No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S12700 V200R013C00 Command Reference

This document describes all the configuration commands of the device, including the command function, syntax, parameters, views, default level, usage guidelines, examples, and related commands.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
GRE Configuration Commands

GRE Configuration Commands

Command Support

For details about command support, see the description of each command. If no command support information is provided, all switch models support the command by default.

description (tunnel interface view)

Function

The description command sets the description of the current tunnel interface.

The undo description command deletes the description of the current tunnel interface.

By default, a tunnel interface does not have a description.

Format

description text

undo description

Parameters

Parameter Description Value
text Specifies the description of a tunnel interface. The value is a string of 1 to 242 case-sensitive characters, with spaces supported.

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

After using the interface tunnel command to create a tunnel interface, you can run the description command to configure a description of the tunnel interface to facilitate later query.

To check the description of a tunnel interface, run the display this interface command in the tunnel interface view or the display interface tunnel command.

Example

# Configure the description of Tunnel 1.
<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] description This is a tunnel from 10.1.1.1 to 10.2.2.2
# Delete the description of Tunnel 1.
<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] undo description

destination

Function

The destination command specifies the destination IP address of a tunnel interface.

The undo destination command deletes the destination IP address of a tunnel interface.

By default, no destination address is configured.

Format

destination [ vpn-instance vpn-instance-name ] dest-ip-address

undo destination

Parameters

Parameter Description Value
vpn-instance vpn-instance-name Specifies the name of the VPN instance that the destination address of a tunnel belongs to. When the tunnel interface uses GRE, you can specify vpn-instance vpn-instance-name.

The value is the name of an existing VPN instance.

dest-ip-address Specifies the destination IP address of a tunnel interface.

The IPv4 address is in dotted decimal notation.

The IPv6 address is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X.

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When configuring a GRE, MPLS TE, IPv4 over IPv6 tunnel or manual IPv6 over IPv4 tunnel, create a tunnel interface. After a tunnel interface is created, run the destination command to specify the destination IP address for the tunnel interface.

When using the destination command on a PE to specify the destination address of a GRE tunnel bound for a CE, you need to set vpn-instance vpn-instance-name in the command to specify the name of the VPN instance to which the destination address belongs.

Prerequisites

A tunnel interface has been created using the interface tunnel command, and the encapsulation mode is set to GRE, MPLS TE, IPv4 over IPv6 or IPv6 over IPv4 of manual mode using the tunnel-protocol command.

Precautions

Two tunnel interfaces with the same encapsulation mode, source address, and destination address cannot be configured simultaneously.

You can configure a main interface working in Layer 3 mode as the source tunnel interface.

On the GRE, MPLS TE, IPv4 over IPv6 tunnel or manual IPv6 over IPv4 tunnel, the destination address of the local tunnel interface is the source address of the remote tunnel interface, and the source address of the local tunnel interface is the destination address of the remote tunnel interface.

Example

# Establish a manual IPv6 over IPv4 tunnel between VLANIF 10 at 10.1.1.1 on switch HUAWEI1 and VLANIF 20 at 10.2.1.1 on switch HUAWEI2.
<HUAWEI1> system-view
[HUAWEI1] interface tunnel 1
[HUAWEI1-Tunnel1] tunnel-protocol ipv6-ipv4
[HUAWEI1-Tunnel1] source 10.1.1.1
[HUAWEI1-Tunnel1] destination 10.2.1.1
<HUAWEI2> system-view
[HUAWEI2] interface tunnel 1
[HUAWEI2-Tunnel1] tunnel-protocol ipv6-ipv4
[HUAWEI2-Tunnel1] source 10.2.1.1
[HUAWEI2-Tunnel1] destination 10.1.1.1
# Set the destination address of the GRE tunnel Tunnel1 to 10.1.1.1 that belongs to vpn1.
<HUAWEI> system-view
[HUAWEI] ip vpn-instance vpn1
[HUAWEI-vpn-instance-vpn1] ipv4-family
[HUAWEI-vpn-instance-vpn1-af-ipv4] route-distinguisher 100:1
[HUAWEI-vpn-instance-vpn1-af-ipv4] quit
[HUAWEI-vpn-instance-vpn1] quit
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] destination vpn-instance vpn1 10.1.1.1

display interface tunnel

Function

The display interface tunnel command displays details of the tunnel interface.

