No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference

CloudEngine 8800, 7800, 6800, and 5800 V200R002C50

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
MSDP Configuration Commands

MSDP Configuration Commands

NOTE:

The CE6810LI does not support this feature.

cache-sa-disable

Function

The cache-sa-disable command disables the SA cache function.

The undo cache-sa-disable command enables the SA cache function on a switch. After receiving an SA message, the switch caches (S, G) information carried in the SA message.

By default, the SA cache function is enabled on a switch.

Format

cache-sa-disable

undo cache-sa-disable

Parameters

None

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A switch enabled with the SA cache function locally saves (S, G) information carried in the received SA messages. When the switch receives requests for receiving multicast data, it directly obtains (S, G) information from the SA cache.

A switch no long saves (S, G) information carried in the received SA messages locally after the cache-sa-disable command is run to disable the SA cache function. When the switch receives requests for receiving multicast data, it must wait for the SA messages sent by the MSDP peer in the next sending period. This may result in a delay in receiving multicast data.

Prerequisites

MSDP has been enabled using the msdp command.

Configuration Impact

When an RP receives a new (*, G) Join message,

  • If the SA cache function is enabled, the RP searches the SA cache for the (S, G) information.
    • If the SA cache contains related (S, G) information, the RP directly joins the SPT with the root being S.
    • If the SA cache does not contain related (S, G) information, the RP does not process the received Join message.
  • If the SA cache function is disabled, the RP processes the message according to whether the sending of SA Request messages is enabled.
    • If the sending of SA Request messages is enabled, the RP sends an SA Request message to the specified MSDP peer and waits for the response.
    • If the sending of SA Request messages is disabled, the RP must wait for the SA message sent by the MSDP peer in the next sending period.

Example

# Disable the SA cache function on the switch in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] cache-sa-disable

display msdp brief

Function

The display msdp brief command displays summary information about the status of MSDP peers.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] brief [ state { connect | down | listen | shutdown | up } ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances. If vpn-instance or all-instance is not specified, only the public network instance is displayed. -
state Displays summary information about the MSDP peers in specified status. -
connect Indicates the MSDP peers in Connect state. -
down Indicates the MSDP peers in Down state. -
listen Indicates the MSDP peers in Listen state. -
shutdown Indicates the MSDP peers in Shutdown state. -
up Indicates the MSDP peers in Up state. -

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After MSDP peers establish a TCP connection, the display msdp brief command can be used to display the brief information about the remote MSDP peer, such as the address, AS number, the number of (S, G) entries, and the status of the TCP connection.

Precautions

This command displays summary information about the status of MSDP peers only when the MSDP peer has been configured.

Example

# Display summary information about MSDP peers in the public network instance.

<HUAWEI> display msdp brief
MSDP Peer Brief Information of VPN instance: public net                                                                             
---------------------------------------------------------------------------------                                                   
  Configured   Up           Listen       Connect      Shutdown     Down                                                             
           1    0                1             0             0        0                                                             
---------------------------------------------------------------------------------                                                   
  Peer's Address     State     Up/Down time    AS          SA Count   Reset Count                                                   
  192.168.3.2        Listen    00:00:04        ?(unknown)         0             0  
Table 10-56  Description of the display msdp brief command output

Item

Description

MSDP Peer Brief Information of VVPN instance

VPN instance to which summary information about MSDP peers corresponds.

Configured

Total number of configured MSDP peers.

Up

Number of MSDP peers in Up state.

Listen

Number of MSDP peers in Listen state.

Connect

Number of MSDP peers in Connect state.

Shutdown

Number of MSDP peers in Shutdown state.

Down

Number of MSDP peers in Down state.

Peer's Address

Address of the peer. This parameter is configured using the peer connect-interface (MSDP) command.

State

Status of the MSDP session.
  • Up: The connection is set up and is in Up state.

  • Listen: The local device acts as the server and is in Listen state. The connection is not set up.

  • Connect: The local device acts as the client and is in Connect state. The connection is not set up.

  • Shutdown: The MSDP peer is in Shutdown state.

  • Down: The connection fails.

Up/Down time

Time when the session becomes Up or Down. The time format is as follows:
  • Time that is shorter than or equal to 24 hours: hour: minute: second.

  • Time that is longer than 24 hours but shorter than or equal to one week: day: hour.

  • Time that is longer than one week: week: day.

AS

The AS number of the MSDP peer. A question mark (?) indicates that the AS number cannot be obtained.

SA Count

Number of (S, G) entries in the SA cache.

Reset Count

Resetting times, including the resetting because the Notification message is received or Holdtimer times out.

display msdp control-message counters

Function

The display msdp control-message counters command displays statistics about MSDP messages.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ peer peer-address | message-type { source-active | sa-request | sa-response | keepalive | notification | traceroute-request | traceroute-reply | data-packets | unknown-type } ] *

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance

Indicates all instances, including the public network instance and all VPN instances.

If vpn-instance or all-instance is not specified, only statistics about the public network instance is displayed.

-
peer peer-address Specifies IP address of MSDP peer.

If peer peer-address is specified, only statistics about the MSDP messages received, sent, and discarded on a specified MSDP peer are displayed.

The value is in dotted decimal notation.
message-type Specifies MSDP message types.

If message-type is specified, only statistics about the MSDP messages received, sent, and discarded of a specified type are displayed.

-
source-active Displays the statistics about Source-Active messages on the interface. -
sa-request Displays the statistics about Source-Active Request messages on the interface. -
sa-response Displays the statistics about Source-Active Response messages on the interface. -
keepalive Displays the statistics about KeepAlive messages on the interface. -
notification Displays the statistics about Notification messages on the interface. -
traceroute-request Displays the statistics about Traceroute Request messages on the interface. -
traceroute-reply Displays the statistics about Traceroute Reply messages on the interface. -
data-packets Displays the statistics about data packets on the interface. -
unknown-type Displays the statistics about unknown type messages on the interface. -

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

This command helps you learn MSDP running status by displaying statistics about received, sent, and discarded MSDP messages.

Precautions

This command displays statistics about MSDP messages only when the MSDP peer has been configured.

Example

# Display statistics about the MSDP messages that are received, sent, and discarded by the peer 192.168.3.3 in the public network instance.

<HUAWEI> display msdp control-message counters peer 192.168.3.3
 VPN-Instance: public net                                                                                                           
 MSDP message counters for peer: 192.168.3.3                                                                                         
                          Received         Sent     Invalid                                                                         
 Source-Active                   0            0           0                                                                         
 Source-Active Request           0            0           0                                                                         
 Source-Active Response          0            0           0                                                                         
 KeepAlive                       0            0           0                                                                         
 Notification                    0            0           0                                                                         
 Traceroute Request              0            0           0                                                                         
 Traceroute Reply                0            0           0                                                                         
 Data Packets                    0            0           0                                                                         
 Unknown Type                    0            0           0                                                                         
Table 10-57  Description of the display msdp control-message counters peer 192.168.3.3 command output

Item

Description

VPN-Instance

VPN instance in which MSDP message statistics are collected.

MSDP message counters for peer

IP addresses of MSDP peers.

Received

Number of received messages.

Sent

Number of sent messages.

Invalid

Number of invalid messages.

Source-Active

Source-Active message.

Source-Active Request

Source-Active Request message.

Source-Active Response

Source-Active Response message.

KeepAlive

Keepalive message.

