HP 5920, 5900 Command Reference Manual
HPE 5920 & 5900 Switch Series
Layer 3—IP Services
Command Reference
Part number:
Software version: Release 24
Document version: 6W101-20170622
5998-6643s
22P01
© Copyright 2016 Hewlett Packard Enterprise Development LP
The information contained herein is subject to change without notice. The only warranties for Hewlett Packard
Enterprise products and services are set forth in the express warranty statements accompanying such
products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett
Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Confidential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or
copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software
Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor’s
standard commercial license.
Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard
Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise
website.
Acknowledgments
Intel®, Itanium®, Pentium®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the
United States and other countries.
Microsoft® and Windows® are trademarks of the Microsoft group of companies.
Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.
Java and Oracle are registered trademarks of Oracle and/or its affiliates.
UNIX® is a registered trademark of The Open Group.
Contents
ARP commands ···············································································1
arp check enable ··················································································································· 1
arp check log enable ·············································································································· 1
arp max-learning-num ············································································································ 2
arp max-learning-number ········································································································ 3
arp multiport ························································································································· 4
arp static ······························································································································ 5
arp timer aging ······················································································································ 6
display arp ··························································································································· 6
display arp ip-address ············································································································ 8
display arp entry-limit ············································································································· 9
display arp timer aging ··········································································································· 9
display arp vpn-instance ······································································································· 10
reset arp ···························································································································· 11
Gratuitous ARP commands ······························································ 12
arp ip-conflict log prompt ······································································································· 12
arp send-gratuitous-arp ········································································································ 12
gratuitous-arp-learning enable ······························································································· 13
gratuitous-arp-sending enable ······························································································· 14
Proxy ARP commands ···································································· 15
display local-proxy-arp ········································································································· 15
display proxy-arp ················································································································· 15
local-proxy-arp enable ·········································································································· 16
proxy-arp enable ················································································································· 17
ARP snooping commands ································································ 18
arp snooping enable ············································································································ 18
display arp snooping ············································································································ 18
reset arp snooping ··············································································································· 19
ARP fast-reply commands ································································ 21
arp fast-reply enable ············································································································ 21
IP addressing commands ································································· 22
display ip interface ··············································································································· 22
display ip interface brief ········································································································ 24
ip address ·························································································································· 25
ip address unnumbered ········································································································ 27
DHCP commands ·········································································· 28
Common DHCP commands ········································································································· 28
dhcp dscp ·························································································································· 28
dhcp enable ······················································································································· 28
dhcp select ························································································································ 29
DHCP server commands ············································································································· 30
address range ···················································································································· 30
bims-server ························································································································ 31
bootfile-name ····················································································································· 31
class ································································································································· 32
dhcp class·························································································································· 33
dhcp server always-broadcast ······························································································· 34
dhcp server apply ip-pool ······································································································ 35
dhcp server bootp ignore ······································································································ 35
dhcp server bootp reply-rfc-1048 ···························································································· 36
dhcp server forbidden-ip ······································································································· 36
i
dhcp server ip-pool ·············································································································· 37
dhcp server ping packets ······································································································ 38
dhcp server ping timeout ······································································································· 39
dhcp server relay information enable ······················································································· 39
display dhcp server conflict ··································································································· 40
display dhcp server expired ··································································································· 41
display dhcp server free-ip ···································································································· 42
display dhcp server ip-in-use ································································································· 43
display dhcp server pool ······································································································· 44
display dhcp server statistics ································································································· 46
dns-list ······························································································································ 48
domain-name ····················································································································· 48
expired ······························································································································ 49
forbidden-ip ························································································································ 50
gateway-list ························································································································ 50
if-match ····························································································································· 51
nbns-list ····························································································································· 53
netbios-type ······················································································································· 53
network ····························································································································· 54
next-server ························································································································· 55
option ································································································································ 56
reset dhcp server conflict ······································································································ 57
reset dhcp server expired ······································································································ 58
reset dhcp server ip-in-use ···································································································· 58
reset dhcp server statistics ···································································································· 59
static-bind ·························································································································· 59
tftp-server domain-name ······································································································· 60
tftp-server ip-address ··········································································································· 61
voice-config ························································································································ 61
DHCP relay agent commands ······································································································ 62
dhcp relay check mac-address ······························································································· 62
dhcp relay check mac-address aging time ················································································ 63
dhcp relay client-information record ························································································ 64
dhcp relay client-information refresh························································································ 64
dhcp relay client-information refresh enable·············································································· 65
dhcp relay information circuit-id ······························································································ 66
dhcp relay information enable ································································································ 68
dhcp relay information remote-id ···························································································· 68
dhcp relay information strategy ······························································································ 69
dhcp relay release ip ············································································································ 70
dhcp relay server-address ····································································································· 71
display dhcp relay check mac-address ···················································································· 71
display dhcp relay client-information ······················································································· 72
display dhcp relay information ································································································ 73
display dhcp relay server-address ·························································································· 74
display dhcp relay statistics ··································································································· 75
reset dhcp relay client-information ·························································································· 76
reset dhcp relay statistics ······································································································ 77
DHCP client commands ·············································································································· 77
dhcp client dad enable ········································································································· 77
dhcp client dscp ·················································································································· 78
dhcp client identifier ············································································································· 78
display dhcp client ··············································································································· 79
ip address dhcp-alloc ··········································································································· 81
DHCP snooping commands ········································································································· 82
dhcp snooping binding database filename ················································································ 82
dhcp snooping binding database update interval ······································································· 84
dhcp snooping binding database update now ··········································································· 84
dhcp snooping binding record ································································································ 85
dhcp snooping check mac-address ························································································· 85
dhcp snooping check request-message ··················································································· 86
dhcp snooping deny ············································································································· 87
ii
dhcp snooping enable ·········································································································· 87
dhcp snooping information circuit-id ························································································ 88
dhcp snooping information enable ·························································································· 90
dhcp snooping information remote-id ······················································································ 90
dhcp snooping information strategy························································································· 91
dhcp snooping log enable ····································································································· 92
dhcp snooping max-learning-num ··························································································· 93
