-list)# no sequence <seq> [(permit|deny) [<ip-prefix>]]
Remove Dynamic Routing Access List¶
tnsr(config)# no route dynamic access-list <access-list-name>
Dynamic Routing Prefix List Mode¶
Enter Dynamic Routing Prefix List Mode¶
tnsr(config)# route dynamic prefix-list <pl-name>
tnsr(config-pref-list)#
Dynamic Routing Prefix List Mode Commands¶
tnsr(config-pref-list)# [no] descripton <text>
tnsr(config-pref-list)# sequence <seq> (permit|deny) <prefix> [ge <lower-bound>] [le <upper-bound>]
tnsr(config-pref-list)# no sequence <seq> [(permit|deny) <prefix> [ge <lower-bound>] [le <upper-bound>]]
Remove Dynamic Routing Prefix List¶
tnsr(config)# no route dynamic prefix-list <pl-name>
Dynamic Routing Route Map Mode¶
Enter Dynamic Routing Route Map¶
tnsr(config)# route dynamic route-map <route-map-name>
tnsr(config-route-map)#
Dynamic Routing Route Map Mode Commands¶
tnsr(config-route-map)# [no] description <string>
tnsr(config-route-map)# [no] sequence <number>
Remove Dynamic Routing Route Map¶
tnsr(config-route-map)# no route dynamic route-map <route-map-name>
Enter Dynamic Routing Route Map Rule Mode¶
tnsr(config-route-map)# sequence <number>
tnsr(config-route-map-rule)#
Dynamic Routing Route Map Rule Mode Commands¶
tnsr(config-route-map-rule)# [no] description <string>
tnsr(config-route-map-rule)# [no] policy (deny|permit)
tnsr(config-route-map-rule)# [no] match as-path <as-path-name>
tnsr(config-route-map-rule)# [no] match community <comm-list-name> [exact-match]
tnsr(config-route-map-rule)# [no] match extcommunity <extcomm-list-name>
tnsr(config-route-map-rule)# [no] match interface <if-name>
tnsr(config-route-map-rule)# [no] match ip address access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ip address prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match ip next-hop access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ip next-hop <ipv4-address>
tnsr(config-route-map-rule)# [no] match ip next-hop prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match ipv6 address access-list <access-list-name>
tnsr(config-route-map-rule)# [no] match ipv6 address prefix-list <prefix-list-name>
tnsr(config-route-map-rule)# [no] match large-community <large-comm-list-name>
tnsr(config-route-map-rule)# [no] match local-preference <preference-uint32>
tnsr(config-route-map-rule)# [no] match metric <metric-uint32>
tnsr(config-route-map-rule)# [no] match origin (egp|igp|incomplete)
tnsr(config-route-map-rule)# [no] match peer <peer-ip-address>
tnsr(config-route-map-rule)# [no] match probability <percent>
tnsr(config-route-map-rule)# [no] match rpki (invalid|notfound|valid)
tnsr(config-route-map-rule)# [no] match source-protocol <src-protocol>
tnsr(config-route-map-rule)# [no] match tag <value-(1-4294967295)>
tnsr(config-route-map-rule)# [no] set aggregator as <asn> ip address <ipv4-address>
tnsr(config-route-map-rule)# [no] set as-path exclude <as-number> [<as-number> [...]]
tnsr(config-route-map-rule)# [no] set as-path prepend <as-number> [<as-number> [...]]
tnsr(config-route-map-rule)# [no] set as-path prepend last-as <asn>
tnsr(config-route-map-rule)# [no] set atomic-aggregate
tnsr(config-route-map-rule)# [no] set community none
tnsr(config-route-map-rule)# [no] set community <community-value> [additive]
tnsr(config-route-map-rule)# [no] set comm-list <community-list-name> delete
tnsr(config-route-map-rule)# [no] set extcommunity (rt|soo) <extcommunity-value>
tnsr(config-route-map-rule)# [no] set forwarding-address <ipv6-address>
tnsr(config-route-map-rule)# [no] set ip next-hop <ipv4-address>|peer-address|unchanged
tnsr(config-route-map-rule)# [no] set ipv4 vpn next-hop (<ipv4-address>|<ipv6-address>)
tnsr(config-route-map-rule)# [no] set ipv6 next-hop global <ipv6-address>
tnsr(config-route-map-rule)# [no] set ipv6 next-hop local <ipv6-address>
tnsr(config-route-map-rule)# [no] set ipv6 next-hop peer-address
tnsr(config-route-map-rule)# [no] set ipv6 next-hop prefer-global
tnsr(config-route-map-rule)# [no] set ipv6 vpn next-hop (<ipv4-address>|<ipv6-address>)
tnsr(config-route-map-rule)# [no] set large-community none
tnsr(config-route-map-rule)# [no] set large-community <large-community-value> [additive]
tnsr(config-route-map-rule)# [no] set large-comm-list <large-comm-list-name> delete
tnsr(config-route-map-rule)# [no] set local-preference <preference>
tnsr(config-route-map-rule)# [no] set metric [+]<metric-uint32>
tnsr(config-route-map-rule)# [no] set metric-type (type-1|type-2)
tnsr(config-route-map-rule)# [no] set origin (egp|igp|unknown)
tnsr(config-route-map-rule)# [no] set originator <ipv4-addr>
tnsr(config-route-map-rule)# [no] set src <ip-address>
tnsr(config-route-map-rule)# [no] set tag <tag-(1-4294967295)>
tnsr(config-route-map-rule)# [no] set weight <weight>
tnsr(config-route-map-rule)# [no] call <rt-map-name>
tnsr(config-route-map-rule)# [no] on-match next
tnsr(config-route-map-rule)# [no] on-match goto <sequence>
Remove Dynamic Routing Route Map Rule¶
tnsr(config-route-map-rule)# no sequence <sequence>
Dynamic Routing BGP Mode¶
Enter Dynamic Routing BGP Mode¶
tnsr(config)# route dynamic bgp
tnsr(config-frr-bgp)#
Dynamic Routing BGP Mode Commands¶
tnsr(config-frr-bgp)# [no] as-path <as-path-name>
tnsr(config-frr-bgp)# [no] community-list <comm-list-name> (standard|expanded)
[extended|large]
tnsr(config-frr-bgp)# disable
tnsr(config-frr-bgp)# [no] enable
tnsr(config-frr-bgp)# [no] option debug (nht|update-groups)
tnsr(config-frr-bgp)# [no] option debug as4 [segment]
tnsr(config-frr-bgp)# [no] option debug bestpath <ipv6-prefix>
tnsr(config-frr-bgp)# [no] option debug keepalive [<peer>]
tnsr(config-frr-bgp)# [no] option debug neighbor-events [<peer>]
tnsr(config-frr-bgp)# [no] option debug updates
[in <peer>|out <peer>|prefix (<ipv4-prefix>|<ipv6-prefix>)]
tnsr(config-frr-bgp)# [no] option debug zebra [prefix (<ipv4-prefix>|<ipv6-prefix>)]
tnsr(config-frr-bgp)# [no] route-map delay-timer <interval-sec>
tnsr(config-frr-bgp)# [no] rpki
tnsr(config-frr-bgp)# [no] server vrf <vrf-name>
tnsr(config-frr-bgp)# session clear [vrf <vrf-name>] (*|<peer>|<asn>) [soft]
Dynamic Routing BGP Server Mode¶
Enter Dynamic Routing BGP Server Mode¶
tnsr(config-frr-bgp)# server vrf <vrf-name>
tnsr(config-bgp)#
Dynamic Routing BGP Server Mode Commands¶
tnsr(config-bgp)# [no] address-family (ipv4|ipv6) (unicast|multicast)
tnsr(config-bgp)# [no] allow-martian-nexthop
tnsr(config-bgp)# [no] always-compare-med
tnsr(config-bgp)# [no] as-number <asn>
tnsr(config-bgp)# [no] bestpath as-path (confed|ignore|multipath-relax|as-set|no-as-set)
tnsr(config-bgp)# [no] bestpath compare-routerid
tnsr(config-bgp)# [no] bestpath med [confed|missing-as-worst]
tnsr(config-bgp)# [no] client-to-client reflection
tnsr(config-bgp)# [no] cluster-id (<ipv4>|<value>)
tnsr(config-bgp)# [no] coalesce-time <value>
tnsr(config-bgp)# [no] confederation identifier <asn>
tnsr(config-bgp)# [no] confederation peer <asn>
tnsr(config-bgp)# [no] dampening [penalty <value> [reuse <value> [suppress <value>
[maximum <value>]]]]
tnsr(config-bgp)# [no] deterministic-med
tnsr(config-bgp)# [no] disable-ebgp-connected-route-check
tnsr(config-bgp)# [no] ebgp-requires-policy
tnsr(config-bgp)# [no] graceful-restart (enable|helper|disable)
tnsr(config-bgp)# [no] graceful-restart notification
tnsr(config-bgp)# [no] graceful-restart preserve-fw-state
tnsr(config-bgp)# [no] graceful-restart restart-time <value>
tnsr(config-bgp)# [no] graceful-restart rib-stale-time <value>
tnsr(config-bgp)# [no] graceful-restart select-defer-time <value>
tnsr(config-bgp)# [no] graceful-restart stalepath-time <value>
tnsr(config-bgp)# [no] ipv4-unicast-enabled
tnsr(config-bgp)# [no] listen limit <value>
tnsr(config-bgp)# [no] listen range (<ip4-prefix>|<ip6-prefx>) peer-group <peer-group-name>
