End of Support

Layer 2 Protocol Forwarding

EOS supports Layer2 (L2) Protocol Forwarding on Ethernet interfaces in addition to Type-5 PW. Also, EOS allows selective forwarding of certain L2 Protocol packets, such as tagged, untagged, and all, instead of forwarding all LACP frames, both tagged and untagged. The protocol list for L2 Protocol Forwarding also supports PAUSE, LACP, LLDP, MACsec, and STP. Additionally, L2PF supports the Per-VLAN Spanning Tree (PVST) protocol to forward, drop, or trap PVST packets on Type-2 platforms. EOS enables drop support for all supported protocols.

Configuring L2 Protocol Forwarding

Use the following commands to create a profile that allows forwarding tagged/untagged/all types of PAUSE/LACP/LLDP/MACSEC/STP/E-LMI/ ISIS/micro-BFD frames.

switch(config-l2-protocol)# forwarding profile abc
switch(config-l2-protocol-abc)# isis forward
switch(config-l2-protocol-abc)# macsec tagged forward
switch(config-l2-protocol-abc)# pause untagged forward
switch(config-l2-protocol-abc)# exit

The following commands apply the profile to an interface or subinterface:

switch(config)# int ethernet1/1
switch(config-if-Et1/1)# l2-protocol forwarding profile abc
switch(config-if-Et1/1)# exit
switch(config)# int ethernet2/1.1
switch(config-if-Et2/1.1)# l2-protocol forwarding profile def
switch(config-if-Et2/1.1)# exit

TCAM Profile

A specific TCAM profile is required to configure L2 Protocol Forwarding profiles except if the L2 Protocol Forwarding profile has only ‘lacp forward’ and is configured on Type-5 PW ports on Type-1 platforms. One such TCAM profile is as follows:

switch(config)# hardware tcam
switch(config-tcam)# profile l2protocolfwd
switch(config-tcam-profile-12protocolfwd)# feature acl port ip
switch(config-tcam-feature-acl-port-ip)# sequence 45
switch(config-tcam-feature-acl-port-ip)# key size limit 160
switch(config-tcam-feature-acl-port-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control ttl
switch(config-tcam-feature-acl-port-ip)# action count drop
switch(config-tcam-feature-acl-port-ip)# packet ipv4 forwarding bridged
switch(config-tcam-feature-acl-port-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-port-ip)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-acl-port-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-acl-port-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-acl-port-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-acl-port-ip)# packet ipv4 VXLAN eth ipv4 forwarding routed decap
switch(config-tcam-feature-acl-port-ip)# packet ipv4 VXLAN forwarding bridged decap
switch(config-tcam-feature-acl-port-ip)# feature acl port ipv6
switch(config-tcam-feature-acl-port-ipv6)# sequence 25
switch(config-tcam-feature-acl-port-ipv6)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-ops-3b l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-port-ipv6)# action count drop
switch(config-tcam-feature-acl-port-ipv6)# packet ipv6 forwarding bridged
switch(config-tcam-feature-acl-port-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-port-ipv6)# packet ipv6 forwarding routed multicast
switch(config-tcam-feature-acl-port-ipv6)# packet ipv6 ipv6 forwarding routed decap
switch(config-tcam-feature-acl-port-ipv6)# feature acl port mac
switch(config-tcam-feature-acl-port-mac)# sequence 55
switch(config-tcam-feature-acl-port-mac)# key size limit 160
switch(config-tcam-feature-acl-port-mac)# key field dst-mac ether-type src-mac
switch(config-tcam-feature-acl-port-mac)# action count drop
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding bridged
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-acl-port-mac)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 VXLAN forwarding bridged decap
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding bridged
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed multicast
switch(config-tcam-feature-acl-port-mac)# packet ipv6 ipv6 forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet mpls forwarding bridged decap
switch(config-tcam-feature-acl-port-mac)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet non-ip forwarding bridged
switch(config-tcam-feature-acl-port-mac)# feature acl subintf ip
switch(config-tcam-feature-acl-subintf-ip)# sequence 40
switch(config-tcam-feature-acl-subintf-ip)# key size limit 160
switch(config-tcam-feature-acl-subintf-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control ttl
switch(config-tcam-feature-acl-subintf-ip)# action count drop
switch(config-tcam-feature-acl-subintf-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-subintf-ip)# feature acl subintf ipv6
switch(config-tcam-feature-acl-subintf-ipv6)# sequence 15
switch(config-tcam-feature-acl-subintf-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-subintf-ipv6)# action count drop
switch(config-tcam-feature-acl-subintf-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-subintf-ipv6)# feature acl vlan ip
switch(config-tcam-feature-acl-vlan-ip)# sequence 35
switch(config-tcam-feature-acl-vlan-ip)# key size limit 160
switch(config-tcam-feature-acl-vlan-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control ttl
switch(config-tcam-feature-acl-vlan-ip)# action count drop
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 VXLAN eth ipv4 forwarding routed decap
switch(config-tcam-feature-acl-vlan-ip)# feature acl vlan ipv6
switch(config-tcam-feature-acl-vlan-ipv6)# sequence 10
switch(config-tcam-feature-acl-vlan-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-vlan-ipv6)# action count drop
switch(config-tcam-feature-acl-vlan-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-vlan-ipv6)# packet ipv6 ipv6 forwarding routed decap
switch(config-tcam-feature-acl-vlan-ipv6)# feature acl vlan ipv6 egress
switch(config-tcam-feature-acl-vlan-ipv6-egress)# sequence 20
switch(config-tcam-feature-acl-vlan-ipv6-egress)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-vlan-ipv6-egress)# action count drop
switch(config-tcam-feature-acl-vlan-ipv6-egress)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-vlan-ipv6-egress)# feature counter lfib
switch(config-tcam-feature-counter-lfib)# sequence 85
switch(config-tcam-feature-counter-lfib)# feature l2-protocol forwarding
switch(config-tcam-feature-l2-protocol-fowarding)# sequence 95
switch(config-tcam-feature-l2-protocol-fowarding)# key size limit 160
switch(config-tcam-feature-l2-protocol-fowarding)# key field dst-mac vlan-tag-format
switch(config-tcam-feature-l2-protocol-fowarding)# action mirror redirect-to-cpu set-tc
switch(config-tcam-feature-l2-protocol-fowarding)# packet non-ip forwarding bridge
switch(config-tcam-feature-l2-protocol-fowarding)# packet non-ip forwarding bridged sub-interface
switch(config-tcam-feature-l2-protocol-fowarding)# feature mirror ip
switch(config-tcam-feature-mirror-ip)# sequence 80
switch(config-tcam-feature-mirror-ip)# key size limit 160
switch(config-tcam-feature-mirror-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control
switch(config-tcam-feature-mirror-ip)# action count mirror set-policer
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding bridged
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-mirror-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-mirror-ip)# feature mpls
switch(config-tcam-feature-mpls)# sequence 5
switch(config-tcam-feature-mpls)# key size limit 160
switch(config-tcam-feature-mpls)# action drop redirect set-ecn
switch(config-tcam-feature-mpls)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-mpls)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-mpls)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-mpls)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-mpls)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-mpls)# feature mpls pop ingress
switch(config-tcam-feature-mpls-pop-ingress)# sequence 90
switch(config-tcam-feature-mpls-pop-ingress)# feature pbr ip
switch(config-tcam-feature-pbr-ip)# sequence 60
switch(config-tcam-feature-pbr-ip)# key size limit 160
switch(config-tcam-feature-pbr-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control
switch(config-tcam-feature-pbr-ip)# action count redirect
switch(config-tcam-feature-pbr-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-pbr-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 VXLAN forwarding bridged decap
switch(config-tcam-feature-pbr-ip)# feature pbr ipv6
switch(config-tcam-feature-pbr-ipv6)# sequence 30
switch(config-tcam-feature-pbr-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-pbr-ipv6)# action count redirect
switch(config-tcam-feature-pbr-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-pbr-ipv6)# feature pbr mpls
switch(config-tcam-feature-pbr-mpls)# sequence 65
switch(config-tcam-feature-pbr-mpls)# key size limit 160
switch(config-tcam-feature-pbr-mpls)# key field mpls-inner-ip-tos
switch(config-tcam-feature-pbr-mpls)# action count drop redirect
switch(config-tcam-feature-pbr-mpls)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-pbr-mpls)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-pbr-mpls)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-pbr-mpls)# feature qos ip
switch(config-tcam-feature-qos-ip)# sequence 75
switch(config-tcam-feature-qos-ip)# key size limit 160
switch(config-tcam-feature-qos-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control
switch(config-tcam-feature-qos-ip)# action set-dscp set-policer set-tc
switch(config-tcam-feature-qos-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-qos-ip)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-qos-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-qos-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-qos-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-qos-ip)# feature qos ipv6
switch(config-tcam-feature-qos-ipv6)# sequence 70
switch(config-tcam-feature-qos-ipv6)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low
switch(config-tcam-feature-qos-ipv6)# action set-dscp set-policer set-tc
switch(config-tcam-feature-qos-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-qos-ipv6)# feature tunnel VXLAN
switch(config-tcam-feature-tunnel-VXLAN)# sequence 50
switch(config-tcam-feature-tunnel-VXLAN)# key size limit 160
switch(config-tcam-feature-tunnel-VXLAN)# packet ipv4 VXLAN eth ipv4 forwarding routed decap
switch(config-tcam-feature-tunnel-VXLAN)# packet ipv4 VXLAN forwarding bridged decap

For ISIS protocol forwarding, “snoop” action has to be present in the TCAM profile for l2-protocol forwarding feature as follows:

switch(config-tcam)# feature l2-protocol forwarding
switch(config-tcam-l2-protocol forwarding)# sequence 95
switch(config-tcam-l2-protocol forwarding)# key size limit 160
switch(config-tcam-l2-protocol forwarding)# key field dst-mac vlan-tag-format
switch(config-tcam-l2-protocol forwarding)# action mirror redirect-to-cpu set-tc snoop
switch(config-tcam-l2-protocol forwarding)# packet non-ip forwarding bridged
switch(config-tcam-l2-protocol forwarding)# packet non-ip forwarding bridged sub-interface

For the special case of micro-BFD protocol forwarding, the following TCAM profile needs to be applied:

switch(config)# hardware tcam
switch(config-tcam)# profile l2protocolfwd-bfd-rfc-7130
switch(config-tcam-profile l2protocolfwd-bfd-rfc-7130)# feature acl port ip egress mpls-tunnelled-match
switch(config-tcam-feature-acl-port-ip-egress-mpls-tunnelled-match)# sequence 95
switch(config-tcam-feature-acl-port-ip-egress-mpls-tunnelled-match)# feature acl port ipv6 egress
switch(config-tcam-feature-acl-port-ipv6-egress)# sequence 105
switch(config-tcam-feature-acl-port-ipv6-egress)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-port-ipv6-egress)# action count drop mirror
switch(config-tcam-feature-acl-port-ipv6-egress)# packet ipv6 forwarding bridged
switch(config-tcam-feature-acl-port-ipv6-egress)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-port-ipv6-egress)# feature acl port mac
switch(config-tcam-feature-acl-port-mac)# sequence 55
switch(config-tcam-feature-acl-port-mac)# key size limit 160
switch(config-tcam-feature-acl-port-mac)# key field dst-mac ether-type src-mac
switch(config-tcam-feature-acl-port-mac)# action count drop mirror
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding bridged
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-port-mac)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-acl-port-mac)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet ipv4 VXLAN forwarding bridged decap
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding bridged
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet ipv6 forwarding routed multicast
switch(config-tcam-feature-acl-port-mac)# packet ipv6 ipv6 forwarding routed decap
switch(config-tcam-feature-acl-port-mac)# packet mpls forwarding bridged decap
switch(config-tcam-feature-acl-port-mac)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-acl-port-mac)# packet non-ip forwarding bridged
switch(config-tcam-feature-acl-port-mac)# feature acl subintf ip
switch(config-tcam-feature-acl-subintf-ip)# sequence 40
switch(config-tcam-feature-acl-subintf-ip)# key size limit 160
switch(config-tcam-feature-acl-subintf-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control ttl
switch(config-tcam-feature-acl-subintf-ip)# action count drop
switch(config-tcam-feature-acl-subintf-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-subintf-ip)# feature acl subintf ipv6
switch(config-tcam-feature-acl-subintf-ipv6)# sequence 15
switch(config-tcam-feature-acl-subintf-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-subintf-ipv6)# action count drop
switch(config-tcam-feature-acl-subintf-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-subintf-ipv6)# feature acl vlan ip
switch(config-tcam-feature-acl-vlan-ip)# sequence 35
switch(config-tcam-feature-acl-vlan-ip)# key size limit 160
switch(config-tcam-feature-acl-vlan-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control ttl
switch(config-tcam-feature-acl-vlan-ip)# action count drop
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-acl-vlan-ip)# packet ipv4 VXLAN eth ipv4 forwarding routed decap
switch(config-tcam-feature-acl-vlan-ip)# feature acl vlan ipv6
switch(config-tcam-feature-acl-vlan-ipv6)# sequence 10
switch(config-tcam-feature-acl-vlan-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-vlan-ipv6)# action count drop
switch(config-tcam-feature-acl-vlan-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-vlan-ipv6)# packet ipv6 ipv6 forwarding routed decap
switch(config-tcam-feature-acl-vlan-ipv6)# feature acl vlan ipv6 egress
switch(config-tcam-feature-acl-vlan-ipv6-egress)# sequence 20
switch(config-tcam-feature-acl-vlan-ipv6-egress)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-acl-vlan-ipv6-egress)# action count drop mirror
switch(config-tcam-feature-acl-vlan-ipv6-egress)# packet ipv6 forwarding bridged
switch(config-tcam-feature-acl-vlan-ipv6-egress)# packet ipv6 forwarding routed
switch(config-tcam-feature-acl-vlan-ipv6-egress)# feature counter lfib
switch(config-tcam-feature-counter-lfib)# sequence 85
switch(config-tcam-feature-counter-lfib)# feature forwarding-destination mpls
switch(config-tcam-feature-forwarding-destination-mpls)# sequence 100
switch(config-tcam-feature-forwarding-destination-mpls)# feature l2-protocol forwarding
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# sequence 95
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# key size limit 160
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# key field dst-mac vlan-tag-format
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# action mirror redirect-to-cpu set-tc
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# packet ipv4 forwarding bridged
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# packet ipv6 forwarding bridged
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# packet non-ip forwarding bridged
switch(config-tcam-feature-forwarding-l2-protocol-forwarding)# feature mirror ip
switch(config-tcam-feature-mirror-ip)# sequence 80
switch(config-tcam-feature-mirror-ip)# key size limit 160
switch(config-tcam-feature-mirror-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control
switch(config-tcam-feature-mirror-ip)# action count mirror set-policer
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding bridged
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-mirror-ip)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-mirror-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-mirror-ip)# feature mpls
switch(config-tcam-feature-mpls)# sequence 5
switch(config-tcam-feature-mpls)# key size limit 160
switch(config-tcam-feature-mpls)# action drop redirect set-ecn
switch(config-tcam-feature-mpls)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-mpls)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-mpls)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-mpls)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-mpls)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-mpls)# feature mpls pop ingress
switch(config-tcam-feature-mpls-pop-ingress)# sequence 90
switch(config-tcam-feature-mpls-pop-ingress)# feature pbr ip
switch(config-tcam-feature-pbr-ip)# sequence 60
switch(config-tcam-feature-pbr-ip)# key size limit 160
switch(config-tcam-feature-pbr-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control
switch(config-tcam-feature-pbr-ip)# action count redirect
switch(config-tcam-feature-pbr-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-pbr-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-pbr-ip)# packet ipv4 VXLAN forwarding bridged decap
switch(config-tcam-feature-pbr-ip)# feature pbr ipv6
switch(config-tcam-feature-pbr-ipv6)# sequence 30
switch(config-tcam-feature-pbr-ipv6)# key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
switch(config-tcam-feature-pbr-ipv6)# action count redirect
switch(config-tcam-feature-pbr-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-pbr-ipv6)# feature pbr mpls
switch(config-tcam-feature-pbr-mpls)# sequence 65
switch(config-tcam-feature-pbr-mpls)# key size limit 160
switch(config-tcam-feature-pbr-mpls)# key field mpls-inner-ip-tos
switch(config-tcam-feature-pbr-mpls)# action count drop redirect
switch(config-tcam-feature-pbr-mpls)# packet mpls ipv4 forwarding mpls
switch(config-tcam-feature-pbr-mpls)# packet mpls ipv6 forwarding mpls
switch(config-tcam-feature-pbr-mpls)# packet mpls non-ip forwarding mpls
switch(config-tcam-feature-pbr-mpls)# feature qos ip
switch(config-tcam-feature-qos-ip)# sequence 75
switch(config-tcam-feature-qos-ip)# key size limit 160
switch(config-tcam-feature-qos-ip)# key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control
switch(config-tcam-feature-qos-ip)# action set-dscp set-policer set-tc
switch(config-tcam-feature-qos-ip)# packet ipv4 forwarding routed
switch(config-tcam-feature-qos-ip)# packet ipv4 forwarding routed multicast
switch(config-tcam-feature-qos-ip)# packet ipv4 mpls ipv4 forwarding mpls decap
switch(config-tcam-feature-qos-ip)# packet ipv4 mpls ipv6 forwarding mpls decap
switch(config-tcam-feature-qos-ip)# packet ipv4 non-VXLAN forwarding routed decap
switch(config-tcam-feature-qos-ip)# feature qos ipv6
switch(config-tcam-feature-qos-ipv6)# sequence 70
switch(config-tcam-feature-qos-ipv6)# key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low
switch(config-tcam-feature-qos-ipv6)# action set-dscp set-policer set-tc
switch(config-tcam-feature-qos-ipv6)# packet ipv6 forwarding routed
switch(config-tcam-feature-qos-ipv6)# feature tunnel VXLAN
switch(config-tcam-feature-tunnel-VXLAN)# sequence 50
switch(config-tcam-feature-tunnel-VXLAN)# key size limit 160
switch(config-tcam-feature-tunnel-VXLAN)# packet ipv4 VXLAN eth ipv4 forwarding routed decap
switch(config-tcam-feature-tunnel-VXLAN)# packet ipv4 VXLAN forwarding bridged decap

Once l2protocolfwd or l2protocolfwd-bfd-rfc-7130 tcam profile is created, the profile needs to be applied to the switch using the following command under config mode:

switch(config)# hardware tcam
switch(config-tcam)# system profile l2protocolfwd

Consumption of TCAM

The following table describes how TCAM is consumed when the same L2 Protocol Forwarding profile is applied:


Level of application	Type-1 platforms	Type-2 platforms
Front panel ports	Separate TCAM entries for each port	Same set of TCAM entries for ports on the same fap and core
Subinterfaces	Same set of TCAM entries for subinterfaces on the same fap	Same set of TCAM entries for subinterfaces on the same fap and core

L2 Protocol Forwarding Limitations

A maximum of 31 distinct L2 Protocol Forwarding profiles are applied across multiple subinterfaces on the same FAP.
A maximum of 31 distinct L2 Protocol Forwarding profiles are applied across multiple subinterfaces, and front panel ports on the same FAP on Type-2 platforms.
The feature is not supported for subinterfaces on Type-1 platforms if any of the following features are present in the TCAM Profile:
- feature pbr subintf ip
- feature pbr subintf ipv6
- feature pbr subintf mpls

L2 Protocol Forwarding Show commands

The show l2-protocol forwarding interface displays the L2 protocol forwarding profile configuration corresponding to the interfaces or subinterfaces.

switch(config)# show l2-protocol forwarding interface

Interface     Profile
------------- -------
Ethernet1/1   abc
Ethernet2/1.1 def
 

switch> show l2-protocol forwarding interface Ethernet1/1


Interface   Profile   
----------- --------
Ethernet1/1 abc

The following show commands display all packet forwarding behavior on an interface or a subinterface:

switch(config)# show l2-protocol forwarding interface detail                                                                                                                                                                                      
Tagging Types: T: tagged U: untagged
Actions: F: forward
                      BFD RFC-7130 E-LMI ISIS LACP LLDP MACSEC PAUSE STP
Interface     Profile   T     U    T  U  T U  T U  T U  T   U  T  U  T U
------------- ------- ----- ------ -- -- - -- - -- - -- -- --- -- -- - -                                                                                                                                             
Ethernet1/1   abc       -     -    -  -  F  F - -  - -  F   -  -  F  - -
Ethernet2/2.1 def       -     -    -  -  - -  - -  - -  -   -  -  -  - -

switch> show l2-protocol forwarding interface Ethernet1/1 detail
Tagging Types: T: tagged U: untagged                                                                                                                                                                        
Actions: F: forward                                                                                                                                                                                         
                      BFD RFC-7130 E-LMI ISIS LACP LLDP MACSEC PAUSE STP
Interface     Profile   T     U    T  U  T U  T U  T U  T   U  T  U  T U
------------- ------- ----- ------ -- -- - -- - -- - -- -- --- -- -- - -                                                                                                                                                             
Ethernet1/1   abc       -     -    -  -  F F  - -  - -  F   -  -  F  - -

switch> show l2-protocol forwarding interface Ethernet2/2.1 detail
Tagging Types: T: tagged U: untagged                                                                                                                                                                        
Actions: F: forward                                                                                                                                                                                         
                      BFD RFC-7130 E-LMI ISIS LACP LLDP MACSEC PAUSE STP
Interface     Profile   T     U    T  U  T U  T U  T U  T   U  T  U  T U
------------- ------- ----- ------ -- -- - -- - -- - -- -- --- -- -- - -                                                                                                                                                             
Ethernet2/2.1 def       -     -    -  -  - -  - -  - -  -   -  -  -  - -

Quality of Service

This chapter describes the EOS Quality of Service (QoS) implementation, including configuration instructions and command descriptions. Topics covered by this chapter include the following:

Quality of Service Conceptual Overview
QoS Configuration: Platform-Independent Features
QoS Configuration: Arad Platform Switches
QoS Configuration: Jericho Platform Switches
QoS Configuration: FM6000 Platform Switches
QoS Configuration: Petra Platform Switches
QoS Configuration: Trident and Tomahawk Platform Switches
QoS Configuration: Trident II and Helix Platform Switches
Support for Configuring Color Extended Communities
ACL based QoS Configuration
Configuring IPv6 Flow Label Matches for QoS
Differentiated MMU Discard Counters
txQueue Percentage-based Shaping
Configuring Round Robin Scheduling on Shaped Subinterfaces
Explicit Congestion Notification (ECN)
Latency-based Explicit Congestion Notification
Configuring a Low Latency Transmit Queue Scheduler Profile
Quality of Service Configuration Commands
Chipset Mapping for QoS

Quality of Service Conceptual Overview

QoS processes apply to traffic that flows through Ethernet ports and control planes. These processes can modify data fields (CoS or DSCP) or assign data streams to traffic classes for prioritized handling. Transmission queues are configurable for individual Ethernet ports to shape traffic based on its traffic class. Many switches also support traffic policies that apply to data that is filtered by access control lists.

The following sections describe QoS features:

Identifying the Switch Platform
QoS Data Fields and Traffic Classes
Transmit Queues and Port Shaping
Explicit Congestion Notification (ECN)
ACL Policing
Quality of Service (QoS) Profiles

Identifying the Switch Platform

QoS configuration varies significantly by switch platform. A list of Arista switch model numbers and their corresponding switch platforms (chipsets) can be found in the Chipset Mapping for QoS.

On some switches, the platform can also be determined by entering platform ? in the CLI.

Example

This command shows that the example switch is running on the Trident platform.

switch(config)# platform ?
  trident  Trident chip
switch(config)#

QoS Data Fields and Traffic Classes

Quality of Service (QoS) defines a method of differentiating data streams to provide varying levels of service to the different streams.

Criteria determining a packet’s priority level include packet field contents and the port where data packets are received. QoS settings are translated into traffic classes, which are then used by switches to manage all traffic flows. Traffic flow management varies with each switch platform.

QoS Data Fields

Quality of service decisions are based on the contents of the following packet fields:

CoS (three bits): Class of service (CoS) is a 3-bit field in Ethernet frame headers using VLAN tagging. The field specifies a priority value between zero and seven. Class of service operates at Layer 2.
DSCP (six bits): Differentiated Service Code Point (DSCP) is a 6-bit field in the Type Of Service (TOS) field of IP packet headers.

Port Settings – Trust Mode and Traffic Class

Ethernet and port channel interfaces support three QoS trust modes:

CoS Trust: Ports use inbound packet CoS field contents to derive the traffic class.
DSCP Trust: Ports use inbound packets DSCP field contents to derive the traffic class.
Untrusted: Ports use their default values to derive the traffic class, ignoring packet contents.

The default mode setting is CoS trust for switched ports and DSCP trust for routed ports.

Ports are associated with default CoS, DSCP, and traffic class settings; defaults vary by platform.

These sections describe procedures for configuring port settings:

CoS and DSCP Port Settings – Arad Platform Switches
CoS and DSCP Port Settings – FM6000 Platform Switches
CoS and DSCP Port Settings – Petra Platform Switches
CoS and DSCP Port Settings – Trident and Tomahawk Platform Switches
CoS and DSCP Port Settings – Trident II and Helix Platform Switches

Rewriting CoS and DSCP

CoS Rewrite

Switches can rewrite the CoS field for outbound tagged packets. The new CoS value is configurable, and is derived from a data stream’s traffic class as specified by the traffic class-to-CoS rewrite map. CoS rewrite is disabled on all the traffic received on CoS trusted ports.

On Arad, Jericho, FM6000, Trident and Tomahawk, Trident II, and Helix platform switches, CoS rewrite can be enabled or disabled on DSCP trusted ports and untrusted ports.

CoS rewrite is globally enabled by default for packets received on untrusted ports and DSCP trusted ports if at least one port is explicitly configured in DSCP trust or untrusted mode.
CoS rewrite is globally disabled by default for packets received on untrusted ports and DSCP trusted ports if there are no ports explicitly configured in DSCP trust or untrusted mode.

On Petra platform switches, CoS rewrite is always enabled on DSCP trusted ports and untrusted ports.

DSCP Rewrite

Switches can rewrite the DSCP field for outbound IP packets. On FM6000, Trident and Tomahawk, Trident II, and Helix platform switches, DSCP rewrite is disabled by default on all ports and always disabled for traffic received on DSCP trusted ports. On Petra, Arad, and Jericho platform switches, DSCP rewrite is always disabled.

FM6000, Trident and Tomahawk, Trident II, and Helix platform switches provide a command that enables or disables DSCP rewrite for packets received on CoS trusted ports and untrusted ports. The new DSCP value is configurable, based on the data stream’s traffic class, as specified by the traffic class-to-DSCP rewrite map.

These sections describe procedures for rewriting CoS and DSCP fields:

CoS Rewrite – Arad Platform Switches
CoS and DSCP Rewrite – FM6000 Platform Switches
CoS Rewrite – Petra Platform Switches
CoS and DSCP Rewrite – Trident and Tomahawk Platform Switches
CoS and DSCP Rewrite – Trident II and Helix Platform Switches

Traffic Classes

Data stream distribution is based on their traffic classes. Data stream management varies by switch platform. Traffic classes are derived from these data stream, inbound port, and switch attributes:

CoS field contents.
DSCP field contents.
Inbound port trust setting.
CoS default setting (Arad, Jericho, FM6000, Trident and Tomahawk, Trident II, and Helix platform switches).
DSCP default setting (Arad, Jericho, FM6000, Trident and Tomahawk, and Trident II platform switches).
Traffic class default setting (Petra platform switches).

When a port is configured to derive a data stream’s traffic class from the CoS or DSCP value associated with the stream, the traffic class is determined from a conversion map.

A CoS-to-traffic class map derives a traffic class from a CoS value.
A DSCP-to-traffic class map derives a traffic class from a DSCP value.

Map entries are configurable through CLI commands. Default maps determine the traffic class value when CLI map entry commands are not configured. Default maps vary by switch platform.

These sections describe traffic class configuration procedures:

Traffic Class Derivations – Arad Platform Switches
Traffic Class Derivations – Jericho Platform Switches
Traffic Class Derivations – FM6000 Platform Switches
Traffic Class Derivations – Petra Platform Switches
Traffic Class Derivations – Trident and Tomahawk Platform Switches
Traffic Class Derivations – Trident II and Helix Platform Switches

Transmit Queues and Port Shaping

Transmit queues are logical partitions of an Ethernet port’s egress bandwidth. Data streams are assigned to queues based on their traffic class, then sent as scheduled by port and transmit settings. Support varies by switch platform. A queue’s label determines its priority: queues with the suffix 0 have the lowest priority.

Parameters that determine transmission schedules include:

Traffic class-to-transmit queue mapping determines the transmit queue for transmitting data streams based on traffic class. The set of available transmit maps vary by switch platforms:
- Arad, Jericho, FM6000, Trident II, and Helix platforms: one map for all unicast and multicast traffic.
- Trident and Tomahawk platform: one map for unicast traffic and one map for multicast traffic.
- Petra platform: one map for unicast traffic. Queue shaping is not available for multicast traffic.
Port shaping specifies a port’s maximum egress bandwidth.
Queue shaping specifies a transmit queue’s maximum egress bandwidth, and implementation varies by platform.
- Trident and Tomahawk platform: queue shaping is configurable separately for unicast and multicast queues.
- Trident II platform: queue shaping is configurable for transmit queues. Port shaping and queue shaping are supported only in store-and-forward switching mode.
- Petra platform: queue shaping is not available for multicast traffic.
- Helix platform: queue shaping is configurable for transmit queues.
- FM6000 platform: switches do not support simultaneous port shaping and queue shaping. Enabling port shaping on an FM6000 switch disables queue shaping, regardless of the previous configuration.
Guaranteed bandwidth guarantees the allocation of a specified bandwidth for a transmit queue. Guaranteed bandwidth is supported only on Trident II platforms.
Queue priority specifies the priority at which a transmit queue is serviced. The switch defines two queue priority types:
- Strict priority queues are serviced in the order of their priority rank - subject to each queue’s configured maximum bandwidth. Data is not handled for a queue until all queues with higher priority are emptied or their transmission limit is reached. These queues typically carry low latency real time traffic and require highest available priority.
- Round robin queues are serviced simultaneously subject to assigned bandwidth percentage and configured maximum bandwidth. All round robin queues have lower priority than strict priority queues. Round robin queues can be starved by strict priority queues.
Queue scheduling determines how packets from different transmit queues are serviced to be sent out on the port.
Queue bandwidth allocation specifies the time slice (percentage) assigned to a round robin queue, relative to all other round robin queues.

These sections describe transmit queue and port shaping configuration procedures:

Transmit Queues and Port Shaping – Arad Platform Switches
Transmit Queues and Port Shaping – Jericho Platform Switches
Transmit Queues and Port Shaping – FM6000 Platform Switches
Transmit Queues and Port Shaping – Petra Platform Switches
Transmit Queues and Port Shaping – Trident and Tomahawk Platform
Transmit Queues and Port Shaping – Trident II and Helix Platform Switches

Explicit Congestion Notification (ECN)

Explicit Congestion Notification (ECN) is an IP and TCP extension that facilitates end-to-end network congestion notification without dropping packets. ECN recognizes early congestion and sets flags that signal affected hosts. Trident and Tomahawk, Trident II, and Helix platform switches extend ECN support to non-TCP packets.

ECN usage requires that it is supported and enabled by both endpoints. Although only unicast flows are modified by ECN markers, the multicast, broadcast, and unmarked unicast flows can affect network congestion and influence the indication of unicast packet congestion.

ECN Conceptual Overview

The ECN field in the IP header (bits 6 and 7 in the IPv4 TOS or IPv6 traffic class octet) advertises ECN capabilities:

00: Router does not support ECN.
10: Router supports ECN.
01: Router supports ECN.
11: Congestion encountered.

Networks typically signal congestion by dropping packets. After an ECN-capable host negotiates ECN, it signals impending congestion by marking the IP header of packets encountering the congestion instead of dropping the packets. The recipient echoes the congestion indication back to the sender, which reduces its transmission rate as if it had detected a dropped packet.

Switches support ECN for unicast queues through Weighted Random Early Detection (WRED), an Active Queue Management (AQM) algorithm that extends Random Early Detection (RED) to define multiple thresholds for an individual queue. WRED determines congestion by comparing average queue size with queue thresholds. Average queue size depends on the previous average and current queue size:

average queue size = (old_avg * (1-2^(-weight))) + (current_queue_size * 2^(-weight))
where weight is the exponential weight factor used for averaging the queue size.
Packets are marked based on WRED as follows:

If average queue size is below the minimum threshold, packets are queued as in normal operation without ECN.
If average queue size is greater than the maximum threshold, packets are marked for congestion.
If average queue size is between minimum and maximum queue threshold, packets are either queued or marked. The proportion of packets that are marked increases linearly from 0% at the minimum threshold to 100% at the maximum threshold.

Treatment of packets marked as not ECN capable varies by platform.

These sections describe ECN configuration procedures:

ECN Configuration – Arad Platform Switches
ECN Configuration – Trident and Tomahawk Platform Switches

ACL Policing

ACL policing monitors the ingress data rates for a particular class of traffic and performs the action configured when the traffic exceeds the user configured value. Therefore, it allows the user to control ingress bandwidth based on packet classification. The incoming traffic is metered and marked by the policing, and based on the metering results the actions are performed.

ACL policing uses a token bucket shaping algorithm for packet transmission. Packets are eligible for transmission when token count is positive, and when token count is negative the next packet will have to wait until the token count turns positive again. The tokens are renewed at 96ns time interval (Tc). The tokens are collected in the policer bucket up to a max burst size of 16KB, and any traffic beyond this shape rate and burst size is buffered in the shared memory. The packets are dropped if there is a memory overflow.

Note: The policer bucket is refilled at a sweeper period of 0.333 millisecond. This is applicable for all the platforms.

For example, let us assume that shaping is not enabled, and the link is at 10 Gbps, that is 1.25 bytes/nsec. In such case a each refill cycle will add tokens worth 120 bytes. For a shape rate of 500 Mbps, each refill cycle will add 6 bytes. And for 64 byte worth of tokens we need around 11 refill cycles = 1us. A 64 byte packet coming immediately after a jumbo frame will have to wait longer compared to a jumbo frame coming after 64 byte packet.

Token size depends on the interface speed, following the last example:

For 10 Gbps, each refill cycle will add tokens worth 120 bytes.
For 1 Gbps, each refill cycle will add tokens worth 12 bytes.

At lower shaping rates (less than 10 Mbps), granularity and rounding errors may alter the actual shaping rate by 20% from the specified rate, and the rounding errors are much less at higher speeds. For example, At 100 Mbps you will see 98.9Mbps configured in hardware. User can use the show qos interfaces command to verify the interface speed.

The policing uses three types of traffic metering and coloring mechanisms.

Single Rate Two Color Marker
Single Rate Three Color Marker
Two Rate Three Color Marker

Single Rate Two Color Marker

It meters the packet stream and marks packets based on committed burst size (bc) and excess burst size (be).

Single Rate Three Color Marker

It meters the packet stream and marks packets based on single rate committed information rate (cir), and committed burst size (bc) and excess burst size (be). The packets are marked in green if it does not exceed the set burst size, and marked in yellow if it does exceed the burst size but not the excess burst size, and marked red otherwise. The packets are marked in two color modes.

Color-blind Mode: In color-blind mode the incoming packet color is ignored.
Color-aware Mode: In color-aware mode it is assumed that incoming packet is colored by preceding entity. And, in color-aware mode, a packet never get better than it was. If the input color of the packet is green, it can be marked as green, yellow, or red. But if the input color is yellow, then it can be marked only yellow or red.

Two Rate Three Color Marker

It meters the packet stream and marks its packets based on two rates, peak information rate (pir) and committed information rate (cir), and associated burst sizes (bc and be).The packet is marked red if rate exceeds ‘pir’, and yellow if it exceeds ‘cir’ but not 'pir' and marked green if rate is lower than 'cir'. The two rate mode is configured by setting four parameters pir, cir, bc, and be.

The ACL policing is supported on platforms specified in the table below.

Table 1. ACL Policing Support Matrix
Platform Supported	ACL Policing	ACL Policing on LAG Interface
Trident	Yes	Yes
Trident II	Yes	Yes
Trident+	Yes	Yes
FM6000	Yes	Yes
Arad	Yes	Only Per-Port
Jericho	Yes	Yes
Helix	Yes	Yes
XP	Yes	Yes
Trident 3	Yes	Yes
Tomahawk	Yes	Yes
Tomahawk 2	Yes	Yes
Tofino	No	No

Configuring ACL Policing

The policer is applied to the class inside the policy map. Policy maps can contain one or more policy map classes, each with different match criteria and policers. The following is the default behavior on conditions and available policing actions:

Police command creates a per-interface policer. If you attach per-interface policers to multiple ingress ports, each one polices the matched traffic on each ingress port separately. Per interface statistics gathered for conformed/allowed traffic and exceeded/dropped traffic.
When there is no policer configured within a class, all traffic is transmitted without any policing. If there are any actions configured, the configured actions are applied.
- conform-action (green): transmit (default).
- exceed-action (yellow): drop (default).
- violate-action (red): drop (default).
The policer bucket is refilled at a sweeper period of 0.333 milliseconds, and the tokens in the policer bucket are renewed at 96ns time interval (Tc). This is applicable for all the platforms.

Steps to Configure ACL Policing

These commands set the CIR, burst size, and creates a class and applies the policing to the policy map:

Create a policy map.
Create a class-map.
Apply the policer to the policy map created.

Examples

These commands configure the ACL policing for a policy map.

switch# configure terminal
switch(config)# policy-map [type qos] policy-name
switch(config-pmap)# class { class-name }
switch(config-pmap-c)# [no] police cir cir [{bps|kbps|mbps}] bc 
committed-burst-size [{bytes|kbytes|mbytes}]

These commands configure ACL policing in single-rate, two-color mode.

switch(config)# class-map type qos match-any class1   
switch(config-cmap-class1)# match ip access-group acl1    
switch(config-cmap-class1)# exit    

switch(config)# policy-map type quality-of-service policy1    
switch(config-pmap)# class class1     
switch(config-pmap-c)# police cir 512000 bc 96000     
switch(config-pmap-c)# exit     
switch(config-pmap)#

Displaying ACL Policing Information

Examples

This command shows the contents of all policy maps on the switch.

switch(config)# show policy-map 
Service-policy p

 Class-map: c (match-any)
    Match: ip access-group name a
       police rate 1000 mbps burst-size 100 bytes
 Class-map: class-default (match-any)
Service-policy p
 Class-map: c (match-any)
    Match: ip access-group name a
       police rate 1000 mbps burst-size 100 bytes
 Class-map: class-default (match-any)

This command shows the interface-specific police counters for interface Ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input counters
Service-policy input: policy1
Hardware programming status: Successful

Class-map: class1 (match-any) Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes Conformed 4351 packets, 1857386 bytes
Conformed 2536 packets, 3384260 bytes

Class-map: class-default (match-any) matched packets: 0

This command shows the counters associated with the policy map called p1.

switch(config)# show policy-map type qos p1 input counters
Service-policy input: p1 Class-map: c1 (match-any)
Match: ip access-group name a1
Police cir 512000 bps bc 96000 bytes Interface: Ethernet1
Conformed 4351 packets, 1857386 bytes
Exceeded 2536 packets, 3384260 bytes
Interface: Ethernet2
Conformed 2351 packets, 957386 bytes
Exceeded 1536 packets, 1384260 bytes
Class-map: class-default (match-any)
Matched packets : 3229

This command shows the QoS policy map for interface Ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input type qos
Interface: Ethernet 1 Service-policy input: policy1
Hardware programming status: Successful Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 9000 bytes
Class-map: class2 (match-any)
Match: ip access-group name acl2 set dscp 2
Class-map: class3 (match-any) Match: ip access-group name acl3
Police cir 1280000 bps bc 9000 bytes
Class-map: class-default (match-any)

Quality of Service (QoS) Profiles

QoS profiles are sets of QoS configuration instructions defined and applied at the interface level. A QoS profile serves the traffic better by reducing disorder in the running configuration. QoS profiles can modify all interface-level QoS configurations, and are supported on fabric, Ethernet, and port-channel interfaces. Control-plane policies cannot be applied using QoS profiles. Because configuration can be applied through QoS profiles or directly at the interface level, multiple configurations can be applied to the same interface. In such cases, QoS configurations with non-default values, whether configured through the CLI at the interface level or through a QoS profile, are given priority. In the case of multiple non-default values being configured, the interface-level CLI configuration is given priority.

Policy maps incorporating traffic resolution commands can also be applied by a QoS profile. If two policy maps are applied to the same interface (one through a QoS profile and another directly to the CLI).

Policy maps cannot be used on fabric interfaces. If a QoS profile which includes a policy map is applied to a fabric interface, a warning message will be displayed and the policy map will not be applied to the interface, but any additional supported configurations in the QoS profile will be applied. On SVIs and subinterfaces, QoS profiles are not supported, so policy maps must be applied directly through the CLI for these interfaces.

Note: For tx-queue configuration, conflicts between QoS profiles and configuration entered via the CLI are resolved at the tx-queue level and not at the tx-queue attribute level. If any non-default configuration has been entered for the tx-queue through the CLI, all tx-queue configuration included in the QoS profile is ignored.

IPv6 Flow Label Matches for QoS

Certain packets may include a flow label in their IPv6 headers when the source requests special handling by routers, such as for a media stream or other “real-time” service, among others. A flow consists of packets which share a single flow label, which is preserved throughout their passage from source to destination.

QoS policy map rules can match IPv6 traffic based on their flow labels. This requires a special TCAM profile (qos-match-ipv6-flow-label). These rules require either an exact match, using the “eq” operator, or both a label and a mask.

QoS Configuration: Platform-Independent Features

Creating QoS Profiles

QoS profiles are created by using the qos profile command. This also places the switch in QoS profile configuration mode, where the QoS parameters applied to interfaces are configured. To delete a QoS profile from the running configuration, use the no form of the command.

Example

This command creates a QoS profile named Test-Profile and places the switch in QoS profile configuration mode for the profile.

switch(config)# qos profile Test-Profile 
switch(config-qos-profile-Test-Profile)#

Configuring QoS Profiles

The parameters that a QoS profile applies to interfaces are configured in QoS profile configuration mode by issuing the same QoS configuration commands that are available in interface configuration mode. QoS profile configuration mode is a group change mode, and changes made in the mode are not saved until the mode is exited. To abandon all changes made while in the mode, use the abort command.

Example

These commands enter QoS profile configuration mode for a QoS profile named Test Profile, configure the CoS value and transmit queue, and save the changes to the profile.

switch(config)# qos profile Test-Profile
switch(config-qos-profile-Test-Profile)# qos cos 3
switch(config-qos-profile-Test-Profile)# priority-flow-control on
switch(config-qos-profile-Test-Profile)# exit
switch(config)#

These commands enter QoS profile configuration mode for a QoS profile named Latency, configure the maximum latency value for VOQ tail-drop threshold, and save the changes to the profile. The latency value can be specified to a maximum of 50 ms. Both milliseconds and microseconds may be used.

switch(config)# qos profile Latency
switch(config-qos-profile-Latency)# tx-queue 3
switch(config-qos-profile-Latency)# latency maximum <1-50000> microseconds
switch(config-qos-profile-Latency)# latency maximum <1-50> milliseconds
switch(config-qos-profile-Latency)# exit
switch(config)#

Attaching Policy-Map to a QoS Profile

The qos profile command places the switch in QoS profile configuration mode. The profile applies the QoS configurations to Ethernet and Port-Channel, and even to the Fabric interfaces, if it exists. A profile specifies the policy-map and other QoS supported configurations. The policy-map is then attached to the QoS profile using service-policy command.

Profiles are created in QoS-profile configuration mode, then applied to an interface in interface configuration mode.

Examples

This command places the switch in QoS profile configuration mode, the policy-map is then attached to the profile using service-policy command in this mode.
```
switch(config)# qos profile TP
switch(config-qos-profile-TP)#
```

This command applies the policy-map to the QoS profile.

switch(config-qos-profile-TP)# service-policy type qos input PM-1

Applying a QoS profile on an Interface

The service-profile command applies a QoS profile to the configuration mode interface.

Example

This command applies the QoS profile TP to interface ethernet 13.

switch(config)# interface ethernet 13
switch(config-if-Et13)# service-profile TP

Displaying the QoS Profile Information

The show qos profile command displays information about the QoS profiles configured and their parameters. To display the attribute of a specific profile, add the name of the profile. To display a list of configured QoS profiles and the interfaces on which they are configured, add the summary keyword.

Examples

This command displays the configured profiles and their configuration.

switch# show qos profile
qos profile p
 qos cos 1
no priority-flow-control pause watchdog
priority-flow-control priority 1 no-drop
priority-flow-control priority 2 no-drop
qos profile p2
qos cos 3
priority-flow-control priority 0 no-drop

This command displays the contents of a specific profile.

switch# show qos profile p2
qos profile p2
qos cos 3
priority-flow-control priority 0 no-drop

This command displays the interfaces on which each profile is applied.

switch# show qos profile summary
Qos Profile: p
Configured on: Et13,7
Fabric
Po12
Qos Profile: p2
Configured on: Et56

QoS Configuration: Arad Platform Switches

Implementing QoS on an Arad platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – Arad Platform Switche
Traffic Class Derivations – Arad Platform Switches
CoS Rewrite – Arad Platform Switches
Transmit Queues and Port Shaping – Arad Platform Switches
ECN Configuration – Arad Platform Switches
ACL Policing – Arad Platform Switches

Note: QoS traffic policy is supported on Trident and Tomahawk, Trident II, FM6000, Arad, and Jericho.

CoS and DSCP Port Settings – Arad Platform Switches

Port Settings – Trust Mode and Traffic Class describes port trust and default port CoS and DSCP values.

Configuring Port Trust Settings

The qos trust command configures the QoS port trust mode for the configuration mode interface. Trust enabled ports use packet CoS or DSCP values to classify traffic. The port-trust default for switched ports is CoS. The port-trust default for routed ports is DSCP.

qos trust cos specifies CoS as the port’s port-trust mode.
qos trust dscp specifies DSCP as the port’s port-trust mode.
no qos trust specifies untrusted as the port’s port-trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 3/5/1: dscp
Ethernet 3/5/2: untrusted
Ethernet 3/5/3: cos
Ethernet 3/5/4: default as a switched port

Ethernet 3/6/1: default as a routed port

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# qos trust dscp
switch(config-if-Et3/5/1)# interface ethernet 3/5/2
switch(config-if-Et3/5/2)# no qos trust
switch(config-if-Et3/5/2)# interface ethernet 3/5/3
switch(config-if-Et3/5/3)# qos trust cos
switch(config-if-Et3/5/3)# interface ethernet 3/5/4
switch(config-if-Et3/5/4)# switchport
switch(config-if-Et3/5/4)# default qos trust
switch(config-if-Et3/5/4)# interface ethernet 3/6/1
switch(config-if-Et3/6/1)# no switchport
switch(config-if-Et3/6/1)# default qos trust
switch(config-if-Et3/6/1) #show qos interface ethernet 3/5/1 - 3/6/1 trust
Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet3/5/1                  DSCP                  DSCP
Ethernet3/5/2                  UNTRUSTED             UNTRUSTED
Ethernet3/5/3                  COS                   COS
Ethernet3/5/4                  COS                   DEFAULT
Ethernet3/6/1                  DSCP                  DEFAULT

switch(config-if-Et3/6/1)#

Configuring Default Port Settings

Default CoS and DSCP values are assigned to each Ethernet and port channel interface. These commands specify the configuration mode interface commands specify the port’s default CoS and DSCP values.

qos cos configures a port’s default CoS value.
qos dscp configures a port’s default DSCP value.

Example

These commands configure default CoS (4) and DSCP (44) values on Ethernet interface 3/6/2.


switch(config)# interface ethernet 3/6/2
switch(config-if-Et3/6/2)# qos cos 4
switch(config-if-Et3/6/2)# qos dscp 44
switch(config-if-Et3/6/2)# show active
interface Ethernet3/6/2
   qos cos 4
   qos dscp 44
switch(config-if-Et3/6/2)# show qos interfaces ethernet 3/6/2
Ethernet3/6/2:
   Trust Mode: COS
   Default COS: 4
   Default DSCP: 44

switch(config-if-Et3/6/2)#

Traffic Class Derivations – Arad Platform Switches

Traffic Classes describes traffic classes.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s traffic class.

Table 2. Traffic Class Derivation Source: Arad Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default CoS (port)	Default CoS (port)	Default DSCP (port)
Untagged IP	Default CoS (port)	Default CoS (port)	DSCP (packet)
Tagged Non-IP	Default CoS (port)	CoS (packet)	Default DSCP (port)
Tagged IP	Default CoS (port)	CoS (packet)	DSCP (packet)

CoS and DSCP Port Settings – Arad Platform Switches describes the default CoS and DSCP settings for each port.

Mapping CoS to Traffic Class

The qos map cos command assigns a traffic class to a list of CoS values. Multiple commands create a complete CoS to traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s CoS field or the chip upon which it is received.

Example

This command assigns the traffic class of 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)# show qos maps
   Number of Traffic Classes supported: 8


   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  5  2  5  4  5  6  5


switch(config)#

The following table displays the default CoS to Traffic Class map on Arad platform switches.

Table 3. Default CoS to Traffic Class Map: Arad Platform Switches
Inbound CoS	Untagged	0	1	2	3	4	5	6	7
Traffic Class	Derived: use default CoS as inbound	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

The qos map dscp command assigns a traffic class to a set of DSCP values. Multiple commands create a complete DSCP to traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s DSCP field or the chip upon which it is received.

Example

This command assigns the traffic class of 0 to DSCP values of 12, 24, 41, and 44-47.

switch(config)# qos map dscp 12 24 41 44 45 46 47 to traffic-class 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     2  2  2  2  0  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  0  5  5  0  0  0  0  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

switch(config)#

The following table displays the default DSCP to traffic class map on Arad platform switches.

Table 4. Default DSCP to Traffic Class Map: Arad Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS Rewrite – Arad Platform Switches

Rewriting CoS and DSCP describes the CoS rewrite functions.

Traffic Class to CoS Rewrite Map

The CoS rewrite value is configurable and based on a data stream’s traffic class, as specified by the traffic class-CoS rewrite map. The qos map traffic-class to cos command assigns a CoS rewrite value to a list of traffic classes. Multiple commands create the complete traffic class–CoS rewrite map.

Example

This command assigns the CoS of two to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  2  2  2  4  2  6  7

switch(config)#

The following table displays the default Traffic Class to CoS rewrite value map on Arad platform switches.

Table 5. Default Traffic Class to CoS Rewrite Value Map: Arad Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

DSCP rewrite is always disabled on Arad platform switches.

Transmit Queues and Port Shaping – Arad Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

Arad platform switches provide 16 physical queues for each egress port: eight unicast and eight multicast queues. Data is scheduled to the physical queues based on transmit queue assignments.

Multicast queue capacity that remains after multicast traffic is serviced is available for unicast traffic of a corresponding priority. Similarly, unicast queue capacity that remains after unicast traffic is serviced is available for overflow multicast traffic. Under conditions of unicast and multicast congestion, egress traffic is evenly split between unicast and multicast traffic.

A data stream’s traffic class determines the transmit queue it uses. The switch defines a single traffic class–transmit queue map for unicast and multicast traffic on all Ethernet and port channel interfaces. The show qos maps command displays the traffic class–transmit queue map.

The following tabledisplays the default traffic class to transmit queue map on Arad platform switches.

Table 6. Default Traffic Class to Transmit Queue Map: Arad Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
Transmit Queue	0	1	2	3	4	5	6	7

Transmit queue parameters are configured in tx-queue configuration command mode, which is entered from interface-ethernet configuration mode.

Mapping Traffic Classes to a Transmit Queue

The qos map traffic-class to tx-queue command assigns traffic classes to a transmit queue. Multiple commands complete the traffic class-transmit queue map. Traffic class 7 and transmit queue 7 are always mapped to each other. This association is not editable.

Example

These commands assign traffic classes of 1, 3, and 5 to transmit queue 1, traffic classes 2, 4, and 6 to transmit queue 2, and traffic class 0 to transmit queue 0, then display the resultant map.

switch(config)# qos map traffic-class 1 3 5 to tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to tx-queue 2
switch(config)# qos map traffic-class 0 to tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8

   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  1  2  1  2  7

switch(config)#

Entering Tx-Queue Configuration Mode

The tx-queue (Arad/Jericho) command places the switch in tx-queue configuration mode to configure a transmit queue on the configuration mode interface. Tx-queue 7 is not configurable. The show qos interfaces displays the transmit queue configuration for a specified port.

Example

This command enters Tx-queue configuration mode for transmit queue 4 of interface Ethernet 3/3/3.

switch(config)# interface ethernet 3/3/3
switch(config-if-Et3/3/3)# tx-queue 4
switch(config-if-Et3/3/3-txq-4)#

Configuring the Shape Rate – Port and Transmit Queues

A port’s shape rate specifies its maximum outbound traffic bandwidth. A transmit queue’s shape rate specifies the queue’s maximum outbound bandwidth. Shape rate commands specify data rates in kbps.

To configure a port’s shape rate, enter shape rate (Interface – Arad/Jericho) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – Arad/Jericho) from the queue’s tx-queue configuration mode.

Examples

This command configures a port shape rate of 5 Gbps on interface Ethernet 3/5/1.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# shape rate 5000000
switch(config-if-Et3/5/1)# show qos interfaces ethernet 3/5/1 
Ethernet3/5/1:

   Port shaping rate: 5000012 / 5000000 kbps

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/5/1)#

These commands configure a shape rate of 1 Gbps on transmit queues 3 and 4 of interface Ethernet 3/4/1.

switch(config)# interface ethernet 3/4/1
switch(config-if-Et3/4/1)# tx-queue 4
switch(config-if-Et3/4/1-txq-4)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-4)# tx-queue 3
switch(config-if-Et3/4/1-txq-3)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-3)# show qos interface ethernet 3/4/1
Ethernet3/4/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -      999 / 1000 ( Mbps )   SP / SP    D
   3      - / -      999 / 1000 ( Mbps )   SP / SP    D
   2      - / -        - / -    (  -  )    SP / SP    D
   1      - / -        - / -    (  -  )    SP / SP    D
   0      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/4/1-txq-3)#

Configuring Queue Priority

The priority (Arad/Jericho) command configures a transmit queue’s priority type:

The priority strict command configures the queue as a strict priority queue.
The no priority command configures the queue as a round robin queue.

A queue’s configuration as round robin also applies to all lower priority queues regardless of other configuration statements.

The bandwidth percent (Arad/Jericho) command configures a round robin queue’s bandwidth share. The cumulative operational bandwidth of all round robin queues is always less than or equal to 100%. If the cumulative configured bandwidth is greater than 100%, each port’s operational bandwidth is its configured bandwidth divided by the cumulative configured bandwidth.

Examples

These commands configure queues 0 through 3 (interface Ethernet 3/5/1) as round robin, then allocate bandwidth for three queues at 30% and one queue at 10%.

The no priority statement for queue 3 also configures queues 0, 1, and 2 as round robin queues. Removing this statement reverts the other queues to strict priority type unless running-config contains a no priority statement for one of these queues.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# no priority
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 10
switch(config-if-Et3/5/1-txq-3)# tx-queue 2
switch(config-if-Et3/5/1-txq-2)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-2)# tx-queue 1
switch(config-if-Et3/5/1-txq-1)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-1)# tx-queue 0
switch(config-if-Et3/5/1-txq-0)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-0)# show qos interfaces ethernet 3/5/1
Ethernet3/5/1:

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     10 / 10       - / -    (  -  )    RR / RR    D
   2     30 / 30       - / -    (  -  )    RR / SP    D
   1     30 / 30       - / -    (  -  )    RR / SP    D
   0     30 / 30       - / -    (  -  )    RR / SP    D

switch(config-if-Et3/5/1-txq-0)#

Changing the bandwidth percentage for queue 3 to 30 changes the operational bandwidth of each queue to its configured bandwidth divided by 120% (10%+20%+30%+60%).

switch(config-if-Et3/5/1-txq-0)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-3)# show qos interfaces ethernet 3/5/1
Ethernet3/5/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     24 / 30       - / -    (  -  )    RR / RR    D
   2     24 / 30       - / -    (  -  )    RR / SP    D
   1     24 / 30       - / -    (  -  )    RR / SP    D
   0     24 / 30       - / -    (  -  )    RR / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/5/1-txq-3)#

ECN Configuration – Arad Platform Switches

Explicit Congestion Notification (ECN) describes Explicit Congestion Notification (ECN).

Although the switch does not limit the number of queues that can be configured for ECN, hardware table limitations restrict the number of queues that can simultaneously implement ECN.

The random-detect ecn (Arad/Jericho) command enables ECN marking for the configuration mode unicast transmit queue and specifies threshold queue sizes.

Example

These commands enable ECN marking of unicast packets from unicast transmit queue 4 of interface Ethernet 3/5/1, setting thresholds at 128 kbytes and 1280 kbytes.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 4
switch(config-if-Et3/5/1-txq-4)# random-detect ecn minimum-threshold 128 kbytes maximum-threshold 1280 kbyte 
switch(config-if-Et3/5/1-txq-4)# show active
interface Ethernet3/5/1
   tx-queue 4
      random-detect ecn minimum-threshold 128 kbytes maximum-threshold 1280 kbytes
switch(config-if-Et3/5/1-txq-4)#

ACL Policing – Arad Platform Switches

ACL Policing describes ACL policing.

Implementing ACL policing consists of configuring the following:

policy-map settings.
class-name.
committed information rate (CIR) the data speed committed to any given circuit regardless of the number of users.
burst size the maximum burst size in bytes the network commits to moving under normal conditions.

The default unit for the metering rate CIR is bits per second; the default unit for the burst size is bytes.

The policer is applied to the class inside the policy map. Policy maps can contain one or more policy map classes, each with different match criteria and policer.

Default behavior and available policing actions are as follows:

Policy map can be applied on multiple interfaces. Interfaces on the same chip will share the policer. (Applicable for Arad only.)
If there is no policer configured within a class, all traffic is transmitted without any policing.
If there are any actions configured, the configured actions are applied:
- Conform-action (green): transmit (default).
- Violate-action (red): drop (default).

Example

These commands configure ACL policing in single-rate, two-color mode.

switch(config)# class-map type qos match-any class1
switch(config-cmap-class1)# match ip access-group acl1
switch(config-cmap-class1)# exit
switch(config)# policy-map type quality-of-service policy1
switch(config-policy1)# class class1
switch(config-policy1-class1)# police cir 512000 bc 96000
switch(config-policy1-class1)# exit
switch(config-policy1)# exit
switch(config)#

Displaying ACL Policing Information

Examples

This command shows the contents of all policy maps on the switch.

switch(config)# show policy-map
Service-policy policy1

Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes

Class-map: class-default (match-any)
switch(config)#

This command shows the interface-specific police counters for interface Ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input counters
Service-policy input: policy1
Hardware programming status: Successful

Class-map: class1 (match-any) Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes Conformed 4351 packets, 1857386 bytes
Conformed 2536 packets, 3384260 bytes

Class-map: class-default (match-any) matched packets: 0

switch(config)#

This command shows the counters associated with the policy map called p1.

switch(config)# show policy-map type qos p1 input counters
Service-policy input: p1 Class-map: c1 (match-any)
Match: ip access-group name a1
Police cir 512000 bps bc 96000 bytes Interface: Ethernet1
Conformed 4351 packets, 1857386 bytes
Exceeded 2536 packets, 3384260 bytes
Interface: Ethernet2
Conformed 2351 packets, 957386 bytes
Exceeded 1536 packets, 1384260 bytes
Class-map: class-default (match-any)
Matched packets : 3229

switch(config)#

This command shows the QoS policy map for interface Ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input type qos
Interface: Ethernet 1 Service-policy input: policy1
Hardware programming status: Successful Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 9000 bytes
Class-map: class2 (match-any)
Match: ip access-group name acl2 set dscp 2
Class-map: class3 (match-any) Match: ip access-group name acl3
Police cir 1280000 bps bc 9000 bytes
Class-map: class-default (match-any)

switch(config)#

QoS Configuration: Jericho Platform Switches

Implementing QoS on an Jericho platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – Jericho Platform Switches
Traffic Class Derivations – Jericho Platform Switches
CoS Rewrite – Jericho Platform Switches
Transmit Queues and Port Shaping – Jericho Platform Switches
ACL Policing – Jericho Platform Switches

Note: QoS traffic policy is supported on Trident and Tomahawk, Trident II, FM6000, Arad, and Jericho.

CoS and DSCP Port Settings – Jericho Platform Switches

Port Settings – Trust Mode and Traffic Class describes port trust and default port CoS and DSCP values.

Configuring Port Trust Settings

qos trust cos specifies CoS as the port’s port-trust mode.
qos trust dscp specifies DSCP as the port’s port-trust mode.
no qos trust specifies untrusted as the port’s port-trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 3/5/2: untrusted.
Ethernet 3/5/3: cos.
Ethernet 3/5/4: default as a switched port.
Ethernet 3/6/1: default as a routed port.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# qos trust dscp
switch(config-if-Et3/5/1)# interface ethernet 3/5/2
switch(config-if-Et3/5/2)# no qos trust
switch(config-if-Et3/5/2)# interface ethernet 3/5/3
switch(config-if-Et3/5/3)# qos trust cos
switch(config-if-Et3/5/3)# interface ethernet 3/5/4
switch(config-if-Et3/5/4)# switchport
switch(config-if-Et3/5/4)# default qos trust
switch(config-if-Et3/5/4)# interface ethernet 3/6/1
switch(config-if-Et3/6/1)# no switchport
switch(config-if-Et3/6/1)# default qos trust
switch(config-if-Et3/6/1)# show qos interface ethernet 3/5/1 - 3/6/1 trust
Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet3/5/1                  DSCP                  DSCP
Ethernet3/5/2                  UNTRUSTED             UNTRUSTED
Ethernet3/5/3                  COS                   COS
Ethernet3/5/4                  COS                   DEFAULT
Ethernet3/6/1                  DSCP                  DEFAULT

switch(config-if-Et3/6/1)#

Configuring Default Port Settings

Default CoS and DSCP values are assigned to each Ethernet and port channel interface. These commands specify the configuration mode interface commands specify the port’s default CoS and DSCP values.

qos cos configures a port’s default CoS value.
qos dscp configures a port’s default DSCP value.

Example

These commands configure default CoS (4) and DSCP (44) values on interface Ethernet 3/6/2.

switch(config)# interface ethernet 3/6/2
switch(config-if-Et3/6/2)# qos cos 4
switch(config-if-Et3/6/2)# qos dscp 44
switch(config-if-Et3/6/2)# show active
interface Ethernet3/6/2
   qos cos 4
   qos dscp 44
switch(config-if-Et3/6/2)# show qos interfaces ethernet 3/6/2
Ethernet3/6/2:
   Trust Mode: COS
   Default COS: 4
   Default DSCP: 44

switch(config-if-Et3/6/2)#

Traffic Class Derivations – Jericho Platform Switches

Traffic Classes describes traffic classes.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s traffic class on Jericho platform switches.

Table 7. Traffic Class Derivation Source: Jericho Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default CoS (port)	Default CoS (port)	Default DSCP (port)
Untagged IP	Default CoS (port)	Default CoS (port)	DSCP (packet)
Tagged Non-IP	Default CoS (port)	CoS (packet)	Default DSCP (port)
Tagged IP	Default CoS (port)	CoS (packet)	DSCP (packet)

CoS and DSCP Port Settings – Arad Platform Switches describes the default CoS and DSCP settings for each port.

Mapping CoS to Traffic Class

Example

This command assigns the traffic class of 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  5  2  5  4  5  6  5

switch(config)#

The following table displays the default CoS to Traffic Class map on Jericho platform switches.

Table 8. Default CoS to Traffic Class Map: Jericho Platform Switches
Inbound CoS	Untagged	0	1	2	3	4	5	6	7
Traffic Class	Derived: use default CoS as inbound	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

Example

This command assigns the traffic class of 0 to DSCP values of 12, 24, 41, and 44-47.

switch(config)# qos map dscp 12 24 41 44 45 46 47 to traffic-class 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8


   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     2  2  2  2  0  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  0  5  5  0  0  0  0  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7


switch(config)#

The following table displays the default DSCP to traffic class map on Jericho platform switches.

Table 9. Default DSCP to Traffic Class Map: Jericho Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS Rewrite – Jericho Platform Switches

Rewriting CoS and DSCP describes the CoS rewrite functions.

Traffic Class to CoS Rewrite Map

Example

This command assigns the CoS of two to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  2  2  2  4  2  6  7

switch(config)#

The following table displays the default Traffic Class to CoS rewrite value map on Jericho platform switches.

Table 10. Default Traffic Class to CoS Rewrite Value Map: Jericho Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

DSCP rewrite is always disabled on Jericho platform switches.

Transmit Queues and Port Shaping – Jericho Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

Jericho platform switches provide 16 physical queues for each egress port: eight unicast and eight multicast queues. Data is scheduled to the physical queues based on transmit queue assignments.

The following table displays the default traffic class to transmit queue map on Jericho platform switches.

Table 11. Default Traffic Class to Transmit Queue Map: Jericho Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
Transmit Queue	0	1	2	3	4	5	6	7

Transmit queue parameters are configured in tx-queue configuration command mode, which is entered from interface-ethernet configuration mode.

Mapping Traffic Classes to a Transmit Queue

The qos map traffic-class to tx-queue command assigns traffic classes to a transmit queue. Multiple commands complete the traffic class-transmit queue map. Traffic class 7 and transmit queue 7 are always mapped to each other. This association is not editable.

Example

These commands assign traffic classes of 1, 3, and 5 to transmit queue 1, traffic classes 2, 4, and 6 to transmit queue 2, and traffic class 0 to transmit queue 0, then display the resultant map.

switch(config)# qos map traffic-class 1 3 5 to tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to tx-queue 2
switch(config)# qos map traffic-class 0 to tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8


   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  1  2  1  2  7

switch(config)#

Entering Tx-Queue Configuration Mode

The tx-queue (Arad/Jericho) command places the switch in tx-queue configuration mode to configure a transmit queue on the configuration mode interface. Tx-queue 7 is not configurable. The show qos interfaces displays the transmit queue configuration for a specified port.

Example

This command enters Tx-queue configuration mode for transmit queue 4 of interface ethernet 3/3/3.

switch(config)# interface ethernet 3/3/3
switch(config-if-Et3/3/3)# tx-queue 4
switch(config-if-Et3/3/3-txq-4)#

Configuring the Shape Rate – Port and Transmit Queues

To configure a port’s shape rate, enter shape rate (Interface – Arad/Jericho) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – Arad/Jericho) from the queue’s tx-queue configuration mode.

Examples

This command configures a port shape rate of 5 Gbps on interface ethernet 3/5/1.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# shape rate 5000000
switch(config-if-Et3/5/1)# show qos interfaces ethernet 3/5/1
Ethernet3/5/1:

   Port shaping rate: 5000012 / 5000000 kbps

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/5/1)#

These commands configure a shape rate of 1 Gbps on transmit queues 3 and 4 on interface ethernet 3/4/1.

switch(config)# interface ethernet 3/4/1
switch(config-if-Et3/4/1)# tx-queue 4
switch(config-if-Et3/4/1-txq-4)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-4)# tx-queue 3
switch(config-if-Et3/4/1-txq-3)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-3)# show qos interface ethernet 3/4/1
Ethernet3/4/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -      999 / 1000 ( Mbps )   SP / SP    D
   3      - / -      999 / 1000 ( Mbps )   SP / SP    D
   2      - / -        - / -    (  -  )    SP / SP    D
   1      - / -        - / -    (  -  )    SP / SP    D
   0      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/4/1-txq-3)#

Configuring Queue Priority

The priority (Arad/Jericho) command configures a transmit queue’s priority type:

The priority strict command configures the queue as a strict priority queue.
The no priority command configures the queue as a round robin queue.

A queue’s configuration as round robin also applies to all lower priority queues regardless of other configuration statements.

Examples

These commands configure queues 0 through 3 (interface ethernet 3/5/1) as round robin, then allocate bandwidth for three queues at 30% and one queue at 10%.