Notification

Notification message.

Traceroute Request

Traceroute Request message.

Traceroute Reply

Traceroute Reply message.

Data Packets

Data packets.

Unknown Type

Unknown type message.

display msdp invalid-packet

Function

The display msdp invalid-packet command displays statistics about invalid MSDP messages received by a device and details of these messages.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] invalid-packet [ peer peer-address | message-type { keepalive | notification | sa-request | sa-response | source-active } ] *

display msdp invalid-packet [ packet-number ] verbose

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Displays statistics about invalid MSDP messages received in all VPN instances.

If vpn-instance or all-instance is not specified, only the public network instance is displayed.

-
peer peer-address Displays statistics about invalid MSDP messages received from a specified peer. peer-address specifies an MSDP peer address. The address is in dotted decimal notation.
message-type Displays statistics about invalid MSDP messages of a specific type. -
keepalive Displays statistics about invalid Keepalive messages. -
notification Displays statistics about invalid Notification messages. -
sa-request Displays statistics about invalid Source-Active Request messages. -
sa-response Displays statistics about invalid Source-Active Response messages. -
source-active Displays statistics about invalid Source-Active messages. -
packet-number Displays details about a specified number of invalid MSDP messages recently received. If this parameter is not specified, details about all invalid MSDP messages. The value is an integer that ranges from 1 to 100.
verbose Displays details about invalid MSDP messages. -

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

You can run the display msdp invalid-packet command to view statistics and details of invalid MSDP messages for fault location and rectification.

If MSDP peer relationships fail to be set up on a multicast network, you can run the display msdp invalid-packet command first to check whether devices have received invalid MSDP messages. If the command output contains statistics about invalid MSDP messages, run the display msdp invalid-packet [ packet-number ] verbose command to view details of invalid MSDP messages to locate the fault.

Example

# Display statistics about invalid MSDP messages received by a device in the public network instance.

<HUAWEI> display msdp invalid-packet peer 192.168.1.1
             Statistics of invalid packets for public net:                                                                          
--------------------------------------------------------------------                                                                
MSDP SA invalid packet:                                                                                                             
Fault Length             : 0          Bad Length-x             : 0                                                                  
Bad Sprefix              : 0          Invalid Multicast Group  : 0                                                                  
Invalid Multicast Source : 0          Bad Encap Data           : 0                                                                  
Illegal RP Addr          : 0          RP Loop                  : 0                                                                  
MSDP SA Response invalid packet:                                                                                                    
Fault Length             : 0          Bad Length-x             : 0                                                                  
Bad Sprefix              : 0          Invalid Multicast Group  : 0                                                                  
Invalid Multicast Source : 0          Illegal RP Addr          : 0                                                                  
RP Loop                  : 0                                                                                                        
MSDP SA Request invalid packet:                                                                                                     
Fault Length             : 0          Invalid Multicast Group  : 0                                                                  
MSDP Keep Alive invalid packet:                                                                                                     
Fault Length             : 0                                                                                                        
MSDP Notification invalid packet:                                                                                                   
Fault Length             : 0                                                                                                        
--------------------------------------------------------------------                                                                
Table 10-58  Description of the display msdp invalid-packet peer 192.168.1.1 command output

Item

Description

Statistics of invalid packets for public net

Statistics about invalid MSDP messages in the public network instance.

MSDP SA invalid packet

Invalid SA messages.

Fault Length

Messages with invalid lengths.

Bad Length-x

Messages with invalid Length-x fields.

Bad Sprefix

Messages with invalid Sprefix fields.

Invalid Multicast Group

Messages with invalid multicast group addresses.

Invalid Multicast Source

Messages with invalid multicast source addresses.

Bad Encap Data

Messages with invalid data encapsulated.

Illegal RP Addr

Messages with illegal RP addresses.

RP Loop

Messages whose RP addresses are local addresses.

MSDP SA Response invalid packet

Invalid SA Response messages.

MSDP SA Request invalid packet

Invalid SA Request messages.

MSDP Keep Alive invalid packet

Invalid Keepalive messages.

MSDP Notification invalid packet

Invalid Notification messages.

# Display details of a specific invalid MSDP message recently received in the public network instance.

<HUAWEI> display msdp invalid-packet 1 verbose
       Detailed information of invalid packets
-----------------------------------------------------
Packet information (Index 1):
-----------------------------------------------------
Interface           :  Vlanif100
Time                :  2010-6-9 11:25:46 UTC-08:00
Message Length      :  22
Invalid Type        :  Invalid Addr List
Peer Address        :  10.2.2.2
0000: 00 01 00 02 00 69 00 13 00 04 00 00 00 64 00 02
0010: 00 04 81 f4 09 c4
-----------------------------------------------------  
Table 10-59  Description of the display msdp invalid-packet 1 verbose command output

Item

Description

Detailed information of invalid packets

Details about invalid MSDP messages.

Packet information (Index 1)

Sequence number of the invalid MSDP message (numbered in the opposite order that the message is received, for example, the index of the last received message is 1, the index of the last but one message is 2, and so on).

Interface

Interface that received the invalid MSDP message.

Time

Time when the invalid MSDP message is received, in any of the following formats:
  • YYYY-MM-DD HH:MM:SS

  • YYYY-MM-DD HH:MM:SS UTC±HH:MM DST

  • YYYY-MM-DD HH:MM:SS UTC±HH:MM

  • YYYY-MM-DD HH:MM:SS DST

UTC±HH:MM indicates that a time zone is configured through the clock timezone command; DST indicates that the daylight saving time is configured through clock daylight-saving-time command.

Message Length

Length of the invalid MSDP message.

Invalid Type

Type of the invalid MSDP message.

Peer Address

Peer address of the invalid MSDP message.

0000: 00 01 00 02 00 69 00 13 00 04 00 00 00 64 00 02

0010: 00 04 81 f4 09 c4

Contents of the invalid MSDP message.

display msdp peer-status

Function

The display msdp peer-status command displays the detailed information about MSDP peers.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] peer-status [ peer-address ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances.

If vpn-instance or all-instance is not specified, only the public network instance is displayed.

-
peer-address Specifies the address of a remote MSDP peer. If this parameter is not specified, information about all the MSDP peers in the instance is displayed. The address is in dotted decimal notation.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After MSDP peers establish a TCP connection, the display msdp peer-status command can be used to display the detailed information about a specified MSDP peer, such as the interface status, interface configuration, policy for filtering messages, and number of messages.

Precautions

This command displays the detailed information about a specified MSDP peer only when the MSDP peer has been configured.

Example

# Display the detailed information about the MSDP peer 10.110.11.11 in the public network instance.

<HUAWEI> display msdp peer-status 10.110.11.11
MSDP Peer Information of VPN instance: public net
  MSDP Peer 10.110.11.11, AS 100
  Description:
  Information about connection status:
    State: Up
    Up/down time: 14:41:08
    Resets: 0
    Connection interface: LoopBack0 (10.110.11.22)
    Number of sent/received messages: 867/947
    Number of discarded output messages: 0
    Elapsed time since last connection or counters clear: 14:42:40
  Information about (Source, Group)-based SA filtering policy:
    Import policy: none
    Export policy: none
  Information about SA-Requests:
    Policy to accept SA-Request messages: none
    Sending SA-Requests status: disable
  Minimum TTL to forward SA with encapsulated data: 0
  SAs learned from this peer: 0, SA-cache maximum for the peer: none
  Input queue size: 0, Output queue size: 0
  Counters for MSDP message:
    Count of RPF check failure: 0
    Incoming/outgoing SA messages: 0/0
    Incoming/outgoing SA requests: 0/0
    Incoming/outgoing SA responses: 0/0
    Incoming/outgoing data packets: 0/0
  Peer authentication: unconfigured
  Peer authentication type: none
Table 10-60  Description of the display msdp peer-status command output

Item

Description

MSDP Peer Information of VPN instance

VPN instance to which MSDP peer information belongs.