tnsr(config-bgp)# [no] log-neighbor-changes
tnsr(config-bgp)# [no] long-lived-graceful-restart-stale-time <value>
tnsr(config-bgp)# [no] max-med administrative [<med>]
tnsr(config-bgp)# [no] max-med on-startup period <seconds> [<med>]
tnsr(config-bgp)# [no] neighbor <peer>
tnsr(config-bgp)# [no] network import-check
tnsr(config-bgp)# [no] route-reflector allow-outbound-policy
tnsr(config-bgp)# [no] router-id <router-id>
tnsr(config-bgp)# [no] timers keep-alive <interval> hold-time <hold-time>
tnsr(config-bgp)# [no] update-delay <delay>
tnsr(config-bgp)# [no] write-quanta <packets>
Remove Dynamic Routing BGP Server¶
tnsr(config-frr-bgp)# no server vrf <vrf-name>
Dynamic Routing BGP Neighbor Mode¶
Enter Dynamic Routing BGP Neighbor Mode¶
tnsr(config-bgp)# neighbor <peer>
tnsr(config-bgp-neighbor)#
Dynamic Routing BGP Neighbor Mode Commands¶
tnsr(config-bgp-neighbor)# [no] advertisement-interval <interval>
tnsr(config-bgp-neighbor)# [no] bfd enabled (true|false)
tnsr(config-bgp-neighbor)# [no] capability (dynamic|extended-nexthop)
tnsr(config-bgp-neighbor)# [no] description <string>
tnsr(config-bgp-neighbor)# disable
tnsr(config-bgp-neighbor)# [no] disable-connected-check
tnsr(config-bgp-neighbor)# [no] dont-capability-negotiate
tnsr(config-bgp-neighbor)# [no] ebgp-multihop [hop-maximum <hops>]
tnsr(config-bgp-neighbor)# [no] enable
tnsr(config-bgp-neighbor)# [no] enforce-first-as
tnsr(config-bgp-neighbor)# [no] graceful-restart (enable|helper|disable)
tnsr(config-bgp-neighbor)# [no] local-as <asn> [no-prepend [replace-as]]
tnsr(config-bgp-neighbor)# [no] override-capability
tnsr(config-bgp-neighbor)# [no] passive
tnsr(config-bgp-neighbor)# [no] password <line>
tnsr(config-bgp-neighbor)# [no] peer-group [<peer-group-name>]
tnsr(config-bgp-neighbor)# [no] port <port>
tnsr(config-bgp-neighbor)# [no] remote-as <asn>
tnsr(config-bgp-neighbor)# [no] solo
tnsr(config-bgp-neighbor)# [no] strict-capability-match
tnsr(config-bgp-neighbor)# [no] timers keepalive <interval> holdtime <hold>
tnsr(config-bgp-neighbor)# [no] timers connect <seconds>
tnsr(config-bgp-neighbor)# [no] ttl-security hops <hops>
tnsr(config-bgp-neighbor)# [no] update-source (<if-name>|<ip-address>)
Remove Dynamic Routing BGP Neighbor¶
tnsr(config-bgp)# no neighbor <peer>
Dynamic Routing BGP Address Family Mode¶
Enter Dynamic Routing BGP Address Family Mode¶
tnsr(config-bgp)# address-family ipv4 unicast
tnsr(config-bgp-ip4uni)#
tnsr(config-bgp)# address-family ipv4 multicast
tnsr(config-bgp-ip4multi)#
tnsr(config-bgp)# address-family ipv6 unicast
tnsr(config-bgp-ip6uni)#
tnsr(config-bgp)# address-family ipv6 multicast
tnsr(config-bgp-ip6multi)#
Dynamic Routing BGP IPv4 Unicast Address Family Mode Commands¶
tnsr(config-bgp-ip4uni)# [no] aggregate-address <ipv4-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip4uni)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip4uni)# [no] distance administrative <dist> prefix <ipv4-prefix>
[access-list <access-list-name>]
tnsr(config-bgp-ip4uni)# [no] import vrf (<route-table-name>|route-map <route-map-name>)
tnsr(config-bgp-ip4uni)# [no] maximum-paths <non-ibgp-paths> [igbp <ibgp-paths>
[equal-cluster-length]]
tnsr(config-bgp-ip4uni)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip4uni)# [no] network <ipv4-prefix> [route-map <route-map>]
tnsr(config-bgp-ip4uni)# [no] redistribute <route-source> [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip4uni)# [no] redistribute ospf [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip4uni)# [no] table-map <route-map-name>
Dynamic Routing BGP IPv4 Multicast Address Family Mode Commands¶
tnsr(config-bgp-ip4multi)# [no] aggregate-address <ipv4-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip4multi)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip4multi)# [no] distance administrative <dist> prefix <ipv4-prefix>
[access-list <access-list-name>]
tnsr(config-bgp-ip4multi)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip4multi)# [no] network <ipv4-prefix> [route-map <route-map>]
tnsr(config-bgp-ip4multi)# [no] table-map <route-map-name>
Dynamic Routing BGP IPv6 Unicast Address Family Mode Commands¶
tnsr(config-bgp-ip6uni)# [no] aggregate-address <ipv6-prefix> [as-set] [summary-only]
tnsr(config-bgp-ip6uni)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip6uni)# [no] distance administrative <dist> prefix <ipv6-prefix>
[access-list <access-list-name>]
tnsr(config-bgp-ip6uni)# [no] import vrf (<route-table-name>|route-map <route-map-name>)
tnsr(config-bgp-ip6uni)# [no] maximum-paths <non-ibgp-paths> [igbp <ibgp-paths>
[equal-cluster-length]]
tnsr(config-bgp-ip6uni)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip6uni)# [no] network <ipv6-prefix> [route-map <route-map>]
tnsr(config-bgp-ip6uni)# [no] redistribute <route-source> [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip6uni)# [no] redistribute ospf [metric <val>|route-map <route-map-name>]
tnsr(config-bgp-ip6uni)# [no] table-map <route-map-name>
Dynamic Routing BGP IPv6 Multicast Address Family Mode Commands¶
tnsr(config-bgp-ip6multi)# [no] distance external <extern> internal <intern> local <local>
tnsr(config-bgp-ip6multi)# [no] distance administrative <dist> prefix <ipv6-prefix>
access-list <access-list-name>
tnsr(config-bgp-ip6multi)# [no] neighbor <existing-neighbor>
tnsr(config-bgp-ip6multi)# [no] network <ipv6-prefix> [route-map <route-map>]
Remove Dynamic Routing BGP Address Family¶
tnsr(config-bgp)# no address-family (ipv4|ipv6) (unicast|multicast)
Dynamic Routing BGP Address Family Neighbor Mode¶
Note
Though the samples below indicate IPv4 unicast, the same syntax is used for all address families.
Enter Dynamic Routing BGP Address Family Neighbor Mode¶
tnsr(config-bgp-ip4uni)# neighbor <existing-neighbor>
tnsr(config-bgp-ip4uni-nbr)#
Dynamic Routing BGP Address Family Neighbor Mode Commands¶
tnsr(config-bgp-ip4uni-nbr)# [no] activate
tnsr(config-bgp-ip4uni-nbr)# [no] addpath-tx-all-paths
tnsr(config-bgp-ip4uni-nbr)# [no] addpath-tx-bestpath-per-as
tnsr(config-bgp-ip4uni-nbr)# [no] allowas-in [<occurrence>|origin]
tnsr(config-bgp-ip4uni-nbr)# [no] as-override
tnsr(config-bgp-ip4uni-nbr)# [no] attribute-unchanged [as-path|next-hop|med]
tnsr(config-bgp-ip4uni-nbr)# [no] capability orf prefix-list (send|receive|both)
tnsr(config-bgp-ip4uni-nbr)# [no] default-originate [route-map <route-map>]
tnsr(config-bgp-ip4uni-nbr)# [no] distribute-list <access-list-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] filter-list <aspath-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix limit <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix restart <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix threshold <val>
tnsr(config-bgp-ip4uni-nbr)# [no] maximum-prefix warning-only
tnsr(config-bgp-ip4uni-nbr)# [no] next-hop-self [force]
tnsr(config-bgp-ip4uni-nbr)# [no] prefix-list <prefix-list-name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] remove-private-AS [all] [replace-AS]
tnsr(config-bgp-ip4uni-nbr)# [no] route-map <name> (in|out)
tnsr(config-bgp-ip4uni-nbr)# [no] route-reflector-client
tnsr(config-bgp-ip4uni-nbr)# [no] route-server-client
tnsr(config-bgp-ip4uni-nbr)# [no] send-community (standard|large|extended)
tnsr(config-bgp-ip4uni-nbr)# [no] soft-reconfiguration inbound
tnsr(config-bgp-ip4uni-nbr)# [no] unsuppress-map <route-map>
tnsr(config-bgp-ip4uni-nbr)# [no] weight <weight>
Remove Dynamic Routing BGP Address Family Neighbor¶
tnsr(config-bgp-ip4uni)# no neighbor <existing-neighbor>
Dynamic Routing BGP Community List Mode¶
Enter Dynamic Routing BGP Community List Mode¶
tnsr(config-frr-bgp)# community-list <name> (standard|expanded) [normal|extended|large]
tnsr(config-community-list)#
Dynamic Routing BGP Community List Mode Commands¶