Format

display interface tunnel [ interface-number | main ]

Parameters

Parameter

Description

Value

interface-number

Specifies the number of the tunnel interface.If this parameter is not specified, the command displays information about all tunnel interfaces.

The value must be the number a tunnel interface that has been created.

main

Displays status and traffic statistics about main interface. The interface has no sub-interfaces. Status and traffic statistics about the interface are displayed whether you specify the main parameter or not.

-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

To check status of tunnels or diagnose the fault in these tunnels, run the display interface tunnel command. You can run this command to obtain tunnel interface information when configuring tunnels or when locating the fault on these tunnels.

Prerequisites

Before run display interface tunnel, please ensure that tunnel interface has been created using the interface tunnel command.

Example

# Display the details of the tunnel interface.

<HUAWEI> display interface tunnel 1
Tunnel1 current state : UP             
Line protocol current state : UP                                                
Last line protocol up time : 2012-11-16 19:16:33 UTC+08:00                      
Description:                                                                    
Route Port,The Maximum Transmit Unit is 1500                                    
Internet Address is 10.3.1.2/24                                                 
Encapsulation is TUNNEL, loopback not set                                       
Tunnel source 10.2.1.2 (Vlanif1234), destination 10.2.1.1                       
Tunnel protocol/transport GRE/IP, key disabled                                  
keepalive enable period 5 retry-times 3                                         
Checksumming of packets disabled                                                
Current system time: 2012-11-16 19:17:39+08:00                                  
Last 300 seconds input rate 16 bits/sec, 0 packets/sec                          
Last 300 seconds output rate 0 bits/sec, 0 packets/sec                          
Input:  5 packets, 650 bytes                                                    
Output:  0 packets, 0 bytes                                                     
    Input bandwidth utilization  :    0%                                        
    Output bandwidth utilization :    0%    
Table 10-1  Description of the display interface tunnel command output

Item

Description

Tunnel1 current state

Physical layer status of the tunnel interface:
  • UP: The interface is in normal state.

  • Administratively DOWN: The network administrator executes the shutdown command on the interface.

After a tunnel interface is created, its physical layer status is Up.

Line protocol current state

Link protocol status:
  • UP: The link layer protocol of the tunnel interface works normally.

  • Down: The link layer protocol of the tunnel interface is abnormal.

Last line protocol up time

Last time the link layer protocol of the tunnel interface goes UP.

NOTE:

This field is displayed only when the link layer protocol status of the tunnel interface is UP.

Description

Description of the tunnel interface.

Route Port

Indicates the Layer 3 interface.

The Maximum Transmit Unit is 1500

MTU of tunnel interfaces, which is 1500 bytes by default. Any packet larger than the MTU is fragmented before being sent. If non-fragmentation is configured, the packet is discarded.

Internet Address is 10.3.1.2/24

IP address of the tunnel interface is 10.3.1.2.

The mask is 24 bits, that is, 255.255.255.0.

Encapsulation is TUNNEL,

Encapsulation type of packets on a tunnel interface.

Packet encapsulation protects a whole IP packet.

loopback not set

The tunnel interface does not support a loopback test.

Tunnel source 10.2.1.2 (Vlanif1234)

The source address of the tunnel is 10.2.1.2. That is, the IP address of the VLANIF 1234 interface sending packets at the source side is 10.2.1.2.

destination 10.2.1.1

Destination address of the tunnel.

Tunnel protocol/transport GRE/IP, key disabled

The tunnel encapsulation protocol is the GRE protocol, and the transport protocol is the IP protocol.

Encapsulation protocol types of a tunnel are as follows:

  • GRE: indicates Generic Routing Encapsulation.

  • MPLS: encapsulates packets into MPLS packets.