The no priority statement for queue 3 also configures queues 0, 1, and 2 as round robin queues. Removing this statement reverts the other queues to strict priority type unless running-config contains a no priority statement for one of these queues.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# no priority
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 10
switch(config-if-Et3/5/1-txq-3)# tx-queue 2
switch(config-if-Et3/5/1-txq-2)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-2)# tx-queue 1
switch(config-if-Et3/5/1-txq-1)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-1)# tx-queue 0
switch(config-if-Et3/5/1-txq-0)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-0)# show qos interfaces ethernet 3/5/1
Ethernet3/5/1:

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     10 / 10       - / -    (  -  )    RR / RR    D
   2     30 / 30       - / -    (  -  )    RR / SP    D
   1     30 / 30       - / -    (  -  )    RR / SP    D
   0     30 / 30       - / -    (  -  )    RR / SP    D

switch(config-if-Et3/5/1-txq-0)#

Changing the bandwidth percentage for queue 3 to 30 changes the operational bandwidth of each queue to its configured bandwidth divided by 120% (10%+20%+30%+60%).

switch(config-if-Et3/5/1-txq-0)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-3)# show qos interfaces ethernet 3/5/1
Ethernet3/5/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     24 / 30       - / -    (  -  )    RR / RR    D
   2     24 / 30       - / -    (  -  )    RR / SP    D
   1     24 / 30       - / -    (  -  )    RR / SP    D
   0     24 / 30       - / -    (  -  )    RR / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/5/1-txq-3)#

ACL Policing – Jericho Platform Switches

ACL Policing describes ACL policing.

Implementing ACL policing consists of configuring the following:

policy-map settings.
class-name.
committed information rate (CIR) the data speed committed to any given circuit regardless of the number of users.
burst size the maximum burst size in bytes the network commits to moving under normal conditions.

The default unit for the metering rate CIR is bits per second; the default unit for the burst size is bytes.

The policer is applied to the class inside the policy map. Policy maps can contain one or more policy map classes, each with different match criteria and policer.

Default behavior and available policing actions are as follows:

Policy map can be applied on multiple interfaces. Interfaces on the same chip will share the policer. (Applicable for Arad and Jericho only.)
If there is no policer configured within a class, all traffic is transmitted without any policing.
If there are any actions configured, the configured actions are applied:
- Conform-action (green): transmit (default).
- Violate-action (red): drop (default).

Example

These commands configure ACL policing in single-rate, two-color mode.

switch(config)# class-map type qos match-any class1
switch(config-cmap-class1)# match ip access-group acl1
switch(config-cmap-class1)# exit
switch(config)# policy-map type quality-of-service policy1
switch(config-policy1)# class class1
switch(config-policy1-class1)# police cir 512000 bc 96000
switch(config-policy1-class1)# exit
switch(config-policy1)# exit
switch(config)#

Displaying ACL Policing Information

Examples

This command shows the contents of all policy maps on the switch.

switch(config)# show policy-map
Service-policy policy1

Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes

Class-map: class-default (match-any)
switch(config)#

This command shows the interface-specific police counters for interface ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input counters
Service-policy input: policy1
Hardware programming status: Successful

Class-map: class1 (match-any) Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes Conformed 4351 packets, 1857386 bytes
Conformed 2536 packets, 3384260 bytes

Class-map: class-default (match-any) matched packets: 0

switch(config)#

This command shows the counters associated with the policy map called p1.

switch(config)# show policy-map type qos p1 input counters
Service-policy input: p1 Class-map: c1 (match-any)
Match: ip access-group name a1
Police cir 512000 bps bc 96000 bytes Interface: Ethernet1
Conformed 4351 packets, 1857386 bytes
Exceeded 2536 packets, 3384260 bytes
Interface: Ethernet2
Conformed 2351 packets, 957386 bytes
Exceeded 1536 packets, 1384260 bytes
Class-map: class-default (match-any)
Matched packets : 3229

switch(config)#

This command shows the QoS policy map for interface ethernet 1.

switch(config)# show policy-map interface Ethernet 1 input type qos
Interface: Ethernet 1 Service-policy input: policy1
Hardware programming status: Successful Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 9000 bytes
Class-map: class2 (match-any)
Match: ip access-group name acl2 set dscp 2
Class-map: class3 (match-any) Match: ip access-group name acl3
Police cir 1280000 bps bc 9000 bytes
Class-map: class-default (match-any)

switch(config)#

QoS Configuration: FM6000 Platform Switches

Implementing QoS on an FM6000 platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – FM6000 Platform Switches
Traffic Class Derivations – FM6000 Platform Switches
CoS and DSCP Rewrite – FM6000 Platform Switches
Transmit Queues and Port Shaping – FM6000 Platform Switches

CoS and DSCP Port Settings – FM6000 Platform Switches

Port Settings – Trust Mode and Traffic Class describes port trust and default port CoS and DSCP values.

Configuring Port Trust Settings

The qos trust command configures the QoS port trust mode for the configuration mode interface. Trust enabled ports use packet CoS or DSCP values to classify traffic. The port-trust default for switched ports is cos. The port-trust default for routed ports is dscp.

qos trust cos specifies cos as the port’s port-trust mode.
qos trust dscp specifies dscp as the port’s port-trust mode.
no qos trust specifies untrusted as the port’s port-trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 15: dscp.
Ethernet 16: untrusted.
Ethernet 17: cos.
Ethernet 18: default as a switched port.

Ethernet 19: default as a routed port.

switch(config)# interface ethernet 15
switch(config-if-Et15)# qos trust dscp
switch(config-if-Et15)# interface ethernet 16
switch(config-if-Et16)# no qos trust
switch(config-if-Et16)# interface ethernet 17
switch(config-if-Et17)# qos trust cos
switch(config-if-Et17)# interface ethernet 18
switch(config-if-Et18)# switchport
switch(config-if-Et18)# default qos trust
switch(config-if-Et19)# interface ethernet 19
switch(config-if-Et19)# no switchport
switch(config-if-Et19)# default qos trust
switch(config-if-Et19)# show qos interface ethernet 15 - 19 trust
Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet15                     DSCP                  DSCP
Ethernet16                     UNTRUSTED             UNTRUSTED
Ethernet17                     COS                   COS
Ethernet18                     COS                   DEFAULT
Ethernet19                     DSCP                  DEFAULT

switch(config-if-Et19)#

Configuring Default Port Settings

Default CoS and DSCP settings are assigned to individual port channel and Ethernet interfaces. These configuration mode interface commands specify the port’s default CoS and DSCP values.

qos cos configures a port’s default CoS value.
qos dscp configures a port’s default DSCP value.

Example

These commands configure default CoS (4) and DSCP (44) settings on interface ethernet 19.

switch(config)# interface ethernet 19
switch(config-if-Et19)# qos cos 4
switch(config-if-Et19)# qos dscp 44
switch(config-if-Et19)# show active
interface Ethernet19
   qos cos 4
   qos dscp 44
switch(config-if-Et19)# show qos interfaces ethernet 19
Ethernet19:
   Trust Mode: COS
   Default COS: 4
   Default DSCP: 44

switch(config-if-Et19)#

Traffic Class Derivations – FM6000 Platform Switches

Traffic Classes describes traffic classes.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s traffic class.

Table 12. Traffic Class Derivation Source: FM6000 Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default CoS (port)	Default CoS (port)	Default DSCP (port)
Untagged IP	Default CoS (port)	Default CoS (port)	DSCP (packet)
Tagged Non-IP	Default CoS (port)	CoS (packet)	Default DSCP (port)
Tagged IP	Default CoS (port)	CoS (packet)	DSCP (packet)

CoS and DSCP Port Settings – FM6000 Platform Switches describes the default CoS and DSCP settings for each port.

Mapping CoS to Traffic Class

The qos map cos command assigns a traffic class to a list of CoS settings. Multiple commands create a complete CoS to traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s CoS field or the port upon which it is received.

Example

This command assigns the traffic class of 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8


   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  5  2  5  4  5  6  5


switch(config)#

The following table displays the default CoS to Traffic Class map on FM6000 platform switches.

Table 13. Default CoS to Traffic Class Map: FM6000 Platform Switches
Inbound CoS	Untagged	0	1	2	3	4	5	6	7
Traffic Class	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

Example

This command assigns the traffic class of three to the DSCP values of 12, 13, 25, and 37.

switch(config)# qos map dscp 12 13 25 37 to traffic-class 3
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  3  3  0  0  2  2  2  2
      2 :     2  2  2  2  3  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  3  4  4
      4 :     5  5  5  5  5  5  5  5  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

switch(config)#

The following displays the default DSCP to Traffic Class map on FM6000 platform switches.

Table 14. Default DSCP to Traffic Class Map: FM6000 Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS and DSCP Rewrite – FM6000 Platform Switches

Rewriting CoS and DSCP describes the CoS and DSCP rewrite functions.

Traffic Class to CoS Rewrite Map

Example

This command assigns the CoS rewrite value of two to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  3  4  5  6  7

switch(config)#

The following table displays the default traffic class–CoS rewrite map on FM6000 platform switches.

Table 15. Default Traffic Class to CoS Rewrite Map: FM6000 Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

The DSCP rewrite value is configurable and based on a data stream’s traffic class, as specified by the traffic class-DSCP rewrite map. The qos map traffic-class to dscp command assigns a DSCP rewrite value to a list of traffic classes. Multiple commands create the complete traffic class-DSCP rewrite map.

Example

This command assigns the DSCP rewrite value of 37 to traffic classes 2, 4, and 6.

switch(config)# qos map traffic-class 2 4 6 to dscp 37
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-dscp map:
     tc:    0  1  2  3  4  5  6  7
     -----------------------------
     dscp:  8  0 37 24 37 40 37 56

switch(config)#

The following table displays the default traffic class–DSCP rewrite map on on FM6000 platform switches.

Table 16. Default Traffic Class to DSCP Rewrite Map: FM6000 Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
DSCP Rewrite Value	8	0	16	24	32	40	48	56

Transmit Queues and Port Shaping – FM6000 Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

A data stream’s traffic class determines the transmit queue it uses. The switch defines a single traffic class-transmit queue map for all Ethernet and port channel interfaces and is used for unicast and multicast traffic. The show qos maps command displays the traffic class to transmit queue map.

The following table displays the default traffic class to transmit queue map on FM6000 platform switches.

Table 17. Default Traffic Class to Transmit Queue Map: FM6000 Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
Transmit Queue	0	1	2	3	4	5	6	7

Mapping Traffic Classes to a Transmit Queue

The qos map traffic-class to tx-queue command assigns traffic classes to a transmit queue. Multiple commands create the complete map.

Example

switch(config)# qos map traffic-class 1 3 5 to tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to tx-queue 2
switch(config)# qos map traffic-class 0 to tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8


   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  1  2  1  2  7

switch(config)#

Entering TX-Queue Configuration Mode

Transmit queues are configurable on Ethernet ports and port channels. Queue parameters are configured in tx-queue configuration command mode, which is entered from interface ethernet configuration mode. The tx-queue (FM6000) command places the switch in tx-queue configuration mode. The show qos interfaces displays the transmit queue configuration for a specified port.

Example

This command enters tx-queue configuration mode for transmit queue 3 of interface Ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# tx-queue 3   
switch(config-if-Et5-txq-3)#

Configuring the Shape Rate – Port and Transmit Queues

Note: Enabling port shaping on an FM6000 interface disables queue shaping internally. Disabling port shaping restores queue shaping as specified in running-config.

To configure a port’s shape rate, enter shape rate (Interface – FM6000) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – FM6000) from the queue’s tx-queue configuration mode.

Example

These commands configure a shape rate of 5 Gbs on interface Ethernet 3, then configure the shape rate for the following transmit queues:

transmit queues 0, 1, and 2: 500 Mbps.

transmit queues 3, 4, and 5: 400 Mbps.

switch(config)# interface ethernet 3
switch(config-if-Et3)# shape rate 5000000
switch(config-if-Et3)# tx-queue 0
switch(config-if-Et3-txq-0)# shape rate 500000
switch(config-if-Et3-txq-0)# tx-queue 1
switch(config-if-Et3-txq-1)# shape rate 500000
switch(config-if-Et3-txq-1)# tx-queue 3
switch(config-if-Et3-txq-3)# shape rate 400000
switch(config-if-Et3-txq-3)# tx-queue 4
switch(config-if-Et3-txq-4)# shape rate 400000
switch(config-if-Et3-txq-4)# tx-queue 5
switch(config-if-Et3-txq-5)# shape rate 400000
switch(config-if-Et3-txq-5)# exit
switch(config-if-Et3)# show qos interface ethernet 3
Ethernet3:

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A       400000        strict
          4         N/A       400000        strict
          3         N/A       400000        strict
          2         N/A     disabled        strict
          1         N/A       500000        strict
          0         N/A       500000        strict

switch(config-if-Et3)#

Configuring Queue Priority

Queue priority rank is denoted by the queue number; transmit queues with higher numbers have higher priority. The priority (FM6000) command configures a transmit queue’s priority type:

priority strict configures the queue as a strict priority queue.
no priority configures the queue as a round robin queue.

A queue’s configuration as round robin also applies to all lower priority queues regardless of other configuration statements.

The bandwidth percent (FM6000) command configures a round robin queue’s bandwidth share. The cumulative operational bandwidth of all round robin queues is always less than or equal to 100%. If the cumulative configured bandwidth is greater than 100%, each port’s operational bandwidth is its configured bandwidth divided by the cumulative configured bandwidth.

Examples

These commands configure transmit queue 3 (on interface Ethernet 19) as a round robin queue, then allocates 10%, 20%, 30%, and 40% bandwidth to queues 0 through 3.

The no priority statement for queue 3 also configures queues 0, 1, and 2 as round robin queues. Removing this statement reverts the other queues to strict priority type unless running-config contains a no priority statement for one of these queues.

switch(config)# interface ethernet 19
switch(config-if-Et19)# tx-queue 3
switch(config-if-Et19-txq-3)# no priority
switch(config-if-Et19-txq-3)# bandwidth percent 40
switch(config-if-Et19-txq-3)# tx-queue 2
switch(config-if-Et19-txq-2)# bandwidth percent 30
switch(config-if-Et19-txq-2)# tx-queue 1
switch(config-if-Et19-txq-1)# bandwidth percent 20
switch(config-if-Et19-txq-1)# tx-queue 0
switch(config-if-Et19-txq-0)# bandwidth percent 10
switch(config-if-Et19-txq-0)# show qos interface ethernet 19
Ethernet19:

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          40     disabled   round-robin
          2          30     disabled   round-robin
          1          20     disabled   round-robin
          0          10     disabled   round-robin

switch(config-if-Et19-txq-0)#

Changing the bandwidth percentage for queue 3 to 60 changes the operational bandwidth of each queue to its configured bandwidth divided by 120% (10%+20%+30%+60%).

switch(config-if-Et19-txq-0) #tx-queue 3
switch(config-if-Et19-txq-3)# bandwidth percent 60
switch(config-if-Et19-txq-3)# show qos interface ethernet 19
Ethernet19:

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          49     disabled   round-robin
          2          24     disabled   round-robin
          1          16     disabled   round-robin
          0           8     disabled   round-robin

switch(config-if-Et19-txq-3)#

QoS Configuration: Petra Platform Switches

Implementing QoS on a Petra platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – Petra Platform Switches
Traffic Class Derivations – Petra Platform Switches
CoS Rewrite – Petra Platform Switches
Transmit Queues and Port Shaping – Petra Platform Switches

CoS and DSCP Port Settings – Petra Platform Switches

Port Settings – Trust Mode and Traffic Class describes port trust and default port CoS and DSCP values.

Configuring Port Trust Settings

The qos trust command configures the QoS port trust mode for the configuration mode interface. Trust enabled ports use packet CoS or DSCP values to classify traffic. The port-trust default for switched ports is cos. The port-trust default for routed ports is dscp.

qos trust cos specifies cos as the port’s port-trust mode.
qos trust dscp specifies dscp as the port’s port-trust mode.
no qos trust specifies untrusted as the port’s port-trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 3/25: dscp.
Ethernet 3/26: untrusted.
Ethernet 3/27: cos.
Ethernet 3/28: default as a switched port.

Ethernet 3/29: default as a routed port.

switch(config)# interface ethernet 3/25
switch(config-if-Et3/25)# qos trust dscp
switch(config-if-Et3/25)# interface ethernet 3/26
switch(config-if-Et3/26)# no qos trust
switch(config-if-Et3/26)# interface ethernet 3/27
switch(config-if-Et3/27)# qos trust cos
switch(config-if-Et3/27)# interface ethernet 3/28
switch(config-if-Et3/28)# switchport
switch(config-if-Et3/28)# default qos trust
switch(config-if-Et3/28)# interface ethernet 3/29
switch(config-if-Et3/29)# no switchport
switch(config-if-Et3/29)# default qos trust
switch(config-if-Et3/29)# show qos interface ethernet 3/25 - 3/29 trust
Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet3/25                   DSCP                  DSCP
Ethernet3/26                   UNTRUSTED             UNTRUSTED
Ethernet3/27                   COS                   COS
Ethernet3/28                   COS                   DEFAULT
Ethernet3/29                   DSCP                  DEFAULT

switch(config-if-Et3/29)#

Configuring Default Port Settings

Port channel and Ethernet interfaces are not assigned default CoS or DSCP settings.

Traffic Class Derivations – Petra Platform Switches

Traffic Classes describes traffic classes.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s default traffic class.

Table 18. Traffic Class Derivation Source: Petra Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default TC (chip)	Default TC (chip)	Default TC (chip)
Untagged IP	Default TC (chip)	Default TC (chip)	DSCP (packet)
Tagged Non-I	Default TC (chip)	CoS (packet)	Default TC (chip)
Tagged IP	Default TC (chip)	CoS (packet)	DSCP (packet)

Configuring Default Traffic Class

Petra platform switches assign a default traffic class to the set of Ethernet interfaces controlled by individual PetraA chips. Default traffic class values are configurable for each PetraA chip, not individual interfaces.

The platform petraA traffic-class command specifies the default traffic class used by all ports controlled by a specified chip. The show platform petraA traffic-class command displays traffic class assignments.

Examples

This command configures the default traffic class to five for the ports 32-39 on linecard 3 (7500 Series).

switch(config)# platform petraA petra3/4 traffic-class 5
switch(config)# show platform petraA module 3 traffic-class
Petra3/0 traffic-class: 1
Petra3/1 traffic-class: 1
Petra3/2 traffic-class: 1
Petra3/3 traffic-class: 1
Petra3/4 traffic-class: 5
Petra3/5 traffic-class: 1
switch(config)#

This command configures the default traffic class to three for all ports on linecard 6 (7500 Series).

switch(config)# platform petraA module 6 traffic-class 6
switch(config)# show platform petraA module 6 traffic-class
Petra6/0 traffic-class: 6
Petra6/1 traffic-class: 6
Petra6/2 traffic-class: 6
Petra6/3 traffic-class: 6
Petra6/4 traffic-class: 6
Petra6/5 traffic-class: 6
switch(config)#

Mapping CoS to Traffic Class

The qos map cos command assigns a traffic class to a list of CoS settings. Multiple commands create a complete CoS–traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s CoS field or the port upon which it is received.

Example

This command assigns traffic class 4 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 4
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  4  2  4  4  4  6  4

switch(config)#

The following table displays the default CoS to traffic class map on Petra platform switches.

Table 19. Default CoS to Traffic Class Map: Petra Platform Switches
Inbound CoS	untagged	0	1	2	3	4	5	6	7
Traffic Class	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

Example

This command assigns traffic class 3 to the DSCP values of 12, 13, 25, and 37.

switch(config)# qos map dscp 12 13 14 25 48 to traffic-class 3
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  3  3  3  0  2  2  2  2
      2 :     2  2  2  2  3  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  5  5  5  5  5  5  5  3  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

switch(config)#

The following table displays the default DSCP to Traffic Class map on Petra platform switches.

Table 20. Default DSCP to Traffic Class Map: Petra Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS Rewrite – Petra Platform Switches

Rewriting CoS and DSCP describes the CoS rewrite function.

Traffic Class to CoS Rewrite Map

Example

This command assigns the CoS of two to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  2  2  2  4  2  6  7

switch(config)#

The following table displays the default Traffic Class to CoS rewrite value map on Petra platform switches.

Table 21. Default Traffic Class to CoS Rewrite Value Map: Petra Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

DSCP rewrite is always disabled on Petra platform switches.

Transmit Queues and Port Shaping – Petra Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

Petra platform switches provide four physical queues for each egress port: Unicast High, Unicast Low, Multicast High, and Multicast Low. Data is scheduled for the high or low queue based on its priority as defined by its transmit queue assignment (unicast traffic) or traffic class (multicast traffic), as shown in the table below. A Petra transmit queue is a data structure that defines scheduling of unicast traffic among physical egress queues.

Table 22. Traffic Distribution to Egress Port Queues
	High Priority Queue	Low Priority Queue
Unicast Traffic	Transmit Queues 5 – 7	Transmit Queues 0 – 4
Multicast Traffic	Traffic Classes 5 – 7	Traffic Classes 0 – 4

Multicast queue capacity that is available after multicast traffic is serviced is used for unicast traffic of a corresponding priority. Similarly, unicast queue capacity that is available after unicast traffic is serviced is used for overflow multicast traffic. Under conditions of unicast and multicast congestion, egress traffic is evenly split between unicast and multicast traffic.

Unicast Transmit Queues and Port Shaping describes unicast transmit queues and shaping. Multicast Egress Scheduling describes multicast priority and traffic classes.

Unicast Transmit Queues and Port Shaping

A data stream’s traffic class determines the transmit queue it uses. The switch defines a single traffic class–transmit queue map for unicast traffic on all Ethernet interfaces. The show qos maps command displays the traffic class–transmit queue map. The following table displays the default traffic class to transmit queue map on Petra platform switches.

Table 23. Default Traffic Class to Transmit Queue Map: Petra Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
Transmit Queue	0	1	2	3	4	5	6	7

Transmit queue parameters are configured in tx-queue configuration command mode.

Mapping Traffic Classes to a Transmit Queue

Example

switch(config)# qos map traffic-class 1 3 5 to tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to tx-queue 2
switch(config)# qos map traffic-class 0 to tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8

   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  1  2  1  2  7

switch(config)#

Entering Tx-Queue Configuration Mode

The tx-queue (Petra) command places the switch in tx-queue configuration mode to configure a transmit queue on the configuration mode interface. Tx-queue 7not configurable. The show qos interfaces displays the transmit queue configuration for a specified port.

Example

This command enters tx-queue configuration mode for transmit queue 3 of interface ethernet 3/28.

switch(config)# interface ethernet 3/28
switch(config-if-Et3/28)# tx-queue 3
switch(config-if-Et3/28-txq-3)#

Configuring the Shape Rate – Port and Transmit Queues

To configure a port’s shape rate, enter shape rate (Interface – Petra) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – Petra) from the queue’s tx-queue configuration mode.

Example

These commands configure a shape rate of 5 Gbs on interface Ethernet 3, then configure the shape rate for the following transmit queues:

transmit queues 0, 1, and 2: 500 Mbps.

transmit queues 3, 4, and 5: 400 Mbps.

switch(config)# interface ethernet 3/28
switch(config-if-Et3/28)# shape rate 5000000
switch(config-if-Et3/28)# tx-queue 0
switch(config-if-Et3/28-txq-0)# shape rate 500000
switch(config-if-Et3/28-txq-0)# tx-queue 1
switch(config-if-Et3/28-txq-1)# shape rate 500000
switch(config-if-Et3/28-txq-1)# tx-queue 2
switch(config-if-Et3/28-txq-2)# shape rate 500000
switch(config-if-Et3/28-txq-5)# tx-queue 3
switch(config-if-Et3/28-txq-3)# shape rate 400000
switch(config-if-Et3/28-txq-3)# tx-queue 4
switch(config-if-Et3/28-txq-4)# shape rate 400000
switch(config-if-Et3/28-txq-4)# tx-queue 5
switch(config-if-Et3/28-txq-5)# shape rate 400000
switch(config-if-Et3/28-txq-5)# show qos interface ethernet 3/28
Ethernet3/28:

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A       400000        strict
          4         N/A       400000        strict
          3         N/A       400000        strict
          2         N/A       500000        strict
          1         N/A       500000        strict
          0         N/A       500000        strict

switch(config-if-Et3/28-txq-5)#

Configuring Queue Priority

The priority (Petra) command configures a transmit queue’s priority type:

The priority strict command configures the queue as a strict priority queue.
The no priority command configures the queue as a round robin queue.

A queue’s configuration as round robin also applies to all lower priority queues regardless of other configuration statements.

The bandwidth percent (Petra) command configures a round robin queue’s bandwidth share. The cumulative operational bandwidth of all round robin queues is always less than or equal to 100%. If the cumulative configured bandwidth is greater than 100%, each port’s operational bandwidth is its configured bandwidth divided by the cumulative configured bandwidth.

Examples

These commands configure transmit queue 3 (on interface Ethernet 3/28) as a round robin queue, then allocates 10%, 20%, 30%, and 40% bandwidth to queues 0 through 3.

switch(config-if-Et3/28)# tx-queue 3
switch(config-if-Et3/28-txq-3)# no priority
switch(config-if-Et3/28-txq-3)# bandwidth percent 40
switch(config-if-Et3/28-txq-3)# tx-queue 2
switch(config-if-Et3/28-txq-2)# bandwidth percent 30
switch(config-if-Et3/28-txq-2)# tx-queue 1
switch(config-if-Et3/28-txq-1)# bandwidth percent 20
switch(config-if-Et3/28-txq-1)# tx-queue 0
switch(config-if-Et3/28-txq-0)# bandwidth percent 10
switch(config-if-Et3/28-txq-0)# show qos interface ethernet 3/28
Ethernet3/28:

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A       400000        strict
          4         N/A       400000        strict
          3          40       400000   round-robin
          2          30       500000   round-robin
          1          20       500000   round-robin
          0          10       500000   round-robin

switch(config-if-Et3/28-txq-0)#

Changing the bandwidth percentage for queue 3 to 60 changes the operational bandwidth of each queue to its configured bandwidth divided by 120% (10%+20%+30%+60%).

switch(config-if-Et3/28-txq-0)# tx-queue 3
switch(config-if-Et3/28-txq-3)# bandwidth percent 60
switch(config-if-Et3/28-txq-3)# show qos interface ethernet 3/28
Ethernet3/28:

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A       400000        strict
          4         N/A       400000        strict
          3          49       400000   round-robin
          2          24       500000   round-robin
          1          16       500000   round-robin
          0           8       500000   round-robin
switch(config-if-Et3/28-txq-3)#

Multicast Egress Scheduling

Multicast traffic is not affected by traffic class assignment or port shaping statements. Multicast traffic is assigned to port egress queues based on traffic class and uses strict priority to schedule egress between the high and low queues.

QoS Configuration: Trident and Tomahawk Platform Switches

Implementing QoS on a Trident and Tomahawk platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – Trident and Tomahawk Platform Switches
Traffic Class Derivations – Trident and Tomahawk Platform Switches
CoS and DSCP Rewrite – Trident and Tomahawk Platform Switches
Transmit Queues and Port Shaping – Trident and Tomahawk Platform Switches
ECN Configuration – Trident and Tomahawk Platform Switches

CoS and DSCP Port Settings – Trident and Tomahawk Platform Switches

Configuring Port Trust Settings

The qos trust command configures the QoS port trust mode for the configuration mode interface. Trust-enabled ports use packet CoS or DSCP values to classify traffic. The port-trust default for switched ports is CoS. The port-trust default for routed ports is DSCP.

qos trust cos specifies CoS as the port’s trust mode.
qos trust dscp specifies DSCP as the port’s trust mode.
no qos trust specifies untrusted as the port’s trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 15: dscp
Ethernet 16: untrusted
Ethernet 17: cos
Ethernet 18: default as a switched port

interface ethernet 19: default as a routed port

switch(config)# interface ethernet 15
switch(config-if-Et15)# qos trust dscp
switch(config-if-Et15)# interface ethernet 16
switch(config-if-Et16)# no qos trust
switch(config-if-Et16)# interface ethernet 17
switch(config-if-Et17)# qos trust cos
switch(config-if-Et17)# interface ethernet 18
switch(config-if-Et18)# switchport
switch(config-if-Et18)# default qos trust
switch(config-if-Et18)# interface ethernet 19
switch(config-if-Et19)# no switchport
switch(config-if-Et19)# default qos trust
switch(config-if-Et19)# show qos interface ethernet 15 - 19 trust
Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet15                     DSCP                  DSCP
Ethernet16                     UNTRUSTED             UNTRUSTED
Ethernet17                     COS                   COS
Ethernet18                     COS                   DEFAULT
Ethernet19                     DSCP                  DEFAULT

switch(config-if-Et19)#

Configuring Default Port Settings

Default CoS and DSCP settings are assigned to individual port channel and Ethernet interfaces. These configuration mode interface commands specify the port’s default CoS and DSCP values.

qos cos configures a port’s default CoS value.
qos dscp configures a port’s default DSCP value.

Example

These commands configure default CoS (4) and DSCP (44) values on interface ethernet 7.

switch(config)# interface ethernet 7
switch(config-if-Et7)# qos cos 4
switch(config-if-Et7)# qos dscp 44
switch(config-if-Et7)# show active
interface Ethernet7
   qos cos 4
   qos dscp 44
switch(config-if-Et7)# show qos interfaces ethernet 7
Ethernet7:
   Trust Mode: COS
   Default COS: 4
   Default DSCP: 44

switch(config-if-Et7)#

Traffic Class Derivations – Trident and Tomahawk Platform Switches

Traffic Classes describes traffic classes.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s traffic class.

Table 24. Traffic Class Derivation Source: Trident and Tomahawk Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default CoS (port)	Default CoS (port)	Default DSCP (port)
Untagged IP	Default CoS (port)	Default CoS (port)	DSCP (packet)
Tagged Non-IP	Default CoS (port)	CoS (packet)	Default DSCP (port)
Tagged IP	Default CoS (port)	CoS (packet)	DSCP (packet)

CoS and DSCP Port Settings – Trident and Tomahawk Platform Switches describes the default CoS and DSCP settings for each port.

Mapping CoS to Traffic Class

Example

This command assigns the traffic class 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  5  2  5  4  5  6  5

switch(config)#

The following table displays the default CoS–traffic class map on Trident and Tomahawk platform switches.

Table 25. Default CoS to Traffic Class Map: Trident II Platform Switches
Inboun CoS	0	1	2	3	4	5	6	7
Traffic Class	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

Example

This command assigns the traffic class 0 to DSCP values of 12, 24, 41, and 44-47.

switch(config)# qos map dscp 12 24 41 44 45 46 47 to traffic-class 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     2  2  2  2  0  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  0  5  5  0  0  0  0  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

switch(config)#

The following table displays the default DSCP–traffic class map on Trident and Tomahawk platform switches.

Table 26. Default DSCP to Traffic Class Map: Trident and Tomahawk Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS and DSCP Rewrite – Trident and Tomahawk Platform Switches

Rewriting CoS and DSCP describes the CoS and DSCP rewrite functions.

Traffic Class to CoS Rewrite Map

Example

This command assigns the CoS 2 to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  2  2  2  4  2  6  7

switch(config)#

The following table displays the default Traffic Class to CoS rewrite value map on Trident and Tomahawk platform switches.

Table 27. Default Traffic Class to CoS Rewrite Value Map: Trident and Tomahawk Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

Example

This command assigns the DSCP value of 29 to traffic classes 2, 4, and 6.

switch(config)# qos map traffic-class 2 4 6 to dscp 29
switch(config)# show qos map
   Number of Traffic Classes supported: 8

   Tc-dscp map:
     tc:    0  1  2  3  4  5  6  7
     -----------------------------
     dscp:  8  0 29 24 29 40 29 56

switch(config)#

The following displays the default traffic class to DSCP rewrite map on Trident and Tomahawk platform switches.

Table 28. Traffic Class to DSCP Rewrite Value Map: Trident and Tomahawk Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
DSCP	8	0	16	24	32	40	48	56

Transmit Queues and Port Shaping – Trident and Tomahawk Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

Trident and Tomahawk platform switches define 12 transmit queues: eight unicast (UC0 – UC7) and four multicast (MC0 – MC03). The traffic class–transmit queue maps are configured globally and apply to all Ethernet interfaces. The show qos maps command displays the traffic class–transmit queue maps.

The following table displays the default traffic class–transmit queue maps.

Table 29. Default Traffic Class to Transmit Queue Map: Trident and Tomahawk Platform Switches
Traffic Class	1	2	3	4	5	6	7
Unicast Transmit Queue	1	2	3	4	5	6	7
Multicast Transmit Queue	0	1	1	2	2	3	3

Mapping Traffic Classes to a Transmit Queue

These commands assign traffic classes to a transmit queue:

qos map traffic-class to uc-tx-queue associates a unicast queue to a traffic class set.
qos map traffic-class to mc-tx-queue associates a multicast queue to a traffic class set.

Multiple commands create the complete maps.

Example

These commands assign the following on interface ethernet 7:

traffic classes 1, 3, and 5 to unicast queue 1
traffic classes 2, 4, and 6 to unicast queue 5
traffic classes 1, 2, and 3 to multicast queue 1
traffic classes 4, 5, and 6 to multicast queue 3

traffic class 0 to unicast queue 0 and multicast queue 0

switch(config)# default interface ethernet 7
switch(config)# qos map traffic-class 1 3 5 to uc-tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to uc-tx-queue 5
switch(config)# qos map traffic-class 1 2 3 to mc-tx-queue 1
switch(config)# qos map traffic-class 4 5 6 to mc-tx-queue 3
switch(config)# qos map traffic-class 0 to uc-tx-queue 0
switch(config)# qos map traffic-class 0 to mc-tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 12

   Tc - uc-tx-queue map:
     tc:           0  1  2  3  4  5  6  7
     ------------------------------------
     uc-tx-queue:  0  1  5  1  5  1  5  7

   Tc - mc-tx-queue map:
     tc:           0  1  2  3  4  5  6  7
     ------------------------------------
     mc-tx-queue:  0  1  1  1  3  3  3  3

switch(config)#

Entering a Transmit Queue Configuration Mode

Transmit queues are configurable on individual Ethernet ports. Parameters for individual transmit queues are configured in one of two transmit queue configuration modes. Transmit queue modes are accessed from an interface-ethernet configuration mode.

uc-tx-queue places the switch in uc-tx-queue mode to configure a unicast transmit queue.
mc-tx-queue places the switch in mc-tx-queue mode to configure a multicast transmit queue.

The show qos interfaces displays the transmit queue configuration for a specified port.

Examples

This command enters the mode that configures unicast transmit queue 3 of interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# uc-tx-queue 3
switch(config-if-Et5-uc-txq-3)#

This command enters the mode to configure multicast transmit queue 3 of interface ethernet 5.
```
switch(config-if-Et5)# mc-tx-queue 2
switch(config-if-Et5-mc-txq-2)#
```

Configuring the Shape Rate – Port and Transmit Queues

A port’s shape rate specifies the port’s maximum outbound traffic bandwidth. A shape rate can also be configured for all transmit queues on each port. All shape rate commands use kbps to specify data rates.

To configure a port’s shape rate, enter shape rate (Interface – Trident and Tomahawk) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – Trident and Tomahawk) from the queue’s tx-queue configuration mode.

Example

These commands configure a shape rate of 5 Gbs on interface Ethernet 7, then configure the shape rate for the following transmit queues:

unicast transmit queues 0 and 1: 500 Mbps.
unicast transmit queues 3 and 4: 400 Mbps.

multicast transmit queues 0 and 2: 300 Mbps.

switch(config)# interface ethernet 7
switch(config-if-Et7)# shape rate 5000000
switch(config-if-Et7)# uc-tx-queue 0
switch(config-if-Et7-uc-txq-0)# shape rate 500000
switch(config-if-Et7-uc-txq-0)# uc-tx-queue 1
switch(config-if-Et7-uc-txq-1)# shape rate 500000
switch(config-if-Et7-uc-txq-1)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# shape rate 400000
switch(config-if-Et7-uc-txq-3)# uc-tx-queue 5
switch(config-if-Et7-uc-txq-5)# shape rate 400000
switch(config-if-Et7-uc-txq-5)# mc-tx-queue 0
switch(config-if-Et7-mc-txq-0)# shape rate 300000
switch(config-if-Et7-mc-txq-0)# mc-tx-queue 2
switch(config-if-Et7-mc-txq-2)# shape rate 300000
switch(config-if-Et7-mc-txq-2)# exit
switch(config-if-Et7)# show qos interface ethernet 7
Ethernet7:

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A       400000        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A       300000        strict                0
        UC3         N/A       400000        strict                0
        UC2         N/A     disabled        strict                0
        MC1         N/A     disabled        strict                0
        UC1         N/A       500000        strict                0
        UC0         N/A       500000        strict                0
        MC0         N/A       300000        strict                0

switch(config-if-Et7)#

Configuring Queue Priority

Trident and Tomahawk platform switch queues are categorized into two priority groups. Priority group 1 queues have priority over priority 0 queues. The following lists display the priority group queues in order from higher priority to lower priority.

Priority Group 1: UC7, UC6, MC3
Priority Group 0: UC5, UC4, MC2, UC3, UC2, MC1, UC1, UC0, MC0

The priority (Trident and Tomahawk) command configures a transmit queue’s priority type:

The priority strict command configures the queue as a strict priority queue.
The no priority command configures the queue as a round robin queue.

A queue’s configuration as round robin also applies to all lower priority queues regardless of other configuration statements.

The bandwidth percent (Trident and Tomahawk) command configures a round robin queue’s bandwidth share. The cumulative operational bandwidth of all round robin queues is always 100%. If the cumulative configured bandwidth is greater than 100%, each port’s operational bandwidth is its configured bandwidth divided by the cumulative configured bandwidth.

Priority Group 1 queues (UC7, UC6, MC3) are not configurable as round robin queues. The bandwidth percent command is not available for these queues.

Examples

These commands configure unicast transmit queue 3 as a round robin queue, then allocates 5%, 15%, 25%, 35%, 8%, and 12% bandwidth to unicast transmit queues 0 through 3 and multicast transmit queues 0 and 1, respectively.

The no priority statement for queue 3 also configures priority for all lower priority queues. Removing the statement reverts the other queues to strict priority type unless running-config contains a no priority statement for one of these queues.

switch(config)# interface ethernet 7
switch(config-if-Et7)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# no priority
switch(config-if-Et7-uc-txq-3)# bandwidth percent 5
switch(config-if-Et7-uc-txq-3)# uc-tx-queue 2
switch(config-if-Et7-uc-txq-2)# bandwidth percent 15
switch(config-if-Et7-uc-txq-2)# uc-tx-queue 1
switch(config-if-Et7-uc-txq-1)# bandwidth percent 25
switch(config-if-Et7-uc-txq-1)# uc-tx-queue 0
switch(config-if-Et7-uc-txq-0)# bandwidth percent 35
switch(config-if-Et7-uc-txq-0)# mc-tx-queue 1
switch(config-if-Et7-mc-txq-1)# bandwidth percent 12
switch(config-if-Et7-mc-txq-1)# mc-tx-queue 0
switch(config-if-Et7-mc-txq-0)# bandwidth percent 8
switch(config-if-Et7-mc-txq-0)# show qos interface ethernet 7
Ethernet7:

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3           5     disabled   round-robin                0
        UC2          15     disabled   round-robin                0
        MC1          12     disabled   round-robin                0
        UC1          25     disabled   round-robin                0
        UC0          35     disabled   round-robin                0
        MC0           8     disabled   round-robin                0

switch(config-if-Et7-mc-txq-0)#

Changing the bandwidth percentage for unicast queue 3 to 30 changes the operational bandwidth of each queue to its configured bandwidth divided by 125% (8%+12%+30%+15%+25%+35%).

switch(config-if-Et7-uc-txq-0)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# bandwidth percent 30
switch(config-if-Et7-uc-txq-3)# show qos interface ethernet 7
Ethernet7:

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3          24     disabled   round-robin                0
        UC2          12     disabled   round-robin                0
        MC1           9     disabled   round-robin                0
        UC1          20     disabled   round-robin                0
        UC0          28     disabled   round-robin                0
        MC0           6     disabled   round-robin                0

switch(config-if-Et7-uc-txq-3)#

ECN Configuration – Trident and Tomahawk Platform Switches

ECN is independently configurable on all egress queues of each Ethernet interface. ECN settings for Port-Channels are applied on each of the channel’s member Ethernet interfaces. ECN is also globally configurable to mark packets from the shared pool used for dynamically allocating memory to the queues. Multicast packets contribute to the globally shared pool and can contribute to global level congestion that result in ECN marking of unicast packets queued after the multicast packets.

Average queue length is tracked for transmit queues and the global pool independently. When either entity reaches its maximum threshold, all subsequent packets are marked.

Although the switch does not limit the number of queues that can be configured for ECN, hardware table limitations restrict the number of queues (including the global shared pool) that can simultaneously implement ECN.

The qos random-detect ecn global-buffer (Trident and Tomahawk) command enables ECN marking for globally shared packet memory and specifies minimum and maximum queue threshold sizes.

Examples

This command enables ECN marking of unicast packets from the global data pool and sets the minimum and maximum thresholds at 20 and 500 segments.
```
switch(config)# qos random-detect ecn global-buffer minimum-threshold 20 segments 
maximum-threshold 500 segments
switch(config)#
```
This command disables ECN marking of unicast packets from the global data pool.
```
switch(config)# no qos random-detect ecn global-buffer
switch(config)#
```
The random-detect ecn (Trident and Tomahawk) command enables ECN marking for the configuration mode unicast transmit queue and specifies threshold queue sizes.

These commands enable ECN marking of unicast packets from transmit queue 4 of interface Ethernet 15, setting thresholds at 10 and 100 segments.

switch(config)# interface ethernet 15
switch(config-if-Et15)# uc-tx-queue 4
switch(config-if-Et15-uc-txq-4)# random-detect ecn minimum-threshold 10 segments 
maximum-threshold 100 segments
switch(config-if-Et15-uc-txq-4)# show active
interface Ethernet15
   uc-tx-queue 4
      random-detect ecn minimum-threshold 10 segments maximum-threshold 100 
segments
switch(config-if-Et15-uc-txq-4)# exit
switch(config-if-Et15)#

This command disables ECN marking of unicast packets from transmit queue 4 of interface Ethernet 15.

switch(config-if-Et15-uc-txq-4)# no random-detect ecn
switch(config-if-Et15-uc-txq-4)# show active
interface Ethernet15
switch(config-if-Et15-uc-txq-4)# exit
switch(config-if-Et15)#

QoS Configuration: Trident II and Helix Platform Switches

Implementing QoS on a Trident platform switch consists of configuring port trust settings, default port settings, default traffic classes, conversion maps, and transmit queues.

CoS and DSCP Port Settings – Trident II and Helix Platform Switches
Traffic Class Derivations – Trident II and Helix Platform Switches
CoS and DSCP Rewrite – Trident II and Helix Platform Switches
Transmit Queues and Port Shaping – Trident II and Helix Platform Switches
Ingress Policing on LAG
Fabric QoS -- – Trident II Platform Switches

CoS and DSCP Port Settings – Trident II and Helix Platform Switches

Configuring Port Trust Settings

The qos trust command configures the QoS port trust mode for the configuration mode interface. Trust enabled ports use packet CoS or DSCP values to classify traffic. The port-trust default for switched ports is cos. The port-trust default for routed ports is dscp.

qos trust cos specifies cos as the port’s port-trust mode.
qos trust dscp specifies dscp as the port’s port-trust mode.
no qos trust specifies untrusted as the port’s port-trust mode.

The show qos interfaces trust command displays the trust mode of specified interfaces.

Example

These commands configure and display the following trust modes:

Ethernet 7/1: dscp.
Ethernet 7/2: untrusted.
Ethernet 7/3: cos.
Ethernet 7/4: default as a switched port.

Ethernet 8/1: default as a routed port.

switch(config)# interface ethernet 7/1
switch(config-if-Et7/1)# qos trust dscp
switch(config-if-Et7/1)# interface ethernet 7/2
switch(config-if-Et7/2)# no qos trust
switch(config-if-Et7/2)# interface ethernet 7/3
switch(config-if-Et7/3)# qos trust cos
switch(config-if-Et7/3)# interface ethernet 7/4
switch(config-if-Et7/4)# switchport
switch(config-if-Et7/4)# default qos trust
switch(config-if-Et7/4)# interface ethernet 8/1
switch(config-if-Et8/1)# no switchport
switch(config-if-Et8/1)# default qos trust
switch(config-if-Et8/1)# show qos interface ethernet 7/1 - 8/1 trust

Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet7/1                    DSCP                  DSCP
Ethernet7/2                    UNTRUSTED             UNTRUSTED
Ethernet7/3                    COS                   COS
Ethernet7/4                    COS                   DEFAULT
Ethernet8/1                    DSCP                  DEFAULT

switch(config-if-Et8/1)#

Configuring Default Port Settings

Default CoS and DSCP settings are assigned to individual port channel and Ethernet interfaces. These configuration mode interface commands specify the port’s default CoS and DSCP values.

qos cos configures a port’s default CoS value.
qos dscp configures a port’s default DSCP value.

Example

These commands configure default CoS 4 and DSCP 44 values on interface ethernet 7/3.

switch(config)# interface ethernet 7/3
switch(config-if-Et7/3)# qos cos 4
switch(config-if-Et7/3)# qos dscp 44
switch(config-if-Et7/3)# show active

interface Ethernet7/3
   qos cos 4
   qos dscp 44

switch(config-if-Et7/3)# show qos interfaces ethernet 7/3

Ethernet7/3:
   Trust Mode: COS
   Default COS: 4
   Default DSCP: 44

switch(config-if-Et7/3)#

Traffic Class Derivations – Trident II and Helix Platform Switches

Traffic Classes describes traffic classes.

Note: QoS traffic policy is supported on Trident II platform switches.

Traffic Class Derivation Source

The following table displays the source for deriving a data stream’s traffic class.

Table 30. Traffic Class Derivation Source: Trident II Platform Switches
	Untrusted	CoS Trusted	DSCP Trusted
Untagged Non-IP	Default CoS (port)	Default CoS (port)	Default DSCP (port)
Untagged IP	Default CoS (port)	Default CoS (port)	DSCP (packet)
Tagged Non-IP	Default CoS (port)	CoS (packet)	Default DSCP (port)
Tagged IP	Default CoS (port)	CoS (packet)	DSCP (packet)

CoS and DSCP Port Settings – Trident II and Helix Platform Switches describes the default CoS and DSCP settings for each port.

Mapping CoS to Traffic Class

Example

This command assigns the traffic class 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)# show qos maps
   Number of Traffic Classes supported: 8

   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  5  2  5  4  5  6  5

switch(config)#

The following table displays the default CoS–traffic class map on Trident II platform switches.

Table 31. Default CoS to Traffic Class Map: Trident II Platform Switches
Inbound CoS	0	1	2	3	4	5	6	7
Traffic Class	1	0	2	3	4	5	6	7

Mapping DSCP to Traffic Class

Example

This command assigns the traffic class 0 to DSCP values of 12, 24, 41, and 44-47.

switch(config)# qos map dscp 12 24 41 44 45 46 47 to traffic-class 0
switch(config)# show qos maps                 
   Number of Traffic Classes supported: 8

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     2  2  2  2  0  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  0  5  5  0  0  0  0  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

switch(config)#

The following table displays the default DSCP–traffic class map on Trident II platform switches.

Table 32. Default DSCP to Traffic Class Map: Trident II Platform Switches
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class	1	0	2	3	4	5	6	7

CoS and DSCP Rewrite – Trident II and Helix Platform Switches

Rewriting CoS and DSCP describes the CoS and DSCP rewrite functions.

Traffic Class to CoS Rewrite Map

Example

This command assigns the CoS of two to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)#show qos map

   Number of Traffic Classes supported: 8

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  2  2  2  4  2  6  7

switch(config)#

The following tabledisplays the default Traffic Class to CoS rewrite value map on Trident II platform switches.

Table 33. Default Traffic Class to CoS Rewrite Value Map: Trident II Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value	1	0	2	3	4	5	6	7

Traffic Class to DSCP Rewrite Map

Example

This command assigns the DSCP value of 29 to traffic classes 2, 4, and 6.

switch(config)# qos map traffic-class 2 4 6 to dscp 29
switch(config)# show qos map

   Number of Traffic Classes supported: 8

   Tc-dscp map:
     tc:    0  1  2  3  4  5  6  7
     -----------------------------
     dscp:  8  0 29 24 29 40 29 56

switch(config)#

The following table displays the default traffic class to DSCP rewrite map on Trident II platform switches.

Table 34. Traffic Class to DSCP Rewrite Value Map: Trident II Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
DSCP	8	0	16	24	32	40	48	56

Transmit Queues and Port Shaping – Trident II and Helix Platform Switches

Transmit Queues and Port Shaping describes transmit queues and port shaping.

A data stream’s traffic class determines the transmit queue it uses. The switch defines a single traffic class-transmit queue map for all Ethernet interfaces and is used for unicast and multicast traffic. The traffic class to transmit queue maps are configured globally and apply to all Ethernet and port channel interfaces. The show qos maps command displays the traffic class to transmit queue map.

Trident II platform switches have eight unicast (UC0 – UC7) and eight multicast (MC0 – MC7) queues. Each UCx-MCx queue set is combined into a single queue group (L1.x), which is exposed to the CLI through this command.

The following table displays the default traffic class to transmit queue maps.

Table 35. Default Traffic Class to Transmit Queue Map: Trident II Platform Switches
Traffic Class	0	1	2	3	4	5	6	7
Transmit Queue Group	0	1	2	3	4	5	6	7

Mapping Traffic Classes to a Transmit Queue

The qos map traffic-class to tx-queue command assigns traffic classes to a transmit queue. Multiple commands create the complete map.

Example

switch(config)# qos map traffic-class 1 3 5 to tx-queue 1
switch(config)# qos map traffic-class 2 4 6 to tx-queue 2
switch(config)# qos map traffic-class 0 to tx-queue 0
switch(config)# show qos maps
   Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8

   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  1  2  1  2  7

switch(config)#

Entering a Transmit Queue Configuration Mode

Transmit queues are configurable on Ethernet ports and port channels. Queue parameters are configured in tx-queue configuration command mode, which is entered from the appropriate interface configuration mode. The tx-queue (Trident II) command places the switch in tx-queue configuration mode. The show qos interfaces displays the transmit queue configuration for a specified port.

Example

This command enters tx-queue configuration mode for transmit queue 3 of interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# tx-queue 3
switch(config-if-Et5-txq-3)#

Configuring the Shape Rate – Port and Transmit Queues

To configure a port’s shape rate, enter shape rate (Interface – Trident II) from the port’s interface configuration mode.
To configure a transmit queue’s shape rate, enter shape rate (Tx-queue – Trident II) from the queue’s tx-queue configuration mode.

Example

These commands configure a shape rate of 5 Gbs on interface Ethernet 3, then configure the shape rate for the following transmit queues:

transmit queues 0, 1, and 2: 500 Mbps

transmit queues 3, 4, and 5: 400 Mbps

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# shape rate 5000000
switch(config-if-Et17/3)# tx-queue 0
switch(config-if-Et17/3-txq-0)# shape rate 500000
switch(config-if-Et17/3-txq-0)# tx-queue 1
switch(config-if-Et17/3-txq-1)# shape rate 500000
switch(config-if-Et17/3-txq-1)# tx-queue 3
switch(config-if-Et17/3-txq-3)# shape rate 400000
switch(config-if-Et17/3-txq-3)# tx-queue 4
switch(config-if-Et17/3-txq-4)# shape rate 400000
switch(config-if-Et17/3-txq-4)# tx-queue 5
switch(config-if-Et17/3-txq-5)# shape rate 400000
switch(config-if-Et17/3-txq-5)# exit
switch(config-if-Et17/3)# show qos interface ethernet 17/3
Ethernet17/3:

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )     400 / 400  ( Mbps )   SP / SP
   4        - / -    (  -  )     400 / 400  ( Mbps )   SP / SP
   3        - / -    (  -  )     400 / 400  ( Mbps )   SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )     500 / 500  ( Mbps )   SP / SP
   0        - / -    (  -  )     500 / 500  ( Mbps )   SP / SP

switch(config-if-Et17/3)#

Configuring Queue Priority

Queue priority rank is denoted by the queue number; transmit queues with higher numbers have higher priority. Trident II supports strict priority queues; round robin queues are not supported.

The bandwidth guaranteed (Trident II) command configures specifies the minimum bandwidth for outbound traffic on the transmit queue.

Example

These commands configure a minimum egress bandwidth of 1 Mbps for transmit queue 4 on interface ethernet 17/3.

switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)# show qos interface ethernet 17/3

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )     400 / 400  ( Mbps )   SP / SP
   4        1 / 1    ( Mbps )    400 / 400  ( Mbps )   SP / SP
   3        - / -    (  -  )     400 / 400  ( Mbps )   SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )     500 / 500  ( Mbps )   SP / SP
   0        - / -    (  -  )     500 / 500  ( Mbps )   SP / SP

switch(config-if-Et17/3-txq-4)#

Ingress Policing on LAG

Ingress policing on a port-channel polices the matched traffic from all member interfaces combined, i.e. it provides aggregate policing and statistics (DCS-7050X, DCS-7010T, DCS-7250X, and DCS-7300X series). When a per-interface policer is attached to a port-channel, one set of TCAM entries is created for all member interfaces. The associated interface bitmap is updated, and aggregate policing is performed on all member interfaces.

Examples

These commands configure a service-policy (with policer action) on LAG by creating the service-policy and applying the service-policy on a port-channel.

switch(config)# policy-map policy-1
switch(config-pmap-qos-policy-1)# class class-1
switch(config-pmap-c-qos-policy-1-class-1)# police cir 512000 bps bc 96000
switch(config-pmap-c-qos-policy-1-class-1)# exit
switch(config-pmap-qos-policy-1)# exit
switch(config)# interface Et 4 / 5 / 4
switch(config-if-Et4/5/4)# channel-group 2 mode active
switch(config-if-Et4/5/4)# exit
switch(config)# interface po2
switch(config-if-Po2)# service-policy type qos input policy-1
switch(config-if-Po2)# exit
switch(config)#

These commands configure ACL policing in single-rate, two-color mode.

switch(config)# class-map type qos match-any class1
switch(config-cmap-qos-class1)# match ip access-group acl1
switch(config-cmap-qos-class1)# exit
switch(config)# policy-map type quality-of-service policy1
switch(config-pmap-qos-policy1)# class class1
switch(config-pmap-c-qos-policy1-class1)# police cir 512000 bc 96000
switch(config-pmap-c-qos-policy1-class1)# exit
switch(config-pmap-qos-policy1)# exit
switch(config)# show policy-map
Service-policy policy1

  Class-map: class1 (match-any)
    Match: ip access-group name acl1
       police rate 512000 bps burst-size 96000 bytes

  Class-map: class-default (match-any)

switch(config)#

Fabric QoS -- – Trident II Platform Switches

EOS is optimized to support QoS configuration on the Fabric interfaces on 7250x and 7300 series switches. Configuring QoS on the Fabric interfaces in addition to front panel ports allows user to have end-to-end control and helps to manage traffic better over these switches. By default, tx queues are configured as strict priority on 7250X and 7300X series.

The following QoS configuration options are supported on Fabric interfaces on 7250x and 7300 series switches.

Guaranteed Bandwidth: In order to prevent queue starvation on fabric ports EOS supports minimum bandwidth configuration on per queue basis across all fabric ports.
Explicit Congestion Notification (ECN): EOS supports enabling ECN on a per queue basis across all fabric ports.
Priority Flow Control (PFC): Queue back-pressure propagates across the backplane such that flow control messages can be generated to the upstream devices. This is done by enabling PFC for the desired backplane traffic-classes.
Weight Round Robin (WRR): EOS supports configuring Weighted Round Robin (WRR) on a per queue basis across all fabric ports.

Configuring Fabric QoS on 7250X and 7300X Series

Fabric QoS is configured using a QoS profiles which is then applied on fabric interfaces on 7250x and 7300x series. Following are the steps to configure Fabric QoS.

Use qos profile command to create a QoS profile.
Use tx-queue (Trident II) command to configure a transmit queue on the configuration mode interface.
Use bandwidth guaranteed (Trident II) command to specifie the minimum bandwidth for outbound traffic on the transmit queue.
Use random-detect ecn (Trident) command to enable the ECN marking for the configuration mode unicast transmit queue and specifies threshold queue sizes.
Use priority-flow-control priority command to configure the packet resolution setting on the configuration mode interface.
Use interface fabric command to configure Fabric interface.

Use service-profile command to apply the QoS profile to the Fabric interface.

Examples

These commands create a QoS profile named fabricProfile with tx queue, bandwidth, ECN, PFC and DLB values defined in it and then the profile is attached to Fabric interface of the switch.

Note: To support PFC on a particular priority, DLB is disabled for that priority.

switch(config)# qos profile fabricProfile
switch(config-qos-profile-fabricProfile)# tx-queue 0
switch(config-qos-profile-fabricProfile-txq-0)# bandwidth guaranteed 10000 kbps
switch(config-qos-profile-fabricProfile-txq-0)# random-detect ecn 
minimum-threshold 10 mbytes maximum-threshold 10 mbytes
switch(config-qos-profile-fabricProfile)# priority-flow-control priority 1 
no-drop
switch(config-qos-profile-fabricProfile)# priority-flow-control priority 6 
no-drop dlb

Applying the QoS profile on interface fabric of the switch.

switch# configure terminal
switch(config)# interface fabric
switch(config-if-fabric)# service-profile fabricProfile

Displaying Fabric QoS Information

These show commands display the configured Fabric QoS information on the switch.

show qos profile [profile Name]: Displays the list of QoS profiles configured on the switch.
show qos interfaces fabric: Displays the profile applied on the fabric interface on the switch.

Examples

This command displays the fabricProfile profile information.

switch# show qos profile fabricProfile
  qos profile fabricProfile
     priority-flow-control priority 1 no-drop
     priority-flow-control priority 6 no-drop dlb
     tx-queue 0
         bandwidth guaranteed 10000 kbps
         random-detect ecn minimum-threshold 10 mbytes maximum-threshold 10 mbytes

This command displays the profile applied on the fabric interface.

switch# show qos interfaces fabric
   qos profile fabricProfile

Support for Configuring Color Extended Communities

EOS Release 4.23.1F introduces the ability to configure the color extended community in route-map set clauses and in an extcommunity-list for inbound and outbound policy application.

Use the color extended community for per-destination steering into Segment-Routing Traffic-Engineered (SR-TE) policies. If the next-hop and color of a BGP route match a particular policy (composed of an endpoint and color), any traffic bound to the destination can be steered according to the policy instead of forwarded via an IGP path or tunnel.

This section describes support for configuring color extended communities, including configuration instructions and command descriptions. Topics covered by this section include:

Platform Compatibility
Configuration
Limitations

Platform Compatibility

Configuring color extended communities is supported on all platforms.

Configuration

Use the following command for color extended community expressions:

color COLOR-VALUE [color-only (exact-match | (endpoint-match (any | null)))]

Use this command in route-maps and extcommunity-lists to apply inbound and outbound policy.


Configuring Color Extended Community in route-map mode
Command(config-route-map mode)	[no \| default] set extcommunity COLOR-EXPRESSION [additive \| delete]
Action	Adds a color extended community to be applied to routes affected by the route-map. Multiple set clauses can be applied to a single route-map to configure multiple colors for routes. Additive adds the extended communities to those received, while delete deletes any matching extended color communities. Negating the command removes the entry from the route-map.
Default	None
Example	`switch(config)# route-map foo switch(config-route-map foo)# set extcommunity color 1 switch(config-route-map foo)# set extcommunity color 2 color-only exact-match switch(config-route-map foo)# set extcommunity color 3 color-only endpoint-match null switch(config-route-map foo)# set extcommunity color 4 color-only endpoint-match any`


Configuring Color Extended Community in extcommunity-list
Command(config mode)	`[(no\|default)] ip extcommunity-list WORD (permit\|deny){COLOR-EXPRESSION}`
Action	Adds a color extended community to an extcommunity-list. Multiple color extended communities can be added to the list. Negating the command removes the corresponding color extended community from the list.
Default	None
Example	`switch(config)# ip extcommunity-list foo permit color 1 color 2 switch(config)# ip extcommunity-list bar permit color 3 color-only endpoint-match null color 4 color-only endpoint-match any`

Limitations

The color extended community is only supported in multi-agent mode. Enable Multi-agent mode via the following command:

service routing protocols mode multi-agent

ACL based QoS Configuration

ACL Based QoS (DCS-7160)

The IPv4 ACL based QoS is enabled on switches through policy-map configuration. The ACL based QoS can be configured on front panel ports, port-channel interfaces on DCS-7160 series switches.

ACL based QoS on SVIs

The ACL based QoS policy applied on SVIs modify the QoS parameters for SVI traffic (L3 VLAN) based on ACL classification. The ACL based QoS on Switched Virtual Interface (SVI) ports is supported on DCS-7500E, DCS-7280E, DCS-7010, DCS-7050, DCS-7050X, DCS-7250X, DCS-7300X, DCS-7020TR.

ACL Sharing on QoS

The ACLs applied on QoS shares the hardware resources (TCAM) when potentially large QoS policy-maps are applied to multiple SVIs. For ACL based QoS on SVIs in sharing mode we share TCAM for class-maps without policer action and replicate entries for policer class-maps. The ACL Sharing on QoS is supported only on selected platforms.

The QoS actions is applicable only to the routed traffic flowing through the members of the corresponding VLAN.

The steps to configure ACL based QoS is as follows:

Create a access list using ip access-list command.
Create a class map and attach it to the access list using class-map command.
Create a policy and attach the class map to the policy created, using the policy-map command.
Apply the policy to the interface using the service-policy input command.
Examples
- These command configure the access list acl1.
```
switch(config)# ip access-list acl1
switch(config-acl-acl1)# permit ip 10.1.1.1/24 any
switch(config-acl-acl1)# exit
```
- These commands configure the class map class1.
```
switch(config)# class-map match-any class1
switch(config-cmap-qos-class1)# match ip access-group acl1
switch(config-cmap-qos-class1)# exit
```
- These commands configure the policy map policy1.
```
switch(config)# policy-map policy1 
switch(config-pmap-qos-policy1)# class class1
switch(config-pmap-c-qos-policy1-class1)# set dscp 20
switch(config-pmap-c-qos-policy1-class1)# set traffic-class 2
switch(config-pmap-c-qos-policy1-class1)# exit 
switch(config-pmap-c-qos-policy1)# exit
```
- These commands apply the policy1 to the interface ethernet 1/1.
```
switch(config)# interface Et1/1
switch(config-if-Et1/1)# service-policy input policy1 
switch(config-if-Et1/1)# exit
```
- These commands configure a ACL based QoS on the SVI interface VLAN10.
```
switch(config)# interface vlan 10
switch(config-if-Vl10)# service-policy [type qos] input policy1
```
- This command enables the resource (hardware) sharing when a ACL based QoS is attached to VLAN interface. The no form of the command disables it.
```
switch(config)# hardware access-list qos resource sharing vlan in
```
- This command allows inbound broadcast IP packets with source IP address as one of the permitted hosts and denies the rest of the directed broadcast traffic.
```
switch(config)# ip directed-broadcast
 switch(config-ip-directed-broadcast)# field-set ipv4 prefix ALLOWED1
 switch(config-ipdb-field-set-ipv4-prefix-ALLOWED)# 10.1.1.1/32 20.1.1.1/32 30.1.1.1/32
 switch(config-ipdb-field-set-ipv4-prefix-ALLOWED)# commit
 
 switch(config-ip-directed-broadcast)# field-set ipv4 prefix ALLOWED2
 switch(config-ipdb-field-set-ipv4-prefix-ALLOWED)# 10.2.1.1/32 20.2.1.1/32 30.2.1.1/32
 switch(config-ipdb-field-set-ipv4-prefix-ALLOWED)# commit
```
Show Commands
The following show commands display the status of policy-maps programmed on the interface, for more information on these commands refer Quality of Service Commands.
- show policy-map [policy-name]: Displays the policy-map programming status.
- show policy-map interface interface id: Displays the policy-map that is currently programmed on the interface.
- show policy-map [policy-name] counters: Displays the policy-map traffic hits.
- show platform xp qos tcam [hits]: Displays the TCAM entries programmed for each policy-map as well as the traffic hits. The hits option is used to see the TCAM entries with nonzero traffic hits.
- show run | grep sharing: Displays if whether the ACL based QoS is enabled or disabled.
- show platform trident tcam shared vlan interface-class-id: Displays what SVIs are currently sharing the QoS policy-map.
- show platform trident tcam directed-broadcast: Displays the permitted hosts via field-set.
- show platform trident tcam qos detail: Displays the list of all the SVIs that are sharing the TCAM entries.

Limitations

Maximum number of TCAM entries that can be programmed in hardware for all QoS policy-maps on the box is 1024.
Layer 4 port ranges are not supported for ACL based QoS. The ranges will be expanded into multiple TCAM rules and programmed in the hardware.
Configured policer rate should be above 1mbps and recommended burst value is 2000 bytes.
Policer action cannot be associated with policy-maps applied to Port-Channels.

The following are the limitations specific to DCS-7500E, DCS-7280E and DCS-7020TR:

The user cannot apply more than 31 QoS service policies per chip on L3 interfaces.

When different QoS service policies are applied to the SVI and its member interfaces, the behavior is indeterministic.
When QoS service policies are applied on SVIs with partial failures due to limited hardware resources, any event that triggers a forwarding agent restart will lead to indeterministic behavior.
When QoS service policies are applied on 2 SVIs, any event that triggers the VLAN membership change of a member interface may result in a policy-map programming failure. To change the VLAN membership, remove the interface from the first VLAN and then add it to the other.
Outgoing COS rewrite is not supported.
QoS policy-map counters are not supported.

The following are the limitations specific to DCS-7010, DCS-7050, DCS-7050X, DCS-7250X, DCS-7300X:

TCAM resources will not be shared for the same policy-map applied to multiple SVIs.
Policy-map applied to a SVI will result in TCAM allocation on all chips irrespective of whether the SVI members are present or not.

When QoS service policies are applied to both SVI and its member interfaces and packets hit both policies, the behavior is indeterministic.

Configuring IPv6 Flow Label Matches for QoS

In addition to criteria like COS and DSCP, QoS decisions can be based on the IPv6 flow labels of packets. To use IPv6 flow labels as a criterion for QoS decisions, use the permit command to create ACL rules to select packets based on their IPv6 flow labels using an exact match and an optional mask, and then apply the access list to a class map in a QoS policy map, which can then be applied to individual interfaces. This requires a TCAM profile which must be installed explicitly.

Install the QoS Flow Label TCAM Profile

Open the QoS flow label TCAM profile Web page at https://www.arista.com/en/support/toi/tcam-profile?pn=qos-match-ipv6-flow-label. Copy the entire contents of the file which starts with the following commands:

hardware tcam
system profile qos-match-ipv6-flow-label

There are approximately 130 lines.

Paste this into the CLI of the switch. Each command in the file will be executed in turn when you paste the file contents. When the paste completes, if the cursor is at the end of the last command, type enter to execute it.

Confirm the QoS Flow Label TCAM Profile Installation

Configure the TCAM with the hardware tcam command, and use the system profile command to confirm that the “qos-match-ipv6-flow-label” profile has been installed. If the profile is installed, the ? operator will show “qos-match-ipv6-flow-label” as an available profile.

Example

The following commands confirm whether the “qos-match-ipv6-flow-label” profile is installed and available to be applied.

switch(config)# hardware tcam
switch(config-tcam)# system profile qos-match?
WORD  qos-match-ipv6-flow-label

switch(config-tcam)# exit
switch(config)#

Apply the QoS Flow Label TCAM Profile

If the profile "qos-match-ipv6-flow-label" is listed, use the system profile command to apply it. Confirm that the profile has been successfully applied with the show hardware tcam profile command.

Example

The following commands apply the profile “qos-match-ipv6-flow-label” to the TCAM configuration, then confirm that the profile has been applied. The warning is normal, as the restart of forwarding agents is part of the procedure.

switch(config)# hardware tcam
switch(config-tcam)# system profile qos-match-ipv6-flow-label
!
WARNING!
Changing TCAM profile will cause forwarding agent(s) to exit and restart.
All traffic through the forwarding chip managed by the restarting
forwarding agent will be dropped.

Proceed [y/n] y
switch(config-tcam)# exit
switch(config)# show hardware tcam profile
                     Configuration            Status
FixedSystem          qos-match-ipv6-flow-label qos-match-ipv6-flow-label
switch(config)#

Create IPv6 ACL Rules

Configure an access list with the ipv6 access-list command. Then create rules with the permit ipv6 command.

Example

The following commands create an IPv6 ACL rule which matches the flow label 23 in the access list L1.

switch(config)# ipv6 access-list L1
switch(config-ipv6-acl-L1)# permit ipv6 any any flow-label eq 23
switch(config-ipv6-acl-L1)# exit
switch(config)#

Add Access List to QoS Class Map

Configure a QoS class map with the class-map command. Then add an access list to the class map with the match command.

Example

The following commands create a QoS class map called C1, and then add the access list L1.

switch(config)# class-map type qos match-any C1
switch(config-cmap-qos-C1)# match ipv6 access-group L1
switch(config-cmap-qos-C1)# exit
switch(config)#

Add Class Map to Policy Map

Configure a QoS policy map, creating it if necessary, with the policy-map command. Then add a class map to the policy map and define the traffic class.