tnsr(config-community-list)# description <text>
tnsr(config-community-list)# sequence <seq> (permit|deny) <community-value>
tnsr(config-community-list)# sequence <seq> (permit|deny) (rt|soo) <extcommunity-value>
tnsr(config-community-list)# no description [<text>]
tnsr(config-community-list)# no sequence <seq> [(permit|deny) [(rt|soo)] [<community-value>]]
Remove Dynamic Routing BGP Community List¶
tnsr(config-frr-bgp)# no community-list <name> (standard|expanded) [extended|large]
Dynamic Routing BGP AS Path Mode¶
Enter Dynamic Routing BGP AS Path Mode¶
tnsr(config-frr-bgp)# as-path <as-path-name>
tnsr(config-aspath)#
Dynamic Routing BGP AS Path Mode Commands¶
tnsr(config-aspath)# [no] rule <seq> (permit|deny) <pattern>
Remove Dynamic Routing BGP AS Path¶
tnsr(config-frr-bgp)# no as-path <as-path-name>
Dynamic Routing BGP RPKI Mode¶
Enter Dynamic Routing BGP RPKI Mode¶
tnsr(config-frr-bgp)# rpki
tnsr(config-rpki)#
Dynamic Routing BGP RPKI Mode Commands¶
tnsr(config-rpki)# cache (ssh|tcp) <host> port <port-val>
tnsr(config-rpki)# no cache [(ssh|tcp) <host> port <port-val>]
tnsr(config-rpki)# expire-interval <interval>
tnsr(config-rpki)# no expire-interval [<interval>]
tnsr(config-rpki)# polling-period <period>
tnsr(config-rpki)# no polling-period [<period>]
tnsr(config-rpki)# retry-interval <interval>
tnsr(config-rpki)# no retry-interval [<interval>]
Remove Dynamic Routing BGP RPKI Mode¶
tnsr(config-frr-bgp)# no rpki
Dynamic Routing BGP RPKI SSH Mode¶
Enter Dynamic Routing BGP RPKI SSH Mode¶
tnsr(config-rpki)# cache ssh <host> port <port-val>
tnsr(config-rpki-ssh)#
Dynamic Routing BGP RPKI SSH Mode Commands¶
tnsr(config-rpki-ssh)# preference <pref>
tnsr(config-rpki-ssh)# no preference [<pref>]
tnsr(config-rpki-ssh)# private-key <key-ref>
tnsr(config-rpki-ssh)# no private-key [<key-ref>]
tnsr(config-rpki-ssh)# server-public-key <key-ref>
tnsr(config-rpki-ssh)# no server-public-key [<key-ref>]
tnsr(config-rpki-ssh)# source <ip4addr>
tnsr(config-rpki-ssh)# no source [<ip4addr>]
tnsr(config-rpki-ssh)# user-name <name>
tnsr(config-rpki-ssh)# no user-name [<name>]
Dynamic Routing BGP RPKI TCP Mode¶
Enter Dynamic Routing BGP RPKI TCP Mode¶
tnsr(config-rpki)# cache tcp <host> port <port-val>
tnsr(config-rpki-tcp)#
Dynamic Routing BGP RPKI TCP Mode Commands¶
tnsr(config-rpki-tcp)# preference <pref>
tnsr(config-rpki-tcp)# no preference [<pref>]
Dynamic Routing OSPF Mode¶
Enter Dynamic Routing OSPF Mode¶
tnsr(config)# route dynamic ospf
tnsr(config-frr-ospf)#
OSPF Mode Commands¶
tnsr(config-frr-ospf)# [no] enable
tnsr(config-frr-ospf)# disable
tnsr(config-frr-ospf)# [no] debug (event|nssa|sr|te)
tnsr(config-frr-ospf)# [no] debug (ism|nsm) (events|status|timers)
tnsr(config-frr-ospf)# [no] debug lsa (flooding|generate|install|refresh)
tnsr(config-frr-ospf)# [no] debug packet (dd|hello|ls-acknowledgment|ls-request|ls-update)
(send|recv) [detail]
tnsr(config-frr-ospf)# [no] debug zebra (interface|redistribute)
tnsr(config-frr-ospf)# [no] interface <if-name>
tnsr(config-frr-ospf)# [no] server vrf <vrf-name>
Dynamic Routing OSPF Server Mode¶
Entering OSPF Server Mode¶
tnsr(config-frr-ospf)# server vrf <vrf-name>
tnsr(config-ospf)#
OSPF Server Mode Commands¶
tnsr(config-ospf)# [no] area <area-id>
tnsr(config-ospf)# [no] auto-cost reference-bandwidth <bw>
tnsr(config-ospf)# [no] capability opaque-lsa
tnsr(config-ospf)# [no] compatible rfc-1583-compatibility
tnsr(config-ospf)# [no] default-information originate
[(always|metric <val>|type (1|2)|route-map <map>)]
tnsr(config-ospf)# [no] default-metric <val>
tnsr(config-ospf)# [no] distance [(external|inter-area|intra-area)] <dist>
tnsr(config-ospf)# [no] distribution-list out
(bgp|connected|kernel)
access-list <name>
tnsr(config-ospf)# [no] log-adjacency-changes [detail]
tnsr(config-ospf)# [no] max-metric router-lsa (on-shutdown|on-startup) <seconds>
tnsr(config-ospf)# [no] neighbor <ip4-address> [(poll-interval <interval>|priority <prio>)]
tnsr(config-ospf)# [no] ospf abr-type (cisco|ibm|shortcut|standard)
tnsr(config-ospf)# [no] ospf router-id <router-id>
tnsr(config-ospf)# [no] ospf write-multiplier <write>
tnsr(config-ospf)# [no] passive-interface <if-name> [<ip4-address>]
tnsr(config-ospf)# [no] pce address
(<ip4-address>|domain <asn>|flags <bits>|neighbor <asn>|scope <bits>)
tnsr(config-ospf)# [no] redistribute
(bgp|connected|kernel)
[(metric <val>|route-map <map>|type <type>)]
tnsr(config-ospf)# [no] refresh timer <time>
tnsr(config-ospf)# [no] router-info as
tnsr(config-ospf)# [no] timers lsa min-arrival <min>
tnsr(config-ospf)# [no] timers throttle lsa all <delay>
tnsr(config-ospf)# [no] timers throttle spf (delay|initial-hold|maximum-hold) <val>
Remove OSPF Server Configuration¶
tnsr(config-frr-ospf)# no server
Dynamic Routing OSPF Interface Mode¶
Enter Dynamic Routing OSPF Interface Mode¶
tnsr(config-frr-ospf)# interface <if-name>
tnsr(config-ospf-if)#
Dynamic Routing OSPF Interface Mode Commands¶
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) area <area-id>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) authentication [message-digest|null]
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) authentication-key <key>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) cost <link-cost>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) dead-interval minimal hello <multiplier>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) dead-interval <time>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) hello-interval <interval>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) message-digest-key key-id <id>
md5-key <key>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) mtu-ignore
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) retransmit-interval <interval>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) priority <priority>
tnsr(config-ospf-if)# [no] ip address (*|<ip4-address>) transmit-delay <delay>
tnsr(config-ospf-if)# [no] ip bfd enabled (true|false)
tnsr(config-ospf-if)# [no] ip network
(broadcast|non-broadcast|point-to-multipoint|point-to-point)
Remove Dynamic Routing OSPF Interface¶
tnsr(config-ospf)# no interface <if-name>
Dynamic Routing OSPF Area Mode¶
Enter Dynamic Routing OSPF Area Mode¶
tnsr(config-ospf)# area <area-id>
tnsr(config-ospf-area)#
Dynamic Routing OSPF Area Mode Commands¶
tnsr(config-ospf-area)# authentication [message-digest]
tnsr(config-ospf-area)# default-cost <cost>
tnsr(config-ospf-area)# export-list <acl-name>
tnsr(config-ospf-area)# filter-list (in|out) prefix-list <prefix-list-name>
tnsr(config-ospf-area)# import-list <acl-name>
tnsr(config-ospf-area)# nssa [(no-summary|translate (always|candidate|never))]
tnsr(config-ospf-area)# range <prefix> [cost <val>|not-advertise|substitute <sub-prefix>]
tnsr(config-ospf-area)# shortcut (default|disable|enable)
tnsr(config-ospf-area)# stub [no-summary]
tnsr(config-ospf-area)# virtual-link <router-id>
Remove Dynamic Routing OSPF Area¶
tnsr(config-ospf)# no area <area-id>
Dynamic Routing OSPF6 Mode¶
Enter Dynamic Routing OSPF6 Mode¶
tnsr(config)# route dynamic ospf6
tnsr(config-frr-ospf6)#
OSPF6 Mode Commands¶
tnsr(config-frr-ospf6)# [no] enable
tnsr(config-frr-ospf6)# disable
tnsr(config-frr-ospf6)# [no] debug (abr|asbr|flooding|interface)
tnsr(config-frr-ospf6)# [no] debug border-routers (area <area-id>|router <router-id>)
tnsr(config-frr-ospf6)# [no] debug lsa (as-external|inter-prefix|inter-router|intra-prefix|link|network|router|unknown) [(examine|flooding|originate)]
tnsr(config-frr-ospf6)# [no] debug message (dd|hello|ls-acknowledgment|ls-request|ls-update|unknown) (recv|send)
tnsr(config-frr-ospf6)# [no] debug neighbor [(event|state)]
tnsr(config-frr-ospf6)# [no] debug route [(inter-area|intra-area|memory|table)]
tnsr(config-frr-ospf6)# [no] debug spf (database|process|time)