  • IPv6 over IPv4: encapsulates IPv6 packets into IPv4 packets.

  • IPv4 over IPv6: encapsulates IPv4 packets into IPv6 packets.

  • none: indicates no encapsulation. This is the default mode of the tunnel interface.

key disabled: the key word recognition function of GRE is not enabled.

keepalive enable period 5 retry-times 3

The keepalive function of GRE.

Checksumming of packets disabled

The check sum function of GRE is not enabled.

Current system time

Current system time.

If the time zone is configured and the daylight saving time is used, the time is in YYYY/MM/DD HH:MM:SS UTC±HH:MM DST format.

Last 300 seconds input rate

Incoming packet rate (bits per second and packets per second) within the last 300 seconds.

Last 300 seconds output rate

Outgoing packet rate (bits per second and packets per second) within the last 300 seconds.

Input

Total number of received packets.

Output

Total number of sent packets.

Input bandwidth utilization : --

Input bandwidth usage.

Output bandwidth utilization : --

Output bandwidth usage.

Related Topics

display keepalive packets count

Function

The display keepalive packets count command displays the number of Keepalive packets and Keepalive response packets sent and received by the local GRE tunnel interface.

Format

display keepalive packets count

Parameters

None

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a tunnel is a GRE tunnel, you can enable the Keepalive function to check the link connectivity. If the function is disabled, service packets are continuously forwarded through this tunnel interface when the link fails, resulting in a tunnel black hole and loss of service data.

The display keepalive packets count command allows you to view the number of Keepalive packets and Keepalive response packets sent and received through the GRE tunnel interface.

Prerequisites

  1. The tunnel interface view has been displayed using the interface tunnel command.

  2. The tunnel type has been set to GRE using the tunnel-protocol gre command.

  3. The Keepalive function has been enabled for the GRE tunnel using the keepalive command.

Follow-up Procedure

Run the reset keepalive packets count command to reset the Keepalive packet statistics.

Example

# View the Keepalive packet statistics of GRE tunnel interface 1.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] keepalive
[HUAWEI-Tunnel1] display keepalive packets count
Send 10 keepalive packets to peers, Receive 10 keepalive response packets from peers                                                
Receive 8 keepalive packets from peers, Send 8 keepalive response packets to peers.                                                 
Table 10-2  Description of the display keepalive packets count command output

Item

Description

Send 10 keepalive packets to peers

Ten Keepalive packets are sent to the remote end.

Receive 10 keepalive response packets from peers

Ten Keepalive response packets are received from the remote end.

Receive 8 keepalive packets from peers

Eight Keepalive packets are received from the remote end.

Send 8 keepalive response packets to peers

Eight Keepalive response packets are sent to the remote end.

display tunnel-info

Function

The display tunnel-info command displays the tunnel information.

Format

display tunnel-info { tunnel-id tunnel-id | all | statistics [ slots ] }

Parameters

Parameter Description Value
tunnel-id tunnel-id Specifies the tunnel ID. If the specified ID does not exist, the system prompts errors. A hexadecimal integer ranging from 1 to FFFFFFFE.
all Displays information about all the tunnels. -
statistics Displays statistics about all tunnels. -
slots Displays tunnel statistics in the order of slots. -

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

The display tunnel-info all command displays existing tunnel IDs, tunnel types, destination IP addresses, and Token information about all tunnels.

The display tunnel-info tunnel-id tunnel-id command displays detail information about a tunnel when you only know the tunnel ID.

The display tunnel-info statistics command displays the number of tunnels configured on the switch.