MSDP Peer

Address of the peer. This parameter is configured using the peer connect-interface (MSDP) command.

AS

AS number of the MSDP peer.

A question mark (?) indicates that the AS number cannot be obtained.

Description

Description of the verbose information.

Information about connection status

Information of connection status.

State

Status of the MSDP session.
  • Up: The connection is set up and is in the Up state.

  • Listen: The local device acts as the server. The connection is not set up.

  • Connect: The local device acts as the client. The connection is not set up.

  • Shutdown: The MSDP peer is in Shutdown state.

  • Down: The connection fails.

Up/down time

Time when the session becomes Up or Down. The time format is as follows:
  • Time that is shorter than or equal to 24 hours: hour: minute: second.

  • Time that is longer than 24 hours but shorter than or equal to one week: day: hour.

  • Time that is longer than one week: week: day.

Resets

Resetting times.

Connection interface

Address of a connect-interface that is used to set up the TCP connection with the peer address. This parameter is configured using the peer connect-interface (MSDP) command.

Number of sent/received messages

Number of MSDP messages received or sent through the connection.

Number of discarded output messages

Number of discarded messages.

Elapsed time since last connection or counters clear

Time that elapsed since the MSDP peer resetting count and control packet statistics were reset.

Information about (Source, Group)-based SA filtering policy

  • Import policy: is used to receive the filtering list of the SA messages of a specified MSDP peer. You can configure the policy using the peer sa-policy import command.

  • Export policy: is used to forward the filtering list of the SA messages of a specified MSDP peer. You can configure the policy using the peer sa-policy export command.

By default, the SA messages received and forwarded are not filtered. The MSDP peer receives and forwards all the SA messages. The item is expressed by none.

Information about SA-Requests

  • Policy to accept SA-Request messages: restricts the SA request messages received from an MSDP peer by the switch.

    By default, the switch receives all the SA Request messages sent by the MSDP peer. The item is expressed by none. You can set the policy using the peer sa-request-policy command.

  • Sending SA-Requests status: enables or disables the switch to send SA request messages to a specified MSDP peer when the switch receives a Join message.

    By default, when receiving a Join message, the switch does not send the SA Request message to its MSDP peers, but waits for the next SA message. You can configure the switch to send SA Request messages using the peer request-sa-enable command.

Minimum TTL to forward SA with encapsulated data

If the SA message received is encapsulated with the multicast data packet, the switch forwards the SA message to other peers only when the TTL of the packet is not smaller than the minimum TTL. You can configure the function using the peer minimum-ttl command.

SAs learned from this peer

SA messages that pass through the MSDP peer and the number of SA entries in the cache.

SA-cache maximum for the peer

Maximum number of (S, G) entries in the cache when the switch receives the SA message from an MSDP peer. You can configure the maximum number of (S, G) entries in the cache using the peer sa-cache-maximum command.

Input queue size

Length of the data in the input cache.

Output queue size

Length of the data in the output cache.

Counters for MSDP message

Number of MSDP messages.
  • Count of RPF check failure: indicates the number of SA messages discarded because of the RPF check failure.

  • Incoming/outgoing SA messages: indicates the number of sent or received SA messages.

  • Incoming/outgoing SA requests: indicates the number of sent or received SA-Request messages.

  • Incoming/outgoing SA responses: indicates the number of sent or received SA-Response messages.

  • Incoming/outgoing data packets: indicates the number of sent or received SA messages that are encapsulated with multicast data packets.

Peer authentication

Whether MSDP authentication is configured.

Peer authentication type

MSDP authentication modes, including:
  • none: indicates authentication is not configured.

  • MD5: indicates MD5 authentication. This parameter is configured using the peer password (MSDP) command.

  • Keychain: indicates Keychain authentication. This parameter is configured using the peer keychain (MSDP) command.

display msdp rpf-peer

Function

The display msdp rpf-peer command displays information about all RPF peers of a specific source RP address, including RPF peer selection rules and RPF route types.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] rpf-peer original-rp original-rp-address

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Displays information about all the RPF peers of a specific source's RP address in all instances.

If vpn-instance or all-instance is not specified, only the public network instance is displayed.

-
original-rp original-rp-address Displays information about all the RPF peers of a specific source's RP address. original-rp-address specifies the source's RP address. The value is in dotted decimal notation.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

To prevent looping of SA messages between MSDP peers, MSDP peers perform RPF checks on received SA messages and drop the SA messages that do not comply with RPF rules.

The display msdp rpf-peer command is used to check whether the forwarding path of SA messages works properly. Based on the RPF peer information in the command output, you can check every hop in the forwarding path. If the forwarding path is not working properly, this command helps you locate the faulty node.

Precautions

A device does not perform the RPF peer check on the SA messages received from an MSDP peer in the following situations:
  • The address of the MSDP peer is the RP address of the source.

  • The MSDP peer is a static RPF peer of the device.

  • The MSDP peer is a unique MSDP peer of the device.

  • The MSDP peer has joined a full-mesh group. It is a member of a mesh group.

Before configuring this command, ensure that MSDP peers are configured. Only the MSDP peers with Up TCP connection can become RPF peers.

Example

# Display information about RPF peers of the source RP 192.168.4.5 in the public network instance.

<HUAWEI> display msdp rpf-peer original-rp 192.168.4.5
MSDP RPF peer information of VPN-Instance: public net
 MSDP RPF peer information for Original RP: 192.168.4.5
 01. RPF peer: 10.6.6.6
  RPF selection rule: Peer is IGP next hop of best route
  RPF used topology: default
  RPF route type: multicast(static)
Table 10-61  Description of the display msdp rpf-peer original-rp command output

Item

Description

MSDP RPF peer information of VPN-Instance: public net

VPN instance to which MSDP peer information belongs.

MSDP RPF peer information for Original RP

Information about the MSDP RPF peer of a specific source's RP address.

01. RPF peer

RPF peer address.

RPF selection rule

RPF peer selection rule:
  • Peer is IGP next hop of best route: RPF peer is a next hop of an IGP route.

  • Peer is in the AS-path to original RP: RPF peer is on an AS-path to the RP address of the source.

  • Peer is BGP/MBGP next hop of best route: RPF peer is a next hop of a/an BGP/MBGP route.

  • Peer is BGP/MBGP advertiser of best route: RPF peer is a forwarder of a/an BGP/MBGP route.

RPF used topology

RPF used topology:
  • default: default topology.

  • multicast: multicast topology.

  • topology name (user-defined): unicast topology.

RPF route type

RPF route type:
  • mbgp: MBGP route.

  • unicast(bgp): BGP route

  • multicast(static): static multicast route.

  • unicast: IGP route (unicast route).

display msdp sa-cache

Function

The display msdp sa-cache command displays (S, G) entries in the SA cache.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address | source-address | [ as-number-plain | as-number-dot ] ] *

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances.