Example

The following commands configure the QoS policy map P1 and add the class map C1, and then assign the class to traffic class 4.

switch(config)# policy-map type quality-of-service P1
switch(config-pmap-quality-of-service-P1)# class C1
switch(config-pmap-c-quality-of-service-P1-C1)# set traffic-class 4
switch(config-pmap-c-quality-of-service-P1-C1)# exit
switch(config-pmap-quality-of-service-P1)# exit
switch(config)#

Configure An Interface with QoS Policy

Configure an interface with the interface command. Apply the QoS policy to the interface with the service-policy command.

Example

The following commands configure the Ethernet interface 1/1, and apply the QoS policy P1 to the interface.

switch(config)# interface Ethernet 1/1
switch(config-if-Et1/1)# service-policy type qos input P1
switch(config-if-Et1/1)# exit
switch(config)#

Example

The following commands confirm that the policy map P1 has been programmed successfully.

switch(config)# show policy-map P1
Service-policy input: P1
  Hardware programming status: Successful

  Class-map: C1 (match-any)
    Match: ipv6 access-group name L1
       set traffic-class 4

  Class-map: class-default (match-any)

switch(config)# show ipv6 access-lists L1
IPV6 Access List L1
        10 permit ipv6 any any flow-label eq 23
switch(config)#

Differentiated MMU Discard Counters

To count discarded packets through tagging, assign drop-precendes for a certain class of packets on platforms that support such tagging.

Configuring Differentiated MMU Discard Counters

The following steps configure the Differentiated MMU Discard Counters.

Configure an IP access-lists to match traffic

switch(config)# ip access-list acl1
switch(config-acl-acl1)# permit 41 any any !!41 = 0x29 = IPv6

Add the access-list to a class-map

switch(config)# class-map type qos match-any class1
switch(config-cmap-qos-class1)# match ip access-group acl1

Add the class-map to a policy-map

switch(config)# policy-map type quality-of-service policy1
switch(config-pmap-quality-of-service-policy1)# class class1

Add drop-precedence action to the policy-map

switch(config-pmap-c-quality-of-service-policy1-class1)# set drop-precedence 2

Create qos profile with the policy map assigned

switch(config)# qos profile qos1
switch(config-qos-profile-qos1)# service-policy input policy1

Apply the policy-map to the interface

switch(config)# int et3/1
switch(config-if-Et3/1)# service-profile qos1

Repeat step 6 on all interfaces that receive traffic to be counted. Packets are tagged on ingress. If the same packet gets dropped on egress as an MMU discard, the corresponding counter gets incremented.

Displaying Differentiated MMU Discard Counters

The show interface counters queue drop-precedence command displays the drop-precedence counters. Based on the above configuration, drop-precedence 2 counts IPv6 packets.

switch# show interface counters queue drop-precedence
intf        0          1          2
Et1/1     100          0        200
Et1/2     200          0        300
…

txQueue Percentage-based Shaping

When you enable this feature using the qos tx-queue shape rate percent percentage adaptive command, QoS calculates the txQueue shape rate based the available bandwidth and not the link speed. For instance, if the interface has a link speed of 100Gbps, and the subinterface configured to 50%, then the subinterface has a link speed of 50Gbps.

Configuring txQueue Percentage-based Shaping

Use the following command to configure traffic for a 50Gps interface for adaptive shaping on interfaces.

switch(config)# qos tx-queue shape rate percentage adaptive
! Change will take effect only after switch reboot.

Reboot the switch.

Displaying txQueue Adaptive Information

Use the show qos tx-queue to display the status of the configuration. One of the following messages displays after entering the command:

No Configuration

switch# show qos tx-queue
Shape rate percent : Non-Adaptive

Configuration Successful After Switch Reboot

switch# show qos tx-queue
Shape rate percent : Adaptive

Configuration Successful but No Switch Reboot

switch# show qos tx-queue
Shape rate percent : Non-Adaptive (reboot required for Adaptive)

Configuring Round Robin Scheduling on Shaped Subinterfaces

To enable subinterface Round Robin scheduling on the switch, use the following command:

switch(config)#qos subinterface scheduling parent round-robin
! Change will only take effect after switch reboot.

To disable subinterface Round Robin scheduling on the switch, use the following command:

switch(config)#no qos subinterface scheduling parent round-robin
! Change will only take effect after switch reboot.

Displaying Round Robin Scheduling Information

When enabled, the command show platform sand subinterface capabilities displays the Round Robin scheduling information on the switch:

switch#show platform sand subinterface capabilities
SubInterface:
------------------
     
     Supported:     
     ----------
     Minimum port shape rate(kbps)                                : 1000
     Maximum port shape rate(kbps)                                : 400000000
     Number of voqs per subinterface when shaping is applied      : 4
     Traffic class to Voq mapping                                  
                TC0-1    : Voq0
                TC2-3    : Voq1
                TC4-5    : Voq2
                TC6-7    : Voq3
     Traffic class to scheduling mode                              
                TC0-1    : WRR( weight 1 )
                TC2-3    : WRR( weight 2 )
                TC4-5    : WRR( weight 3 )
                TC6-7    : SP
         ( Higher weight implies more credits )               
    Voq tail-drop threshold(MegaByte)                            : 12.500000
    Voq tail-drop threshold(Buffer Descriptor)                   : 12500
    Maximum number of subinterfaces with voq supported on the system: 512
    Maximum number of subinterfaces with voq supported per core   
                                             System Core 0  : 512
                                             System Core 1  : 512
    Scheduling between parent and shaped subinterfaces:          : Round Robin

Explicit Congestion Notification (ECN)

Configuring Latency-based ECN

Latency-based ECN can configured on a per transmit queue basis. Use the following commands to configure a transmit queue on interface Ethernet 1/1 with a delay threshold of 33 milliseconds:

switch(config)#interface Ethernet 1/1
switch(config-if-Et1/1)#tx-queue 3
switch(config-if-Et1/1-txq-3)#random-detect ecn delay threshold 33 milliseconds

Configure a delay threshold as a value between 1 to 4294967 microseconds or a value between 1 to 4294 milliseconds.

Displaying the ECN Configuration

Use the following command to display information about the ECN configuration:

switch(config)#show qos interfaces Ethernet 1/1 ecn
Ethernet1/1:
                              ECN       ECN ECN                       ECN          ECN
                          Minimum   Maximum Delay                     Mark-Prob Weight
Tx-Queue Threshold Unit  Threshold Threshold Threshold
-------- -------------- --------- --------- ------------------------- --------- ------
7 -                      -         - -                         - / -          -
6 -                      -         - -                         - / -          -
5 -                      -         - -                         - / -          -
4 -                      -         - -                         - / -          -
3 -                      -         - 33000.000 / 33000.000 (L) - / -          -
2 -                      -         - -                         - / -          -
1 -                      -         - -                         - / -          -
0 -                      -         - -                         - / -          -
            
Delay Threshold Type: G -> Global     L -> Local
Note: Values are displayed as Configured/Operational

Latency-based Explicit Congestion Notification

Explicit Congestion Notification (ECN) provides a mechanism of notifying about network traffic congestion without dropping packets. Notification occurs in two ways:

Queue Length ECN - Marks the ECN-capable Transport (ECT) packets when the average Virtual Output Queue (VOQ) length exceeds the configured ECN threshold value.
Latency-based ECN - Notifies the congestion by marking the ECT packets if the packets take longer than the configured threshold to dequeue from the VOQ.

Both types of notification result in the egress marking of the packet when experiencing the congestion beyond the configured threshold.

Configure ECN on a transmit queue of an interface, and only switches with front panel ports and port-channels support ECN.

Supported Platforms

DCS-7280R3 series
DCS-7500R3 series
DCS-7800R3 series
DCS-7130

Configuring a Low Latency Transmit Queue Scheduler Profile

Configuring a low latency transmit queue scheduler profile provides an alternative operating mode for queues with reduced latency. By default, the switch has a balanced profile focused on maintaining sustained throughput and avoiding excessive latency. In certain scenarios, this profile may not provide an optimal configuration for latency-sensitive scenarios with critical flow completion time. In this case, configure a responsive low latency scheduler profile validated against the hardware capabilities.

The responsive profile provides maximum benefits in scenarios with low fan-in and bursty flows and reduces the maximum latency from 40 microseconds to 8 microseconds when a flow starts or stops.

Compatible Platforms

The following platforms support the responsive profile feature:

DCS-7280R3
DCS-7500R3
DCS-7800R3

Configuring the Responsive Profile

Enable unified credit rates to allow the scheduler profile to provide credits to the low latency queues at rates optimized for hardware. Use the following command to enable unified credit rates:

switch(config)# platform fap voq credit rates unified

Then configure the responsive profile on a transmit queue with the following command:

switch(config)# qos tx-queue 0-7 scheduler profile responsive

Configure up to eight (8) responsive profiles.

Quality of Service Commands

bandwidth guaranteed (Helix)

The bandwidth guaranteed command specifies the minimum bandwidth for outbound traffic on the transmit queue. By default, no bandwidth is guaranteed to any transmit queue.

The no bandwidth guaranteed and default bandwidth guaranteed commands remove the minimum bandwidth guarantee on the transmit queue by deleting the corresponding bandwidth guaranteed command from running-config.

Command Mode

Tx-Queue Configuration

Command Syntax

bandwidth guaranteed rate DATA_MIN

no bandwidth guaranteed

default bandwidth guaranteed

Parameters

DATA_MIN Minimum bandwidth. Value range varies with data unit:

8 to 40000000 8 to 40000000 kbytes per second.
8 to 40000000 kbps 8 to 40000000 kbytes per second.
1 to 60000000 pps 1 to 60000000 packets per second.

Related Command

tx-queue (Helix) places the switch in tx-queue configuration mode.

Example

These commands configure a minimum egress bandwidth of 1 Mbps for transmit queue 4 of interface ethernet 17/3.

switch(config)# interface ethernet 17
switch(config-if-Et17)# tx-queue 4
switch(config-if-Et17-txq-4)# bandwidth guaranteed 1000 kbps
switch(config-if-Et17-txq-4)# show qos interfaces ethernet 17

Ethernet17/3:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )       - / -    (  -  )    SP / SP
   4        1 / 1    ( Mbps )      - / -    (  -  )    SP / SP
   3        - / -    (  -  )       - / -    (  -  )    SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )       - / -    (  -  )    SP / SP
   0        - / -    (  -  )       - / -    (  -  )    SP / SP

Note: Values are displayed as Operational/Configured

switch(config-if-Et17-txq-4)#

bandwidth guaranteed (Trident II)

The bandwidth guaranteed command specifies the minimum bandwidth for outbound traffic on the transmit queue. By default, no bandwidth is guaranteed to any transmit queue.

Command Mode

Tx-Queue Configuration

Command Syntax

bandwidth guaranteed rate DATA_MIN

no bandwidth guaranteed

default bandwidth guaranteed

Parameters

DATA_MIN minimum bandwidth. Value range varies with data unit:

8 to 40000000 kbytes per second.
8 to 40000000 kbps kbytes per second.
1 to 60000000pps packets per second.

Related Command

tx-queue (Trident II) places the switch in tx-queue configuration mode.

Example

These commands configure a minimum egress bandwidth of 1 Mbps for transmit queue 4 of interface ethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)# bandwidth guaranteed 1000 kbps
switch(config-if-Et17/3-txq-4)# show qos interfaces ethernet 17/3

Ethernet17/3:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )       - / -    (  -  )    SP / SP
   4        1 / 1    ( Mbps )      - / -    (  -  )    SP / SP
   3        - / -    (  -  )       - / -    (  -  )    SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )       - / -    (  -  )    SP / SP
   0        - / -    (  -  )       - / -    (  -  )    SP / SP

Note: Values are displayed as Operational/Configured

switch(config-if-Et17/3-txq-4)#

bandwidth percent (Arad/Jericho)

The bandwidth percent command configures the bandwidth share of the transmit queue when configured for round robin priority. Bandwidth is allocated to all queues based on the cumulative configured bandwidth of all the port’s round robin queues.

The cumulative operational bandwidth of all round robin queues is always less than or equal to 100%. If the cumulative configured bandwidth is greater than 100%, each port’s operational bandwidth is its configured bandwidth divided by the cumulative configured bandwidth.

The no bandwidth percent and default bandwidth percent commands restore the default bandwidth share of the transmit queue by removing the corresponding bandwidth percent command from running-config.

Command Mode

Tx-Queue Configuration

Command Syntax

bandwidth percent proportion

no bandwidth percent

default bandwidth percent

Parameter

proportion Bandwidth percentage assigned to queues. Values range from 1 to 100.

Related Command

tx-queue (Arad/Jericho) places the switch in tx-queue configuration mode.

Examples

These commands configure queues 0 through 3 (interface ethernet 3/5/1) as round robin, then allocate bandwidth for three queues at 30% and one queue at 10%.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# no priority
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 10
switch(config-if-Et3/5/1-txq-3)# tx-queue 2
switch(config-if-Et3/5/1-txq-2)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-2)# tx-queue 1
switch(config-if-Et3/5/1-txq-1)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-1)# tx-queue 0
switch(config-if-Et3/5/1-txq-0)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-0)# show qos interfaces ethernet 3/5/1

Ethernet3/5/1:

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     10 / 10       - / -    (  -  )    RR / RR    D
   2     30 / 30       - / -    (  -  )    RR / SP    D
   1     30 / 30       - / -    (  -  )    RR / SP    D
   0     30 / 30       - / -    (  -  )    RR / SP    D

switch(config-if-Et3/5/1-txq-0)#

These commands re-configure the bandwidth share of the fourth queue at 30%.

switch(config-if-Et3/5/1-txq-0)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# bandwidth percent 30
switch(config-if-Et3/5/1-txq-3)# show qos interfaces ethernet 3/5/1

Ethernet3/5/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3     24 / 30       - / -    (  -  )    RR / RR    D
   2     24 / 30       - / -    (  -  )    RR / SP    D
   1     24 / 30       - / -    (  -  )    RR / SP    D
   0     24 / 30       - / -    (  -  )    RR / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/5/1-txq-3)#

These commands configure the bandwidth share of the fourth queue at 2%.

switch(config-if-Et3/5/1-txq-3)# bandwidth percent 2
switch(config-if-Et3/5/1-txq-3)# show qos interfaces ethernet 3/5/1

Ethernet3/5/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3      2 / 2        - / -    (  -  )    RR / RR    D
   2     30 / 30       - / -    (  -  )    RR / SP    D
   1     30 / 30       - / -    (  -  )    RR / SP    D
   0     30 / 30       - / -    (  -  )    RR / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/5/1-txq-3)#

bandwidth percent (FM6000)

Command Mode

Tx-Queue Configuration

Command Syntax

bandwidth percent proportion

no bandwidth percent

default bandwidth percent

Parameter

proportion Configured bandwidth percentage. Value ranges from 1 to 100. Default value is 0.

Related Command

tx-queue (FM6000) places the switch in tx-queue configuration mode.

Examples

These commands configure queues 0 through 3 (interface Ethernet 19) as round robin, then allocate bandwidth for three queues at 30% and one queue at 10%.

switch(config)# interface Ethernet 19
switch(config-if-Et19)# tx-queue 3
switch(config-if-Et19-txq-3)# no priority
switch(config-if-Et19-txq-3)# bandwidth percent 10
switch(config-if-Et19-txq-3)# tx-queue 2
switch(config-if-Et19-txq-2)# bandwidth percent 30
switch(config-if-Et19-txq-2)# tx-queue 1
switch(config-if-Et19-txq-1)# bandwidth percent 30
switch(config-if-Et19-txq-1)# tx-queue 0
switch(config-if-Et19-txq-0)# bandwidth percent 30
switch(config-if-Et19-txq-0)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

 Tx    Bandwidth  Bandwidth          Shape Rate     Priority  ECN/WRED
 Queue (percent)  Guaranteed (units)  units)
 
-----------------------------------------------------------------------
  7     - / -      - / -     ( - )     - / -  ( - )  SP / SP    D
  6     - / -      - / -     ( - )     - / -  ( - )  SP / SP    D
  5     - / -      - / -     ( - )     - / -  ( - )  SP / SP    D
  4     - / -      - / -     ( - )     - / -  ( - )  SP / SP    D
  3    10 / 10     - / -     ( - )     - / -  ( - )  RR / RR    D
  2    30 / 30     - / -     ( - )     - / -  ( - )  RR / SP    D
  1    30 / 30     - / -     ( - )     - / -  ( - )  RR / SP    D
  0    30 / 30     - / -     ( - )     - / -  ( - )  RR / SP    D

Note: Values are displayed as Operational/Configured

Legend:
RR -> Round Robin
SP -> Strict Priority
 -  -> Not Applicable / Not Configured
ECN/WRED: L -> Queue Length ECN Enabled     W -> WRED Enabled     D -> Disabled

These commands re-configure the bandwidth share of transmit queue 3 at 30%.

cp118.14:04:20# config
cp118.14:04:23(config)# interface ethernet 19
cp118.14:04:47(config-if-Et19-txq-0)# tx-queue 3
cp118.14:04:59(config-if-Et19-txq-3)# bandwidth percent 30
cp118.14:05:16(config-if-Et19-txq-3)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

 Tx   Bandwidth   Bandwidth          Shape Rate      Priority  ECN/WRED
Queue (percent)   Guaranteed (units)  (units)
 
------------------------------------------------------------------------
  7     - / -      - / -     ( - )     - / -  ( - )   SP / SP    D
  6     - / -      - / -     ( - )     - / -  ( - )   SP / SP    D
  5     - / -      - / -     ( - )     - / -  ( - )   SP / SP    D
  4     - / -      - / -     ( - )     - / -  ( - )   SP / SP    D
  3    24 / 30     - / -     ( - )     - / -  ( - )   RR / RR    D
  2    24 / 30     - / -     ( - )     - / -  ( - )   RR / SP    D
  1    24 / 30     - / -     ( - )     - / -  ( - )   RR / SP    D
  0    24 / 30     - / -     ( - )     - / -  ( - )   RR / SP    D

Note: Values are displayed as Operational/Configured

Legend:
RR -> Round Robin
SP -> Strict Priority
 -  -> Not Applicable / Not Configured
ECN/WRED: L -> Queue Length ECN Enabled     W -> WRED Enabled     D -> Disabled

These commands re-configure the bandwidth share of transmit queue 3 at 2%.

cp118.14:09:37(config-if-Et19-txq-3)# bandwidth percent 2
cp118.14:12:56(config-if-Et19-txq-3)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

 Tx   Bandwidth  Bandwidth           Shape Rate    Priority  ECN/WRED
Queue (percent)  Guaranteed (units)  (units)
 
----------------------------------------------------------------------
  7     - / -      - / -     ( - )   - / -  ( - )   SP / SP   D
  6     - / -      - / -     ( - )   - / -  ( - )   SP / SP   D
  5     - / -      - / -     ( - )   - / -  ( - )   SP / SP   D
  4     - / -      - / -     ( - )   - / -  ( - )   SP / SP   D
  3     2 / 2      - / -     ( - )   - / -  ( - )   RR / RR   D
  2    30 / 30     - / -     ( - )   - / -  ( - )   RR / SP   D
  1    30 / 30     - / -     ( - )   - / -  ( - )   RR / SP   D
  0    30 / 30     - / -     ( - )   - / -  ( - )   RR / SP   D

Note: Values are displayed as Operational/Configured

Legend:
RR -> Round Robin
SP -> Strict Priority
 -  -> Not Applicable / Not Configured
ECN/WRED: L -> Queue Length ECN Enabled     W -> WRED Enabled     D -> Disabled

bandwidth percent (Petra)

Command Mode

Tx-Queue Configuration

Command Syntax

bandwidth percent proportion

no bandwidth percent

default bandwidth percent

Parameter

proportionBandwidth percentage assigned to queues. Values range from 1 to 100.

Related Command

tx-queue (Petra) places the switch in tx-queue configuration mode.

Examples

These commands configure queues 0 through 3 (interface ethernet 3/28) as round robin, then allocate bandwidth for three queues at 30% and one queue at 10%.

switch(config)# interface ethernet 3/28
switch(config-if-Et3/28)# tx-queue 3
switch(config-if-Et3/28-txq-3)# no priority
switch(config-if-Et3/28-txq-3)# bandwidth percent 10
switch(config-if-Et3/28-txq-3)# tx-queue 2
switch(config-if-Et3/28-txq-2)# bandwidth percent 30
switch(config-if-Et3/28-txq-2)# tx-queue 1
switch(config-if-Et3/28-txq-1)# bandwidth percent 30
switch(config-if-Et3/28-txq-1)# tx-queue 0
switch(config-if-Et3/28-txq-0)# bandwidth percent 30
switch(config-if-Et3/28-txq-0)# show qos interface ethernet 3/28

Ethernet3/28:

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          10     disabled   round-robin
          2          30     disabled   round-robin
          1          30     disabled   round-robin
          0          30     disabled   round-robin

switch(config-if-Et3/28-txq-0)#

These commands re-configure the bandwidth share of the fourth queue at 30%.

switch(config-if-Et3/28-txq-0)# tx-queue 3
switch(config-if-Et3/28-txq-3)# bandwidth percent 30
switch(config-if-Et3/28-txq-3)# show qos interface ethernet 3/28

Ethernet3/28:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
-----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          24     disabled   round-robin
          2          24     disabled   round-robin
          1          24     disabled   round-robin
          0          24     disabled   round-robin

switch(config-if-Et3/28-txq-3)#

These commands configure the bandwidth share of the fourth queue at 2%.

switch(config-if-Et3/28)# tx-queue 3
switch(config-if-Et3/28-txq-3)# bandwidth percent 2
switch(config-if-Et3/28-txq-3)# show qos interface ethernet 3/28

Ethernet3/28:
   Trust Mode: COS


   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3           2     disabled   round-robin
          2          30     disabled   round-robin
          1          30     disabled   round-robin
          0          30     disabled   round-robin

switch(config-if-Et3/28-txq-3)#

bandwidth percent (Trident and Tomahawk)

Command Mode

Mc-Tx-Queue configuration

Uc-Tx-Queue configuration

Command Syntax

bandwidth percent proportion

no bandwidth percent

default bandwidth percent

Parameter

proportion Bandwidth percentage assigned to queues. Values range from 1 to 100.

Related Commands

mc-tx-queue places the switch in mc-tx-queue configuration mode.
uc-tx-queue places the switch in uc-tx-queue configuration mode.

Examples

These commands configure unicast transmit queue 3 (and all other queues of lower priority) as round robin, then allocate bandwidth for unicast transmit queues 1, 2, and 3 at 30% and multicast transmit queue 1 at 10%.

switch(config)# interface ethernet 7
switch(config-if-Et7)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# no priority
switch(config-if-Et7-uc-txq-3)# bandwidth percent 30
switch(config-if-Et7-uc-txq-3)# uc-tx-queue 2
switch(config-if-Et7-uc-txq-2)# bandwidth percent 30
switch(config-if-Et7-uc-txq-2)# uc-tx-queue 1
switch(config-if-Et7-uc-txq-1)# bandwidth percent 30
switch(config-if-Et7-uc-txq-1)# mc-tx-queue 1
switch(config-if-Et7-mc-txq-1)# bandwidth percent 10
switch(config-if-Et7-mc-txq-1)# show qos interfaces ethernet 7

Ethernet7:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3          30     disabled   round-robin                0
        UC2          30     disabled   round-robin                0
        MC1          10     disabled   round-robin                0
        UC1          30     disabled   round-robin                0
        UC0           0     disabled   round-robin                0
        MC0           0     disabled   round-robin                0

switch(config-if-Et7-mc-txq-1)#

These commands re-configure the bandwidth share of unicast queue 3 at 55%.

switch(config-if-Et7-mc-txq-1)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# bandwidth percent 55
switch(config-if-Et7-uc-txq-3)# show qos interface ethernet 7

Ethernet7:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3          44     disabled   round-robin                0
        UC2          24     disabled   round-robin                0
        MC1           8     disabled   round-robin                0
        UC1          24     disabled   round-robin                0
        UC0           0     disabled   round-robin                0
        MC0           0     disabled   round-robin                0

switch(config-if-Et7-uc-txq-3)#

color

Use the color command for the ability to configure the color extended community in route-map set clauses and in an extcommunity-list for inbound and outbound policy application.

Command Mode

Route-maps and extcommunity-lists

Command Syntax

color COLOR-VALUE [color-only [exact-match | [endpoint-match [any | null]]]]

Parameters

COLOR-VALUE A single policy color value, range 0 to 4294967295.
color-onlyAllows configuration of color-only bits.
exact-matchExplicitly sets the color-only bits of the extended community to 00 (optional).
endpoint-match anySets the color-only bits of the extended community to 10.
endpoint-match null Sets the color-only bits of the extended community to 01.

Example

switch(config)# route-map foo
switch(config0route-map-foo)# set community color 2 color-only endpoint-match any

dscp to traffic-class (DSCP map)

The dscp to traffic-class command configures the specified QoS map to map one or more DSCP classes to a traffic class. Only one traffic class may be specified per command. The command can be repeated to configure additional traffic classes. The configuration is modified immediately. Each dscp to traffic-class command overwrites the existing entries in the map.

The default dscp to traffic-class and no dscp to traffic-class commands restore the global map values for the given DSCP classes.

Command Mode

DSCP Map Configuration

Command Syntax

dscp dscp_classes to traffic-class traffic_class

default dscp dscp_classes to traffic-class

no dscp dscp_classes to traffic-class

Parameters

dscp_classes The DSCP class or classes to map to a new traffic-class value. These can be provided as a single value, a range given with a hyphen (such as 20-25), a comma separated list (such as 1,4,9), or a combination (such as 20-25, 35). The range for each value is 0-63.
traffic_class The traffic class to map the specified DSCP class or classes to.

Example

These commands configure the DSCP-to-traffic-class map map1 to map DSCP class 35 to traffic class 7, and DSCP classes 20-25 to traffic class 6.

switch(config)#qos map dscp to traffic-class name map1
switch(config-dscp-map-map1)#dscp 35 to traffic-class 7
switch(config-dscp-map-map1)#dscp 20-25 to traffic-class 6

hardware access-list qos resource sharing vlan in

The hardware access-list qos resource sharing vlan in command enables the ACL based QoS resources sharing on a VLAN interface.

The no hardware access-list qos resource sharing vlan in disables the ACL based QoS resources sharing on a VLAN interface. By default this function is disabled.

Command Mode

Global Configuration

Command Syntax

hardware access-list qos resource sharing vlan in

no hardware access-list qos resource sharing vlan in

Example

This commands enables the ACL based QoS resources sharing on a VLAN interface.

switch(config)# hardware access-list qos resource sharing vlan in

interface fabric (Trident II)

The interface fabric command places the switch in Fabric-interface configuration mode and allows the user to attach the QoS profile to the fabric interface of the switch.

Command Mode

Global Configuration

Command Syntax

interface fabric

Example

This command places the switch in Fabric-interface configuration mode.

switch(config)# interface fabric
switch(config-if-fabric)#

ip extcommunity-list

The ip extcommunity-list command adds a color extended community to an extcommunity-list. Multiple color extended communities can be added to the list. Negating the command removes the corresponding color extended community from the list.

Command Mode

Configuration mode

Command Syntax

ip extcommunity-list WORD [permit | deny][COLOR-EXPRESSION]

no ip extcommunity-list WORD [permit | deny] COLOR-EXPRESSION]

default ip extcommunity-list WORD [permit | deny][COLOR-EXPRESSION]

Parameters

WORDCommunity list name.
permitSpecifies community to accept.
denySpecifies comminity to reject.
COLOR-EXPRESSION Color extended community.

Example

switch(config)# ip extcommunity-list foo permit color 1 color 2
switch(config)# ip extcommunity-list bar permit color 3 color-only endpoint-match null color 4 color-only endpoint-match any

mc-tx-queue

The mc-tx-queue command places the switch in mc-tx-queue configuration mode to configure a multicast transmit queue on the configuration mode interface. Mc-tx-queue configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

Trident and Tomahawk switches have four multicast queues (MC0 – MC03) and eight unicast queues (UC0 – UC7), categorized into two priority groups. All queues are exposed through the CLI and are user configurable.

Priority Group 1: UC7, UC6, MC3
Priority Group 0: UC5, UC4, MC2, UC3, UC2, MC1, UC1, UC0, MC0

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no mc-tx-queue and default mc-tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding mc-tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

mc-tx-queue queue_level

Parameter

queue_level The multicast transmit queue number. Values range from 0 to 3.

Commands Available in tx-queue Configuration Mode

bandwidth percent (Trident and Tomahawk)
priority (Trident and Tomahawk)
shape rate (Tx-queue – Trident and Tomahawk)

Related Command

uc-tx-queue Configures unicast transmit queues on Trident and Tomahawk platform switches.

Example

This command enters mc-tx-queue configuration mode for multicast transmit queue 3 of interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# mc-tx-queue 3
switch(config-if-Et5-mc-txq-3)#

platform petraA traffic-class

The platform petraA traffic-class command configures the default traffic class used by all ports on a specified chip. The default traffic class is implemented by Petra platform switches to replace qos cos and qos dscp commands. Traffic class values range from 0 to 7. The default traffic class is 1.

When platform ? returns Petra:

CoS trusted ports: inbound untagged packets are assigned to the default traffic class. Tagged packets are assigned to the traffic class that corresponds to the contents of its CoS field.
DSCP trusted ports: inbound non-IP packets are assigned to the default traffic class. IP packets are assigned to the traffic class that corresponds to the contents of its DSCP field.
Untrusted ports: all inbound packets are assigned to the default traffic class.

The no platform petraA traffic-class and default platform petraA traffic-class commands restore the default traffic class of one for all ports on the specified chips by deleting the corresponding platform petraA traffic-class command from running-config.

Command Mode

Global Configuration

Command Syntax

platform petraA [CHIP_NAME] traffic-class tc_value

no platform petraA [CHIP_NAME] traffic-class

default platform petraA [CHIP_NAME] traffic-class

Parameters

CHIP_NAME Trust mode assigned to the specified ports. Port designation options include:

- no parameter All ports on the switch.
- module cardX All ports on specified linecard (7500 Series).
- petra cardX / chipY All ports on PetraA chip chipY on linecard cardX (7500 Series).
- petra -chipZ All ports on PetraA chip chipZ (7048 Series)

7500 Series

Switches can contain up to eight linecards. CardX varies from 3 to 10.

Each linecard contains six PetraA chips. Each chip controls eight ports. ChipY varies from 0 to 5:

0 controls ports 1 through 8:
- 1 controls ports 9 through 16.
- 2 controls ports 17 through 24.
- 3 controls ports 25 through 32.
- 4 controls ports 33 through 40.
- 5 controls ports 41 through 48.

7048 Series

Each switch contains two PetraA chips. ChipZ varies from 0 to 1:

0 controls ports 1 through 32.
- 1 controls ports 33 through 52.
tc_value Traffic class value. Values range from 0 to 7. Default value is 1.

Related Command

show platform petraA traffic-class displays the traffic class assignment on all specified Petra chips.

Example

This command configures the default traffic class 6 for ports 25-32 on linecard 5.

switch(config)# platform petraA petra5/3 traffic-class 6
switch(config)#

priority (Arad/Jericho)

The priority command specifies the priority of the transmit queue. The switch supports two queue priorities:

strict priority: contents are removed from the queue - subject to maximum bandwidth limits, before data from lower priority queues. The default setting on all queues is strict priority.
round robin priority: contents are removed proportionately from all round robin queues - subject to maximum bandwidth limits assigned to the strict priority queues.

Tx-queue 7 is set to strict priority and is not configurable.

When a queue is configured as a round robin queue, all lower priority queues also function as round robin queues. A queue’s numerical label denotes its priority: higher labels denote higher priority. Tx-queue 6 has higher priority than Tx-queue 5, and Tx-queue 0 has the lowest priority.

The priority strict and default priority commands configure a transmit queue to function as a strict priority queue unless a higher priority queue is configured as a round robin queue.

The no priority command configures a transmit queue as a round robin queue. All lower priority queues also function as round robin queues regardless of their configuration.

Command Mode

Tx-Queue Configuration

Command Syntax

priority strict

no priority

default priority

Related Command

tx-queue (Arad/Jericho) places the switch in tx-queue configuration mode.

Example

These commands perform the following on interface ethernet 3/4/1:

Displays the default state of all transmit queues.
Configures transmit queue 3 as a round robin queue.
Displays the effect of the no priority command on all transmit queues on the interface.

switch(config)# interface ethernet 3/4/1
switch(config-if-Et3/4/1)# show qos interfaces ethernet 3/4/1

Ethernet3/4/1:

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -      999 / 1000 ( Mbps )   SP / SP    D
   3      - / -      999 / 1000 ( Mbps )   SP / SP    D
   2      - / -        - / -    (  -  )    SP / SP    D
   1      - / -        - / -    (  -  )    SP / SP    D
   0      - / -        - / -    (  -  )    SP / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/4/1)# tx-queue 3
switch(config-if-Et3/4/1-txq-3)# no priority
switch(config-if-Et3/4/1-txq-3)# show qos interfaces ethernet 3/4/1

Ethernet3/4/1:

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -      999 / 1000 ( Mbps )   SP / SP    D
   3     25 / -      999 / 1000 ( Mbps )   RR / RR    D
   2     25 / -        - / -    (  -  )    RR / SP    D
   1     25 / -        - / -    (  -  )    RR / SP    D
   0     25 / -        - / -    (  -  )    RR / SP    D

Note: Values are displayed as Operational/Configured

switch(config-if-Et3/4/1-txq-3)#

priority (FM6000)

The priority command specifies the priority of the transmit queue. The switch supports two queue priorities:

strict priority: contents are removed from the queue - subject to maximum bandwidth limits, before data from lower priority queues. The default setting on all queues is strict priority.
round robin priority: contents are removed proportionately from all round robin queues - subject to maximum bandwidth limits assigned to the strict priority queues.

The priority strict and default priority commands configure a transmit queue to function as a strict priority queue unless a higher priority queue is configured as a round robin queue.

The no priority command configures a transmit queue as a round robin queue. All lower priority queues also function as round robin queues regardless of their configuration.

Command Mode

Tx-Queue Configuration

Command Syntax

priority strict

no priority

default priority

Related Command

tx-queue (FM6000) places the switch in tx-queue configuration mode.

Example

These commands perform the following on interface ethernet 19:

Displays the default state of all transmit queues.
Configures transmit queue 3 as a round robin queue.

Displays the effect of the no priority command on all transmit queues on the interface.

switch(config)# interface ethernet 19
switch(config-if-Et19)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3         N/A     disabled        strict
          2         N/A     disabled        strict
          1         N/A     disabled        strict
          0         N/A     disabled        strict

switch(config-if-Et19)# tx-queue 3
switch(config-if-Et19-txq-3)# no priority
switch(config-if-Et19-txq-3)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          25     disabled   round-robin
          2          25     disabled   round-robin
          1          25     disabled   round-robin
          0          25     disabled   round-robin

switch(config-if-Et19-txq-3)#

priority (Petra)

The priority command specifies the priority of the transmit queue. The switch supports two queue priorities:

strict priority: contents are removed from the queue - subject to maximum bandwidth limits, before data from lower priority queues. The default setting on all queues is strict priority.
round robin priority: contents are removed proportionately from all round robin queues - subject to maximum bandwidth limits assigned to the strict priority queues.

Tx-queue 7 is set to strict priority and is not configurable.

The priority strict and default priority commands configure a transmit queue to function as a strict priority queue unless a higher priority queue is configured as a round robin queue.

The no priority command configures a transmit queue as a round robin queue. All lower priority queues also function as round robin queues regardless of their configuration.

Command Mode

Tx-Queue Configuration

Command Syntax

priority strict

no priority

default priority

Related Command

tx-queue (Petra) places the switch in tx-queue configuration mode.

Example

These commands perform the following on Ethernet interface 3/28:

Displays the default state of all transmit queues.
Configures transmit queue 3 as a round robin queue.

Displays the effect of the no priority command on all transmit queues on the interface.

switch(config)# interface ethernet 3/28
switch(config-if-Et3/28)# show qos interface ethernet 3/28

Ethernet3/28:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3         N/A     disabled        strict
          2         N/A     disabled        strict
          1         N/A     disabled        strict
          0         N/A     disabled        strict

switch(config-if-Et3/28)# tx-queue 3
switch(config-if-Et3/28-txq-3)# no priority
switch(config-if-Et3/28-txq-3)# show qos interface ethernet 3/28

Ethernet3/28:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A     disabled        strict
          3          25     disabled   round-robin
          2          25     disabled   round-robin
          1          25     disabled   round-robin
          0          25     disabled   round-robin

switch(config-if-Et3/28-txq-3)#

priority (Trident and Tomahawk)

The priority command specifies the priority of the transmit queue. The switch supports two queue priorities:

strict priority: contents are removed from the queue - subject to maximum bandwidth limits, before data from lower priority queues. The default setting on all other queues is strict priority.
round robin priority: contents are removed proportionately from all round robin queues - subject to maximum bandwidth limits assigned to the strict priority queues.

Trident and Tomahawk switches have eight unicast queues (UC0 – UC7) and four multicast queues (MC0 – MC03), categorized into two priority groups. Priority group 1 queues have priority over priority 0 queues. The following lists display the priority group queues in order from higher priority to lower priority.

Priority Group 1: UC7, UC6, MC3
Priority Group 0: UC5, UC4, MC2, UC3, UC2, MC1, UC1, UC0, MC0

Priority group 1 queues are strict priority queues and are not configurable as round robin. Priority 0 queues are strict priority by default and are configurable as round robin. When a queue is configured as a round robin queue, all lower priority queues automatically function as round robin queues.

The priority strict and default priority commands configure a transmit queue to function as a strict priority queue unless a higher priority queue is configured as a round robin queue.

The no priority command configures a transmit queue as a round robin queue. All lower priority queues also function as round robin queues regardless of their configuration.

Command Mode

Mc-Tx-Queue configuration

Uc-Tx-Queue configuration

Command Syntax

priority strict

no priority

default priority

Related Commands

mc-tx-queue places the switch in mc-tx-queue configuration mode.
uc-tx-queue places the switch in uc-tx-queue configuration mode.

Example

These commands perform the following on interface ethernet 7:

Displays the default state of all transmit queues.
Configures transmit queue 3 as a round robin queue.

Displays the effect of the no priority command on all transmit queues on the interface.

switch(config) #interface ethernet 7
switch(config-if-Et7)# show qos interface ethernet 7

Ethernet7:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3         N/A     disabled        strict                0
        UC2         N/A     disabled        strict                0
        MC1         N/A     disabled        strict                0
        UC1         N/A     disabled        strict                0
        UC0         N/A     disabled        strict                0
        MC0         N/A     disabled        strict                0

switch(config-if-Et7)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# no priority
switch(config-if-Et7-uc-txq-3)# show qos interface ethernet 7

Ethernet7:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A     disabled        strict                0
        UC3          20     disabled   round-robin                0
        UC2          16     disabled   round-robin                0
        MC1          16     disabled   round-robin                0
        UC1          16     disabled   round-robin                0
        UC0          16     disabled   round-robin                0
        MC0          16     disabled   round-robin                0

switch(config-if-Et7-uc-txq-3)#

qos cos

The qos cos command specifies the default class of service (CoS) value of the configuration mode interface. CoS values range from 0 to 7. Default value is 0.

Arad, Jericho, fm6000, Trident, Tomahawk, and Trident II platform switches:

CoS trusted ports: the default CoS value determines the traffic class for inbound untagged packets. Tagged packets are assigned to the traffic class that corresponds to the contents of its CoS field.
Untrusted ports: the default CoS value determines the traffic class for all inbound packets.

Petra platform switches:

CoS trusted ports: inbound untagged packets are assigned to the default traffic class, as configured by platform petraA traffic-class. Tagged packets are assigned to the traffic class that corresponds to the contents of its CoS field.
Untrusted ports: all inbound packets are assigned to the default traffic class.

The no qos cos and default qos cos commands restore the port’s default CoS value to zero by deleting the corresponding qos cos command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

qos cos cos_value

no qos cos

default qos cos

Parameter

cos_valueCoS value assigned to port. Value ranges from 0 to 7. Default value is 0.

Example

This command configures the default CoS 4 on interface ethernet 8.

switch(config-if-Et8)# qos cos 4
switch(config-if-Et8)#

qos dscp

The qos dscp command specifies the default Differentiated Services Code Point (DSCP) value of the configuration mode interface. The default DSCP determines the traffic class for non-IP packets that are inbound on DSCP trusted ports. DSCP trusted ports determine the traffic class for inbound packets as follows:

Arad, Jericho, fm6000, Trident, Tomahawk, and Trident II platform switches:
- non-IP packets: default DSCP value specified by qos dscp determines the traffic class.
- IP packets: assigned to the traffic class corresponding to its DSCP field contents.
Petra platform switches:
- non-IP packets: assigned to default traffic class configured by platform petraA traffic-class.
- IP packets: assigned to the traffic class corresponding to its DSCP field contents.

The no qos dscp and default qos dscp commands restore the port’s default DSCP value to zero by deleting the corresponding qos dscp command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

qos dscp dscp_value

no qos dscp

default qos dscp

Parameter

dscp_value DSCP value assigned to the port. Value ranges from 0 to 63. Default value is 0.

Example

This command sets the default DSCP of 44 on interfacee thernet 7.

switch(config)# interface ethernet 7
switch(config-if-Et7)# qos dscp 44
switch(config-if-Et7)

qos map cos

The qos map cos command associates a traffic class to a list of class of service (CoS) settings. Multiple commands create a complete CoS to traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s CoS field or the port upon which it is received.

The no qos map cos and default qos map cos commands restore the specified CoS values to their default traffic class setting by deleting the corresponding qos map cos statements from running-config.

Command Mode

Global Configuration

Command Syntax

qos map cos cos_value_1 [cos_value_2 ... cos_value_n] to traffic-class tc_value

no qos map cos cos_value_1 [cos_value_2 ... cos_value_n]

default qos map cos cos_value_1 [cos_value_2 ... cos_value_n]

Parameters

cos_value_x Class of Service (CoS) value. Value ranges from 0 to 7.
tc_value Traffic class value. Value range varies by platform.

Default CoS to traffic class map varies by platform (Table 36).

Default Inbound CoS to Traffic Class Map

Table 36 displays the default CoS to traffic class map for each platform.

Table 36. Default CoS to Traffic Class Map
Inbound CoS	untagged	0	1	2	3	4	5	6	7
Traffic Class (Arad /Jericho)	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7
Traffic Class (FM6000)	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7
Traffic Class (Helix)	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7
Traffic Class (Petra)	Assigned default traffic class	1	0	2	3	4	5	6	7
Traffic Class (Trident and Tomahawk)	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7
Traffic Class (Trident II)	Derived: use default CoS as inbound CoS	1	0	2	3	4	5	6	7

Related Commands

qos cos specifies the default CoS.
platform petraA traffic-class specifies the default traffic class.

Example

This command assigns the traffic class 5 to the classes of service 1, 3, 5, and 7.

switch(config)# qos map cos 1 3 5 7 to traffic-class 5
switch(config)#

qos map dscp

The qos map dscp command associates a traffic class to a set of Differentiated Services Code Point (DSCP) values. Multiple commands create a complete DSCP to traffic class map. The switch uses this map to assign a traffic class to data packets on the basis of the packet’s DSCP field or the chip upon which it is received.

This command configures the global DSCP to traffic-class map. To create additional named maps that can be attached to specific VRFs, use the qos map dscp to traffic-class command with the name option.

The no qos map dscp and default qos map dscp commands restore the specified DSCP values to their default traffic class settings by deleting corresponding qos map dscp statements from running-config.

Command Mode

Global Configuration

Command Syntax

qos map dscp dscpv_1 [dscpv_2...dscpv_n] to traffic-class tc_value

no qos map dscp dscpv_1 [dscpv_2...dscpv_n]

default qos map dscp dscpv_1 [dscpv_2...dscpv_n]

Parameters

dscpv_x Differentiated Services Code Point (DSCP) value. Value ranges from 0 to 63.
tc_value Traffic class value. Value range varies by platform.

Default map varies by platform (Table 37).

Default Inbound DSCP to Traffic Class Map

Table 37 displays the default DSCP to traffic class map for each platform.

Table 37. Default DSCP to Traffic Class Map
Inbound DSCP	0-7	8-15	16-23	24-31	32-39	40-47	48-55	56-63
Traffic Class (Arad /Jericho)	1	0	2	3	4	5	6	7
Traffic Class (FM6000)	1	0	2	3	4	5	6	7
Traffic Class (Helix)	1	0	2	3	4	5	6	7
Traffic Class (Petra)	1	0	2	3	4	5	6	7
Traffic Class (Trident and Tomahawk)	1	0	2	3	4	5	6	7
Traffic Class (Trident II)	1	0	2	3	4	5	6	7

Example

This command assigns the traffic class 3 to the DSCP values of 12, 13, 25, and 37.

switch(config)# qos map dscp 12 13 25 37 to traffic-class 3
switch(config)#

qos map dscp to traffic-class

The qos map dscp to traffic-class command puts the switch in DSCP Map Configuration mode for the specified QoS map. If the map does not already exist, it is created as a copy of the global DSCP-to-traffic-class map. In DSCP Map Configuration mode, the dscp to traffic-class command is available to make changes to the map.

The no and default forms of the command remove the specified custom map.

Command Mode

Global Configuration

Command Syntax

qos map dscp to traffic-class name map_name

no qos map dscp to traffic-class name map_name

default qos map dscp to traffic-class name map_name

Parameters

map_name The name of the map to configure. If the map does not exist, it is created as a copy of the global DSCP-to-traffic-class map.

Example

This command creates the map map1 and places the switch in DSCP Map Configuration mode.

switch(config)#qos map dscp to traffic-class name map1
switch(config-dscp-map-map1)#

qos map dscp to traffic-class (MPLS tunnel termination VRF)

The qos map dscp to traffic-class command assigns a DSCP-to-traffic-class map to a VRF, replacing the global map or previous custom map. The switch uses this map to assign a traffic class to data packets routed to this VRF on the basis of the DSCP fields of these packets.

The no qos map dscp to traffic-class and default qos map dscp to traffic-map commands remove the assignment of a custom map from the VRF, restoring the global map. default traffic class settings by deleting corresponding qos map dscp statements from running-config.

Command Mode

MPLS Tunnel Termination VRF Configuration

Command Syntax

qos map dscp to traffic-class map_name

no qos map dscp to traffic-class map_name

default qos map dscp to traffic-class map_name

Parameter

map_name DSCP to traffic-class map name.

Example

These commands assign the map1 QoS DSCP-to-traffic-class map to the newVRF1 and newVRF2 VRFs.

switch(config)#mpls tunnel termination
switch(config-mpls-tunnel-termination)#vrf newVRF1
switch(config-tunnel-termination-vrf-newVRF1)#qos map dscp to traffic-class map1
switch(config-tunnel-termination-vrf-newVRF1)#exit
switch(config-mpls-tunnel-termination)#vrf newVRF2
switch(config-tunnel-termination-vrf-newVRF2)#qos map dscp to traffic-class map1
switch(config-tunnel-termination-vrf-newVRF2)#exit
switch(config-tunnel-termination)#

qos map traffic-class to cos

The qos map traffic-class to cos command associates a class of service (CoS) to a list of traffic classes. Multiple commands create a complete traffic class to CoS map. The switch uses this map in CoS rewrite operations to fill the CoS field in outbound packets. This map is applicable to DSCP trusted ports and untrusted ports. CoS rewrite is disabled on CoS trusted ports. The show qos maps command displays the CoS to traffic class map.

The no qos traffic-class to cos and default qos traffic-class to cos commands restore the specified traffic class values to their default CoS settings by removing the corresponding qos map traffic-class to cos command from running-config.

Command Mode

Global Configuration

Command Syntax

qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to cos cos_value

no qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to cos

default qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to cos

Parameters

tc_num_x Traffic class value. Value range varies by switch platform.
cos_value Class of Service (CoS) value. Value ranges from 0 to 7.

Default Inbound Traffic Class to CoS Map

Table 38 displays the default traffic class to CoS map for each platform.

Table 38. Default Traffic Class to CoS Rewrite Value Map
Traffic Class	0	1	2	3	4	5	6	7
CoS Rewrite Value (Arad and /Jericho)	1	0	2	3	4	5	6	7
CoS Rewrite Value (FM6000)	1	0	2	3	4	5	6	7
CoS Rewrite Value (Helix)	1	0	2	3	4	5	6	7
CoS Rewrite Value (Petra)	1	0	2	3	4	5	6	7
CoS Rewrite Value (Trident and Tomahawk)	1	0	2	3	4	5	6	7
CoS Rewrite Value (Trident II)	1	0	2	3	4	5	6	7

Example

This command assigns the CoS 2 to traffic classes 1, 3, and 5.

switch(config)# qos map traffic-class 1 3 5 to cos 2
switch(config)#

qos map traffic-class to dscp

The qos map traffic-class to dscp command associates a Differentiated Services Code Point (DSCP) value to a list of traffic classes. Multiple commands create a complete traffic class to DSCP map. The switch uses this map in DSCP rewrite operations to fill the DSCP field in outbound packets. This map is applicable to CoS trusted ports and untrusted ports but disabled by default on these ports. DSCP rewrite is disabled on DSCP trusted ports. The show qos maps command displays the traffic class to DSCP map.

The no qos traffic-class to dscp and default qos traffic-class to dscp commands restore the specified traffic class values to their default DSCP settings by removing the corresponding qos map traffic-class to dscp command from running-config.

Command Mode

Global Configuration

Command Syntax

qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to dscp dscp_value

no qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to dscp

default qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to dscp

Parameters

tc_num_x Traffic class value. Value range varies by switch platform.
dscp_value Differentiated Services Code Point (DSCP) value. Value ranges from 0 to 63.

Default Inbound Traffic Class to DSCP Map

Table 39 displays the default traffic class to DSCP map for each platform.

Table 39. Default Traffic Class to DSCP Rewrite Value Map
Traffic Class	0	1	2	3	4	5	6	7
DSCP Rewrite Value (FM6000)	8	0	16	24	32	40	48	56
DSCP Rewrite Value (Helix)	8	0	16	24	32	40	48	56
DSCP Rewrite Value (Trident and Tomahawk)	8	0	16	24	32	40	48	56
DSCP Rewrite Value (Trident II)	8	0	16	24	32	40	48	56

Example

This command assigns the DSCP value of 17 to traffic classes 1, 2, and 4.

switch(config)# qos map traffic-class 1 2 4 to dscp 17
switch(config)#

qos map traffic-class to mc-tx-queue

The qos map traffic-class to mc-tx-queue command associates a multicast transmit queue to a list of traffic classes. Multiple commands create a complete traffic class to mc-tx-queue map. The switch uses this map to route outbound packets to transmit queues, which in turn schedules their transmission from the switch. The show qos maps command displays the traffic class to multicast transmit queue map.

The no qos traffic-class to mc-tx-queue and default qos traffic-class to mc-tx-queue commands restore the default traffic class to multicast transmit queue map for the specified traffic class values by removing the corresponding qos map traffic-class to mc-tx-queue command from running-config.

Command Mode

Global Configuration

Command Syntax

qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to mc-tx-queue mtq_value

no qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to mc-tx-queue

default qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to mc-tx-queue

Parameters

tc_num_x Traffic class value. Value ranges from 0 to 7.
mtq_value Multicast transmit queue number. Value ranges from 0 to 3.

Default Inbound Traffic Class to Multicast Transmit Queue Map

Table 40 displays the default traffic class to multicast transmit queue map for Trident and Tomahawk platform switches.

Table 40. Default Traffic Class to Multicast Transmit Queue Map
Traffic Class	0	1	2	3	4	5	6	7
Multicast Transmit Queue (Trident and Tomahawk)	0	0	1	1	2	2	3	3

Related Commands

qos map traffic-class to uc-tx-queue (Trident and Tomahawk) associates traffic classes to a multicast transmit queue.
qos map traffic-class to tx-queue (all other platforms) associates traffic classes to a transmit queue.

Example

This command maps traffic classes 0, 4, and 5 to mc-tx-queue 2.

switch(config)# qos map traffic-class 0 4 5 to mc-tx-queue 2
switch(config)#

qos map traffic-class to tx-queue

The qos map traffic-class to tx-queue command associates a transmit queue (tx-queue) to a list of traffic classes. Multiple commands create a complete traffic to tx-queue map. The switch uses this map to route outbound packets to transmit queues, which in turn schedules their transmission from the switch. The show qos maps command displays the transmit queue to traffic class map.

The no qos traffic-class to tx-queue and default qos traffic-class to tx-queue commands restore the specified traffic class values to their default transmit queue settings by removing the corresponding qos map traffic-class to tx-queue command from running-config.

Command Mode

Global Configuration

Command Syntax

qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to tx-queue txq_value

no qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to tx-queue

default qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to tx-queue

Parameters

tc_num_x Traffic class value. Value range varies by platform.
txq_value Transmit queue value. Value range varies by platform.

Restrictions

FM6000: When Priority Flow Control (PFC) is enabled, traffic classes are mapped to their corresponding transmit queues, regardless of existing qos map traffic-class to tx-queue statements.

Arad, Jericho, and Petra: Traffic class 7 always maps to transmit queue 7. This association is not editable.

Default Inbound Traffic Class to Transmit Queue Map

Table 41 displays the transmit queue to traffic class map.

Table 41. Default Traffic Class to Transmit Queue Map
Traffic Class	1	2	3	4	5	6	7
Transmit Queue (Arad /Jericho)	1	2	3	4	5	6	7
Transmit Queue (FM6000)	1	2	3	4	5	6	7
Transmit Queue (Helix)	1	2	3	4	5	6	7
Transmit Queue (Petra)	1	2	3	4	5	6	7
Transmit Queue (Trident II)	1	2	3	4	5	6	7

Related Commands

qos map traffic-class to mc-tx-queue (Trident and Tomahawk) associates traffic classes to a unicast transmit queue.
qos map traffic-class to uc-tx-queue (Trident and Tomahawk) associates traffic classes to a multicast transmit queue.

Example

This command maps traffic classes 0, 4, and 5 to tx-queue 4.

switch(config)# qos map traffic-class 0 4 5 to tx-queue 4
switch(config)#

qos map traffic-class to uc-tx-queue

The qos map traffic-class to uc-tx-queue command associates a unicast transmit queue to a list of traffic classes. Multiple commands create a complete traffic class to unicast transmit queue map. The switch uses this map to route outbound packets to transmit queues, which in turn schedules their transmission from the switch. The show qos maps command displays the traffic class to unicast transmit queue map.

The no qos traffic-class to uc-tx-queue and default qos traffic-class to uc-tx-queue commands restore the default traffic class to unicast transmit queue map for the specified traffic class values by removing the corresponding qos map traffic-class to uc-tx-queue command from running-config.

Command Mode

Global Configuration

Command Syntax

qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to uc-tx-queue utq_value

no qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to uc-tx-queue

default qos map traffic-class tc_num_1 [tc_num_2 ... tc_num_n] to uc-tx-queue

Parameters

tc_num_x Traffic class value. Value ranges from 0 to 7.
utq_value Unicast transmit queue number. Value ranges from 0 to 7.

Default Inbound Traffic Class to Unicast Transmit Queue Map

Table 42 displays the default traffic class to Unicast transmit queue map for Trident and Tomahawk platform switches.

Table 42. Default Traffic Class to Unicast Transmit Queue Map
Traffic Class	0	1	2	3	4	5	6	7
Unicast Transmit Queue (Trident and Tomahawk)	0	1	2	3	4	5	6	7

Related Commands

qos map traffic-class to mc-tx-queue (Trident and Tomahawk) associates traffic classes to a unicast transmit queue.
qos map traffic-class to tx-queue (all other platforms) associates traffic classes to a transmit queue.

Example

This command maps traffic classes 0, 4, and 5 to unicast transmit queue 4.

switch(config)# qos map traffic-class 0 4 5 to uc-tx-queue 4
switch(config)#

qos profile

The qos profile command places the switch in QoS profile configuration mode and for the specified profile and creates the profile if it does not already exist. QoS profiles are used to apply the same QoS configuration to multiple interfaces.

The no qos profile and default qos profile command deletes the QoS profile from the running configuration.

The exit command returns the switch to global configuration mode.

Command Mode

Global Configuration

Command Syntax

qos profile profile_name

no qos profile profile_name

default qos profile profile_name

Parameter

profile_name QoS profile name.

Note: Commands use a subset of the listed fields. Available subset depends on the specified parameter. Use CLI syntax assistance to view options for specific parameter when creating a QoS profile.

Example

This command places the switch in QoS profile configuration mode for policy map policy map TP and creates the policy map if it does not already exist.

switch(config)# qos profile TP
switch(config-qos-profile-TP)#

qos random-detect ecn allow non-ect chip-based (Tomahawk and Trident)

The qos random-detect ecn allow non-ect chip-based enables per color queue thresholds using color based queue thresholds and drop-precedence values along with drop of non-ect traffic by allowing non-ect and set drop-precedence 1 in a policy map simultaneously.

The no qos random-detect ecn allow non-ect chip-based and default qos random-detect ecn allow non-ect chip-based commands disbales the use of non-ect and set drop-precedence 1 simultaneously in a policy map in the running-config.

Command Mode

Global Configuration

Command Syntax

qos random-detect ecn allow non-ect chip-based

no qos random-detect ecn allow non-ect chip-based

default qos random-detect ecn allow non-ect chip-based

Example

The following command enables the use of non-ect and set drop-precedence 1 simultaneously in a policy map.

switch(config)# qos random-detect ecn allow non-ect chip-based

qos random-detect ecn global-buffer (Helix)

The qos random-detect ecn global-buffer command enables ECN marking for globally shared packet memory and specifies minimum and maximum queue threshold sizes. Hosts can advertise their ECN capabilities in the ToS DiffServ field’s two least significant bits:

00 Non ECN Capable transport.
10 ECN Capable transport.
01 ECN Capable transport.
11 Congestion encountered.

Congestion is determined by comparing average queue size with queue thresholds. Average queue size is calculated through a formula based on the previous average and current queue size. Packets are marked based on this average size and the specified thresholds:

Average queue size below minimum threshold: Packets are queued normally.
Average queue size above maximum threshold: Packets are marked congestion encountered.
Average queue size between minimum and maximum thresholds. Packets are queued or marked congestion encountered. The proportion of marked packets varies linearly with average queue size:
- 0% are marked when average queue size is less than or equal to minimum threshold.
- 100% are marked when average queue size is greater than or equal to maximum threshold.
When transmitted packets are marked Non ECN Capable, congestion packets are dropped, not marked.

The no qos random-detect ecn global-buffer and default qos random-detect ecn global-buffer commands disables ECN marking for the shared buffer by removing the qos random-detect ecn global-buffer command from running-config.

Command Mode

Global Configuration

Command Syntax

qos random-detect ecn global-buffer minimum-threshold MIN maximum-threshold MAX

no qos random-detect ecn global-buffer

default qos random-detect ecn global-buffer

Guidelines

Packet memory is divided into 46080 208-byte cells, whose allocation is managed by the memory management unit (MMU). The MMU tracks the cells that each entity uses and determines the number of cells that can be allocated to an entity.

Parameters

MIN and MAX parameters must use the same data unit.

MINMinimum threshold. Options include:
- 1 to 19456 segments 208-byte segments units.
- 1 to 4 mbytes Megabyte units.
- 1 to 4046 kbytes Kilobyte units.
- 1 to 4046848 bytes Byte units.
MAX Maximum threshold. Options include:
- 1 to 19456 segments 208-byte segments units.
- 1 to 4 mbytes Megabyte units.
- 1 to 4046 kbytes Kilobyte units.
- 1 to 4046848 bytes Byte units.
Related Command

random-detect ecn (Helix) enables ECN marking for a unicast transmit queue.

Examples

This command enables ECN marking of unicast packets from the global data pool and sets the minimum and maximum thresholds at 20 and 500 segments.
```
switch(config)# qos random-detect ecn global-buffer minimum-threshold 20 segments 
maximum-threshold 500 segments
switch(config)#
```
This command disables ECN marking of unicast packets from the global data pool.
```
switch(config)# no qos random-detect ecn global-buffer
switch(config)#
```

qos random-detect ecn global-buffer (Trident and Tomahawk)

00 Non ECN Capable transport.
10 ECN Capable transport.
01 ECN Capable transport.
11 Congestion encountered.

Average queue size below minimum threshold: Packets are queued normally.
Average queue size above maximum threshold: Packets are marked congestion encountered.
Average queue size between minimum and maximum thresholds. Packets are queued or marked congestion encountered. The proportion of marked packets varies linearly with average queue size:
- 0% are marked when average queue size is less than or equal to minimum threshold.
- 100% are marked when average queue size is greater than or equal to maximum threshold.
When transmitted packets are marked Non ECN Capable, congestion packets are dropped, not marked.

Command Mode

Global Configuration

Command Syntax

qos random-detect ecn global-buffer minimum-threshold MIN maximum-threshold MAX

no qos random-detect ecn global-buffer

default qos random-detect ecn global-buffer

Guidelines

Parameters

MIN and MAX parameters must use the same data unit.

MINMinimum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.
MAXMaximum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.

Related Command

random-detect ecn (Trident and Tomahawk) enables ECN marking for a unicast transmit queue.

Examples

This command enables ECN marking of unicast packets from the global data pool and sets the minimum and maximum thresholds at 20 and 500 segments.
```
switch(config)# qos random-detect ecn global-buffer minimum-threshold 20 segments maximum-threshold 500 segments
switch(config)#
```
This command disables ECN marking of unicast packets from the global data pool.
```
switch(config)# no qos random-detect ecn global-buffer
switch(config)#
```

qos rewrite cos

The qos rewrite cos command enables the rewriting of the CoS field for outbound tagged packets that were received on DSCP trusted ports and untrusted ports. CoS rewrite is always disabled on CoS trusted ports. The CoS value that is written into the packet is based on the data stream’s traffic class. CoS rewriting is active by default.

The no qos rewrite cos command disables CoS rewriting on the switch. The default qos rewrite cos command restores the default setting of enabling CoS rewriting by removing the no qos rewrite cos command from running-config.

Command Mode

Global Configuration

Command Syntax

qos rewrite cos

no qos rewrite cos

default qos rewrite cos

Related Command

qos map traffic-class to cos configures the traffic class to CoS rewrite map.

Example

This command enables CoS rewrite.

switch(config)# qos rewrite cos
switch(config)#

qos rewrite dscp

The qos rewrite dscp command enables the rewriting of the DSCP field for outbound tagged packets that were received on CoS trusted ports and untrusted ports. DSCP rewrite is always disabled on DSCP trusted ports. The DSCP value that is written into the packet is based on the data stream’s traffic class. DSCP rewriting is disabled by default.

The no qos rewrite dscp and default qos rewrite dscp commands disable DSCP rewriting on the switch by removing the no qos rewrite dscp command from running-config.

Command Mode

Global Configuration

Command Syntax

qos rewrite dscp

no qos rewrite dscp

default qos rewrite dscp

Related Command

qos map traffic-class to dscp configures the traffic class to DSCP rewrite map.

Example

This command enables DSCP rewrite.

switch(config)# qos rewrite dscp
switch(config)#

qos trust

The qos trust command configures the quality of service port trust mode for the configuration mode interface. Trust-enabled ports classify traffic by examining the traffic’s CoS or DSCP value. Port trust mode default setting is cos for switched interfaces and dscp for routed interfaces.

The default qos trust command restores the default trust mode on the configuration mode interface by removing the corresponding qos trust or no qos trust statement from running-config.

The no qos trust command performs the following:

no qos trust places the port in untrusted mode.
no qos trust cos removes the corresponding qos trust cos statement.
no qos trust dscp removes the corresponding qos trust dscp statement.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

qos trust [MODE]

no qos trust [MODE]

default qos trust

Parameters

MODETrust mode assigned to the port. Options include:
- cos Enables cos trust mode.
- dscp Enables dscp trust mode.
no qos trust Enables untrusted mode on the port.

Examples

This command configures trust mode of dscp for interface ethernet 7.

switch(config)# interface ethernet 7
switch(config-if-Et7)# qos trust dscp
switch(config-if-Et7)# show active
interface Ethernet7
   qos trust dscp
switch(config-if-Et7)#

This command configures trust mode of untrusted for Port Channel interface 23.

switch(config)# interface port-channel 23
switch(config-if-Po23)# no qos trust
switch(config-if-Po23)# show active
interface Port-Channel23
   no qos trust
switch(config-if-Po23)#

random-detect ecn (Arad/Jericho)

The random-detect ecn command enables ECN marking for the configuration mode unicast transmit queue and specifies threshold queue sizes. Hosts can advertise their ECN capabilities in the ToS DiffServ field’s two least significant bits:

00 Non ECN Capable transport.
10 ECN Capable transport.
01 ECN Capable transport.
11 Congestion encountered.

Average queue size below minimum threshold: Packets are queued normally.
Average queue size above maximum threshold: Packets are marked congestion encountered.
Average queue size between minimum and maximum thresholds. Packets are queued or marked congestion encountered. The proportion of marked packets varies linearly with average queue size:
- 0% are marked when average queue size is less than or equal to minimum threshold.
- 100% are marked when average queue size is greater than or equal to maximum threshold.
When transmitted packets are marked Non ECN Capable, congestion packets are dropped, not marked.

The no random-detect ecn and default qos random-detect ecn commands disables ECN marking for the shared buffer by removing the qos random-detect ecn command from running-config.

Command Mode

Tx-Queue configuration

Command Syntax

random-detect ecn minimum-threshold MIN maximum-threshold MAX

no random-detect ecn

default random-detect ecn

Parameters

MIN and MAX parameters must use the same data unit.

MINMinimum threshold. Options include:
- 1 to 256 mbytes Megabyte units.
- 1 to 256000 kbytes Kilobyte units.
- 1 to 256000000 bytes Byte units.
MAXMaximum threshold. Options include:
- 1 to 256 mbytes Megabyte units.
- 1 to 256000 kbytes Kilobyte units.
- 1 to 256000000 bytes Byte units.

Related Command

tx-queue (Arad/Jericho) places the switch in tx-queue configuration mode.

Example

These commands enable ECN marking of unicast packets from unicast transmit queue 4 of interface Ethernet 3/5/1, setting thresholds at 128 kbytes and 1280 kbytes.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 4
switch(config-if-Et3/5/1-txq-4)# random-detect ecn minimum-threshold 128 kbytes 
maximum-threshold 1280 kbyte
switch(config-if-Et3/5/1-txq-4)# show active
interface Ethernet3/5/1
   tx-queue 4
      random-detect ecn minimum-threshold 128 kbytes maximum-threshold 1280 kbytes
switch(config-if-Et3/5/1-txq-4)#

random-detect ecn (Helix)

00 Non ECN Capable transport.
10 ECN Capable transport.
01 ECN Capable transport.
11 Congestion encountered.

Average queue size below minimum threshold: Packets are queued normally.
Average queue size above maximum threshold: Packets are marked congestion encountered.
Average queue size between minimum and maximum thresholds. Packets are queued or marked congestion encountered. The proportion of marked packets varies linearly with average queue size:
- 0% are marked when average queue size is less than or equal to minimum threshold.
- 100% are marked when average queue size is greater than or equal to maximum threshold.
When transmitted packets are marked Non ECN Capable, congestion packets are dropped, not marked.

Average queue length is tracked for transmit queues and the global pool independently. When either entity reaches its maximum threshold, all subsequent packets are marked.

The no random-detect ecn and default random-detect ecn commands disable ECN marking on the configuration mode queue, deleting the corresponding random-detect ecn command from running-config.

Command Mode

Tx-Queue configuration

Command Syntax

random-detect ecn minimum-threshold MIN maximum-threshold MAX

no random-detect ecn

default random-detect ecn

Parameters

MIN and MAX parameters must use the same data unit.

MINMinimum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.
MAX Maximum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.

Related Commands

tx-queue (Helix) places the switch in tx-queue configuration mode.
qos random-detect ecn global-buffer (Helix) enables ECN marking for globally shared packet memory.

Examples

These commands enable ECN marking of unicast packets from transmit queue 4 of interface ethernet 15, setting thresholds at 10 and 100 segments.

switch(config)# interface ethernet 15
switch(config-if-Et15)# uc-tx-queue 4
switch(config-if-Et15-txq-4)# random-detect ecn minimum-threshold 10 segments 
maximum-threshold 100 segments
switch(config-if-Et15-txq-4)# show active
interface Ethernet15
   tx-queue 4
      random-detect ecn minimum-threshold 10 segments maximum-threshold 100 
segments
switch(config-if-Et15-txq-4)# exit
switch(config-if-Et15)

This command disables ECN marking of unicast packets from transmit queue 4 of interface ethernet 15.

switch(config-if-Et15-txq-4)# no random-detect ecn
switch(config-if-Et15-txq-4)# show active
interface Ethernet15
switch(config-if-Et15-txq-4)# exit
switch(config-if-Et15)#

random-detect ecn (Trident and Tomahawk)

00 Non ECN Capable transport.
10 ECN Capable transport.
01 ECN Capable transport.
11 Congestion encountered.

Average queue size below minimum threshold: Packets are queued normally.
Average queue size above maximum threshold: Packets are marked congestion encountered.
Average queue size between minimum and maximum thresholds. Packets are queued or marked congestion encountered. The proportion of marked packets varies linearly with average queue size:
- 0% are marked when average queue size is less than or equal to minimum threshold.
- 100% are marked when average queue size is greater than or equal to maximum threshold.
When transmitted packets are marked Non ECN Capable, congestion packets are dropped, not marked.