Example

# View information about the tunnel.

<HUAWEI> display tunnel-info tunnel-id 2
Tunnel ID:                    0x2 
Tunnel Token:                 2 
Type:                         cr lsp
Destination:                  1.1.1.1 
Out Slot:                     0 
Instance ID:                  0 
Interface:                    Tunnel1 
Sub Tunnel ID:                0x0
<HUAWEI> display tunnel-info tunnel-id 3
Tunnel ID:                    0x3
Tunnel Token:                 3
Type:                         lsp
Destination:                  10.20.10.10
Out Slot:                     0
Instance ID:                  0
Out Interface:                Vlanif1024
Out Label:                    3
Next Hop:                     10.24.10.200
Lsp Index:                    2048
<HUAWEI> display tunnel-info tunnel-id 10006
Tunnel ID:                    0x10006
Tunnel Token:                 2
Type:                         lsp
Destination:                  6.6.6.6
Out Slot:                     0
Instance ID:                  0
Out Interface:                Vlanif15
Lsp Index:                    0
SubTunnel Type:               L2VPN QoS Token
Table 10-3  Description of the display tunnel-info tunnel-id command output

Item

Description

Tunnel ID

Tunnel ID in hexadecimal notation that is assigned by the system.

Tunnel Token

Token value used for MPLS forwarding that is a part of tunnel ID and is assigned by the system.

Type

Type of a tunnel, such as GRE, MPLS LSP, or CR-LSP. The command output varies according to the tunnel type.

Destination

Destination IP address of the tunnel.

Out Slot

Number of the slot that is used when the switch sends packets.

Instance ID

VPN instance ID (0 indicates that a tunnel is a public network tunnel).

Interface

Local tunnel interface.

Sub Tunnel ID

Sub-tunnel ID of VPN QoS in hexadecimal notation that is automatically assigned by the system.

Out Label

Out label value.

Next Hop

Next hop.

Lsp Index

LSP index, which is allocated by MPLS.

Out Interface

Local outbound interface of the tunnel.

SubTunnel Type

Types of tokens of sub-tunnels:

  • LDP LSP over TE QoS Token
  • LDP LSP QoS Token
  • BGP LSP over TE QoS Token
  • BGP LSP QoS Token
  • Static LSP QoS Token
  • CR-LSP over TE QoS Token
  • L2VPN over TE QoS Token
  • L2VPN QoS Token

This field is displayed only for sub-tunnels.

# Display all tunnel information.
<HUAWEI> display tunnel-info all
 * -> Allocated VC Token
Tunnel ID           Type                 Destination           Token
----------------------------------------------------------------------
0x10006             lsp                   10.2.1.1               6
# Display tunnel statistics.
<HUAWEI> display tunnel-info statistics
LSP/32bit LSP :                         0/0
GRE :                                   2
CRLSP :                                 0
LOCAL IFNET :                           0
MPLS LOCAL IFNET :                      0
VPN QOS LSP :                           0
Reserved :                              0
Table 10-4  Description of the display tunnel-info statistics command output

Item

Description

LSP/32bit LSP

Number of LSP tunnels created in the system view/Number of LSP tunnels triggered by the route of host with the 32-bit mask address.

GRE

Number of tunnel IDs allocated to the GRE tunnels.

CRLSP

Number of tunnel IDs allocated to the CR-LSP tunnels.

LOCAL IFNET

Number of tunnels used by the VPN internal module.

MPLS LOCAL IFNET

Number of tunnels used by the MPLS internal module.

VPN QOS LSP

Number of the tunnel ID allocated to the LSP used in VPN QoS.

Reserved

Number of the tunnel ID allocated to the product.

# Display tunnel statistics in the order of slots.

<HUAWEI> display tunnel-info statistics slots
----------------------------------------------------------------- 
Slot              LSP     CR      GRE     LCL     MPLS-L  VPN 
Num                       LSP             IFNET   IFNET   QOS 
-----------------------------------------------------------------
0                 6       1       0       1       0       0 
Logic Slot: 0                     Total:  8                 
Table 10-5  Description of the display tunnel-info statistics slots command output

Item

Description

Slot Num

Slot number used by the device to send packets.

LSP

Total LSP tunnels set up by the device.

CR LSP

Number of CR-LSPs created on the device.

GRE

Number of GRE tunnels created on the device.

LCL IFNET

Number of tunnels used by the VPN module.

MPLS-L IFNET

Number of tunnels used by the MPLS module.

VPN QOS

Number of tunnels used for VPN QoS.

gre key

Function

The gre key command sets the key number of a GRE tunnel.

