-
Cisco IOS XR MPLS Command Reference, Release 3.7
-
Preface
-
MPLS Label Distribution Protocol Commands on Cisco IOS XR Software
-
MPLS Forwarding Commands on Cisco IOS XR Software
-
MPLS Traffic Engineering Commands on Cisco IOS XR Software
-
RSVP Infrastructure Commands on Cisco IOS XR Software
-
MPLS Optical User Network Interface Commands on Cisco IOS XR Software
-
MPLS OAM Commands on Cisco IOS XR Software
-
Virtual Private Network Commands on Cisco IOS XR Software
-
Virtual Private LAN Services Commands on Cisco IOS XR Software
-
Index
-
Table Of Contents
Virtual Private Network Commands on Cisco IOS XR Software
clear l2tp counters control session
clear l2tp counters control tunnel
clear l2vpn counters bridge mac-withdrawal
clear l2vpn forwarding counters
clear l2vpn forwarding mac-address-table
clear l2vpn forwarding message counters
show l2tp counters forwarding session
Virtual Private Network Commands on Cisco IOS XR Software
This chapter describes the commands used to configure, monitor, and troubleshoot a Layer 2 or Layer 3 virtual private network (VPN).
For detailed information about MPLS concepts, configuration tasks, and examples, refer to the
Cisco IOS XR MPLS Configuration Guide.authentication (L2TP)
To enable L2TP authentication for a specified L2TP class name, use the authentication command in L2TP class configuration mode. To return to the default behavior, use the no form of this command.
authentication
no authentication
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
L2TP class configuration
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Note
You can also enable L2TP authentication for a specified class name from L2TP class configuration submode. To enter this submode, enter the l2tp-class command followed by the class name.
Task ID
Examples
The following example shows how to configure L2TP authentication for the specified L2TP class name "cisco":
RP/0/0/CPU0:router# configureRP/0/0/CPU0:router(config)# l2tp-class ciscoRP/0/0/CPU0:router(config-l2tp-class)# authenticationRelated Commands
clear l2tp counters control session
To clear L2TP control counters for a session, use the clear l2tp counters control session command in EXEC mode.
clear l2tp counters control session {fsm} [event | state transition]
Syntax Description
fsm
Clears finite state machine counters.
event
Clears state machine event counters.
state
Clears state machine state counters.
transition
Clears state machine transition counters.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear all L2TP state machine transition counters:
RP/0/0/CPU0:router# clear l2tp counters control session fsm state transitionRelated Commands
Clears L2TP control tunnel counters.
Clears L2TP tunnels.
Shows L2TP forward session counters.
clear l2tp counters control tunnel
To clear L2TP control counters for a tunnel, use the clear l2tp counters control tunnel command in EXEC mode.
clear l2tp counters control tunnel {all | authentication | id tunnel id}
Syntax Description
all
Clears all L2TP counters, except authentication counters
authentication
Clears tunnel authentication counters.
id tunnel id
Clears a specified counter. Range is 1 to 4294967295.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear all L2TP control tunnel counters:
RP/0/0/CPU0:router# clear l2tp counters control tunnel allRelated Commands
Clears L2TP control session counters.
Clears L2TP tunnels.
Shows L2TP forward session counters.
clear l2tp tunnel
To clear L2TP tunnels, use the clear l2tp tunnel command in EXEC mode.
clear l2tp tunnel {all | id tunnel id | l2tp-class class name | local ipv4 ipv4 address |
remote ipv4 ipv4 address]Syntax Description
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear all L2TP tunnels:
RP/0/0/CPU0:router# clear l2tp tunnel allRelated Commands
Clears L2TP session counters.
Clears L2TP tunnel counters.