tnsr(config-frr-ospf6)# [no] debug zebra [(recv|send)]
tnsr(config-frr-ospf6)# [no] interface <if-name>
tnsr(config-frr-ospf6)# [no] server vrf <vrf-name>
Dynamic Routing OSPF6 Server Mode¶
Entering OSPF6 Server Mode¶
tnsr(config-frr-ospf6)# server vrf <vrf-name>
tnsr(config-ospf6)#
OSPF6 Server Mode Commands¶
tnsr(config-ospf6)# [no] area <area-id>
tnsr(config-ospf6)# [no] auto-cost reference-bandwidth <bw>
tnsr(config-ospf6)# [no] default-information originate
[(always|metric <val>|metric-type (1|2)|route-map <map>)]
tnsr(config-ospf6)# [no] distance [(external|inter-area|intra-area)] <dist>
tnsr(config-ospf6)# [no] interface <if-name> area <area-id>
tnsr(config-ospf6)# [no] log-adjacency-changes [detail]
tnsr(config-ospf6)# [no] ospf6 router-id <router-id>
tnsr(config-ospf6)# [no] redistribute
(bgp|connected|kernel) [route-map <map>]
tnsr(config-ospf6)# [no] stub-router administrative
tnsr(config-ospf6)# [no] timers lsa min-arrival <min>
tnsr(config-ospf6)# [no] timers throttle spf (delay|initial-hold|maximum-hold) <val>
Remove OSPF6 Server Configuration¶
tnsr(config-frr-ospf6)# no server
Dynamic Routing OSPF6 Interface Mode¶
Enter Dynamic Routing OSPF6 Interface Mode¶
tnsr(config-frr-ospf6)# interface <if-name>
tnsr(config-ospf6-if)#
Dynamic Routing OSPF6 Interface Mode Commands¶
tnsr(config-ospf6-if)# [no] advertise prefix-list <name>
tnsr(config-ospf6-if)# [no] bfd enabled (true|false)
tnsr(config-ospf6-if)# [no] cost outgoing <outgoing-cost>
tnsr(config-ospf6-if)# [no] dead-interval <time>
tnsr(config-ospf6-if)# [no] hello-interval <interval>
tnsr(config-ospf6-if)# [no] instance-id <value>
tnsr(config-ospf6-if)# [no] mtu <value>
tnsr(config-ospf6-if)# [no] mtu-ignore
tnsr(config-ospf6-if)# [no] network (broadcast|point-to-point)
tnsr(config-ospf6-if)# [no] passive
tnsr(config-ospf6-if)# [no] priority <priority>
tnsr(config-ospf6-if)# [no] retransmit-interval <interval>
tnsr(config-ospf6-if)# [no] transmit-delay <delay>
Remove Dynamic Routing OSPF6 Interface¶
tnsr(config-ospf6)# no interface <if-name>
Dynamic Routing OSPF6 Area Mode¶
Enter Dynamic Routing OSPF6 Area Mode¶
tnsr(config-ospf6)# area <area-id>
tnsr(config-ospf6-area)#
Dynamic Routing OSPF6 Area Mode Commands¶
tnsr(config-ospf6-area)# range <prefix> [cost <val>|not-advertise]
tnsr(config-ospf6-area)# stub [no-summary]
Remove Dynamic Routing OSPF6 Area¶
tnsr(config-ospf6)# no area <area-id>
Dynamic Routing RIP Mode¶
Enter Dynamic Routing RIP Mode¶
tnsr(config)# route dynamic rip
tnsr(config-frr-rip)#
RIP Mode Commands¶
tnsr(config-frr-rip)# [no] enable
tnsr(config-frr-rip)# disable
tnsr(config-frr-rip)# [no] debug (events|zebra)
tnsr(config-frr-rip)# [no] debug packet (send|recv)
tnsr(config-frr-rip)# [no] key-chain <name>
tnsr(config-frr-rip)# [no] interface <if-name>
tnsr(config-frr-rip)# [no] server vrf <vrf-name>
Dynamic Routing RIP Server Mode¶
Entering RIP Server Mode¶
tnsr(config-frr-rip)# server vrf <vrf-name>
tnsr(config-rip)#
RIP Server Mode Commands¶
tnsr(config-rip)# [no] allow-ecmp
tnsr(config-rip)# [no] default-information originate
tnsr(config-rip)# [no] distance default <value>
tnsr(config-rip)# [no] distance <prefix> distance <value> [access-list <acl-name>]
tnsr(config-rip)# [no] distribution-list interface (*|<if-name>)
(access-list|prefix-list) (in|out) <name>
tnsr(config-rip)# [no] neighbor <ip4-address>
tnsr(config-rip)# [no] network (interface <if-name>|prefix <prefix>)
tnsr(config-rip)# [no] offset-list (*|<if-name>) (in|out) <acl-name> metric <metric>
tnsr(config-rip)# [no] passive-interface (default|<if-name>) [<ip4-address>]
tnsr(config-rip)# [no] redistribute (bgp|connected|kernel|ospf)
[(metric <value>|route-map <name>)]
tnsr(config-rip)# [no] route prefix <ip4-prefix>
tnsr(config-rip)# [no] route-map-filter interface (default|<if-name>) (in|out) route-map <name>
tnsr(config-rip)# [no] timers (garbage-collection|table-update|timeout) <value>
tnsr(config-rip)# [no] version (1|2)
Remove RIP Server Configuration¶
tnsr(config-frr-rip)# no server
Dynamic Routing RIP Interface Mode¶
Enter Dynamic Routing RIP Interface Mode¶
tnsr(config-rip)# interface <if-name>
tnsr(config-rip-if)#
Dynamic Routing RIP Interface Mode Commands¶
tnsr(config-rip-if)# [no] authentication key-chain
tnsr(config-rip-if)# [no] authentication mode (md5|text) [auth-length (old-ripd|rfc)]
tnsr(config-rip-if)# [no] authentication string <auth-string>
tnsr(config-rip-if)# [no] receive version (1|2|both)
tnsr(config-rip-if)# [no] send version (1|2|both)
tnsr(config-rip-if)# [no] split-horizon [poisoned-reverse]
tnsr(config-rip-if)# [no] v2-broadcast
Remove Dynamic Routing RIP Interface¶
tnsr(config-rip)# no interface <if-name>
Dynamic Routing RIP Key Chain Mode¶
Enter Dynamic Routing RIP Key Chain Mode¶
tnsr(config-rip)# key-chain <name>
tnsr(config-rip-key-chain)#
Dynamic Routing RIP Key Chain Mode Commands¶
tnsr(config-rip-key-chain)# [no] key <key-id> string <key-string>
Remove Dynamic Routing RIP Key Chain¶
tnsr(config-rip)# no key-chain <name>
Dynamic Routing Manager Mode¶
Enter Dynamic Routing Manager Mode¶
tnsr(config)# route dynamic manager
tnsr(config-route-dynamic-manager)#
Dynamic Routing Manager Mode Commands¶
tnsr(config-route-dynamic-manager)# [no] debug (events|fpm|nht)
tnsr(config-route-dynamic-manager)# [no] debug kernel [msgdump [send|receive]]
tnsr(config-route-dynamic-manager)# [no] debug packet [send|receive] [detail]
tnsr(config-route-dynamic-manager)# [no] debug rib [detail]
tnsr(config-route-dynamic-manager)# [no] (ipv4|ipv6) nht resolve-via-default
tnsr(config-route-dynamic-manager)# [no] log file <filename> [<level>]
tnsr(config-route-dynamic-manager)# [no] log syslog [<level>]
Route Table Mode¶
Enter Route Table Mode¶
tnsr(config)# route table <name>
tnsr(config-route-table)#
Route Table Mode Commands¶
tnsr(config-route-table)# [no] description <rest-of-line>
tnsr(config-route-table)# [no] id <n>
tnsr(config-route-table)# [no] route <destination-prefix>
Remove Route Table¶
tnsr(config-route-table)# no route table <name>
Route Table Next Hop Mode¶
Enter Route Table Next Hop Mode¶
tnsr(config-route-table)# route <destination-prefix>
tnsr(config-rttbl46-next-hop)#
Route Table Next Hop Mode Commands¶
tnsr(config-rttbl46-next-hop)# [no] description <rest-of-line>
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via <ip46-addr>
[(<if-name>|next-hop-table <route-table-name>)]
[weight <multi-path-weight>]
[resolve-via-host] [resolve-via-attached]
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via drop
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via local
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via null-send-unreach
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> via null-send-prohibit
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> classify <classify-table-name>
tnsr(config-rttbl46-next-hop)# [no] next-hop <hop-id> lookup [in] route-table <route-table-name>
tnsr(config-rttbl46-next-hop)# [no] priority <admin-priority>
Remove Route Table Next Hop¶
tnsr(config-rttbl46-next-hop)# no next-hop <hop-id>
SPAN Mode¶
Enter SPAN Mode¶
tnsr(config)# span <if-name-src>
tnsr(config-span)#
SPAN Mode Commands¶
tnsr(config-span)# onto <if-name-dst> (hw|l2) (rx|tx|both|disabled)
Remove Single SPAN Destination¶
tnsr(config-span)# no onto <if-name-dst> [(hw|l2)]
Remove SPAN¶
tnsr(config)# no span <if-name-src>
VXLAN Mode¶
Enter VXLAN Mode¶
tnsr(config)# vxlan <tunnel-name>
tnsr(config-vxlan)#
VXLAN Mode Commands¶
tnsr(config-vxlan)# [no] destination <ip-addr>
tnsr(config-vxlan)# [no] encapsulation (ipv4|ipv6) route-table <rt-table-name>
tnsr(config-vxlan)# [no] instance <id>
tnsr(config-vxlan)# [no] multicast interface <if-name>
tnsr(config-vxlan)# [no] source <ip-addr>