If vpn-instance or all-instance is not specified, only statistics about the public network instance is displayed.

-
group-address Specifies the group address of an (S, G) entry. It is used to display the corresponding (S, G) of the group in SA Cache. The value is in dotted decimal notation and ranges from 224.0.1.0 to 239.255.255.255.
source-address Specifies the source address of an (S, G) entry. It is used to display the corresponding the (S, G) of the source. The value is in dotted decimal notation.
as-number-plain Specifies the number of the AS, in integer format. The value is an integer that ranges from 1 to 4294967295.
as-number-dot Specifies the number of the AS, in dotted notation. The value is in the x.y format. Here, "x" and "y" are integers that range from 1 to 65535 and 0 to 65535 respectively.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After the SA cache function is enabled, the display msdp sa-cache command can be used to display the information about (S, G) entries learned from other MSDP peers in the SA cache. The information includes the source address, group address, address of the source's RP, routing protocol, AS number, and timeout period of entries.

Precautions

This command displays (S, G) entries in the SA cache only when SA cache has been enabled. By default, SA cache is enabled.

Example

# Display (S, G) entries in the SA cache in the public network instance.

<HUAWEI> display msdp sa-cache
MSDP Source-Active Cache Information of VPN instance: public net
 MSDP Total Source-Active Cache - 2 entries
 MSDP matched 2 entries

(10.0.5.120, 225.0.0.1)
 Origin RP: 3.3.3.3
 Pro: ?, AS: ?
 Uptime: 00:01:01, Expires: 00:05:59

(10.0.5.120, 225.0.0.2)
 Origin RP: 3.3.3.3
 Pro: ?, AS: ?
 Uptime: 00:00:01, Expires: 00:05:59
Table 10-62  Description of the display msdp sa-cache command output

Item

Description

MSDP Source-Active Cache Information of VPN instance

MSDP SA cache in the public network instance.

MSDP Total Source-Active Cache - 2 entries

Two entries are cached by MSDP SA.

MSDP matched 2 entries

Two entries are matched by MSDP, such as the filtering policy and specified source/group address.

(10.0.5.120, 225.0.0.1)

(source address, group address) entry.

Origin RP

Source RP address that advertises the (S, G) entry.

Pro

Type of the protocol from which the AS number of the source RP is obtained. A question mark (?) indicates the protocol type if the AS number of the source RP cannot be obtained.

AS

AS number of the source RP. A question mark (?) indicates the protocol type if the AS number of the source RP cannot be obtained.

Uptime

Time when the (S, G) entry is created in the cache.

Expires

Time when the (S, G) entry in the cache times out.

display msdp sa-count

Function

The display msdp sa-count command displays statistics about the (S, G) entries in the SA cache.

Format

display msdp [ vpn-instance vpn-instance-name | all-instance ] sa-count [ as-number-plain | as-number-dot ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances.

If vpn-instance or all-instance is not specified, only statistics about the public network instance is displayed.

-
as-number-plain Specifies the number of the AS, in integer format. The value is an integer that ranges from 1 to 4294967295.
as-number-dot Specifies the number of the AS, in dotted notation. The value is in the x.y format. Here, "x" and "y" are integers that range from 1 to 65535 and 0 to 65535 respectively.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After the SA cache function is enabled, the display msdp sa-count command can be used to display the statistics about the (S, G) entries in the SA cache, including the addresses of the peers that send SA messages and the (S, G) entry statistics collected according to the AS numbers of sources' RPs.

Precautions

This command displays the number of (S, G) entries in the SA cache only when the MSDP peer has been enabled with SA cache. By default, the SA cache function is enabled.

Example

# Display the number of (S, G) entries in the SA cache in the public network instance.

<HUAWEI> display msdp sa-count
MSDP Source-Active Count Information of VPN-Instance: public net
  Number of cached Source-Active entries, counted by Peer
  Peer's Address     Number of SA
  10.10.10.10        5

  Number of source and group, counted by AS
  AS     Number of source    Number of group
  ?      3                      3

  Total 5 Source-Active entries matched
Table 10-63  Description of the display msdp sa-count command output

Item

Description

MSDP Source-Active Count Information of VPN-Instance

VPN instance to which the SA cache information belongs.

Number of cached Source-Active entries, counted by Peer

Number of the (S, G) entries that are cached according to peers.

Peer's Address

Address of the peer that sends the SA message.

Number of SA

Number of the (S, G) entries received from the peer.

Number of source and group, counted by AS

Number of the (S, G) entries that is counted according to the AS to which the source RP belongs.

AS

AS number.

Number of source

Number of sources in the AS.

NOTE:

If 0 is displayed in the Number of source and Number of group fields, the local device does not receive SA messages from its MSDP peer. Contact technical support personnel to troubleshoot faults.

Number of group

Number of groups in the AS.

Total 5 Source-Active entries matched

Number of (S, G) entries matching specified conditions in the cache.

encap-data-enable

Function

The encap-data-enable command enables the device to encapsulate a multicast data packet into an SA message.

The undo encap-data-enable command disables the device from encapsulating a multicast data packet into an SA message.

By default, no multicast data packet is encapsulated into an SA message.

Format

encap-data-enable

undo encap-data-enable

Parameters

None

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The source RP encapsulates information about all active sources into multiple SA messages to advertise it. Each SA message contains multiple (S, G) entries.

After the encap-data-enable command is used on the RP at the source side, the RP encapsulates the multicast data carried in the Register message into an SA message, and then sends the SA message to the MSDP peer. Only one multicast data packet can be encapsulated into an SA message.

After the encap-data-enable command is used on the MSDP peer, the switch can transmit the SA messages carrying a multicast data packet between PIM-SM domains.

Prerequisites

MSDP has been enabled using the msdp command.

Example

# Encapsulate a multicast data packet into an SA message

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] encap-data-enable

import-source

Function

The import-source command prevents the information about active sources in a domain from being advertised when an SA message is created.

The undo import-source command restores the default configuration.

By default, the information about all active sources is advertised in a domain through SA messages.

Format

import-source [ acl { acl-number | acl-name } ]

undo import-source

Parameters

Parameter Description Value
acl

Indicates the ACL that controls which source is to be advertised to a domain through an SA message and to which groups the SA message is to be advertised. If this parameter is not specified, multicast sources are not advertised.

-
acl-number

Specifies the number of a basic ACL or an advanced ACL.

  • Basic ACL: filters source addresses.
  • Advanced ACL: filters source addresses and multicast group addresses.
The value is an integer that ranges from 2000 to 3999.
acl-name Specifies the name of a basic ACL or an advanced ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When the import-source command is used, MSDP filters advertised (S, G) forwarding entries based on source addresses when creating SA messages. Therefore, when creating SA messages, MSDP can control the transmission of information about multicast sources.

You can also run the peer sa-policy command to filter the SA messages to be forwarded.

Prerequisites

MSDP has been enabled using the msdp command.

Precautions

The import-source and acl commands are used together.
  • In the basic ACL view, set the source address range of advertised multicast packets using SA messages by specifying the source parameter in the rule command.
  • In the advanced ACL view, set the source address range of advertised multicast packets using SA messages by specifying the source parameter in the rule command, and set the address range of advertised multicast groups using SA messages by specifying the destination parameter in the rule command.