dhcp snooping rate-limit ········································································································ 93
dhcp snooping trust ············································································································· 94
display dhcp snooping binding ······························································································· 95
display dhcp snooping binding database ·················································································· 96
display dhcp snooping information ·························································································· 96
display dhcp snooping packet statistics ··················································································· 98
display dhcp snooping trust ··································································································· 98
reset dhcp snooping binding ·································································································· 99
reset dhcp snooping packet statistics ······················································································ 99
BOOTP client commands ·········································································································· 100
display bootp client ············································································································ 100
ip address bootp-alloc ········································································································ 101
DNS commands ··········································································· 102
display dns domain ············································································································ 102
display dns host ················································································································ 102
display dns server ············································································································· 104
display ipv6 dns server ······································································································· 105
dns domain ······················································································································ 105
dns dscp ·························································································································· 106
dns proxy enable ··············································································································· 107
dns server ························································································································ 107
dns source-interface ·········································································································· 108
dns spoofing ····················································································································· 109
dns trust-interface·············································································································· 110
ip host ····························································································································· 111
ipv6 dns dscp ··················································································································· 111
ipv6 dns server ················································································································· 112
ipv6 dns spoofing ·············································································································· 113
ipv6 host ·························································································································· 114
reset dns host ··················································································································· 115
DDNS commands ········································································ 116
ddns apply policy ··············································································································· 116
ddns dscp ························································································································ 117
ddns policy ······················································································································· 117
display ddns policy ············································································································ 118
interval ···························································································································· 119
method ···························································································································· 120
password ························································································································· 121
ssl-client-policy ················································································································· 122
url··································································································································· 123
username ························································································································ 125
Basic IP forwarding commands ······················································· 126
display fib ························································································································ 126
ip forwarding-table save ······································································································ 128
Load sharing commands ································································ 129
display ip load-sharing path ································································································· 129
ip load-sharing local-first enable ··························································································· 130
ip load-sharing mode per-flow ······························································································ 131
ip load-sharing symmetric enable ························································································· 132
iii
Fast forwarding commands ···························································· 133
display ip fast-forwarding aging-time ····················································································· 133
display ip fast-forwarding cache ··························································································· 133
display ip fast-forwarding fragcache ······················································································ 134
ip fast-forwarding aging-time ······························································································· 135
ip fast-forwarding load-sharing ····························································································· 136
reset ip fast-forwarding cache ······························································································ 136
IRDP commands ·········································································· 138
ip irdp ······························································································································ 138
ip irdp address ·················································································································· 138
ip irdp lifetime ··················································································································· 139
ip irdp interval ··················································································································· 140
ip irdp multicast ················································································································· 140
ip irdp preference ·············································································································· 141
IP performance optimization commands ············································ 143
display icmp statistics ········································································································· 143
display ip statistics ············································································································· 144
display rawip ···················································································································· 145
display rawip verbose ········································································································· 146
display tcp························································································································ 148
display tcp statistics ··········································································································· 149
display tcp verbose ············································································································ 151
display udp ······················································································································ 153
display udp statistics ·········································································································· 154
display udp verbose ··········································································································· 155
ip forward-broadcast ·········································································································· 157
ip icmp error-interval ·········································································································· 158
ip icmp fragment discarding ································································································· 159
ip icmp source ·················································································································· 159
ip mtu ······························································································································ 160
ip redirects enable ············································································································· 161
ip ttl-expires enable ··········································································································· 161
ip unreachables enable ······································································································ 162
reset ip statistics ··············································································································· 163
reset tcp statistics ·············································································································· 163
reset udp statistics ············································································································· 163
tcp mss ··························································································································· 164
tcp path-mtu-discovery ······································································································· 165
tcp syn-cookie enable ········································································································ 165
tcp timer fin-timeout ··········································································································· 166
tcp timer syn-timeout ·········································································································· 167
tcp window ······················································································································· 167
UDP helper commands ································································· 169
display udp-helper interface ································································································ 169
reset udp-helper statistics ··································································································· 170
udp-helper broadcast-map ·································································································· 170
udp-helper enable ············································································································· 171
udp-helper port ················································································································· 171
udp-helper server ·············································································································· 172
IPv6 basics commands ·································································· 174
display ipv6 fib ·················································································································· 174
display ipv6 icmp statistics ·································································································· 175
display ipv6 interface ········································································································· 176
display ipv6 interface prefix ································································································· 180
display ipv6 neighbors ········································································································ 181
display ipv6 neighbors count ······························································································· 183
display ipv6 neighbors entry-limit ·························································································· 183
iv
display ipv6 neighbors vpn-instance ······················································································ 184
display ipv6 pathmtu ·········································································································· 185
display ipv6 prefix ·············································································································· 186
display ipv6 rawip ·············································································································· 187
display ipv6 rawip verbose ·································································································· 188
display ipv6 statistics ········································································································· 190
display ipv6 tcp ················································································································· 192
display ipv6 tcp verbose ····································································································· 193
display ipv6 udp ················································································································ 196
display ipv6 udp verbose ···································································································· 197
ipv6 address ····················································································································· 199
ipv6 address anycast ········································································································· 200
ipv6 address auto ·············································································································· 201
ipv6 address auto link-local ································································································· 201
ipv6 address eui-64 ··········································································································· 202
ipv6 address link-local ········································································································ 203
ipv6 hop-limit ···················································································································· 204
ipv6 hoplimit-expires enable ································································································ 205
ipv6 icmpv6 error-interval ···································································································· 205
ipv6 icmpv6 multicast-echo-reply enable ················································································ 206
ipv6 icmpv6 source ············································································································ 207
ipv6 mtu ·························································································································· 207
ipv6 nd autoconfig managed-address-flag ·············································································· 208
ipv6 nd autoconfig other-flag ······························································································· 209
ipv6 nd dad attempts ·········································································································· 209