tnsr(config-vxlan)# [no] vni <u24>
Remove VXLAN Tunnel¶
tnsr(config)# no vxlan [<tunnel-name>]
Local User Authentication Configuration Mode¶
Enter Local User Authentication Configuration Mode¶
tnsr(config)# auth user <user-name>
tnsr(config-user)#
Local User Authentication Mode Commands¶
tnsr(config-user)# [no] password <user-password>
tnsr(config-user)# [no] user-keys <key-name>
Remove Local Authentication User¶
tnsr(config)# no auth user <user-name>
RADIUS Authentication Configuration Mode¶
Enter RADIUS Authentication Configuration Mode¶
tnsr(config)# radius
tnsr(config-radius)#
RADIUS Authentication Mode Commands¶
tnsr(config-radius)# server name <name> host <address> [port <auth-port>] secret <secret>
[timeout <timeout:3-60>] [source-address <ip-addr>]
tnsr(config-radius)# no server name <name>
LDAP Authentication Configuration Mode¶
Enter LDAP Authentication Configuration Mode¶
tnsr(config)# ldap
tnsr(config-ldap)#
LDAP Authentication Mode Commands¶
tnsr(config-ldap)# attribute-override gecos <value>
tnsr(config-ldap)# attribute-override gidNumber <value>
tnsr(config-ldap)# attribute-override homeDirectory <value>
tnsr(config-ldap)# attribute-override loginShell <value>
tnsr(config-ldap)# attribute-override uidNumber <value>
tnsr(config-ldap)# attribute-override userPassword <value>
tnsr(config-ldap)# basedn <dn-string>
tnsr(config-ldap)# binddn <dn-string> <secret>
tnsr(config-ldap)# groupdn <dn-string>
tnsr(config-ldap)# peer-ca <ca-name>
tnsr(config-ldap)# scope (base|one|sub)
tnsr(config-ldap)# server <name> <host> [port <port>]
tnsr(config-ldap)# timeout <sec>
tnsr(config-ldap)# transport (tcp|tcl-ssltls|tcp-starttls)
tnsr(config-ldap)# version (2|3)
Authentication Server Group Configuration Mode¶
Enter Server Group Configuration Mode¶
tnsr(config)# auth server-group <group-name>
tnsr(config-auth-server-group)#
Server Group Configuration Mode Commands¶
tnsr(config-auth-server-group)# all-servers
tnsr(config-auth-server-group)# priority <value> (ldap|radius) <server-name>
tnsr(config-auth-server-group)# type (ldap|radius)
NTP Configuration Mode¶
Enter NTP Configuration Mode¶
tnsr(config)# ntp server
tnsr(config-ntp)#
NTP Mode Commands¶
tnsr(config-ntp)# [no] disable monitor
tnsr(config-ntp)# [no] enable monitor
tnsr(config-ntp)# [no] driftfile <file-path>
tnsr(config-ntp)# [no] interface sequence <seq> (drop|ignore|listen)
(all|interface <if-name>|prefix <ip-prefix>)
tnsr(config-ntp)# [no] logconfig sequence <seq> (add|delete|set)
(all|clock|peer|sync|sys) (all|events|info|statistics|status)
tnsr(config-ntp)# [no] restrict (default|<fqdn>|<ip-prefix>|source)
tnsr(config-ntp)# [no] server (address <ip-address>|host <fqdn>)
tnsr(config-ntp)# [no] statsdir <directory-path>
tnsr(config-ntp)# [no] tinker panic <n-secs>
tnsr(config-ntp)# [no] tos orphan <stratum>
Remove NTP Server¶
tnsr(config)# no ntp server
NTP Restrict Mode¶
Enter NTP Restrict Mode¶
tnsr(config-ntp)# restrict (default|<fqdn>|<ip-prefix>|source)
NTP Restrict Mode Commands¶
tnsr(config-ntp-restrict)# kod
tnsr(config-ntp-restrict)# limited
tnsr(config-ntp-restrict)# nomodify
tnsr(config-ntp-restrict)# nopeer
tnsr(config-ntp-restrict)# noquery
tnsr(config-ntp-restrict)# noserve
tnsr(config-ntp-restrict)# notrap
Remove NTP Restriction¶
tnsr(config-ntp)# no restrict (default|<fqdn>|<ip-prefix>|source)
NTP Upstream Server Mode¶
Enter NTP Upstream Server Mode¶
tnsr(config-ntp)# server (address <ip-address>|host <fqdn>)
NTP Upstream Server Mode Commands¶
tnsr(config-ntp-server)# iburst
tnsr(config-ntp-server)# maxpoll <power-of-2-sec>
tnsr(config-ntp-server)# noselect
tnsr(config-ntp-server)# operational-mode (pool|server)
tnsr(config-ntp-server)# prefer
Remove NTP Upstream Server¶
tnsr(config-ntp)# no server (address <ip-address>|host <fqdn>)
NACM Group Mode¶
Enter NACM Group Mode¶
tnsr(config)# nacm group <group-name>
tnsr(config-nacm-group)#
NACM Group Mode Commands¶
tnsr(config-nacm-group)# [no] member <user-name>
Remove NACM Group¶
tnsr(config)# no nacm group <group-name>
NACM Rule-list Mode¶
Enter NACM Rule-list Mode¶
tnsr(config)# nacm rule-list <rule-list-name>
tnsr(config-nacm-rule-list)#
NACM Rule-list Mode Commands¶
tnsr(config-nacm-rule-list)# [no] group (*|<group-name>)
tnsr(config-nacm-rule-list)# [no] rule <rule-name>
Remove NACM Rule-list¶
tnsr(config)# no nacm rule-list <rule-list-name>
NACM Rule Mode¶
Enter NACM Rule Mode¶
tnsr(config-nacm-rule-list)# rule <rule-name>
tnsr(config-nacm-rule)#
NACM Rule Mode Commands¶
tnsr(config-nacm-rule)# [no] access-operations *
tnsr(config-nacm-rule)# [no] access-operations [create] [read] [update] [delete] [exec]
tnsr(config-nacm-rule)# [no] action (deny|permit)
tnsr(config-nacm-rule)# [no] module (*|<module-name>)
tnsr(config-nacm-rule)# [no] comment <rest>
tnsr(config-nacm-rule)# [no] rpc (*|<rpc-name>)
tnsr(config-nacm-rule)# [no] notification (*|<notification-name>)
tnsr(config-nacm-rule)# [no] path <node-id>
Remove NACM Rule¶
tnsr(config-nacm-rule-list)# no rule <rule-name>
DHCP IPv4 Server Config Mode¶
tnsr(config)# dhcp4 {disable|enable}
tnsr(config)# no dhcp4 enable
tnsr(config)# [no] dhcp4 server
Enter DHCP IPv4 Server Mode¶
tnsr(config)# dhcp4 server
tnsr(config-kea-dhcp4)#
DHCP IPv4 Server Mode Commands¶
tnsr(config-kea-dhcp4)# [no] authoritative (true|false)
tnsr(config-kea-dhcp4)# [no] decline-probation-period <seconds>
tnsr(config-kea-dhcp4)# [no] description <desc>
tnsr(config-kea-dhcp4)# [no] echo-client-id <boolean>
tnsr(config-kea-dhcp4)# [no] interface listen <if-name>
tnsr(config-kea-dhcp4)# [no] interface listen *
tnsr(config-kea-dhcp4)# [no] interface socket (raw|udp)
tnsr(config-kea-dhcp4)# [no] lease filename <filename>
tnsr(config-kea-dhcp4)# [no] lease lfc-interval <seconds>
tnsr(config-kea-dhcp4)# [no] lease persist <boolean>
tnsr(config-kea-dhcp4)# [no] logging <logger-name>
tnsr(config-kea-dhcp4)# [no] match-client-id <boolean>
tnsr(config-kea-dhcp4)# [no] next-server <ipv4-address>
tnsr(config-kea-dhcp4)# [no] option <dhcp4-option>
tnsr(config-kea-dhcp4)# [no] option-def <name>
tnsr(config-kea-dhcp4)# [no] rebind-timer <seconds>
tnsr(config-kea-dhcp4)# [no] renew-timer <seconds>
tnsr(config-kea-dhcp4)# [no] valid-lifetime <seconds>
Remove DHCP IPv4 Server Configuration¶
tnsr(config)# no dhcp4 server
DHCP4 Subnet4 Mode¶
Enter DHCP4 Subnet4 Mode¶
tnsr(config-kea-dhcp4)# subnet <ipv4-prefix>
tnsr(config-kea-subnet4)#
DHCP4 Subnet4 Mode Commands¶
tnsr(config-kea-subnet4)# [no] authoritative (true|false)
tnsr(config-kea-subnet4)# [no] id <uint32>
tnsr(config-kea-subnet4)# [no] interface <if-name>
tnsr(config-kea-subnet4)# [no] option <dhcp4-option>
tnsr(config-kea-subnet4)# [no] pool <ipv4-prefix>|<ipv4-range>
tnsr(config-kea-subnet4)# [no] reservation <ipv4-address>
Remove DHCP4 IPv4 Subnet4 Configuration¶
tnsr(config-kea-dhcp4)# no subnet <ipv4-prefix>|<ipv4-range>
DHCP4 Subnet4 Pool Mode¶
Enter DHCP4 Subnet4 Pool Mode¶
tnsr(config-kea-subnet4)# pool <ipv4-prefix>|<ipv4-range>
tnsr(config-kea-subnet4-pool)#
DHCP4 Subnet4 Pool Mode Commands¶
tnsr(config-kea-subnet4-pool)# [no] option <dhcp4-option>
Remove DHCP4 IPv4 Subnet4 Pool¶
tnsr(config-kea-subnet4)# no pool <ipv4-prefix>|<ipv4-range>
DHCP4 Subnet4 Reservation Mode¶
Enter DHCP4 Subnet4 Reservation Mode¶
tnsr(config-kea-subnet4)# reservation <ipv4-address>
tnsr(config-kea-subnet4-reservation)#
DHCP4 Subnet4 Reservation Mode Commands¶
tnsr(config-kea-subnet4-reservation)# [no] hostname <hostname>
tnsr(config-kea-subnet4-reservation)# mac-address <mac-address>
tnsr(config-kea-subnet4-reservation)# [no] option <dhcp4-option>
Remove DHCP4 IPv4 Subnet4 Reservation¶
tnsr(config-kea-subnet4)# no reservation <ipv4-address>
Kea DHCP4, Subnet4, Pool, or Reservation Option Mode¶
Enter DHCP4 Option Mode¶
tnsr(config-kea-*)# option <dhcp4-option|option-def-nam>