Average queue length is tracked for transmit queues and the global pool independently. When either entity reaches its maximum threshold, all subsequent packets are marked.

Command Mode

Uc-Tx-Queue configuration

Command Syntax

random-detect ecn minimum-threshold MIN maximum-threshold MAX

no random-detect ecn

default random-detect ecn

Parameters

MIN and MAX parameters must use the same data unit.

MINMinimum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.
MAX Maximum threshold. Options include:
- 1 to 46080 segments 208-byte segments units.
- 1 to 9 mbytes Megabyte units.
- 1 to 9584 kbytes Kilobyte units.
- 1 to 9584640 bytes Byte units.

Related Commands

uc-tx-queue places the switch in the uc-tx-queue configuration mode.
qos random-detect ecn global-buffer (Trident and Tomahawk) enables ECN marking for globally shared packet memory.

Examples

These commands enable ECN marking of unicast packets from unicast transmit queue 4 of interface ethernet 15, setting thresholds at 10 and 100 segments.

switch(config)# interface ethernet 15
switch(config-if-Et15)# uc-tx-queue 4
switch(config-if-Et15-uc-txq-4)# random-detect ecn minimum-threshold 10 segments 
maximum-threshold 100 segments 
switch(config-if-Et15-uc-txq-4)#show active
interface Ethernet15
   uc-tx-queue 4
      random-detect ecn minimum-threshold 10 segments maximum-threshold 100 
segments
switch(config-if-Et15-uc-txq-4)# exit
switch(config-if-Et15)#

This command disables ECN marking of unicast packets from unicast transmit queue 4 of interface ethernet 15.

switch(config-if-Et15-uc-txq-4)# no random-detect ecn
switch(config-if-Et15-uc-txq-4)# show active
interface Ethernet15
switch(config-if-Et15-uc-txq-4)# exit
switch(config-if-Et15)#

random-detect ecn delay threshold

The random-detect ecn delay threshold command configures latency-based ECN on a per transmit queue basis.

The [no|default] version of the command disables the configuration and deletes the random-detect ecn delay threshold from the running-config.

Command Mode

Interface Configuration

Command Syntax

random-detect ecn delay threshold [microseconds | milliseconds ]

Parameters

random-detect - Set WRED-based congestion control parameters.
ecn - Set ECN parameters.
delay - Set the delay parameter.
threshold - Configure the threshold to trigger latency-based ECN.
- microseconds - Configure a value from 1 to 4294967 microseconds.
- milliseconds - Configure a value from 1 to 4294 milliseconds.

Example

Use the following commands to configure transmit queue 1 on Ethernet 1/1 for latency-based ECN:

switch(config)#interface Ethernet 1/1
switch(config-if-Et1/1)#tx-queue 3
switch(config-if-Et1/1-txq-3)#random-detect ecn delay threshold 33 milliseconds

service-policy type qos input

The service-policy type qos input command applies the specified policy map to a QoS profile. The profile is then applied to an interface in interface configuration mode using the service-profile command.

The no service-policy type qos and default service-policy type qos command deletes the policy map from the profile.

The exit command returns the switch to global configuration mode.

Command Mode

QoS Profile Configuration

Command Syntax

service-policy type qos input policy_map_name

no service-policy type qos input policy_map_name

default service-policy type qos input policy_map_name

Parameter

policy_map_name QoS policy map name.

Example

This command applies the policy map PM-1 to the QoS profile TP.

switch(config-qos-profile-TP)# service-policy type qos input PM-1
switch(config-qos-profile-TP)#

service-profile

The command applies the QoS profile to the configuration mode interface.

The no service-profile and the default service-profile command removes the QoS profile from the interface.

The exit command returns the switch to global configuration mode.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

service-profile profile_name

no service-profile profile_name

default service-profile profile_name

Parameter

profile_name QoS profile name.

Example

This commands applies the QoS profile TP to interfaceethernet 13.

switch(config)# interface ethernet 13
switch(config-if-Et13)# service-profile TP

set extcommunity

The set extcommunity command adds a color extended community to be applied to routes affected by the route-map. Multiple set clauses can be applied to a single route-map to configure multiple colors for routes.Negating the command removes the entry from the route-map.

Command Mode

Config-route-map mode

Command Syntax

set extcommunity COLOR-EXPRESSION [additive | delete]

no set extcommunity COLOR-EXPRESSION [additive | delete]

default set extcommunity COLOR-EXPRESSION [additive | delete]

Parameters

COLOR-EXPRESSION The color extended community to be applied to routes affected by the route-map.
additiveAdds the extended communities to those received.
delete Deletes any matching extended color communities.

Example

switch(config)# route-map foo
switch(config-route-map foo)# set extcommunity color 1
switch(config-route-map foo)# set extcommunity color 2 color-only exact-match
switch(config-route-map foo)# set extcommunity color 3 color-only endpoint-match null
switch(config-route-map foo)# set extcommunity color 4 color-only endpoint-match any

shape rate (Interface – Arad/Jericho)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Tx-queue – Arad/Jericho) command. By default, outbound transmission rate is not bounded by a shape rate.

The no shape rate and default shape rate commands remove the shape rate bandwidth limit on the configuration mode interface by deleting the corresponding shape rate command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameters

byte_limit Shape rate applied to interface (Kbps). Value ranges from 162 to 100000000.

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 3/5/1.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# shape rate 5000000
switch(config-if-Et3/5/1)# show qos interfaces ethernet 3/5/1

Ethernet3/5/1:

   Port shaping rate: 5000012 / 5000000 kbps

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -        - / -    (  -  )    SP / SP    D
   3      - / -        - / -    (  -  )    SP / SP    D
   2      - / -        - / -    (  -  )    SP / SP    D
   1      - / -        - / -    (  -  )    SP / SP    D
   0      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/5/1)#

shape rate (Interface – FM6000)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Tx-queue – FM6000) command. By default, outbound transmission rate is not bounded by a shape rate.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameter

byte_limit Shape rate applied to interface (Kbps). Value ranges from 7000 to 10000000.

Guidelines

Enabling port shaping on an FM6000 interface disables queue shaping internally. Disabling port shaping restores queue shaping as specified in running-config.

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# shape rate 5000000
switch(config-if-Et5)#

shape rate (Interface – Helix)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Interface – Helix) command. By default, outbound transmission rate is not bounded by a shape rate.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate DATA_LIMIT

no shape rate

default shape rate

Parameters

DATA_LIMIT Shape rate applied to interface. Value range varies with data unit:
- 8 to 40000000 8 to 40000000 kbytes per second.
- 8 to 40000000kbps 8 to 40000000 kbytes per second.
- 8 to 60000000pps 8 to 60000000 packets per second.

Guidelines

Shaping rates of at least 8 kbps are supported. At shaping rates smaller than 1 Mbps, granularity and rounding errors may skew the actual shaping rate by 20% from the specified rate.

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 17.

switch(config)# interface ethernet 17
switch(config-if-Et17)# shape rate 5000000 kbps
switch(config-if-Et17)# show qos interface ethernet 17/3

Ethernet17:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: 5000000 / 5000000 kbps

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP

switch(config-if-Et17)#

shape rate (Interface – Petra)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Tx-queue – Petra) command. By default, outbound transmission rate is not bounded by a shape rate.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate data_limit [kbps]

no shape rate

default shape rate

Parameters

data_limit Shape rate applied to interface (Kbps). Value ranges from 100 to 10000000.

Guidelines

The following port shaping rates are supported:

1G ports: above 100 kbps.
10G ports: above 7900 kbps.

Commands that specify a smaller shape rate disable port shaping on the interface.

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 3/3.

switch(config)# interface ethernet 3/3
switch(config-if-Et3/3)# shape rate 5000000
switch(config-if-Et3/3)# show active
interface Ethernet3/3
   shape rate 5000000
switch(config-if-Et3/3)#

shape rate (Interface – Trident and Tomahawk)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Tx-queue – Trident and Tomahawk) command. By default, outbound transmission rate is not bounded by a shape rate.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate DATA_LIMIT

no shape rate

default shape rate

Parameters

DATA_LIMITShape rate applied to interface. Value range varies with data unit:
- 8 to 40000000 8 to 40000000 kbytes per second.
- 8 to 40000000kbps 8 to 40000000 kbytes per second.
- 8 to 60000000pps 8 to 60000000 packets per second.

Guidelines

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# shape rate 5000000
switch(config-if-Et5)#

shape rate (Interface – Trident II)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode interface, also known as queue shaping. The shape rate for individual transmit queues is configured by the shape rate (Tx-queue – Trident II) command. By default, outbound transmission rate is not bounded by a shape rate.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

shape rate DATA_LIMIT

no shape rate

default shape rate

Parameters

DATA_LIMIT Shape rate applied to interface. Value range varies with data unit:

- 8 to 40000000 kbps 8 to 40000000 kbytes per second.
- 8 to 40000000 kbps 8 to 40000000 kbytes per second.
- 8 to 60000000 pps 8 to 60000000 packets per second.

Guidelines

Shaping rates of at least 8 kbps are supported. At shaping rates smaller than 1 Mbps, granularity and rounding errors may skew the actual shaping rate by 20% from the specified rate.

Example

This command configures a port shape rate of 5 Gbps on interface ethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# shape rate 5000000 kbps
switch(config-if-Et17/3)# show qos interface ethernet 17/3

Ethernet17/3:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: 5000000 / 5000000 kbps

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP

switch(config-if-Et17/3)#

shape rate (Tx-queue – Arad/Jericho)

The shape rate command specifies the maximum bandwidth for outbound traffic on the transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – Arad/Jericho)command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

Shaping rates greater than 50000 kbps are supported. At lower shaping rates (less than 10 Mbps), granularity and rounding errors may skew the actual shaping rate by 20% from the specified rate.

The no shape rate and default shape rate commands remove the shape rate bandwidth limit on the configuration mode queue by deleting the corresponding shape rate command from running-config.

Command Mode

Tx-Queue Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameters

byte_limit Shape rate applied to interface (Kbps). Value ranges from 50000 to 100000000.

Related Command

tx-queue (Arad/Jericho) places the switch in tx-queue configuration mode.

Related Information

shape rate (Interface – Arad/Jericho)

Example

These commands configure a shape rate of 1 Gbps on transmit queues 3 and 4 of interface ethernet 3/4/1.

switch(config)# interface ethernet 3/4/1
switch(config-if-Et3/4/1)# tx-queue 4
switch(config-if-Et3/4/1-txq-4)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-4)# tx-queue 3
switch(config-if-Et3/4/1-txq-3)# shape rate 1000000 kbps
switch(config-if-Et3/4/1-txq-3)# show qos interface ethernet 3/4/1

Ethernet3/4/1:

   Port shaping rate: disabled

  Tx    Bandwidth       Shape Rate        Priority  ECN
 Queue  (percent)        (units)
   -----------------------------------------------------
   7      - / -        - / -    (  -  )    SP / SP    D
   6      - / -        - / -    (  -  )    SP / SP    D
   5      - / -        - / -    (  -  )    SP / SP    D
   4      - / -      999 / 1000 ( Mbps )   SP / SP    D
   3      - / -      999 / 1000 ( Mbps )   SP / SP    D
   2      - / -        - / -    (  -  )    SP / SP    D
   1      - / -        - / -    (  -  )    SP / SP    D
   0      - / -        - / -    (  -  )    SP / SP    D

switch(config-if-Et3/4/1-txq-3)#

shape rate (Tx-queue – FM6000)

The shape ratecommand specifies the maximum bandwidth for outbound traffic on the transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – FM6000) command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

Queue shaping on an FM6000 port is supported only when port shaping is not enabled on the interface. Enabling port shaping on a port disables queue shaping internally. Disabling port shaping restores queue shaping as specified by running-config.

Shaping rates greater than 460 kbps are supported. At lower shaping rates (less than 10 Mbps), granularity and rounding errors may skew the actual shaping rate by 20% from the specified rate.

The no shape rate and default shape rate commands remove the shape rate bandwidth limit on the transmit queue by deleting the corresponding shape rate command from running-config.

Command Mode

Tx-Queue Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameters

byte_limit Shape rate applied to interface (Kbps). Value ranges from 464 to 10000000.

Related Commands

tx-queue (FM6000) places the switch in tx-queue configuration mode.
shape rate (Interface – FM6000) configures the shape rate for a configuration mode interface.

Example

These commands configure a shape rate of 1 Gbps (1,000,000 Kbps) on transmit queues 3 and 4 of interface ethernet 19.

switch(config)# interface ethernet 19
switch(config-if-Et19)# tx-queue 4
switch(config-if-Et19-txq-4)# shape rate 1000000
switch(config-if-Et19-txq-4)# tx-queue 3
switch(config-if-Et19-txq-3)# shape rate 1000000
switch(config-if-Et19-txq-3)# show qos interface ethernet 19

Ethernet19:
   Trust Mode: COS

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A      1000000        strict
          3          25      1000000   round-robin
          2          25     disabled   round-robin
          1          25     disabled   round-robin
          0          25     disabled   round-robin

switch(config-if-Et19-txq-3)#

shape rate (Tx-queue – Helix)

The shape rate command specifies the maximum bandwidth for outbound traffic on the transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – Helix) command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

The no shape rate and default shape rate commands remove the shape rate bandwidth limit on the configuration mode transmit queue by deleting the corresponding shape rate command from running-config.

Command Mode

Tx-Queue Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameters

DATA_LIMIT Shape rate applied to the queue. Value range varies with data unit:

- 8 to 40000000 8 to 40,000,000 kbytes per second.
- 8 to 40000000 kbps 8 to 40000000 kbytes per second.
- 8 to 60000000 pps 8 to 60000000 packets per second.

Restrictions

Queue shaping is not supported in cut-through mode.

Related Commands

tx-queue (Helix) places the switch in tx-queue configuration mode.
shape rate (Interface – Helix) configures the shape rate for a configuration mode interface.

Example

These commands configure a shape rate of 1 Gbps (1,000,000 Kbps) on transmit queues 3 and 4 of interface Eethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)# shape rate 1000000 kbps
switch(config-if-Et17/3-txq-4)# tx-queue 3
switch(config-if-Et17/3-txq-3)# shape rate 1000000 kbps
switch(config-if-Et17/3-txq-3)# show qos interface ethernet 17/3

Ethernet17/3:

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )       - / -    (  -  )    SP / SP
   4        - / -    (  -  )       1 / 1    ( Gbps )   SP / SP
   3        - / -    (  -  )       1 / 1    ( Gbps )   SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )       - / -    (  -  )    SP / SP
   0        - / -    (  -  )       - / -    (  -  )    SP / SP

switch(config-if-Et17/3-txq-3)#

shape rate (Tx-queue – Petra)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – Petra) command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

Queue shaping applies only to unicast traffic. Shaping rates of at least 162 Kbps are supported.

Command Mode

Tx-Queue Configuration

Command Syntax

shape rate DATA_LIMIT

no shape rate

default shape rate

Parameters

DATA_LIMITShape rate applied to the queue. Value range varies with data unit:

- 8 to 40000000 kbps Range is from 8 to 40000000 kbytes per second.
- 8to 60000000pps Range is from 8 to 60000000 packets per second.
Shaping rates greater than 460 kbps are supported. At lower shaping rates (less than 10 Mbps), granularity and rounding errors may skew the actual shaping rate by 20% from the specified rate.

Related Commands

tx-queue (Petra) places the switch in tx-queue configuration mode.
shape rate (Interface – Petra) configures the shape rate for a configuration mode interface.

Example

These commands configure a shape rate of 1 Gbps (1,000,000 Kbps) on transmit queues 3 and 4 of interface ethernet 3/28.

switch(config)# interface ethernet 3/28
switch(config-if-Et3/28)# tx-queue 4
switch(config-if-Et3/28-txq-4)# shape rate 1000000
switch(config-if-Et3/28-txq-4)# tx-queue 3
switch(config-if-Et3/28-txq-3)# shape rate 1000000
switch(config-if-Et3/28-txq-3)# show qos interface ethernet 3/28

Ethernet3/28:

   Tx-Queue   Bandwidth    Shape Rate     Priority
              (percent)       (Kbps)
   -----------------------------------------------
          7         N/A     disabled        strict
          6         N/A     disabled        strict
          5         N/A     disabled        strict
          4         N/A      1000000        strict
          3          25      1000000   round-robin
          2          25     disabled   round-robin
          1          25     disabled   round-robin
          0          25     disabled   round-robin

switch(config-if-Et3/28-txq-3)#

shape rate (Tx-queue – Trident and Tomahawk)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – Trident and Tomahawk) command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

The no shape rate and default shape rate commands remove the shape rate limit from the configuration mode transmit queue by deleting the corresponding shape rate command from running-config.

Command Mode

Mc-Tx-Queue configuration

Uc-Tx-Queue configuration

Command Syntax

shape rate DATA_LIMIT

no shape rate

default shape rate

Parameters

DATA_LIMIT Shape rate applied to the queue. Value range varies with data unit:
- 8 to 40000000 kbps Range is from 8 to 40000000 kbytes per second.
- 8 to 60000000 pps Range is from 8 to 60000000 packets per second.

Related Commands

mc-tx-queue places the switch in mc-tx-queue configuration mode.
uc-tx-queue places the switch in uc-tx-queue configuration mode.
shape rate (Interface – Trident and Tomahawk) configures the shape rate for a configuration mode interface.

Guidelines

When two queues source traffic from the same traffic class and the higher priority queue is shaped, that queue consumes all internal buffers, starving the lower priority queue even if bandwidth is available.

Example

These commands configure a shape rate of 1 Gbps (1,000,000 Kbps) on unicast transmit queues 3 and multicast transmit 4 of interface ethernet 7.

switch(config)# interface ethernet 7
switch(config-if-Et7)# uc-tx-queue 3
switch(config-if-Et7-uc-txq-3)# shape rate 1000000
switch(config-if-Et7-uc-txq-3)# mc-tx-queue 2
switch(config-if-Et7-mc-txq-2)# shape rate 1000000
switch(config-if-Et7-mc-txq-2)# show qos interface ethernet 7

Ethernet7:

   Tx-Queue   Bandwidth    Shape Rate     Priority   Priority Group
              (percent)       (Kbps)
   ----------------------------------------------------------------
        UC7         N/A     disabled        strict                1
        UC6         N/A     disabled        strict                1
        MC3         N/A     disabled        strict                1
        UC5         N/A     disabled        strict                0
        UC4         N/A     disabled        strict                0
        MC2         N/A      1000000        strict                0
        UC3          20      1000000   round-robin                0
        UC2          16     disabled   round-robin                0
        MC1          16     disabled   round-robin                0
        UC1          16     disabled   round-robin                0
        UC0          16     disabled   round-robin                0
        MC0          16     disabled   round-robin                0

switch(config-if-Et7-mc-txq-2)#

shape rate (Tx-queue – Trident II)

The shape rate command specifies the maximum bandwidth for outbound traffic on the configuration mode transmit queue, also known as queue shaping. The shape rate for interfaces is configured by the shape rate (Interface – Trident II) command. By default, the configured outbound transmission rate is not bounded by a transmit queue shape rate.

Command Mode

Tx-Queue Configuration

Command Syntax

shape rate byte_limit [kbps]

no shape rate

default shape rate

Parameters

DATA_LIMIT Shape rate applied to the queue. Value range varies with data unit:

- 8 to 40000000 kbps Range is from 8 to 40000000 kbytes per second.
- 8 to 60000000 pps Range is from 8 to 60000000 packets per second.

Restrictions

Queue shaping is not supported in cut-through mode

Related Commands

tx-queue (Trident II) places the switch in tx-queue configuration mode.
shape rate (Interface – Trident II) configures the shape rate for a configuration mode interface.

Example

These commands configure a shape rate of 1 Gbps (1,000,000 Kbps) on transmit queues 3 and 4 of interface ethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)# shape rate 1000000 kbps
switch(config-if-Et17/3-txq-4)# tx-queue 3
switch(config-if-Et17/3-txq-3)# shape rate 1000000 kbps
switch(config-if-Et17/3-txq-3)# show qos interface ethernet 17/3

Ethernet17/3:

  Tx       Bandwidth                 Shape Rate        Priority
 Queue     Guaranteed (units)         (units)
   ------------------------------------------------------------
   7        - / -    (  -  )       - / -    (  -  )    SP / SP
   6        - / -    (  -  )       - / -    (  -  )    SP / SP
   5        - / -    (  -  )       - / -    (  -  )    SP / SP
   4        - / -    (  -  )       1 / 1    ( Gbps )   SP / SP
   3        - / -    (  -  )       1 / 1    ( Gbps )   SP / SP
   2        - / -    (  -  )       - / -    (  -  )    SP / SP
   1        - / -    (  -  )       - / -    (  -  )    SP / SP
   0        - / -    (  -  )       - / -    (  -  )    SP / SP

switch(config-if-Et17/3-txq-3)#

show interface counters queue drop-precedence

The show interface counters queue drop-precedence command displays the drop-precedence counters.

Command Mode

EXEC

Command Syntax

show interface counters queue drop-precedence

Example

This command displays the drop precedence counts on two interfaces.

switch# show interface counters queue drop-precedence
intf        0          1          2
Et1/1     100          0        200
Et1/2     200          0        300
switch#

show platform petraA traffic-class

The show platform petraA traffic-class command displays the traffic class assignment on all specified Petra chips. Each chip controls eight Ethernet interfaces. The default traffic class of an interface is specified by the traffic class assigned to the chip that controls the interface.

Traffic class assignments are configured with the platform petraA traffic-class command.

Valid command options include:

show platform petraA traffic-class Traffic class of all chips on all linecard.
show platform petraA CHIP_NAME traffic-class Traffic class of specified chip.
show platform petraA MODULE_NAME traffic-class Traffic class of all chips on specified linecard.

Command Mode

EXEC

Command Syntax

show platform petraA traffic-class

show platform petraA CHIP_NAME traffic-class

show platform petraA MODULE_NAME traffic-class

Parameters

CHIP_NAMEName of Petra chip on linecard that control Ethernet ports. Options include:
- petra cardX / chipY All ports on PetraA chip chipY on linecard cardX (7500 Series).
- petra chipZ All ports on PetraA chip chipZ (7048 Series).
7500 Series

Switches can contain up to eight linecards. cardX varies from 3 to 10.
Each linecard contains six PetraA chips. Each chip controls eight ports. chipY varies from 0 to 5:
- 0 controls ports 1 through 8
- 1 controls ports 9 through 16
- 2 controls ports 17 through 24
- 3 controls ports 25 through 32
- 4 controls ports 33 through 40
- 5 controls ports 41 through 48
7048 Series
Each switch contains two PetraA chips. chipZ varies from 0 to 1:
- 0 controls ports 1 through 32
- 1 controls ports 33 through 52
MODULE_NAME Name and number of linecard (7500 Series). Options include:
- module linecard mod_num Linecard number (3 to 10).
- module mod_num Linecard number (3 to 10).

Related Command

platform petraA traffic-class configures the default traffic class used by all ports on a specified chip.

Example

This command displays the traffic class of all chips on linecard 3.

switch# show platform petraA module linecard 3 traffic-class
Petra3/0 traffic-class: 1
Petra3/1 traffic-class: 1
Petra3/2 traffic-class: 1
Petra3/3 traffic-class: 1
Petra3/4 traffic-class: 5
Petra3/5 traffic-class: 1
switch#

show platform trident tcam qos detail

The show platform trident tcam qos detail command displays the list of all the SVIs that are sharing the TCAM entries.

Command Mode

EXEC

Command Syntax

show platform trident tcam qos detail

Example

This command displays the list of all the SVIs that are sharing the TCAM entries.

switch(config)# show platform trident tcam qos detail

=== Policy-map p01 type qos on switch Linecard0/0 ===
Interfaces : Vlan2 Vlan1
=-= Interface BitMap =-=
0x000000000000000001FFFFFE

show platform trident tcam shared vlan interface-class-id

The show platform trident tcam shared vlan interface-class-id command displays what SVIs are currently sharing the QoS policy-map in the below output under QoS PMAP Data.

Command Mode

EXEC

Command Syntax

show platform trident tcam shared vlan interface-class-id

Example

This command displays what SVIs are currently sharing the QoS policy-map in the below output under QoS PMAP Data.

switch(config)# show platform trident tcam shared vlan interface-class-id

=== Shared RACL Data on switch Linecard0/0 ===
=== Shared QoS Policy-map Data on switch Linecard0/0 ===
Interface Class Id             VLANs
1                               1 2

show platform xp qos tcam hit

The show platform xp qos tcam hit command displays the TCAM entries programmed for each policy-map as well as the traffic hits. The hits option is used to see the TCAM entries with nonzero traffic hits.

Command Mode

EXEC

Command Syntax

show platform xp qos tcam hit

Example

This command displays the QoS TCAM hits on interface ethernet 10/1.

switch# show platform xp qos tcam hit

=== Policy-map test type qos on switch 0 ===
Assigned to ports: Ethernet10/1
=-= Class-map test type qos =-=
=== ACL test
=========================================================================================
|Seq|AclId|Prot|Port|SPort|Ecn|FFlg|DPort|Vlan|Action|Hits|Src Ip|Dest Ip|hwId    | | |     |      | | | |dscp|cos  |tc|PolId| | | |
=========================================================================================
| 10| 0x01|    |    |     |   |0x04|     |    | 4    |-   | -    | -     |91852787| | | | 0 | 0x00 | | | |     |0xfb|  |     |  | | |  
-----------------------------------------------------------------------------------------

show policy-map interface

The show policy-map interface command displays contents of the policy map applied to specified the interface.

Command Mode

EXEC

Command Syntax

show policy-map interface interface_name

Parameters

interface_name Interface for which command returns data. Options include:

no parameter Returns data for all interfaces.
ethernet e_range Ethernet interfaces specified by e_range.
port-channel p_range Port channel interfaces specified by p_range.

Example

This command displays the name and contents of the policy map applied to interface Ethernet 1.

switch# show policy-map interface ethernet 1
Service-policy input: p1
 Hardware programming status: Successful

 Class-map: c2001 (match-any)
    Match: vlan 2001 0xfff
       set dscp 4

 Class-map: c2002 (match-any)
    Match: vlan 2002 0xfff
       set dscp 8

 Class-map: c2003 (match-any)
    Match: vlan 2003 0xfff
       set dscp 12

show policy-map

The show policy-map command displays the policy map information for the configured policy map.

Command Mode

EXEC

Command Syntax

show policy-map policy_map_name [counters][interface | summary]

Parameters

policy_map_name QoS policy map name.
counters Specifies the policy map traffic match count (This parameter is applicable only on DCS-7010, DCS-7050X, DCS7250X, DCS-7300X and DCS-7280(E/R), DCS-7500(E/R) series switches.)
interface Specifies the service policy on an interface.
summary Policy map summary.

Examples

The show policy-map command displays the information for the policy map policy1.

switch# show policy-map policy1
Service-policy policy1
Class-map: class1 (match-any)
Match: ip access-group name acl1
Police cir 512000 bps bc 96000 bytes
Class-map: class-default (match-any)

The show policy-map counters command displays the policy map traffic match count for the policy map configured.

switch# show policy-map policy1 counters

Service-policy input: policy1
 Hardware programming status: Successful
 Class-map: class1 (match-any)
    Match: vlan 20-40,1000-1250
       police rate 100 mbps burst-size 100 kbytes
        Interface: Ethernet16/1
          Conformed 28621 packets, 7098008 bytes -------------- packet match count
 
Class-map: class-default (match-any)
      Matched Packets: 19 -------------- packet match count

show qos interfaces random-detect ecn

The show qos interfaces random-detect ecn command displays the Explicit Congestion Notification (ECN) configuration for each transmit queue on the specified interfaces.

Command Mode

EXEC

Command Syntax

show qos interfaces [INTERFACE_NAME] random-detect ecn

Parameters

INTERFACE_NAME Interface for which command returns data. Options include:

no parameter Returns data for all interfaces.
ethernet e_range Ethernet interfaces specified by e_range.
port-channel p_range Port-Channel Interfaces specified by p_range.

Example

This command configures ECN parameters for transmit queues 0 through 3 on interface ethernet 3/5/1, then displays that configuration.

switch(config)# interface ethernet 3/5/1
switch(config-if-Et3/5/1)# tx-queue 0
switch(config-if-Et3/5/1-txq-0)# random-detect ecn minimum-threshold 2560 kbytes 
maximum-threshold 256000 kbytes
switch(config-if-Et3/5/1-txq-0)# tx-queue 1
switch(config-if-Et3/5/1-txq-1)# random-detect ecn minimum-threshold 25600 kbytes 
maximum-threshold 128000 kbytes
switch(config-if-Et3/5/1-txq-1)# tx-queue 2
switch(config-if-Et3/5/1-txq-2)# random-detect ecn minimum-threshold 25600 bytes 
maximum-threshold 128000 bytes
switch(config-if-Et3/5/1-txq-2)# tx-queue 3
switch(config-if-Et3/5/1-txq-3)# random-detect ecn minimum-threshold 25 mbytes 
maximum-threshold 128 mbytes
switch(config-if-Et3/5/1-txq-3)# show qos interfaces ethernet 3/5/1 random-detect 
ecn

Ethernet3/5/1:

   Tx-Queue   Mininimum Threshold    Maximum Threshold    Threshold Unit
   ---------------------------------------------------------------------
          7                     -                    -                 -
          6                     -                    -                 -
          5                     -                    -                 -
          4                     -                    -                 -
          3                    25                  128             mbytes
          2                 25600               128000              bytes
          1                 25600               128000             kbytes
          0                  2560               256000             kbytes

switch(config-if-Et3/5/1-txq-3)#

show qos interfaces trust

The show qos interfaces trust command displays the configured and operational QoS trust mode of all specified interfaces.

Command Mode

EXEC

Command Syntax

show qos interfaces [INTERFACE_NAME] trust

Parameters

INTERFACE_NAME Interface for which command returns data. Options include:

no parameter Returns data for all interfaces.
ethernet e_range Ethernet interfaces specified by e_range.
port-channel p_range Port-Channel Interfaces specified by p_range.

Example

These commands configure a variety of QoS trust settings on a set of interfaces, then displays the QoS trust mode on these interfaces.

switch(config)# interface ethernet 1/1
switch(config-if-Et1/1)# qos trust cos
switch(config-if-Et1/1)# interface ethernet 1/2
switch(config-if-Et1/2)# qos trust dscp
switch(config-if-Et1/2)# interface ethernet 1/3
switch(config-if-Et1/3)# no qos trust
switch(config-if-Et1/3)# interface ethernet 1/4
switch(config-if-Et1/4)# default qos trust
switch(config-if-Et1/4)# interface ethernet 2/1
switch(config-if-Et2/1)# no switchport
switch(config-if-Et2/1)# default qos trust
switch(config-if-Et2/1)# show qos interface ethernet 1/1 - 2/4 trust

Port                                       Trust Mode
                               Operational           Configured
---------------------------------------------------------------
Ethernet1/1                    COS                   COS
Ethernet1/2                    DSCP                  DSCP
Ethernet1/3                    UNTRUSTED             UNTRUSTED
Ethernet1/4                    COS                   DEFAULT
Ethernet2/1                    DSCP                  DEFAULT
Ethernet2/2                    COS                   DEFAULT
Ethernet2/3                    COS                   DEFAULT
Ethernet2/4                    COS                   DEFAULT

switch(config-if-Et2/1)#

show qos interfaces

The show qos interfaces command displays the QoS, DSCP, and transmit queue configuration on a specified interface. Information provided by this command includes the ports trust setting, the default CoS value, and the DSCP value.

Command Mode

EXEC

Command Syntax

show qos interfaces INTERFACE_NAME

Parameters

INTERFACE_NAME Interface For which command returns data. Options include:

no parameter Returns data for all interfaces.
ethernet e_num Ethernet interface specified by e_num.
port-channel p_num Port-Channel Interface specified by p_num.

Example

This command lists the QoS configuration for interface ethernet 4.

switch> show qos interfaces ethernet 4

Ethernet4:
   Trust Mode: COS
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: 5000000Kbps

   Tx-Queue   Bandwidth    ShapeRate      Priority
              (percent)       (Kbps)
   -----------------------------------------------
          0          50     disabled   round-robin
          1          50     disabled   round-robin
          2         N/A     disabled        strict
          3         N/A      1000000        strict
          4         N/A      1000000        strict
          5         N/A      1500000        strict
          6         N/A      2000000        strict

switch>

show qos interfaces latency maximum

The show qos interfaces latency maximum command displays the maximum latency tail-drop threshold active on each Tx queue for a specified interface.

Command Mode

EXEC

Command Syntax

show qos interfaces INTERFACE_NAME latency maximum

Parameters

INTERFACE_NAME: Name of the interface.

This command lists the maximum latency for VOQ tail drop on interface ethernet 23/1.

switch# show qos interfaces ethernet 23/1 latency maximum

Ethernet23/1:
Tx Queue            Maximum Latency
--------            ---------------
       7                          -         
       6                          -         
       5                          -         
       4                          -         
       3                      10 ms
       2                          -         
       1                          -         
       0                          -         

switch# show qos profile
qos profile latency
    tx-queue 3
        latency maximum 4000 microseconds
    Tx-queue 4
        latency maximum 30 milliseconds

switch#

show qos maps

The show qos maps command lists the number of traffic classes that the switch supports and displays the CoS-Traffic Class, DSCP-Traffic Class, Traffic Class-CoS, and Traffic Class-Transmit Queue maps.

Command Mode

EXEC

Command Syntax

show qos maps

Example

This command displays the QoS maps that are configured on the switch.

switch> show qos maps
Number of Traffic Classes supported: 8
   Number of Transmit Queues supported: 8
   Cos Rewrite:  Disabled
   Dscp Rewrite:  Disabled

   Cos-tc map:
     cos:  0  1  2  3  4  5  6  7
     ----------------------------
     tc:   1  0  2  3  4  5  6  7

   Dscp-tc map:
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     2  2  2  2  3  3  3  3  3  3
      3 :     3  3  4  4  4  4  4  4  4  4
      4 :     5  5  5  5  5  5  5  5  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7

   Tc-cos map:
     tc:   0  1  2  3  4  5  6  7
     ----------------------------
     cos:  1  0  2  3  4  5  6  7

   Tc-dscp map:
     tc:    0  1  2  3  4  5  6  7
     -----------------------------
     dscp:  8  0 16 24 32 40 48 56

   Tc - tx-queue map:
     tc:        0  1  2  3  4  5  6  7
     ---------------------------------
     tx-queue:  0  1  2  3  4  5  6  7

switch>

show qos map dscp to traffic-class

The show qos map dscp to traffic-class command shows all DSCP to traffic-class maps, or one specified DSCP to TC map.

Command Mode

Privileged EXEC mode

Command Syntax

show qos map dscp to traffic-class [ map_name ]

Parameters

map_name The name of the DSCP to traffic-class map. If this is not specified, all DSCP to TC maps are shown.

Example

This command shows the DSCP to TC map named map1.

switch#show qos map dscp to traffic-class map1
   DSCP to TC map: map1
     d1 :  d2 0  1  2  3  4  5  6  7  8  9
     --------------------------------------
      0 :     1  1  1  1  1  1  1  1  0  0
      1 :     0  0  0  0  0  0  2  2  2  2
      2 :     6  6  6  6  6  6  3  3  3  3
      3 :     3  3  4  4  4  7  4  4  4  4
      4 :     5  5  5  5  5  5  5  5  6  6
      5 :     6  6  6  6  6  6  7  7  7  7
      6 :     7  7  7  7
switch#

show qos profile summary

The show qos profile summary command displays the QoS profile summary of those which are part of the running configuration.

Command Mode

EXEC

Command Syntax

show qos profile summary

Example

This command shows a summary of all QoS profiles configured on the switch.

switch(config)# show qos profile summary
Qos Profile: p
Configured on: Et13,7
Fabric
Po12
Qos Profile: p2
Configured on: Et56

show qos profile

The show qos profile command displays the contents of the specified QoS profile or of all QoS profiles in the running configuration.

Command Mode

EXEC

Command Syntax

show qos profile profile_name

Parameter

profile_name QoS profile name.

Examples

This command displays the contents of all QoS profiles configured on the switch.

switch(config)# show qos profile
qos profile p
qos cos 1
no priority-flow-control pause watchdog
priority-flow-control priority 1 no-drop
priority-flow-control priority 2 no-drop
qos profile p2
qos cos 3
priority-flow-control priority 0 no-drop

This command displays the configuration attached and information specific to QoS profile p2.

switch# show qos profile p2
qos profile p2
qos cos 3
priority-flow-control priority 0 no-drop

show qos random-detect ecn

The command displays the global Explicit Congestion Notification (ECN) configuration.

Command Mode

EXEC

Command Syntax

show qos random-detect ecn

Example

These commands configure global ECN parameters, then displays that configuration.

switch(config)# qos random-detect ecn global-buffer minimum-threshold 2 mbytes 
maximum-threshold 5 mbytes
switch(config)# show qos random-detect ecn                                                                            
   Minimum Threshold:  2
   Maximum Threshold:  5
   Threshold Unit:  mbytes

switch(config)#

show run|grep sharing

The show run|grep sharing command displays whether the QoS policy-map sharing on SVIs is enabled or disabled.

Command Mode

EXEC

Command Syntax

show run|grep sharing

Example

This command displays whether the QoS policy-map sharing on SVIs is enabled or disabled.

switch# show run|grep sharing
hardware access-list qos resource sharing vlan in ----

If this message is displayed then QoS policy-map sharing on SVIs is enabled.

tx-queue (Arad/Jericho)

The tx-queue command places the switch in Tx-queue configuration mode to configure a transmit queue on the configuration mode interface. Tx-queue configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

Arad and Jericho platform switches have eight queues, 0 through 7, and all queues are exposed through the CLI. However, queue 7 is not user-configurable. Queue 7 is always mapped to traffic class 7, which is reserved for control traffic.

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no tx-queue and default tx-queue commands remove the configuration for the specified transmit queue by deleting all corresponding tx-queue mode statements from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

tx-queue queue_level

Parameters

queue_level The transmit queue. Values range from 0 to 7.

Commands Available in tx-queue Configuration Mode

bandwidth percent (Arad/Jericho)
priority (Arad/Jericho)
shape rate (Tx-queue – Arad/Jericho)

Guidelines

Arad and Jericho platform switch queues handle unicast traffic. Queues for multicast traffic are not supported.

Example

This command enters Tx-queue configuration mode for transmit queue 4 of interface ethernet 3/3/3.

switch(config)# interface ethernet 3/3/3
switch(config-if-Et3/3/3)# tx-queue 4
switch(config-if-Et3/3/3-txq-4)#

tx-queue (FM6000)

FM6000 platform switches have eight queues, 0 through 7. All queues are exposed through the CLI and are user configurable.

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no tx-queue and default tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

tx-queue queue_level

Parameter

queue_level The transmit queue. Values range from 0 to 7.

Commands Available in tx-queue Configuration Mode

bandwidth percent (FM6000)
priority (FM6000)
shape rate (Tx-queue – FM6000)

Guidelines

FM6000 platform switch queues handle unicast and multicast traffic.

Example

This command enters Tx-queue configuration mode for transmit queue 3 of interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# tx-queue 3
switch(config-if-Et5-txq-3)#

tx-queue (Helix)

The tx-queue command places the switch in tx-queue configuration mode to configure a transmit queue on the configuration mode interface. The tx-queue configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

Helix platform switches have eight unicast (UC0 – UC7) and eight multicast (MC0 – MC7) queues. Each UCx-MCx queue set is combined into a single queue group (L1.x), which is exposed to the CLI through this command.

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no tx-queue and default tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

tx-queue queue_level

Parameter

queue_level Transmit queue group number. Values range from 0 to 7.

Commands Available in tx-queue Configuration Mode

bandwidth guaranteed (Helix)
shape rate (Tx-queue – Helix)

Guidelines

Helix platform switch queues handle unicast and multicast traffic.

Example

This command enters Tx-queue configuration mode for transmit queue 4 of interface ethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)#

tx-queue (Petra)

The tx-queue command places the switch in tx-queue configuration mode to configure a transmit queue on the configuration mode interface. The tx-queue configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

Petra platform switches have eight queues, 0 through 7, and all queues are exposed through the CLI. However, queue 7 is not user-configurable. Queue 7 is always mapped to traffic class 7, which is reserved for control traffic.

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no tx-queue and default tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

tx-queue queue_level

Parameter

queue_level The transmit queue. Values range from 0 to 7.

Commands Available in tx-queue Configuration Mode

bandwidth percent (Petra)
priority (Petra)
shape rate (Tx-queue – Petra)

Guidelines

Petra platform switch queues handle unicast traffic. Queues for multicast traffic are not supported.

Example

This command enters the tx-queue configuration mode for transmit queue 3 of interface ethernet 3/3.

switch(config)# interface ethernet 3/3
switch(config-if-Et3/3)# tx-queue 3
switch(config-if-Et3/3-txq-3)#

tx-queue (Trident II)

Trident II platform switches have eight unicast (UC0 – UC7) and eight multicast (MC0 – MC7) queues. Each UCx-MCx queue set is combined into a single queue group (L1.x), which is exposed to the CLI through this command.

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no tx-queue and default tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

tx-queue queue_level

Parameter

queue_level Transmit queue group number. Values range from 0 to 7.

Commands Available in tx-queue Configuration Mode

bandwidth guaranteed (Trident II)
shape rate (Tx-queue – Trident II)

Trident II platform switch queues handle unicast and multicast traffic.

Example

This command enters the tx-queue configuration mode for transmit queue 4 of interface ethernet 17/3.

switch(config)# interface ethernet 17/3
switch(config-if-Et17/3)# tx-queue 4
switch(config-if-Et17/3-txq-4)#

uc-tx-queue

The uc-tx-queue command places the switch in the uc-tx-queue configuration mode to configure a unicast transmit queue on the configuration mode interface. The uc-tx-queue configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

Trident and Tomahawk switches have eight unicast queues (UC0 – UC7) and four multicast queues (MC0 – MC03), categorized into two priority groups. All queues are exposed through the CLI and are user-configurable.

Priority Group 1: UC7, UC6, MC3
Priority Group 0: UC5, UC4, MC2, UC3, UC2, MC1, UC1, UC0, MC0

The exit command returns the switch to the configuration mode for the base Ethernet or port channel interface.

The no uc-tx-queue and default uc-tx-queue commands remove the configuration for the specified transmit queue by deleting the all corresponding uc-tx-queue mode commands from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

uc-tx-queue queue_level

Parameter

queue_level The multicast transmit queue number. Values range from 0 to 7.

Commands Available in uc-tx-queue Configuration Mode

bandwidth percent (Trident and Tomahawk)
priority (Trident and Tomahawk)
shape rate (Tx-queue – Trident and Tomahawk)

Related Command

mc-tx-queue: Configures multicast transmit queues on Trident and Tomahawk platform switches.

Example

This command enters the mc-tx-queue configuration mode for multicast transmit queue 4 of interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# uc-tx-queue 4
switch(config-if-Et5-mc-txq-4)#

Chipset Mapping for QoS

Table 43. Chipset Names by Model Number
Model Number	Chipset Name
7010T-48	Helix4
7010T-48-DC	Helix4
7020SR-24C2	QumranAX
7020SR-32C2	QumranAX
7020SRG-24C2	QumranAX
7020TR-48	QumranAX
7020TRA-48	QumranAX
7048T-4S	Petra
7048T-A	Petra
7050CX3-32S	Trident3X7
7050CX3M-32S	Trident3X7
7050Q-16	Trident+
7050QX2-32S	Trident2+
7050QX-32	Trident2
7050QX-32S	Trident2
7050S-52	Trident+
7050S-64	Trident+
7050SX-128	Trident2
7050SX2-128	Trident2+
7050SX2-72Q	Trident2+
7050SX3-48C8	Trident3X5
7050SX3-48YC	Trident3X5
7050SX3-48YC12	Trident3X7
7050SX3-96YC8	Trident3X7
7050SX-64	Trident2
7050SX-72	Trident2
7050SX-72Q	Trident2
7050SX-96	Trident2
7050T-36	Trident+
7050T-36 (HwRev4)	Trident+
7050T-52	Trident+
7050T-52 (HwRev4)	Trident+
7050T-64	Trident+
7050T-64 (HwRev4)	Trident+
7050TX-128	Trident2
7050TX2-128	Trident2+
7050TX3-48C8	Trident3X5
7050TX-48	Trident2
7050TX-64	Trident2
7050TX-72	Trident2
7050TX-72Q	Trident2
7050TX-96	Trident2
7060CX2-32S	Tomahawk+
7060CX-32S	Tomahawk
7060DX4-32	Tomahawk3
7060PX4-32	Tomahawk3
7060SX2-48YC6	Tomahawk+
7120T-4S	Bali
7124FX	Bali
7124S	Bali
7124SX	Bali
7140T-8S	Bali
7148S	Bali
7148SX	Bali
7150S-24	Alta
7150S-24-CL	Alta
7150S-52-CL	Alta
7150S-64-CL	Alta
7150SC-24-CLD	Alta
7150SC-64-CLD	Alta
7170-32C	Tofino
7170-32CD	Tofino
7170-64C	Tofino
720XP-24Y6	Trident3X3
720XP-24ZY4	Trident3X3
720XP-48Y6	Trident3X3
720XP-48ZC2	Trident3X3
720XP-96ZC2	Trident3X3
7250QX-64	Trident2
7260CX3-64	Tomahawk2
7260CX3-64E	Tomahawk2
7260CX-64	Tomahawk
7260QX-64	Tomahawk
7280CR2-60	Jericho+
7280CR2A-60	Jericho+
7280CR2AK-30	Jericho+
7280CR2K-30	Jericho+
7280CR2K-60	Jericho+
7280CR2M-30	Jericho+
7280CR3-32D4	Jericho2
7280CR3-32P4	Jericho2
7280CR3-96	Jericho2
7280CR3K-32D4	Jericho2
7280CR3K-32P4	Jericho2
7280CR3K-96	Jericho2
7280CR3MK-32D4	Jericho2
7280CR3MK-32P4	Jericho2
7280CR-48	Jericho
7280DR3-24	Jericho2
7280DR3K-24	Jericho2
7280PR3-24	Jericho2
7280PR3K-24	Jericho2
7280QRA-C36S	Jericho
7280QR-C36	QumranMX
7280QR-C72	Jericho
7280SE-64	Arad+
7280SE-68	Arad+
7280SE-72	Arad+
7280SR2-48YC6	Jericho+
7280SR2A-48YC6	Jericho+
7280SR2K-48C6	Jericho+
7280SR3-40YC6	Jericho2C Q2A
7280SR-48C6	QumranMX
7280SRA-48C6	QumranMX
7280SRAM-48C6	QumranMX
7280SRM-40CX2	QumranMX
7280TR3-40C6	Jericho2C Q2A
7280TR-48C6	QumranMX
7280TRA-48C6	QumranMX
DCS-7304	Trident3
DCS-7304	Tomahawk
DCS-7304	Trident2
DCS-7308	Trident3
DCS-7308	Tomahawk
DCS-7308	Trident2
DCS-7316	Trident2
DCS-7368X4	Tomahawk3
DCS-7504	Petra
DCS-7504E	Arad/Arad+
DCS-7504N	Jericho 2
DCS-7504N	Jericho/Jericho+
DCS-7508	Petra
DCS-7508E	Arad/Arad+
DCS-7508N	Jericho 2
DCS-7508N	Jericho/Jericho+
DCS-7512N	Jericho 2
DCS-7512N	Jericho/Jericho+
DCS-7516N	Jericho/Jericho+
DCS-7804-CH	Jericho 2
DCS-7808-CH	Jericho 2

Traffic Management

This chapter describes Traffic Management on Arista switches, including configuration instructions and command descriptions. Topics covered by this chapter include:

Traffic Management Conceptual Overview
Traffic Management Configuration Trident Platform Switches
Traffic Management Configuration Trident II Platform Switches
Traffic Management Configuration Commands

Traffic Management Conceptual Overview

Traffic is managed through policy maps that apply data shaping methods to specific data streams. A policy map is a data structure that identifies specific data streams and then defines shaping parameters that modify packets within the streams. The switch defines four types of policies:

Control Plane Policies: Control plane policy maps are applied to the control plane.
QoS Policies: QoS policy maps are applied to Ethernet and port channel interfaces.
Segment Routing Traffic Engineering Policy (SR-TE).
PBR Policies: PBR policy maps are applied to Ethernet interfaces, port channel interfaces and switch virtual interfaces (SVIs).

A policy map consists of classes. Each class contains an eponymous class map and traffic resolution commands.

A class map is a data structure that defines a data stream by specifying characteristics of data packets that comprise that stream. Each class map is typed as either QoS, control plane, or PBR and is available only to identically typed policy maps.
Traffic resolution commands specify data handling methods for traffic that matches a class map. Traffic resolution options vary by policy map type.

Data packets that enter an entity to which a policy map is assigned are managed with traffic resolution commands of the first class that matches the packets.

Control Plane Policies

The switch defines one control plane policy map named copp-system-policy. The copp-system-policy policy map always applies to the control plane and cannot be removed from the switch. Other control plane policy maps cannot be added. Copp-system-policy consists of preconfigured classes, each containing a static class map and traffic resolution commands. Preconfigured classes cannot be removed from copp-system-policy.

The switch provides static class maps and you cannot modify or delete them. The switch uses a naming convention of static class maps as copp-system- name, where name differentiates the class maps. Static class maps have pre-defined internal conditions, not based on ACLs, and only listed in running-config as components of copp-system-policy. The sequence of static class maps in the policy map is not significant. Traffic resolution commands define minimum (bandwidth) and maximum (shape) transmission rates for data streams matching the corresponding class map.

Copp-system-policy can be modified through the following steps:

Add classes consisting of an eponymous dynamic class map and traffic resolution commands.
Create, edit, or delete dynamic class maps, and filter traffic with a single IPv4 ACL, and list in running-config.
Change traffic resolution commands for a preconfigured class.

The following section describes control plane traffic policy configuration procedures:

Configuring Control Plane Traffic Policies Trident Platform Switches

QoS Policies

QoS policy maps are user defined. The switch does not provide preconfigured QoS policy maps and in the default configuration, policy maps are not applied to any Ethernet or port channel interface. Policy maps and class maps are created and applied to interfaces through configuration commands.

A QoS policy map is composed of one or more classes. Each class contains an eponymous dynamic class map and traffic resolution commands. Dynamic class maps are user created, can be edited or deleted, filter traffic with a single IPv4 ACL, and are listed in running-config.

QoS traffic resolution commands perform one of the following:

Set the Layer 2 CoS field
Set the DSCP value in the ToS byte
Specify a traffic class queue

The last class in all QoS policy maps is class-default, which is composed as follows:

The class-default class map matches all traffic except IPv4 or IPv6 traffic and is not editable.
By default, class-default class contains no traffic resolution commands. Traffic resolution commands can be added through configuration commands.

Data packets that enter an interface to which a policy map is assigned are managed with traffic resolution commands that correspond to the first class that matches the packet.

These sections describe QoS traffic policy configuration procedures:

Configuring QoS Traffic Policies Arad Platform Switches
Configuring QoS Traffic Policies FM6000 Platform Switches
Configuring QoS Traffic Policies Petra Platform Switches
Configuring QoS Traffic Policies Trident Platform Switches

Segment Routing Traffic Engineering Policy (SR-TE)

Segment Routing Traffic Engineering Policy (SR-TE) policy uses Segment Routing (SR) to enable a headend to steer traffic along any path without maintaining per flow state in every node based on the policy. Configuring SR policy for the MPLS dataplane (SR-MPLS) for Type-1 SR policy segments with BGP and locally configured policies as sources of SR policy is available on DCS-7500 and DCS-7280 family of switches.

SR Policy Overview

SR Policy Identification

The following identifies an SR policy.

Endpoint - An IPv4 or IPv6 address which refers to the destination of the policy. EOS allows 0/0 and 0:: and calls these IP addresses null endpoints.
Color - An unsigned 32-bit opaque numerical quantity. Define the semantic of a color as you prefer. It can refer to, for instance, an application or a type of traffic, such as low latency, or a geographical location.

SR Policy Constituents

The SR policy consists of candidate paths. Each candidate path has the following.

SID-lists (SLs) - An ordered list of Segment Identifiers. Each SID provides a MPLS label in the MPLS instantiation of SR). An SL encodes one path from the headend to the destination. Each SL has an optional weight attached to it for the purpose of Unequal Cost Multipath (UCMP) traffic distribution. The default value for SL weight is 1.
Preference - An optional, unsigned 32-bit integer used in the candidate path selection algorithm to select the active candidate path. The default value for preference is 100.
Binding SID (BSID) - an optional SID.
Note: In EOS, a BSID is mandatory for each candidate path.

SR Policy Sources

A headend learns SR policies using the following methods:

BGP
- Single agent routing model (Ribd)
- Multi-agent routing model
Local configuration using CLI
- Single agent routing model (Ribd)
- Multi-agent routing model
- Openconfig YANG models
PCEP
Note: EOS does not support PCEP.

Identity of a Candidate Path

A candidate path within an SR policy is identified by a 3-tuple of {Protocol-Origin, Originator, Discriminator}. In EOS, for locally configured policies:

The ASN in the Originator set to 0.
The node address in the Originator set to 0.0.0.0.
The discriminator set to the Preference configured.
Note: EOS CLI allows configuring only one candidate path at a given preference and does not allow configuring the discriminator for a candidate path.

State of an SID List (SL)

The following describes the state of an SL:

Valid - The top label of the SL resolves within the LFIB to the outgoing next hop(s), interface(s) and a label action.
Invalid - The top label of the SL unresolvable to the outgoing next hop(s), interface(s) and a label action. An SL is also marked as invalid when the SL is resolvable, but the resolved labeled stack exceeds the platform’s maximum SID depth (SID), that is, exceeds the maximum number of labels the platform can push in to the outgoing packet.
Note: The state is either valid or invalid.

State of a Candidate Path

The following describes the states of a candidate path.

Invalid - Not eligible to participate in the best/active candidate path selection algorithm because of one of the reasons below.
- Invalid constituent SLs in the candidate path.
- No Binding SID present in the candidate path.
- Binding SIDpresent but outside SRLB range for the candidate path.
Valid - At least one valid SL has lost out to some other candidate path in the best / active candidate path selection algorithm.
Active: - A valid candidate path exists and wins the best / active candidate path selection algorithm. The active candidate path installs in the switch hardware and forwards traffic.

State of an SR Policy

EOS considers an SR policy as valid when at least one of its candidate paths is valid. Otherwise, the SR policy is invalid.

Resolution of an SL

An SL resolves if the top label (first SID) can be resolved in the system Labeled FIB (LFIB) to yield a nexthop and outgoing interface(s). The other labels in the SID-List do not play a part in resolution.

Best Candidate Path (Active Candidate Path) Selection Algorithm

EOS overrides selection based on discriminator by retaining the current active candidate path even when current active path has a lower discriminator value. This reduces the active path flap when a new path appears with the same significance. The following lists a summary of valid candidate paths ordering for a given policy.

The candidate path with higher preference selected.
Locally configured candidate path selected over a BGP learned path
Lower originator selected in the following instances:
1. Lower AS number of Originator field selected.
2. Lower Node address of Originator field selected.
Current active candidate path selected in the following instances:

The following displays the reason for not selecting a path as an active path for a specified policy.

switch#show traffic-engineering segment-routing policy endpoint <endpoint> color <color>

Binding SID

The following describes the use cases for the Binding SID:

Stitch together multiple domains.
Stitch together different traffic tunnels .
Overcome label stack imposition limitation in hardware.

BSID Conflict Handling

Examples

Between Policies - If the policy (E1, C1) becomes eligible to be active first, then it installs in the LFIB and the policy (E2,C2) whose best path(CP1) conflicts with the Policy (E1, C1) and does not become active.
- Policy(E1, C1): CP1: Binding-SID 965536 (wins best path)
- Policy(E2, C2): CP1: Binding-SID 965536 (wins best path)
- CP2: Binding-SID 965537
with another Application: The SR-TE policies have the lowest preference when a conflict exists with any other application in EOS using the SRLB range. The candidate paths with the same binding-SID as that of an LFIB entry by another application, for example, static adjacency segment, remains invalid.

In both the cases, when the conflict no longer exists, the candidate paths re-evaluate and may become active.

BGP as a Source of Policies

SR Policies from a BGP peer (a controller, route reflector) received for installation at the headend by EOS. It does not propagate the received policies to BGP peers nor does it originate SR Policies for transmission to BGP peers.

The following supports IPv4 or IPv6 peers which can be single hop or multi-hop iBGP or eBGP peers.

SAFI 73 for AFI 1 and AFI 2: IPv4 and IPv6 policy endpoints, with the encoding defined in section 2.1 of Advertising Segment Routing Policies in BGP.
Note: The nexthop address-family must match the AFI of the NLRI.
Sub-TLVs of Tunnel Encapsulation TLV of type 15 (SR-TE Policy Type) of the Tunnel Encapsulation Path Attribute
1. Preference (Sub-TLV Type 12)
2. Binding SID (Sub-TLV Type 13) of length 2 or 6 bytes
3. Segment List (Sub-TLV Type 128). The following Segment List sub-TLVs are supported:
  1. Type 1 Segment (Sub-TLV type 1)
  2. Weight (Sub-TLV type 9)
4. Explicit NULL Label Policy (Sub-TLV Type 14)
5. SR Prefix SID (sub TLV 3 of TLV 149, TLV 150)
6. SR Range - Contents of TLV 149, TLV 150 (multi-topology)

Note: EOS ignores all other sub-TLVs of the Tunnel Encapsulation TLV and Segment List sub-TLVs.

Route-Target and NO_ADVERTISE Community in SR-TE SAFI Updates

EOS implements the Acceptance and Usability checks as defined in sections 4.2.1 and 4.2.2 of the IETF draft Advertising Segment Routing Policies in BGP. However EOS skips matching the Route-Target with the router-ID of the headend if the SR-TE NLRI is tagged with NO_ADVERTISE community.

ECMP does not support SR-TE SAFI Paths

EOS does not support ECMP for BGP SR-TE SAFI. The BGP path selects only one best candidate path and publishes it to SR-TE Policy Agent for candidate path selection.

Note: EOS supports ECMP of BGP next hops where each next hop resolves to an SR-TE policy.

Path Selection within BGP

The IETF draft Advertising Segment Routing Policies in BGP supports passing multiple candidate paths from a single protocol source for an SR-TE policy path selection. Therefore, it includes a field distinguisher in the NLRI which can be unique for each controller to make BGP pass through the policies. However when multiple sources use the same distinguisher, BGP performs a path selection for the tuple: Endpoint, Color and Distinguisher. The best path for that tuple publishes to the SR-TE Policy Agent for selecting an Active path. The best bgp-best-path selection applies to SR-TE SAFI as well.

Error Handling / Edge Cases

Weight 0: The IETF draft does not limit the range of SL weight to exclude weight 0. A SID-List with weight 0 is not used for forwarding so BGP module in EOS does not pass on SID-Lists with weight 0 to the SR-TE policy agent. Such SID-Lists will be visible in show bgp sr-te commands but not in show traffic-engineering segment-routing policy commands.
Empty SLs: Given the TLV encoding used to propagate SR Policies in BGP, it is possible to receive SID-Lists without SIDs. The BGP module in EOS does not pass empty SID-Lists to SR-TE policy agent. Such SID-Lists are visible in show bgp sr-te commands but not in show traffic-engineering segment-routing policy commands.
Non Type 1 segments: EOS supports only Type-1 segments. When receiving a BGP update with a SID-List that has non Type-1 segments, EOS ignores the entire SID-List and sends a BGP-4-SRTE_IGNORED_SEGMENT_LIST_UNSUPPORTED_SEGMENTS syslog. Such SID-Lists are not stored locally, and show bgp sr-te command does not display them.
Note: The SID-Lists made up of all Type-1 segments pass to the SR-TE policy agent.

Steering Traffic into a Policy

Incoming label as BSID - Labelled Steering

At the headend when receiving a packet with a label stack with a BSID of an active CP of a valid SR Policy as the top label, the headend pops the label, and imposes the resolved label stack on the outgoing packet.

Example

For instance, an SR Policy with an active candidate path with BSID 965536 and SL with label stack [965540, 900001, 900002]. Assume that 965540 is an IS-IS SR Adjacency SID. An incoming packet has a label stack [965536, 100000] then the outgoing label stack consists of [900001, 900002, 100000].

Steering BGP learnt IP(v6) prefixes - IP Steering

Incoming label is BSID - Labelled Steering

At the headend, BGP IPv4 and IPv6 routes receive one or more extended color communities and recursively resolves them through any active SR Policy that matches the BGP routes’ nexthop and color. When receiving an IPv4 or IPv6 packetforwarded using this policy, the SL’s resolved label stack imposes on the outgoing packet.

For BGP routes received with color community to be steered via an SR policy, the route’s nexthop must already be resolvable through IGP. If no resolving route exists in IGP, the route is considered unresolvable and does not program in hardware even if a matching SR policy existsfor the corresponding nexthop and color.

If no matching SR policy exists for the received BGP nexthop and color, the route resolves through the IGP route in IP RIB. If an active SR policy that matches the BGP nexthop and color gets instantiated at a later time, the BGP route changes from resolving through IGP to the new active SR policy.

Note: The recursion through SR policy is only applicable for active BGP routesin RIB.

Color only IP steering using CO bits

It is possible to relax the requirement of an exact match of the BGP route’s nexthop with the endpoint of the SR Policy using the “CO” (Color Only) bits in the color extended community. The “CO” bits are 2 reserved bits repurposed for color only steering as defined in section 3 of Advertising Segment Routing Policies in BGP. The exact match of the nexthop is done with the CO bits set to 00 or 11.

CO = 01 Steering: relaxes the nexthop to match the null endpoint of a policy. For a BGP route with nexthop N and color C, the following order is used for resolution. If there is no IGP route resolving the BGP nexthop, the route is not programmed in hardware.

Active SR policy with endpoint N and color C
Active SR policy with null endpoint (from the same AFI as the BGP route) and color C
Active SR policy with null endpoint from any AFI and color C
IGP route

CO = 10 Steering: in addition to the steps in CO = 01 steering, CO = 10 additionally relaxes the nexthop to match any endpoint. The following order is used for resolving a BGP route with nexthop N and color C. The behavior described is in accordance with section 8.8.1 of the IETF draft Segment Routing Policy for Traffic Engineering.

Active SR policy with endpoint N and color C
Active SR policy with null endpoint (from the same AFI as the BGP route) and color C
Active SR policy with null endpoint from any AFI and color C
Active SR policy for any endpoint from the same AFI as the BGP route and color C
Active SR policy for any endpoint from any AFI and color C
IGP route

ECMP of IPv4/IPv6 Prefixes that Resolve over SR-TE Policies

When multiple BGP paths of BGP unicast prefixes resolve through active SR policies form ECMP, the resulting FIB entry for the BGP route has an ECMP of segment list paths which is a union of all the segments-list entries present in each of the resolving SR policies for the BGP paths.

Example

The following table displays four paths for prefix 192.1.0.0/31, and each of the four paths resolves via SR-TE policies.

Table 1. List of Paths Resolved via SR-TE Policies
Path	Nexthop	Color	Policy EP	Policy Color	Segment Lists	Per SL Traffic Distribution
1	1.0.0.2	CO(00):1000	1.0.0.2	1000	[2500 500], Weight: 1 [2501 500], Weight: 2	8.33% 16.66%
2	1.0.2.2	CO(00):2000	1.0.2.2	2000	[2502 500], Weight: 1 [2503 500], Weight: 1	12.5% 12.5%
3	1.0.4.2	CO(00):3000	1.0.4.2	3000	[2504 500], Weight: 1 [2505 500], Weight: 1	12.5% 12.5%
4	1.0.6.2	CO(00):4000	1.0.6.2	4000	[2506 500], Weight: 1 [2507 500], Weight: 1	12.5% 12.5%

 B I    192.1.0.0/31 [200/0] via SR-TE Policy 1.0.4.2, color 3000
                             via SR-TE tunnel index 6, weight 1
                                via 1.0.4.2, Ethernet1, label 2505 500
                             via SR-TE tunnel index 5, weight 1
                                via 1.0.4.2, Ethernet1, label 2504 500
                          via SR-TE Policy 1.0.0.2, color 1000
                             via SR-TE tunnel index 2, weight 1
                                via 1.0.0.2, Ethernet2, label 2501 500
                             via SR-TE tunnel index 1, weight 1
                                via 1.0.0.2, Ethernet2, label 2500 500
                          via SR-TE Policy 1.0.2.2, color 2000
                             via SR-TE tunnel index 4, weight 1
                                via 1.0.2.2, Ethernet3, label 2503 500
                             via SR-TE tunnel index 3, weight 1
                                via 1.0.2.2, Ethernet3, label 2502 500
                          via SR-TE Policy 1.0.6.2, color 4000
                             via SR-TE tunnel index 8, weight 1
                                via 1.0.6.2, Ethernet6, label 2507 500
                             via SR-TE tunnel index 7, weight 1
                                via 1.0.6.2, Ethernet6, label 2506 500

The traffic distribution honors the weights of the SID-Lists. In the example, each of the four SR Policies will get 25% of the total traffic meant for prefix 192.1.0.0/31. Within each policy, the distribution is based on the weights of the SID-Lists.

ECMP Group when some BGP unicast paths resolve over SR Policies and some via non SR Policy IGP paths

If some BGP paths resolve via SR Policy paths and some BGP paths resolve via non SR Policy IGP, then the ECMP group formed programmed as the active route in FIB, only considers the SR Policy paths. ECMP in the FIB is not formed between paths that resolve over SR Policy and paths that resolve via non SR Policy IGP routes. In the example above, if SR Policy with endpoint 1.0.6.2 and color 4000 becomes inactive or is removed, the FIB path for 192.1.0.0/31 resolves via 3 SR Policies as shown below.

B I    192.1.0.0/31 [200/0] via SR-TE Policy 1.0.4.2, color 3000
                             via SR-TE tunnel index 6, weight 1
                                via 1.0.4.2, Ethernet1, label 2505 500
                             via SR-TE tunnel index 5, weight 1
                                via 1.0.4.2, Ethernet1, label 2504 500
                          via SR-TE Policy 1.0.0.2, color 1000
                             via SR-TE tunnel index 2, weight 1
                                via 1.0.0.2, Ethernet2, label 2501 500
                             via SR-TE tunnel index 1, weight 1
                                via 1.0.0.2, Ethernet2, label 2500 500
                          via SR-TE Policy 1.0.2.2, color 2000
                             via SR-TE tunnel index 4, weight 1
                                via 1.0.2.2, Ethernet3, label 2503 500
                             via SR-TE tunnel index 3, weight 1
                                via 1.0.2.2, Ethernet3, label 2502 500

Note: show ip bgp still shows a 4-way ECMP. The FIB paths switch to resolving via the (non SR Policy) IGP paths when there are no BGP paths in the ECMP group that resolve via an SR Policy.

UCMP of IPv4/IPv6 prefixes using LinkBandwidth (LBW) Extended Community that resolve over SR-TE policies not supported

When multiple BGP paths of BGP unicast prefixes resolve through active SR policies form ECMP, and the unicast paths also contain the LBW extended community, EOS does not form UCMP amongst the unicast paths. Only ECMP is formed at the unicast prefix level. The LBW is ignored the behavior is identical to the behavior explained in the previous section.

Resolution of BGP unicast prefixes that resolve over other BGP unicast prefixes resolved via SR Policies

A BGP unicast prefix P1, that is recursively resolved via another BGP prefix P2, such that P2 resolves via an SR Policy, then in the FIB, P1 is programmed with the resolved nexthop pointing to the non SR Policy resolution of P2. P1 does not use P2s SR Policy for forwarding.

Explicit Null Label Imposition

When the address family of the BGP unicast prefix is not the same as the address family of the endpoint of the SR Policy that the unicast prefixes resolves via, an explicit null label is automatically imposed in the outgoing label stack.

Example

If an IPv4 unicast prefix P1 resolves over a policy whose endpoint EP1 is an IPv6 address (this can happen due to color only CO=01/10 steering with P1 having an IPv4 nexthop) and the SR Policy had a SID-List whose resolved label stack is [1001, 1002, 1003], the outgoing packet is imposed with [1001, 1002, 1003, 2] where 0 is the IPv4 explicit null label.