ipv6 nd ns retrans-timer ······································································································ 210
ipv6 nd nud reachable-time ································································································· 211
ipv6 nd ra halt ··················································································································· 212
ipv6 nd ra hop-limit unspecified ···························································································· 212
ipv6 nd ra interval ·············································································································· 213
ipv6 nd ra no-advlinkmtu ····································································································· 213
ipv6 nd ra prefix ················································································································ 214
ipv6 nd ra router-lifetime ····································································································· 215
ipv6 nd router-preference ···································································································· 216
ipv6 neighbor ···················································································································· 216
ipv6 neighbor link-local minimize ·························································································· 218
ipv6 neighbor stale-aging ···································································································· 218
ipv6 neighbors max-learning-num ························································································· 219
ipv6 option drop enable ······································································································ 220
ipv6 pathmtu ···················································································································· 220
ipv6 pathmtu age ··············································································································· 221
ipv6 prefer temporary-address ····························································································· 222
ipv6 prefix ························································································································ 222
ipv6 redirects enable ·········································································································· 223
ipv6 temporary-address ······································································································ 224
ipv6 unreachables enable ··································································································· 225
local-proxy-nd enable ········································································································· 225
proxy-nd enable ················································································································ 226
reset ipv6 neighbors ·········································································································· 226
reset ipv6 pathmtu ············································································································· 227
reset ipv6 statistics ············································································································ 228
DHCPv6 commands ····································································· 229
Common DHCPv6 commands ···································································································· 229
display ipv6 dhcp duid ········································································································ 229
ipv6 dhcp dscp ·················································································································· 229
ipv6 dhcp select ················································································································ 230
DHCPv6 server commands ········································································································ 231
address range ·················································································································· 231
display ipv6 dhcp pool ········································································································ 232
display ipv6 dhcp prefix-pool ······························································································· 233
display ipv6 dhcp server ····································································································· 234
v
display ipv6 dhcp server conflict ··························································································· 235
display ipv6 dhcp server expired ·························································································· 236
display ipv6 dhcp server ip-in-use ························································································· 237
display ipv6 dhcp server pd-in-use ························································································ 239
display ipv6 dhcp server statistics ························································································· 241
dns-server························································································································ 242
domain-name ··················································································································· 243
ipv6 dhcp pool ·················································································································· 243
ipv6 dhcp prefix-pool ·········································································································· 244
ipv6 dhcp server ················································································································ 245
ipv6 dhcp server apply pool ································································································· 246
ipv6 dhcp server forbidden-address ······················································································ 247
ipv6 dhcp server forbidden-prefix ·························································································· 248
network ··························································································································· 249
option ······························································································································ 250
prefix-pool ························································································································ 251
reset ipv6 dhcp server conflict ······························································································ 252
reset ipv6 dhcp server expired ····························································································· 252
reset ipv6 dhcp server ip-in-use ··························································································· 253
reset ipv6 dhcp server pd-in-use ·························································································· 253
reset ipv6 dhcp server statistics ··························································································· 254
sip-server························································································································· 254
static-bind ························································································································ 255
temporary address range ···································································································· 256
DHCPv6 relay agent commands ································································································· 257
display ipv6 dhcp relay server-address ·················································································· 257
display ipv6 dhcp relay statistics ··························································································· 258
ipv6 dhcp relay server-address ···························································································· 260
reset ipv6 dhcp relay statistics ····························································································· 261
DHCPv6 client commands ········································································································· 262
display ipv6 dhcp client ······································································································· 262
display ipv6 dhcp client statistics ·························································································· 264
ipv6 address dhcp-alloc ······································································································ 265
ipv6 dhcp client duid ·········································································································· 266
ipv6 dhcp client dscp ·········································································································· 266
ipv6 dhcp client pd ············································································································· 267
ipv6 dhcp client stateless enable ·························································································· 268
reset ipv6 dhcp client statistics ····························································································· 268
DHCPv6 snooping commands ···································································································· 269
display ipv6 dhcp snooping binding ······················································································· 269
display ipv6 dhcp snooping binding database ········································································· 270
display ipv6 dhcp snooping packet statistics ··········································································· 271
display ipv6 dhcp snooping trust ··························································································· 271
ipv6 dhcp snooping binding database filename ······································································· 272
ipv6 dhcp snooping binding database update interval ······························································· 273
ipv6 dhcp snooping binding database update now ··································································· 274
ipv6 dhcp snooping binding record························································································ 274
ipv6 dhcp snooping check request-message ·········································································· 275
ipv6 dhcp snooping deny ···································································································· 276
ipv6 dhcp snooping enable ·································································································· 276
ipv6 dhcp snooping log enable ····························································································· 277
ipv6 dhcp snooping max-learning-num ·················································································· 277
ipv6 dhcp snooping option interface-id enable ········································································· 278
ipv6 dhcp snooping option interface-id string ·········································································· 279
ipv6 dhcp snooping option remote-id enable ··········································································· 279
ipv6 dhcp snooping option remote-id string············································································· 280
ipv6 dhcp snooping rate-limit ······························································································· 281
ipv6 dhcp snooping trust ····································································································· 282
reset ipv6 dhcp snooping binding ························································································· 282
reset ipv6 dhcp snooping packet statistics ·············································································· 283
vi
IPv6 fast forwarding commands······················································· 284
display ipv6 fast-forwarding aging-time ·················································································· 284
display ipv6 fast-forwarding cache ························································································ 284
ipv6 fast-forwarding aging-time ···························································································· 286
ipv6 fast-forwarding load-sharing ·························································································· 286
reset ipv6 fast-forwarding cache ··························································································· 287
Tunneling commands ···································································· 288
bandwidth ························································································································ 288
default ····························································································································· 288
description ······················································································································· 289
destination ······················································································································· 289
display interface tunnel ······································································································· 290
interface tunnel ················································································································· 294
mtu ································································································································· 295
reset counters interface ······································································································ 295
service ···························································································································· 296
shutdown ························································································································· 296
source ····························································································································· 297
tunnel dfbit enable ············································································································· 298
tunnel discard ipv4-compatible-packet ··················································································· 299
tunnel tos ························································································································· 299
tunnel ttl ·························································································································· 300
GRE commands ·········································································· 301
keepalive ························································································································· 301
Document conventions and icons ···················································· 302
Conventions ···························································································································· 302
Network topology icons ············································································································· 303
Support and other resources··························································· 304
Accessing Hewlett Packard Enterprise Support·············································································· 304
Accessing updates ··················································································································· 304
Websites ························································································································· 305
Customer self repair ·········································································································· 305
Remote support ················································································································ 305
Documentation feedback ···································································································· 305
Index ························································································· 307
vii
ARP commands
arp check enable
Use arp check enable to enable dynamic ARP entry check.