The undo gre key command deletes the key number of a GRE tunnel.

By default, the GRE key number is not configured.

NOTE:

Only the X series cards supports this command.

The XGE interface connected to ACU2 supports this command.

Format

gre key { plain key-number | [ cipher ] plain-cipher-text }

undo gre key

Parameters

Parameter Description Value
plain key-number

Specifies a plaintext key.

NOTICE:

If plain is selected, the key is saved in the configuration file in plain text. This brings security risks. It is recommended that you select cipher to save the key in cipher text.

The value is an integer that ranges from 0 to 4294967295.
[ cipher ] plain-cipher-text Specifies that a ciphertext key is displayed. You can specify a plaintext key (integer) ranging from 0 to 4294967295 or a ciphertext key of 32 or 48 characters.

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can configure key numbers for both ends of a GRE tunnel to improve GRE tunnel security. This security mechanism ensures that a device accepts only packets sent from the valid tunnel interface and discards invalid packets.

Prerequisites

The tunnel interface view has been displayed using the interface tunnel command.

The tunnel type has been set to GRE using the tunnel-protocol gre command.

Precautions

Packets pass authentication only when the key numbers set on both ends of the tunnel are consistent. Otherwise, the packets are discarded.

When you run the gre key command several times, the latest configuration overrides the previous configurations.

Example

# Configure the GRE key number for the ends of a tunnel is 123.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] gre key cipher 123

interface tunnel

Function

The interface tunnel command creates a tunnel interface.

The undo interface tunnel command deletes the configured tunnel interface.

By default, no tunnel interface is configured.

Format

interface tunnel interface-number

undo interface tunnel interface-number

Parameters

Parameter

Description

Value

interface-number

Specifies the number of the tunnel interface.

The value is an integer that ranges from 0 to

16383

.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To forward data over a tunnel, ensure that the tunnel has been created. The system supports the following types of tunnels:
  • LSP (Static LSP, BGP LSP, LDP LSP)

  • MPLS TE

  • GRE

  • IPv6 over IPv4

  • IPv4 over IPv6

You must use the interface tunnel command to create a tunnel interface when creating a tunnel except for LSP tunnels.

Precautions

Tunnel interface numbers are valid on the local device only. You can configure different numbers for the tunnel interfaces on the two ends.

Follow-up Procedure

After a tunnel interface is created, you need to configure an IP address and encapsulation type for the tunnel interface.

To save IP addresses, run the ip address unnumbered command to configure the tunnel interface to borrow an IP address of another interface.

The tunnel-protocol command configures an encapsulation protocol for the tunnel interface. Then basic configurations are performed based on the encapsulation protocol:

Example

# Create a tunnel interface.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1]

keepalive

Function

The keepalive command enables the Keepalive function of GRE tunnels.

The undo keepalive command disables the Keepalive function of GRE tunnels.

By default, the Keepalive function of a GRE tunnel is disabled.

Format

keepalive [ period period [ retry-times retry-times ] ]

undo keepalive

Parameters

Parameter Description Value
period period

Specifies the interval for sending Keepalive packets.

The value is an integer that ranges from 1 to 32767, in seconds. The default value is 5 seconds.

retry-times retry-times

Specifies the parameter of the unreachable counter.

The value is an integer that ranges from 1 to 255. The default value is 3.

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Before you configure a tunnel policy and set the VPN tunnel type to GRE, you need to enable the Keepalive function. After Keepalive is enabled, the VPN cannot choose a tunnel with an unreachable remote end, preventing data loss.

When Keepalive is disabled on a local end, the tunnel interface status of the local end might be Up even if the remote end is unreachable. After Keepalive is enabled on the local end, the tunnel interface status of the local end changes to Down if the remote end is unreachable. Therefore, when the remote end is unreachable, the VPN cannot choose the GRE tunnel, preventing data loss.

The Keepalive function takes effect uni-directionally. To enable the Keepalive function on both ends of a tunnel, run the keepalive command on each end of the tunnel. The Keepalive configuration takes effect on one end even if the function is disabled on the other end. However, it is recommended that you enable the Keepalive function on both ends.