Displays information about L2TP sessions.
clear l2vpn collaborators
To clear the state change counters for L2VPN collaborators, use the clear l2vpn collaborators command in EXEC mode.
clear l2vpn collaborators
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear change counters for L2VPN collaborators:
RP/0/RP0/CPU0:router# clear l2vpn collaboratorsRelated Commands
clear l2vpn counters l2tp
To clear L2VPN statistical information, such as, packets dropped, use the clear l2vpn counters l2tp command in EXEC mode.
clear l2vpn counters l2tp [neighbor ip-address [pw-id value]]
Syntax Description
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear all L2TP counters:
RP/0/RP0/CPU0:router# clear l2vpn counters l2tpRelated Commands
clear l2vpn counters bridge mac-withdrawal
To clear the MAC withdrawal statistics for the counters of the bridge domain, use the clear l2vpn counters bridge mac-withdrawal command in EXEC mode.
clear l2vpn counters bridge mac-withdrawal {all | group group name {bd-name bd-name} | neighbor ip-address {pw-id value}}
Syntax Description
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear the MAC withdrawal statistics over all the bridges:
RP/0/0/CPU0:router# clear l2vpn counters bridge mac-withdrawal allclear l2vpn forwarding counters
To clear L2VPN forwarding counters, use the clear l2vpn forwarding counters command in EXEC mode.
clear l2vpn forwarding counters
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear L2VPN forwarding counters:
RP/0/RP0/CPU0:router# clear l2vpn forwarding countersRelated Commands
Displays the state of the interprocess communications connections between l2vpn_mgr and other processes.
clear l2vpn forwarding mac-address-table
To clear L2VPN forwarding MAC address tables, use the clear l2vpn forwarding mac-address-table command in EXEC mode.
clear l2vpn forwarding mac-address-table {address address | bridge-domain name | interface type interface-id | location node-id}
Syntax Description
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Release 3.5.0
This command was introduced on the Cisco CRS-1 and Cisco XR 12000 Series Router.
Release 3.6.0
No modification.
Release 3.7.0
No modification.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear L2VPN forwarding MAC address tables on a specified node:
RP/0/RP0/CPU0:router# clear l2vpn forwarding mac-address location 1/1/1Related Commands
Displays the state of the interprocess communications connections between l2vpn_mgr and other processes.
clear l2vpn forwarding message counters
To clear L2VPN forwarding message counters, use the clear l2vpn forwarding message counters command in EXEC mode.
clear l2vpn forwarding message counters {location node-id}
Syntax Description
location node-id
Clears L2VPN forwarding message counters for the specified location. The node-id argument is entered in the rack/slot/module notation.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Release 3.5.0
This command was introduced on the Cisco CRS-1 and Cisco XR 12000 Series Router.
Release 3.6.0
No modification.
Release 3.7.0
No modification.
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear L2VPN forwarding message counters:
RP/0/RP0/CPU0:router# clear l2vpn forwarding message counters location 0/1/0Related Commands
Displays the state of the interprocess communications connections between l2vpn_mgr and other processes.
clear l2vpn forwarding table
To clear an L2VPN forwarding table at a specified location, use the clear l2vpn forwarding table command in EXEC mode.
clear l2vpn forwarding table {location node-id}
Syntax Description
location node-id
Clears L2VPN forwarding tables for the specified location. The L2TP class name argument is entered using standard rack/slot/module notation.
Defaults
No default behavior or values
Command Modes
EXEC
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to clear an L2VPN forwarding table from a specified location:
RP/0/RP0/CPU0:router# clear l2vpn forwarding table location 1/2/3/5Related Commands
Displays the state of the interprocess communications connections between l2vpn_mgr and other processes.
digest (L2TP)
To configure digest options. use the digest command in L2TP class configuration mode. To return to the default behavior, use the no form of this command.
digest {check disable | hash {MD5 | SHA1} | secret {0 | 7 | word}}
no digest {check disable | hash {MD5 | SHA1} | secret {0 | 7 | word}}
Syntax Description
check disable
Disables digest checking.
hash {MD5 | SHA1}
Configures the digest hash method (MD5 or SHA1). Default is MD5.
secret {0 | 7 | word}
Configures a shared secret for message digest.