If an IPv6 prefix P2, resolves over a policy whose endpoint EP2 is an IPv4 address (this can happen with color only CO=01/10 steering with P2 having a IPv6 nexthop) and the SR Policy had a SID-List whose resolved label stack is [1001, 1002, 1003], the outgoing packet is imposed with [1001, 1002, 1003, 2] where 2 is the IPv6 explicit null label.

The following table lists the configurations which result in having explicit-null label in the resolved label stack.

Table 2. Configurations resulting in Explicit-Null Label in Resolved Label Stack
ENLP configuration for the resolving SR Policy	IPv4 Prefixes	IPv6 Prefixes
None	-	-
IPv4	IPv4 explicit null appended to the end of label stack	-
IPv6	-	IPv6 explicit null appended to the end of label stack
Both	IPv4 explicit null appended to the end of label stack	IPv6 explicit null appended to the end of label stack
No/Default config (incase of BGP learnt policies ENLP Sub-TLV is not received)	Resolving SR Policy has IPv4 Endpoint address: No explicit-null	Resolving SR Policy has IPv4 Endpoint address: IPv6 explicit null appended to the end of label stack
	Resolving SR Policy has IPv6 Endpoint address: IPv4 explicit null appended to the end of label stack	Resolving SR Policy has IPv6 Endpoint address: No explicit-null

Traffic Accounting

All egress tunnel counters (MPLS/GRE/MPLSoGRE using SR-TE/Nexthop-group/BGP-LU tunnel types) share the same hardware resource.

7280E/7500E systems: Up to 16k tunnels
7280R/7500R systems: Up to 8k tunnels

Tunnel counters are allocated on a first-come, first-served basis. Configurations using GRE/MPLSoGRE, GRE, and MPLS further limit a maximum of 4k countable egress MPLS tunnels on 7280R/7500R.

FEC Optimizations

The hardware FEC usage could be reduced as the underlying FEC is shared among different routes.

Programming of the active candidate path of an SR-TE policy in hardware is shared between the BSID route and IP steering route.
If all of the following conditions are met, ISIS-SR MPLS routes and tunnel entries directly point to the next hop FEC generated by the routing agent (IGP FEC).
- All the next hops of the MPLS route either point to pop or forward (i.e. swapping to the same label) label action.
- The switch is either a 7280 or a 7500 platform.
The corresponding SR-TE policy BSID routes (and corresponding Segment List tunnels) that resolve over ISIS-SR MPLS routes, will directly point to the IGP FEC.

Configuring SR-TE

The following commands start the SrTePolicy agent and enter the switch into the Traffic Engineering configuration sub-mode.

switch(config)# router traffic-engineering
switch(config-te)# segment-routing

Note: The agent must be running even if the only source of policies is BGP.

Static Policy Configuration

The following commands set the policy using endpoint and color value, and define the BSID for the policy.

switch(config-te-sr)# policy endpoint v4Address|v6Address color color-value
switch(config-te-sr-policy)# binding-sid mpls-label
switch(config-te-sr-policy)# path-group preference value

The following commands enter the policy path configuration sub mode, and adds a segment list to the candidate path.

switch(config-te-sr-policy)# path-group preference value
switch(config-te-sr-policy-path)# segment-list label-stack label1 label2 … weight value

Note: The default weight value is 1. Adding weight is optional. Repear the configuration statement for multiple segment lists per candidate path.

The following commands configures a null label policy.

switch(config-te-sr-policy-path)# explicit-null [none|ipv4|ipv6|both]

Note: The null label policy configuration is optional.

BGP configuration for SR-TE SAFI

The following commands configures a BGP router to activate a neighbor to negotiate and accept SR-TE address-family with this peer.

switch(config)# router bgp <as>
switch(config-router-bgp)# address-family ipv4|ipv6 sr-te
switch(config-router-bgp-af-srte)# neighbor neighbor activate

The following command configures an inbound route-map to filter or modify attributes on incoming SR-TE prefixes from the peer.

switch(config-router-bgp-af-srte)# neighbor neighbor route-map routeMapName in

Configuring Egress SR-TE Traffic Accounting

The following command enables egress traffic accounting for SR policies (also known as MPLS tunnels).

switch(config)# hardware counter feature mpls tunnel

The following command displays current status of the MPLS counters.

switch#show hardware counter feature
Feature            Direction        Counter Resource (Engine)
------------------ ---------------- --------------------------
ACL-IPv4           out              Jericho: 2, 3
ACL                in               Jericho: 4, 5, 6, 7
MPLS tunnel        out              Jericho: 8, 9

The following command disables egress traffic accounting for SR policies.

switch(config)# no hardware counter feature mpls tunnel

The following command displays a summary information of SR-TE SAFI.

switch# show bgp sr-te summary
BGP summary information for VRF default
Router identifier 100.1.1.2, local AS number 100
Neighbor Status Codes: m - Under maintenance
  Neighbor         V  AS           MsgRcvd   MsgSent  InQ OutQ  Up/Down State  PfxRcd PfxAcc
  100.1.1.1        4  100              407       413    0    0 00:18:57 Estab  1      1
  1000::1          4  100              407       413    0    0 00:18:57 Estab  1      1

The following command displays a summary information of candidate paths received from neighbors which have negotiated AFI=1 for SR-TE SAFI.

switch# show bgp sr-te ipv4 summary
BGP summary information for VRF default
Router identifier 100.1.1.2, local AS number 100
Neighbor Status Codes: m - Under maintenance
  Neighbor    V  AS   MsgRcvd  MsgSent InQ OutQ  Up/Down  State  PfxRcd PfxAcc
  100.1.1.1   4  100  407      413     0   0     00:18:57 Estab  0      0

The following command displays a summary information of candidate paths received from neighbors which have negotiated AFI=2 for SR-TE SAFI.

switch# show bgp sr-te ipv6 summary
BGP summary information for VRF default
Router identifier 100.1.1.2, local AS number 100
Neighbor Status Codes: m - Under maintenance
  Neighbor     V  AS   MsgRcvd  MsgSent InQ OutQ  Up/Down  State  PfxRcd PfxAcc
  1000::1      4  100  407      413     0   0     00:18:57 Estab  0      0

The following command displays all the SR-TE candidate paths.

switch# show bgp sr-te
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
Policy status codes: * - valid, > - active, E - ECMP head, e - ECMP
                    c - Contributing to ECMP
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop

     Endpoint    Color   Distinguisher   Next Hop    Metric  LocPref Weight  Path
*>   133.1.1.1   0       1               130.1.1.3   0       100     0       ?
*>   133.1.1.1   0       2               130.1.1.3   0       100     0       ?
*>   1330::1     0       1               1300::3     0       100     0       ?
*>   1330::1     0       2               1300::3     0       100     0       ?

The following command displays all the SR-TE candidate paths with IPv4 endpoints.

switch# show bgp sr-te ipv4
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
Policy status codes: * - valid, > - active, E - ECMP head, e - ECMP
                    c - Contributing to ECMP
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop

     Endpoint   Color   Distinguisher   Next Hop    Metric  LocPref Weight  Path
*>   133.1.1.1  0       1               130.1.1.3   0       100     0       ?
*>   133.1.1.1  0       2               130.1.1.3   0       100     0       ?

The following command displays all the SR-TE candidate paths with IPv6 endpoints.

switch# show bgp sr-te ipv6
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
Policy status codes: * - valid, > - active, E - ECMP head, e - ECMP
                    c - Contributing to ECMP
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop

     Endpoint   Color   Distinguisher   Next Hop   Metric  LocPref Weight  Path
*>   1330::1    0       1               1300::3    0       100     0       ?
*>   1330::1    0       2               1300::3    0       100     0       ?

The following command displays information about a specific candidate path.

switch# show bgp sr-te endpoint 133.1.1.1 color 0 distinguisher 1
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
BGP routing table entry for Endpoint: 133.1.1.1 Color: 0 Distinguisher: 1
 Paths: 1 available
  Local
    130.1.1.3 from 100.1.1.2 (100.1.1.2)
      Origin INCOMPLETE, metric 0, localpref 100, IGP metric 0, weight 0, 
      received 00:01:29 ago, valid, internal, best
      Community: no-advertise
      Rx SAFI: SR TE Policy

The following command displays information about a specific candidate path including the contents of the Tunnel encapsulation path attribute TLV of type SR policy.

switch# show bgp sr-te endpoint 133.1.1.1 color 0 distinguisher 1 detail
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
BGP routing table entry for Endpoint: 133.1.1.1 Color: 0 Distinguisher: 1
 Paths: 1 available
  Local
    130.1.1.3 from 100.1.1.2 (100.1.1.2)
      Origin INCOMPLETE, metric 0, localpref 100, IGP metric 0, weight 0, 
      received 00:01:29 ago, valid, internal, best
      Community: no-advertise
      Rx SAFI: SR TE Policy
      Tunnel encapsulation attribute: SR Policy
         Preference: 200
         Binding SID: 965536
         Explicit null label policy: IPv4
         Segment-List: Label Stack: [ 16004 16003 ], Weight: 10
         Segment-List: Label Stack: [ 2000 3000 ]

The following command displays information about SR candidate paths received from the specified neighbor. The “policies” keyword displays only the candidate paths that are accepted. “received-policies” additionally also displays the rejected candidate paths.

switch# show bgp neighbors 100.1.1.2 ipv4 sr-te policies
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
Policy status codes: * - valid, > - active
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop

     Endpoint   Color   Distinguisher   Next Hop    Metric  LocPref Weight  Path
*>   133.1.1.1  0       1               133.1.1.3   0       100     0       ?
*>   133.1.1.1  0       2               133.1.1.3   0       100     0       ?

The following command displays information about SR candidate paths received from the specified neighbor along with the contents of the Tunnel Encapsulation path attribute’s TLV of type SR Policy. The policies keyword displays only the candidate paths that are accepted. received-policies additionally also displays the rejected candidate paths..

switch# show bgp neighbors 100.1.1.2 ipv4 sr-te policies detail
BGP routing table information for VRF default
Router identifier 100.1.1.1, local AS number 100
BGP routing table entry for Endpoint: 133.1.1.1 Color: 0 Distinguisher: 2
 Paths: 1 available
  Local
    130.1.1.3 from 100.1.1.2 (100.1.1.2)
      Origin INCOMPLETE, metric 0, localpref 100, IGP metric 0, weight 0, 
      received 00:01:29 ago, invalid, internal
      Rx SAFI: SR TE Policy
      Tunnel encapsulation attribute: SR Policy
         Preference: 200
         Binding SID: 965536
         Explicit null label policy: IPv4
         Segment-List: Label Stack: [ 16004 16003 ], Weight: 10
         Segment-List: Label Stack: [ 2000 3000 ]

PBR Policies

Policy-Based Routing (PBR) allows the operator to specify the next hop for selected incoming packets on an L3 interface, overriding the routing table. Incoming packets are filtered through a policy map referencing one or more ACLs, and matching packets are routed to the next hop specified.

A PBR policy map is composed of one or more classes and can include next-hop information for each class. It can also include single-line raw match statements, which have the appearance and function of a single line from an ACL. Each class contains an eponymous class map. Class maps are user-created, can be edited or deleted, filter traffic using IPv4 ACLs, and are listed in running-config.

These sections describe PBR policy configuration procedures:

Configuring PBR Policies Arad Platform Switches
Configuring PBR Policies FM6000 Platform Switches
Configuring PBR Policies Petra Platform Switches
Configuring PBR Policies Trident Platform Switches

Traffic Management Configuration Arad Platform Switches

Traffic policies are implemented by policy maps, which are applied to the control plane, or to L3 interfaces for Policy-Based Routing (PBR). Policy maps contain classes, which are composed of class maps and traffic resolution commands.

Traffic Management Conceptual Overview describes traffic policies.

Configuring Control Plane Traffic PoliciesArad Platform Switches

Default control plane traffic policies are implemented automatically without user intervention. These policies are modified by associating traffic resolution commands with static classes that comprise the control plane policy map.

Static Class Maps

Control plane traffic policies utilize static class maps, which are provided by the switch, are not editable, and cannot be deleted.

Editing the Policy Map

The only control plane policy map is copp-system-policy, which cannot be deleted. In its default form, copp-system-policy consists of the classes listed in class (policy-map (control-plane) Arad). Although the underlying class map of each class cannot be edited, the traffic resolution commands can be adjusted. The default classes cannot be removed from the policy map and their sequence within the policy map is not editable.

Policy maps are modified in policy-map configuration mode. The policy-map type copp command enters policy-map configuration mode.

Example

This command enters policy-map configuration mode for editing copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

The class (policy-map (control-plane) Arad) command enters policy-map-class configuration mode, where traffic resolution commands are modified for the configuration mode class.

Example

This command enters policy-map-class configuration mode for the copp-system-lacp static class.

switch(config-pmap-copp-system-policy)# class copp-system-lacp
switch(config-pmap-c-copp-system-policy-copp-system-lacp)#

Two traffic resolution commands determine bandwidth parameters for class traffic:

bandwidth (policy-map-class (control-plane) Arad) specifies the minimum bandwidth.
shape (policy-map-class (control-plane) Arad) specifies the maximum bandwidth.

Example

These commands configure a bandwidth range of 2000 to 4000 kilobits per seconds (kbps) for traffic filtered by the copp-system-lacp class map:

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# bandwidth kbps 2000
switch(config-pmap-c-copp-system-policy-copp-system-lacp)# shape kbps 4000
switch(config-pmap-c-copp-system-policy-copp-system-lacp)#

Policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the modified policy map.

Example

These commands exit policy-map-class configuration mode, display the pending policy-map, then exit policy-map configuration mode, which saves the altered policy map to running-config.

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class copp-system-bpdu

  class copp-system-lldp

  class copp-system-lacp
    shape kbps 4000
    bandwidth kbps 2000

  class copp-system-l3ttl1

  class copp-system-l3slowpath


switch(config-pmap-copp-system-policy)# exit
switch(config)#

Applying Policy Maps to the Control Plane

The copp-system-policy policy map is always applied to the control plane. No commands are available to add or remove this assignment.

Displaying Policy Maps

The show policy-map interface type qos command displays the configured values of the policy maps classes and the number of packets filtered and dropped as a result of the class maps.

Example

These commands exit policy-map-class configuration mode, display the pending policy-map, then exit policy-map configuration mode, which saves the altered policy map to running-config.

switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy
  Hardware programming status: InProgress

  Class-map: copp-system-mlag (match-any)
       shape : 10000001 kbps
       bandwidth : 10000001 kbps
      Out Packets : 0
      Drop Packets : 0

  Class-map: copp-system-bpdu (match-any)
       shape : 2604 kbps
       bandwidth : 1302 kbps
      Out Packets : 0
      Drop Packets : 0

  Class-map: copp-system-lacp (match-any)
       shape : 4230 kbps
       bandwidth : 2115 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# exit

Configuring QoS Traffic Policies Arad Platform Switches

QoS traffic policies are implemented by creating class maps and policy maps, then applying the policy maps to Ethernet and port channel interfaces.

Creating Class Maps

QoS traffic policies utilize dynamic class maps that are created and modified in class-map configuration mode. The class-map type qos command enters class-map configuration mode.

Example

This command enters class-map configuration mode to create QoS class map named Q-CMap_1.

switch(config)# class-map type qos match-any Q-CMap_1
switch(config-cmap-Q-CMap_1)#

A class map contains one IPv4 access control list (ACL). The match ip access-group command assigns an ACL to the class map. Subsequent match commands replace the existing match command. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded.

Example

This command adds the IPv4 ACL named ACL_1 to the class map.

switch(config-cmap-Q-CMap_1)# match ip access-group ACL_1
switch(config-cmap-Q-CMap_1)#

Class-map configuration mode is a group-change mode. Changes made in a group-change mode are saved by exiting the mode. The show active command displays the saved version of class map. The show pending command displays the unsaved class map.

Example

The show active command indicates that the configuration mode class map is not stored in running-config. The show pending command displays the class map to be stored upon exiting class-map configuration mode.

switch(config-cmap-Q-CMap_1)# show active
switch(config-cmap-Q-CMap_1)# show pending
class-map type qos match-any Q-CMap_1
   match ip access-group ACL_1

switch(config-cmap-Q-CMap_1)#

The exit command returns the switch to global configuration mode and saves pending class map changes. The abort command returns the switch to global configuration mode and discards pending changes.

Example

This command exits class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-CP-CMAP_1)# exit
switch(config)# show class-map type control-plane CP-CMAP_1
  Class-map: CP-CMAP_1 (match-any)
    Match: ip access-group name ACLv4_1
switch(config)#

Creating Policy Maps

Policy maps are created and modified in policy-map configuration mode. The policy-map type quality-of-service command enters policy-map configuration mode.

Example

This command places the switch in policy-map configuration mode and creates a QoS policy map named Q-PMAP_1.

switch(config)# policy-map type quality-of-service Q-PMAP_1
switch(config-pmap-Q-PMAP_1)#

Policy map are edited by adding or removing classes. A class automatically contains its eponymous class map; traffic resolution commands are added or edited in policy-map-class configuration mode. The below command adds a class to the configuration mode policy map and places the switch in policy-map-class configuration mode, where traffic resolution commands are added to the class.

Example

This command adds the Q-CMap_1 class to the Q-PMAP_1 policy map and places the switch in policy-map-class configuration mode.

switch(config-pmap-Q-PMAP_1)# class Q-CMap_1
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

The set cos commands configure traffic resolution methods for data that passes the class map:

set cos sets the Layer 2 CoS field.
set dscp sets the DSCP value in the ToS byte.
set traffic class specifies a traffic class queue.

Example

These commands configure the policy map to set the CoS field 7 on packets filtered by the class map, then assigns those packets to traffic class 4.

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set cos 7
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set traffic-class 4
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

Policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active and show pending commands display the saved and modified policy map versions, respectively.

Example

These commands exit policy-map-class configuration mode, display the pending policy-map, then exit policy-map configuration mode to save the altered policy map to running-config.

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# exit
switch(config-pmap-Q-PMAP_1)# show pending
policy-map type quality-of-service Q-PMAP_1
  class Q-CMap_1
    set cos 7
    set traffic-class 4

  class class-default

switch(config-pmap-Q-PMAP_1)# exit
switch(config)#

The last class in all QoS policy maps is class-default. The class-default class map matches all traffic except IPv4 or IPv6 traffic and provides no traffic resolution commands. The class-default class map is not editable; traffic resolution commands can be added to the class-default class.

To modify traffic resolution commands for the class-default class, enter policy-map-class configuration mode for the class, then enter the desired set commands.

Example

These commands enter policy-map-class configuration mode for class-default, configures the stream to enter traffic class 2, and saves the altered policy map to running-config.

switch(config)# policy-map type quality-of-service Q-PMap_1
switch(config-pmap-Q-PMap_1)# class class-default
switch(config-pmap-c-Q-PMap_1-class-default)# set traffic-class 2
switch(config-pmap-c-Q-PMap_1-class-default)# exit
switch(config-pmap-Q-PMap_1)# exit
switch(config)# show policy-map type qos Q-PMap_1
Service-policy Q-PMap_1

  Class-map: Q-CMap_1 (match-any)
    Match: ipv6 access-group name ACLv6_1
       set cos 7
       set traffic-class 4

  Class-map: class-default (match-any)
       set traffic-class 2

switch(config)#

Applying Policy Maps to an Interface

The service-policy type qos (Interface mode) command applies a specified policy map to the configuration mode interface.

These commands apply PMAP-1 policy map to interfaceEthernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# show active
switch(config-if-Et8)# service-policy input PMAP-1
switch(config-if-Et8)# show active
interface Ethernet8
   service-policy type qos input PMAP-1
switch(config-if-Et8)#

Configuring PBR Policies Arad Platform Switches

Policy-Based Routing (PBR) is implemented by creating class maps and policy maps, then applying the policy maps to Ethernet interfaces, port channel interfaces or switch virtual interfaces (SVIs).

Creating PBR Class Maps

PBR policies utilize class maps that are created and modified in the class-map configuration mode. The class-map type pbr command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode to create a PBR class map named CMAP1.

switch(config)# class-map type pbr match-any CMAP1
switch(config-cmap-PBR-CMAP1)#

A class map contains one or more access control lists (ACLs). The match (policy-map (pbr)) command assigns an ACL to the class map. Subsequent match commands add additional ACLs to the class map. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded; if a class map includes ACLs with deny rules, the configuration reverts to its previous state.

Example

This command adds the ACL named ACL1 to the class map.

switch(config-cmap-PBR-CMAP1)# match ip access-group ACL1
switch(config-cmap-PBR-CMAP1)#

The class-map configuration mode is a group-change mode. Changes made in a group-change mode are saved by exiting the mode. The show active command displays the saved version of class map.

The show active command indicates that the configuration mode class map is not stored in running-config.

switch(config-cmap-PBR-CMAP1)# show active
switch(config-cmap-PBR-CMAP1)#

The exit command returns the switch to the global configuration mode and saves pending class map changes. The abort command returns the switch to the global configuration mode and discards pending changes.

Example

This command exits class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-PBR-CMAP1)# exit
switch(config)# show class-map type pbr CMAP1
class-map type pbr match-any CMAP1
   10 match ip access-group ACL1
switch(config)#

Creating PBR Policy Maps

Policy maps are created and modified in policy-map configuration mode. The policy-map type pbr command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for creating a PBR policy map named PMAP1.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)#

Policy map are edited by adding or removing classes. A class automatically contains its eponymous class map; next-hop commands are added or edited in the policy-map-class configuration mode. The class (policy-map (pbr)) command adds a class to the configuration mode policy map and places the switch in the policy-map-class configuration mode, where next-hop commands are added to the class.

Example

This command adds the CMAP1 class to the policy map and places the switch into the policy-map-class configuration mode.
```
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)#
```
The set nexthop (policy-map-class pbr) command configures the next hop for data that passes the class map.
This command configures the policy map to set the next hop to 10.12.0.5 on packets filtered by the class map.
```
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop 10.12.0.5
switch(config-pmap-c-PMAP1-CMAP1)#
```
The set nexthop-group (policy-map-class(pbr) Arad) command configures a nexthop group as the next hop for data that passes the class map.
These commands configure the policy map PMAP1 to set the next hop to a nexthop group named GROUP1 for traffic defined by class map CMAP1.
```
switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop-group GROUP1
switch(config-pmap-c-PMAP1-CMAP1)#
```
The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the currently saved map version.
These commands exits the policy-map-class configuration mode, then exits the policy-map configuration mode to save the altered policy map to running-config.
```
switch(config-pmap-c-PMAP1-CMAP1)# exit
switch(config-pmap-PMAP1)# exit
switch(config)#
```

Applying a PBR Policy Map to an Interface

The service-policy type pbr (Interface mode) command applies the specified PBR policy map to the configuration mode interface. Only one PBR service policy is supported per interface.

These commands apply the PMAP1 PBR policy map to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# service-policy type pbr input PMAP1
switch(config-if-Et8)#

Hardware Decapsulation

When hardware decapsulation takes place, PBR policy maps on Arad platform switches match on outer packet headers (i.e., they match based on the attributes of the packet before it is decapsulated).

Traffic Management Configuration FM6000 Platform Switches

Traffic policies are implemented by policy maps, which are applied to the control plane or an interface. Policy maps contain classes, which are composed of class maps and traffic resolution commands. Traffic Management Conceptual Overview describes traffic policies.

FM6000 platform switches support the following traffic policies:

Control plane policies manage control plane traffic.
QoS traffic policies manage traffic on Ethernet and port channel interfaces.

These sections describe the construction and application of policy maps on FM6000 platform switches:

Configuring Control Plane Traffic Policies FM6000 Platform Switches
Configuring QoS Traffic Policies FM6000 Platform Switches
Configuring PBR Policies FM6000 Platform Switches

Configuring Control Plane Traffic PoliciesFM6000 Platform Switches

Static Class Maps

Control plane traffic policies utilize static class maps, which are provided by the switch, are not editable, and cannot be deleted.

Editing the Policy Map

The only control plane policy map is copp-system-policy, which cannot be deleted. In its default form, copp-system-policy consists of the classes listed in copp-system-policy default classes: FM6000 Platform Switches. Although the underlying class map of each class cannot be edited, the traffic resolution commands can be adjusted. The default classes cannot be removed from the policy map and their sequence within the policy map is not editable.

Table 3. Copp-system-policy Default Classes: FM6000 Platform Switches
Class Name	shape (pps)	bandwidth (pps)
copp-system-arp	10000	1000
copp-system-default	8000	1000
copp-system-ipmcrsvd	10000	1000
copp-system-ipmcmiss	10000	1000
copp-system-igmp	10000	1000
copp-system-l2rsvd	10000	10000
copp-system-l3slowpath	10000	1000
copp-system-pim-ptp	10000	1000
copp-system-ospf-isis	10000	1000
copp-system-selfip	5000	5000
copp-system-selfip-tc6to7	5000	5000
copp-system-sflow	25000	1000

Policy maps are modified in the policy-map configuration mode. The policy-map type copp command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for editing copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

The class (policy-map (control-plane) FM6000) command enters the policy-map-class configuration mode, where traffic resolution commands are modified for the configuration mode class.

Example

This command enters the policy-map-class configuration mode for the copp-system-arp static class.

switch(config-pmap-copp-system-policy)# class copp-system-arp
switch(config-pmap-c-copp-system-policy-copp-system-arp)#

Two traffic resolution commands determine bandwidth parameters for class traffic:

bandwidth (policy-map-class (control-plane) FM6000)
shape (policy-map-class (control-plane) FM6000)

Example

These commands configure a bandwidth range of 2000 to 4000 packets per seconds (pps) for traffic filtered by the copp-system-arp class map:

switch(config-pmap-c-copp-system-policy-copp-system-arp)# bandwidth pps 2000
switch(config-pmap-c-copp-system-policy-copp-system-arp)# shape pps 4000
switch(config-pmap-c-copp-system-policy-copp-system-arp)#

The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the modified policy map.

Example

These commands exit the policy-map-class configuration mode, display the pending policy-map, then exits the policy-map configuration mode, which saves the altered policy map to running-config.

switch(config-pmap-c-copp-system-policy-CP-CMAP_1)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class CP-CMAP_1
    shape pps 4000
    bandwidth pps 2000

  class copp-system-bpdu

  class copp-system-lldp

  class copp-system-lacp

  class copp-system-arp

  class copp-system-arpresolver

  class copp-system-default

switch(config-pmap-copp-system-policy)#exit
switch(config)#

Applying Policy Maps to the Control Plane

The copp-system-policy policy map is always applied to the control plane. No commands are available to add or remove this assignment.

Configuring QoS Traffic Policies FM6000 Platform Switches

QoS traffic policies are implemented by creating class maps and policy maps, then applying the policy maps to Ethernet and port channel interfaces.

Creating Class Maps

QoS traffic policies utilize dynamic class maps that are created and modified in the class-map configuration mode. The class-map type qos command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode to create QoS class map named Q-CMap_1.

switch(config)# class-map type qos match-any Q-CMap_1
switch(config-cmap-Q-CMap_1)#

A class map contains one IPv4 access control list (ACL). The match (class-map (qos) FM6000) command assigns an ACL to the class map. Subsequent match commands replace the existing match command. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded.

Example

This command adds the IPv4 ACL named ACL_1 to the class map.

switch(config-cmap-Q-CMap_1)# match ip access-group ACL_1
switch(config-cmap-Q-CMap_1)#

The class-map configuration mode is a group-change mode. Changes made in a group-change mode are saved by exiting the mode. The show active command displays the saved version of class map. The show pending command displays the unsaved class map.

Example

The show active command indicates that the configuration mode class map is not stored in running-config. The show pending command displays the class map to be stored upon exiting the class-map configuration mode.

switch(config-cmap-Q-CMap_1)# show active
switch(config-cmap-Q-CMap_1)# show pending
class-map type qos match-any Q-CMap_1
   match ip access-group ACL_1

switch(config-cmap-Q-CMap_1)#

Example

This command exits the class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-CP-CMAP_1)# exit
switch(config)# show class-map type control-plane CP-CMAP_1
  Class-map: CP-CMAP_1 (match-any)
    Match: ip access-group name ACLv4_1
switch(config)#

Creating Policy Maps

Policy maps are created and modified in the policy-map configuration mode. The policy-map type quality-of-service command enters the policy-map configuration mode.

Example

This command places the switch in the policy-map configuration mode and creates a QoS policy map named Q-PMAP_1.

switch(config)# policy-map type quality-of-service Q-PMAP_1
switch(config-pmap-Q-PMAP_1)#

Policy map are edited by adding or removing classes. A class automatically contains its eponymous class map; traffic resolution commands are added or edited in the policy-map-class configuration mode. The class (policy-map (qos) FM6000) command adds a class to the configuration mode policy map and places the switch in the policy-map-class configuration mode, where traffic resolution commands are added to the class.

Example

This command adds the Q-CMap_1 class to the Q-PMAP_1 policy map and places the switch in the policy-map-class configuration mode.

switch(config-pmap-Q-PMAP_1)# class Q-CMap_1
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

set (policy-map-class (qos) FM6000) commands configure traffic resolution methods for data that passes the class map:

set cos sets the Layer 2 CoS field.
set dscp sets the DSCP value in the ToS byte.
set traffic class specifies a traffic class queue.

Example

These commands configure the policy map to set the CoS field 7 on packets filtered by the class map, then assigns those packets to traffic class 4.

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set cos 7
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set traffic-class 4
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active and show pending commands display the saved and modified policy map versions, respectively.

Example

These commands exit the policy-map-class configuration mode, display the pending policy-map, then exits the policy-map configuration mode to save the altered policy map to running-config.

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# exit
switch(config-pmap-Q-PMAP_1)# show pending
policy-map type quality-of-service Q-PMAP_1
  class Q-CMap_1
    set cos 7
    set traffic-class 4

  class class-default

switch(config-pmap-Q-PMAP_1)# exit
switch(config)#

To modify traffic resolution commands for the class-default class, enter the policy-map-class configuration mode for the class, then enter the desired set commands.

Example

These commands enter the policy-map-class configuration mode for class-default, configures the stream to enter traffic class 2, and saves the altered policy map to running-config.

switch(config)# policy-map type quality-of-service Q-PMap_1
switch(config-pmap-Q-PMap_1) #class class-default
switch(config-pmap-c-Q-PMap_1-class-default)# set traffic-class 2
switch(config-pmap-c-Q-PMap_1-class-default)# exit
switch(config-pmap-Q-PMap_1)# exit
switch(config)# show policy-map type qos Q-PMap_1
Service-policy Q-PMap_1

  Class-map: Q-CMap_1 (match-any)
    Match: ipv6 access-group name ACLv6_1
       set cos 7
       set traffic-class 4

  Class-map: class-default (match-any)
       set traffic-class 2

switch(config)#

Applying Policy Maps to an Interface

The service-policy type qos (Interface mode) command applies a specified policy map to the configuration mode interface.

These commands apply PMAP-1 policy map to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# show active
switch(config-if-Et8)# service-policy input PMAP-1
switch(config-if-Et8)# show active
interface Ethernet8
   service-policy type qos input PMAP-1
switch(config-if-Et8)#

Configuring PBR Policies FM6000 Platform Switches

Policy-Based Routing (PBR) is implemented by creating class maps and policy maps, then applying the policy maps to Ethernet interfaces, port channel interfaces or Switch Virtual Interfaces (SVIs).

Creating PBR Class Maps

PBR policies utilize class maps that are created and modified in the class-map configuration mode. The class-map type pbr command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode to create a PBR class map named CMAP1.

switch(config)# class-map type pbr match-any CMAP1
switch(config-cmap-PBR-CMAP1)#

A class map contains one or more IPv4 access control lists (ACLs). The match (policy-map (pbr)) command assigns an ACL to the class map. Subsequent match commands add additional ACLs to the class map. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded; if a class map includes ACLs with deny rules, the configuration reverts to its previous state.

On FM6000 platform switches, counters are not supported, so a counters per-entry (ACL configuration modes) command in an ACL is ignored.

Example

This command adds the IPv4 ACL named ACL1 to the class map.

switch(config-cmap-PBR-CMAP1)# match ip access-group ACL1
switch(config-cmap-PBR-CMAP1)#

The class-map configuration mode is a group-change mode. Changes made in a group-change mode are saved by exiting the mode. The show active command displays the saved version of class map.

The show active command indicates that the configuration mode class map is not stored in running-config.

switch(config-cmap-PBR-CMAP1)# show active
switch(config-cmap-PBR-CMAP1)#

The exit command returns the switch to global configuration mode and saves pending class map changes. The abort command returns the switch to global configuration mode and discards pending changes.

Example

This command exits the class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-PBR-CMAP1)# exit
switch(config)# show class-map type pbr CMAP1
class-map type pbr match-any CMAP1
   10 match ip access-group ACL1
switch(config)#

Creating PBR Policy Maps

Policy maps are created and modified in the policy-map configuration mode. The policy-map type pbr command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for creating a PBR policy map named PMAP1.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)#

Policy map are edited by adding or removing classes. A class automatically contains its eponymous class map; next-hop commands are added or edited in the policy-map-class configuration mode. The class (policy-map (pbr)) command adds a class to the configuration mode policy map and places the switch in the policy-map-class configuration mode, where next-hop commands are added to the class.

Examples

This command adds the CMAP1 class to the policy map and places the switch in the policy-map-class configuration mode.
```
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)#
```
The set nexthop (policy-map-class pbr) command configures the next hop for data that passes the class map.
This command configures the policy map to set the next hop to 10.12.0.5 on packets filtered by the class map.
```
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop 10.12.0.5
switch(config-pmap-c-PMAP1-CMAP1)#
```
The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the currently saved map version.

Example

These commands exits the policy-map-class configuration mode, then exits the policy-map configuration mode to save the altered policy map to running-config.

switch(config-pmap-c-PMAP1-CMAP1)# exit
switch(config-pmap-PMAP1)# exit
switch(config)#

Applying a PBR Policy Map to an Interface

The service-policy type pbr (Interface mode) command applies the specified PBR policy map to the configuration mode interface. Only one PBR service policy is supported per interface.

These commands apply the PMAP1 PBR policy map to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# service-policy type pbr input PMAP1
switch(config-if-Et8)#

Hardware Decapsulation

When hardware decapsulation takes place, PBR policy maps on FM6000 platform switches match on outer packet headers (i.e., they match based on the attributes of the packet before it is decapsulated).

Traffic Management Configuration Petra Platform Switches

Traffic policies are implemented by policy maps, which are applied to the control plane. Policy maps contain classes, which are composed of class maps and traffic resolution commands. QoS traffic policies are not supported on 7500 Series switches.

Traffic Management Conceptual Overview describes traffic policies.

Configuring Control Plane Traffic PoliciesPetra Platform Switches

Static Class Maps

Control plane traffic policies utilize static class maps, which are provided by the switch, are not editable, and cannot be deleted.

Editing the Policy Map

The only control plane policy map is copp-system-policy, which cannot be deleted. In its default form, copp-system-policy consists of the classes listed in copp-system-policy default classes: Petra Platform Switches. Although the underlying class map of each class cannot be edited, the traffic resolution commands can be adjusted. The default classes cannot be removed from the policy map and their sequence within the policy map is not editable.

Table 4. copp-system-policy default classes: Petra Platform Switches
Class Name	shape (kbps)	bandwidth (kbps)
copp-system-bpdu	2500	1250
copp-system-default	2500	250
copp-system-igmp	2500	250
copp-system-ipbroadcast	2500	250
copp-system-ipmc	2500	250
copp-system-ipmcmiss	2500	250
copp-system-ipmcrsvd	2500	250
copp-system-ipunicast	NO LIMIT	250
copp-system-l3destmiss	2500	250
copp-system-l3slowpath	2500	250
copp-system-l3ttl0	2500	250
copp-system-l3ttl1	2500	250
copp-system-lacp	2500	1250
copp-system-lldp	2500	250
copp-system-unicast-arp	2500	250

Policy maps are modified in the policy-map configuration mode. The policy-map type copp command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for editing copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

The class (policy-map (control-plane) Petra) command enters the policy-map-class configuration mode, where traffic resolution commands are modified for the configuration mode class.

Example

This command enters the policy-map-class configuration mode for the copp-system-lldp static class.

switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

Two traffic resolution commands determine bandwidth parameters for class traffic:

bandwidth (policy-map-class (control-plane) Petra) specifies the minimum bandwidth.
shape (policy-map-class (control-plane) Petra) specifies the maximum bandwidth.

Example

These commands configure a bandwidth range of 2000 to 4000 kilobits per seconds (kbps) for traffic filtered by the copp-system-arp class map:

switch(config-pmap-c-copp-system-policy-copp-system-lldp)# bandwidth kbps 2000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# shape kbps 4000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the configured policy map.

Petra platform switches do not support all discrete rate values. When a bandwidth or shape command specifies a value that is not supported, the switch converts the rate to the next highest discrete value that it supports. The show policy-map interface type qos command displays the converted rate and not the user configured rate.

Example

These commands exits the policy-map-class configuration mode, display the pending policy-map, then exits the policy-map configuration mode, which saves the altered policy map to running-config.

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class copp-system-bpdu

  class copp-system-lldp
    shape kbps 4000
    bandwidth kbps 2000

  class copp-system-lacp

switch(config-pmap-copp-system-policy)# exit
switch(config)#

Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the modified policy map.

Displaying Policy Maps

The show policy-map interface type qos command displays the traffic resolution rates of the policy maps classes and the number of packets filtered and dropped as a result of the class maps. The shape and bandwidth rates may differ from configured values, because the switch does not support all discrete rate values.

Example

These commands exits the policy-map-class configuration mode, display the pending policy-map, then exits the policy-map configuration mode, which saves the altered policy map to running-config.

switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy
  Hardware programming status: InProgress

  Class-map: copp-system-mlag (match-any)
       shape : 10000001 kbps
       bandwidth : 10000001 kbps
      Out Packets : 0
      Drop Packets : 0

  Class-map: copp-system-lacp (match-any)
       shape : 2604 kbps
       bandwidth : 1302 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

Applying Policy Maps to the Control Plane

The copp-system-policy policy map is always applied to the control plane. No commands are available to add or remove this assignment.

Configuring QoS Traffic Policies Petra Platform Switches

QoS traffic policies are not supported on Petra platform switches.

Configuring PBR Policies Petra Platform Switches

PBR policies are not supported on Petra platform switches.

Traffic Management Configuration Trident Platform Switches

Trident platform switches support the following traffic policies:

Control plane policies manage control plane traffic.
QoS traffic policies manage traffic on Ethernet and port channel interfaces.

These sections describe the construction and application of policy maps:

Configuring Control Plane Traffic Policies Trident Platform Switches
Configuring QoS Traffic Policies Trident Platform Switches
Configuring PBR Policies Trident Platform Switches

Configuring Control Plane Traffic PoliciesTrident Platform Switches

Default control plane traffic policies are implemented automatically without user intervention. These policies are modified by creating class maps and editing the policy map to include the new class maps.

Creating Class Maps

Control plane traffic policies utilize static and dynamic class maps. Static class maps are provided by the switch, are not editable, and cannot be deleted. Dynamic class maps are created and modified in the class-map configuration mode. The class-map type copp command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode for creating or editing a control plane dynamic class map named CP-CMAP_1.

switch(config)# class-map type copp match-any CP-CMAP_1
switch(config-cmap-CP-CMAP_1)#

Class maps contain one IPv4 or IPv6 access control list (ACL). The match (class-map (control-plane) Trident) command assigns an ACL to the class map. Subsequent match commands replace the existing match command. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded.

Example

This command assigns the IPv4 ACL named ACLv4_1 to the class map.

switch(config-cmap-CP-CMAP_1)# match ip access-group ACLv4_1
switch(config-cmap-CP-CMAP_1)#

The class-map configuration mode is a group-change mode. Changes are saved by exiting the mode. The show active command displays the saved version of class map. The show pending command displays the unsaved class map.

Example

switch(config-cmap-CP-CMAP_1)# show active
switch(config-cmap-CP-CMAP_1)# show pending
class-map type copp match-any CP-CMAP_1
   match ip access-group ACLv4_1

switch(config-cmap-CP-CMAP_1)#

Example

This command exits the class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-CP-CMAP_1)# exit
switch(config)# show class-map type control-plane CP-CMAP_1
  Class-map: CP-CMAP_1 (match-any)
    Match: ip access-group name ACLv4_1
switch(config)#

Editing the Policy Map

The only control plane policy map is copp-system-policy, which cannot be deleted. In its default form, copp-system-policy consists of the classes listed in copp-system-policy default classes: Trident Platform Switches. Although the underlying class map of each class cannot be edited, the traffic resolution commands can be adjusted. The default classes cannot be removed from the policy map and their sequence within the policy map is not editable.

Table 5. copp-system-policy default classes: Trident Platform Switches
Class Name	shape (pps)	bandwidth (pps)
copp-system-bpdu	5000	5000
copp-system-lacp	5000	5000
copp-system-selfip-tc6to7	5000	5000
copp-system-selfip	5000	5000
copp-system-tc6to7	10000	1000
copp-system-lldp	10000	1000
copp-system-ipmcrsvd	10000	1000
copp-system-igmp	10000	1000
copp-system-ipmcmiss	10000	1000
copp-system-glean	10000	1000
copp-system-tc3to5	10000	1000
copp-system-arp	10000	1000
copp-system-arpresolver	10000	1000
copp-system-l3destmiss	10000	1000
copp-system-l3slowpath	10000	1000
copp-system-l3ttl1	10000	1000
copp-system-default	8000	1000
copp-system-acllog	10000	1000
copp-system-sflow	25000	0

Policy maps are modified in the policy-map configuration mode. The policy-map type copp command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for editing copp-system-policy.

switch(config)#policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

Dynamic classes are inserted in front of the static classes. Classes automatically contain their eponymous class map; traffic resolution commands are created or edited in the policy-map-class configuration mode. The class (policy-map (control-plane) Trident) command adds a class to the policy map and places the switch in the policy-map-class configuration mode, where traffic resolution commands are added to the class.

Example

This command adds the CP-CMAP_1 class to the copp-system-policy policy map and places the switch in the policy-map-class configuration mode.

switch(config-pmap-copp-system-policy)# class CP-CMAP_1
switch(config-pmap-c-copp-system-policy-CP-CMAP_1)#

Two traffic resolution commands determine bandwidth parameters for class traffic:

bandwidth (policy-map-class (control-plane) Trident) specifies the minimum bandwidth.
shape (policy-map-class (control-plane) Trident) specifies the maximum bandwidth.

Example

These commands configure a bandwidth range of 2000 to 4000 packets per seconds (pps) for traffic filtered by the CP-CMAP_1 class map:

switch(config-pmap-c-copp-system-policy-CP-CMAP_1)# bandwidth pps 2000
switch(config-pmap-c-copp-system-policy-CP-CMAP_1)# shape pps 4000
switch(config-pmap-c-copp-system-policy-CP-CMAP_1)#

Example

The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the modified policy map.

Example

switch(config-pmap-c-copp-system-policy-CP-CMAP_1)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class CP-CMAP_1
    shape pps 4000
    bandwidth pps 2000

  class copp-system-bpdu

  class copp-system-lldp

  class copp-system-lacp

  class copp-system-arp

  class copp-system-arpresolver

  class copp-system-default

switch(config-pmap-copp-system-policy)# exit
switch(config)#

Example

To modify traffic resolution commands for a static class, enter the policy-map-class configuration mode for the class, then enter the desired bandwidth and shape commands.

Example

These commands enters the policy-map-class configuration mode for copp-system-bpdu class, change the bandwidth range for the class, then save the altered policy map to running-config.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-bpdu
switch(config-pmap-c-copp-system-policy-copp-system-bpdu)# shape pps 200
switch(config-pmap-c-copp-system-policy-copp-system-bpdu)# bandwidth pps 100
switch(config-pmap-c-copp-system-policy-copp-system-bpdu)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class CP-CMAP_1
    shape pps 4000
    bandwidth pps 2000

  class copp-system-bpdu
    shape pps 200
    bandwidth pps 100

  class copp-system-lldp

switch(config-pmap-copp-system-policy)# exit
switch(config)#

Applying Policy Maps to the Control Plane

The copp-system-policy policy map is always applied to the control plane. No commands are available to add or remove this assignment.

Configuring QoS Traffic Policies Trident Platform Switches

QoS traffic policies are implemented by creating class maps and policy maps, then applying the policy maps to Ethernet and port channel interfaces.

Creating Class Maps

QoS traffic policies utilize dynamic class maps that are created and modified in the class-map configuration mode. The class-map type qos command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode to create QoS class map named Q-CMap_1.

switch(config)# class-map type qos match-any Q-CMap_1
switch(config-cmap-Q-CMap_1)#

A class map contains one IPv4 or IPv6 Access Control List (ACL). The match (class-map (qos) Trident) command assigns an ACL to the class map. Subsequent match commands replace the existing match command. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded.

Example

This command adds the IPv6 ACL named ACLv6_1 to the class map.

switch(config-cmap-Q-CMap_1)# match ipv6 access-group ACLv6_1
switch(config-cmap-Q-CMap_1)#

Example

switch(config-cmap-Q-CMap_1)# show active
switch(config-cmap-Q-CMap_1)# show pending
class-map type qos match-any Q-CMap_1
   match ipv6 access-group ACLv6_1

switch(config-cmap-Q-CMap_1)#

Example

This command exits the class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-CP-CMAP_1)# exit
switch(config)# show class-map type control-plane CP-CMAP_1
  Class-map: CP-CMAP_1 (match-any)
    Match: ip access-group name ACLv4_1
switch(config)#

Creating Policy Maps

Policy maps are created and modified in the policy-map configuration mode. The policy-map type quality-of-service command enters the policy-map configuration mode.

Example

This command enters the policy-map configuration mode for creating a QoS policy map named Q-PMAP_1.

switch(config)# policy-map type quality-of-service Q-PMAP_1
switch(config-pmap-Q-PMAP_1)#

Policy maps are edited by adding or removing classes. A class automatically contains its eponymous class map; traffic resolution commands are added or edited in the policy-map-class configuration mode. The class (policy-map (qos) Trident) command adds a class to the configuration mode policy map and places the switch in the policy-map-class configuration mode, where traffic resolution commands are added to the class.

Example

This command adds the Q-CMap_1 class to the Q-PMAP_1 policy map and places the switch in the policy-map-class configuration mode.

switch(config-pmap-Q-PMAP_1)# class Q-CMap_1
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

The set (policy-map-class (qos) Trident) command configures traffic resolution methods for data that passes the class map:

set cos sets the layer 2 CoS field.
set dscp sets the DSCP value in the ToS byte.
set traffic class specifies a traffic class queue.

Example

These commands configure the policy map to set CoS field 7 on packets filtered by the class map, then assigns those packets to traffic class 4.

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set cos 7
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# set traffic-class 4
switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)#

Example

switch(config-pmap-c-Q-PMAP_1-Q-CMap_1)# exit
switch(config-pmap-Q-PMAP_1)# show pending
policy-map type quality-of-service Q-PMAP_1
  class Q-CMap_1
    set cos 7
    set traffic-class 4

  class class-default

switch(config-pmap-Q-PMAP_1)# exit
switch(config)#

To modify traffic resolution commands for the class-default class, enter the policy-map-class configuration mode for the class, then enter the desired set commands.

Example

These commands enters the policy-map-class configuration mode for class-default, configures the stream to enter traffic class 2, and saves the altered policy map to running-config.

switch(config)# policy-map type quality-of-service Q-PMap_1
switch(config-pmap-Q-PMap_1)# class class-default
switch(config-pmap-c-Q-PMap_1-class-default)# set traffic-class 2
switch(config-pmap-c-Q-PMap_1-class-default)# exit
switch(config-pmap-Q-PMap_1)# exit
switch(config)# show policy-map type qos Q-PMap_1
Service-policy Q-PMap_1

  Class-map: Q-CMap_1 (match-any)
    Match: ipv6 access-group name ACLv6_1
       set cos 7
       set traffic-class 4

  Class-map: class-default (match-any)
       set traffic-class 2

switch(config)#

Applying Policy Maps to an Interface

The service-policy type qos (Interface mode) command applies a specified policy map to the configuration mode interface.

Example

These commands apply PMAP-1 policy map to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# show active
switch(config-if-Et8)# service-policy input PMAP-1
switch(config-if-Et8)# show active
interface Ethernet8
   service-policy type qos input PMAP-1
switch(config-if-Et8)#

Configuring PBR Policies Trident Platform Switches

Policy-Based Routing (PBR) is implemented by creating class maps and policy maps, then applying the policy maps to Ethernet interfaces, port channel interfaces or Switch Virtual Interfaces (SVIs).

Creating PBR Class Maps

PBR policies utilize class maps that are created and modified in the class-map configuration mode. The class-map type pbr command enters the class-map configuration mode.

Example

This command enters the class-map configuration mode to create a PBR class map named CMAP1.

switch(config)# class-map type pbr match-any CMAP1
switch(config-cmap-PBR-CMAP1)#

A class map contains one or more Access Control Lists (ACLs). The match (policy-map (pbr)) command assigns an ACL to the class map. Subsequent match commands add additional ACLs to the class map. Class maps filter traffic only on ACL permit rules. Deny ACL rules are disregarded; if a class map includes ACLs with deny rules, the configuration reverts to its previous state.

Examples

This command adds the ACL named ACL1 to the class map.
```
switch(config-cmap-PBR-CMAP1)# match ip access-group ACL1
switch(config-cmap-PBR-CMAP1)#
```
The class-map configuration mode is a group-change mode. Changes made in a group-change mode are saved by exiting the mode. The show active command displays the saved version of class map.
The show active command indicates that the configuration mode class map is not stored in running-config.
```
switch(config-cmap-PBR-CMAP1)# show active
switch(config-cmap-PBR-CMAP1)#
```
The exit command returns the switch to global configuration mode and saves pending class map changes. The abort command returns the switch to global configuration mode and discards pending changes.

This command exits the class-map configuration mode and stores pending changes to running-config.

switch(config-cmap-PBR-CMAP1)# exit
switch(config)# show class-map type pbr CMAP1
class-map type pbr match-any CMAP1
   10 match ip access-group ACL1
switch(config)#

Creating PBR Policy Maps

Policy maps are created and modified in the policy-map configuration mode. The policy-map type pbr command enters policy-map configuration mode.

Examples

This command enters the policy-map configuration mode for creating a PBR policy map named PMAP1.
```
switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)#
```
Policy map are edited by adding or removing classes. A class automatically contains its eponymous class map; next-hop commands are added or edited in the policy-map-class configuration mode. The class (policy-map (pbr)) command adds a class to the configuration mode policy map and places the switch in the policy-map-class configuration mode, where next-hop commands are added to the class.
This command adds the CMAP1 class to the policy map and places the switch in the policy-map-class configuration mode.
```
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)#
```
The set nexthop (policy-map-class pbr) command configures the next hop for data that passes the class map.This command configures the policy map to set the next hop to 10.12.0.5 on packets filtered by the class map.
```
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop 10.12.0.5
switch(config-pmap-c-PMAP1-CMAP1)#
```
The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the currently saved map version. These commands exits the policy-map-class configuration mode, then exits the policy-map configuration mode to save the altered policy map to running-config.
```
switch(config-pmap-c-PMAP1-CMAP1)# exit
switch(config-pmap-PMAP1)# exit
switch(config)#
```

Applying a PBR Policy Map to an Interface

The service-policy type pbr (Interface mode) command applies the specified PBR policy map to the configuration mode interface. Only one PBR service policy is supported per interface.

These commands apply the PMAP1 PBR policy map to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# service-policy type pbr input PMAP1
switch(config-if-Et8)#

Hardware Decapsulation

When hardware decapsulation takes place, PBR policy maps on Trident platform switches match on inner packet headers (i.e., they match based on the attributes of the decapsulated packet).

Traffic Management Configuration Trident II Platform Switches

Trident platform switches support the following traffic policies:

Control plane policies manage control plane traffic.
QoS traffic policies manage traffic on Ethernet and port channel interfaces.

Configuring Control Plane Traffic PoliciesTrident II Platform Switches

Static Class Maps

Control plane traffic policies utilize static class maps, which are provided by the switch, are not editable, and cannot be deleted.

Editing the Policy Map

The only control plane policy map is copp-system-policy, which cannot be deleted. In its default form, copp-system-policy consists of the classes listed in copp-system-policy default classes: Trident II Platform Switches. Although the underlying class map of each class cannot be edited, the traffic resolution commands can be adjusted. The default classes cannot be removed from the policy map and their sequence within the policy map is not editable.

Table 6. copp-system-policy default classes: Trident II Platform Switches
Class Name	shape (pps)	bandwidth (pps)
copp-system-acllog	1000	10000
copp-system-arp	1000	10000
copp-system-arpresolver	1000	10000
copp-system-bfd	5000	10000
copp-system-bgp	5000	5000
copp-system-bpdu	5000	5000
copp-system-default	1000	8000
copp-system-glean	1000	10000
copp-system-igmp	1000	10000
copp-system-ipmcmiss	1000	10000
copp-system-ipmcrsvd	1000	10000
copp-system-l3destmiss	1000	10000
copp-system-l3slowpath	1000	10000
copp-system-l3ttl1	1000	10000
copp-system-lacp	5000	5000
copp-system-lldp	1000	10000
copp-system-mlag	5000	5000
copp-system-selfip	5000	5000
copp-system-selfip-tc6to7	5000	5000
copp-system-sflow	0	25024
copp-system-tc3to5	1000	10000
copp-system-tc6to7	1000	10000
copp-system-urm	1000	10000

Policy maps are modified in the policy-map configuration mode. The policy-map type copp command enters the policy-map configuration mode.

Examples

This command enters the policy-map configuration mode for editing copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

The class (policy-map (control-plane) Trident II) command enters the policy-map-class configuration mode, where traffic resolution commands are modified for the configuration mode class.

This command enters the policy-map-class configuration mode for the copp-system-lacp static class.

switch(config-pmap-copp-system-policy)# class copp-system-lacp
switch(config-pmap-c-copp-system-policy-copp-system-lacp)#

Two traffic resolution commands determine bandwidth parameters for class traffic:

bandwidth (policy-map-class (control-plane) Trident II) specifies the minimum bandwidth.
shape (policy-map-class (control-plane) Trident II) specifies the maximum bandwidth.

Examples

These commands configure a bandwidth range of 2000 to 4000 packets per seconds (pps) for traffic filtered by the copp-system-lacp class map:

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# bandwidth pps 2000
switch(config-pmap-c-copp-system-policy-copp-system-lacp)# shape pps 4000
switch(config-pmap-c-copp-system-policy-copp-system-lacp)#

The policy-map and policy-map-class configuration modes are group-change modes. Changes are saved with the exit command or discarded with the abort command. The show active command displays the saved version of policy map. The show pending command displays the modified policy map.

These commands exits the policy-map-class configuration mode, display the pending policy-map, then exit policy-map configuration mode, which saves the altered policy map to running-config.

switch(config-pmap-c-copp-system-policy-copp-system-lacp)# exit
switch(config-pmap-copp-system-policy)# show pending
policy-map type copp copp-system-policy
  class copp-system-bpdu

  class copp-system-lldp

  class copp-system-lacp
    shape pps 4000
    bandwidth pps 2000

  class copp-system-arp

switch(config-pmap-copp-system-policy)# exit
switch(config)#

Applying Policy Maps to the Control Plane

The copp-system-policy policy map is always applied to the control plane. No commands are available to add or remove this assignment.

Traffic Management Configuration Commands

Traffic Policy (Control Plane) Configuration Commands

bandwidth (policy-map-class (control-plane) Arad)
bandwidth (policy-map-class (control-plane) FM6000)
bandwidth (policy-map-class (control-plane) Helix)
bandwidth (policy-map-class (control-plane) Petra)
bandwidth (policy-map-class (control-plane) Trident)
bandwidth (policy-map-class (control-plane) Trident II)
class-map type copp
class (policy-map (control-plane) Arad)
class (policy-map (control-plane) FM6000)
class (policy-map (control-plane) Helix)
class (policy-map (control-plane) Petra)
class (policy-map (control-plane) Trident)
class (policy-map (control-plane) Trident II)
match (class-map (control-plane) Helix)
match (class-map (control-plane) Trident)
match (class-map (control-plane) Trident II)
policy-map type copp
shape (policy-map-class (control-plane) Arad)
shape (policy-map-class (control-plane) FM6000)
shape (policy-map-class (control-plane) Helix)
shape (policy-map-class (control-plane) Petra)
shape (policy-map-class (control-plane) Trident)
shape (policy-map-class (control-plane) Trident II)

Traffic Policy (PBR) Configuration Commands

action set-ttl
class (policy-map (pbr))
class-map type pbr
feature pbr
match (class-map (pbr))
match (policy-map (pbr))
platform arad tcam counters feature
policy-map type pbr
resequence (class-map (pbr))
resequence (policy-map (pbr))
service-policy type pbr (Interface mode)
set nexthop (policy-map-class pbr)
set nexthop-group (policy-map-class(pbr) Arad)

Traffic Policy (QoS) Configuration Commands

class-map type qos
class (policy-map (qos) FM6000)
class (policy-map (qos) Helix)
class (policy-map (qos) Trident)
class (policy-map (qos) Trident II)
match (class-map (qos) FM6000)
match (class-map (qos) Helix)
match (class-map (qos) Trident)
match (class-map (qos) Trident II)
policy-map type quality-of-service
policy-map type quality-of-service policer
service-policy type qos (Interface mode)
set (policy-map-class (qos) FM6000)
set (policy-map-class (qos) Helix)
set (policy-map-class (qos) Trident)
set (policy-map-class (qos) Trident II)

Traffic Policy Display and Utility Commands

clear policy-map counters
show class-map type control-plane
show class-map type pbr
show class-map type qos
show policy-map type copp
show policy-map type pbr
show policy-map type qos
show policy-map type qos counters
show policy-map copp
show policy-map interface type qos
show policy-map interface type qos counters
show traffic-policy

action set-ttl

The TTL action is effective only when it is configured along with a set nexthop or nexthop-group action. The TCAM profile has the set-ttl-3b or set-ttl action in the pbr ip and pbr ipv6 features, such as in the tc-counters system profile.

Command Mode

For IP

TCAM feature PBR IP configuration mode.

For IPv6

TCAM feature PBR IPv6 configuration mode.

Command Syntax

action set-time [set-ttl | set-ttl-3b]

no action set-time [set-ttl | set-ttl-3b]

default action set-time [set-ttl | set-ttl-3b]

Parameters

set-ttl Set time to live.
set-ttl-3b Set 3-bit time to live.

Examples

In the following example, for IP, the action sets the time to live for the next hop.

(config)# hardware tcam
(config-tcam)# profile pbr-set-ttl copy default
(config-tcam-profile-pbr-set-ttl)# feature pbr ip
(config-tcam-feature-pbr-ip)# action set-ttl

In the following example, for IPv6, the action sets the time to live for the next hop group.

config)# hardware tcam
(config-tcam)# profile pbr-set-ttl copy default
(config-tcam-profile-pbr-set-ttl)# feature pbr ip
(config-tcam-feature-pbr-ip)# feature pbr ipv6
(config-tcam-feature-pbr-ipv6)# action set-ttl

bandwidth (policy-map-class (control-plane)Arad)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

The no bandwidth and default bandwidth commands remove the minimum bandwidth guarantee for the configuration mode class by deleting the corresponding bandwidth command from running-config.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) Arad)

Command Syntax

bandwidth kbps kilobits

no bandwidth

default bandwidth

Parameters

kilobits Minimum data rate in kilobits per second. Value ranges from 1 to 10000000.

Related Commands

class (policy-map (control-plane) Arad) places the switch in the policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) Arad) specifies the maximum bandwidth for traffic defined by the associated class map in its configuration mode policy map class.

Static Classes Default Bandwidth

Arad platform switches define these default bandwidths for control plane static classes:

copp-system-bgp 250 copp-system-l3lpmoverflow 250
copp-system-bpdu 1250 copp-system-l3slowpath 250
copp-system-default 250 copp-system-l3ttl1 250
copp-system-ipbroadcast 250 copp-system-lacp 1250
copp-system-ipmc 250 copp-system-linklocal 250
copp-system-ipmcmiss 250 copp-system-lldp 250
copp-system-ipunicast 250 copp-system-mlag 250
copp-system-l2broadcast 250 copp-system-multicastsnoop 250
copp-system-l2unicast 250 copp-system-OspfIsis 250
copp-system-l3destmiss 250 copp-system-sflow 250

Example

These commands configure the minimum bandwidth of 500 kbps for data traffic specified by the class map copp-system-lldp of the default control-plane policy map.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# bandwidth kbps 500
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy
  Hardware programming status: InProgress

  Class-map: copp-system-lldp (match-any)
       shape : 2500 kbps
       bandwidth : 500 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

bandwidth (policy-map-class (control-plane)FM6000)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) FM6000)

Command Syntax

bandwidth pps packets

no bandwidth

default bandwidth

Parameters

packets Minimum data rate in packets per second. Value ranges from 1 to 100000.

Related Commands

class (policy-map (control-plane) FM6000) places the switch in policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) FM6000) specifies the maximum bandwidth for traffic defined by the associated class map in its configuration mode policy map class.

Static Classes Default Bandwidth

FM6000 platform switches define these default bandwidths for control plane static classes:

copp-system-arp 1000 copp-system-l3slowpath 1000
copp-system-default 1000 copp-system-pim-ptp 1000
copp-system-ipmcrsvd 1000 copp-system-ospf-isis 1000
copp-system-ipmcmiss 1000 copp-system-selfip 5000
copp-system-igmp 1000 copp-system-selfip-tc6to7 5000
copp-system-l2rsvd 10000 copp-system-sflow 1000

Example

These commands configure the minimum bandwidth of 1000 packets per second for data traffic specified by the class map PMAP-1 in the policy map named copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class PMAP-1
switch(config-pmap-c-copp-system-policy-PMAP-1)# bandwidth pps 1000
switch(config-pmap-c-copp-system-policy-PMAP-1)#

bandwidth (policy-map-class (control-plane)Helix)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) Helix)

Command Syntax

bandwidth pps packets

no bandwidth

default bandwidth

Parameter

packets Minimum data rate in packets per second. Value ranges from 1 to 100000.

Related Commands

class (policy-map (control-plane) Helix) places the switch in policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) Helix) specifies the maximum bandwidth for traffic defined by the associated class map in its configuration mode policy map class.

Static Classes Default Bandwidth

Helix platform switches define these default bandwidths for control plane static classes:

copp-system-acllog 1000 copp-system-l3ttl1 1000
copp-system-arp 1000 copp-system-lacp 5000
copp-system-arpresolver 1000 copp-system-lldp 1000
copp-system-bfd 5000 copp-system-mlag 5000
copp-system-bgp 5000 copp-system-OspfIsis 5000
copp-system-bpdu 5000 copp-system-selfip 5000
copp-system-default 1000 copp-system-selfip-tc6to7 5000
copp-system-glean 1000 copp-system-sflow 0
copp-system-igmp 1000 copp-system-tc3to5 1000
copp-system-ipmcmiss 1000 copp-system-tc6to7 1000
copp-system-ipmcrsvd 1000 copp-system-urm 1000
copp-system-l3destmiss 1000 copp-system-vrrp 1000
copp-system-l3slowpath 1000

Example

These commands configure the minimum bandwidth of 500 packets per second for data traffic specified by the class map copp-system-lldp.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# bandwidth pps 500
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map interface control-plan copp-system-policy
Service-policy input: copp-system-policy
  Number of units programmed: 4
  Hardware programming status: Successful

  Class-map: copp-system-lldp (match-any)
       shape : 10000 pps
       bandwidth : 500 pps
      Out Packets : 304996
      Drop Packets : 0

switch(config)#

bandwidth (policy-map-class (control-plane)Petra)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) Petra)

Command Syntax

bandwidth kbps kilobits

no bandwidth

default bandwidth

Parameter

kbits Minimum data rate in kilobits per second. Value ranges from 1 to 10000000.

Related Commands

class (policy-map (control-plane) Petra) places the switch in policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) Petra) specifies the maximum bandwidth for traffic defined by the associated class map in its policy map class configuration mode .

Static Classes Default Bandwidth

Petra platform switches define these default bandwidths for control plane static classes:

copp-system-bpdu 1250 copp-system-l3destmiss 250
copp-system-default 250 copp-system-l3slowpath 250
copp-system-igmp 250 copp-system-l3ttl0 250
copp-system-ipbroadcast 250 copp-system-l3ttl1 250
copp-system-ipmc 250 copp-system-lacp 1250
copp-system-ipmcmiss 250 copp-system-lldp 250
copp-system-ipmcrsvd 250 copp-system-unicast-arp 250
copp-system-ipunicast 250

Guidelines

Petra does not support all discrete rate values. When a specified discrete value is not supported, the switch converts the rate to the next highest discrete value that it supports. The show command displays the converted rate and not the user-configured rate.

Example

These commands configure a minimum bandwidth of 500 kbps for data traffic specified by the class map copp-system-lldp of the default control-plane policy map. Because the switch does not support the discrete value of 500 kbps, it converts the bandwidth up to 651 kbps.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# bandwidth kbps 500
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy
  Hardware programming status: InProgress

  Class-map: copp-system-lldp (match-any)
       shape : 2766 kbps
       bandwidth : 651 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

bandwidth (policy-map-class (control-plane)Trident II)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) Trident II).

Command Syntax

bandwidth pps packets

no bandwidth

default bandwidth

Parameter

packets Minimum data rate in packets per second. Value ranges from 1 to 100000.

Related Commands

class (policy-map (control-plane) Trident II) places the switch in policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) Trident II) specifies the maximum bandwidth for traffic defined by the associated class map in its configuration mode policy map class.

Static Classes Default Bandwidth

Trident II platform switches define these default bandwidths for control plane static classes:

copp-system-acllog 1000 copp-system-l3slowpath 1000
copp-system-arp 1000 copp-system-l3ttl1 1000
copp-system-arpresolver 1000 copp-system-lacp 5000
copp-system-bfd 5000 copp-system-lldp 1000
copp-system-bgp 5000 copp-system-mlag 5000
copp-system-bpdu 5000 copp-system-selfip 5000
copp-system-default 1000 copp-system-selfip-tc6to7 5000
copp-system-glean 1000 copp-system-sflow 0
copp-system-igmp 1000 copp-system-tc3to5 1000
copp-system-ipmcmiss 1000 copp-system-tc6to7 1000
copp-system-ipmcrsvd 1000 copp-system-urm 1000
copp-system-l3destmiss 1000

Example

These commands configure the minimum bandwidth of 500 packets per second for data traffic specified by the class map copp-system-lldp.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# bandwidth pps 500
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map interface control-plan copp-system-policy
Service-policy input: copp-system-policy
  Number of units programmed: 4
  Hardware programming status: Successful

  Class-map: copp-system-lldp (match-any)
       shape : 10000 pps
       bandwidth : 500 pps
      Out Packets : 304996
      Drop Packets : 0

switch(config)#

bandwidth (policy-map-class (control-plane)Trident)

The bandwidth command specifies the minimum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration

accessed through class (policy-map (control-plane) Trident).

Command Syntax

bandwidth pps packets

no bandwidth

default bandwidth

Parameter

packets Minimum data rate in packets per second. Value ranges from 1 to 100000.

Related Commands

class (policy-map (control-plane) Trident) places the switch in policy-map-class (control plane) configuration mode.
shape (policy-map-class (control-plane) Trident) specifies the maximum bandwidth for traffic defined by the associated class map in its configuration mode policy map class.

Static Classes Default Bandwidth

Trident platform switches define these default bandwidths for control plane static classes:

copp-system-arp 1000 copp-system-lldp 1000
copp-system-arpresolver 1000 copp-system-l3destmiss 1000
copp-system-bpdu 5000 copp-system-l3slowpath 1000
copp-system-default 1000 copp-system-l3ttl1 1000
copp-system-glean 1000 copp-system-selfip 5000
copp-system-igmp 1000 copp-system-selfip-tc6to7 5000
copp-system-ipmcmiss 1000 copp-system-sflow 0
copp-system-ipmcrsvd 1000 copp-system-tc6to7 1000
copp-system-lacp 5000 copp-system-tc3to5 1000

Example

These commands configure the minimum bandwidth of 1000 packets per second for data traffic specified by the class map PMAP-1 in the policy map named copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class PMAP-1
switch(config-pmap-c-copp-system-policy-PMAP-1)# bandwidth pps 1000
switch(config-pmap-c-copp-system-policy-PMAP-1)#

class (policy-map (control-plane) Arad)

The class command places the switch in policy-map-class (control plane) configuration mode, which is a group change mode for changing bandwidth and shape parameters associated with a specified class. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. The control plane policy map contains 20 static classes. Each class contains an eponymous class map and may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

Static class maps identify a data stream by definition. Each data packet is managed by commands of the first class whose map matches the packets content. Dynamic classes are not supported for control plane policing on Arad platform switches.

Each class corresponds to a transmission queue. Queue scheduling is round-robin until bandwidth rate for a queue is exceeded. Scheduling becomes strict-priority with CPU queue number determining priority until the shape rate is reached. Packets are dropped after the shape rate is exceeded.