Use undo arp check enable to disable dynamic ARP entry check.
Syntax
arp check enable
undo arp check enable
Default
Dynamic ARP entry check is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Dynamic ARP entry check disables a device f rom supporting dynamic ARP entries with multicast
MAC addresses. The device cannot learn dynamic ARP entries containing multicast MAC
addresses. You cannot manually add static ARP entries that contain multicast MAC addresses.
When this function is disabled, ARP entries containing multicast MAC addresses are supported. The
device can learn dynamic ARP entries containing multicast MAC address es obta in ed f r om the ARP
packets sourced from a unicast MAC address. You can also manually add static ARP entries
containing multicast M AC addresses.
Examples
# Enable dynamic ARP entry check.
<Sysname> system-view
[Sysname] arp check enable
arp check log enable
Use arp check log enable to enable the ARP logging function.
Use undo arp check log enable to disable the ARP logging function.
Syntax
arp check log enable
undo arp check log enable
Default
ARP logging is disable d.
Views
System view
Predefined user roles
network-admin
1
•
•
Usage guidelines
This function enables a device to log ARP events when ARP cannot resolve IP addresses correctly.
The device can log the following ARP events:
On a proxy ARP-disabled interface, the target IP address of a received ARP packet is not one of
the following IP addresses:
The IP address of the receiving interface.
The virtual IP address of the VRRP group.
The public address after NAT.
The sender IP address of a received ARP reply conflicts with one of the following IP addresses:
The IP address of the receiving interface.
The virtual IP address of the VRRP group.
The public address after NAT.
The device sends ARP log messages to the information center. Y ou can use the info-center source
command to specify the log output rules for the information center. For more information about
information center, see Network Manage men t and Mo nitoring Configuration Guid e.
The device can gener ate a large am ount of ARP logs . To conserve system resources, enab le ARP
logging only when you are troubleshooting or debugging ARP events.
Examples
# Enable ARP logging.
<Sysname> sy stem-view
[Sysname] ar p check log enable
arp max-learning-num
Use arp ma x-learning-num to s et th e m axim um number of dynamic ARP entries that an i nterfac e
can learn.
Use undo arp max-learning-num to restore the default.
Syntax
arp max-learning-num number
undo arp max-learning-num
Default
An interface can learn a maximum of 16384 dynamic ARP entries.
Views
Layer 2 Ethernet interface view, Layer 3 Ethernet interface view, Layer 3 Ethernet subinterface view,
VLAN interface view, Layer 2 aggregate interf ace view, Layer 3 aggr egate interface view, Layer 3
aggregate subinterface view, S-channel interface view, S-channel aggregate interface view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of dynamic ARP entries for an interface. The value range is
0 to 16384.
2
Usage guidelines
An interface can dynamically learn ARP entries. To prevent an interface from holding too many ARP
entries, you can set the maximum number of dynamic ARP entries that the interface can learn. When
the maximum number is reached, the interface stops learning ARP entries.
When the number argument is set to 0, the interface is disabled from learning dynamic ARP entries.
Examples
# Specify VLAN-interface 40 to learn a maximum of 500 dynamic ARP entries.
<Sysname> system-view
[Sysname] interface vlan-interface 40
[Sysname-Vlan-interface40] arp max-learning-num 500
# Specify T en-GigabitEthernet 1/0/1 to learn a maximum of 1000 dynamic ARP entries.
<Sysname> system-view
[Sysname] interface Ten-GigabitEthernet 1/0/1
[Sysname-Ten-GigabitEthernet1/0/1] arp max-learning-num 1000
# Specify Layer 2 aggreg ate interface bridg e-aggregation 1 to learn a m aximum of 1000 d ynamic
ARP entries.
<Sysname> sy stem-view
[Sysname] inte rface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] arp max-learning-num 1000
# Specify Layer 3 aggregate interface route-aggregation 1 to learn a maximu m of 1000 dynamic ARP
entries.
<Sysname> sy stem-view
[Sysname] interface route-aggregation 1
[Sysname-Route-Aggregation1] arp max-learning-num 1000
arp max-learning-number
Use arp max-learning-number to set the m axim um num ber of dynamic ARP entries that a device
can learn.
Use undo arp max-learning-number to restore the default.
Syntax
arp max-learning-number number slot slot-number
undo arp max-learning-number slot slot-number
Default
A device can learn a maximum of 16384 dynamic ARP entries.
Views
System view
Predefined user roles
network-admin
Parameters
number: Specifies the maximum number of dynamic ARP entries for a device. The value range is 0
to 16384.
slot slot-number: Specifies an IRF m ember device by its member ID or a PEX by its virtual slot
number.
3
Usage guidelines
A device can dynamically learn ARP entries. T o prevent a device from holding too many ARP entries,
you can set the maxim um number of dynamic ARP entries that the d evice can learn. When the
maximum number is reached, the device stops learning ARP entries.