tnsr(config-kea-*-opt)#
DHCP4 Option Mode Commands¶
tnsr(config-kea-*-opt)# [no] always-send <boolean>
tnsr(config-kea-*-opt)# [no] csv-format <boolean>
tnsr(config-kea-*-opt)# [no] data <option-data>
tnsr(config-kea-*-opt)# [no] space <space-name>
Remove DHCP4 Option Configuration¶
tnsr(config-kea-*)# no option <dhcp4-option>
Kea DHCP4 Option Definition Mode¶
Enter DHCP4 Option Definition Mode¶
tnsr(config-kea-dhcp4)# option-def <name>
tnsr(config-kea-dhcp4-optdef)#
DHCP4 Option Definition Mode Commands¶
tnsr(config-kea-dhcp4-optdef)# array <array-val>
tnsr(config-kea-dhcp4-optdef)# code <code-val>
tnsr(config-kea-dhcp4-optdef)# encapsulate <encap>
tnsr(config-kea-dhcp4-optdef)# record-types <types>
tnsr(config-kea-dhcp4-optdef)# space <space-name>
tnsr(config-kea-dhcp4-optdef)# type <type>
Remove DHCP4 Option Definition¶
tnsr(config-kea-dhcp4)# no option-def <name>
DHCP4 Log Mode¶
Enter DHCP4 Log Mode¶
tnsr(config-kea-dhcp4)# logging <logger-name>
tnsr(config-kea-dhcp4-log)#
DHCP4 Log Mode Commands¶
tnsr(config-kea-dhcp4-log)# [no] debug-level <level>
tnsr(config-kea-dhcp4-log)# [no] output <location>
tnsr(config-kea-dhcp4-log)# [no] severity (debug|error|fatal|info|warn)
Remove DHCP4 Log Configuration¶
tnsr(config-kea-dhcp4)# no logging <logger-name>
DHCP4 Log Output Mode¶
Enter DHCP4 Log Output Mode¶
tnsr(config-kea-dhcp4-log)# output <location>
tnsr(config-kea-dhcp4-log-out)#
DHCP4 Log Output Mode Commands¶
tnsr(config-kea-dhcp4-log-out)# [no] flush (false|true)
tnsr(config-kea-dhcp4-log-out)# [no] maxsize <size>
tnsr(config-kea-dhcp4-log-out)# [no] maxver <rotate>
Remove DHCP4 Log Output Configuration¶
tnsr(config-kea-dhcp4-log)# no output [<location>]
Unbound Server Mode¶
Enter Unbound Server Mode¶
tnsr(config)# unbound server
tnsr(config-unbound)#
Unbound Server Mode Commands¶
tnsr(config-unbound)# [no] caps-for-id
tnsr(config-unbound)# [no] do-ip4
tnsr(config-unbound)# [no] do-ip6
tnsr(config-unbound)# [no] do-tcp
tnsr(config-unbound)# [no] do-udp
tnsr(config-unbound)# [no] edns reassembly size <s>
tnsr(config-unbound)# [no] forward-zone <zone-name>
tnsr(config-unbound)# [no] harden (dnssec-stripped|glue)
tnsr(config-unbound)# [no] hide (version|identity)
tnsr(config-unbound)# [no] host cache (num-hosts <num> | slabs <s> | ttl <t>)
tnsr(config-unbound)# [no] interface <ip4-address>
tnsr(config-unbound)# [no] jostle timeout <t>
tnsr(config-unbound)# [no] key cache slabs <s>
tnsr(config-unbound)# [no] key prefetch
tnsr(config-unbound)# [no] message cache (size <s> | slabs <s>)
tnsr(config-unbound)# [no] message prefetch
tnsr(config-unbound)# [no] outgoing-interface <ip-address>
tnsr(config-unbound)# [no] port outgoing range <n>
tnsr(config-unbound)# [no] rrset cache (size <s> | slabs <s>)
tnsr(config-unbound)# [no] rrset-message cache ttl (minimum <min> | maximum <max>)
tnsr(config-unbound)# [no] serve-expired
tnsr(config-unbound)# [no] socket receive-buffer size <s>
tnsr(config-unbound)# [no] tcp buffers (incoming <n> | outgoing <n>)
tnsr(config-unbound)# [no] thread (num-queries <n> | num-threads <n> |
unwanted-reply-threshold <threshold>)
tnsr(config-unbound)# [no] verbosity <level-0..5>
Remove Unbound Server¶
tnsr(config)# no unbound server
Unbound Forward-Zone Mode¶
Enter Unbound Forward-Zone Mode¶
tnsr(config-unbound)# forward-zone <zone-name>
tnsr(config-unbound-fwd-zone)#
Unbound Forward-Zone Mode Commands¶
tnsr(config-unbound-fwd-zone)# [no] forward-first
tnsr(config-unbound-fwd-zone)# [no] forward-tls-upstream
tnsr(config-unbound-fwd-zone)# [no] nameserver address <ip-address> [port <port>] [auth-name <name>]
tnsr(config-unbound-fwd-zone)# [no] nameserver host <host-name>
Remove Unbound Forward-Zone¶
tnsr(config-unbound)# no forward-zone <zone-name>
Subif Mode¶
Enter Subif Mode¶
tnsr(config)# interface subif <if-name> <subid>
tnsr(config-subif)#
Subif Mode Commands¶
tnsr(config-subif)# default
tnsr(config-subif)# dot1q <outer-vlan-id>
tnsr(config-subif)# exact-match
tnsr(config-subif)# inner-dot1q (inner-vlan-id>|any)
tnsr(config-subif)# outer-dot1ad <outer-vlan-id>
tnsr(config-subif)# outer-dot1q <outer-vlan-id>
Remove Subif¶
tnsr(config)# no interface subif <if-name> <subid>
Bond Mode¶
Enter Bond Mode¶
tnsr(config)# interface bond <instance>
tnsr(config-bond)#
Bond Mode Commands¶
tnsr(config-bond)# [no] load-balance (l2|l23|l34)
tnsr(config-bond)# [no] mode (round-robin|active-backup|xor|broadcast|lacp)
tnsr(config-bond)# [no] mac-address <mac-address>
Remove Bond¶
tnsr(config)# no interface bond <instance>
Host ACL Mode¶
Enter Host ACL Mode¶
tnsr(config)# host acl <acl-name>
tnsr(config-host-acl)#
Host ACL Mode Commands¶
tnsr(config-host-acl)# [no] description <text>
tnsr(config-host-acl)# [no] rule <rule-seq>
tnsr(config-host-acl)# [no] sequence <acl-seq>
Remove Host ACL¶
tnsr(config)# no host acl <acl-name>
Host ACL Rule Mode¶
Enter Host ACL Rule Mode¶
tnsr(config-host-acl)# rule <rule-seq>
tnsr(config-host-acl-rule)#
Host ACL Rule Mode Commands¶
tnsr(config-host-acl-rule)# [no] action (deny|permit)
tnsr(config-host-acl-rule)# [no] description <text>
tnsr(config-host-acl-rule)# [no] match input-interface <host-interface>
tnsr(config-host-acl-rule)# [no] match ip address (source|destination) <prefix>
tnsr(config-host-acl-rule)# [no] match ip icmp type
(address-mask-reply|address-mask-request|destination-unreachable|
echo-reply|echo-request|info-reply|info-request|parameter-problem|
redirect|router-advertisement|router-solicitation|source-quench|
time-exceeded|timestamp-reply|timestamp-request) [code <code>]
tnsr(config-host-acl-rule)# [no] match ip icmpv6 type
(destination-unreachable|echo-reply|echo-request|
mld-listener-query|mld-listener-reduction|mld-listener-report|
nd-neighbor-advert|nd-neighbor-solicit|nd-redirect|
nd-router-advert|nd-router-solicit|packet-too-big|
parameter-problem|router-renumbering|time-exceeded) [code <code>]
tnsr(config-host-acl-rule)# [no] match ip port (source|destination) <port-num>
tnsr(config-host-acl-rule)# [no] match ip port (source|destination) range start <low-port-num>
[end <high-port-num>]
tnsr(config-host-acl-rule)# [no] match ip protocol (icmp|tcp|udp|<proto-number>)
tnsr(config-host-acl-rule)# [no] match ip tcp flag (ack|cwr|ece|fin|psh|rst|syn|urg)
tnsr(config-host-acl-rule)# [no] match ip version (4|6)
tnsr(config-host-acl-rule)# [no] match mac address (source|destination) <mac>
Remove Host ACL Rule¶
tnsr(config-host-acl)# no rule <rule-seq>
VRRP Mode¶
Enter VRRP Mode¶
IPv4:
tnsr(config-interface)# ip vrrp-virtual-router <vrid>
tnsr(config-vrrp4)#
IPv6:
tnsr(config-interface)# ipv6 vrrp-virtual-router <vrid>
tnsr(config-vrrp6)#
VRRP Mode Commands¶
tnsr(config-vrrp46)# [no] accept-mode (false|true)
tnsr(config-vrrp46)# [no] preempt (false|true)
tnsr(config-vrrp46)# [no] priority <priority>
tnsr(config-vrrp46)# [no] track-interface <interface> priority-decrement <value>
tnsr(config-vrrp46)# [no] v3-advertisement-interval <advertise-interval-centi-sec>
tnsr(config-vrrp46)# [no] virtual-address <ipv4-address>
Remove VRRP¶
IPv4:
tnsr(config-interface)# no ip vrrp-virtual-router [<vrid>]
IPv6:
tnsr(config-interface)# no ipv6 vrrp-virtual-router [<vrid>]
DNS Resolver Mode¶
Enter DNS Resolver Mode¶
tnsr(config)# system dns-resolver (dataplane|host)
tnsr(config-dns-resolver)#
DNS Resolver Mode Commands¶
tnsr(config-dns-resolver)# [no] search <domain>
tnsr(config-dns-resolver)# [no] server <name> <ip-addr>
Remove DNS Resolver Configuration¶
tnsr(config)# no system dns-resolver (dataplane|host)
IPFIX Exporter Mode¶
Enter IPFIX Exporter Mode¶
tnsr(config)# ipfix exporter <name>
tnsr(config-ipfix-exporter)#
IPFIX Exporter Mode Commands¶
tnsr(config-ipfix-exporter)# [no] checksum (true|false)
tnsr(config-ipfix-exporter)# [no] collector <ip4-addr> port <port>