The exit command returns the switch to policy-map configuration mode. Saving policy-map-class changes also require an exit from policy-map mode, which saves pending policy-map-class and policy-map changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove policy-map-class commands for the specified class assignment from the policy map.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name

no class class_name

default class class_name

Parameter

class_name name of the class.

Static Classes

Arad platform switches provide the following static control plane classes:

copp-system-bgp copp-system-l2broadcast copp-system-linklocal
copp-system-bpdu copp-system-l2unicast copp-system-lldp
copp-system-default copp-system-l3destmiss copp-system-mlag
copp-system-ipbroadcast copp-system-l3lpmoverflow copp-system-multicastsnoop
copp-system-ipmc copp-system-l3slowpath copp-system-OspfIsis
copp-system-ipmcmiss copp-system-l3ttl1 copp-system-sflow
copp-system-ipunicast copp-system-lacp

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) Arad)
shape (policy-map-class (control-plane) Arad)
exit saves pending class map changes, then returns the switch to global configuration mode.
abort discards pending class map changes, then returns the switch to global configuration mode.

Related Commands

policy-map type copp places switch in policy-map (control plane) configuration mode.

Example

These commands enters policy-map-class configuration mode to modify the shape, bandwidth parameters associated with the static class named copp-system-lldp.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

class (policy-map (control-plane) FM6000)

The class command places the switch in policy-map-class (control plane) configuration mode, which is a group change mode for changing bandwidth and shape parameters associated with a specified class. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. The control plane policy map contains 12 static classes. Each class contains an eponymous class map and may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

The no class and default class commands remove policy-map-class commands for the specified class assignment from the policy map. The class is removed from the policy map if it is a dynamic class.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name

no class class_name

default class class_name

Parameter

class_name name of the class.

Static Classes

FM6000 platform switches provide the following static control plane classes:

copp-system-arp copp-system-igmp copp-system-PimPtp
copp-system-default copp-system-l2rsvd copp-system-selfip
copp-system-ipmcmiss copp-system-l3slowpath copp-system-selfip-tc6to7
copp-system-ipmcrsvd copp-system-OspfIsis copp-system-sflow

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) FM6000)
shape (policy-map-class (control-plane) FM6000)
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.

Related Commands

policy-map type copp places switch in policy-map (control plane) configuration mode.

Example

These commands enters policy-map-class configuration mode to modify the shape, bandwidth parameters associated with the static class named copp-system-arp.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-arp
switch(config-pmap-c-copp-system-policy-copp-system-arp)#

class (policy-map (control-plane) Helix)

A policy map is an ordered list of classes. The control plane policy map contains 23 static classes. Each class contains an eponymous class map and may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

Each class corresponds to a transmission queue. Queue scheduling is strict-priority; CPU queue number determines priority until the shape rate is reached. Packets are dropped after the shape rate is exceeded.

The exit command returns the switch to policy-map configuration mode. Saving policy-map-class changes also require an exit from policy-map mode, which saves the pending policy-map-class and policy-map changes to running-config and returns the switch to global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the policy-map-class commands for the specified class assignment from the policy map.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name

no class class_name

default class class_name

Parameter

class_name name of the class.

Static Classes

Helix platform switches provide the following static control plane classes:

copp-system-acllog copp-system-ipmcmiss copp-system-OspfIsis
copp-system-arp copp-system-ipmcrsvd copp-system-selfip
copp-system-arpresolver copp-system-l3destmiss copp-system-selfip-tc6to7
copp-system-bfd copp-system-l3slowpath copp-system-sflow
copp-system-bgp copp-system-l3ttl1 copp-system-tc3to5
copp-system-bpdu copp-system-lacp copp-system-tc6to7
copp-system-default copp-system-lldp copp-system-urm
copp-system-glean copp-system-lldp copp-system-vrrp
copp-system-igmp copp-system-lldp

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) Helix)
shape (policy-map-class (control-plane) Helix)
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.

Related Commands

policy-map type copp places switch in policy-map (control plane) configuration mode.

Example

These commands enters policy-map-class configuration mode to modify the shape, bandwidth parameters associated with the static class named copp-system-arp.

switch(config)# policy-map
switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

class (policy-map (control-plane) Petra)

A policy map is an ordered list of classes. The control plane policy map contains 15 static classes. Each class contains an eponymous class map and may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

The exit command returns the switch to policy-map configuration mode. Saving the policy-map-class changes also require an exit from policy-map mode, which saves the pending policy-map-class and policy-map changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the policy-map-class commands for the specified class assignment from the policy map.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name

no class class_name

default class class_name

Parameter

class_name name of the class.

Static Classes

Petra platform switches provide the following static control plane classes:

copp-system-bpdu copp-system-ipmcmiss copp-system-l3ttl0
copp-system-default copp-system-ipmcrsvd copp-system-l3ttl1
copp-system-igmp copp-system-ipunicast copp-system-lacp
copp-system-ipbroadcast copp-system-l3destmiss copp-system-lldp
copp-system-ipmc copp-system-l3slowpath copp-system-unicast-arp

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) Petra)
shape (policy-map-class (control-plane) Petra)
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.

Related Commands

policy-map type copp places switch in policy-map (control plane) configuration mode.

Example

These commands enters policy-map-class configuration mode to modify the shape, bandwidth parameters associated with the static class named copp-system-lldp.

switch(config)# policy-map
switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

class (policy-map (control-plane) Trident II)

The class command places the switch in policy-map-class (control plane) configuration mode, which is a group change mode for changing bandwidth and shape parameters associated with a specified class. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. The control plane policy map contains 23 static classes. Each class contains an eponymous class map and may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

The exit command returns the switch to the policy-map configuration mode. Saving the policy-map-class changes also require an exit from the policy-map mode, which saves the pending policy-map-class and policy-map changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the policy-map-class commands for the specified class assignment from the policy map.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name

no class class_name

default classclass_name

Parameter

class_name name of the class.

Static Classes

Trident II platform switches provide the following static control plane classes:

copp-system-acllog copp-system-igmp copp-system-mlag
copp-system-arp copp-system-ipmcmiss copp-system-selfip
copp-system-arpresolver copp-system-ipmcrsvd copp-system-selfip-tc6to7
copp-system-bfd copp-system-l3destmiss copp-system-sflow
copp-system-bgp copp-system-l3slowpath copp-system-tc3to5
copp-system-bpdu copp-system-l3ttl1 copp-system-tc6to7
copp-system-default copp-system-lacp copp-system-urm
copp-system-glean copp-system-lldp

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) Trident II)
shape (policy-map-class (control-plane) Trident II)
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.

Related Commands

policy-map type copp places switch in policy-map (control plane) configuration mode.

Example

These commands enters the policy-map-class configuration mode to modify the shape, bandwidth parameters associated with the static class named copp-system-arp.

switch(config)# policy-map
switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)#

class (policy-map (control-plane) Trident)

The class command places the switch in policy-map-class (control plane) configuration mode, which is a group change mode for changing bandwidth and shape parameters associated with a specified class. The command adds the specified class to the policy map if it was not previously included. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. The control plane policy map contains 18 static classes and up to 30 dynamic classes. Dynamic classes contain an eponymous class map. All classes may contain bandwidth and shape commands.

The class map identifies a data stream.
bandwidth command defines the streams minimum transmission rate through the control plane.
shape command defines the streams maximum transmission rate through the control plane.

Dynamic class maps identify a data stream with an ACL assigned by match (class-map (control-plane) Trident). Static class maps identify a data stream by definition. Each data packet is managed by commands of the first class whose map matches the packets content.

Static classes are provided with the switch and cannot be removed from the policy map or modified by the class command. Dynamic classes are user defined and added to the policy map by this command. Dynamic classes are always placed in front of the static classes. Bandwidth and shape parameters are editable for all classes.

The exit command returns the switch to policy-map configuration mode. Saving the policy-map-class changes also require an exit from policy-map mode, which saves the pending policy-map-class and policy-map changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the policy-map-class commands for the specified class assignment from the policy map. The class is removed from the policy map if it is a dynamic class.

Command Mode

Policy-Map (control plane) configuration accessed through policy-map type copp command.

Command Syntax

class class_name [PLACEMENT]

no class class_name [PLACEMENT]

default class class_name [PLACEMENT]

Parameters

class_name name of the class.
PLACEMENT Specifies the classs map placement. Configurable only for dynamic classes.
- no parameter New classes are placed between the dynamic and static classes. Previously defined classes retain their current policy map placement.
- insert-before dynamic_class Class is inserted in front of the specified dynamic class.

Static Classes

Trident switches provide the following static control plane classes:

copp-system-acllog copp-system-ipmcmiss copp-system-lldp
copp-system-arp copp-system-ipmcrsvd copp-system-selfip
copp-system-arpresolver copp-system-l3destmiss copp-system-selfip-tc6to7
copp-system-bpdu copp-system-l3slowpath copp-system-sflow
copp-system-glean copp-system-l3ttl1 copp-system-tc3to5
copp-system-igmp copp-system-lacp copp-system-tc6to7

Commands Available in Policy-map-class (control plane) Configuration Mode

bandwidth (policy-map-class (control-plane) Trident)
shape (policy-map-class (control-plane) Trident)
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.

Related Commands

class-map type copp places switch in the class-map (control-plane) configuration mode.
policy-map type copp places switch in the policy-map (control plane) configuration mode.

Example

These commands add CM-1 class to the copp-system-policy policy map.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class CM-1
switch(config-pmap-c-copp-system-policy-CM-1)#

class (policy-map (pbr)

The class (policy-map (pbr) command places the switch in policy-map-class (pbr) configuration mode, which is a group change mode that modifies the specified class of the configuration mode Policy-Based Routing (PBR) policy map. The command adds the class to the policy map if it was not previously included in the policy map. All changes in a group change mode edit session are pending until the mode is exited, and can be canceled by using the abort command.

A PBR policy map is an ordered list of classes. Each class contains an eponymous class map and can contain set commands to specify next hop. Classes without set commands translate to no action being performed on that class of packets.

The class map identifies a data stream through ACLs. Class maps are configured in the class-map (pbr) configuration mode.
Set commands can be used to specify the next hop for a given class. Set commands are configured in policy-map-class (pbr) configuration mode.

PBR policy maps can also contain one or more raw match statements which filter incoming traffic without using ACLs. Data packets are managed by commands of the first class or raw match statement matching the packets contents.

The exit command returns the switch to the policy-map (pbr) configuration mode. However, saving the policy-map-class changes also requires an exit from policy-map (pbr) configuration mode. This saves all the pending policy map and policy-map-class changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the class assignment from the configuration mode policy map by deleting the corresponding class configuration from running-config.

Command Mode

Policy-Map (pbr) Configuration accessed through policy-map type pbr.

Command Syntax

[sequence_number] class class_name

no [sequence_number] class class_name

default [sequence_number] class class_name

no [sequence_number]

default [sequence_number]

Parameters

sequence_number Sequence number (1 to 4294967295) assigned to the rule. If no number is entered, the number is derived by adding 10 to the number of the policy maps last numbered line. To increase the distance between existing entries, use the resequence command.
class_name name of the class.

Commands Available in Policy-map-class (pbr) Configuration Mode

set nexthop (policy-map-class pbr) sets next hop for the class.
exit saves pending class changes and returns switch to policy-map (pbr) configuration mode.
abort discards pending class changes and returns switch to policy-map (pbr) configuration mode.

Related Commands

class-map type pbr places switch in the class-map (pbr) configuration mode.
policy-map type pbr places switch in the policy-map (pbr) configuration mode.

Example

These commands add the CMAP1 class map to the PMAP1 policy map, then place the switch in policy-map-class configuration mode where the next hops can be assigned to the class. Changes will not take effect until both modes are exited.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)#

class (policy-map (qos) FM6000)

The class command places the switch in policy-map-class (qos) configuration mode, which is a group change mode that modifies the specified class of the configuration mode policy map. The command adds the class to the policy map if it was not previously included in the policy map. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. Each class contains an eponymous class map and at least one set command:

The class map identifies a data stream through an ACL. Class maps are configured in the class-map (qos) configuration mode.
Set commands either modify a packets content (CoS or DSCP fields) or assigns it to a traffic class queue. Set commands are configured in the policy-map-class (qos) configuration mode.
Data packets are managed by commands of the first class whose map matches the packets content.

The exit command returns the switch to the policy-map configuration mode. However, saving policy-map-class changes also require an exit from the policy-map mode. This saves all pending policy map and policy-map-class changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the class assignment from the configuration mode policy map by deleting the corresponding class configuration from running-config.

Command Mode

Policy-Map (qos) Configuration accessed through policy-map type quality-of-service.

Command Syntax

class class_name [PLACEMENT]

no class class_name [PLACEMENT]

default class class_name [PLACEMENT]

Parameters

class_name name of the class.
PLACEMENT Specifies the map placement within the list of class maps.
- no parameter Class is placed at the top of the list.
- insert-before existing_class Class is inserted in front of the specified class.

Commands Available in Policy-map-class (qos) Configuration Mode

set (policy-map-class (qos) FM6000)
exit saves pending class changes and returns switch to policy-map (qos) configuration mode.
abort discards pending class changes and returns switch to policy-map (qos) configuration mode.

Related Commands

class-map type qos places switch in the class-map (QoS) configuration mode.
policy-map type quality-of-service places switch in the policy-map (QoS) configuration mode

Example

These commands add the CMAP_1 class map to the PMAP_1 policy map, then places the switch in the policy-map-class configuration mode.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)#

class (policy-map (qos) Helix)

The class command places the switch in the policy-map-class (QoS) configuration mode, which is a group change mode that modifies the specified class of the configuration mode policy map. The command adds the class to the policy map if it was not previously included in the policy map. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. Each class contains an eponymous class map and at least one set command:

The class map identifies a data stream through an ACL. Class maps are configured in the class-map (qos) configuration mode.
Set commands either modify a packets content (CoS or DSCP fields) or assigns it to a traffic class queue. Set commands are configured in the policy-map-class (qos) configuration mode.
Data packets are managed by commands of the first class whose map matches the packets content.

The exit command returns the switch to the policy-map configuration mode. However, saving policy-map-class changes also require an exit from the policy-map mode. This saves all the pending policy map and policy-map-class changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the class assignment from the configuration mode policy map by deleting the corresponding class configuration from running-config.

Command Mode

Policy-Map (qos) Configuration accessed through policy-map type quality-of-service command.

Command Syntax

class class_name [PLACEMENT]

no class class_name [PLACEMENT]

default class class_name [PLACEMENT]

Parameters

class_name name of the class.
PLACEMENT Specifies the map placement within the list of class maps.
- no parameter Class is placed at the top of the list.
- insert-before existing_class Class is inserted in front of the specified class.

Commands Available in Policy-map-class (QoS) Configuration Mode

set (policy-map-class (qos) Helix)
exit saves pending class changes and returns switch to policy-map (qos) configuration mode.
abort discards pending class changes and returns switch to policy-map (qos) configuration mode.

Related Commands

class-map type qos places switch in the class-map (qos) configuration mode.
policy-map type quality-of-service places switch in the policy-map (QoS) configuration mode.

Example

These commands add the CMAP_1 class map to the PMAP_1 policy map, then places the switch in policy-map-class configuration mode.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)#

class (policy-map (qos) Trident II)

A policy map is an ordered list of classes. Each class contains an eponymous class map and at least one set command:

The class map identifies a data stream through an ACL. Class maps are configured in class-map (qos) configuration mode.
Set commands either modify a packets content (CoS or DSCP fields) or assigns it to a traffic class queue. Set commands are configured in policy-map-class (qos) configuration mode.

Data packets are managed by commands of the first class whose map matches the packets content.

The exit command returns the switch to the policy-map configuration mode. However, saving the policy-map-class changes also require an exit from the policy-map mode. This saves all the pending policy map and policy-map-class changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the class assignment from the configuration mode policy map by deleting the corresponding class configuration from running-config.

Command Mode

Policy-Map (qos) Configuration accessed through policy-map type quality-of-service command.

Command Syntax

class class_name [PLACEMENT]

no class class_name [PLACEMENT]

default class class_name [PLACEMENT]

Parameters

class_name name of the class.
PLACEMENT Specifies the map placement within the list of class maps.
- no parameter Class is placed at the top of the list.
- insert-before existing_class Class is inserted in front of the specified class.

Commands Available in Policy-map-class (qos) Configuration Mode

set (policy-map-class (qos) Trident II)
exit saves pending class changes and returns switch to policy-map (qos) configuration mode.
abort discards pending class changes and returns switch to policy-map (qos) configuration mode.

Related Commands

class-map type qos places switch in class-map (qos) configuration mode.
policy-map type quality-of-service places switch in policy-map (qos) configuration mode.

Example

These commands add the CMAP_1 class map to the PMAP_1 policy map, then places the switch in policy-map-class configuration mode.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)#

class (policy-map (qos) Trident)

The class command places the switch in policy-map-class (qos) configuration mode, which is a group change mode that modifies the specified class of the configuration mode policy map. The command adds the class to the policy map if it was not previously included in the policy map. All changes in a group change mode edit session are pending until the end of the session.

A policy map is an ordered list of classes. Each class contains an eponymous class map and at least one set command:

The class map identifies a data stream through an ACL. Class maps are configured in class-map (qos) configuration mode.
Set commands either modify a packets content (CoS or DSCP fields) or assigns it to a traffic class queue. Set commands are configured in policy-map-class (qos) configuration mode.
Data packets are managed by commands of the first class whose map matches the packets content.

The exit command returns the switch to policy-map configuration mode. However, saving policy-map-class changes also require an exit from policy-map mode. This saves all the pending policy map and policy-map-class changes to running-config and returns the switch to the global configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no class and default class commands remove the class assignment from the configuration mode policy map by deleting the corresponding class configuration from running-config.

Command Mode

Policy-Map (qos) Configuration accessed through policy-map type quality-of-service command.

Command Syntax

class class_name [PLACEMENT]

no class class_name [PLACEMENT]

default class class_name [PLACEMENT]

Parameters

class_name name of the class.
PLACEMENT Specifies the map placement within the list of class maps.
- no parameter Class is placed at the top of the list.
- insert-before existing_class Class is inserted in front of the specified class.

Commands Available in Policy-map-class (qos) Configuration Mode

set (policy-map-class (qos) Trident)
exit saves pending class changes and returns switch to policy-map (qos) configuration mode.
abort discards pending class changes and returns switch to policy-map (qos) configuration mode.

Related Commands

class-map type qos places switch in class-map (qos) configuration mode.
policy-map type quality-of-service places switch in policy-map (qos) configuration mode.

Example

These commands add the CMAP_1 class map to the PMAP_1 policy map, then places the switch in policy-map-class configuration mode.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)#

class-map type copp

The class-map type copp command places the switch in Class-Map (control plane) configuration mode, which is a group change mode that modifies a control-plane dynamic class map. A dynamic class map is a data structure that uses Access Control Lists (ACLs) to define a data stream by specifying characteristics of data packets that comprise that stream. Control-plane policy maps use class maps to specify which control plane traffic is controlled by policy map criteria.

The exit command saves pending class map changes to running-config and returns the switch to the global configuration mode. Class map changes are also saved by entering a different configuration mode. The abort command discards pending changes and returns the switch to the global configuration mode.

The no class-map type copp and default class-map type copp commands delete the specified class map by removing the corresponding class-map type copp command and its associated configuration.

Command Mode

Global Configuration

Command Syntax

class-map type copp match-any class_name

no class-map type copp [match-any] class_name

default class-map type copp [match-any] class_name

Parameter

class_name Name of class map.

Commands Available in Class-Map (Control Plane) Configuration Mode

match (class-map (control-plane) Trident)

Related Commands

policy-map type copp
class (policy-map (control-plane) Trident)
class-map type qos

Example

This command creates the control plane class map named CP-MAP-1 and places the switch in class-map configuration mode.

switch(config)# class-map type copp match-any CP-CMAP-1
switch(config-cmap-CP-CMAP-1)#

class-map type pbr

The class-map type pbr command places the switch in the class-map (pbr) configuration mode for the specified class map, and creates the class map if one does not already exist. The class-map (PBR) configuration mode is a group change mode that modifies a class map for Policy-Based Routing (PBR). PBR class maps contain one or more match statements which filter incoming traffic using ACLs. PBRs can then use these class maps to set next-hop IP addresses for the traffic that matches them. (Classes without set commands translate to no action being performed on that class of packets.)

The exit command saves pending class map changes to running-config, then returns the switch to the global configuration mode. Class map changes are also saved by directly entering a different configuration mode. The abort command discards pending changes and returns the switch to the global configuration mode.

The no class-map type pbr and default class-map type pbr commands delete the specified class map by removing the corresponding class-map type pbr command and its associated configuration.

Command Mode

Global Configuration

Command Syntax

class-map type pbr match-any map_name

no class-map type pbr match-any map_name

default class-map type pbr match-any map_name

Parameter

map_name Name of class map.

Commands Available in Class-Map (PBR) configuration mode

match (class-map (pbr))
resequence (class-map (pbr))

Related Commands

policy-map type pbr
class (policy-map (pbr))

Example

This command creates the PBR class map named MAP1 and places the switch in class-map (pbr) configuration mode where match criteria can be configured for the class.

switch(config)# class-map type pbrmatch-any MAP1
switch(config-cmap-MAP1)#

class-map type qos

The class-map type qos command places the switch in the class-map (QoS) configuration mode, which is a group change mode that modifies a QoS dynamic class map. A dynamic class map is a data structure that uses Access Control Lists (ACLs) to define a data stream by specifying characteristics of data packets that comprise that stream. QoS policy maps use class maps to specify the traffic (to which the policy map is assigned) that is transformed by policy map criteria.

The exit command saves pending class map changes to running-config, then returns the switch to the global configuration mode. Class map changes are also saved by entering a different configuration mode. The abort command discards pending changes and returns the switch to the global configuration mode.

The no class-map type qos and default class-map type qos commands delete the specified class map by removing the corresponding class-map type qos command and its associated configuration. The class-map and class-map type qos commands are equivalent.

Command Mode

Global Configuration

Command Syntax

class-map [type qos] match-any class_name

no class-map [type qos] match-any class_name

default class-map [type qos] match-any class_name

Parameters

class_name Name of class map.

Commands Available in Class-Map (QoS) Configuration Mode

match (class-map (qos) FM6000)
match (class-map (qos) Trident)

Conditions

class-map map_name and class-map type qos map_name are identical commands.

Related Commands

policy-map type quality-of-service
class (policy-map (qos) FM6000)
class (policy-map (qos) Trident)

Example

This command creates the QoS class map named MAP-1 and places the switch in class-map configuration mode.

switch(config)# class-map type qos match-any MAP-1
switch(config-cmap-MAP-1)#

clear policy-map counters

The clear policy-map command resets the specified policy map counters to zero. Policy map counters record the quantity of packets that are filtered by the ACLs that comprise a specified policy map.

Command Mode

Privileged EXEC

Command Syntax

clear policy-map INTERFACE_NAME counters MAP_NAME

Parameters

INTERFACE_NAME Interface for which command clears table counters. Options include:
- interface control-plane Control plane.
MAP_NAME Policy map for which command clears counters. Options include:
- copp-system-policy Name of only policy map supported for the control plane.

feature pbr

Policy-Based Routing (PBR) is a feature that is applied on IPv4 or IPv6 routable ports, to preferentially route packets. Forwarding is based on a policy that is enforced at the ingress of the applied interface and overrides normal routing decisions. In addition to matches on regular ACLs, PBR policy-maps can also include “raw match” statements that look like a single entry of an ACL as a convenience for users.

Configuration Mode

For IP:

TCAM PBR profile set TTL configuration mode.

For IPv6:

TCAM feature PBR IP configuration mode.

Command Syntax

For IP:

feature pbr ip [copy]

no feature pbr ip [copy]

default featue pbr ip [copy]

For IPv6:

feature pbr ipv6[copy | bank]

no feature pbr ipv6 [copy | bank]

default featue pbr ipv6 [copy | bank]

Parameters

For IP:

copy Copy a feature from a TCAM profile.

For IPv6:

copyCopy a feature from a TCAM profile.
bankTCAM banks to reserve.

Examples

In the following example, the PBR is configured on an IP routable port.

(config)# hardware tcam
(config-tcam)# profile pbr-set-ttl copy default
(config-tcam-profile-pbr-set-ttl)# feature pbr ip

In the following example, the PBR is configured on an IPv6 routable port.

(config)# hardware tcam
(config-tcam)# profile pbr-set-ttl copy default
(config-tcam-profile-pbr-set-ttl)# feature pbr ip
(config-tcam-feature-pbr-ip)# feature pbr ipv6

feature traffic-policy cpu

The feature traffic-policy cpu command configures the CPU traffic policy features for the IPv4 and IPv6 traffic in user-defined TCAM profile.

The no feature traffic-policy cpu and default feature traffic-policy cpu commands remove the CPU policy configurations from running-config.

Command Mode

Hardware TCAM

Command Syntax

feature traffic-policy cpu [ipv4 | ipv6]

no feature traffic-policy cpu [ipv4 | ipv6]

default feature traffic-policy cpu [ipv4 | ipv6]

Parameters

ipv4 CPU traffic policy for IPv4 traffic.
ipv6 CPU traffic policy for IPv6 traffic.

Example

These commands places the switch in the hardware TCAM profile mode and configures the CPU traffic policy features for IPv4 traffic in the TCAM profile test.

switch(config)# hardware tcam 
switch(config-hw-tcam)# profile test
switch(config-hw-tcam-profile-test)# feature traffic-policy cpu ipv4

feature traffic-policy port

The feature traffic-policy port command configures the port-related traffic policy features for the IPv4 and IPv6 traffic in user-defined TCAM profile.

The no feature traffic-policy port and default feature traffic-policy port commands remove the CPU policy configurations from running-config.

Command Mode

Hardware TCAM

Command Syntax

feature traffic-policy port [ipv4 | ipv6]

no feature traffic-policy port [ipv4 | ipv6]

default feature traffic-policy port [ipv4 | ipv6]

Parameters

ipv4 port traffic policy for IPv4 traffic.
ipv6 port traffic policy for IPv6 traffic.

Example

These commands places the switch in the hardware TCAM profile mode and configures the port traffic policy features for IPv4 traffic in the TCAM profile test.

switch(config)# hardware tcam 
switch(config-hw-tcam)# profile test
switch(config-hw-tcam-profile-test)# feature traffic-policy port ipv4

match (class-map (control-plane) Helix)

The match command assigns an ACL to the configuration mode class map. A class map can contain only one ACL. Class maps only use permit rules to filter data; deny rules are ignored. The command accepts IPv4 and IPv4 standard ACLs.

A class map is assigned to a policy map by the class (policy-map (control-plane) Helix) command.

The class map (control plane) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-Map (control plane) configuration accessed through class-map type copp command.

Command Syntax

match ip access-group list_name

no match ip access-group list_name

default match ip access-group list_name

Parameters

list_name name of ACL assigned to class map.

Related Commands

class-map type copp places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (control-plane) Helix) assigns a class map to a policy map.

Guidelines

Static class maps cannot be modified by this command.

Match statements are saved to running-config only upon exiting class-map (control plane) configuration mode.

Example

These commands add the IP ACL list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type copp map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (control-plane) Trident II)

A class map is assigned to a policy map by the class (policy-map (control-plane) Trident II) command.

The class map (control plane) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-Map (control plane) configuration accessed through class-map type copp command.

Command Syntax

list_name

Parameter

list_name name of ACL assigned to class map.

Related Commands

class-map type copp places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (control-plane) Trident II) assigns a class map to a policy map.

Guidelines

Static class maps cannot be modified by this command.

Match statements are saved to running-config only upon exiting class-map (control plane) configuration mode.

Example

These commands add the IP ACL list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type copp map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (control-plane) Trident)

A class map is assigned to a policy map by the class (policy-map (control-plane) Trident) command.

Class map (control plane) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-Map (control plane) configuration accessed through class-map type copp command

Command Syntax

match IP_VERSION access-group list_name

no match IP_VERSION access-group list_name

default match IP_VERSION access-group list_name

Parameters

IP_VERSION IP version of the specified ACL. Options include:
- ipv4 IPv4.
- ipv6 IPv6.
list_name name of ACL assigned to class map.

Related Commands

class-map type copp places the switch in class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (control-plane) Trident) assigns a class map to a policy map.

Guidelines

Static class maps cannot be modified by this command.

Match statements are saved to running-config only upon exiting class-map (control plane) configuration mode.

Example

These commands add the IPv4 ACL names list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type copp map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (pbr))

The match command assigns ACLs to the configuration mode Policy-Based Routing (PBR) class map. The command accepts IPv4, IPv4 standard, IPv6 and IPv6 standard ACLs.

Class map (pbr) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Note: PBR ACLs use only permit rules to filter data; if there are deny rules in an ACL used by PBR, the configuration will be reverted.

Command Mode

Class-map (pbr) configuration accessed through class-map type pbr command.

Command Syntax

[sequence_number] match [ip | ipv6] access-group list_name

no [sequence_number] match [ip | ipv6] access-group list_name

default [sequence_number] [ip | ipv6] access-group list_name

no [sequence_number]

default [sequence_number]

Parameters

sequence_number Sequence number (1 to 4294967295) assigned to the rule. If no number is entered, the number is derived by adding 10 to the number of the class maps last numbered line. To increase the distance between existing entries, use the resequence command.
list_name name of ACL assigned to class map.

Related Commands

class-map type pbr places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (pbr)) assigns a class map to a policy map.

Example

These commands add the IPv4 ACL named list1 to the map1 class map, then save the change by exiting class-map mode.

switch(config)# class-map type pbr map1
switch(config-cmap-map1)# match ip access-group list1
switch(config-cmap-map1)# exit
switch(config)#

match (class-map (qos) FM6000)

The class map (qos) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-map (qos) configuration accessed through class-map type qos command.

Command Syntax

match IP_VERSION access-group list_name

no match IP_VERSION access-group list_name

default match IP_VERSION access-group list_name

Parameters

IP_VERSION IP version of the specified ACL. Options include:
- ipv4 IPv4.
list_name name of ACL assigned to class map.

Related Commands

class-map type qos places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (qos) FM6000) assigns a class map to a policy map.

Example

These commands add the IPv4 ACL named list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type qos map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (qos) Helix)

the class map (QoS) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-Map (QoS) configuration accessed through class-map type qos command.

Command Syntax

match IP_VERSION access-group list_name

no match IP_VERSION access-group list_name

default match IP_VERSION access-group list_name

Parameters

IP_VERSION IP version of the specified ACL. Options include:
- ipv4 IPv4.
- ipv6 IPv6.
list_name name of ACL assigned to class map.

Related Commands

class-map type qos places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (qos) Helix) assigns a class map to a policy map.

Example

These commands add the IPv4 ACL named list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type qos map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (qos) Trident II)

The class map (QoS) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

The class-map (qos) configuration accessed through class-map type qos command.

Command Syntax

IP_VERSION list_name

Parameters

IP_VERSION IP version of the specified ACL. Options include:
- ipv4 IPv4.
- ipv6 IPv6.
list_name name of ACL assigned to class map.

Related Commands

class-map type qos places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (qos) Trident) assigns a class map to a policy map.

Example

These commands add the IPv4 ACL named list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type qos map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (class-map (qos) Trident)

Class map (QoS) configuration mode is a group change mode. Match statements are not saved to running-config until the edit session is completed by exiting the mode.

The no match and default match commands remove the match statement from the configuration mode class map by deleting the corresponding command from running-config.

Command Mode

Class-Map (qos) configuration accessed through class-map type qos command.

Command Syntax

match IP_VERSION access-group list_name

no match IP_VERSION access-group list_name

default match IP_VERSION access-group list_name

Parameters

IP_VERSION IP version of the specified ACL. Options include:
- ipv4 IPv4.
- ipv6 IPv6.
list_name name of ACL assigned to class map.

Related Commands

class-map type qos places the switch in the class-map configuration mode.
exit saves pending class map changes, then returns the switch to the global configuration mode.
abort discards pending class map changes, then returns the switch to the global configuration mode.
class (policy-map (qos) Trident) assigns a class map to a policy map.

Example

These commands add the IPv4 ACL named list_1 to the map_1 class map, then saves the command by exiting class-map mode.

switch(config)# class-map type qos map_1
switch(config-cmap-map_1)# match ip access-group list_1
switch(config-cmap-map_1)# exit
switch(config)#

match (policy-map (pbr))

The match command creates a policy map clause entry that specifies one filtering condition. When a packet matches the filtering criteria, its next hop is set as specified. When a packets properties do not equal the statement parameters, the packet is evaluated against the next clause or class map in the policy map, as determined by sequence number. If all clauses fail to set a next hop for the packet, the packet is routed according to the FIB.

The no match and default match commands remove the match statement from the configuration mode policy map by deleting the corresponding command from running-config.

Command Mode

Policy-Map (pbr) Configuration accessed through policy-map type pbr command.

Command Syntax

[sequence_number] match ip SOURCE_ADDR DEST_ADDR [set nexthop [recursive] NH-addr_1 [NH-addr_2] ... [NH-addr_n]]

no match ip SOURCE_ADDR DEST_ADDR [set nexthop [recursive] NH-addr_1 [NH-addr_2] ... [NH-addr_n]]

default match match ip SOURCE_ADDR DEST_ADDR [set nexthop [recursive] NH-addr_1 [NH-addr_2] ... [NH-addr_n]]

no SEQ_NUM

default SEQ_NUM

Parameters

sequence_number Sequence number assigned to the rule. If no number is entered, the number is derived by adding 10 to the number of the policy maps last numbered line. To increase the distance between existing entries, use the resequence command.
SOURCE_ADDR and DEST_ADDR source and destination address filters. Options include:
- network_addr subnet address (CIDR or address-mask).
- any packets from or to all addresses are matched.
- host ip_addr IP address (dotted decimal notation).
  Source and destination subnet addresses support discontiguous masks.
recursive enables recursive next hop resolution.
NH_addr IP address of next hop. If multiple addresses are entered, they are treated as an ECMP group.

Related Commands

policy-map type pbr enters the policy-map (PBR) configuration mode.
show policy-map type pbr displays the PBR policy maps.

Example

These commands create a match rule in policy map PMAP1 which sets the next hop to 192.168.3.5 for packets received from 172.16.0.0/12 regardless of their destination, then exit the mode to save the changes.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# match ip 172.16.0.0/12 any set nexthop 192.163.3.5 
switch(config-pmap-PMAP1)# exit
switch(config)#

platform arad tcam counters feature

The platform arad tcam counters feature command enables incrementing PBR hardware counters corresponding to ACL. If counters for PBR are enabled, then counters for ACL will be automatically disabled in all cases. If counters for ACL are enabled, then counters for PBR will be automatically disabled in all cases.

The no platform arad tcam counters feature command disables PBR/ACL counters selection. The default platform arad tcam counters feature commands resets the default behavior.

Command Mode

Global Configuration

Command Syntax

platform arad tcam counters feature [OPTIONS]

no platform arad tcam counters feature [OPTIONS]

default platform arad tcam counters feature [OPTIONS]

Parameters

OPTIONS Assign the TCAM counters feature. Options include:

pbr assign the TCAM counters feature PBR hardware counters.
acl assign the TCAM counters feature ACL hardware counters.

Examples

This command enables incrementing ACL hardware counters selection.

switch(config)# platform arad tcam counters feature acl
switch(config)#

This command disables incrementing ACL hardware counters selection.

switch(config)# no platform arad tcam counters feature acl
switch(config)#

policy-map type copp

The policy-map type copp command places the switch in the policy-map (control plane) configuration mode, which is a group change mode that modifies a control-plane policy map. A policy map is a data structure that consists of class maps that identify a specific data stream and specify bandwidth and shaping parameters that controls its transmission. Control plane policy maps are applied to the control plane to manage traffic.

The copp-system-policy policy map is supplied with the switch and is always applied to the control plane. The copp-system-policy is the only valid control plane policy map.

The exit command saves pending policy map changes to running-config and returns the switch to the global configuration mode. Policy map changes are also saved by entering a different configuration mode. The abort command discards pending changes, returning the switch to the global configuration mode.

The no policy-map type copp and default policy-map type copp commands delete the specified policy map by removing the corresponding policy-map type copp command and its associated configuration.

Command Mode

Global Configuration

Command Syntax

policy-map type copp copp-system-policy

no policy-map type copp copp-system-policy

default policy-map type copp copp-system-policy

The copp-system-policy is supplied with the switch and is the only valid control plane policy map.

Commands Available in Policy-Map Configuration Mode

class (policy-map (control-plane) FM6000)
class (policy-map (control-plane) Trident)

Related Commands

class-map type copp enters the control-plane class-map configuration mode for modifying a control-plane dynamic class map.

Only Helix and Trident platform switches support dynamic classes for control plane policing.

Example

This command places the switch in the policy-map configuration mode to edit the copp-system-policy policy map.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)#

policy-map type pbr

The policy-map type pbr command places the switch in policy-map (pbr) configuration mode, which is a group change mode that modifies a Policy-Based Routing (PBR) policy map. The command also creates the specified policy map if it does not already exist. A PBR policy map is a data structure that consists of class maps that identify specific packets and the next hops for those packets. Policy maps are applied to Ethernet or port channel interfaces to manage traffic.

The no policy-map type pbr and default policy-map type pbr commands delete the specified policy map by removing the corresponding policy-map type pbr command and its associated configuration.

Command Mode

Global Configuration

Command Syntax

policy-map type pbr map_name

no policy-map type pbr map_name

default policy-map type pbr map_name

Parameter

map_name Name of policy map.

Commands Available in Policy-Map Configuration Mode

class (policy-map (pbr))
match (policy-map (pbr))

Related Commands

class-map type pbr
service-policy type pbr (Interface mode)

Example

This command creates the PBR policy map named PMAP1 and places the switch in policy-map configuration mode.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)#

policy-map type quality-of-service

The policy-map type quality-of-service command places the switch in the policy-map (QoS) configuration mode, which is a group change mode that modifies a QoS policy map. A policy map is a data structure that consists of class maps that identify a specific data stream and shaping parameters that controls its transmission. Policy maps are applied to Ethernet or port channel interfaces to manage traffic.

The no policy-map type quality-of-service and default policy-map type quality-of-service commands delete the specified policy map by removing the corresponding policy-map type quality-of-service command and its associated configuration. The policy-map and policy-map type quality-of-service commands are equivalent.

Command Mode

Global Configuration

Command Syntax

policy-map type quality-of-service map_name

no policy-map type quality-of-service map_name

default policy-map type quality-of-service map_name

Parameter

map_name Name of policy map.

Commands Available in Policy-Map Configuration Mode

class (policy-map (qos) FM6000)
class (policy-map (qos) Trident)

Conditions

policy-map map_name and policy-map type quality-of-service map_name are identical commands.

Related Commands

class-map type qos
service-policy type qos (Interface mode)

Example

This command creates the QoS policy map named PMAP-1 and places the switch in the policy-map configuration mode.

switch(config)# policy-map PMAP-1
switch(config-pmap-PMAP-1)#

policy-map type quality-of-service policer

The policy-map type quality-of-service policer copy command is used to copy an existing QoS policy map to the policy map policer.

The policy-map type quality-of-service policer drop counter command is used to enable drop counters for the QoS policy map policer.

The no policy-map type quality-of-service policer and default policy-map type quality-of-service policer commands delete the policy map policer by removing the corresponding policy-map type quality-of-service policer command and its associated configuration.

The no policy-map type quality-of-service policer drop counter and default policy-map type quality-of-service policer drop counter commands disable drop counters for the policy map policer.

Command Mode

Global Configuration

Command Syntax

policy-map type quality-of-service policer copy map_name

policy-map type quality-of-service policer drop counter

no policy-map type quality-of-service policer

default policy-map type quality-of-service policer

Parameter

map_name Name of policy map to copy.

Related Commands

class-map type qos
service-policy type qos (Interface mode)

Examples

This command copies the QoS policy map named PMAP-1 to the policy map policer.

switch(config)#policy-map type quality-of-service policer copy PMAP-1
switch(config-pmap-PMAP-1)#

This command enables drop counters for the QoS policy map policer.

switch(config)#policy-map type quality-of-service policer drop counter
switch(config)#

resequence (class-map (pbr))

The resequence command assigns sequence numbers to rules in the configuration mode class map. Command parameters specify the number of the first rule and the numeric interval between consecutive rules. Once changed, rule numbers persist unless changed again using the resequence command, but the interval used for numbering new rules reverts to 10 on the exiting class-map (pbr) configuration mode.

Maximum rule sequence number is 4294967295.

Command Mode

Class-Map (PBR) Configuration accessed through class-map type pbr command.

Command Syntax

resequence [start_num [inc_num]]

Parameters

start_num sequence number assigned to the first rule. Default is 10.
inc_num numeric interval between consecutive rules. Default is 10.

Example

The resequence command renumbers the rules in CMAP1, starting the first command at number 100 and incrementing subsequent lines by 20.

switch(config)# class-map type pbr match-any CMAP1
switch(config-cmap-CMAP1)# show active
class-map type pbr match-any CMAP1
10 match ip access-group group1
20 match ip access-group group2
30 match ip access-group group3
switch(config-cmap-CMAP1)# resequence 100 20
switch(config-cmap-CMAP1)# exit
switch(config)# class-map type pbr match-any CMAP1
switch(config-cmap-CMAP1)# show active
class-map type pbr match-any CMAP1
100 match ip access-group group1
120 match ip access-group group2
140 match ip access-group group3

resequence (policy-map (pbr))

The resequence command assigns sequence numbers to rules in the configuration mode policy map. Command parameters specify the number of the first rule and the numeric interval between consecutive rules. Once changed, rule numbers persist unless changed again using the resequence command, but the interval used for numbering new rules reverts to 10 on the exiting policy-map (pbr) configuration mode.

Maximum rule sequence number is 4294967295.

Command Mode

Policy-Map (PBR) Configuration accessed through policy-map type pbr command

Command Syntax

resequence [start_num [inc_num]]

Parameters

start_num sequence number assigned to the first rule. Default is 10.
inc_num numeric interval between consecutive rules. Default is 10.

Example

The resequence command renumbers the rules in PMAP1, starting the first command at number 100 and incrementing subsequent lines by 20.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# show active
policy-map type pbr PMAP1
10 class CMAP1
set nexthop 172.16.1.1
20 class CMAP2
set nexthop 172.16.2.2
30 class CMAP3
set nexthop 172.16.3.3
switch(config-pmap-PMAP1)# resequence 100 20
switch(config-pmap-PMAP1)# exit
switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# show active
class-map type pbr PMAP1
100 class CMAP1
set nexthop 172.16.1.1
120 class CMAP2
set nexthop 172.16.2.2
140 class CMAP3
set nexthop 172.16.3.3
switch(config-pmap-PMAP1)#

service-policy type pbr (Interface mode)

The service-policy pbr command applies the specified Policy-Based Routing (PBR) policy map to the configuration mode interface. A PBR policy map is a data structure that consists of class maps that identify specific packets and the next hops for those packets. Policy maps are applied to Ethernet or port channel interfaces to manage traffic. Only one service policy is supported per interface.

The no service-policy pbr and default service-policy pbr commands remove the service policy assignment from the configuration mode interface by deleting the corresponding service-policy pbr command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Interface-VLAN Configuration

Command Syntax

service-policy type pbr TRAFFIC_DIRECTION map_name

no service-policy type pbr TRAFFIC_DIRECTION map_name

default service-policy type pbr TRAFFIC_DIRECTION map_name

Parameters

TRAFFIC_DIRECTION IP address or peer group name. Values include:
- input Policy map applies to inbound packet streams.
map_name Name of policy map.

Guidelines

A policy map that is attached to a port channel interface takes precedence for member interfaces of the port channel over their individual interface Ethernet configuration. Members that are removed from a port channel revert to the policy map implementation specified by its interface Ethernet configuration.

Related Commands

policy-map type pbr

Example

This command applies the PBR policy map PMAP1 to interface Ethernet 8.

switch# config
switch(config)# interface ethernet 8
switch(config-if-Et8)# service-policy type pbr input PMAP1
switch(config-if-Et8)#

service-policy type qos (Interface mode)

The service-policy command applies a specified policy map to the configuration mode interface. A policy map is a data structure that identifies data traffic through class maps, then specifies actions to classify the traffic (by setting the traffic class), mark the traffic (by setting the cos and dscp values), and police the traffic (by setting the police rate) through data packet field modifications.

The no service-policy and default service-policy commands remove the service policy assignment from the configuration mode interface by deleting the corresponding service-policy command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Interface-VLAN Configuration

Command Syntax

service-policy [type qos] TRAFFIC_DIRECTION map_name

no service-policy [type qos] TRAFFIC_DIRECTION map_name

default service-policy [type qos] TRAFFIC_DIRECTION map_name

Parameters

type qos Parameter has no functional effect.
TRAFFIC_DIRECTION Direction of data stream to which command applies. Options include:
- input Policy map applies to inbound packet streams.
- map_name Name of policy map.

Guidelines

DCS-7500E and DCS-7280E limitations:

A maximum of 31 QoS service policies per chip may be applied on L3 interfaces.
Applying different QoS service policies to an SVI and its member interfaces causes unpredictable behavior.
When an SVI on which QoS service policies are applied experiences partial failure due to limited hardware resources, a forwarding agent restart causes unpredictable behavior.
Policy-map programming may fail when QoS service policies are applied on two SVIs if an event causes a member interface to switch membership from one to the other. To change the VLAN membership of an interface in this case, remove the interface from one VLAN before adding it to the other.
Outgoing COS rewrite is not supported.
QoS policy-map counters are not supported.

DCS-7010, DCS-7050, DCS-7050X, DCS-7250X, and DCS-7300X limitations:

When the same policy map is applied to multiple SVIs, TCAM resources are not shared.
A policy map applied to an SVI results in TCAM allocation on all chips whether SVI members are present or not.
Applying different QoS service policies to an SVI and its member interfaces causes unpredictable behavior.

Related Commands

policy-map type quality-of-service

Example

This command applies the PMAP-1 policy map to interface ethernet 8.

switch# config
switch(config)# interface ethernet 8
switch(config-if-Et8)# show active
switch(config-if-Et8)# service-policy input PMAP-1
switch(config-if-Et8)# show active
interface Ethernet8
   service-policy type qos input PMAP-1
switch(config-if-Et8)#

set (policy-map-class (qos)FM6000)

The set command specifies traffic resolution methods for traffic defined by its associated class map in its configuration mode policy map class. Three set statements are available for each class:

cos Sets the Layer 2 class of service field.
dscp Sets the differentiated services code point value in the type of service (ToS) byte.
traffic-class Sets the traffic class queue for data packets.

Each type of set command can be assigned to a class, allowing for the simultaneous modification of both (cos, dscp) fields and assignment to a traffic class.

The no set and default set commands remove the specified data action from the class map by deleting the associated set command from running-config.

Command Mode

Policy-map-class (qos) configuration

accessed through class (policy-map (qos) FM6000) command.

Command Syntax

set QOS_TYPE value

no set QOS_TYPE

default set QOS_TYPE

Parameters

QOS_TYPE Specifies the data stream resolution method. Valid options include:
- cos Layer 2 class of service field of outbound packet is modified.
- dscp Differentiated services code point value in the ToS byte is modified.
- traffic-class Data stream is assigned to a traffic class queue.
value Specifies the data field value or traffic class queue. Valid data range depends on QOS_TYPE.
- QOS_TYPE is cos Value ranges from 0 to 7.
- QOS_TYPE is dscp Value ranges from 0 to 63.
- QOS_TYPE is traffic-class Value ranges from 0 to 7.

Related Commands

policy-map type quality-of-service
class (policy-map (qos) FM6000)

Example

These commands configure the policy map to set CoS field 7 to data traffic specified by the class map CMAP-1, then assigns that data to traffic class queue 4.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)# set cos 7
switch(config-pmap-c-PMAP-1-CMAP-1)# set traffic-class 4
switch(config-pmap-c-PMAP-1-CMAP-1)#

set (policy-map-class (qos)Helix)

The set command specifies traffic resolution methods for traffic defined by its associated class map in its configuration mode policy map class. Three set statements are available for each class:

cos Sets the Layer 2 class of service field.
dscp Sets the differentiated services code point value in the type of service (ToS) byte.
traffic-class Sets the traffic class queue for data packets.

Each type of set command can be assigned to a class, allowing for the simultaneous modification of both (cos, dscp) fields and assignment to a traffic class.

The no set and default set commands remove the specified data action from the class map by deleting the associated set command from running-config.

Command Mode

Policy-map-class (qos) configuration accessed through class (policy-map (qos) Helix) command.

Command Syntax

set QOS_TYPE value

no set QOS_TYPE

default set QOS_TYPE

Parameters

QOS_TYPE Specifies the data stream resolution method. Valid options include:
- cos Layer 2 class of service field of outbound packet is modified.
- dscp Differentiated services code point value in the ToS byte is modified.
- traffic-class Data stream is assigned to a traffic class queue.
value Specifies the data field value or traffic class queue. Valid data range depends on QOS type.
- QOS_TYPE is cos Value ranges from 0 to 7.
- QOS_TYPE is dscp Value ranges from 0 to 63.
- QOS_TYPE is traffic-class Value ranges from 0 to 7.

Related Commands

policy-map type quality-of-service
class (policy-map (qos) Helix)

Example

These commands configure the policy map to set CoS field 7 to data traffic specified by the class map CMAP-1, then assigns that data to traffic class queue 4.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)# set cos 7
switch(config-pmap-c-PMAP-1-CMAP-1)# set traffic-class 4
switch(config-pmap-c-PMAP-1-CMAP-1)#

set (policy-map-class (qos)Trident II)

The set command specifies traffic resolution methods for traffic defined by its associated class map in its configuration mode policy map class. Three set statements are available for each class:

cos Sets the Layer 2 class of service field.
dscp Sets the differentiated services code point value in the type of service (ToS) byte.
traffic-class Sets the traffic class queue for data packets.

Each type of set command can be assigned to a class, allowing for the simultaneous modification of both (cos, dscp) fields and assignment to a traffic class.

The no set and default set commands remove the specified data action from the class map by deleting the associated set command from running-config.

Command Mode

Policy-map-class (qos) configuration accessed through class (policy-map (qos) Trident) command.

Command Syntax

set QOS_TYPE value

no set QOS_TYPE

default set QOS_TYPE

Parameters

QOS_TYPE Specifies the data stream resolution method. Valid options include:
- cos Layer 2 class of service field of outbound packet is modified.
- dscp Differentiated services code point value in the ToS byte is modified.
- traffic-class Data stream is assigned to a traffic class queue.
value Specifies the data field value or traffic class queue. Valid data range depends on QOS type.
- QOS_TYPE is cos Value ranges from 0 to 7.
- QOS_TYPE is dscp Value ranges from 0 to 63.
- QOS_TYPE is traffic-class Value ranges from 0 to 7.

Related Commands

policy-map type quality-of-service
class (policy-map (qos) Trident)

Example

These commands configure the policy map to set CoS field 7 to data traffic specified by the class map CMAP-1, then assigns that data to traffic class queue 4.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)# set cos 7
switch(config-pmap-c-PMAP-1-CMAP-1)# set traffic-class 4
switch(config-pmap-c-PMAP-1-CMAP-1)#

set (policy-map-class (qos)Trident)

The set command specifies traffic resolution methods for traffic defined by its associated class map in its configuration mode policy map class. Three set statements are available for each class:

cos Sets the Layer 2 class of service field.
dscp Sets the differentiated services code point value in the type of service (ToS) byte.
traffic-class Sets the traffic class queue for data packets.

Each type of set command can be assigned to a class, allowing for the simultaneous modification of both (cos, dscp) fields and assignment to a traffic class.

The no set and default set commands remove the specified data action from the class map by deleting the associated set command from running-config.

Command Mode

Policy-map-class (qos) configuration accessed through class (policy-map (qos) Trident) command.

Command Syntax

set QOS_TYPE value

no set QOS_TYPE

default set QOS_TYPE

Parameters

QOS_TYPE Specifies the data stream resolution method. Valid options include:
- cos Layer 2 class of service field of outbound packet is modified.
- dscp Differentiated services code point value in the ToS byte is modified.
- traffic-class Data stream is assigned to a traffic class queue.
value Specifies the data field value or traffic class queue. Valid data range depends on QOS type.
- QOS_TYPE is cos Value ranges from 0 to 7.
- QOS_TYPE is dscp Value ranges from 0 to 63.
- QOS_TYPE is traffic-class Value ranges from 0 to 7.

Related Commands

policy-map type quality-of-service
class (policy-map (qos) Trident)

Example

These commands configure the policy map to set CoS field 7 to data traffic specified by the class map CMAP-1, then assigns that data to traffic class queue 4.

switch(config)# policy-map type quality-of-service PMAP-1
switch(config-pmap-PMAP-1)# class CMAP-1
switch(config-pmap-c-PMAP-1-CMAP-1)# set cos 7
switch(config-pmap-c-PMAP-1-CMAP-1)# set traffic-class 4
switch(config-pmap-c-PMAP-1-CMAP-1)#

set nexthop (policy-map-class pbr)

The set nexthop command specifies the next hop for traffic defined by its associated class map in its configuration mode policy map class.

The no set nexthop and default set nexthop commands remove the specified action from the class map by deleting the associated set nexthop command from running-config.

Command Mode

Policy-map-class (pbr) configuration accessed through class (policy-map (pbr)) command.

Command Syntax

set nexthop [recursive] NH-addr_1 [NH-addr_2] ... [NH-addr_n]

no set nexthop [recursive]

default set nexthop [recursive]

Parameters

recursive enables recursive next hop resolution.
NH_addr IP address of next hop. If multiple addresses are entered, they are treated as an ECMP group.

Related Commands

policy-map type pbr
class (policy-map (pbr))

Example

These 192.168.5.3 commands configure the policy map PMAP1 to set the next hop to for traffic defined by class map CMAP1.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop 192.168.5.3
switch(config-pmap-c-PMAP1-CMAP1)#

set nexthop-group (policy-map-class(pbr) Arad)

The set nexthop-group command specifies a nexthop group as the next hop for traffic defined by its associated class map in its configuration mode policy map class.

The no set nexthop-group and default set nexthop-group commands remove the specified action from the class map by deleting the associated set nexthop-group command from running-config.

Command Mode

Policy-map-class (pbr) configuration accessed through class (policy-map (pbr)) command.

Command Syntax

set nexthop-group group_name

no set nexthop-group group_name

default set nexthop-group group_name

Parameters

group_name name of ECMP group to use as next hop.

Related Commands

policy-map type pbr
class (policy-map (pbr))

Example

These commands configure the policy map PMAP1 to set the next hop to a nexthop group named GROUP1 for traffic defined by class map CMAP1.

switch(config)# policy-map type pbr PMAP1
switch(config-pmap-PMAP1)# class CMAP1
switch(config-pmap-c-PMAP1-CMAP1)# set nexthop-group GROUP1
switch(config-pmap-c-PMAP1-CMAP1)#

shape (policy-map-class (control-plane)Arad)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

The no shape and default shape commands remove the maximum bandwidth restriction for the configuration mode class by deleting the corresponding bandwidth command from running-config.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) Arad)

Command Syntax

Parameter

kilobits Maximum data rate in kilobits per second. Value ranges from 1 to 10000000.

Related Commands

class (policy-map (control-plane) Arad) places the switch in the policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) Arad) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Static Classes Default Shape

Arad platform switches define these default shapes for static classes:

copp-system-bgp 2500 copp-system-l3lpmoverflow 2500
copp-system-bpdu 2500 copp-system-l3slowpath 2500
copp-system-default 2500 copp-system-l3ttl1 2500
copp-system-ipbroadcast 2500 copp-system-lacp 2500
copp-system-ipmc 2500 copp-system-linklocal 2500
copp-system-ipmcmiss 2500 copp-system-lldp 2500
copp-system-ipunicast NO LIMIT copp-system-mlag 2500
copp-system-l2broadcast 2500 copp-system-multicastsnoop 2500
copp-system-l2unicast NO LIMIT copp-system-OspfIsis 2500
copp-system-l3destmiss 2500 copp-system-sflow 2500

Example

These commands configure the maximum bandwidth of 2000 kbps for data traffic specified by the class map copp-system-lldp of the default control-plane policy map.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# shape kbps 2000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy

  Class-map: copp-system-lldp (match-any)
       shape : 2000 kbps
       bandwidth : 250 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

shape (policy-map-class (control-plane)FM6000)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) FM6000).

Command Syntax

shape pps packets

no shape

default shape

Parameters

packets Maximum data rate in packets per second. Value ranges from 1 to 100000.

Related Commands

class (policy-map (control-plane) FM6000) places the switch in the policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) FM6000) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Static Classes Default Shape

FM6000 platform switches define these default shapes for static classes:

copp-system-arp 10000 copp-system-l3slowpath 10000
copp-system-default 8000 copp-system-pim-ptp 10000
copp-system-ipmcrsvd 10000 copp-system-ospf-isis 10000
copp-system-ipmcmiss 10000 copp-system-selfip 5000
copp-system-igmp 10000 copp-system-selfip-tc6to7 5000
copp-system-l2rsvd 10000 copp-system-sflow 25000

Example

These commands configure a maximum bandwidth of 5000 packets per second for data traffic specified by the class map PMAP-1 in the policy map named copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class PMAP-1
switch(config-pmap-c-copp-system-policy-PMAP-1)# shape pps 5000
switch(config-pmap-c-copp-system-policy-PMAP-1)#

shape (policy-map-class (control-plane)Helix)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) Helix).

Command Syntax

shape pps packets

no shape

default shape

Parameters

packets Maximum data rate in packets per second. Value ranges from 1 to 100000.

Static Classes Default Shape

Trident platform switches define these default shapes for static classes:

copp-system-acllog 10000 copp-system-l3ttl1 10000
copp-system-arp 10000 copp-system-lacp 5000
copp-system-arpresolver 10000 copp-system-lldp 10000
copp-system-bfd 10000 copp-system-mlag 5000
copp-system-bgp 5000 copp-system-OspfIsis 10000
copp-system-bpdu 5000 copp-system-selfip 5000
copp-system-default 8000 copp-system-selfip-tc6to7 5000
copp-system-glean 10000 copp-system-sflow 25024
copp-system-igmp 10000 copp-system-tc3to5 10000
copp-system-ipmcmiss 10000 copp-system-tc6to7 10000
copp-system-ipmcrsvd 10000 copp-system-urm 10000
copp-system-l3destmiss 10000 copp-system-vrrp 5000
copp-system-l3slowpath 10000

Related Commands

class (policy-map (control-plane) Helix) places the switch in the policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) Helix) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Example

These commands configure a maximum bandwidth of 5000 packets per second for data traffic specified by the copp-system-lldp of the default control-plane policy map.

switch(config)# policy-map type control-plan copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# shape pps 5000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy

  Class-map: copp-system-lldp (match-any)
       shape : 5000 pps
       bandwidth : 500 pps
      Out Packets : 305961
      Drop Packets : 0

switch(config)#

shape (policy-map-class (control-plane)Petra)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) Petra)

Command Syntax

shape kbps kilobits

no shape

default shape

Parameter

kilobits Maximum data rate in kilobits per second. Value ranges from 1 to 10000000.

Related Commands

class (policy-map (control-plane) Petra) places the switch in policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) Petra) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Static Classes Default Shape

Petra platform switches define these default shapes for static classes:

copp-system-bpdu 2500 copp-system-l3destmiss 2500
copp-system-default 2500 copp-system-l3slowpath 2500
copp-system-igmp 2500 copp-system-l3ttl0 2500
copp-system-ipbroadcast 2500 copp-system-l3ttl1 2500
copp-system-ipmc 2500 copp-system-lacp 2500
copp-system-ipmcmiss 2500 copp-system-lldp 2500
copp-system-ipmcrsvd 2500 copp-system-unicast-arp 2500
copp-system-ipunicast No Limit

Guidelines

Example

These commands configure the maximum bandwidth of 2000 kbps for data traffic specified by the class map copp-system-lldp of the default control-plane policy map. Because the switch does not support the discrete value of 2000 kbps, it converts the bandwidth up to 2115 kbps.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# shape kbps 2000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy

  Class-map: copp-system-lldp (match-any)
       shape : 2115 kbps
       bandwidth : 325 kbps
      Out Packets : 0
      Drop Packets : 0

switch(config)#

shape (policy-map-class (control-plane)Trident II)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) Trident II).

Command Syntax

shape pps packets

no shape

default shape

Parameter

packets Maximum data rate in packets per second. Value ranges from 1 to 100000.

Static Classes Default Shape

Trident II platform switches define these default shapes for static classes:

copp-system-acllog 10000 copp-system-l3slowpath 10000
copp-system-arp 10000 copp-system-l3ttl1 10000
copp-system-arpresolver 10000 copp-system-lacp 5000
copp-system-bfd 10000 copp-system-lldp 10000
copp-system-bgp 5000 copp-system-mlag 5000
copp-system-bpdu 5000 copp-system-selfip 5000
copp-system-default 8000 copp-system-selfip-tc6to7 5000
copp-system-glean 10000 copp-system-sflow 25024
copp-system-igmp 10000 copp-system-tc3to5 10000
copp-system-ipmcmiss 10000 copp-system-tc6to7 10000
copp-system-ipmcrsvd 10000 copp-system-urm 10000

Related Commands

class (policy-map (control-plane) Trident II) places the switch in policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) Trident II) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Example

These commands configure a maximum bandwidth of 5000 packets per second for data traffic specified by the copp-system-lldp of the default control-plane policy map.

switch(config)# policy-map type control-plan copp-system-policy
switch(config-pmap-copp-system-policy)# class copp-system-lldp
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# shape pps 5000
switch(config-pmap-c-copp-system-policy-copp-system-lldp)# exit
switch(config-pmap-copp-system-policy)# exit
switch(config)# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy

  Class-map: copp-system-lldp (match-any)
       shape : 5000 pps
       bandwidth : 500 pps
      Out Packets : 305961
      Drop Packets : 0

switch(config)#

shape (policy-map-class (control-plane)Trident)

The shape command specifies the maximum bandwidth for traffic filtered by the configuration mode policy map class.

Command Mode

Policy-map-class (control plane) configuration accessed through class (policy-map (control-plane) Trident).

Command Syntax

shape pps packets

no shape

default shape

Parameters

packets Maximum data rate in packets per second. Value ranges from 1 to 100000.

Static Classes Default Shape

Trident platform switches define these default shapes for static classes:

copp-system-arp 10000 copp-system-lldp 10000
copp-system-arpresolver 10000 copp-system-l3destmiss 10000
copp-system-bpdu 5000 copp-system-l3slowpath 10000
copp-system-default 8000 copp-system-l3ttl1 10000
copp-system-glean 10000 copp-system-selfip 5000
copp-system-igmp 10000 copp-system-selfip-tc6to7 5000
copp-system-ipmcmiss 10000 copp-system-sflow 25000
copp-system-ipmcrsvd 10000 copp-system-tc3to5 10000
copp-system-lacp 5000 copp-system-tc6to7 10000

Related Commands

class (policy-map (control-plane) Trident) places the switch in the policy-map-class (control plane) configuration mode.
bandwidth (policy-map-class (control-plane) Trident) specifies the minimum bandwidth for traffic defined by its associated class map in its configuration mode policy map class.

Example

These commands configure a maximum bandwidth of 5000 packets per second for data traffic specified by the class map PMAP-1 in the policy map named copp-system-policy.

switch(config)# policy-map type copp copp-system-policy
switch(config-pmap-copp-system-policy)# class PMAP-1
switch(config-pmap-c-copp-system-policy-PMAP-1)# shape pps 5000
switch(config-pmap-c-copp-system-policy-PMAP-1)

show class-map type control-plane

The show class-map command displays contents of available control-plane class maps. Control-plane class maps can be added to the copp-system-policy policy map. Control-plane class maps can be static class maps defined by the system or dynamic maps created in class-map configuration mode.

Dynamic class maps are composed of statements that match IPv4 access control lists. Static class maps are defined by the switch and cannot be altered.

Command Mode

EXEC

Command Syntax

show class-map type control-plane [MAP_NAME]

Parameters

MAP_NAME Name of class map displayed by the command. Options include:

no parameter Command displays all control plane class maps.
name_text Command displays specified control-plane class maps.

Related Command

show class-map command displays QoS class maps.
show class-map type qos displays control plane class maps.

Example

This command displays the available control plane class maps.

switch# show class-map type control-plane
  Class-map: CM-CP1 (match-any)
    Match: ip access-group name LIST-CP1
  Class-map: copp-system-acllog (match-any)
  Class-map: copp-system-arp (match-any)
  Class-map: copp-system-arpresolver (match-any)
  Class-map: copp-system-bpdu (match-any)
  Class-map: copp-system-glean (match-any)
  Class-map: copp-system-igmp (match-any)
  Class-map: copp-system-ipmcmiss (match-any)
  Class-map: copp-system-ipmcrsvd (match-any)
  Class-map: copp-system-l3destmiss (match-any)
  Class-map: copp-system-l3slowpath (match-any)
  Class-map: copp-system-l3ttl1 (match-any)
  Class-map: copp-system-lacp (match-any)
  Class-map: copp-system-lldp (match-any)
  Class-map: copp-system-selfip (match-any)
  Class-map: copp-system-selfip-tc6to7 (match-any)
  Class-map: copp-system-sflow (match-any)
  Class-map: copp-system-tc3to5 (match-any)
  Class-map: copp-system-tc6to7 (match-any)
switch>

show class-map type pbr

The show class-map command displays contents of all available Policy-Based Routing (PBR) class maps, or of a specified PBR class map. PBR class maps are used by PBR policy maps. PBR class maps are dynamic maps that are created in class-map-configuration mode. Dynamic class maps are composed of statements that match IPv4 or IPv6 access control lists.

Command Mode

EXEC

Command Syntax

show class-map type pbr [map_name]

Parameters

map_name Name of class map displayed by the command. If no parameter is entered, command show all available PBR class maps.

Related Command

show policy-map type pbr displays PBR policy maps.

Example

This command displays the contents of the PBR class map CMAP1.

switch# show class-map type pbr CMAP1
  Class-map: CMAP1 (match-any)
    Match: 10 ip access-group PBRgroup1
    Match: 20 ip access-group PBRgroup2
    Match: 30 ip access-group PBRgroup3
switch>

show class-map type qos

The show class-mapcommand displays contents of all available QoS class maps. QoS class maps are used by QoS policy maps. QoS class maps are dynamic maps that are created in class-map configuration mode. Dynamic class maps are composed of statements that match IPv4 or IPv6 access control lists.

Command Mode

EXEC

Command Syntax

show class-map [type qos][MAP_NAME]

Parameters

MAP_NAME Name of class map displayed by the command.

no parameter Command displays all QoS class maps.
name_text Command displays specified QoS class maps.

show class-map and show class-map type qos are identical commands.

Related Command

show class-map type control-plane displays control plane class maps.

Example

This command displays the available QoS class maps.

switch# show class-map type qos
  Class-map: CM-Q1 (match-any)
    Match: ipv6 access-group name LIST-1
  Class-map: CM-Q2 (match-any)
    Match: ip access-group name LIST-2
switch>

show policy-map copp

The show policy-map copp command displays contents of the control-plane policy map. Control-plane policy maps are applied to the control plane, and copp-system-policy is the only supported policy map.

Command Mode

EXEC

Command Syntax

show policy-map copp copp-system-policy

Example

This command displays the contents and throughput of the policy map applied to the control plane.

switch# show policy-map copp copp-system-policy
Service-policy input: copp-system-policy
  Number of units programmed: 1
  Hardware programming status: Successful

  Class-map: copp-system-bpdu (match-any)
       shape : 5000 pps
       bandwidth : 5000 pps
      Out Packets : 2
      Drop Packets : 0

  Class-map: copp-system-lacp (match-any)
       shape : 5000 pps
       bandwidth : 5000 pps
      Out Packets : 0
      Drop Packets : 0

switch>

show policy-map interface type qos counters

The show policy-map interface command displays the quantity of packets that are filtered by ACLs applied to a interface.

Command Mode

EXEC

Command Syntax

show policy-map [INTERFACE_NAME][type qos][TRAFFIC] counters

Parameters

INTERFACE_NAME Filters policy map list by interfaces. Options include:
- no parameter Displays data for all configured interfaces.
- interface ethernet e_range Ethernet ports for which command displays policy maps.
- interface port-channel p_range Port channels for which command displays policy maps.
TRAFFIC Filters policy maps by the traffic they manage. Options include:
- no parameter Policy maps that manage interfaces ingress traffic (same as input option).
- input Policy maps that manage interfaces ingress traffic.