When the number argument is set to 0, the device is disabled from learning dynamic ARP entries.
Examples
# Set the IRF member device in slot 1 to learn a maximum of 64 dynamic ARP entries.
<Sysname> sy stem-view
[Sysname] ar p max-learning-number 64 slot 1
arp multiport
Use arp multiport to configure a multiport ARP entry.
Use undo arp to remove an ARP entry.
Syntax
arp multiport ip-address mac-address vlan-id [ vpn-instance vpn-instance-name ]
undo arp ip-address [ vpn-instance-name ]
Default
No multiport ARP entries are configured.
Views
System view
Predefined user roles
network-admin
Parameters
ip-address: Specifies an IP address for the multiport ARP entry.
mac-address: Specifies a MAC address for the multiport ARP entry, in the format of H-H-H.
vlan-id: Specifies a VLAN for the multiport ARP entry, in the range of 1 to 4094.
vpn-instance vpn-instance-name: Specifies an MPL S L3V PN instance for the multiport ARP entry.
The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. The specified VPN
instance must already exist. Without this option, the multiport ARP entry belongs to the public
network.
Usage guidelines
The specified VLAN must already exist. If the VLAN or the corresponding VLAN interface is
removed, the multiport ARP entry is also removed.
The specified IP address must reside on the sam e subnet as the VLAN i nterface of the specified
VLAN. Otherwise, the multiport ARP entry does not take effect.
To use the multiport ARP entry, you must configur e a multicast or multiport unicas t MAC address
entry to specify multiple output interfaces. The MAC address entry must have the same MAC
address and VLAN ID as the multiport ARP entry.
Examples
# Configure a multiport ARP entry that comprises IP address 202.38.10.2 and MAC address
00e0-fc01-0000 in VLAN 10.
<Sysname> system-view
[Sysname] ar p multiport 202.38.10.2 00e0-fc01-0000 10
4
Related commands
display arp multiport
reset arp multiport
arp static
Use arp static to configure a static ARP entry.
Use undo arp to remove an ARP entry.
Syntax
arp static ip-address mac-address [ vlan-id interface-type interface-number ] [ vpn-instance
vpn-instance-name ]
undo arp ip-address [ vpn-instance-name ]
Default
No static ARP entries are configured.
Views
System view
Predefined user roles
network-admin
Parameters
ip-address: Specifies an IP address for the static ARP entry.
mac-address: Specifies a MAC addr es s for the static ARP entry, in the format of H-H-H.
vlan-id: Specifies the ID of a VLAN t o which the static ARP entry belongs. The va lue range is 1 to
4094. The VLAN and VLAN interface must already exist.
interface-type interface-number: Specifies an interface by its type and number. Make sure the
interface belongs to the specified VLAN.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN for the static ARP entry. The
vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. T he VPN instance
must already exist. To specify a static ARP entry on the public network, do not specify this option.
Usage guidelines
A static ARP entry is manually configured and maintained. It does not age out and cannot be
overwritten by any dynamic ARP entry.
Static ARP entries ca n be clas s if ied int o l on g an d s hor t st atic ARP entr i es. A short static ARP entry
contains an IP-to-MAC mapping. A long static ARP entry contains an IP-to-MAC mapping, a VL AN,
and an output interface.
A static ARP entry is effective when the device works correctly.
When the VLAN or VLAN inter f ace is deleted, long sta tic ARP entr ies i n the VLA N ar e del eted , and
resolved short static ARP entries in the VLAN become unresolved.
A resolved short static ARP entry becomes unresolved upon cer tain ev ents, f or exam ple, when the
output interface goes down.
A long static ARP entry is ineffective when the corresponding VLAN interface or output i nterface is
down. An ineffective long static ARP entry cannot be used to for ward pac kets.
If you specify both the vlan-id and ip-address arguments, the IP address of the corresponding VLAN
interface must be on the same network as the specified IP address.
5
If you do not specify a VPN, the undo arp command removes ARP entries only for the public
network.
Examples
# Configure a static ARP entry that comprises IP address 202.38.10.2, MAC address
00e0-fc01-0000, and output interface Ten-GigabitEthernet 1/0/1 in VLAN 10.
<Sysname> system-view
[Sysname] ar p static 202.38.10.2 00e0-fc01-0000 10 Ten-GigabitEthernet 1/0/1
Related commands
display arp
reset arp
arp timer aging
Use arp timer aging to set the aging timer for dynamic ARP entries.
Use undo arp timer aging to restore the default.
Syntax
arp timer aging aging-time
undo arp timer aging
Default
The aging timer for dynamic ARP entries is 20 minutes.
Views
System view
Predefined user roles
network-admin
Parameters
aging-time: Sets the aging t imer for dynamic ARP entries, in the range of 1 to 1440 minutes.
Usage guidelines
Each dynamic ARP entr y in the ARP table has a limited lifetim e, called an aging timer. The aging
timer of a dynamic ARP entr y is reset each tim e the dynam ic ARP entr y is updated. D ynamic ARP
entries that are not updated before their aging timers expire are deleted from the ARP table.
Set the aging timer for dynamic ARP entries as needed. For exam ple, when you configure proxy
ARP, set a short aging time so that invalid dynamic ARP entries can be deleted in time.
Examples
# Set the aging timer for dynamic ARP entries to 10 minutes.
<Sysname> system-view
[Sysname] ar p timer aging 10
Related commands
display arp timer aging
display arp
Use display arp to display ARP entries.
6
Syntax
display arp [ [ all | dynamic | multiport | static ] [ slot slot-number ] | vlan vlan-id | interface
interface-type interface-number ] [ count | verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
all: Displays all ARP entries.
dynamic: Disp lays dynamic ARP entries.
multiport: Displays multiport ARP entries.
static: Displays static ARP entries.
slot slot-number: Specif ies an IRF member device by its member ID or a PEX by its virtual slot
number.
vlan vlan-id: Disp lays th e ARP entries f or the spec ified VLAN. T he VLAN I D is in the range of 1 to
4094.
interface interface-type interface-number: Displays the ARP entries for the interface specified by the
argument interface-type interface-number.
count: Displays the number of ARP entries.
verbose: Displays detailed information about ARP entries.