Example

# Configure an MSDP peer to advertise the information about a specified active source when creating SA messages in the public network instance. The multicast source is on 10.10.0.0/16 network segment, and the multicast group address is 225.1.0.0/16.

<HUAWEI> system-view
[~HUAWEI] acl number 3101
[*HUAWEI-acl4-advance-3101] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3101] quit
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] import-source acl 3101

# Configure an MSDP peer to advertise the information about a specified active source when creating SA messages. The multicast source is on 10.10.0.0/16 network segment, and the multicast group address is 225.1.0.0/16 in the public network instance using a named ACL.

<HUAWEI> system-view
[~HUAWEI] acl name myacl
[*HUAWEI-acl4-advance-myacl] rule permit ip source 10.10.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-myacl] quit
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] import-source acl myacl

msdp

Function

The msdp command enables MSDP and displays the MSDP view in the public network instance or the VPN instance.

The undo msdp command clears all configurations in the MSDP view, releases the resources occupied by MSDP, and restores the initial state.

By default, MSDP is disabled.

Format

msdp [ vpn-instance vpn-instance-name ]

undo msdp [ vpn-instance vpn-instance-name ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To configure MSDP in the public network instance or the VPN instance, you can run the msdp command to enable MSDP and display the MSDP view. All the configurations related to MSDP peers must be done in the MSDP view.

Prerequisites

The multicast routing function has been enabled using the multicast routing-enable command in the public network instance or the VPN instance.

Configuration Impact

Running the undo msdp command interrupts MSDP services. Therefore, use this command with caution.

Example

# Enable MSDP in the public network instance and enter the MSDP view of the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp]
# Enable MSDP in the VPN instance mytest and enter the MSDP view of the VPN instance.
<HUAWEI> system-view
[~HUAWEI] ip vpn-instance mytest
[*HUAWEI-vpn-instance-mytest] route-distinguisher 100:1
[*HUAWEI-vpn-instance-mytest-af-ipv4] multicast routing-enable
[*HUAWEI-vpn-instance-mytest-af-ipv4] quit
[*HUAWEI-vpn-instance-mytest] quit
[*HUAWEI] msdp vpn-instance mytest
[*HUAWEI-msdp-mytest]

originating-rp

Function

The originating-rp command configures an RP to replace the source RP address in the SA message with an IP address of a specified interface when the RP constructs an SA message. This interface is also called a logical RP.

The undo originating-rp command restores the default configuration.

By default, the source RP address in an SA message is the address of the RP that actually sends the SA message.

Format

originating-rp interface-type interface-number

undo originating-rp

Parameters

Parameter Description Value
interface-type interface-number Specifies the type and number of the interface that functions as a logical RP. -

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You must run this command when configuring anycast RP in a PIM-SM domain.

An MSDP peer performs the RPF check on a received SA message and then discards the message if the addresses of the local RP and the remote RP are the same. In anycast RP, however, you need to configure RPs on two or more devices in a PIM-SM domain, assign the same IP address to these RPs, and set up MSDP peer relationships between these devices. You must configure an address that is different from the actual RP address for the logical RP so that the SA message can pass the RPF check.

Prerequisites

MSDP has been enabled using the msdp command.

Precautions

The interface functioning as a logical RP cannot be an actual RP interface. Commonly, the interfaces setting up an MSDP peer relationship can be specified as logical RP addresses.

Example

# Configure VLANIF100 as the logical RP for the SA message in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] originating-rp vlanif 100

peer connect-interface (MSDP)

Function

The peer connect-interface command configures an MSDP peer.

The undo peer command removes the configured MSDP peer.

By default, no MSDP peer is configured.

Format

peer peer-address connect-interface interface-type interface-number

undo peer peer-address

Parameters

Parameter Description Value
peer-address Specifies the address of a remote MSDP peer. The address is in dotted decimal notation.
interface-type interface-number Specifies the type and the number of the interface. The local switch uses the primary address of the interface as the source IP address to set up the TCP connection with the remote MSDP peer. -

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

MSDP peers are identified by addresses. You can run the peer connect-interface command on two devices to specify the peer addresses for each other and specify interfaces for establishing the TCP connection. In this way, an MSDP peer connection is established.

Prerequisites

MSDP has been enabled using the msdp command.

Configuration Impact

You can run the peer peer-address connect-interface interface-type interface-number command repeatedly to configure multiple MSDP peers for the local switch.

  • You can specify the same interface-type interface-number for different peer-address. That is, you can specify the same local interface for different remote peers.

  • You can specify different interface-type interface-number for different peer-address. That is, you can specify different local interfaces for different remote peers.

Precautions

Run the peer connect-interface command before running other peer commands. Otherwise, the system prompts that the peer does not exist.

When configuring a static RPF peer, you need to first run the peer connect-interface command to set the remote end as an MSDP peer and then the static-rpf-peer command to set the MSDP peer as a static RPF peer.

Example

# Configure IP address 10.10.7.6 for the remote MSDP peer and specify VLANIF100 as the local interface in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100

peer description (MSDP)

Function

The peer description command adds the description text for an MSDP peer.

The undo peer description command restores the default configuration.

By default, an MSDP peer does not have the description text.

Format

peer peer-address description text

undo peer peer-address description

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The address is in dotted decimal notation.
text Specifies the description text. The description text is a string of 1 to 80 case-sensitive characters, spaces supported.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If multiple MSDP peers are configured on the network, the MSDP peers cannot be easily distinguished only based on IP addresses. The administrator can distinguish the MSDP peers by setting the description texts for them.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Example

# Add a description ClientA for the MSDP peer with the IP address being 10.10.7.6 in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.10.7.6 description ClientA

peer keychain (MSDP)

Function

The peer keychain command configures keychain authentication for establishing a TCP connection between MSDP peers and transmitting MSDP message.

The undo peer keychain command removes keychain authentication between MSDP peers.

By default, MSDP keychain authentication is not configured.

Format

peer peer-address keychain keychain-name

undo peer peer-address keychain

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The value is in dotted decimal notation.
keychain-name Specifies the name of the keychain. This parameter is set using the keychain command.

The value is a string of 1 to 47 case-insensitive characters except question marks (?) and spaces. However, when double quotation marks (") are used to include the string, spaces are allowed in the string.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

MSDP supports MD5 authentication and keychain authentication that improve security on TCP connections between MSDP peers. Keychain authentication supports multiple algorithms and is more suitable than MD5 authentication for networks that require high security.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

A keychain in accordance with the configured keychain-name has been enabled using the keychain command; otherwise, the TCP connection cannot be set up.

Precautions

You must configure keychain authentication on both MSDP peers. Note that encryption algorithms and passwords configured for keychain authentication on both peers must be the same; otherwise, the TCP connection cannot be set up between MSDP peers and MSDP messages cannot be transmitted.

MSDP MD5 authentication and MSDP keychain authentication are mutually exclusive.

Example

# Configure MSDP keychain authentication between the local switch and the peer 10.1.1.2 and configure a keychain named huawei in the public network instance.

<HUAWEI> system-view
[~HUAWEI] keychain huawei mode absolute
[*HUAWEI-keychain-huawei] key-id 1
[*HUAWEI-keychain-huawei-keyid-1] algorithm sha-256
[*HUAWEI-keychain-huawei-keyid-1] key-string cipher Huawei@1234
[*HUAWEI-keychain-huawei-keyid-1] quit
[*HUAWEI-keychain-huawei] quit
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.1.1.2 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.1.1.2 keychain huawei

peer mesh-group

Function

The peer mesh-group command adds an MSDP peer to a mesh group.