Defaults
check disable: Digest checking is enabled by default.
hash: Default is MD5 if the digest command is issued without the secret keyword option and L2TPv3 integrity checking is enabled.
Command Modes
L2TP class configuration
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
The digest secret and hash algorithm can be configured in the l2tp-class configuration for authentication of the control channel. For control channel authentication to work correctly, however, both sides of the L2TP control channel connection must share a common secret and hash algorithm.
To update of digest secret without network disruption, Cisco supports a maximum to two digest secrets. You can configure a new secret while keeping the old secret valid. You can safely remove the old secret after you update all affected peer nodes with a new secret,
Task ID
Examples
The following example shows how to configure digest options for L2TP:
RP/0/0/CPU0:router# configureRP/0/0/CPU0:router(config)# l2tp-class ciscoRP/0/0/CPU0:router(config-l2tp-class)# digest checkRP/0/0/CPU0:router(config-l2tp-class)# digest secret cisco hash md5Related Commands
hello-interval (L2TP)
To configure the hello-interval value for L2TP (duration between control channel hello packets), use the hello interval (L2TP) command in L2TP class configuration mode. To return to the default behavior, use the no form of this command.
hello-interval interval
no hello-interval interval
Syntax Description
interval
Interval (in seconds) between control channel hello packets. The range is from 0 to 1000. Default is 60 seconds.
Defaults
interval: 60 seconds
Command Modes
L2TP class configuration
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to configure the hello-interval value for L2TP to 22 seconds:
RP/0/0/CPU0:router# configureRP/0/0/CPU0:router(config)# l2tp-class ciscoRP/0/0/CPU0:router(config-l2tp-class)# hello-interval 22Related Commands
hidden (L2TP)
To enable hidden attribute-value pairs (AVPs), use the hidden command in L2TP class configuration mode. To return to the default behavior, use the no form of this command.
hidden
no hidden
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
L2TP class configuration
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to enable hidden AVPs:
RP/0/0/CPU0:router# configureRP/0/0/CPU0:router(config)# l2tp-class ciscoRP/0/0/CPU0:router(config-l2tp-class)# hiddenRelated Commands
hostname (L2TP)
To define the name used in the L2TP hostname AVP, use the hostname command in L2TP class configuration mode. To return to the default behavior, use the no form of this command.
hostname {name}
no hostname {name}
Syntax Description
Defaults
No default behavior or values
Command Modes
L2TP class configuration
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to configure a hostname using the word "cisco":
RP/0/0/CPU0:router# configureRP/0/0/CPU0:router(config)# l2tp-class ciscoRP/0/0/CPU0:router(config-l2tp-class)# hostname ciscoRelated Commands
interface (p2p)
To configure an attachment circuit, use the interface command in p2p configuration submode. To return to the default behavior, use the no form of this command.
interface interface name
no interface interface name
Syntax Description
interface name
Configures the name of the interface or attachment circuit in rack/slot/instance/port format.
Defaults
No default behavior or values
Command Modes
p2p configuration submode
Command History
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.
Task ID
Examples
The following example shows how to configure an attachment circuit on a TenGigE interface:
RP/0/RP0/CPU0:router# configureRP/0/RP0/CPU0:router(config)# l2vpnRP/0/RP0/CPU0:router(config-l2vpn)# xconnect group gr1RP/0/RP0/CPU0:router(config-l2vpn-xc)# p2p p001RP/0/RP0/CPU0:router(config-l2vpn-xc-p2p)# interface TenGigE 1/1/1/1Related Commands
l2tp-class
To enter L2TP class configuration mode where you can define an L2TP signalling template, use the l2tp-class command in global configuration mode. To delete the L2TP class, use the no form of this command.
l2tp-class l2tp-class name
no l2tp-class l2tp-class name
Syntax Description