Example

This command displays the policy maps applied to interfaces Ethernet 7 and 8.

switch# show policy-map interface ethernet 7-8
Service-policy input: PMAP-1
  Hardware programming status: Successful

  Class-map: cmap-1 (match-any)
    Match: ip access-group name LIST-2
       set cos 6

  Class-map: class-default (match-any)

Service-policy input: PMAP-2
  Hardware programming status: Successful

  Class-map: cmap-2 (match-any)
    Match: ip access-group name LIST-2
       set dscp 10

  Class-map: class-default (match-any)

switch#

show policy-map interface type qos

The show policy-map interface command displays contents of the policy maps applied to specified interfaces or to the control plane.

Command Mode

EXEC

Command Syntax

show policy-map interface INTERFACE_NAME [type qos] [TRAFFIC]

Parameters

INTERFACE_NAME Filters policy map list by interfaces. Options include:
- ethernet e_range Ethernet ports for which command displays policy maps.
- port-channel p_range Port channels for which command displays policy maps.
TRAFFIC Filters policy maps by the traffic they manage. Options include:
- no parameter Policy maps that manage interfaces ingress traffic (same as input option).
- input Policy maps that manage interfaces ingress traffic.

Example

This command displays the policy maps applied to interfaces Ethernet 7 and 8.

switch# show policy-map interface ethernet 7-8
Service-policy input: PMAP-1
  Hardware programming status: Successful

  Class-map: cmap-1 (match-any)
    Match: ip access-group name LIST-2
       set cos 6

  Class-map: class-default (match-any)

Service-policy input: PMAP-2
  Hardware programming status: Successful

  Class-map: cmap-2 (match-any)
    Match: ip access-group name LIST-2
       set dscp 10

  Class-map: class-default (match-any)

switch#

show policy-map type copp

The show policy-map type copp command displays contents of control plane policy maps. Control-plane policy maps are applied to the control plane; copp-system-policy is the only supported policy map.

Command options filter the output to display contents of all policy maps, contents of a specified policy map, or contents of a single class map within a specified policy map.

Command Mode

EXEC

Command Syntax

show policy-map type copp copp-system-policy [CMAP_NAME]

Parameters

CMAP_NAME Name of class map displayed by the command.

no parameter Command displays all class maps in specified policy map.
class_name Command displays specified class map.

Example

This command displays the contents of the copp-system-bpdu class map in the copp-system-policy policy maps.

switch# show policy-map type copp copp-system-policy class copp-system-bpdu
  Class-map: copp-system-bpdu (match-any)
       shape : 5000 pps
       bandwidth : 5000 pps

switch>

show policy-map type pbr

The show policy-map pbr command displays contents of Policy-Based Routing (PBR) policy maps. PBR policy maps are applied to Ethernet interfaces, port channel interfaces or switch virtual interfaces (SVIs).

Command options filter the output to either display contents of all policy maps, contents of a specified policy map, or summary contents of all or a specified policy map.

Command Mode

EXEC

Command Syntax

show policy-map type pbr [PMAP_NAME][DATA_LEVEL]

Parameters

PMAP_NAME Name of policy map displayed by the command.
- no parameter Command displays all policy maps.
- policy_map Command displays specified policy map.
DATA_LEVEL Type of information the command displays. Values include:
- no parameter Command displays all class maps in specified policy map.
- summary Command displays summary data for the specified policy map.

Example

This command displays the contents of all PBR policy maps in running-config.

switch# show policy-map type pbr
Service policy PMAP1
Configured on:
Applied on:
10: Class-map: CMAP1 (match-any)
Match: 10 ip access-group PBRgroup1
Match: 20 ip access-group PBRgroup2
Match: 30 ip access-group PBRgroup3
Configured actions: set nexthop 172.16.10.12
20: Class-map: CMAP2 (match-any)
Match: 10 ip access-group PBRgroup1
Match: 10 ip access-group PBRgroup4
Match: 20 ip access-group PBRgroup5
Configured actions: set nexthop 192.168.15.15
switch#

show policy-map type qos counters

The show policy-map counters command displays the quantity of packets that are filtered by the ACLs that comprise a specified QoS policy map.

Command Mode

EXEC

Command Syntax

show policy-map [type qos] pmap_name [TRAFFIC] counters [INFO_LEVEL]

Parameters

pmap_name Name of policy map displayed by the command.
TRAFFIC Filters policy maps by the traffic they manage. Options include:
- no parameter Policy maps that manage interfaces ingress traffic (same as input option).
- input Policy maps that manage interfaces ingress traffic.
INFO_LEVEL amount of information that is displayed. Options include:
- no parameter displays summarized information about the policy map.
- detail displays detailed policy map information.

show policy-map type qos

The show policy-map qos command displays contents of QoS policy maps. QoS policy maps are applied to Ethernet or port channel interfaces.

Command options filter the output to either display contents of all policy maps, contents of a specified policy map, or contents of a single class map within a specified policy map.

Command Mode

EXEC

Command Syntax

show policy-map [type qos][PMAP_NAME [CMAP_NAME]]

Parameters

PMAP_NAME Name of policy map displayed by the command.
- no parameter Command displays all policy maps.
- policy_map Command displays specified policy map.
CMAP_NAME Name of class map displayed by the command. This option is available only when the command includes a policy map name.
- no parameter Command displays all class maps in specified policy map.
- class_name Command displays specified class map.

Example

This command displays the contents of all QoS policy maps in running-config.

switch# show policy-map type qos
Service-policy input: PMAP-1
  Hardware programming status: Successful

  Class-map: xeter (match-any)
    Match: ip access-group name LIST-1
       set cos 6

  Class-map: class-default (match-any)

Service-policy PMAP-2

  Class-map: class-default (match-any)

switch#

show traffic-policy

The show traffic-policy command displays traffic policy information on the interface.

Command Mode

EXEC

Command Syntax

show traffic-policy NAME interface

show traffic-policy interface [DETAILS]

Parameters

DETAILS Details requested. Options include:

summary Display summary information about the policy.
- errors Display all configured remote grantees, associated profile name and latest update.
- details Display all interfaces on which the policy has been configured.

Examples

This command displays the summary information configured on the switch interfaces.

switch(config-traffic-policies)# show traffic-policy interface summary
Traffic policy samplePolicy
   Configured on interfaces: Ethernet1/1, Ethernet2/1, Ethernet3/1, ...
   Applied on interfaces for IPv4 traffic: Ethernet1/1, Ethernet2/1, Ethernet3/1, ...
   Applied on interfaces for IPv6 traffic:
   Total number of rules configured: 3
      match SIMPLE ipv4
      match ipv4-all-default ipv4
      match ipv6-all-default ipv6

This command displays information about the traffic policy named samplePolicy.

switch(config-traffic-policies)# show traffic-policy samplePolicy interface
Traffic policy samplePolicy
   Configured on interfaces: Ethernet1/1, Ethernet2/1, Ethernet3/1, ...
   Applied on interfaces for IPv4 traffic: Ethernet1/1, Ethernet2/1, Ethernet3/1, ...
   Applied on interfaces for IPv6 traffic:
   Total number of rules configured: 3
      match SIMPLE ipv4
         Source prefix: 192.0.2.0/24
                        198.51.100.0/24
         Destination prefix: 203.0.113.0/24
         Protocol: tcp
            Source port: 50-100
                         110-200
         Actions: Drop
      match ipv4-all-default ipv4
      match ipv6-all-default ipv6

This command displays all interfaces on which samplePolicy has been configured.

switch(config-traffic-policies)# show traffic-policy interface detail
Traffic policy samplePolicy
   Configured on interfaces: Ethernet1/1, Ethernet2/1, Ethernet3/1, Ethernet4/1
   Applied on interfaces for IPv4 traffic: Ethernet1/1, Ethernet2/1, Ethernet3/1, Ethernet4/1
   Applied on interfaces for IPv6 traffic:
   Total number of rules configured: 3
      match SIMPLE ipv4
         Source prefix: 192.0.2.0/24
                        198.51.100.0/24
         Destination prefix: 203.0.113.0/24
         Protocol: tcp
            Source port: 50-100
                         110-200
         Actions: Drop
      match ipv4-all-default ipv4
      match ipv6-all-default ipv6

This command displays installation errors for a match statement. The example has no errors.

switch(config-traffic-policies)# show traffic-policy interface errors
Traffic policy samplePolicy
   Failed on interface for IPv4 traffic:
   Failed on interface for IPv6 traffic:

Interface Configuration

This chapter describes Ethernet ports supported by Arista switches as well as channel groups, port channels, port channel interfaces, Link Aggregation Control Protocol (LACP), and Multi-Chassis Link Aggregation. This chapter contains the following sections:

Ethernet Ports

This section describes Ethernet ports supported by Arista switches. Topics covered in this section include:

Ethernet Ports Introduction
Ethernet Standards
Ethernet Physical Layer
Interfaces
MRU Enforcement
Displaying Interface Interactions
Dynamic Link Flap Damping
Ethernet Configuration Procedures
Ethernet Configuration Commands

Ethernet Ports Introduction

Arista switches support a variety of Ethernet network interfaces. This chapter describes the configuration and monitoring options available in Arista switching platforms.

Ethernet Standards

Ethernet, standardized in IEEE 802.3, is a group of technologies used for communication over local area networks. Ethernet communication divides data streams into frames containing addresses (source and destination), payload, and Cyclical Redundancy Check (CRC) information.

IEEE 802.3 also describes two types of optical fiber: Single-Mode Fiber (SMF) and Multi-Mode Fiber (MMF). MMF range limits from 50 to 500 meters range.

100 Gigabit Ethernet

The 100 Gigabit Ethernet (100GbE) standard defines an Ethernet implementation with a nominal data rate of 100 billion bits per second over 10x10G, 4x25G, or 1x100G. 100 Gigabit Ethernet implements full duplex point-to-point links connected by network switches. Arista switches support 100GBASE-10SR through MXP ports.

40 Gigabit Ethernet

The 40 Gigabit Ethernet (40GbE) standard defines an Ethernet implementation with a nominal data rate of 40 billion bits per second over multiple 10 gigabit lanes. 40 Gigabit Ethernet implements full duplex point to point links connected by network switches. 40 Gigabit Ethernet standards use the “40GBASE-xyz" naming scheme, as explained in 40GBASE-xyz Interpretation.

Table 1. 40GBASE-xyz Interpretation
x	y	z
Non-fiber media type, or fiber wavelength	PHY encoding	Number of WWDM wavelengths or XAUI Lanes
C = Copper F = Serial SMF K = Backplane L = Long (1310 nm) S = Short (850 nm)	R = LAN PHY (64B/66B)	No value = 1 (serial) 4 = 4 WWDM wavelengths or XAUI Lanes

10 Gigabit Ethernet

The 10 Gigabit Ethernet (10GbE) standard defines an Ethernet implementation with a nominal data rate of 10 billion bits per second. 10 Gigabit Ethernet implements full duplex point-to-point links connected by network switches. Half duplex operation, hubs, and CSMA/CD do not exist in 10GbE. The standard encompasses several PHY standards; a networking device may support different PHY types through pluggable PHY modules. 10GbE standards are named 10GBASE-xyz, as interpreted by 10GBASE-xyz Interpretation.

Table 2. 10GBASE-xyz Interpretation
x	y	z
media type or wavelength, if media type is fiber	PHY encoding type	Number of WWDM wavelengths or XAUI Lanes
C = Copper (twin axial) T = Twisted Pair S = Short (850 nm) L = Long (1310 nm) E = Extended (1550 nm) Z = Ultra extended (1550 nm)	R = LAN PHY (64B/66B) X = LAN PHY (8B/10B) W = WAN PHY(*) (64B/66B)	If omitted, value = 1 (serial) 4 = 4 WWDM wavelengths or XAUI Lanes

Gigabit Ethernet

The Gigabit Ethernet (GbE) standard, defined by IEEE 802.3-2008, describes an Ethernet version with a nominal data rate of one billion bits per second. GbE cables and equipment are similar to those used in previous standards. While full-duplex links in switches are the typical implementation, the specification permits half-duplex links connected through hubs.

Gigabit Ethernet physical layer standards that Arista switches support include 1000BASE-X (optical fiber), 1000BASE-T (twisted pair cable), and 1000BASE-CX (balanced copper cable).

1000BASE-SX is a fiber optic standard that utilizes multi-mode fiber supporting 770 to 860 nm, near-infrared (NIR) light wavelength to transmit data over distances ranging from 220 to 550 meters. Network designs typically leverage 1000BASE-SX for intra-building links in large office buildings, co-location facilities, and carrier-neutral Internet exchanges.
1000BASE-LX is a fiber standard that utilizes a long wavelength laser (1,2701,355 nm) with an RMS spectral width of 4 nm to transmit data up to 5 km. 1000BASE-LX can run on all common types of multi-mode fiber with a maximum segment length of 550 m.
1000BASE-T is a standard for gigabit Ethernet over copper wiring. Each 1000BASE-T network segment can be a maximum length of 100 meters.

10/100/1000BASE-T

Arista switches provide 10/100/1000BASE-T Ethernet out-of-band management ports. Auto-negotiation is enabled on these interfaces. Speed (10/100/1000), duplex (half/full), and flow control settings are available using the appropriate speed and flowcontrol commands.

Power over Ethernet (PoE)

Selected Arista switches provide Power over Ethernet (PoE) to power connected devices. Arista’s PoE implementation is compliant with IEEE standards 802.3af and 802.3at and includes partial support for 802.3bt.

When a standards-compliant Powered Device (PD) is connected to a PoE-enabled Ethernet port, it is recognized by a specific resistor signature, and its power class is determined by hardware negotiation; more granular power adjustments can then be managed by the Link Layer Discovery Protocol (LLDP).

Link Fault Signaling

Link Fault Signaling (LFS) is a mechanism by which a port transmits remote link fault signals to its peer over the link that is experiencing problems by configuring specific actions. LFS operates between the remote Reconciliation Sublayer (remote RS) and the local Reconciliation Sub-layer (local RS). The local RS treats faults detected between the remote RS and the local RS as local faults.

LFS enables monitoring FCS and symbol errors on an interface, and if they exceed a configured threshold, one of the following three actions is enabled:

Disable the error on the interface.
Generate system log messages.
Generate a link fault.

Ethernet Physical Layer

The Ethernet Physical Layer (PHY) includes hardware components connecting a switch's MAC layer to a transceiver, a cable, and ultimately to a peer link partner.

Data exist in digital form at the MAC layer. On the line side of the PHY, data exist as analog signals: light blips on optical fiber or voltage pulses on copper cable. Signals may be distorted while in transit and recovery may require signal processing. Ethernet physical layer components include a PHY and a transceiver.

PHYs

The PHY provides translation services between the MAC layer and the transceiver. It also helps to establish links between the local MAC layer and peer devices by detecting and signaling fault conditions. The PHY line-side interface receives Ethernet frames from the link partner as analog waveforms. The PHY uses signal processing to recover the encoded bits, then sends them to the MAC layer.

PHY line-side interface components and their functions include:

Physical Medium Attachment (PMA): Framing, octet synchronization, scrambling/ sdescrambling.
Physical Medium Dependent (PMD): Consists of the transceiver.
Physical Coding Sublayer (PCS): Performs auto-negotiation and coding (8B/10B or 64B/66B).

The MAC sublayer of the PHY provides a logical connection between the MAC layer and the peer device by initializing, controlling, and managing the connection with the peer.

The PHY's system-side interface receives Ethernet frames transmitted by the switch as a sequence of digital bits. The PHY encodes them into a media-specific waveform for transmission through the line-side interface and transceiver to the link peer. This encoding may include signal processing, such as pre-distortion and forward error correction.

PHY system-side interface components and their functions include:

10 Gigabit Attachment Unit Interface (XAUI): Connects an Ethernet MAC to a 10 Gb/s PHY.
Serial Gigabit Media Independent Attachment (SGMII): Connects an Ethernet MAC to a 1 Gb/s PHY.

Transceivers

A transceiver connects the PHY to an external cable (optical fiber or twisted-pair copper) and through a physical connector (LC jack for fiber or RJ-45 jack for copper).

Optical transceivers convert the PHY signal into light pulses that are sent through optical fiber.
Copper transceivers connect the PHY to twisted-pair copper cabling.

Arista Small Form-Factor Pluggable (SFP+) and Quad Small Form Factor Pluggable (QSFP+) modules and cables provide high-density, low-power Ethernet connectivity over fiber and copper media. Arista offers transceivers that span data rates, media types, and transmission distances.

Arista 10 Gigabit Ethernet SFP+ Modules

10GBASE-SR (Short Reach)
- Link length: maximum 300 meters over multi-mode fiber.
Optical interoperability with 10GBASE-SRL.
10GBASE-SRL (Short Reach Lite)
- Link length: maximum 100 meters over multi-mode fiber.
- Optical interoperability with 10GBASE-SR.
10GBASE-LRL (Long Reach Lite)
- Link length: maximum 1 km over single-mode fiber.
- Optical interoperability with 10GBASE-LR (1 km maximum).
10GBASE-LR (Long Reach)
- Link length: maximum 10 km over single-mode fiber.
- Optical interoperability with 10GBASE-LRL (1 km maximum).
10GBASE-LRM (Long Reach Multi-mode)
- Link length: maximum 220 meters over multi-mode fiber (50 um and 62.5 um).
10GBASE-ER (Extended Reach)
- Link length: maximum 40 km over single-mode fiber.
10GBASE-ZR (Ultra-Extended Reach)
- Link length: maximum 80 km over single-mode fiber.
10GBASE-DWDM (Dense Wavelength Division Multiplexing)
- Link length: maximum 80 km over single-mode fiber (40 color options).
- Tunable SFP+ Optics Module, Full C-Band 50 GHz ITU Grid, up to 80km over duplex SMF.

Arista 10 Gigabit Ethernet CR Cable Modules

10GBASE-CR SFP+ to SFP+ Cables
- Link lengths of 0.5, 1, 1.5, 2, 2.5, 3, 5, and 7 meters over twinax copper cable.
- Includes SFP+ connectors on both ends.
4 x 10GbE QSFP+ to 4 x SFP+ twinax copper cables.
- Link lengths of 0.5, 1, 2, 3, and 5 meters over twinax copper cable.

Arista 25 Gigabit Ethernet Modules

25GBASE-CR SFP28 Cable
- Capable of 10G/25Gb/s speeds with link lengths of 1 to 5 meters.
AOC-S-S-25G SFP28 to SFP28 25GbE Active Optical Cable.
- Link lengths of 3 to 30 meters.
SFP-25G-SR SFP28 Optics Module
- Link length of up to 70 m over OM3 MMF or 100 m over OM4 MMF.
SFP-25G-LR SFP28 Optics Module
- Link length of up to 10 kilometers over duplex SMF.

Arista 40 Gigabit Ethernet QSFP+ Cables and Optics

40GBASE-SR4 QSFP+ Transceiver.
- Link length: maximum 100 meters over parallel OM3 or 150 meters over OM4 MMF.
- Optical interoperability with 40GBASE-XSR4 (maximum distance of 100/150 meters).
40GBASE-XSR4 QSFP+ Transceiver.
- Link length maximum 300 meters over parallel OM3 or 450 meters over OM4 MMF.
- Optical interoperability with 40GBASE-SR4 (maximum distance of 100/150 meters).
40GBASE-LR4 QSFP+.
- Link length: maximum 10 km over duplex single-mode fiber.
40GBASE-CR4 QSFP+ to QSFP+ twinax copper cables.
- Link lengths of 1, 2, 3, 5, and 7 meters over twinax copper cable.
40GBASE-BIDI Bidirectional QSFP+ Optic.
- Link length: up to 100 meters over parallel OM3 or 150 meters over OM4 MMF.
40GBASE-UNIV QSFP+ Optic.
- Link length: up to 150 meters over duplex OM3/OM4 MMF and 500 meters over duplex SMF.
40GBASE-LRL QSFP+ Optic.
- Link length: up to 1 kilometer over duplex SMF.
40GBASE-PLRL4 QSFP+ Optic.
- Link length: up to 1 kilometer over parallel SMF (i.e., 4x10G LR up to 1 km).
40GBASE-PLR4 QSFP+ Optic
- Link length: up to 10 kilometers over parallel SMF (i.e., 4x10G LR up to 1 km).
40GBASE-ER QSFP+ Optic.
- Link length: up to 40 kilometers over duplex SMF.

Arista Gigabit Ethernet SFP Options

1000BASE-SX (Short Haul).
- Multi-mode fiber.
- Link length: up to 550 meters.
1000BASE-LX (Long Haul).
- Single-mode fiber.
- Link length: up to 10 km (single mode).
1000BASE-T (RJ-45 Copper).
- Category 5 cabling.
- Full duplex 1000 Mbps connectivity.

Arista 100 Gigabit Ethernet QSFP Modules

100GBASE-SR4 QSFP transceiver.
- Link length: up to 70 meters over parallel OM3 or 100 meters over OM4 multi-mode fiber.
100GBASE-SWDM4 QSFP transceiver.
- Link length: up to 70 meters over OM3 or 100 meters over OM4 duplex multi-mode fiber.
100GBASE-BIDI QSFP transceiver.
- Link length: up to 70 meters over OM3 or 100 meters over OM4 duplex multi-mode fiber.
100GBASE-PSM4 40G/100G dual speed QSFP Optics Module.
- Link length: up to 500 meters over parallel single-mode fiber.
100GBASE-CWDM4 40G/100G dual speed QSFP Optics Module.
- Link length: up to 2 km over duplex single-mode fiber.
100GBASE-LRL4 QSFP Optics Module.
- Link length: up to 2 km over duplex single-mode fiber.
100GBASE-LR4 QSFP Optics Module.
- Link length: up to 10 km over duplex single-mode fiber.
100GBASE-ERL4 QSFP Optics Module.
- Link length: up to 40 km over duplex single-mode fiber.
100GBASE-ZR4 QSFP Optics Module.
- Link length: up to 80 km over single-mode fiber.
100GBASE-CR4 QSFP to QSFP Twinax copper cable.
- Link lengths of 1 to 5 meters.
100GBASE-CR4 QSFP to 4 x 25GbE SFP Twinax copper cable.
- Link lengths of 1 to 5 meters.

Internal Ports

Several Arista switches include internal ports that connect directly to an external cable through an RJ-45 jack. Internal ports available on Arista switches include:

100/1000BASE-T (7048T-A).
100/1000/10GBASE-T (7050-T).

AOC Cables

AOC-Q-Q-100G QSFP 100GbE Active Optical Cable.
- Link lengths of 3 to 30 meters.
AOC-Q-Q-40G QSFP+ to QSFP+ 40GbE Active Optical Cable.
- Link lengths of 3 to 100 meters.
AOC-S-S-25G SFP28 to SFP28 25GbE Active Optical Cable.
- Link lengths of 3 to 30 meters.

400GBASE-ZR Transceivers

400GBASE-ZR transceiver is the industry’s first multi-vendor DWDM standard, a Digital Coherent Optical module with tunable laser, using DWDM multiplexing and 16QAM modulation and capable of delivering 400G per port over distances up to 120 km.

Key software features supported:

Compliance with CMIS4.0/CMIS4.1 (CMIS5.0) and Coherent CMIS.
Frequency tuning (100 GHz and 75 GHz grids).
DOM monitoring, including VDM (Versatile Diagnostics Monitoring) pages, defined in CMIS4.0.
Coherent alarms and faults, including pages, defined by Coherent CMIS.
Configurable Tx output power.
A separate command for shutting down the Tx output path for unidirectional mode.
1-second update of pre-FEC BER, OSNR, ESNR.
400GBASE-ZR transceiver with Open Forward Error Correction (O-FEC) (EOS release 4.25.2F.)
4x100 Gb/s mode for the 400GBASE-ZR transceivers (EOS release 4.25.2F).
Override a transceiver slot’s maximum power limit (EOS release 4.25.2F.)

Platform Compatibility

The 400GBASE-ZR transceiver is a power class 8 module with a power consumption of up to 20W, the highest power consumption among 400G transceivers.

In theory, every 400GBASE OSFP or QSFP-DD switch is qualified to host 400GBASE-ZR transceivers. However, the actual number of 400GBASE-ZR modules that can be used by a switch simultaneously may vary, depending on platform (modular vs. fixed) and ASIC type. It is always recommended to discuss the installation of 400GBASE-ZR modules with Arista support.

Using 400GBASE-ZR in Combination with OSFP-LS

Arista EOS allows the use of OSFP-LS (pluggable line system in the OSFP form factor), instead of traditional DCI line systems.

Configuring 400GBASE-ZR Transceivers

Laser Frequency Configuration

All coherent modules, including 400GBASE-ZR, require their laser frequency to be explicitly configured. To configure the laser frequency for 400GBASE-ZR, use the transceiver frequency command under the defined interface, providing a frequency expressed in Gigahertz in the range of 191.3-196.1 THz. If a laser frequency is not configured or is configured outside the valid range, all interfaces associated with the port are put into error-disabled state.

switch# conf
switch(config)#
switch(config)# interface Ethernet12/1
switch(config-if-Et12/1)# transceiver frequency 193100
switch(config-if-Et12/1)#

Configured and operational frequency settings can be verified using the show interface transceiver hardware command.

Note:

It can take up to 90 seconds for the 400GBASE-ZR module to fully complete frequency tuning.
The frequency plan for 400GBASE-ZR modules support channel spacings of 100 GHz or 75 GHz. It is recommended to use operating frequency channel definitions in chapter 15 of [4].

Transmit Output Power Configuration

CMIS4.0 defines support of configurable transmit output power as an optional feature. Check the output of show interface transceiver eeprom command for page 04h, registers 196-201, to see if it is supported.

Programmable output power advertisement (04h:196-201):
    Lane programmable output power supported (04h:196): true
    Min programmable output power (04h:198-199): -14 dB
    Max programmable output power (04h:200-201): -10 dB

Transmit output power can be configured using the transceiver transmitter signal power command.

switch# conf
switch(config)# interface Ethernet14/1
switch(config-if-Et14/1)# transceiver transmitter signal-power ?
switch(config-if-Et14/1)# transceiver transmitter signal-power -10

You can check the configured TX power using the show interface transceiver hardware command and the actual operational TX power using the show interface transceiver command.

Note:

400GBASE-ZR does not have a recommended level of transmit laser power. In most cases, it is okay to keep the default power.
Some vendors may not populate the range of supported output powers correctly. The range -10 to -14 dBm should be supported. Contact Arista Support if you are planning to configure the output power outside of this range.

Transmit Output Disable and Unidirectional Mode

In coherent optics, the shutdown command impacts both transmit and receive paths and can’t be used to set up a unidirectional mode. To shut down the TX output path, use the transceiver transmitter disabled command:

switch# conf
switch(config)# interface Ethernet14/1
switch(config-if-Et14/1)# transceiver transmitter DISABLED

To re-enable the transmit path, use the no or default version of the above configuration command.

Configuring 4x100 Gb/s mode for 400GBASE-ZR transceivers

4x100 Gb/s mode connects four host Ethernet interfaces over 100GAUI-2 electrical interfaces to a single optical lane acting as a 4x1 muxponder. To enable this mode on a 400GBASE-ZR transceiver, configure the speed on each of the four interfaces.

switch(config-if-Et4/1)# speed 100g-2
switch(config-if-Et4/3,4/5,4/7)# speed 100g-2

switch# show interfaces ethernet 4/1-5/8 status
Port   	Name   Status   	  Vlan 	Duplex Speed  Type     	Flags Encapsulation
Et4/1       	  connected 	  1    	full   100G   400GBASE-ZR               	 
Et4/3       	  connected 	  1    	full   100G   400GBASE-ZR               	 
Et4/5       	  connected 	  1    	full   100G   400GBASE-ZR               	 
Et4/7       	  connected 	  1    	full   100G   400GBASE-ZR               	 
Et5/1       	  connected          1    	full   100G   400GBASE-ZR               	 
Et5/3       	  connected          1    	full   100G   400GBASE-ZR               	 
Et5/5       	  connected          1    	full   100G   400GBASE-ZR               	 
Et5/7       	  connected   	1    	full   100G   400GBASE-ZR

Each of the Ethernet interfaces can be independently shut down without affecting the transmission over the other interfaces.

switch(config-if-Et4/1,4/3,4/5)# shutdown
switch# show interfaces ethernet 4/1-5/8 status
Port   	Name   Status   	  Vlan 	Duplex Speed  Type     	Flags Encapsulation
Et4/1       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/3       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/5       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/7       	  connected	  1    	full   100G   400GBASE-ZR               	 
Et5/1       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/3       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/5       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/7       	  connected	   1    	full   100G   400GBASE-ZR

switch# show interfaces ethernet 4/1 transceiver
If device is externally calibrated, only calibrated values are printed.
N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
                            	Bias  	Optical   Optical           	 
      	Temp   	Voltage    Current    Tx Power  Rx Power          	 
Port  	(Celsius)  (Volts)    (mA)  	(dBm)     (dBm)  	Last Update  
----- 	---------  --------   --------  --------  --------    -------------------
Et4/1	     59.00      3.25     279.70     -9.46     -8.29    0:00:01 ago

However, shutting down all four interfaces disables the laser:

switch(config-if-Et4/7)# shutdown
switch# show interfaces ethernet 4/1-5/8 status
Port   	Name   Status   	  Vlan 	Duplex Speed  Type     	Flags Encapsulation
Et4/1       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/3       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/5       	  disabled 	  1    	full   100G   400GBASE-ZR               	 
Et4/7       	  disabled	   1    	full   100G   400GBASE-ZR               	 
Et5/1       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/3       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/5       	  notconnect        1    	full   100G   400GBASE-ZR               	 
Et5/7       	  notconnect	  1    	full   100G   400GBASE-ZR

switch# show interfaces ethernet 4/1 transceiver
If device is externally calibrated, only calibrated values are printed.
N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
                            	Bias  	Optical   Optical           	 
      	Temp   	Voltage    Current    Tx Power  Rx Power          	 
Port  	(Celsius)  (Volts)    (mA)  	(dBm)     (dBm)  	Last Update  
----- 	---------  --------   --------  --------  --------    -------------------
Et4/1	     44.00      3.33       0.00    -30.00    -30.00    0:00:01 ago

Configuring Open Forward Error Correction on 400GBASE-ZR

Open FEC (O-FEC) is a Forward Error Correction encoder and decoder, specified in the Open ZR+ MSA [2], with an overhead of 15.3% and a net coding gain of 11.6 dB for 16QAM modulation. Compared to Concatenated FEC (C-FEC), which is a default FEC specified for 400GBASE-ZR coherent transceivers by CMIS4.0, O-FEC provides higher coding gain (11.6dB for O-FEC vs 10.8 dB for C-FEC /16QAM), and it can correct a pre-FEC BER of up to 2E-2.

The error-correction encoding <FEC> command configures the transceiver’s optical transmission to use O-FEC:

switch(config-if-Et4/1)# error-correction encoding open

Transceiver Slot’s Maximum Power Limit

The transceiver power ignore command allows EOS to bypass the power check for the transceivers to be operational.

switch(config-if-Et4/1)# transceiver power ignore
! You can risk damaging hardware by using transceiver modules with high power consumption. We recommend that you do this only under direction from Arista Networks.

Show Commands

show interface transceiver eeprom

The show interface transceiver eeprom command displays the parsed capabilities.

Example

For 400GBASE-ZR, the display of frequency tuning, power tuning (page 04h), and VDM configuration pages (20h-23h) is added.

switch# show interface Ethernet15/1 transceiver eeprom
Ethernet15 EEPROM:
...
  Frequency tuning support (04h:128-129):
    Grid spacing capabilities (04h:128):
      100 GHz grid supported (04h:128): true
      12.5 GHz grid supported (04h:128): false
      25 GHz grid supported (04h:128): false
      3.125 GHz grid supported (04h:128): false
      33 GHz grid supported (04h:128): false
      50 GHz grid supported (04h:128): false
      6.25 GHz grid supported (04h:128): false
      75 GHz grid supported (04h:128): true
    Tunable wavelength (04h:128): true
    Fine tuning support (04h:129): false
  Supported channel boundaries (04h:130-161):
    100 GHz grid (04h:150-153):
      Lowest channel (04h:150-151): -18
      Lowest frequency (04h:150-151): 191300000 MHz
      Highest channel (04h:152-153): 30
      Highest frequency (04h:152-153): 196100000 MHz
    75 GHz grid (04h:158-161):
      Lowest channel (04h:158-159): -72
      Lowest frequency (04h:158-159): 191300000 MHz
      Highest channel (04h:160-161): 120
      Highest frequency (04h:160-161): 196100000 MHz
  Programmable output power advertisement (04h:196-201):
    Lane programmable output power supported (04h:196): false
  VDM configuration (20h:128-255;21h:128-255):
    VDM group 1 (20h:128-255):
      Parameter 1 (20h:128-129):
        Lane (20h:128): 0
        Threshold ID (20h:128): 0
        Parameter type (20h:129): Laser temperature
      Parameter 3 (20h:132-133):
        Lane (20h:132): 0
        Threshold ID (20h:132): 2
        Parameter type (20h:133): eSNR host input
      Parameter 4 (20h:134-135):
        Lane (20h:134): 1
        Threshold ID (20h:134): 2
        Parameter type (20h:135): eSNR host input
      Parameter 5 (20h:136-137):
        Lane (20h:136): 2
        Threshold ID (20h:136): 2
        Parameter type (20h:137): eSNR host input
...
       Parameter 84 (21h:166-167):
        Lane (21h:166): 0
        Threshold ID (21h:166): 14
        Parameter type (21h:167): MER
  Number of VDM groups supported (2Fh:128): 2

show interface transceiver dom

The show interface transceiver dom command displays the most important current performance data on the media (line) side.

Example

switch# show interface Ethernet11/1 transceiver dom
Ch: Channel, N/A: not applicable, TX: transmit, RX: receive
mA: milliamperes, dBm: decibels (milliwatts), C: Celsius, V: Volts

Port 11
Last update: 0:00:05 ago
                                             Value
                                        ----------------
   Case temperature                         66.59 C
   Voltage                                   3.26 V
   TX power                                -10.23 dBm
   RX total power                          -11.61 dBm
   RX channel power                        -11.94 dBm
   Pre-FEC BER                           1.82e-03 
   Post-FEC errored frames ratio         0.00e+00 
   Chromatic dispersion (short link)         0.00 ps/nm
   Chromatic dispersion (long link)          0.00 ps/nm
   Differential group delay                  9.31 ps
   SOPMD                                     0.00 ps^2
   Polarization dependent loss               0.40 dB
   Received OSNR estimate                   35.10 dB
   Received ESNR estimate                   17.50 dB
   Carrier frequency offset                  0.00 MHz
   Error vector magnitude                  100.00 %
   SOP rate of change                        0.00 krad/s
   Laser temperature                        59.54 C
   Laser frequency                         193100.00 GHz

BER: Bit Error Rate
FEC: Forward Error Correction
OSNR: Optical Signal to Noise Ratio
ESNR: Electrical Signal to Noise Ratio
SOP: State of Polarization
SOPMD: State of Polarization Mode Dispersion

show interfaces hardware

The show interfaces hardware command displays the speed capabilities of a module. A 400GBASE-ZR supports 4x100 Gb/s mode if the 100G-2/full speed is supported.

Example

switch# show interfaces ethernet 4/1 hardware 
*  = Requires speed group setting change
Ethernet4/1
  Model: DCS-7280PR3K-24
  Type: 400GBASE-ZR
  Speed/duplex: 100G-2/full,400G-8/full(default)
  Flowcontrol: rx-(off,on),tx-(off)
  Modulation: 16QAM
  Error correction: C-FEC(16QAM(default)), O-FEC(16QAM)

The show interface status command displays the status and characteristics of the Ethernet interfaces:

switch#show interfaces ethernet 4/1,4/3,4/5,4/7 status
Port      Name  Status   	Vlan 	Duplex Speed  Type     	Flags Encapsulation
Et4/1           connected	1    	full   100G   400GBASE-ZR
Et4/3           connected	1    	full   100G   400GBASE-ZR
Et4/5           connected	1    	full   100G   400GBASE-ZR
Et4/7           connected	1    	full   100G   400GBASE-ZR

show transceiver status interface

The show transceiver status interface command displays the most important alarms, faults,interface statuses, and the existence of four host interfaces in the example below.

Example

For 400GBASE-ZR modules, media and host-side coherent alarms, host-side pre-FEC BER (defined in the Coherent CMIS), and post-FEC BER have been added to the command’s output:

switch# show transceiver status interface Ethernet 4/1,4/3,4/5,4/7
                                Current State        Changes       Last Change
                                -------------        -------       -----------
Port 4
  Transceiver               	400GBASE-ZR             3   	2:32:34 ago
  Transceiver SN            	204653947                  	 
  Presence                  	present                       	 
  Adapters                  	none                          	 
  Bad EEPROM checksums                                     0   	never
  Resets                                                   0   	2:32:41 ago
  Interrupts                                               0   	never
  Data path firmware fault  	ok                       0   	never
  Module firmware fault     	ok                       0   	never
  Temperature high alarm    	ok                       0   	never
  Temperature high warn     	ok                       0   	never
  Temperature low alarm     	ok                       0   	never
  Temperature low warn      	ok                       0   	never
  Voltage high alarm        	ok                       0   	never
  Voltage high warn         	ok                       0   	never
  Voltage low alarm         	ok                       2   	2:32:19 ago
  Voltage low warn          	ok                       2   	2:32:19 ago
  Module state              	ready                    6   	0:02:21 ago
  Data path 1 state         	activated                12         0:01:33 ago
  Data path 2 state         	activated                12   	0:01:33 ago
  Data path 3 state         	activated                12   	0:01:33 ago
  Data path 4 state         	activated                12   	0:01:33 ago
  Data path 5 state         	activated                12   	0:01:33 ago
  Data path 6 state         	activated                12   	0:01:33 ago
  Data path 7 state         	activated                12   	0:01:33 ago
  Data path 8 state         	activated                12   	0:01:33 ago
  RX LOS                    	ok                        4   	0:01:33 ago
  TX fault                  	ok                        0   	never
  RX CDR LOL                	ok                        4   	0:01:31 ago
  TX power high alarm       	ok                        0   	never
  TX power high warn        	ok                        4   	0:02:12 ago
  TX power low alarm        	ok                        4   	0:02:21 ago
  TX power low warn         	ok                        6   	0:02:12 ago
  TX bias high alarm        	ok                        0   	never
  TX bias high warn         	ok                        0   	never
  TX bias low alarm         	ok                        0   	never
  TX bias low warn          	ok                        0   	never
  RX power high alarm       	ok                        0   	never
  RX power high warn        	ok                        0   	never
  RX power low alarm        	ok                        0   	never
  RX power low warn         	ok                        0   	never
  TX loss of alignment      	ok                        0   	never
  TX out of alignment       	ok                        0   	never
  TX clock monitor unit LOL 	ok                        0   	never
  TX reference clock LOL    	ok                        0   	never
  TX deskew LOL             	ok                        0   	never
  TX FIFO error             	ok                        0   	never
  RX demodulator LOL        	ok                        4   	0:01:30 ago
  RX CD compensation LOL    	ok                        4   	0:01:30 ago
  RX loss of alignment      	ok                        0   	never
  RX out of alignment       	ok                        0   	never
  RX deskew LOL             	ok                        0   	never
  RX FIFO error             	ok                        0   	never
  RX FEC excessive degrade  	ok                        0   	never
  RX FEC detected degrade   	ok                        0   	never
  Freq tuning in progress   	idle                      8   	0:01:32 ago
  Freq tuning busy          	ok                        0   	never
  Freq tuning invalid channel      ok                        0   	never
  Freq tuning completed     	no                        8   	0:01:30 ago
Ethernet4/1
  Operational speed         	100Gbps                       	 
  Pre-FEC bit error rate    	0.00e+00                      	 
  Post-FEC errored frames ratio 0.00e+00                      	 
  TX LOS
	Host lane 1             	ok                      2   	0:02:21 ago
	Host lane 2             	ok                      2   	0:02:21 ago
  TX CDR LOL
	Host lane 1             	ok                      2   	0:02:21 ago
	Host lane 2             	ok                      0   	never
  TX adaptive input EQ fault
	Host lane 1             	ok                      2   	0:02:21 ago
	Host lane 2             	ok                      2   	0:02:21 ago
Ethernet4/3
  Operational speed         	100Gbps                       	 
  Pre-FEC bit error rate    	0.00e+00                      	 
  Post-FEC errored frames ratio 0.00e+00                      	 
  TX LOS
	Host lane 3             	ok                      2   	0:02:21 ago
	Host lane 4             	ok                      2   	0:02:21 ago
  TX CDR LOL
	Host lane 3             	ok                      2   	0:02:21 ago
	Host lane 4             	ok                      2   	0:02:21 ago
  TX adaptive input EQ fault
	Host lane 3             	ok                      2   	0:02:21 ago
	Host lane 4             	ok                      2   	0:02:21 ago
Ethernet4/5
  Operational speed         	100Gbps                       	 
  Pre-FEC bit error rate    	0.00e+00                      	 
  Post-FEC errored frames ratio 0.00e+00                      	 
  TX LOS
	Host lane 5             	ok                      2   	0:02:21 ago
	Host lane 6             	ok                      2   	0:02:21 ago
  TX CDR LOL
	Host lane 5             	ok                      0   	never
	Host lane 6             	ok                      2   	0:02:21 ago
  TX adaptive input EQ fault
	Host lane 5             	ok                      0   	never
	Host lane 6             	ok                      2   	0:02:21 ago
Ethernet4/7
  Operational speed         	100Gbps                       	 
  Pre-FEC bit error rate    	0.00e+00                      	 
  Post-FEC errored frames ratio 0.00e+00                      	 
  TX LOS
	Host lane 7             	ok                      2   	0:02:21 ago
	Host lane 8             	ok                      2   	0:02:21 ago
  TX CDR LOL
	Host lane 7             	ok                      2   	0:02:21 ago
	Host lane 8             	ok                      2   	0:02:21 ago
  TX adaptive input EQ fault
	Host lane 7             	ok                      2   	0:02:21 ago
	Host lane 8             	ok                      0   	never

Wavelength/Frequency and Output Power Status
The show interface transceiver hardware command displays the configured and programmed wavelength and output power. It takes a short time for the configured wavelength or output power to be programmed into the transceiver. The configured wavelength/output power and programmed wavelength/output power should not differ for an extended period of time.
```
switch# show interface Ethernet23/1 trans hardware
Name: Et23/1
Media type: 400GBASE-ZR
Maximum module power (W): 20.0
Maximum slot power (W): 20.0
Configured frequency (GHz): 193100.0
Computed wavelength (nm): 1552.52
Operational frequency (GHz): 193,100.0
Operational wavelength (nm): 1552.52
Configured TX power (dBm): -10.0
Operational TX power (dBm): -10.0
```
Note: Configured transmit output power and operational transmit output power are only displayed if configurable output power is supported by the module.

Troubleshooting

Check the transceiver type: make sure it is 400GBASE-ZR.
Check the peer transceiver: make sure it is also 400GBASE-ZR.
Check that the channel/frequency is configured and the interfaces are not in error-disabled state.
Check that the selected frequency is matching on both sides of the optical link.
Check that transmit output is not disabled.
If the TX power is not configured, check that it is from -6 dB to -12 dB.
If the TX power is configured, check that it matches its configured values on both sides of the optical link.
Check the RX power. The best performance of an optical link is achieved when the received power is -10dB.
Collect the output of the CLI commands listed in the “Show commands” section before requesting support from the development team.
Check that the pre-FEC BER (show transceiver dom command) is in the correct range (less than 1E-2).
In the show transceiver status interface output, check that the module state is Ready and that data path state is Activated. Check for possible alarms and faults.

Link Issues

If a link has issues, the following commands and files are useful for debugging and for Arista TAC.

show interfaces <interfaceName> phy detail.
show interfaces <interfaceName> transceiver detail.
show idprom transceiver <interfaceName> ext.
Files in /var/log/agents/*.
Files in /var/log/qt/*.
/var/log/messages*.

Limitations

400GBASE-ZR transceivers are relatively new. The modules could be Arista-branded or 3rd party, from multiple vendors. For 3rd party optics, some optional properties (TX output power, support of 75 GHz grid) or DOM properties in the VDM pages may not be implemented.

MXP Ports

MXP ports provide embedded optics that operate in one of three modes: 10GbE (12 ports), 40GbE (3 ports), and 100GbE (1 port). Each mode requires a specified cable and is implemented through configuration commands. MXP ports utilize multi-mode fiber to provide support over 150 meters.

The 100GbE mode requires an MTP-24 to MTP-24 cable, which uses 20 of 24 fibers to carry 100GbE across 10 send and 10 receive channels. When connecting two 100GbE MXP ports, the TX lanes must be crossed with the RX lanes.
The 40GbE mode requires an MTP cable that provides a split into three MTP-12 ends. The cable splits the MXP port into three MTP-12 ends, each compatible with standard-based 40GBASE-SR4 ports over OM3 or OM4 fiber up to a 100 m or 150 m distance.
The 10GbE mode requires an MTP cable that provides a split into 12x10GbE links with LC connectors to adapt the MXP port into 12x10GbE ports. The cable splits the MXP port into twelve LC ends to connect to SR or SRL optics over multi-mode OM3/OM4 cables.

Interfaces

Arista switches provide two physical interface types that receive, process, and transmit Ethernet frames: Ethernet interfaces and Management interfaces.

Each Ethernet interface is assigned a 48-bit MAC address and communicates with other interfaces by exchanging data packets. Each packet contains the MAC address of its source and destination interface. Ethernet interfaces establish link level connections by exchanging packets. Interfaces do not typically accept packets with a destination address of a different interface.

Ethernet data packets are frames. A frame begins with preamble and start fields, followed by an Ethernet header that includes source and destination MAC addresses. The middle section contains payload data, including headers for other protocols carried in the frame. The frame ends with a 32-bit Cyclic Redundancy Check (CRC) field that interfaces use to detect data corrupted during transmission.

Ethernet Interfaces

Ethernet speed and duplex configuration options depend on the media type of the interface:

40GbE, OSFP, QSFP+, QSFP-DD, and QSFP200: Default operation is as four 10GbE ports. The speed command options support the configuration as a single 40GbE port.
1000BASE-T / 2.5GBASE-T / 5GBASE-T / 10GBASE-T (copper): The default configuration enables the Clause 28 auto-negotiation feature for the port to negotiate the speed based on the peer’s capabilities. Depending on the individual SKU’s capabilities, these ports support 10 Mbps, 100 Mbps, 1 Gbps, 2.5 Gbps, 5 Gbps, and 10 Gbps rates and half/full-duplex mode of operation. The speed auto speed_value command limits the port advertisements to a specific speed. The speed speed_value command disables the Clause 28 auto-negotiation and uses the specified speed as the forced speed setting.
10GBASE-T (SFP+): The port operates as a single 10GbE port. The speed command does not affect the configuration.
100GbE CFP2: It operates at 100 Gb/s speed. You cannot split the interface or change its speed.
100GbE MXP: Operates as three 40GbE ports on the 7050 platform. The available speed/duplex settings are: three 40GbE ports or twelve 10GbE ports. You can make adjustments with the speed command.
100GbE QSFP100: Available speeds are transceiver-dependent. The QSFP100 transceiver supports a single 100GbE port, four 25GbE ports, or two 50GbE ports; the QSFP+ transceiver supports one 40GbE port or four 10GbE ports; the CWDM transceiver supports all five configurations. You can make adjustments with the speed command.
The 1000BASE-T SFP transceivers advertise one speed at a time only. Hence, the desired speed must be configured explicitly using one of the following commands:
- speed auto: auto-negotiates the 1 Gbps speed (this is because no speed is specified, defaulting to advertise 1 Gbps).
- speed auto 1Gfull / speed auto: auto-negotiate the 1 Gbps speed (note that per the 1000BASE-T standard, 1 Gbps must be negotiated).
- speed auto 100full: auto-negotiates the 100 Mbps speed.
- speed 100full: forces the non-negotiated 100 Mbps speed.
The 10GBASE-T SFP transceivers advertise one speed at a time only, similarly to how 1000BASE-T SFPs operate, unlike native BASE-T ports. The no speed and default speed commands configure the PHY to advertise only 10 Gbps.

For information relating to transceivers, see Transceivers.

Subinterfaces

Subinterfaces divide a single Ethernet port or a port channel interface into multiple logical Layer 3 interfaces based on the 802.1Q tag (VLAN ID) of incoming traffic. Subinterfaces are commonly used in a device at the boundary between L2 and L3 domains, but they can also be used to isolate 802.1Q-tagged traffic between L3 peers by assigning each subinterface to a different VRF.

While subinterfaces can be configured on a port channel interface (the virtual interface associated with a port channel), the following restrictions apply:

An L3 interface with subinterfaces configured on it should not be made a member of a port channel
An interface that is a member of a port channel should not have subinterfaces configured
A subinterface cannot be made a member of a port channel

Subinterfaces on multiple ports can be assigned the same VLAN ID, but there is no bridging between subinterfaces (or between subinterfaces and SVIs) as each subinterface is associated with a separate bridge domain.

Subinterfaces support the following features:

Unicast and multicast routing
BGP, OSPF, ISIS, PIM
ACL
VRF
VRRP
SNMP
Subinterface counters (on some platforms)
VXLAN (on some platforms)
MPLS (on some platforms)
GRE (on some platforms)
PBR (on some platforms)
QoS (on some platforms)
Inheriting QoS settings (trust mode and default DSCP) from the parent interface
Inheriting MTU setting from parent interface

The following capabilities instead are not supported:

Per-subinterface MTU setting
Per-subinterface SFLOW settings
Per-subinterface mirroring settings

Shared Shaper across Multiple Subinterfaces

Sub-interfaces can be grouped into logical units called scheduling groups, which are shaped as a single unit. Each scheduling group may be assigned a scheduling policy which defines a shape rate in kbps and optionally a guaranteed bandwidth, also in kbps.

The guaranteed bandwidth is used if the sum of the shape rates of all scheduling groups and sub-interfaces that are not part of groups for a parent interface exceeds the available bandwidth. Each sub-interface within that scheduling group may have its own independent shape rate which are applied in a hierarchical manner.

Adding a sub-interface to a scheduling group results in allocation of dedicated Virtual Output Queues (VOQ) for the sub-interface.

Configuring Shared Shaper

Scheduling groups and scheduling policies are configured in the qos scheduling CLI mode.

First, configure one or more sub-interfaces.

Then, create a scheduling policy with the desired shape rate and optional guaranteed bandwidth:

switch(config)# qos scheduling
switch(config-qos-scheduling)# scheduling policy P1
switch(config-qos-scheduling-policy-P1)# shape rate 75000000
switch(config-qos-scheduling-policy-P1)# bandwidth guaranteed 10000000

The shape rate and guaranteed bandwidth may also be defined as percents of the next highest level of the hierarchy (in this case line rate):
```
switch(config-qos-scheduling-policy-P1)# shape rate 75 percent
switch(config-qos-scheduling-policy-P1)# bandwidth guaranteed percent 10
```

Create the scheduling group on the parent interface:

switch(config)# qos scheduling
switch(config-qos-scheduling)# interface et1
switch(config-qos-scheduling-intf-Ethernet1)# scheduling group G1

Assign a policy to the scheduling group:

switch(config-qos-scheduling-intf-Ethernet1-group-G1)# policy P1

Assign members to the scheduling group (members may be put all on one line or on separate lines):
```
switch(config-qos-scheduling-intf-Ethernet1-group-G1)# members et1.1 et1.2
```

Show Commands

QoS configuration on one or more scheduling groups. Both group name and parent interface name are optional, in which case all groups are displayed as shown in the example below:

Example

switch# show qos scheduling group G1 Ethernet1
Interface: Et1
Scheduling Group Name: G1
Bandwidth: 10.1 / 10.0 (Gbps)
Shape Rate: 75.2 / 75.0 (Gbps)

Member         Bandwidth        Shape Rate
                (units)           (units)
------       -------------  ------------------
Et1.1           - /  - (-)  50.1 / 50.0 (Gbps)
Et1.2           - /  - (-)  30.1 / 30.0 (Gbps)

QOS configuration on a parent interface will show scheduling groups configured on the parent interface.

Example

switch# show qos interface Ethernet1
Ethernet1:

   Trust Mode: DSCP
   Default COS: 0
   Default DSCP: 0

   Port shaping rate: disabled

Scheduling Group        Bandwidth           Shape Rate
                         (units)             (units)
----------------    ------------------  ------------------
G1                  10.1 / 10.0 (Gbps)  75.1 / 75.0 (Gbps)

The entire scheduling hierarchy for a subinterface can be displayed. This displays the shape rate for each transmit queue and then the shape rate and guaranteed bandwidth at every other level of the hierarchy.

Example

switch# show qos scheduling hierarchy Ethernet1.1
Interface     Hierarchy Level            Bandwidth             Shape Rate
                                         (units)               (units)
---------    -------------------------  ------------------     ----------------
Et1/1.100     tx queue (0)                  - /    -            100 / 100 (Mbps)
              tx queue (2)                  - /    -            200 / 200 (Mbps)
              subinterface (Et1/1.1)      100 /  100 (Mbps)     500 / 500 (Mbps)
              group (G1)                  10 /   10 (Gbps)       75 /  75 (Gbps)
              parent (Et1/1) (100 Gbps)    - /    -               - /   -  ( - )

Agile Ports

Agile ports are a feature of the 7150S series that allows the user to configure blocks of 4 adjacent SFP+ interfaces as a single 40GbE link. The hardware configuration restricts the set of interfaces that can be combined to form a higher speed port: only interfaces that pass through a common PHY component can be combined.

One interface within a combinable set is designated as the primary port. When the primary interface is configured as a higher speed port, all configuration tasks are performed on that interface. All other interfaces in the set are subordinated to the primary interface and are notindividually configurable when the primary interface is configured as the higher speed port. This feature allows the 7150S-24 to behave as a 4x40GbE switch (using 16 SFP+ modules) while the remaining SFP+ modules provide eight 10GbE ports. On the 7150S-52 this capability supports up to 13 40GbE ports (all 52 ports configured in groups of four, each running at 40 Gb/s speed) and on the 7150S-64 agile ports enable the switch to be deployed with up to 16 40GbE interfaces: four are native QSFP+ ports while the remaining 12 are configured as 4xSFP+ groups.

Management Interfaces

A management interface is a Layer 3 host port that is typically connected to a management station for performing out-of-band switch management tasks. Each switch has one or two management interfaces. Only one port needs to manage the switch; the second port, when available, provides redundancy.

Management interfaces are 10/100/1000 BASE-T interfaces. By default, auto-negotiation is enabled on management interfaces. All combinations of 10/100/1000 speeds and full or half duplex are enforceable on these interfaces through the speed command.

Management ports are enabled by default. The switch cannot route packets between management ports and network ports because they are in separate routing domains. When the management station is multiple hops from the management port, packet exchanges through Layer 3 devices between the management port and management station may require the enabling of routing protocols.

The Ethernet management ports can be accessed remotely over a common network or locally through a directly connected computer. An IP address and a static route to the default gateway must be configured to be able to access the switch through a remote connection.

Tunable SFP Modules

Tuning of DWDM 10GbE SFP+ transceivers (10GBASE-DWDM) includes:

Tuning the transceiver wavelength/frequency by channel number.
Showing the wavelengths/frequencies for specified channels supported by the transceiver.
Showing the current wavelength/frequency settings of the transceiver interface.

For information about tuning the transceiver wavelength/frequency by channel number, refer to the command transceiver channel. To show the current wavelength/frequency settings for specified channels, refer to the command show interfaces transceiver channels. To show the current wavelength/frequency settings of an interface, refer to the command show interfaces transceiver hardware.

MRU Enforcement

Maximum Receive Unit (MRU) enforcement provides the ability to drop frames that exceed a configured threshold on the ingress interface.

Configuring MRU Enforcement

MRU is configurable per-interface, and can be configured on Ethernet and Port-Channel interfaces. Frames with size greater than the configured MRU value drop on the ingress, and do not forward to the destined egress interface. MRU enforcement happens at the Ethernet interface and applies to both L2 and L3 traffic. Note that FCS (frame check sequence) is included in the frame size.

Ethernet Interface

switch(config)# interface ethernet 1
switch(config)# l2 mru 9000

Frames with size greater than 9000 bytes ingressing into Ethernet1 are dropped.

Port-Channel Interface

Members of a Port-Channel interface inherit the Port-Channel interface’s MRU value. Members’ MRU configured in the Ethernet interface configuration mode has no effects.

switch(config)# interface ethernet 1 - 4
switch(config-if-Et1-4)# channel-group 10 mode active
switch(config)# interface port-Channel 10
switch(config-if-Po10)#

Frames with size greater than 9000 bytes ingressing into Ethernet1, 2, 3, and 4 are dropped.

Sub-interfaces

MRU configured on an Ethernet interface or Port-Channel are applied to all of its sub-interfaces.

Default Behaviours

By default, MRU is set to the maximum value.

For DCS-7280R3 and DCS-7500R3 series.
- The maximum MRU is 10240 bytes.
For other supported platforms
- In TapAgg mode, the maximum MRU is 10240 bytes.
- In non TapAgg mode, the maximum MRU is 10200 bytes.

MRU Enforcement Show commands

The show interface output displays the MRU on an interface.

switch(config)# show interface ethernet 1
Ethernet1 is up, line protocol is up (connected)
  Hardware is Ethernet, address is 444c.a8b7.1ed8 (bia 444c.a8b7.1ed8)
  Member of Port-Channel10
  Ethernet MTU 10178 bytes, Ethernet MRU 1500 bytes, BW 10000000 kbit
  Full-duplex, 10Gb/s, auto negotiation: off, uni-link: disabled.

Counters

MRU-dropped packets are counted per-chip.

The show platform fap mapping output displays the mapping between the chips and their corresponding Ethernet interfaces.

switch(config)# show platform fap mapping interface Ethernet 1
Jericho0 (FapId: 0  BaseSystemCoreId: 0)
Port             SysPhyPort   Voq   Core  FapPort  OtmPort BaseQPair QPairs Xlge NifPort
----------------------------------------------------------------------------------------
Ethernet1        100          2608  0     2        0        0         8     8    33

The show hardware counter drop output displays the per-chip Reassembly Errors counters.

switch(config)# show hardware counter drop
Type  Chip       CounterName       : Count    : First Occurrence    : Last Occurrence
-----------------------------------------------------------------------------------------
A     Jericho0   ReassemblyErrors  : 12132989 : 2020-09-22 17:05:45 : 2020-09-22 17:22:40

Displaying Interface Interactions

The show interfaces interactions command provides a resource that explains various relationships between Ethernet interfaces. It describes interactions in which a configuration on an interface causes another set of interfaces to become inactive or have reduced capabilities. Examples include a primary interface consuming subordinate interfaces to service four-lane speed or platform restrictions that require four interfaces to operate at the same speed.

No Interactions

If no interaction information exists for the given interfaces, the output displays No interfaces interactions. Depending on what configurations have interactions, the line could appear at a number of different indentation levels. The display rules are as follows:

If all specified interfaces have no interactions, print at the first indentation level.
If only some specified interfaces have no interactions and those interfaces have no interactions at any speeds, print at the second indentation level for those interfaces.
If only some specified interfaces have no interactions and those interfaces only have interactions at some speeds, print at the third indentation level for those speeds.

switch# show int et1,2 interactions
No interfaces interactions
                            
switch# show int et1,2,5/1 interactions
* = includes less than 10G speeds that the interface is capable of
                            
Ethernet1
  No interactions with other interfaces
Ethernet2
  No interactions with other interfaces
Ethernet5/1
  For speed 40G
    Ethernet5/2-4 become inactive
  For speed 10G*
    No interactions with other interfaces

Inactive Interfaces

If a configuration on an interface causes other interfaces to become inactive, a message similar to the ones bolded below is displayed. A common example of this is configuring a QSFP28 port for 100GbE speed, which results in the /2,/3, and /4 interfaces becoming inactive. Note that display information for inactive interfaces is included in the specified range, ignoring whether or not inactive interfaces are exposed.

switch#show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of
                    
Ethernet11/1:
  For speed 100G-4
  Ethernet11/2-4 become inactive
  For speed 50G-2
   Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
   For speed 40G
     Ethernet11/2-4 become inactive
   For speed 25G
      Ethernet11/2-4 are limited to 25G
   For speed 10G*
      Ethernet11/2-4 are limited to 10G*
Ethernet11/3:
  For speed 50G-2
      Ethernet11/4 becomes inactive
       Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
       Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
       Primary interface Ethernet11/1 must be operating at 10G*

Required Primary Interface Configuration

Some interface configurations require a particular primary interface configuration to function. These interactions are captured with messages similar to the ones bolded below.

switch#show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of
                    
Ethernet11/1:
  For speed 100G-4
    Ethernet11/2-4 become inactive
  For speed 50G-2
    Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
  For speed 40G
    Ethernet11/2-4 become inactive
  For speed 25G
    Ethernet11/2-4 are limited to 25G
  For speed 10G*
    Ethernet11/2-4 are limited to 10G*
    Ethernet11/3:
  For speed 50G-2
    Ethernet11/4 becomes inactive
   Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
    Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
    Primary interface Ethernet11/1 must be operating at 10G*

Hardware Speed-Group Requirements

Some interface configurations require an additional speed-group configuration to operate correctly. If speed-group configurations are required, a message is displayed similar to the ones bolded below.

Note: A single speed-group may include more than one compatibility setting. Using the example below as reference, Ethernet1/1 at 100G-4 speed and Ethernet2/1 at 40G speed are compatible configurations as long as hardware speed-group 1 can include 50g and 10g rates simultaneously.

switch# show interfaces et1/1,2/1 interactions* = includes less than 10G speeds that the interface is capable of
                
Ethernet1/1:
  For speed 100G-4
    Ethernet1/2-4 become inactive
   Hardware speed-group 1 must include 50g
  For speed 40G
    Ethernet1/2-4 become inactive
   Hardware speed-group 1 must include 10g
  For speed 25G
    Ethernet2/1,2/3 become inactive
    Ethernet1/3 is limited to 25G/10G
    Hardware speed-group 1 must include 25g
  For speed 10G
    Ethernet2/1,2/3 become inactive
    Ethernet1/3 is limited to 25G/10G
   Hardware speed-group 1 must include 10g
    Ethernet2/1:
  For speed 100G-4
    Ethernet2/3 becomes inactive
    Ethernet1/1 must be operating at 100G-4/50G-2/40G
   Hardware speed-group 1 must include 50g
  For speed 40G
    Ethernet2/3 becomes inactive
    Ethernet1/1 must be operating at 100G-4/50G-2/40G
   Hardware speed-group 1 must include 10g

Compatible Parent Interface Configuration

The parent interface may be configured to any one of the compatible rates on the list. Additionally, more than one interface may be required to be configured at a compatible rate. These interactions are captured with messages similar to the ones bolded below

Note: Using the example below as a reference, suppose that Ethernet1/1 is configured to 100G-4 and that the goal is to configure Ethernet1/8 to 50G-1. According to the display, Ethernet1/1 is configured to a compatible rate. In order for Ethernet1/1 to operate at the 100G-4 speed, hardware speed-group 1 must be configured to include the 25g compatibility setting. Additionally, hardware speed-group 1 must also include the 50g compatibility setting to enable Ethernet1/8 to operate at 50G-1. Interactions on Ethernet1/5 and Ethernet1/7 must be considered as well.

switch# show interfaces et1/1,1/8 interactions
* = includes less than 10G speeds that the interface is capable of
                    
Ethernet1/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
  For speed 400G-8
    Ethernet1/2-8 become inactive
    Hardware speed-group 1 must include 50g
  For speed 200G-4
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 50g
  For speed 100G-2
    Ethernet1/2 becomes inactive
    Hardware speed-group 1 must include 50g
  For speed 100G-4
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 25g
  For speed 50G-1
    Hardware speed-group 1 must include 50g
  For speed 50G-2
    Ethernet1/2 becomes inactive
    Hardware speed-group 1 must include 25g
  For speed 40G
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 10g
  For speed 25G
    Hardware speed-group 1 must include 25g
  For speed 10G
    Hardware speed-group 1 must include 10g
Ethernet1/8:
  For speed 50G-1
   Ethernet1/1 must be operating at 200G-4/100G-2/100G-4/50G-1/50G-2/40G/25G/10G
   Ethernet1/5 must be operating at 100G-2/50G-1/50G-2/25G/10G
   Ethernet1/7 must be operating at 50G-1/25G/10G
    Hardware speed-group 1 must include 50g

Speed-limited Interfaces

Some interface configurations limit the speed at which other interfaces can operate. If such limitations occur, a message is displayed similar to the ones bolded below.

switch# show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of
                    
Ethernet11/1:
   For speed 100G-4
     Ethernet11/2-4 become inactive
   For speed 50G-2
     Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
   For speed 40G
     Ethernet11/2-4 become inactive
   For speed 25G
    Ethernet11/2-4 are limited to 25G
   For speed 10G*
    Ethernet11/2-4 are limited to 10G*
Ethernet11/3:
  For speed 50G-2
    Ethernet11/4 becomes inactive
    Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
    Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
    Primary interface Ethernet11/1 must be operating at 10G*

Interfaces Sharing Logical Ports

Some interface ranges share logical port resources. If an interface shares logical ports with other interfaces, a message displays similar to the ones bolded below.

Note: There must be logical ports available for an interface to become operational. Not all interfaces sharing logical ports can be operational simultaneously. Inactive interfaces do not consume a resource.

switch# show interfaces et1/1,4/1 interactions
* = includes less than 10G speeds that the interface is capable of
                    
Ethernet1/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
     For speed 400G-8
        ...
Ethernet4/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
     For speed 400G-8
           ...

Dynamic Link Flap Damping

Overview

Dynamic Link Flap Damping detects interfaces with excessive numbers of update messages (flapping) on the network and triggers a damping mechanism temporarily holding the interface’s link in a down state. This mechanism smooths out link flapping occurrences and reduces network churn.

The EOS Link Flap Damping algorithm uses the BGP Route Flap Damping algorithm described in IETF RFC 2439 as the basis for this feature. The algorithm maintains a demerit metric to represent the quality of the link. A higher metric indicates a poor quality of the link. When the link status transitions from an up to a down status, the demerit value of the link increases proportionally by a configured parameter. After the link demerit metric reaches the configured threshold, the link status changes to damped, and the status changes to down. Over time, the demerit metric exponentially decreases, and after the value reaches the configured reuse threshold, the link status changes to up, and the link becomes available on the network.

Link Flap Damping Algorithm Parameters

Remote Fault Penalty - The value added to the link demerit metric when the interface reports a remote fault.
Local Fault Penalty - The value added to the link demerit metric when the interface reports a local fault.
Suppress Threshold - The link demerit value for link damping.
Reuse Threshold - The link demerit value for a damped interface to recover and become available on the network.
Tracking Threshold - The link demerit value to stop the tracking of the interface for link damping. The value uses half of the reuse threshold value.
Maximum Threshold - The maximum possible value configured for the demerit metric.
Demerit Half Life Time - The time required for the demerit metric to degrade to half of the current value with no interface flaps. A lower half-life time translates to a faster recovery from the damped state.

Ethernet Configuration Procedures

These sections describe Ethernet and Management interface configuration procedures:

Physical Interface Configuration Modes
Assigning a MAC Address to an Interface
Port Groups (QSFP+ and SFP+ Interface Selection)
Referencing Modular Ports
Referencing Multi-lane Ports
Hitless Speed Change with Dynamic Logical Ports
QSFP+ Ethernet Port Configuration
QSFP100 Ethernet Port Configuration
CFP2 Ethernet Port Configuration
Default QSFP Mode Support
MXP Ethernet Port Configuration
Port Speed Capabilities
Agile Ports
Subinterface Configuration
Maximum Latency Tail-drop Thresholds
Autonegotiated Settings
Displaying Ethernet Port Properties
Ingress Counters
Configuring Ingress Traffic-Class Counters
Ingress and Egress Per Port for IPv4 and IPv6 Counters Overview
Hardware Counter Support
Configuring Power over Ethernet (PoE)
Configuring Link Fault Signaling
Ethernet OAM Connectivity Fault Management (CFM)
Configuring Ethernet OAM Delay Measurement
Configuring Ethernet OAM Loss Measurement
Configuring Hardware TCAM
CPU Traffic Policy
URL-based Field Sets in Traffic Policy
TCAM Profile for Configurable Port Qualifier Sizing
Configuring Dynamic Link Flap Damping
Internet Control Message Protocol (ICMP) Probing

Physical Interface Configuration Modes

The switch provides two configuration modes for modifying Ethernet parameters:

Interface-Ethernet mode configures parameters for specified Ethernet interfaces.
Interface-Management mode configures parameters for specified management Ethernet interfaces.

Physical interfaces cannot be created or removed.

Multiple interfaces can be configured simultaneously. Commands are available for configuring Ethernet-specific, Layer 2, Layer 3, and application layer parameters. Commands that modify protocol-specific settings in Ethernet configuration mode are listed in the protocol chapters.

The interface ethernet command places the switch in Ethernet-interface configuration mode.
The interface management command places the switch in management-interface configuration mode.