Usage guidelines
This command displa ys information a bout ARP entries, including the IP addres s, MAC address,
VLAN ID, output interface, entry type, and aging timer.
If you do not specify any parameters, the command displays all ARP entries.
Examples
# Display all ARP entries.
<Sysname> di splay arp all
Type: S-Static D-Dynamic O-Openflow M-Multiport I-Invalid
IP Address MAC Address VLAN Interface Aging Type
20.1.1.1 00e0-fc00-0001 N/A N/A N/A S
193.1.1.70 00e0-fe50-6503 100 XGE1/0/1 N/A IS
192.168.0.115 000d -88f7-9f7d 1 XGE1/0/2 18 D
192.168.0.39 0012 -a990-2241 1 XGE1/0/3 20 D
22.1.1.1 000c-299d-c041 10 N/A N/A M
# Display detailed information about all ARP entries.
<Sysname> di splay arp all verbose
Type: S-Static D-Dynamic O-Openflow M-Multiport I-Invalid
IP Address MAC Address VLAN Interface Aging Type
Vpn Instance
20.1.1.1 00e0-fc00-0001 N/A N/A N/A S
[No Vrf]
193.1.1.70 00e0-fe50-6503 100 XGE1/0/1 N/A IS
[No Vrf]
7
Field
Description
To obtain the output interface inform atio n of the multiport ARP entry, look
192.168.0.115 000d -88f7-9f7d 1 XGE1/0/2 18 D
[No Vrf]
192.168.0.39 0012 -a990-2241 1 XGE1/0/3 20 D
[No Vrf]
22.1.1.1 000c-299d-c041 10 N/A N/A M
[No Vrf]
# Display the number of all ARP entries.
<Sysname> display arp all count
Total number of entries : 5
Table 1 Command output
IP Address IP address in an ARP entry.
MAC Address MAC address in an ARP entry.
VLAN
Interface
Aging
Type
Vpn Instance
Total number of entries Number of ARP entries.
Related commands
ID of the VLAN to which the ARP entry belongs. This field displays
either of the following situations:
• The ARP entry is an unresolved short static ARP entry.
• The output interface of the ARP entry does not belong to the VLAN.
Output interface in an ARP entry. This field displays
following situations:
• The ARP entry is an unresolved short static ARP entry.
• The ARP entry is a multiport ARP entry and has no output interface
information.
up the MAC address table according to the MAC address in the ARP
entry.
Aging time for a dynami c ARP entry in minutes.
time or no aging time.
ARP entry type:
• D—Dynamic.
• S—Static.
• O—OpenFlow.
• M—Multiport.
• I—Invalid.
Name of VPN instance.
for the ARP entry.
[No Vrf]
is displayed if no VPN in stan ce is configured
N/A
in either of the
N/A
means unknown aging
N/A
in
arp static
reset arp
display arp ip-address
Use display arp ip-address to display the ARP entry for an IP address.
Syntax
display arp ip-address [ slot slot-number ] [ verbose ]
8
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ip-address: Displays the ARP entry for the specified IP address.
slot slot-number: Specif ies an IRF member device by its member ID or a PEX by its virtual slot
number.
verbose: Displays the detailed inform ation abo ut the specified ARP entry.
Usage guidelines
The ARP entry information inclu des the IP addres s , M AC ad dr ess , VLA N ID, out p ut int erface, entry
type, and aging timer.
Examples
# Display the ARP entry for the IP address 20.1.1.1.
<Sysname> display arp 20.1.1.1
Type: S-Static D-Dynamic O-Openflow M-Multiport I-Invalid
IP address MAC address VLAN Interf ace Aging Type
20.1.1.1 00e0-fc00-0001 N/A N/A N/A S
Related commands
arp static
reset arp
display arp entry-limit
Use display arp entry-limit to display the maximum number of ARP entries that a device supports.
Syntax
display arp entry-limit
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display the maximum number of ARP entries that the device supports.
<Sysname> display arp entry-limit
ARP entries: 16384
display arp timer aging
Use display arp timer aging to display the aging timer of dynamic ARP entries.
9
Syntax
display arp timer aging
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display the aging timer of dynamic ARP entries.
<Sysname> disp lay arp timer aging
Current ARP ag ing time is 10 minute(s)
Related commands
arp timer aging
display arp vpn-instance
Use display arp vpn-instance to displa y the ARP entries for a VPN instance.
Syntax
display arp vpn-instance vpn-instance-name [ count ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to
31 characters.
count: Displays the number of ARP entries.
Usage guidelines
This command displays information about ARP entries for a VPN instance, including the IP address,
MAC address, VLAN ID, output interface, entry type, and aging timer.
Examples
# Display ARP entries for the VPN instance named test.
<Sysname> display arp vpn-instance test
Type: S-Static D-Dynamic O-Openflow M-Multiport I-Invalid
IP address MAC address VLAN ID Int erface Aging Type
20.1.1.1 00e0-fc00-0001 N/A N/A N/A S
Related commands
arp static
reset arp
10
reset arp
Use reset arp to clear ARP entries from the ARP table.
Syntax
reset arp { all | dynamic | interface interface-type interface-number | multiport | slot slot-number |
static }
Views
User view
Predefined user roles
network-admin
Parameters
all: Clears all ARP entries.
dynamic: Clears all dynamic ARP entries.
multiport: Clears all multiport ARP entries.
static: Clears all static ARP entries.
slot slot-number: Specif ies an IRF member device by its member ID or a PEX by its virtual slot
number.
interface interface-type interface-number: Clears the ARP entries for the interface specif ied b y the
argument interface-type interface-number.