After the Keepalive function is enabled on a GRE tunnel, the tunnel periodically sends Keepalive packets. The unreachable counter increases by one each time a packet is sent. If no response packet is received when the value of the counter reaches the value of retry-times, the remote end is considered unreachable.

Prerequisites

The keepalive command can be used only when the encapsulation mode has been set to GRE on an interface.

Precautions

When you run the keepalive command several times, the latest configuration overrides the previous configurations.

When the VPN instance to which a GRE tunnel interface is bound is not the specified destination VPN instance, the keepalive command cannot be used to check GRE tunnel connectivity. If this command is used in this situation, the Keepalive function cannot be implemented.

Follow-up Procedure

Run the display keepalive packets count command to display the number of Keepalive packets and Keepalive response packets sent and received by the local GRE tunnel interface.

Example

# Enable the Keepalive function for the GRE tunnel using default parameters.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] keepalive

# Enable the Keepalive function for the GRE tunnel, and set the interval for sending Keepalive packets to 12 seconds and retry-times to 4.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] keepalive period 12 retry-times 4

map interface virtual-ethernet

Function

The map interface virtual-ethernet command binds an L2VE interface to a tunnel interface.

The undo map interface virtual-ethernet command deletes the binding relationship between a tunnel interface and a specified VE interface.

The undo map command deletes the binding relationship between a tunnel interface and all VE interfaces.

By default, no L2VE interface is bound to a tunnel interface.

NOTE:

Only the X series cards support this command.

Format

map interface virtual-ethernet ve-number

undo map interface virtual-ethernet ve-number

undo map

Parameters

Parameter Description Value
ve-number

Specifies the number of a VE interface.

The VE interface number must already exist.

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Customers want to use GRE to transparently transmit Ethernet packets over networks of a different network layer protocol, such as the IPv4 network. You can configure Ethernet over GRE to achieve this purpose. Run the map interface virtual-ethernet command in the tunnel interface view to bind a VE interface to a tunnel interface. After the binding, the tunnel interface can transparently transmit Ethernet packets over the GRE tunnel.

Prerequisites
  • A VE interface has been created by using the interface virtual-ethernet ve-number command, and the VE interface has been changed from Layer 3 mode to Layer 2 mode by using the portswitch command.

  • The tunnel protocol of a tunnel interface has been set to GRE by using the tunnel-protocol gre command in the tunnel interface view.

Precautions
NOTE:
  • If a VLANIF interface has been created for a VLAN, this VLAN cannot be specified for a VE interface. If a VLAN has been specified for a VE interface, no VLANIF interface can be created for this VLAN.

  • One tunnel interface can be bound with two VE interfaces, but one VE interface can be bound to only one tunnel interface.

  • Only VE interfaces of the Trunk type can be bound to a tunnel interface.

  • A tunnel interface bound with a VE interface does not support the IPv6 protocol stack. A VE interface cannot be bound to a tunnel interface enabled with the IPv6 protocol stack.

  • To prevent loops, packets transmitted through an Ethernet over GRE tunnel cannot be sent to a GRE tunnel again.

  • Ensure that the VE interfaces at two ends of a GRE tunnel are added to the same VLAN. Otherwise, the VE interfaces cannot learn MAC addresses in the VLANs to which the VE interfaces belong, and these MAC addresses cannot be deleted by the undo mac-address command. Run the undo mac-address [ mac-address ] [ vlan vlan-id ] command to delete a specific MAC address or delete MAC addresses by VLAN ID, or wait until the MAC addresses automatically age out.

  • If a VE interface has been added to VLAN 1, it can no longer be bound to a tunnel interface. If a VE interface has been bound to a tunnel interface, it can no longer be added to VLAN 1.

  • Only interfaces on the X series cards can be added to a VLAN containing a VE interface. Otherwise, the inbound physical interface of a tunnel but not the VE interface learns MAC addresses of tunnel-side packets when you run the display mac-address dynamic slot slot-id command to view MAC addresses of other cards.