tnsr(config-ipfix-exporter)# [no] pmtu <mtu:68-1450>
tnsr(config-ipfix-exporter)# [no] source <ip4-addr>
tnsr(config-ipfix-exporter)# [no] template-interval <sec>
tnsr(config-ipfix-exporter)# [no] vrf <vrf-name>
Remove IPFIX Exporter Configuration¶
tnsr(config)# no ipfix exporter <name>
IPFIX Observation Point Mode¶
Enter IPFIX Observation Point Mode¶
tnsr(config)# ipfix observation-point <name>
tnsr(config-ipfix-obs-pt)#
IPFIX Observation Point Mode Commands¶
tnsr(config-ipfix-obs-pt)# direction (both|egress|ingress)
tnsr(config-ipfix-obs-pt)# interface <if-name>
Remove IPFIX Observation Point Configuration¶
tnsr(config)# no ipfix observation-point <name>
IPFIX Selection Process Mode¶
Enter IPFIX Selection Process Mode¶
tnsr(config)# ipfix selection-process <name>
tnsr(config-ipfix-sel-proc)#
IPFIX Selection Process Mode Commands¶
tnsr(config-ipfix-sel-proc)# selector (all|ipv4|ipv6)
Remove IPFIX Selection Process Configuration¶
tnsr(config)# no ipfix selection-process <name>
IPFIX Cache Mode¶
Enter IPFIX Cache Mode¶
tnsr(config)# ipfix cache <name>
tnsr(config-ipfix-cache)#
IPFIX Cache Mode Commands¶
tnsr(config-ipfix-cache)# [no] timeout-cache active-timeout <seconds>
tnsr(config-ipfix-cache)# [no] timeout-cache idle-timeout <seconds>
Remove IPFIX Cache Configuration¶
tnsr(config)# no ipfix cache <name>
RESTCONF mode¶
Enter RESTCONF mode¶
tnsr(config)# restconf
tnsr(config-restconf)#
RESTCONF Mode Commands¶
tnsr(config-restconf)# enable (true|false)
tnsr(config-restconf)# global authentication-type (client-certificate|user)
tnsr(config-restconf)# global server-ca-cert-path <ca-name>
tnsr(config-restconf)# global server-certificate <cert-name>
tnsr(config-restconf)# global server-key <key-name>
tnsr(config-restconf)# server (host|dataplane) <ip-address> <port> (true|false)
WireGuard Mode¶
Enter WireGuard Mode¶
tnsr(config)# interface wireguard <instance>
tnsr(config-wireguard)#
WireGuard Mode Commands¶
tnsr(config-wireguard)# description <desc>
tnsr(config-wireguard)# peer <peer-id>
tnsr(config-wireguard)# port <port-value>
tnsr(config-wireguard)# private-key base64 <key>
tnsr(config-wireguard)# private-key generate
tnsr(config-wireguard)# source-address <ip-addr>
WireGuard Peer Mode¶
Enter WireGuard Peer Mode¶
tnsr(config-wireguard)# peer <peer-id>
tnsr(config-wireguard-peer)#
WireGuard Peer Mode Commands¶
tnsr(config-wireguard-peer)# allowed-prefix <prefix>
tnsr(config-wireguard-peer)# description <desc>
tnsr(config-wireguard-peer)# endpoint-address <endpoint-addr>
tnsr(config-wireguard-peer)# keep-alive <interval>
tnsr(config-wireguard-peer)# public-key base64 <key>
tnsr(config-wireguard-peer)# route-table <table-name>
Tunnel Next Hop Mode¶
Enter Tunnel Next Hop Mode¶
tnsr(config)# [no] tunnel next-hops <interface>
tnsr(config-tunnel-nh-if)#
Tunnel Next Hop Mode Commands¶
tnsr(config-tunnel-nh-if)# [no] ipv4-tunnel-destination <inner-address> ipv4-next-hop-address <outer-address>
tnsr(config-tunnel-nh-if)# [no] ipv6-tunnel-destination <inner-address> ipv6-next-hop-address <outer-address>
IPIP Tunnel Mode¶
Enter IPIP Tunnel Mode¶
tnsr(config)# [no] tunnel ipip <instance>
tnsr(config-ipip)#
IPIP Tunnel Mode Commands¶
tnsr(config-ipip)# [no] destination (ipv4|ipv6) (address|hostname) <remote-address>
tnsr(config-ipip)# [no] encapsulation route-table <route-table-name>
tnsr(config-ipip)# [no] encapsulation copy-dscp
tnsr(config-ipip)# [no] encapsulation dscp <uint8>
tnsr(config-ipip)# [no] encapsulation set-df
tnsr(config-ipip)# [no] source (ipv4|ipv6) address <local-address>
ACL-Based Forwarding Interface Attachment Mode¶
Enter ACL-Based Forwarding Interface Attachment Mode¶
tnsr(config)# route acl-based-forwarding interface <if-name>
tnsr(config-abf-interface)#
ACL-Based Forwarding Interface Attachment Mode Commands¶
tnsr(config)# policy <policy-id> (ipv4|ipv6) priority <uint32>
tnsr(config)# no policy <policy-id> [(ipv4|ipv6) priority <uint32>]
ACL-Based Forwarding Policy Mode¶
Enter ACL-Based Forwarding Policy Mode¶
tnsr(config)# route acl-based-forwarding policy <id>
tnsr(config-abf-policy)#
ACL-Based Forwarding Policy Mode Commands¶
tnsr(config-abf-policy)# [no] acl <acl-name>
tnsr(config-abf-policy)# [no] (ipv4-next-hop|ipv6-next-hop) <hop-id>
ACL-Based Forwarding Policy Next Hop Mode¶
Enter ACL-Based Forwarding Policy Next Hop Mode¶
tnsr(config-abf-policy)# ipv4-next-hop <id>
tnsr(config-abf-policy-ipv4-nh)#
tnsr(config-abf-policy)# ipv6-next-hop <id>
tnsr(config-abf-policy-ipv6-nh)#
ACL-Based Forwarding Policy Next Hop Mode Commands¶
tnsr(config-abf-policy-ipv46-nh)# [no] drop
tnsr(config-abf-policy-ipv46-nh)# [no] interface <if-name>
tnsr(config-abf-policy-ipv46-nh)# [no] (ipv4-address|ipv6-address) <addr>
tnsr(config-abf-policy-ipv46-nh)# [no] local
tnsr(config-abf-policy-ipv46-nh)# [no] prohibited
tnsr(config-abf-policy-ipv46-nh)# [no] unreachable
tnsr(config-abf-policy-ipv46-nh)# [no] weight <uint8>
vHost User Interface Mode¶
Enter vHost User Interface Mode¶
tnsr(config)# interface vhost-user <instance>
tnsr(config-vhost-user)#
vHost User Interface Mode Commands¶
tnsr(config-vhost-user)# [no] sock-filename <sock-filename-val>
tnsr(config-vhost-user)# [no] server-mode
tnsr(config-vhost-user)# [no] disable (merge-rx-buffers|indirect-descriptors)
tnsr(config-vhost-user)# [no] enable (gso|packed-ring|event-index)
Remote Logging Mode¶
Enter Remote Logging Mode¶
tnsr(config)# logging remote-server <name>
tnsr(config-log-remote)#
Remote Logging Mode Commands¶
tnsr(config-log-remote)# address (<fqdn>|<ipv4-addr>|<ipv6-addr>)
tnsr(config-log-remote)# port <port>
tnsr(config-log-remote)# transport-protocol (tcp|udp)
tnsr(config-log-remote)# filter syslog-facility (all|<facility-name>)
[priority <priority-name>]
VPF Filter Ruleset Mode¶
Enter VPF Filter Ruleset Mode¶
tnsr(config)# vpf filter ruleset <name>
tnsr(config-vpf-filter-ruleset)#
VPF Filter Ruleset Mode Commands¶
tnsr(config-vpf-filter-ruleset)# description <text>
tnsr(config-vpf-filter-ruleset)# no description
tnsr(config-vpf-filter-ruleset)# rule <seq>
tnsr(config-vpf-filter-ruleset)# no rule [<seq>]
VPF Filter Rule Mode¶
Enter VPF Filter Rule Mode¶
tnsr(config-vpf-filter-ruleset)# rule <seq>
tnsr(config-vpf-filter-rule)#
VPF Filter Rule Mode Commands¶
tnsr(config-vpf-filter-rule)# description <text>
tnsr(config-vpf-filter-rule)# no description
tnsr(config-vpf-filter-rule)# dest-route-table <route-table>
tnsr(config-vpf-filter-rule)# no dest-route-table [<route-table>]
tnsr(config-vpf-filter-rule)# from ifaddrs <if-name>
tnsr(config-vpf-filter-rule)# no from ifaddrs [<if-name>]
tnsr(config-vpf-filter-rule)# [no] from inverted
tnsr(config-vpf-filter-rule)# from port <start-port> [<end-port>]
tnsr(config-vpf-filter-rule)# no from port [<start-port> [<end-port>]]
tnsr(config-vpf-filter-rule)# from (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-filter-rule)# no from (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-filter-rule)# from table <name>
tnsr(config-vpf-filter-rule)# no from table [<name>]
tnsr(config-vpf-filter-rule)# no from
tnsr(config-vpf-filter-rule)# direction (both|in|out)
tnsr(config-vpf-filter-rule)# no direction [(both|in|out)]
tnsr(config-vpf-filter-rule)# icmp (code|type) <value>
tnsr(config-vpf-filter-rule)# no icmp [(code|type) [<value>]]
tnsr(config-vpf-filter-rule)# ip-version (ipv4|ipv6)
tnsr(config-vpf-filter-rule)# no ip-version [(ipv4|ipv6)]
tnsr(config-vpf-filter-rule)# [no] pass
tnsr(config-vpf-filter-rule)# protocol <values>
tnsr(config-vpf-filter-rule)# no protocol [<values>]
tnsr(config-vpf-filter-rule)# [no] return-icmp
tnsr(config-vpf-filter-rule)# [no] return-rst
tnsr(config-vpf-filter-rule)# [no] stateful
tnsr(config-vpf-filter-rule)# tcp flags mask <flag-name> [<flag-name> [...]]