Usage guidelines
This command can separately clear static ARP entries, dynamic ARP entries, multiport ARP entries,
or ARP entries on specified interfaces.
When the interface interface-type interf ace-number option is specif ied, this com mand clears onl y
dynamic ARP entries for the specified interface.
When the slot slot-number option is specified, this com mand clears only d ynamic ARP entries for
the specified IRF member device or PEX.
Examples
# Clear all static ARP entries.
<Sysname> re set arp static
Related commands
arp static
display arp
11
Gratuitous ARP commands
arp ip-conflict log prompt
Use arp ip-conflict log prompt to enable IP conflict notification without conflict confirmation.
Use undo arp ip-conflict log prompt to restore the default.
Syntax
arp ip-conflict log prompt
undo arp ip-conflict log prompt
Default
IP conflict notification is disabled. The receiving device sends a gratuitous ARP request, and it
displays an error message after it receives an ARP reply about the conflict.
Views
System view
Predefined user roles
network-admin
Examples
# Enable IP conflict notification on the device.
<Sysname> system-view
[Sysname] ar p ip-conflict log prompt
arp send-gratuitous-arp
Use arp send-gratuitous-arp to e nable periodic sending of grat uitous ARP packets and set th e
sending interval on an interface.
Use undo arp send-gratuitous-arp to disable the interface from periodicall y sending gratuitous
ARP packets.
Syntax
arp send-gratuitous-arp [ interval milliseconds ]
undo arp send-gratuitous-arp
Default
Periodic sending of gratuitous ARP is disabled.
Views
Layer 3 Ethernet interf ace view, Layer 3 Ethernet subinterface view, Layer 3 aggregate interface
view, Layer 3 aggregate subinterface view, VLAN interface view
Predefined user roles
network-admin
Parameters
interval milliseconds: Sets the interval at which gratuitous ARP packets are sent, in the range of 200
to 200000 milliseconds. The default value is 2000 milliseconds.
12
•
•
•
Usage guidelines
This function takes effect only when the enabled interface is up and an IP address has been
assigned to the interface.
This function c an se nd gratuitous ARP requ ests only f or a V RRP virtual IP addres s, or the s endi ng
interface's primary IP address or manually configured secondary IP address. The primary IP address
can be configured manually or automatically , whereas the secondary IP address must be configured
manually.
If you change the interval for sending gratuitous ARP packets, the conf iguration takes effect at the
next sending interval.
The frequency of sending gratuitous ARP packets might be much lower than expected when any of
the following conditions exist:
This function is enabled on multiple interfaces.
Each interface is configured with multiple secondary IP addresses.
A small sending interval is configured in the preceding cases.
Examples
# Enable VLAN-interface 2 to send gratuitous ARP packets every 300 milliseconds.
<Sysname> sy stem-view
[Sysname] in terface vlan-interface 2
[Sysname-Vlan-interface2] ar p send-gratuitous-arp interval 300
gratuitous-arp-learning enable
Use gratuitous-arp-learning enable to enable learning of gratuitous ARP packets.
Use undo gratuitous-arp-learning enable to disable learning of gratuitous ARP packets.
Syntax
gratuitous-arp-learning enable
undo gratuitous-arp-learning enable
Default
Learning of gratuitous ARP packets is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
The learning of gratuitous ARP packets function allows a device to maintain its ARP table by creating
or updating ARP entries based on received gratuitous ARP packets.
When this functio n is disabled, the de vice uses r ecei ve d gratuitous ARP pack ets to update existing
ARP entries only. ARP entries are not created based on the received gratuitous ARP packets, which
saves ARP table space.
Examples
# Enable learning of gratuitous ARP packets.
<Sysname> system-view
[Sysname] gratuitous-arp-learning enable
13
gratuitous-arp-sending enable
Use gratuitous-arp-sending enable to ena ble sending of gratuitous ARP packets upon receiving
ARP requests whose sender IP address is on a different subnet.
Use undo gratuitous-arp-sending enable to restore the default.
Syntax
gratuitous-arp-sending enable
undo gratuitous-arp-sending enable
Default
A device does not send gratuitous ARP p ackets when it receives ARP requ ests whose sender IP
address is on a different subnet.
Views
System view
Predefined user roles
network-admin
Examples
# Disable a device from sending gratuitous ARP packets upon receiving ARP requests whose
sender IP address is on a different subnet.
<Sysname> sy stem-view
[Sysname] undo gratuitous-arp-sending enable
14
Proxy ARP commands
display local-proxy-arp
Use display local-proxy-arp to display the local proxy ARP status.
Syntax
display local-proxy-arp [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Displays the local proxy ARP status for the specified
interface.
Usage guidelines
You can use this command to check whether local proxy ARP is enabled or disabled.
If an interface is specified, this command displays the local proxy ARP status for the specified
interface.
If no interface is specified, this command displays the local proxy ARP status for all interfaces.
Examples
# Display the local proxy ARP status for VLAN-interface 2.
<Sysname> display local-proxy-arp interface vlan-interface 2
Interface Vl an-interface2
Local Proxy ARP st atus: enabled
Related commands
local-proxy-arp enable
display proxy-arp
Use display proxy-arp to displ a y the proxy ARP status.
Syntax
display proxy-arp [ interface interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Displays the proxy ARP status for the specified interface.
15
Usage guidelines
You can use this command to check whether proxy ARP is enabled or disabled.
If an interface is specified, this command displays proxy ARP status for the specified interface.
If no interface is specified, this command displays proxy ARP status for all interfaces.
Examples
# Display the proxy ARP status on VLAN-interface 1.
<Sysname> display proxy-arp interface Vlan-interface 1
Interface Vl an-interface1
Proxy ARP status : disabled
Related commands
proxy-arp enable
local-proxy-arp enable
Use local-proxy-arp enable to enable local proxy ARP.