Example

# Bind Virtual-Ethernet 1/0/0 to Tunnel 1.
<HUAWEI> system-view
[HUAWEI] interface virtual-ethernet 1/0/0
[HUAWEI-Virtual-Ethernet1/0/0] portswitch
[HUAWEI-Virtual-Ethernet1/0/0] port link-type trunk
[HUAWEI-Virtual-Ethernet1/0/0] undo port trunk allow-pass vlan 1
[HUAWEI-Virtual-Ethernet1/0/0] port trunk allow-pass vlan 10
[HUAWEI-Virtual-Ethernet1/0/0] quit
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] map interface virtual-ethernet 1/0/0

reset keepalive packets count

Function

The reset keepalive packets count command clears the statistics on Keepalive packets sent and received by a GRE tunnel interface.

Format

reset keepalive packets count

Parameters

None

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the Keepalive function is enabled on a GRE tunnel, the VPN cannot choose a tunnel with an unreachable remote end, preventing data loss. You can run the display keepalive packets count command to view the statistics on Keepalive packets and Keepalive response packets sent and received by the GRE tunnel interface, and the running status of the GRE tunnel.

The reset keepalive packets count command resets the statistics of Keepalive packets and Keepalive response packets sent and received by the GRE tunnel interface. You can monitor the running status of the GRE tunnel.

Precautions

The cleared packet statistics cannot be restored. Exercise caution when you run the command.

Example

# Reset the Keepalive packet statistics of GRE tunnel interface 1.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] reset keepalive packets count
 Info: Succeeded in resetting tunnel keepalive packets count.

source

Function

The source command configures the source address or source interface of the tunnel.

The undo source command deletes the configured source address or source interface.

The source address and source interface of a tunnel are not specified by default.

Format

source { source-ip-address | interface-type interface-number }

undo source

Parameters

Parameter

Description

Value

source-ip-address

Specifies the source address of a tunnel interface. If a tunnel interface works in IPv4-IPv6 mode, specify an IPv6 address as the source address of the tunnel interface.

The IPv4 address is in dotted decimal notation.

The IPv6 address is a 32-digit hexadecimal number, in the format X:X:X:X:X:X:X:X.

interface-type interface-number

Specifies the type and the number of the source interface of the tunnel. The following types of interfaces are often used: VLNAIF and loopback.

-

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When configuring a GRE, MPLS TE, IPv4 over IPv6 tunnel or manual IPv6 over IPv4 tunnel, create a tunnel interface. After a tunnel interface is created, run the source command to specify the source IP address for the tunnel interface.

Prerequisites

A tunnel interface has been created using the interface tunnel command, and the encapsulation mode is set to GRE, MPLS TE, IPv4 over IPv6 or IPv6 over IPv4 of manual mode using the tunnel-protocol command.

Precautions

Two tunnel interfaces with the same encapsulation mode, source address, and destination address cannot be configured simultaneously.

You can configure a main interface working in Layer 3 mode as the source tunnel interface.

On the GRE, MPLS TE, IPv4 over IPv6 tunnel or manual IPv6 over IPv4 tunnel, the source address of the local tunnel interface is the destination address of the remote tunnel interface, and the destination address of the local tunnel interface is the source address of the remote tunnel interface.

Example

# Set the tunnel type of Tunnel1 to IPv6 over IPv4 of manual mode and configure the source IP address of Tunnel1 as 10.1.1.1.
<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol ipv6-ipv4
[HUAWEI-Tunnel1] source 10.1.1.1
# Configure Tunnel1 of GRE and use Loopback1 address as the interface address.
<HUAWEI> system-view
[HUAWEI] interface Loopback 1
[HUAWEI-LoopBack1] ip address 10.2.1.1 32
[HUAWEI-LoopBack1] quit
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] tunnel-protocol gre
[HUAWEI-Tunnel1] source loopback 1

statistic enable (Tunnel interface view)

Function

The statistic enable command enables traffic statistics collection on a Tunnel interface.

The undo statistic enable command disables traffic statistics collection on a Tunnel interface.