tnsr(config-vpf-filter-rule)# no tcp flags [mask [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-filter-rule)# tcp flags value <flag-name> [<flag-name> [...]]
tnsr(config-vpf-filter-rule)# no tcp flags [value [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-filter-rule)# no tcp
tnsr(config-vpf-filter-rule)# [no] tentative
tnsr(config-vpf-filter-rule)# to ifaddrs <if-name>
tnsr(config-vpf-filter-rule)# no to ifaddrs [<if-name>]
tnsr(config-vpf-filter-rule)# [no] to inverted
tnsr(config-vpf-filter-rule)# to port <start-port> [<end-port>]
tnsr(config-vpf-filter-rule)# no to port [<start-port> [<end-port>]]
tnsr(config-vpf-filter-rule)# to (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-filter-rule)# no to (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-filter-rule)# to table <name>
tnsr(config-vpf-filter-rule)# no to table [<name>]
tnsr(config-vpf-filter-rule)# no to
VPF IPFIX Configuration Mode¶
Enter VPF IPFIX Configuration Mode¶
tnsr(config)# vpf ipfix
tnsr(config-vpf-ipfix)#
VPF IPFIX Configuration Mode Commands¶
tnsr(config-vpf-ipfix)# (disable|enable)
tnsr(config-vpf-ipfix)# domain <value>
tnsr(config-vpf-ipfix)# no domain [<value>]
tnsr(config-vpf-ipfix)# src-port <port-number>
tnsr(config-vpf-ipfix)# no src-port [<port-number>]
VPF NAT Ruleset Mode¶
Enter VPF NAT Ruleset Mode¶
tnsr(config)# vpf nat ruleset <name>
tnsr(config-vpf-nat-ruleset)#
VPF NAT Ruleset Mode Commands¶
tnsr(config-vpf-nat-ruleset)# description <text>
tnsr(config-vpf-nat-ruleset)# no description
tnsr(config-vpf-nat-ruleset)# rule <seq>
tnsr(config-vpf-nat-ruleset)# no rule [<seq>]
VPF NAT Rules Mode¶
Enter VPF NAT Rules Mode¶
tnsr(config-vpf-nat-ruleset)# rule <seq>
tnsr(config-vpf-nat-rule)#
VPF NAT Rules Mode Commands¶
tnsr(config-vpf-nat-rule)# [no] algorithm (ip-hash|netmap|npt66|one-to-one|round-robin)
tnsr(config-vpf-nat-rule)# description <text>
tnsr(config-vpf-nat-rule)# no description
tnsr(config-vpf-nat-rule)# dest-route-table <route-table>
tnsr(config-vpf-nat-rule)# no dest-route-table [<route-table>]
tnsr(config-vpf-nat-rule)# direction (in|out)
tnsr(config-vpf-nat-rule)# [no] dynamic
tnsr(config-vpf-nat-rule)# from ifaddrs <if-name>
tnsr(config-vpf-nat-rule)# no from ifaddrs [<if-name>]
tnsr(config-vpf-nat-rule)# [no] from inverted
tnsr(config-vpf-nat-rule)# from port <start-port> [<end-port>]
tnsr(config-vpf-nat-rule)# no from port [<start-port> [<end-port>]]
tnsr(config-vpf-nat-rule)# from (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-nat-rule)# no from (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-nat-rule)# from table <name>
tnsr(config-vpf-nat-rule)# no from table [<name>]
tnsr(config-vpf-nat-rule)# no from
tnsr(config-vpf-nat-rule)# icmp (code|type) <value>
tnsr(config-vpf-nat-rule)# no icmp [(code|type) [<value>]]
tnsr(config-vpf-nat-rule)# nat-interface <name>
tnsr(config-vpf-nat-rule)# no nat-interface [<name>]
tnsr(config-vpf-nat-rule)# nat-port <port-number>
tnsr(config-vpf-nat-rule)# no nat-port [<port-number>]
tnsr(config-vpf-nat-rule)# nat-prefix <ip-prefix>
tnsr(config-vpf-nat-rule)# no nat-prefix [<ip-prefix>]
tnsr(config-vpf-nat-rule)# nat-table <name>
tnsr(config-vpf-nat-rule)# no nat-table [<name>]
tnsr(config-vpf-nat-rule)# [no] no-port-translation
tnsr(config-vpf-nat-rule)# protocol <values>
tnsr(config-vpf-nat-rule)# no protocol [<values>]
tnsr(config-vpf-nat-rule)# tcp flags mask <flag-name> [<flag-name> [...]]
tnsr(config-vpf-nat-rule)# no tcp flags [mask [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-nat-rule)# tcp flags value <flag-name> [<flag-name> [...]]
tnsr(config-vpf-nat-rule)# no tcp flags [value [<flag-name> [<flag-name> [...]]]]
tnsr(config-vpf-nat-rule)# to ifaddrs <if-name>
tnsr(config-vpf-nat-rule)# no to ifaddrs [<if-name>]
tnsr(config-vpf-nat-rule)# [no] to inverted
tnsr(config-vpf-nat-rule)# to port <start-port> [<end-port>]
tnsr(config-vpf-nat-rule)# no to port [<start-port> [<end-port>]]
tnsr(config-vpf-nat-rule)# to (ipv4-prefix|ipv6-prefix) <ip-prefix>
tnsr(config-vpf-nat-rule)# no to (ipv4-prefix|ipv6-prefix) [<ip-prefix>]
tnsr(config-vpf-nat-rule)# to table <name>
tnsr(config-vpf-nat-rule)# no to table [<name>]
tnsr(config-vpf-nat-rule)# no to
VPF Options¶
Enter VPF Options Mode¶
tnsr(config)# vpf options
tnsr(config-vpf-option)#
VPF Options Mode Commands¶
tnsr(config-vpf-option)# interface <name> filter-ruleset <name>
tnsr(config-vpf-option)# no interface <name> filter-ruleset [<name>]
tnsr(config-vpf-option)# interface <name> nat-ruleset <name>
tnsr(config-vpf-option)# no interface <name> nat-ruleset [<name>]
tnsr(config-vpf-option)# no interface
tnsr(config-vpf-option)# runtime drop-options (ip4|ip6) (false|true)
tnsr(config-vpf-option)# no runtime drop-options [(ip4|ip6)]
tnsr(config-vpf-option)# runtime tcp max-ack-win <value>
tnsr(config-vpf-option)# no runtime tcp max-ack-win
tnsr(config-vpf-option)# runtime tcp strict-rst-order (false|true)
tnsr(config-vpf-option)# no runtime tcp strict-rst-order
tnsr(config-vpf-option)# runtime timeouts generic (closed|established|new) <sec>
tnsr(config-vpf-option)# no runtime timeouts generic [(closed|established|new)]
tnsr(config-vpf-option)# runtime timeouts tcp (closed|established|half-closed|new|time-wait) <sec>
tnsr(config-vpf-option)# no runtime timeouts tcp [(closed|established|half-closed|new|time-wait)]
tnsr(config-vpf-option)# no runtime timeouts
tnsr(config-vpf-option)# no runtime
tnsr(config-vpf-option)# startup max-connections-per-thread (ip4|ip6) <value>
tnsr(config-vpf-option)# no startup max-connections-per-thread [(ip4|ip6)]
tnsr(config-vpf-option)# startup port-mapping (max-port|min-port) <port-number>
tnsr(config-vpf-option)# no startup port-mapping [(max-port|min-port) [<port-number>]]
tnsr(config-vpf-option)# no startup
VPF Table Mode¶
Enter VPF Table Mode¶
tnsr(config)# vpf table <name>
tnsr(config-vpf-table)#
VPF Table Mode Commands¶
tnsr(config-vpf-table)# description <text>
tnsr(config-vpf-table)# no description
tnsr(config-vpf-table)# [no] prefix <ip-prefix>
DHCP Relay Mode¶
Enter DHCP Relay Mode¶
tnsr(config)# dhcp-relay <client-vrf>
tnsr(config-dhcp-relay)#
DHCP Relay Mode Commands¶
tnsr(config-dhcp-relay)# description <text>
tnsr(config-dhcp-relay)# no description
tnsr(config-dhcp-relay)# source-ipv4-address <ip-addr>
tnsr(config-dhcp-relay)# source-ipv6-address <ip-addr>
tnsr(config-dhcp-relay)# no source-ipv4-address [<ip-addr>]
tnsr(config-dhcp-relay)# no source-ipv6-address [<ip-addr>]
tnsr(config-dhcp-relay)# [no] server-ipv4 <server-vrf> <ip-addr>
tnsr(config-dhcp-relay)# [no] server-ipv6 <server-vrf> <ip-addr>