Use undo local-proxy-arp enable to disable local proxy ARP.
Syntax
local-proxy-arp enable [ ip-range startIP to endIP ]
undo local-proxy-arp enable
Default
Local proxy ARP is disabled.
Views
VLAN interface view, Layer 3 Et hernet interf ace view, Layer 3 Ethernet subinterface vie w, Layer 3
aggregate interface view, Layer 3 aggregate subinterface view
Predefined user roles
network-admin
Parameters
ip-range startIP to endIP: Specifies the IP address range for which local proxy ARP is enabled. The
start IP address must be lower than or equal to the end IP address.
Usage guidelines
Proxy ARP enables a device on a net work to answer ARP requests f or an IP address not on that
network. With proxy ARP, hosts in different broadcast domains can communicate with each other as
they do on the same network.
Proxy ARP includes common proxy ARP and local proxy ARP.
Common proxy ARP allows communication between hosts that connect to different Layer 3
interfaces and reside in different broadcast domains.
Local proxy ARP allows com munication between hosts that c onnect to the same La yer 3 interface
and reside in different broadcast domains.
Only one IP address range can be specified by using the ip-range keyword on an interface.
Examples
# Enable local proxy ARP on VLAN-interface 2.
<Sysname> system-view
16
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] lo cal-proxy-arp enable
# Enable local proxy ARP on VLAN-interface 2 for an IP address range.
<Sysname> sy stem-view
[Sysname] in terface vlan-interface 2
[Sysname-Vlan-interface2] lo cal-proxy-arp enable ip-range 1.1.1.1 to 1.1.1.20
Related commands
display local-proxy-arp
proxy-arp enable
Use proxy-arp enable to enable proxy ARP.
Use undo proxy-arp enable to disable prox y ARP.
Syntax
proxy-arp enable
undo proxy-arp enable
Default
Proxy ARP is disabled.
Views
VLAN interface view, Layer 3 Ethern et interface vi ew, Layer 3 Ethernet subinterface view, Layer 3
aggregate interface view, Layer 3 aggregate subinterface view
Predefined user roles
network-admin
Usage guidelines
Proxy ARP enables a device on a net work to answer ARP requests f or an IP address not on that
network. With proxy ARP, hosts in different broadcast domains can communicate with each other as
they do on the same network.
Proxy ARP includes common proxy ARP and local proxy ARP.
Common proxy ARP allows communication between hosts that connect to different Layer 3
interfaces and reside in different broadcast domains.
Local proxy ARP allows com munication between hosts that c onnect to the same La yer 3 interface
and reside in different broadcast domains.
Examples
# Enable proxy ARP on VLAN-interface 2.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] pr oxy-arp enable
Related commands
display proxy-arp
17
ARP snooping commands
arp snooping enable
Use arp snooping enable to enable ARP snooping.
Use undo arp snooping enable to disable ARP snooping.
Syntax
arp snooping enable
undo arp snooping enable
Default
ARP snooping is disabled.
Views
VLAN view
Predefined user roles
network-admin
Examples
# Enable ARP snooping on VLAN 2.
<Sysname> sy stem-view
[Sysname] vlan 2
[Sysname-vlan2] arp snooping enable
display arp snooping
Use display arp snooping to display ARP snooping entries.
Syntax
display arp snooping [ vlan vlan-id ] [ slot slot-number ] [ count ]
display arp snooping ip ip-address [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
vlan vlan-id: Displays ARP snooping entries for a VLAN. The vlan-id argument is in the range of 1 to
4094.
count: Displays the number of the current ARP snooping entries.
ip ip-address: Displays the ARP snooping entry for the specified IP address.
slot slot-number: Specif ies an IRF member device by its member ID or a PEX by its virtual slot
number.
18
Field
Description
Usage guidelines
If you do not specify any keywords or arguments, the command displays all ARP snooping entries.
Examples
# Display ARP snooping entries for VLAN 2.
<Sysname> disp lay arp snooping vlan 2
IP Address MAC Address VLAN ID Interface Aging Status
3.3.3.3 0003-0003-0003 2 XGE1/0/1 20 Valid
3.3.3.4 0004-0004-0004 2 XGE1/0/2 5 Invalid
# Display the number of the current ARP snooping entries.
<Sysname> disp lay arp snooping count
Total entries: 2
Table 2 Command output
IP Address IP address in an ARP snoopin g entry.
MAC Address MAC address in an ARP snoo ping entry .
VLAN ID ID of the VLAN to which the ARP snooping entry belongs.
Interface Input interface in an ARP snoo ping entr y .
Aging Aging time for an ARP snoopi ng entry in minutes.
Status
Total entries Number of ARP snooping entries.
Related commands
reset arp snooping
reset arp snoopin g
Use reset arp snooping to remove ARP snooping entries.
Syntax
reset arp snooping [ ip ip-address | vlan vlan-id ]
Views
User view
Predefined user roles
network-admin
Parameters
Status of an ARP snooping entry:
Valid, Invalid, Collision
.
ip ip-address: Removes the ARP entry for the specified IP address.
vlan vlan-id: Removes the ARP entries for the specified VLAN. The vlan-id argument is in the range
of 1 to 4094.
Usage guidelines
If you do not specify any keywords or arguments, the command removes all ARP snooping entries.
Examples
# Remove ARP snooping entries for VLAN 2.
19
<Sysname> rese t arp snooping vlan 2
Related commands
display arp snooping
20
ARP fast-reply commands
arp fast-reply enab le
Use arp fast-reply enable to enable ARP fast-reply for a VLAN.
Use undo arp fast-reply enable to disable ARP fast-reply for a VLAN.
Syntax
arp fast-reply enable
undo arp fast-reply enable
Default
ARP fast-reply is disabled on a VLAN.
Views
VLAN view
Predefined user roles
network-admin
Examples
# Enable ARP fast-reply for VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] arp fast-reply enable
21
Loading...