By default, traffic statistics collection is disabled on a Tunnel interface.

Format

statistic enable { both | inbound | outbound }

undo statistic enable { both | inbound | outbound }

Parameters

Parameter

Description

Value

both

Enables traffic statistics collection for incoming and outgoing traffic.

-

inbound

Enables incoming traffic statistics collection.

-

outbound

Enables outgoing traffic statistics collection.

-

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To check the network status or locate network faults, you can use the statistic enable command to enable traffic statistics collection on Tunnel interfaces. The device then collect traffic statistics on the Tunnel interfaces.

Precautions

After running the statistic enable command on an interface, you can run the display interface tunnel command to view the traffic statistics on the interface. The traffic statistics help you diagnose the fault of a tunnel.

Example

# Enable incoming traffic statistics collection on a Tunnel interface.

<HUAWEI> system-view
[HUAWEI] interface tunnel 1
[HUAWEI-Tunnel1] statistic enable inbound

tunnel-protocol

Function

The tunnel-protocol command configures the tunnel protocol on a tunnel interface.

The undo tunnel-protocol command restores the tunnel protocol to the default configuration.

By default, no tunnel protocol is used on a tunnel interface.

Format

tunnel-protocol { gre | ipv6-ipv4 [ 6to4 | isatap ] | ipv4-ipv6 | mpls te | none }

undo tunnel-protocol

Parameters

Parameter Description Value
gre

Indicate that the GRE tunnel protocol is configured on a tunnel interface.

-
ipv4-ipv6

Indicate that the IPv4 to IPv6 tunnel protocol is configured on a tunnel interface.

-
ipv6-ipv4 [ 6to4 | isatap ]

Configure the tunnel protocol of the tunnel interface as ipv6-ipv4:

  • ipv6-ipv4 : use a manual IPv6 over IPv4 tunnel
  • ipv6-ipv4 6to4 : using 6to4 tunnel
  • ipv6-ipv4 isatap : using isatap tunnel
-
mpls te

Indicate that the MPLS TE tunnel protocol is configured on a tunnel interface.

-
none

Indicate that no tunnel protocol is configured on a tunnel interface.

-

Views

Tunnel interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After creating a tunnel interface using the interface tunnel command, run the tunnel-protocol command to configure the tunnel encapsulation mode for the tunnel interface.

The following tunnel encapsulation modes are available:
  • GRE: encapsulates packets of some network layer protocols such as IP or IPX to enable these encapsulated packets to be transmitted on networks running other protocols such as IP.
  • IPv4-IPv6: creates tunnels on the IPv6 networks to connect IPv4 isolated sites so that IPv4 isolated sites can access other IPv4 networks through the IPv6 public network.
  • IPv6-IPv4: creates tunnels on the IPv4 networks to connect IPv6 isolated sites so that IPv6 packets can be transmitted on IPv4 networks.
  • MPLS TE: integrates the MPLS technology with traffic engineering. It can reserve resources by setting up LSP tunnels for a specified path in an attempt to avoid network congestion and balance network traffic.

Precautions

  • The none mode indicates the initial configuration, that is, no tunnel encapsulation mode is configured. In practice, you must select another tunnel encapsulation mode.
  • You must configure the tunnel encapsulation mode before setting the source IP address or other parameters for a tunnel interface. Changing the encapsulation mode of a tunnel interface deletes other parameters of the tunnel interface.
  • The SA series cards (except ET1D2X12SSA0 card) do not support GRE.
  • If you configure the service chain function on a tunnel interface after specifying the tunnel protocol to GRE and completing related GRE tunnel configurations, the tunnel type, source address, and destination address configured on the interface cannot be modified.

Example

# Set the tunnel encapsulation mode of Tunnel2 to GRE.
<HUAWEI> system-view
[HUAWEI] interface tunnel 2
[HUAWEI-Tunnel2] tunnel-protocol gre
Related Topics
Translation
Download
Updated: 2019-04-09

Document ID: EDOC1100065659

Views: 126276

Downloads: 88

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next