The undo peer mesh-group command restores the default configuration.

By default, an MSDP peer does not belong to any mesh group.

Format

peer peer-address mesh-group name

undo peer peer-address mesh-group

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer that is to be a member of a mesh group. The address is in dotted decimal notation.
name Specifies the name of a mesh group. The name is a string of 1 to 32 case-sensitive characters.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If multiple MSDP peers exist on a network, SA messages may be flooded between peers. Especially when many MSDP peers are configured in the same PIM-SM domain, RPF rules cannot filter out useless SA messages effectively. The MSDP peer needs to perform an RPF check on each SA message received, which brings a heavy load to the system.

Configuring multiple MSDP peers to join the same mesh group can reduce the number of SA messages transmitted between these MSDP peers and release the load of the system.

Prerequisites

The device has established MSDP peer relationships with current mesh group members using the peer connect-interface command.

Configuration Impact

One MSDP peer can join only one mesh group. If an MSDP peer is configured to join different mesh groups for several times, the latest configuration takes effect.

When a member of the mesh group receives an SA message, it checks the source of the SA message:

  • If the SA message is sent by a certain MSDP peer outside the mesh group, the member performs the RPF check on the SA message. If the SA message passes the check, the member forwards it to other members of the mesh group.

  • If the SA message is sent by a member of the mesh group, the member directly accepts the message without performing the RPF check. In addition, it does not forward the message to other members in the mesh group.

Precautions

The MSDP peer relationships must be established between the peers in a mesh group.

Commonly, the MSDP peers in the same AS join the same mesh group and EBGP routes need be configured between inter-AS MSDP peers.

Example

# Add the MSDP peer with the address of 10.10.7.6 to the mesh group Group1 in the public network instance

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.10.7.6 mesh-group Group1

peer minimum-ttl

Function

The peer minimum-ttl command sets a TTL threshold for the multicast data packet that can be encapsulated in an SA message and forwarded to a specified MSDP peer.

The undo peer minimum-ttl command restores the default value.

By default, the TTL threshold is 0.

Format

peer peer-address minimum-ttl ttl

undo peer peer-address minimum-ttl

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The address is in dotted decimal notation.
ttl Specifies the TTL threshold. The value is an integer that ranges from 0 to 255.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

MSDP peers transmit SA messages to each other over an established TCP connection. The peer minimum-ttl command is used to limit the forwarding of SA messages with multicast data packets encapsulated.

After the TTL threshold is set for a specified peer, the switch checks the TTL of a multicast data packet before encapsulating the multicast data packet in an SA message. Only the multicast data packet with the TTL being greater than the threshold is encapsulated in an SA message and sent to the peer of the switch.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Example

# Set the TTL threshold to 10. Only the multicast data packet with the TTL value being greater than 10 is encapsulated in the SA message and forwarded to MSDP peer 10.10.10.1 in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.10.1 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.10.10.1 minimum-ttl 10

peer password (MSDP)

Function

The peer password command configures MD5 authentication for establishing a TCP connection between MSDP peers.

The undo peer password command removes the MD5 authentication between MSDP peers.

By default, the MSDP MD5 authentication is not configured.

Format

peer peer-address password { cipher cipher-password | simple simple-password }

undo peer peer-address password

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer.

The address is in dotted decimal notation.

cipher cipher-password Specifies the password in the cipher text.

The value is a string of case sensitive characters without any space. A cipher password may contain 1 to 255 plain characters or 20 to 432 encrypted characters.

When double quotation marks are used around the string, spaces are allowed in the string.

simple simple-password Specifies the password in the plain text.
NOTICE:

If simple is selected, the password is saved in the configuration file in plain text. This brings high security risks. It is recommended that you select cipher to save the password in cipher text. To improve the device security, change the password periodically.

The value is a string of 1 to 255 case-sensitive characters without spaces.

When double quotation marks are used around the string, spaces are allowed in the string.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

MSDP supports MD5 authentication and keychain authentication that improves security on TCP connections between MSDP peers.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Precautions

MD5 is not a secure authentication algorithm. To ensure security, you are advised to use the more secure Keychain algorithm for MSDP authentication.

MSDP peers must be configured with the same authentication password; otherwise, the TCP connections cannot be set up between MSDP peers and MSDP messages cannot be transmitted. The authentication password on peers can be in different formats, for example, the password on one end can be in the cipher text while the password on the peer can be in the plain text.

MSDP MD5 authentication and MSDP keychain authentication are mutually exclusive.

Example

# Configure MSDP MD5 authentication between the local switch and the peer 10.1.1.1 and set the authentication password to Huawei@1234 in the cipher text in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.1.1.1 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.1.1.1 password cipher Huawei@1234

peer request-sa-enable

Function

The peer request-sa-enable command enables the function of immediately sending the SA Request message to a specified MSDP peer.

The undo peer request-sa-enable command restores the default configuration.

By default, when receiving a new Join message for a group, the switch does not send an SA Request messages to MSDP peer but waits to receive the next SA message.

Format

peer peer-address request-sa-enable

undo peer peer-address request-sa-enable

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The address is in dotted decimal notation.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a new user joins multicast group G in a PIM-SM domain, a (*, G) entry is created on the RP. If no corresponding (S, G) information exists on the RP and SA cache is not enabled on the RP, multicast routes cannot be generated for this user. The RP then must wait for the next SA message from the remote MSDP peer to obtain valid (S, G) information.

Generally, the interval for an MSDP peer to send SA messages is set to a large value to reduce traffic load in the PIM-SM domain. This, however, will cause a delay in joining the source's SPT. To minimize the delay, enable the function of immediately sending SA Request messages on the local RP and enable the SA cache function on the remote MSDP peer. Then after a new Join message is received but the local entries and SA cache do not contain corresponding (S, G) information, the local RP immediately sends an SA Request message to the remote MSDP peer instead of waiting to receive the next SA message.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Precautions

Before configuring the peer request-sa-enable command on the local switch, disable SA cache on the local switch and enable SA cache on the peer of the specified peer-address. Therefore, when the local switch has new receiving requests, it can actively send SA Request messages to the peer and receive responses from the peer.

Example

# Configure the switch to send SA Request messages to the MSDP peer 10.10.7.6 when receiving a new Join message in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.10.7.6 request-sa-enable

peer sa-cache-maximum

Function

The peer sa-cache-maximum command sets the maximum number of (S, G) entries that are learned from MSDP peers and cached in the SA cache.

The undo peer sa-cache-maximum command restores the maximum number of (S, G) entries that are learned from MSDP peers and cached in the SA cache to the default value.

By default, the maximum number of (S, G) entries in the SA cache is 8192.

Format

peer peer-address sa-cache-maximum sa-limit

undo peer peer-address sa-cache-maximum

Parameters

Parameter Description Value
peer-address Specifies the IP address of an MSDP peer. The address is in dotted decimal notation.
sa-limit Specifies the maximum number of (S, G) entries that are allowed to cache. The number is an integer that ranges from 1 to 4294967295.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

It is recommended that you perform this configuration on all MSDP peers on a network vulnerable to DoS attacks.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Configuration Impact

The total number of (S, G) entries that can be cached in the SA cache is limited by the capacity of the SA cache. The SA cache of the switch supports a maximum of 65536 (S, G) entries. For (S, G) entries learned from a single MSDP peer:
  • By default, the maximum number of (S, G) entries that can be cached in the SA cache is 8192.
  • If you set the maximum number of (S, G) entries allowed in the SA cache to a value smaller than or equal to 65536, the configured value takes effect.
  • If you set the maximum number of (S, G) entries allowed in the SA cache to a value larger than 65536, the value 65536 takes effect.

After the number of (S, G) entries in the SA cache reaches the maximum value, new (S, G) entries learned from MSDP peers will not be cached or advertised to PIM-SM. These entries, however, can be forwarded in SA messages.

Example

# Set the maximum number of (S, G) entries that are learned from MSDP peer 10.10.7.6 in the public network instance and cached in the SA cache to 100.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100 
[*HUAWEI-msdp] undo cache-sa-disable 
[*HUAWEI-msdp] peer 10.10.7.6 sa-cache-maximum 100

peer sa-policy

Function

The peer sa-policy command sets a filtering policy for SA messages received or forwarded.

The undo peer sa-policy command restores the default configuration.

By default, the SA messages received and forwarded are not filtered. That is, all (S, G) entries are received and forwarded to MSDP peers.

Format

peer peer-address sa-policy { import | export } [ advanced-acl-number | acl-name acl-name ]

undo peer peer-address sa-policy { import | export }

Parameters

Parameter Description Value
peer-address Specifies the address of a remote MSDP peer. The address is in dotted decimal notation.
import Receives the SA messages from a specified MSDP peer.

After the import parameter is used, when an SA message reaches the local switch from the specified peer, the local switch filters the message using the import policy to determine whether to process the SA message.

-
export Forwards the SA messages to a specified MSDP peer.

After the export parameter is used, a switch filters an SA message using the export policy to determine whether to forward the SA message.

-
advanced-acl-number Specifies the number of the advanced ACL. The number is an integer that ranges from 3000 to 3999.
acl-name acl-name Specifies the name of the advanced ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the peer sa-policy command is used, MSDP can filter (S, G) forwarding entries carried in the SA message received from or forwarded to specified MSDP peers according to multicast sources. The transmission of multicast source information is controlled when SA messages are received and forwarded.

Besides controlling the transmission of SA messages, you can run the import-source command on the peer nearest to the source to control the creation of SA messages.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Precautions

  • In the import policy, if the ACL is not specified, the switch does not receive SA messages from any MSDP peer; if this parameter is configured, the switch receives SA messages that carry the (S, G) entry only from a specified MSDP peer.
  • In the export policy, if the ACL is not specified, the switch does not forward SA messages from any MSDP peer; if this parameter is configured, the switch forwards SA messages that carry the (S, G) entry only to a specified MSDP peer.

Example

# Configure the switch to forward only the SA messages that pass the ACL3100 filtering to peer 10.10.7.6 in the public network instance.

<HUAWEI> system-view
[~HUAWEI] acl number 3100
[*HUAWEI-acl4-advance-3100] rule permit ip source 10.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-3100] quit
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100
[*HUAWEI-msdp] peer 10.10.7.6 sa-policy export 3100

# Configure a named ACL so that the switch forwards SA messages only to peer 10.10.7.6.

<HUAWEI> system-view
[~HUAWEI] acl name myacl
[*HUAWEI-acl4-advance-myacl] rule permit ip source 10.15.0.0 0.0.255.255 destination 225.1.0.0 0.0.255.255
[*HUAWEI-acl4-advance-myacl] quit
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100
[*HUAWEI-msdp] peer 10.10.7.6 sa-policy export acl-name myacl

peer sa-request-policy

Function

The peer sa-request-policy command configures the filtering policy to respond to the SA Request messages sent by a specified MSDP peer. Once the SA Request message passes the filtering, the switch responds to the SA message immediately.

The undo peer sa-request-policy command restores the default configuration.

By default, the switch responds to all SA request messages sent by all MSDP peers.

Format

peer peer-address sa-request-policy acl { basic-acl-number | acl-name }

peer peer-address sa-request-policy [ basic-acl-number | acl-name acl-name ]

undo peer peer-address sa-request-policy

Parameters

Parameter Description Value
peer-address Indicates the address of MSDP peer that sends the SA Request message. The address is in dotted decimal notation.
acl Specifies an ACL. -
basic-acl-number Specifies the number of a basic ACL. The number is an integer that ranges from 2000 to 2999.
acl-name Specifies a named ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

acl-name Specifies the name of a basic ACL.

The value is a string of 1 to 32 case-sensitive characters except spaces. The value must start with a letter (case-sensitive).

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a local MSDP peer receives SA Request messages, the MSDP peer responds to all SA Request messages by default. To configure the switch to respond only to certain SA Request messages, configure the peer sa-request-policy command.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Precautions

If the ACL is not specified, all SA Requests messages of the MSDP peer are ignored. If the ACL is specified, only the SA Request messages of the group that meets the requirements of the ACL are processed.

The peer sa-request-policy and acl commands are used together.
  • In the basic ACL view, you can set the multicast group address range of SA messages that are forwarded by the MSDP peer by specifying the source parameter in the rule command.

Example

# Configure the ACL for filtering SA request messages sent by the MSDP peer 10.58.6.5: only SA request messages bound for the group whose address is 225.1.1.0/24 are received in the public network instance.

<HUAWEI> system-view
[~HUAWEI] acl number 2001
[*HUAWEI-acl4-basic-2001] rule permit source 225.1.1.0 0.0.0.255
[*HUAWEI-acl4-basic-2001] quit
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.58.6.5 connect-interface vlanif 100 
[*HUAWEI-msdp] peer 10.58.6.5 sa-request-policy 2001

reset msdp control-message counters

Function

The reset msdp control-message counters command clears statistics about MSDP messages.

Format

reset msdp [ vpn-instance vpn-instance-name | all-instance ] control-message counters [ peer peer-address ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all instances, including the public network instance and all VPN instances.

If vpn-instance or all-instance is not specified, only information about the public network instance is cleared.

-
peer peer-address Specifies IP address of MSDP peer.

If peer peer-address is specified, only statistics about the MSDP messages exchanged with a specified MSDP peer are cleared.

The value is in dotted decimal notation.

Views

User view

Default Level

3: Management level

Usage Guidelines

This command clears statistics about the received, sent, and discarded MSDP messages.

Example

# Clear statistics about the MSDP messages received, sent, and discarded on the peer 10.3.3.3 in the public network instance.

<HUAWEI> reset msdp control-message counters peer 10.3.3.3

reset msdp peer

Function

The reset msdp peer command resets the TCP connection with a specified MSDP peer, and clears statistics about the specified MSDP peer.

Format

reset msdp [ vpn-instance vpn-instance-name | all-instance ] peer [ peer-address ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances.

If vpn-instance or all-instance is not specified, the TCP connections set up between MSDP peers in the public network instance are reset and statistics about MSDP peers in the public network instance are cleared.

-
peer-address Specifies the address of an MSDP peer. If the peer-address is not specified, all peers are reset. The value is in dotted decimal notation.

Views

User view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To re-configure the TCP connection between MSDP peers or clear statistics about the specified MSDP peer, run the reset msdp peer command.

Use the reset msdp statistics command to clear the statistics about an MSDP peer without resetting the MSDP peer.

Configuration Impact

After this command is run, the TCP connection with the specified MSDP peer is torn down and a new TCP is set up again. During this process, MSDP services are interrupted, which may affect multicast services, for example, multicast data transmission fails. Therefore, use this command with caution.

Example

# Reset the TCP connection with MSDP peer 10.10.7.6 and clear the statistics about MSDP peer 10.10.7.6. in the public network instance.

<HUAWEI> reset msdp peer 10.10.7.6

reset msdp sa-cache

Function

The reset msdp sa-cache command clears (S, G) entries in the SA cache.

Format

reset msdp [ vpn-instance vpn-instance-name | all-instance ] sa-cache [ group-address ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances.

If vpn-instance or all-instance is not specified, only the entries in the SA cache of the public network instance are cleared.

-
group-address Specifies the group address carried in (S, G) information. If this parameter is not specified, all (S, G) information in the SA cache is cleared. The value ranges from 224.0.1.0 to 239.255.255.255, in dotted decimal notation.

Views

User view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

To clear (S, G) information from an SA cache, run the reset msdp sa-cache command.

Configuration Impact

(S, G) information in the SA cache cannot be restored after you clear it. Therefore, confirm the action before you use this command.

Example

# Clear the (S, G) entries with the group address of 225.5.4.3 in the SA cache in the public network instance.

<HUAWEI> reset msdp sa-cache 225.5.4.3

reset msdp statistics

Function

The reset msdp statistics command clears statistics about one or more MSDP peers without resetting the MSDP peer (s).

Format

reset msdp [ vpn-instance vpn-instance-name | all-instance ] statistics [ peer-address ]

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies a VPN instance. vpn-instance-name specifies the name of the VPN instance.

The value is a string of 1 to 31 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string. The value _public_ is reserved and cannot be used as the VPN instance name.

all-instance Indicates all the instances. If vpn-instance or all-instance is not specified, only information about the public network instance is cleared. -
peer-address Specifies the address of an MSDP peer. If the peer-address is not specified, the statistics about all MSDP peers are cleared. The value is in dotted decimal notation.

Views

User view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

After the reset msdp statistics command is used, the statistics about the MSDP peer are cleared automatically. However, the TCP connections among peers are not closed, and MSDP services are not affected.

To clear the statistics about an MSDP peer and to rebuild the TCP connections among MSDP peers at the same time, use the reset msdp peer command.

Example

# Clear the statistics of MSDP peer 10.10.7.6 in the public network instance.

<HUAWEI> reset msdp statistics 10.10.7.6

shutdown (MSDP)

Function

The shutdown command terminates a specified MSDP peer.

The undo shutdown command restores the default configuration.

By default, the MSDP peers are not closed after the peer relationship is established.

Format

shutdown peer-address

undo shutdown peer-address

Parameters

Parameter Description Value
peer-address Specifies the address of an MSDP peer. The address is in dotted decimal notation.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The shutdown command can be used to close the TCP connection between two MSDP peers while keeping the MSDP peer relationship.

Prerequisites

MSDP peers have been configured using the peer connect-interface (MSDP) command.

Configuration Impact

After the shutdown command is run on MSDP peers, the MSDP peers do not transmit SA messages or attempt to establish a connection. When the display msdp brief command or the display msdp peer-status command is used to check the status of MSDP peers, State in the command output is displayed as Shutdown.

Precautions

You only need to run the undo shutdown command to restore the configuration. You do not need to run the peer connect-interface (MSDP) command to reconfigure the MSDP peer.

Example

# Close MSDP peer 10.10.7.6 in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 10.10.7.6 connect-interface vlanif 100 
[*HUAWEI-msdp] shutdown 10.10.7.6

static-rpf-peer

Function

The static-rpf-peer command configures an MSDP peer as a static RPF peer. The SA messages sent by the static RPF peer are free from the RPF check.

The undo static-rpf-peer command restores the default configuration.

By default, no MSDP peer is configured as a static RPF peer.

Format

static-rpf-peer peer-address [ rp-policy ip-prefix-name ]

undo static-rpf-peer peer-address

Parameters

Parameter Description Value
peer-address Specifies the address of a static RPF peer. The value is in dotted decimal notation.
rp-policy ip-prefix-name Specifies the filtering policy based on RP addresses. The filtering policy is used to filter SA messages based on RP addresses. ip ip-prefix specifies the name of the filtering policy.

The name is a string of 1 to 169 case-sensitive characters except spaces. When double quotation marks are used to include the string, spaces are allowed in the string.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To prevent SA messages from being circularly forwarded between MSDP peers, MSDP performs the RPF check on the received SA message. MSDP strictly controls the incoming SA messages. The SA messages that do not comply with the RPF rules are discarded.

To protect the SA messages transmitted between MSDP peers from being discarded in RPF checks and reduce redundant traffic, you can specify MSDP peers as static RPF peers. The SA messages received from a static RPF peer do not need to be checked according to RPF rules.

Prerequisites

The MSDP peer relationship has been established between the switch and a specified RPF peer using the peer connect-interface (MSDP) command.

Configuration Impact

You can specify multiple remote static RPF peers for the switch using the static-rpf-peer peer-address command repeatedly.

Precautions

When you specify multiple static RPF peers for the switch, pay attention to the following points:

  • All the peers are configured with rp-policy

    When SA messages sent by a static RPF peer in the active state reaches the local switch, the local switch filters the SA messages according to specified rp-policy on the peers, and receives only the SA messages that pass the filter.

  • None of the peers is configured with rp-policy

    The local switch receives all the SA messages from the static RPF peers in the active state.

Example

# Configure 192.168.3.2 as a static RPF peer, with the source RP address range of 192.168.0.0/16 in the public network instance.

<HUAWEI> system-view
[~HUAWEI] ip ip-prefix list-df permit 192.168.0.0 16 greater-equal 16 less-equal 32
[*HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] peer 192.168.3.2 connect-interface vlanif 100
[*HUAWEI-msdp] static-rpf-peer 192.168.3.2 rp-policy list-df

timer retry

Function

The timer retry command sets the interval for retrying to set up an MSDP peer relationship.

The undo timer retry command restores the default value.

By default, the interval for retrying to set up an MSDP peer relationship is 30 seconds.

Format

timer retry interval

undo timer retry

Parameters

Parameter Description Value
interval Specifies the interval for retrying to set up an MSDP peer relationship. The value is an integer that ranges from 1 to 60, in seconds.

Views

MSDP view of public network instance or MSDP view of VPN instance

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The TCP connection needs to be set up between the MSDP peers. MSDP requires the peer with the larger IP address to listen at the port 639, and the peer with the smaller IP address to start a connection. If the connection fails, the peer restarts the connection after a period of time. Such a period of time is called "interval retrying to set up an MSDP peer relationship".

You need to establish a TCP connection between MSDP peers when an MSDP peer is created, the closed MSDP peer connection is restarted, or the faulty MSDP peer tries to restore the work. You can run the timer retry command to adjust the interval for retrying to set up an MSDP peer relationship.

Prerequisites

MSDP has been enabled using the msdp command.

Example

# Set the interval for retrying to set up an MSDP peer relationship to 60 seconds in the public network instance.

<HUAWEI> system-view
[~HUAWEI] multicast routing-enable
[*HUAWEI] msdp
[*HUAWEI-msdp] timer retry 60
Translation
Download
Updated: 2019-03-21

Document ID: EDOC1000166501

Views: 44039

Downloads: 330

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next