Examples

This command places the switch in Ethernet-interface mode for interface ethernet 5-7 and 10.
```
switch(config)# interface ethernet 5-7,10
switch(config-if-Et5-7,10)#
```
This command places the switch in management-interface mode for management interface 1.
```
switch(config)# interface management 1
switch(config-if-Ma1)#
```

Assigning a MAC Address to an Interface

Ethernet and management interfaces are assigned a MAC address when manufactured. This address is the burn-in address.

The mac-address command assigns a MAC address to an interface in place of the burn-in address. The no mac-address command reverts an interface's current MAC address to its burn-in address.

Examples

This command assigns the MAC address of 001c.2804.17e1 to Ethernet interface 7.
```
switch(config-if-Et7)# mac-address 001c.2804.17e1
```

This command displays the MAC address of interface ethernet 7. The active MAC address is 001c.2804.17e1. The burn-in address is 001c.7312.02e2.

switch(config-if-Et7)# show interface ethernet 7
Ethernet7 is up, line protocol is up (connected)
  Hardware is Ethernet, address is 001c.2804.17e1 (bia 001c.7312.02e2)
  Description: b.e45
switch(config-if-Et7)#

Port Groups (QSFP+ and SFP+ Interface Selection)

Several of Arista’s fixed switches limit the number of 10 Gb/s data lanes in operation through the use of port groups. A port group is a set of interfaces that can be configured as four SFP+ interfaces or a single QSFP+ interface. When configured in SFP+ mode, the port group enables four standalone 10GbE interfaces using SFP+ optics. When configured in QSFP+ mode, the port group enables a single QSFP+ interface (in addition to the dedicated QSFP+ ports), which can operate as a single 40GbE port or as four 10GbE ports with the appropriate breakout cabling.

Hardware port groups are used on the following systems:

DCS-7050Q-16
DCS-7050QX-32S

Use the hardware port-group command to select the interface mode for the specified port group.

Note: The hardware port-group command restarts the forwarding agent, which disrupts traffic on all switch ports.

Example

These commands configure the DCS-7050-Q16 switch to enable four SFP+ interfaces and one extra QSFP+ interface by enabling the SFP+ interfaces in port-group 1 and the QSFP+ interface in port-group 2.

switch(config)# hardware port-group 1 select Et17-20
switch(config)# hardware port-group 2 select Et16/1-4

The show hardware port-group command displays the status of ports in the port groups.

Example

This command displays the status of the flexible ports within the two port groups on a DCS-7050Q-16 switch.

switch# show hardware port-group

Portgroup: 1    Active Ports: Et17-20
Port            State
------------------------------------------
Ethernet17      Active
Ethernet18      Active
Ethernet19      Active
Ethernet20      Active
Ethernet15/1    ErrDisabled
Ethernet15/2    ErrDisabled
Ethernet15/3    ErrDisabled
Ethernet15/4    ErrDisabled

Portgroup: 2    Active Ports: Et16/1-4
Port            State
------------------------------------------
Ethernet16/1Active
Ethernet16/2Active
Ethernet16/3Active
Ethernet16/4Active
Ethernet21ErrDisabled
Ethernet22ErrDisabled
Ethernet23ErrDisabled
Ethernet24ErrDisabled

DCS-7280CR3-36S

The DCS-7280CR3-36S has 28 dedicated 100Gb/s QSFP ports, plus two port groups. The port groups support either two additional QSFP-DD (400Gb/s) ports or four QSFP56 (200Gb/s) ports as shown in Table 3.

Table 3. DCS-7280CR3-36S Port Groups
Port Group 1 Active Interface(s)		Port Group 2 Active Interface(s)
In QSFP-DD Mode	In QSFP56 Mode (Default)	In QSFP-DD Mode	In QSFP56 Mode (Default)
Et33/1-8 (one QSFP-DD port)	Et33/1-4,Et34/1-4 (two QSFP56 ports)	Et35/1-8 (one QSFP-DD port)	Et35/1-4,Et36/1-4 (two QSFP56 ports)

DCS-7050Q-16

The DCS-7050Q-16 has 14 dedicated QSFP+ ports plus two port groups. The port groups support either two additional QSFP+ ports or eight SFP+ ports, as shown in DCS-7050Q-16 Port Groups.

Table 4. DCS-7050Q-16 Port Groups
Port Group 1 Active Interface(s)		Port Group 2 Active Interface(s)
In SFP+ Mode	In QSFP+ Mode (Default)	In SFP+ Mode	In QSFP+ Mode (Default)
Et17-20 (four SFP+ ports)	Et15/1-4 (one QSFP+ port)	Et21-24 (four SFP+ ports)	Et16/1-4 (one QSFP+ port)

DCS-7050QX-32S

The DCS-7050QX-32S has 31 dedicated QSFP+ ports plus one port group. The port group supports either one additional QSFP+ port or four SFP+ ports, as shown in DCS-7050QX-32S Port Groups.

Table 5. DCS-7050QX-32S Port Groups
Port Group 1 Active Interface(s)
In SFP+ Mode	In QSFP+ Mode (Default)
Et1-4 (four SFP+ ports)	Et5/1-4 (one QSFP+ port)

Referencing Modular Ports

Arista modular switches provide port access through installed line cards. A modular switch's maximum number of line cards varies with the switch series and model.

Several CLI commands modify modular parameters for all ports on a specified line card or controlled by a specified chip. This manual uses these conventions to reference modular components:

card_x refers to a line card.
module_y refers to a QSFP+ module.
port_z refers to a line card or module port.

Commands that display Ethernet port status use the following conventions:

SFP ports: card_x/port_z to label the line card/port location of modular ports.
QSFP ports: card_x/module_y/port_z to label the line card/port location of modular ports.

The QSFP+ Ethernet Port Configuration section describes QSFP+ module usage.

Example

This command displays the status of interfaces 1 to 9 on line card 4:

switch# show interface ethernet 4/1-9 status
Port      Name              Status       Vlan        Duplex  Speed Type
Et4/1                       connected    1             full    10G Not Present
Et4/2                       connected    1             full    10G Not Present
Et4/3                       connected    1             full    10G Not Present
Et4/4                       connected    1             full    10G Not Present
Et4/5                       connected    1             full    10G Not Present
Et4/6                       connected    1             full    10G Not Present
Et4/7                       connected    1             full    10G Not Present
Et4/8                       connected    1             full    10G Not Present
Et4/9                       connected    1             full    10G Not Present
switch>

Referencing Multi-lane Ports

EOS supports two types of Ethernet ports:

single-lane (also called fixed-lane).
multi-lane (also called flexible-lane).

Single-lane (or fixed-lane) ports are always modeled as a single interface within EOS. While the speed of the interface may be configurable, the physical port can never be broken out into multiple lower-speed interfaces. Single-lane ports use the following naming scheme:

Ethernet <port #> (for fixed switches).
Ethernet <module #>/<port #> (for modular switches).

Multi-lane (or flexible lane) ports comprise multiple parallel lanes, each served by its own laser. Multi-lane ports can be configured to combine the lanes and operate as a single native high-speed interface (a 40GbE or 100GbE interface) or to operate each lower-speed interface independently (four 10GbE or 25GbE interfaces). Multi-lane ports use the following naming scheme:

Ethernet port #/lane # (for fixed switches).
Ethernet module #/port #/lane # (for modular switches).

The operational state displayed for each lane of a multi-lane port is determined by the configuration applied to the primary lane(s), as shown in the Lane States table. When broken out into multiple lower-speed interfaces, all lanes are active in parallel, and each will display its operational state as connected or not connected. In high-speed mode, only the primary lane(s) are displayed as active, with the remaining lanes showing as errdisabled. The exception is the CFP2 module: when it is configured as a single 100GbE port, the primary lane is displayed as active in the CLI while the other lanes are hidden.

Table 6. Lane States
Parent Port Configured Mode	Primary Lane(s)	Secondary Lanes
single high-speed interface	active (connected/not connected)	inactive (errdisabled)
multi-interface breakout	active (connected/not connected)	active (connected/not connected)

A multi-lane port is configured as a single high-speed interface or multiple breakout interfaces by using the speed command on the port's primary lane(s). For specific configuration instructions and details regarding the primary lane(s) of a specific interface, refer to the configuration section of the appropriate interface type:

QSFP+ Ethernet Port Configuration
QSFP100 Ethernet Port Configuration
CFP2 Ethernet Port Configuration
MXP Ethernet Port Configuration

Note: Use of the speed command to configure a multi-lane port is hitless on the 7050X, 7060X, 7250X, 7260X, 7280CR3, 7280SE, 7300X, 7320X, and 7500E series platforms. On all other platforms, this command restarts the forwarding agent, which results in traffic disruption. On the 7160 series platform, use of the speed command is hitless but, if the command changes the number of port lanes, packets may be dropped on unrelated ports.

Hitless Speed Change with Dynamic Logical Ports

Higher speed ports on several switches can be broken out into multiple interfaces that can be configured at lower speeds. Each of these interfaces is called a Logical Port (LP). Switches such as the DCS-7260CX3-64 allocate and deallocate the logical ports dynamically to optimize hardware resources. Care must be taken for hitless speed changes, as a speed change on a Dynamic Logical Port (DLP) may impact the status of one or more related DLP(s).

Checking the Status of DLPs

The following example applies to a switch that supports a breakout of a 100GbE physical port into 4 25GbE DLPs.

The following command displays the status of Et45/1-4 when a 100GbE physical port is broken out into 4 25GbE DLPs.

switch(config)# show interfaces ethernet 45/1-4 status
Port   	Name   Status       Vlan 	Duplex Speed  Type        Flags 
Et45/1        	notconnect   1    	full   25G    Not Present
Et45/2        	notconnect   1    	full   25G    Not Present
Et45/3        	notconnect   1    	full   25G    Not Present
Et45/4        	notconnect   1    	full   25G    Not Present

The following example displays the inactive interfaces (DLPs) when the 100GbE physical port is configured to the 100G speed.

switch(config)# show interfaces ethernet 45/1-4 status
Port   	Name   Status       Vlan 	Duplex Speed  Type        Flags
Et45/1        	notconnect   1    	full   100G   Not Present
Et45/2        	inactive     1    	unconf unconf Not Present
Et45/3        	inactive     1    	unconf unconf Not Present
Et45/4        	inactive     1    	unconf unconf Not Present

By default, this command does not display inactive interfaces. To enable (or disable) showing them, use the following command.

switch(config)# [no] service interface inactive expose

Only systems without DLP allocation have enough logical ports for every interface to be active simultaneously.

The following example displays the logical port pool information and current logical port allocation status for a fully loaded switch.

switch> show hardware logical-port pool status
Pool Max Free Configured Interfaces
---- --- ---- ---------- ------------------------------------------------------
   1  18    2         16 Et2/5/1-2/8/4,3/5/1-3/8/4,4/5/1-4/8/4,5/9/1-5/12/4
   2  18    2         16 Et2/1/1-2/4/4,3/9/1-3/12/4,4/1/1-4/4/4,5/5/1-5/8/4
   3  18    2         16 Et2/9/1-2/12/4,3/1/1-3/4/4,4/9/1-4/12/4,5/1/1-5/4/4
   4  18    2         16 Et2/13/1-2/16/4,3/13/1-3/16/4,4/13/1-4/16/4,5/13/1-5/16/4
   5  18    2         16 Et6/13/1-6/16/4,7/13/1-7/16/4,8/13/1-8/16/4,9/13/1-9/16/4
   6  18    2         16 Et6/1/1-6/4/4,7/9/1-7/12/4,8/1/1-8/4/4,9/9/1-9/12/4
   7  18    2         16 Et6/5/1-6/8/4,7/1/1-7/4/4,8/9/1-8/12/4,9/1/1-9/4/4
   8  18    2         16 Et6/9/1-6/12/4,7/5/1-7/8/4,8/5/1-8/8/4,9/5/1-9/8/4

The following example displays the logical port pool information and current logical port allocation status for a switch with only line cards 3, 4, 5, and 7 inserted.

switch> show hardware logical-port pool status
Pool Max Free Configured Interfaces
---- --- ---- ---------- ------------------------------------------------------
   1  18    8         10 Et3/5/1-3/8/4,4/2/1-8,5/3/1-8
   2  18   12          6 Et3/9/1-3/12/4,4/1/1-8,5/2/1-8
   3  18    8         10 Et3/1/1-3/4/4,4/3/1-8,5/1/1-8
   4  18    7         11 Et3/13/1-3/16/4,4/4/1-8,5/4/1-8
   5  18   16          2 Et7/13/1-7/16/4
   6  18   14          4 Et7/9/1-7/12/4
   7  18   14          4 Et7/1/1-7/4/4
   8  18   12          6 Et7/5/1-7/8/4

QSFP+ Ethernet Port Configuration

Each QSFP+ module contains four data lanes which can be used individually or combined to form a single, higher-speed interface. This arrangement allows a QSFP+ Ethernet port to be configured as a single 40GbE interface or four 10GbE interfaces.

When the four lanes are combined to form a 40GbE interface, show commands display lane /1 as connected or not connected and display lanes /2 through /4 as errdisabled.

The following sections describe the configuration of QSFP+ ports.

Configuring a QSFP+ Module as a Single 40GbE Interface

To configure a port as a single 40GbE interface, combine the module’s four data lanes using the speed command (speed forced 40g full) on the port’s /1 lane (the primary lane).

Note: Use of the speed command to configure a multi-lane port is hitless on the 7050X, 7060X, 7250X, 7260X, 7280SE, 7300X, 7320X, and 7500E series platforms. On all other platforms, this command restarts the forwarding agent, which results in traffic disruption. On the 7160 series platform, use of the speed command is hitless but, if the command changes the number of port lanes, packets may be dropped on unrelated ports.

Enter interface Ethernet configuration mode for lane /1 of the QSFP+ Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 40gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 40gfull
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status
Port Name Status       Vlan  Duplex  Speed   Type         Flags
Et1       connected    2     full    1G      10GBASE-T
    <-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1   connected    1     full    40G     40GBASE-SR4
Et5/1/2   errdisabled  1     unconf  unconf  40GBASE-SR4
Et5/1/3   errdisabled  1     unconf  unconf  40GBASE-SR4
Et5/1/4   errdisabled  1     unconf  unconf  40GBASE-SR4
     <-------OUTPUT OMITTED FROM EXAMPLE-------->

Configuring a QSFP+ Module as Four 10GbE Interfaces

To configure a port as four 10GbE interfaces, use the speed command (speed 10000full) on the port’s /1 lane (the primary lane).

Enter interface Ethernet configuration mode for lane /1 of the QSFP+ Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 10000full command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 10000full
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status  
PortNameStatusVlanDuplexSpeedTypeFlags 
Et1connected2full1G10GBASE-T 
Et5/1/1connected1full10G40GBASE-SR4 
Et5/1/2connected1full10G40GBASE-SR4 
Et5/1/3connected1full10G40GBASE-SR4 
Et5/1/4connected1full10G40GBASE-SR4

QSFP100 Ethernet Port Configuration

Each QSFP100 module contains four data lanes which can be used individually or combined to form a single, higher-speed interface. This arrangement allows a QSFP100 Ethernet port to be configured as a single 100GbE interface, a single 40GbE interface, or four 10GbE interfaces. The default mode is a single 100GbE interface.

The 7060X, 7260X, and 7320X platforms also allow a QSFP100 port to be configured as two 50GbE interfaces or four 25GbE interfaces.

When the lanes are combined to form a higher-speed interface, show commands display the primary lane(s) as connected or not connected and the other lanes as errdisabled.

The following sections describe the configuration of QSFP+ ports.

Configuring a QSFP100 Module as a Single 100GbE Interface

By default, a QSFP100 module operates as a single 100GbE interface. Applying the default speed or no speed command on the primary lane restores the default behavior.

To explicitly configure the port as a single 100GbE interface, combine the module’s four data lanes using the speed command (speed 100gfull) on the port’s /1 lane (the primary lane).

Enter the interface Ethernet configuration mode for lane /1 of the QSFP100 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 100gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 100gfull
```

Use the show interfaces status command to confirm the change in the configuration.


switch(config-if-Et5/1/1)# show interfaces status
Port    Name     Status       Vlan  Duplex  Speed  Type         Flags 
Et1              connected    2     full    1G     10GBASE-T 
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1          connected    1     full    100G   100GBASE-SR4 
Et5/1/2          errdisabled  1     unconf  unconf 100GBASE-SR4 
Et5/1/3          errdisabled  1     unconf  unconf 100GBASE-SR4 
Et5/1/4          errdisabled  1     unconf  unconf 100GBASE-SR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Configuring a QSFP100 Module as Two 50GbE Interfaces

To configure a port as two 50GbE interfaces, configure the module’s four data lanes using the speed command (speed 50gfull) on the port’s /1 and /3 lanes. This configuration is available on the 7060X, 7260X, and 7320X platforms.

Note:

Use of the speed command to configure a multi-lane port is hitless on the 7050X, 7060X, 7250X, 7260X, 7280CR3, s7280SE, 7300X, 7320X, and 7500E series platforms. On all other platforms, this command restarts the forwarding agent, whichresults in traffic disruption. On the 7160 series platform, use of the speed command is hitless but, if the command changes the number of port lanes, packets may be dropped on unrelated ports.

Enter the interface Ethernet configuration mode for lane /1 of the QSFP100 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 50gfullcommand. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 50gfull
```

Repeat the above steps for lane /3.

switch(config-if-Et5/1/1)# interface ethernet 5/1/3
switch(config-if-Et5/1/3)# speed 50gfull

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status 
Port       Name    Status       Vlan  Duplex  Speed  Type         Flags
Et1                connected    2     full    1G     10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1            connected    1     full    50G    100GBASE-SR4
Et5/1/2            errdisabled  1     unconf  unconf 100GBASE-SR4
Et5/1/3            connected    1     full    50G    100GBASE-SR4
Et5/1/4            errdisabled  1     unconf  unconf 100GBASE-SR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Configuring a QSFP100 Module as a Single 40GbE Interface

To configure a port as a single 40GbE interface, combine the module’s four data lanes by using the speed command (speed 40gfull) on the ports /1 lane (the primary lane).

Note:

Use of the speed command to configure a multi-lane port is hitless on the 7050X, 7060X, 7250X, 7260X, 7280CR3, 7280SE, 7300X, 7320X, and 7500E series platforms. On all other platforms, this command restarts the forwarding agent, which results in traffic disruption. On the 7160 series platform, use of the speed command is hitless but, if the command changes the number of port lanes, packets may be dropped on unrelated ports.

Enter interface Ethernet configuration mode for lane /1 of the QSFP100 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 40gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 40gfull 
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status
Port     Name     Status       Vlan  Duplex  Speed   Type         Flags
Et1               connected    2     full    1G      10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1           connected    1     full    40G     100GBASE-SR4
Et5/1/2           errdisabled  1     unconf  unconf  100GBASE-SR4
Et5/1/3           errdisabled  1     unconf  unconf  100GBASE-SR4
Et5/1/4           errdisabled  1     unconf  unconf  100GBASE-SR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Configuring a QSFP100 Module as Four 10GbE Interfaces

To configure a port as four 10GbE interfaces, use the speed command (speed 10000full) on the port’s /1 lane (the primary lane).

Enter the interface Ethernet configuration mode for lane /1 of the QSFP100 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1 
```
Enter the speed 10000full command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 10000full 
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status 
Port       Name       Status      Vlan  Duplex  Speed  Type         Flags
Et1                   connected   2     full    1G     10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1               connected   1     full    10G    100GBASE-SR4
Et5/1/2               connected   1     full    10G    100GBASE-SR4
Et5/1/3               connected   1     full    10G    100GBASE-SR4
Et5/1/4               connected   1     full    10G    100GBASE-SR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->

CFP2 Ethernet Port Configuration

Each CFP2 module contains ten data lanes. The configuration options available on the port depend on the optic inserted:

CFP2-100G-LR4 optics operate only in 100GbE mode.
CF2-100G-ER4 optics operate only 100GbE mode.
CFP2-100G-XSR10 optics can be configured as a single 100GbE interface or as ten 10GbE interfaces.

When the port is configured as ten 10GbE interfaces, each lane is active and visible in the CLI show commands. When the lanes are combined to form a single 100GbE interface, show commands display the primary lane as connected or not connected and all other lanes are hidden.

The following sections describe the configuration of CFP2 ports.

Configuring a CFP2 Module as a Single 100GbE Interface

To configure a port as a single 100GbE interface (the default configuration), combine the module’s ten data lanes by using the speed command (speed 100gfull) on the port’s /1 lane (the primary lane).

This configuration is available for all pluggable optics.

Enter the interface Ethernet configuration mode for lane /1 of the CFP2 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1 
```
Enter the speed 100gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 100gfull
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status 
Port      Name      Status     Vlan  Duplex  Speed  Type         Flags
Et1                 connected  2     full    1G     10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1             connected  1     full    100G   100GBASE-SR1
Et5/2/1             connected  1     full    100G   100GBASE-SR1
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Configuring a CFP2 Module as Ten 10GbE Interfaces

To configure a port as four 10GbE interfaces, use the speed command (speed 10000full) on the port’s /1 lane (the primary lane).

This configuration is available only for CFP2-100G-XSR10 optics.

Enter the interface Ethernet configuration mode for lane /1 of the CFP2 Ethernet interface.
```
switch(config)# interface ethernet 5/1/1
```
Enter the speed 10000full command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/1/1)# speed 10000full 
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/1/1)# show interfaces status
Port     Name   Status     Vlan  Duplex  Speed  Type         Flags
Et1             connected  2     full    1G     10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1         connected  1     full    10G    100GBASE-SR1
Et5/1/2         connected  1     full    10G    100GBASE-SR1
Et5/1/3         connected  1     full    10G    100GBASE-SR1
Et5/1/4         connected  1     full    10G    100GBASE-SR1
Et5/1/5         connected  1     full    10G    100GBASE-SR1
Et5/1/6         connected  1     full    10G    100GBASE-SR1
Et5/1/7         connected  1     full    10G    100GBASE-SR1
Et5/1/8         connected  1     full    10G    100GBASE-SR1
Et5/1/9         connected  1     full    10G    100GBASE-SR1
Et5/1/10        connected  1     full    10G    100GBASE-SR1
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Default QSFP Mode Support

A QSFP+ transceiver supports 40GbE and 4x10GbE. This feature supports changing the default QSFP mode between 40GbE and 4x10GbE on all ports with QSFP+ transceivers.

Configuration

On all front panel ports that support this feature, the following global configuration command changes their default QSFP mode from 40GbE to 4x10GbE.

transceiver qsfp default-mode 4x10G

The no or default version of the command reverts the default QSFP mode to 40GbE.

Note: This configuration command is not honored on ports that do not support this feature (such as QSFP100 ports with external PHY, always choose 40GbE as the default QSFP mode).

Show Commands

There is no explicit show command to display the default QSFP mode. Use the show running-config command to determine whether the default QSFP mode is 4x10GbE or 40GbE. Use the show interfaces hardware command to check the default QSFP mode on the given ports.

When the default QSFP mode is configured as 4x10GbE, the output of show running-config contains transceiver qsfp default-mode 4x10G. In the output of the show interfaces hardware command, 10G is shown as the default speed.

switch(config)# transceiver qsfp default-mode 4x10G
switch(config)# show running-config | grep 4x10G
transceiver qsfp default-mode 4x10G
switch(config)# show interfaces ethernet 35/1 hardware
*  = Requires speed group setting change
Ethernet35/1
  Model:          DCS-7280CR3-32P4
  Type:           40GBASE-CR4
  Speed/Duplex:   10G/full(default),40G/full,auto
  Flowcontrol:    rx-(off,on,desired),tx-(off)

When the QSFP mode configuration is reverted to its default state with the no transceiver qsfp default-mode command, the output of the show running-config command does not contain transceiver qsfp default-mode 4x10G. In addition, the output of the show interfaces hardware command shows 40G as the default speed.

switch(config)# no transceiver qsfp default-mode
switch(config)# show running-config | grep 4x10G
switch(config)# show interfaces ethernet 35/1 hardware
*  = Requires speed group setting change
Ethernet35/1
  Model:          DCS-7280CR3-32P4
  Type:           40GBASE-CR4
  Speed/Duplex:   10G/full,40G/full(default),auto
  Flowcontrol:    rx-(off,on,desired),tx-(off)

Limitations

There is support for the no transceiver qsfp default-mode 4x10G command on the DCS-7300X series, but the default QSFP mode remains 4x10GbE.

MXP Ethernet Port Configuration

Each MXP module contains twelve data lanes which can be used individually or combined to form one or more higher-speed interfaces. This arrangement allows an MXP Ethernet port to be configured as a single 100GbE interface, as up to twelve 10GbE interfaces, or as a mixture of 40GbE and 10GbE ports.

MXP ports do not use pluggable optics. Instead, an MTP-24 cable is inserted directly into the port. The remote end of the MTP-24 cable must then be broken out using a splitter cable or a cartridge based on the operational mode and speed of the MXP port.

When four lanes of an MXP interface are combined to form a 40GbE port, CLI commands show the primary lane of that group as connected or not connected and the other three lanes as errdisabled.

The following sections describe the configuration of MXP interfaces.

Configuring an MXP Module as a Single 100GbE Interface

To configure a port as a single 100GbE interface (the default configuration), enter the speed command (speed 100gfull) on the port’s /1 lane (the primary lane). This configuration combines lanes 1-10 and disables lanes 11 and 12.

With this configuration, show commands display lane /1 as connected or not connected, and lanes /2-/12 as errdisabled.

Enter interface Ethernet configuration mode for lane /1 of the MXP Ethernet interface.
```
switch(config)# interface ethernet 5/49/1
```
Enter the speed 100gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/49/1)# speed 100gfull
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/49/1)# show interfaces status 
Port          Name        Status        Vlan        Duplex     Speed    Type          Flags
Et1                       connected     2           full       1G       10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/49/1                  connected     1           full       100G     100GBASE-SR1
Et5/49/2                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/3                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/4                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/5                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/6                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/7                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/8                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/9                  errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/10                 errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/11                 errdisabled   1           unconf     unconf   100GBASE-SR1
Et5/49/12                 errdisabled   1           unconf     unconf   100GBASE-SR1

Configuring an MXP Module With 40GbE Interfaces

Each set of four lanes on an MXP module is independently configurable as a single 40GbE interface or four 10GbE interfaces. To configure four lanes as a single 40GbE interface, enter the speed command (speed forced 40gfull) on the group’s primary lane (/1, /5, or /9). To revert a group of four lanes to functioning as four independent 10GbE interfaces, enter the speed 10000full command on the primary lane of the group.

When four lanes of an MXP interface are combined to form a 40GbE port, CLI commands will show the primary lane of that group as connected or not connected and the other three lanes as errdisabled. In groups of four lanes configured as four independent 10GbE interfaces, each lane will be displayed as connected or not connected in the CLI.

Note that entering a speed forced 100gfull command on the /1 lane takes precedence over speed 40gfull commands on the /5 and /9 lanes.

The following example shows the steps for configuring an MXP module as three 40GbE interfaces.

Enter interface Ethernet configuration mode for lane /1 of the MXP Ethernet interface.
```
switch(config)# interface ethernet 5/49/1
```
Enter the speed 40gfull command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/49/1)# speed 40gfull
```

Repeat the above steps for lanes /5 and /9.

switch(config-if-Et5/49/1)# interface ethernet 5/49/5 
switch(config-if-Et5/49/5)# speed 40gfull
switch(config-if-Et5/49/5)# interface ethernet 5/49/9
switch(config-if-Et5/49/9)# speed 40gfull

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/49/9)# show interfaces status 
Port Name    Status          Vlan  Duplex   Speed    Type         Flags
Et1          connected       2     full     1G       10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/49/1     connected       1     full     40G      100GBASE-SR1
Et5/49/2     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/3     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/4     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/5     connected       1     full     40G      100GBASE-SR1
Et5/49/6     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/7     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/8     errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/9     connected       1     full     40G      100GBASE-SR1
Et5/49/10    errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/11    errdisabled     1     unconf   unconf   100GBASE-SR1
Et5/49/12    errdisabled     1     unconf   unconf   100GBASE-SR1

Configuring an MXP Module as Twelve 10GbE Interfaces

Each lane of an MXP port functions as a 10GbE interface when it is not included in a higher-speed interface configuration (either actively or as an errdisabled port).

To explicitly configure a port as twelve 10GbE interfaces, use the speed command (speed 10000full) on all twelve lanes of the port.

When each lane is configured as an independent 10GbE interface, show commands display each lane as connected or not connected.

Note: Use of the speed command to configure a multi-lane port is hitless on the 7050X, 7060X, 7250X, 7260X, 7280CR3, 7280SE, 7300X, 7320X, and 7500E series platforms. On all other platforms, this command restarts the forwarding agent, which results in traffic disruption. On the 7160 series platform, use of the speed command is hitless, but if the command changes the number of port lanes, packets may be dropped on unrelated ports.

Enter interface Ethernet configuration mode for all twelve lanes of the MXP Ethernet interface.
```
switch(config)# interface ethernet 5/49/1-12
```
Enter the speed 10000full command. Depending on the platform, this command may restart the forwarding agent, disrupting traffic on all ports for 60 seconds or more.
```
switch(config-if-Et5/49/1-12)# speed 10000full
```

Use the show interfaces status command to confirm the change in the configuration.

switch(config-if-Et5/49/1-12)# show interfaces status 
Port       Name     Status      Vlan  Duplex  Speed  Type          Flags
Et1                 connected   2     full    1G     10GBASE-T
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et5/1/1             connected   1     full    10G    100GBASE-SR1
Et5/1/2             connected   1     full    10G    100GBASE-SR1
Et5/1/3             connected   1     full    10G    100GBASE-SR1
Et5/1/4             connected   1     full    10G    100GBASE-SR1
Et5/1/5             connected   1     full    10G    100GBASE-SR1
Et5/1/6             connected   1     full    10G    100GBASE-SR1
Et5/1/7             connected   1     full    10G    100GBASE-SR1
Et5/1/8             connected   1     full    10G    100GBASE-SR1
Et5/1/9             connected   1     full    10G    100GBASE-SR1
Et5/1/10            connected   1     full    10G    100GBASE-SR1
<-------OUTPUT OMITTED FROM EXAMPLE-------->

Port Speed Capabilities

The Supported Speeds (Gb/s) table shows the various speeds supported on each Arista platform per interface type.

Table 7. Supported Speeds (Gb/s)
Platform	SFP+	SFP28	QSFP+	QSFP100	MXP	CFP2
7050	100M, 1, 10	N/A	1, 10, 40	N/A	N/A	N/A
7050X	100M, 1, 10	N/A	1, 10, 40	N/A	10, 40	N/A
7050X2	100M, 1, 10	N/A	1, 10, 40	N/A	N/A	N/A
7050X3	100M, 1, 10	1, 10, 25	N/A	10, 25, 40, 50, 100	N/A	N/A
7250X	N/A	N/A	1, 10, 40	N/A	N/A	N/A
7060X	100M, 1, 10	N/A	N/A	10, 25, 40, 50, 100	N/A	N/A
7060X2	100M, 1, 10	1, 10, 25	N/A	10, 25, 40, 50, 100	N/A	N/A
7260X3	100M, 1, 10	N/A	N/A	10, 25, 40, 50, 100	N/A	N/A
7300X	100M, 1, 10	N/A	1, 10, 40	N/A	N/A	N/A
7300X3	N/A	1, 10, 25	N/A	10, 25, 40, 50, 100	N/A	N/A
7320X	N/A	N/A	N/A	10, 25, 40, 50, 100	N/A	N/A
7150S	1, 10	N/A	1, 10, 40	N/A	N/A	N/A
7048T	1, 10	N/A	N/A	N/A	N/A	N/A
7500	1, 10	N/A	1, 10, 40	N/A	N/A	N/A
7500E	1, 10	N/A	1, 10, 40	10, 40, 100	10, 40, 100	100
7500R	1, 10	1, 10, 25	1, 10, 40	10, 25, 40, 50, 100	N/A	N/A
7280SE	1, 10	N/A	1, 10, 40	10, 40, 100	10, 40, 100	N/A
7280QR	N/A	N/A	1, 10, 40	10, 25, 40, 50, 100	N/A	N/A
7280SR (R2)	1, 10	1, 10, 25	N/A	10, 25, 40, 50, 100	N/A	100, 200
7280CR	N/A	N/A	N/A	10, 25, 40, 50, 100	N/A	N/A
7010T	100M, 1, 10	N/A	N/A	N/A	N/A	N/A

Agile Ports

An agile port is an interface that can function as a 10GbE port or can subsume a predefined set of 10GbE interfaces to form an interface with higher speed capabilities.

The set of interfaces that can be combined to form a higher speed port is restricted by the hardware configuration. Only interfaces that pass through a common PHY component can be combined. One interface within a combinable set is designated as the primary port.

To view the set of available agile ports and the subsumable interfaces that comprise them, enter the show platform fm6000 agileport map command.
To configure the primary port as a higher speed port, enter speed 40gfull or speed auto 40gfull.
To revert the primary port and its subsumed ports to 10GbE interfaces, enter no speed.

Subinterface Configuration

For a subinterface to be operational on an Ethernet or port channel interface, the parent interface must be configured as a routed port, must be administratively up, and a VLAN must be configured on the subinterface. If the parent interface goes down, all subinterfaces automatically go down as well. After the parent interface comes back up, also the subinterfaces come back up with the same configuration.

Note that a port channel should not contain Ethernet interfaces configured with subinterfaces. Subinterfaces cannot be members of a port channel.

Subinterfaces are named by adding a period followed by a unique subinterface number to the name of the parent interface. Note that the subinterface number has no relation to the ID of the VLAN corresponding to the subinterface.

Subinterfaces are available on the following platforms:

DCS-7050X
DCS-7060X
DCS-7250X
DCS-7260X
DCS-7280E
DCS-7300X
DCS-7320X
DCS-7500E

Creating a Subinterface

To create a subinterface on an Ethernet or port channel interface, follow these steps:

Bring up the parent interface and ensure that it is configured as a routed port.

switch(config)# interface Ethernet1/1
switch(config-if-Et1/1)# no switchport 
switch(config-if-Et1/1)# no shutdown

Configure a VLAN on the subinterface. The encapsulation dot1q vlan command associates a VLAN with the subinterface (and, in other scenarios, it is also used for VLAN translation).
```
switch(config-if-Et1/1)# interface Ethernet1/1.1
switch(config-if-Et1/1.1)# encapsulation dot1q vlan 100
```

Configure an IP address on the subinterface (optional) and ensure that it is not shut down.

switch(config-if-Et1/1)# ip address 10.0.0.1/24
switch(config-if-Et1/1)# no shutdown 
switch(config-if-Et1/1)#

Creating a Range of Subinterfaces

A range of subinterfaces can also be configured simultaneously. The following example configures subinterfaces 1 to 100 on Ethernet interface 1/1 and assigns VLANs 501 through 600 to them. Note that the range of interfaces must be the same size as the range of VLAN IDs.

Example

switch(config)# interface eth1/1.1-100
switch(config-if-Et1/1.1-100)# no shutdown
switch(config-if-Et1/1.1-100)# encapsulation dot1q vlan {501,600}
switch(config-if-Et1/1.1-100)# exit
switch(config)#

Parent Interface Configuration

For subinterfaces to function, the parent interface must be administratively up and configured as a routed port.

Subinterfaces inherit some settings from the parent interface. These include QoS (trust mode and default DSCP) and MTU.

Additionally, on the DCS-7050X, DCS-7250X, and DCS-7300X platforms, the parent interface may be configured with an IP address. In this case, untagged packets are treated as incoming traffic on the parent interface.

Configuring Routing Features on a Subinterface

After you create a subinterface, you can configure the following features on it:

Unicast and multicast routing.
BGP, OSPF, ISIS, PIM.
VRF.
VRRP.
SNMP.
Inheritance of QoS (trust mode and default DSCP) and MTU settings from the parent interface.

Additionally, these features can be configured on subinterfaces on Arad (DCS-7500E and DCS-7280E) platforms:

Subinterface counters on ingress.
VXLAN.
MPLS.
GRE.
PBR.
QoS.

Displaying Subinterface Information

Subinterface information is displayed using the same show commands as for other interfaces.

Examples

The following command displays the summary information for all IP interfaces on the switch, including subinterfaces.

switch# show ip interfaces brief
 Interface           IP Address     Status    Protocol     MTU
 Ethernet1/1         10.1.1.1/24    up        up           1500  
 Ethernet1/1.1       10.0.0.1/24    up        up           1500
 Ethernet1/2         unassigned     up        up           1500

The following command shows the specific information about subinterface Ethernet 1/1.1.

switch# show interface ethernet 1/1.1
Ethernet1/1.1 is down, line protocol is lowerlayerdown (notconnect)
  Hardware is Subinterface, address is 001c.735d.65dc
  Internet address is 10.0.0.1/24
  Broadcast address is 255.255.255.255
  Address determined by manual configuration
  IP MTU 1500 bytes , BW 10000000 kbit
  Down 59 seconds
switch>

The following command displays the status information for all subinterfaces configured on the switch.

switch# show interfaces status sub-interfaces
Port       Name    Status       Vlan     Duplex       Speed       Type                Flags
Et1.1              connect      101        full       10G         dot1q-encapsulation
Et1.2              connect      102        full       10G         dot1q-encapsulation
Et1.3              connect      103        full       10G         dot1q-encapsulation
Et1.4              connect      103        full       10G         dot1q-encapsulation

Maximum Latency Tail-drop Thresholds

The maximum latency for tail-drop thresholds can be configured in interface configuration mode or in the QoS profile. QoS profile configuration mode is a group change mode.

Example

The following commands configure the maximum latency value for the VOQ tail-drop threshold on transmit queue 3 on interface Ethernet1. The maximum latency value that can be specified is 50 ms. Either milliseconds or microseconds can be used in the configuration.

switch(config)# interface Ethernet1
switch(config-if-Et1)# tx-queue 3
switch(config-if-Et1-txq-3)# latency maximum <1-50000> microseconds
switch(config-if-Et1-txq-3)# latency maximum <1-50> milliseconds
switch(config)#

Auto-negotiated Settings

In auto-negotiation, the transmission speed, duplex setting, and flow control parameters used for Ethernet-based communication can be automatically negotiated between connected devices to establish optimized common settings.

Speed and Duplex

In configuration mode the speed command affects the transmission speed and duplex setting of an interface. When a speed command is in effect on an interface, auto-negotiation of speed and duplex settings is disabled for the interface; to enable auto-negotiation, use the speed auto command.

The scope and effect of the speed command depends on the interface type; see Ethernet Interfaces and Ethernet Configuration Procedures for detailed information on the speed settings for different interfaces.

Flow Control

Flow control is a data transmission option that temporarily stops a device from sending data because of a peer data overflow condition. If a device sends data faster than the receiver can accept, the receiver's buffer can overflow. The receiving device then sends a PAUSE frame, instructing the sending device to halt transmission for a specified period.

Flow control commands configure administrative settings for flow control frames.

The flowcontrol receive command configures the port's ability to receive flow control pause frames.
- off: the port does not process the pause frames that it receives.
- on: the port processes the pause frames that it receives.
- desired: the port auto-negotiates; it processes pause frames if the peer is set to send or desired.
The flowcontrol send command configures the port's ability to transmit flow control pause frames.
- off: the port does not send pause frames.
- on: the port sends pause frames.
- desired: the port auto-negotiates; it sends pause frames if the peer is set to receive or desired.

Desired is not an available parameter option. Ethernet data ports cannot be set to desired.

Management ports are set to desired by default and with the no flowcontrol receive command.

The port linking process includes flow control negotiation. Ports must have compatible flow control settings to create a link. Compatible Settings for Flow Control Negotiation lists the compatible flow control settings.

Table 8. Compatible Settings for Flow Control Negotiation
local port	peer port
receive on	send on or send desired
receive off	send off or send desired
receive desired	send on, send off, or send desired
send on	receive on or receive desired
send off	receive off or receive desired
send desired	receive on, receive off, or receive desired

Example

These commands set the flow control receive and send parameters to on on interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# flowcontrol receive on
switch(config-if-Et5)# flowcontrol send on
switch(config-if-Et5)#

Displaying Ethernet Port Properties

Show commands are available to display various Ethernet configurations and operational statuses on each interface. Viewable Ethernet settings include:

Port Type
PHY Status
Negotiated Settings
Flow Control
Capabilities

Port Type

The port type is viewable from the output of show interfaces status, show interfaces hardware, and show interfaces transceiver properties commands.

Examples

This show interfaces status command displays the status of Ethernet interfaces 1-5.

switch# show interfaces status
Port      Name              Status       Vlan        Duplex  Speed Type
Et1                         connected    1             full    10G 10GBASE-SRL
Et2                         connected    1             full    10G 10GBASE-SRL
Et3                         connected    1             full    10G 10GBASE-SRL
Et4                         connected    1             full    10G 10GBASE-SRL
Et5                         notconnect   1             full    10G Not Present
switch>

This show interfaces hardware command displays the speed, duplex, and flow control capabilities of Ethernet interfaces 2 and 18.

switch# show interfaces ethernet 2,18 hardware
Ethernet2
  Model:        DCS-7150S-64-CL
  Type:         10GBASE-CR
  Speed/Duplex: 10G/full,40G/full,auto
  Flowcontrol:  rx-(off,on,desired),tx-(off,on,desired)
Ethernet18
  Model:        DCS-7150S-64-CL
  Type:         10GBASE-SR
  Speed/Duplex: 10G/full
  Flowcontrol:  rx-(off,on),tx-(off,on)
switch>

This command displays the media type, speed, and duplex properties for Ethernet interfaces 1.

switch# show interfaces ethernet 1 transceiver properties
Name : Et1
Administrative Speed: 10G
Administrative Duplex: full
Operational Speed: 10G (forced)
Operational Duplex: full (forced)
Media Type: 10GBASE-SRL

PHY

The show interfaces phy command displays PHY information for each Ethernet interface.

Example

This command summarizes PHY information for Ethernet interfaces 1-3.

switch# show interfaces ethernet 1-3 phy
Key:
   U    = Link up
   D    = Link down
   R    = RX Fault
   T    = TX Fault
   B    = High BER
   L    = No Block Lock
   A    = No XAUI Lane Alignment
   0123 = No XAUI lane sync in lane N

                                  State    Reset
Port           PHY state        Changes    Count PMA/PMD PCS   XAUI
-------------- --------------- -------- -------- ------- ----- --------
Ethernet1      linkUp             14518     1750 U..     U.... U.......
Ethernet2      linkUp             13944     1704 U..     U.... U.......
Ethernet3detectingXcvr          3        1               D..A0123
switch>

Negotiated Settings

The show interfaces hardware command displays speed, duplex, and flow control settings. PHY information for each Ethernet interface can be viewed by entering the show interfaces hardware, show interfaces flow-control, and show interfaces status commands.

Examples

This command displays speed/duplex and flow control settings for Ethernet interface 1.

switch# show interfaces ethernet 1 hardware
Ethernet1
  Model:        DCS-7150S-64-CL
  Type:         10GBASE-SR
  Speed/Duplex: 10G/full
  Flowcontrol:  rx-(off,on),tx-(off,on)
switch>

This command shows the flow control settings for Ethernet interfaces 1-2.

switch# show flow-control interface ethernet 1-2
Port       Send FlowControl  Receive FlowControl  RxPause       TxPause
           admin    oper     admin    oper
---------  -------- -------- -------- --------    ------------- -------------
Et1        off      off      off      off         0             0
Et2        off      off      off      off         0             0
switch>

This command displays the speed type and duplex settings for management interfaces 1-2.

switch# show interfaces management 1-2 status
Port      Name              Status       Vlan        Duplex  Speed Type
Ma1                         connected    routed      a-full a-100M 10/100/1000
Ma2                         connected    routed      a-full   a-1G 10/100/1000
switch>

Ingress Counters

Ingress counters enable the switch to count the ingress traffic on the Layer 3 ports of the switch.

Any ingress traffic on Layer 3 sub-interfaces and VLAN interfaces with IPv4 and IPv6 addresses is accounted for, irrespective of the routing decision. VLAN counters are supported on the DCS-7050x, DCS-7250x, and DCS-7300x series switches. They are not supported on any routed ports.

Configuring Ingress Counters

The hardware counter feature <...> in command enables the switch to count the ingress traffic on the Layer 3 port of the switch. Any traffic on Layer 3 sub-interfaces and VLAN interfaces with IPv4 and IPv6 addresses is accounted for, irrespective of the routing decision.

Examples

This command configures the ingress traffic count on the sub-interfaces. The no form of the command disables the counter configuration from the switch ports.
```
switch# hardware counter feature subinterface in
```
This command configures the ingress traffic count on VLAN interfaces. The no form of the command disables the counter configuration from VLAN-configured switch ports.
```
switch# hardware counter feature vlan-interface in
```

Displaying the Ingress Counter Information

The show interface counters command displays the Layer 3 ingress traffic count information.

Run this command to view the traffic counts on a sub-interface or VLAN interface of the switch. The clear counters command resets the counters to 0.

Example

This command displays the ingress traffic count on a VLAN interface vl12.

switch# show interface vl12 counters incoming
L3   Interface InOctets InUcastPkts InMcastPkts
Vl12           3136     47          2

Configuring Ingress Traffic-Class Counters

Ingress traffic-class counter support is enabled to display per traffic-class counters on ingress interfaces and is supported on routed ports and subinterfaces. Both packet and octet counts are displayed.

Examples

This command enables traffic-class counter support.

switch(config)# hardware counter feature traffic-class in

This command enables the TCAM profile tc-counters, if this profile is configured.
```
switch(config)# hardware tcam profile tc-counters
```

Hardware Counter Support

Hardware counter support enables features requiring programmable hardware counter resources.

Hardware counter support can be used to count the following feature-specific values:

Ingress VLAN-interface counters count the packets/octets ingressing through a VLAN interface.
Egress VLAN-interface counters count the packets/octets egressing a VLAN interface.
Ingress subinterface counters count the packets/octets ingressing through a subinterface.
Egress subinterface counters count the packets/octets egressing a subinterface.
VXLAN VNI counters count the packets/octets encapsulated/decapsulated per VNI.
VXLAN VTEP counters count the packets/octets encapsulated/decapsulated per VTEP.
Route counters for IPv4/IPv6 routes count the packets/octets routed using the route entry.
Ingress GRE tunnel interface counters count the packets/octets ingressing a GRE tunnel interface.
Egress GRE tunnel interface counters count the packets/octets egressing a GRE tunnel interface.

Hardware Counter Support Configuration

You can enable hardware counter support on a per-feature basis using the hardware counter feature command. The no hardware counter feature command disables this setting. Multiple ingress and egress hardware counter features can work concurrently.

Note: Enabling hardware counter features may impact the transit traffic.

Ingress VLAN Interface Counters

The hardware counter feature vlan-interface in command enables the counting of ingress VLAN interface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets ingressing through the VLAN interface for every VLAN interface configured in the system.

Example

switch# [no]hardware counter feature vlan-interface in

Egress VLAN Interface Counters

Thehardware counter feature vlan-interface out command enables the counting of egress VLAN interface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets egressing the VLAN interface for every VLAN interface configured in the system.

Example

switch# [no]hardware counter feature vlan-interface out

Ingress SubInterface Counters

The hardware counter feature subinterface in command enables the counting of ingress subinterface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets ingressing through the subinterface for every L3 subinterface configured in the system.

Example

switch# [no]hardware counter feature subinterface in

Egress SubInterface Counters

The hardware counter feature subinterface out command enables the counting of egress subinterface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets egressing the subinterface for every L3 subinterface configured in the system.

Example

switch# [no]hardware counter feature subinterface out

VXLAN VNI Encapsulation Counters

The hardware counter feature vni encap command enables per-VNI encapsulation counters. When enabled, the switch counts the number of packets and bytes egressing a VNI through a VTI, the number of encapsulated BUM packets, and the number of encapsulated packets dropped for any reason.

Example

switch(config)# [no]hardware counter feature vni encap

VXLAN VNI Decapsulation Counters

The hardware counter feature vni decap command enables the per-VNI decapsulation counters. When enabled, the switch counts the number of packets/octets received from a VTEP and decapsulated for each VNI.

Example

switch(config)# [no]hardware counter feature vni decap

Route Counters

The hardware counter feature route command configures the route counters for the specified IP version, IP address or IP prefix. When enabled, the switch counts the number of packets/bytes hitting a route. The VRF name is optional. The default VRF is assumed if no VRF is specified.

Example

switch(config)# [no] hardware counter feature route [ipv4|ipv6] [vrf <name>] [ip-address|ip-address-prefix]

GRE Tunnel Interface Encapsulation Counters

The hardware counter feature gre tunnel interface out command enables GRE tunnel interface encapsulation counters. When enabled, the switch counts the number of unicast GRE packets and of total octets encapsulated on the tunnel interface.

Example

switch(config)# [no]hardware counter feature gre tunnel interface out

GRE Tunnel Interface Decapsulation Counters

The hardware counter feature gre tunnel interface in command enables GRE Tunnel Interface decap counters. When enabled, the switch counts the number of unicast GRE packets and total octets getting decapsulated on the Tunnel Interface.

Example

switch(config)# [no]hardware counter feature gre tunnel interface in

MRU Enforcement Show commands

The show interface output displays the MRU on an interface.

switch(config)# show interface ethernet 1
Ethernet1 is up, line protocol is up (connected)
  Hardware is Ethernet, address is 444c.a8b7.1ed8 (bia 444c.a8b7.1ed8)
  Member of Port-Channel10
  Ethernet MTU 10178 bytes, Ethernet MRU 1500 bytes, BW 10000000 kbit
  Full-duplex, 10Gb/s, auto negotiation: off, uni-link: disabled.

Counters

MRU-dropped packets are counted per-chip.

The show platform fap mapping output displays the mapping between the chips and their corresponding Ethernet interfaces.

switch(config)# show platform fap mapping interface Ethernet 1
Jericho0 (FapId: 0  BaseSystemCoreId: 0)
Port             SysPhyPort   Voq   Core  FapPort  OtmPort BaseQPair QPairs Xlge NifPort
----------------------------------------------------------------------------------------
Ethernet1        100          2608  0     2        0        0         8     8    33

The show hardware counter drop output displays the per-chip Reassembly Errors counters.

switch(config)# show hardware counter drop
Type  Chip       CounterName       : Count    : First Occurrence    : Last Occurrence
-----------------------------------------------------------------------------------------
A     Jericho0   ReassemblyErrors  : 12132989 : 2020-09-22 17:05:45 : 2020-09-22 17:22:40

Configuring Power over Ethernet (PoE)

Power over Ethernet (PoE) is enabled by default on all Ethernet ports of PoE-capable switches, which can detect IEEE-compliant Powered Devices (PDs) when they are plugged into a port and can supply power appropriately.

Limitations

Ethernet ports will not detect non-IEEE-compliant devices by default and may not be able to detect or power them even if configured to do so.
If attached PDs overload the switch, it will power off. This can occur when an attached PD increases its power demand via LLDP, when too many PDs are connected to the switch, or when a power supply fails on a heavily loaded dual-supply switch.
Power-cycling the switch will cause temporary loss of power to attached PDs.
PoE is not available on management interfaces.

Disabling PoE on an Interface

On switches that support it, PoE is enabled by default on all Ethernet ports but can be disabled per port with the poe disabled command.

Example

This command disables PoE on Ethernet interface 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# poe disabled
switch(config-if-Et5)#

PoE Power Settings

When an IEEE-compliant powered device (PD) is connected to a PoE-enabled Ethernet port, it is recognized by a specific resistor signature, and its initial power needs are determined by hardware negotiation, after which further negotiation is managed through the Link Layer Discovery Protocol (LLDP). For details, see Configuring LLDP for Power over Ethernet.

PoE power output can be limited on a port using the poe limit command. The power limit represents the power output at the Ethernet port; actual power delivered to the PD will be lower due to power loss along the Ethernet cable.

Note: LLDP uses Power Via MDI type-length-value elements (TLVs) to allow the switch to dynamically negotiate power needs with PDs. LLDP will not include Power Via MDI TLVs for the interface if a power limit has been configured on it.

Examples

These commands limit nominal PoE power output on Ethernet interface 5 to 10 W.

switch(config)# interface ethernet 5
switch(config-if-Et5)# poe limit 10 watts
switch(config-if-Et5)#

These commands limit nominal PoE power output on Ethernet interface 7 to 4 W.

switch(config)# interface ethernet 7
switch(config-if-Et7)# poe limit class 1
switch(config-if-Et7)#

Detecting Legacy PDs

To configure an interface to use hardware detection for these non-compliant PoE devices and attempt to power them, use the poe legacy detect command.

Note: Non IEEE-compliant PDs are not officially supported. Arista cannot guarantee compatibility with such devices, and they may not be detected even when legacy detection is enabled on the port they are connected to.

Example

These commands configure interface ethernet 5 to attempt to detect and power non-compliant PDs.

switch(config)# interface ethernet 5
switch(config-if-Et5)# poe legacy detect
switch(config-if-Et5)#

Displaying PoE Information

To display PoE information for a specific interface range or for all Ethernet interfaces, use the show poe command.

Example

This command displays PoE information for Ethernet interface 46.

switch(config)# show poe interface ethernet 46
show poe interface ethernet 46
PSELLDPPowerGrantedPort
Port Enabled Enabled Limit  Power   State   Class  Power Current Voltage Temperature
---- ------- ------- ------ ------- ------- ------ ----- ------- ------- -----------
46      True    True 15.40W 15.40W  powered class0  1.40W 27.00mA 55.04V  41.25C
switch(config-if-Et7)#

Configuring Link Fault Signaling

As part of the Link Fault Signaling (LFS) configuration, a new configuration mode called the Ethernet Operations Administration and Management (EOAM) mode is introduced. The EOAM profile has a link-error sub-mode wherein the threshold, action, and period are configured for FCS and symbol errors. The period can be in seconds or in number of frames. The default values are threshold 0, action syslog, and period 0 seconds. If the errors exceed the threshold within the given period, the configured action is executed. The recovery time configures the recovery timeout value for link fault signaling. Only one EOAM profile is associated with a port.

The following steps enable configuring the LFS parameters:

Enable the EOAM mode.
```
switch(config)# monitor ethernet oam
```
Create an EOAM profile named profile1.
```
switch(config-eoam)# profile profile1
```

Enter the EOAM link-error sub-mode.

switch(config-eoam-profile-profile1)# link-error

Enter the commands in the profile's link-error submode to configure a specific LFS parameter.

switch(config-eoam-profile-profile1-link-error)# symbol action errdisable
switch(config-eoam-profile-profile1-link-error)# symbol period 300 frames
switch(config-eoam-profile-profile1-link-error)# symbol threshold 20
switch(config-eoam-profile-profile1-link-error)# recovery-time 40

Apply the EOAM profile profile1 to the Ethernet interface 1/1.

switch(config)# interface ethernet 1/1
switch(config-if-Et1/1)# monitor ethernet oam profile profile1

Ethernet OAM Connectivity Fault Management (CFM)

This section contains the following topics:

Connectivity Fault Management Overview
Configuring Ethernet OAM Connectivity Fault Management (CFM)
Displaying CFM Status Information
Ethernet OAM CFM Commands

Connectivity Fault Management Overview

As Ethernet technologies merge into Metropolitan Area Networks (MAN) and Wide Area Networks (WAN), these services, used by service providers,provide end-to-end connectivity to customers. Typically, the service provider locations span large geographical areas and may rely on certain internet backbone providers, called operators, to provide connectivity when the geographical area becomes too large for coverage. In response, the responsibilities of managing the networks by tasks including Operations, Administration, and Maintenance (OAM) become challenging, and the ability of the service providers to respond to network interruptions directly impacts competitiveness in the market.

To facilitate the fault detection, isolation, and recovery processes at the Ethernet layer, the Ethernet OAM Connectivity Fault Management (CFM) protocol became available with the release of the IEEE 802.1ag standard. In this standard, the nodes on a network periodically transmit an Ethernet Continuity Check (ETH-CC) message indicating the status of reachability to remote nodes, and also track the reachability of remote nodes in the network. The Ethernet OAM CFM functionality uses special Ethernet frames with the 0x8902 Ethernet type value to achieve this functionality.

Terminology

Review the list of terms used in the documentation.

CCM - Continuity Check Message
CFM - Connectivity Fault Management
ETH-CC - Ethernet Continuity Check
eOAM - Ethernet Operation, Administration, and Management
LOC - Loss of Continuity
MA - Maintenance Association
MD - Maintenance Domain
MEP - Maintenance Association End Point
RMEP - Remote Maintenance Association End Point
MP - Maintenance Point
OAM - Operations, Administration, and Maintenance
RDI - Remote Defect Indication>

Ethernet OAM Delay Measurement Overview

The Ethernet OAM Connectivity Fault Management functionality supports Single-End or Two-way Delay measurement. The transmitter generates a Delay Measurement Message (DMM) PDU that records and timestamps the time of transmission. After receiving the DMM, the responder records the time of reception and generates a Delay Measurement Reply (DMR) PDU which records and timestamps the transmission time in the DMR and the transmission time of the DMM.

When the transmitter receives the DMR PDU, it records the receiving time of the DMR PDU and calculates the Two-way Delay. The feature does not require clock synchronization between the transmitter and the receiver.

Ethernet OAM Loss and Synthetic Loss Measurement

The Ethernet OAM Loss (LM) and Synthetic Loss (SLM) measurement functionality supports single-ended Loss and Synthetic Loss measurement in the proactive mode and periodically computes the configured performance measurements.

Single-ended Ethernet OAM Loss Management

When configured for Single-ended loss measurement, an endpoint (MEP) on a Maintenance Association (MA) becomes the Initiator, sending frames with ETH-LM request information to a peer MEP, the responder, and receives frames with ETH-LM reply information from the Responder to begin loss measurements. The Protocol Data Unit (PDU) used as a single-ended ETH-LM request acts as the Loss Measurement Message (LMM), and the PDU used for ETH-LM replies acts as the Loss Measurement Reply (LMR).

The Initiator generates an LMM with the following informational element:

TxFCf - The local counter value for the data frames (TxFCl) transmitted towards the Responder at the time of the LMM frame transmission.

After receiving the LMM, the Responder generates an LMR with the following informational elements:

The TxFCf from the LMM used to generate the LMR.
RxFCf - The local counter value of data frames (RxFCl) received from the Initiator at the time of LMM reception.
TxFCb - Thelocal counter value of data frames (TxFCl) transmitted to the Initiator at the time of LMR transmission.

After receiving the LMR, the Initiator computes the near-end and far-end loss measurements.

Single-ended Ethernet Synthetic Loss Measurement

When configured for Single-ended synthetic loss measurement, an endpoint (MEP), the Initiator on a Maintenance Association (MA) sends frames with ETH-SLM request information to the peer MEP, a Responder, and receives frames with ETH-SLM reply information from the Responder to calculate loss measurements. The PDU for single-ended SLM acts as the SLM and the PDU uses the ETH-SLM reply as the SLR.

The Initiator generates an LMM with the following informational element:

TxFCf - The local counter value for the synthetic data frames (TxFCl) transmitted towards the Responder at the time of the SLM frame transmission.

After receiving the SLM, the Responder generates an SLR with the following informational elements:

The TxFCf from the SLM used to generate the SLM.
TxFCb - Thelocal counter value of data frames (TxFCl) transmitted to the Initiator at the time of LMR transmission.

After receiving the SLRR, the Initiator records the number of SLR frames received from the responder. At the end of each measurement, the Initiator computes near-end and far-end loss measurements.

Configuring Ethernet OAM Connectivity Fault Management (CFM)

CFM Support

EOS supports MEPs on the following ports:

Up and down MEPs on Pseudowire front panel ports.
Up MEP continuity check on L2 front panel trunk ports.
Down MEP continuity check support for L2 front panel ports in the following scenarios:
- MEP interface on an access port
- MEP interface on a trunk port with a native VLAN equal to an association VLAN.
- MEP interface on a trunk port with a native VLAN not equal to an association VLAN.

Adding CFM to the Hardware TCAM Profile

Note: If the network has Maintenance Association End Points (MEPs) in the Up state, then add the CFM feature to the operational TCAM profile.

Use the following commands to add the profile new-cfm to the hardware TCAM:

switch(config)# hardware tcam
switch(config-tcam)# profile new-cfm copy default
switch(config-tcam-profile-new-cfm)# feature cfm
switch(config-tcam)# system profile new-cfm

Configuring the Modular Database (MDB) Profile

Use the following command to set the MDB profile to balanced or balanced-xl:

switch(config)# platform sand mdb profile balanced-xl

Configuring CFM

Use the commands available in cfm mode to add CFM configurations. Multiple MEPs can share CFM properties when configuring CFM profiles, and CFM profiles can be associated with one or more MAs.

Use the following command to enter cfm mode:

switch(config)#cfm

Enable the LOC action for Layer 3 interfaces:

switch(config)#continuity-check loc-state action disable interface routing

Create a new CFM profile cfm-profile1:

switch(config)#profile cfm-profile1

Add continuity checking to the configuration:

switch(config-cfm-profile-cfm-profile1)#continuity-check

Set the time interval to every 10 minutes for periodic transmission of CCM packets:

switch(config-cfm-profile-cfm-profile1)#continuity-check tx-interval 10 minutes

To set the transmission level to the default value of one (1) second, use the default. EOS supports the following types of transmission levels:

3.33 milliseconds
10 ??milliseconds
100 ??milliseconds
1 second
10 seconds
1 minute
10 minutes

Configuring the Class of Service (CoS)

Add Class of Service (CoS) to the configuration:

switch(config-cfm-profile-cfm-profile1)# continuity-check qos cos 7

Configure alarms for defects on the network using the following parameters:

switch(config-cfm-profile-cfm-profile1)#continuity-check alarm defect defects

Select from the following list of defects:

cross-connection - Enables the CFM_MEP_CROSS_CONNECTION_DETECTED alarm and logged when a local MEP receives a CCM PDU from a differenct maintenance association.
error-ccm - Enables the CFM_MEP_ERROR_CCM_DETECTED alarm and logged when a local MEP receives a CCM PDU with the wrong CCM tx-interval or has an RMEP id identical to a local MEP id.
loc-state - Enabled by default, and enables the CFM_MEP_LOC_DETECTED alarm, and logged when a local MEP loses connectivity with a remote MEP.
rdi-ccm - Enabled by default and enables the CFM_MEP_RDI_RECEIVED alarm, and logged when a local MEP receives a CCM with the RDI flag set to true from the remote MEP.

Configuring a Maintenance Domain

Use the following command to configure a Maintenance Domain with the name mdom_1 and a level of 5:

switch(config-cfm)# domain mdom_1 level 5

The domain_level can be an integer between 0 -7.

Configuring the Maintenance Association

Use the following command to configure a Maintenance Association, mainassoc1, under a Maintenance Domain:

switch(config-cfm-mdom_1)# association mainassoc1

The command supports an integer value between 1 to 655335.

Use the following command to apply a CFM profile to a Maintenance Association:

switch(config-cfm-md-mdom_1-ma-mainassoc1)# profile profile1

The CFM profile applies to all MEPs in the Maintenance Association.

To configure the CFM direction for a Maintenance Association, use the following command:

switch(config-cfm-md-mdom_1-ma-255)# direction [up | down]

This configures all MEPs under a Maintenance Association with the same direction.

Configuring a MAC Address for a Remote MEP

Configure a MAC address for a remote MEP by first entering the remote end-point mode, and adding the MAC address:

switch(config-cfm-md-mdom_1-ma-255)# remote end-point end_point_id

switch(config-cfm-md-mdom_1-ma-255-rmep-rep_25)# mac address 06:00:00:00:00:00

Configuring a Local MEP

Use the following command to configure a local endpoint (MEP) for a Maintenance Association:

switch(config-cfm-md-mdom_1-ma-255)# end-point end_point_id

The end_point_id can only be an integer between 1 and 8191.

Configuring the Maintenance Association VLAN

For LM support on subinterfaces with unmatched flexible encapsulation, the MA VLAN must be configured to specify the bridging domain for sending LM or SLM packets. Use the following command to set the VLAN as 101:

switch(config-cfm-md-LM-MD-ma-LM-Assoc)# VLAN 101

The cos cos_value has a default value of 7.

Configuring a Remote MEP under a local MEP

To configure a remote MEP under a local MEP, use the following command:

switch(config-cfm-md-mdom_1-ma-255-mep-mep_25)# remote end-point [ add | remove ] end_point_ID

Use any of the following options with the configuration:

no or default removes all of the remote MEPs under the local MEP.
end_point_id can only be an integer between 1 and 8191.
add adds the remote MEP to the existing list of MEPs.
delete removes the remote MEP from the list of existing MEPs.
remote end-point end_point_ID parameter without the add keyword overwrites the existing remote MEPs under the local MEP.

Adding an Interface to a Local MEP

To configure an interface for a local MEP, use the following command:

switch(config-cfm-md-mdom_1-ma-255-mep-mep_25)# interface interface-name

Displaying CFM Status Information

The following examples allow you to display status information about your CFM configuration.

Current Status

To display the current status of the CFM endpoints, use the following command:

switch# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: false, Last TX RDI cleared: never
 Remote MEP ID        Connectivity          Last LOC Detected    Last LOC Cleared
 ------------------- ------------------ ----------------------- ----------------
                  2    reachable                         never              never

In this example, the endpoint displays reachability and no loss of continuity (LOC). Because no LOC occurred, the TX RDI state returns false, meaning the local MEP transmits the CCMs with the RDI flag set to false.

Loss of Continuity

To display the current status of the CFM endpoints, use the following command:

switch# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: true, Last TX RDI set: 0:00:04 ago
 Remote MEP ID       Connectivity          Last LOC Detected    Last LOC Cleared
 ------------------- ------------------ ----------------------- ----------------
                2    unreachable                 0:00:04 ago               never

The remote MEP became unreachable and LOC occurred on the network. Since LOC exists for the connection, the TX RDI state returns true, meaning the local MEP transmits the CCMs with the RDI flag set to true.

Layer 3 Interface with LOC Enabled

Display information with the LOC action enabled and a Layer 3 interface detects it.

switch# show interfaces Ethernet1.1
Ethernet1.1 is up, line protocol is up (connected)
Hardware is Subinterface, address is 2cdd.e9c0.ed7b
Internet address is 1.0.1.1/24               
Broadcast address is 255.255.255.255
IPv6 link-local address is unassigned
IPv6 global unicast address(es):
     2002::100:101, subnet is 2002::100:100/120 [INACTIVE]
CFM connectivity status for IPv4, IPv6 is DOWN
IP MTU 1500 bytes (default), BW 100000000 kbit

LOC Recovery

Displays the status for the MEP as reachable, but LOC occurred at some point on the network.

switch# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1                
TX RDI state: false, Last TX RDI cleared: 0:00:01 ago
   Remote MEP ID    Connectivity          Last LOC Detected    Last LOC Cleared
 ------------------- ------------------ ----------------------- ----------------
                2    reachable                   0:05:09 ago         0:00:01 ago

Remote Defects for CFM

Shows the remote MEP as reachable, but other defects occurred for the local MEP. The detail option provides more information regarding the defects.

Arista# show cfm continuity-check end-point detail
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: false, Last TX RDI cleared: 0:00:01 ago
   Remote MEP ID    Connectivity          Last LOC Detected    Last LOC Cleared
  ------------------- ------------------ ----------------------- ----------------
                2    reachable                   0:05:09 ago         0:00:01 ago
                
Unknown RMEPs
MD Level  MAID   RMEP ID  Received   Error Status        First CCM received  Last CCM received 
—-------  —---   —------  —--------  —------------------ —-----------------  —----------------
1            4       5         100   MAID mismatch              0:05:09 ago         0:0:10 ago
1            1       5         100   Unconfigured RMEP          0:05:09 ago         0:0:10 ago
1            1       1         100   Duplicate RMEP             0:05:09 ago         0:0:10 ago

RDI Detected

RDI displays the status, undetected, and CCMs received from this remote MEP have the RDI flag set to true.

switch# show  cfm continuity-check end-point remote-defect
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up
Maintenance end point ID: 1, Interface: Ethernet1.1
RDI condition: undetected
TX RDI state: false, Last TX RDI cleared: never
      Remote MEP ID    RDI State           RDI Detected   RDI Cleared
  ------------------- ---------------- ------------------ -----------
                2      undetected                 never        never

RDI Undetected

RDI displays the status, undetected, and CCMs received from this remote MEP have the RDI flag set to false.

switch# show  cfm continuity-check end-point remote-defect
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up
Maintenance end point ID: 1, Interface: Ethernet1.1
RDI condition: detected, last detected 0:00:09 ago
TX RDI state: false, Last TX RDI cleared: never
   Remote MEP ID    RDI State           RDI Detected    RDI Cleared
  ------------------- ---------------- ------------------ -----------
                  2    detected            0:00:09 ago         never

RDI Recovered

RDI displays the status, undetected but recovered the connection.

switch# show  cfm continuity-check end-point remote-defect
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up
Maintenance end point ID: 1, Interface: Ethernet1.1
RDI condition: cleared, last detected 0:02:10 ago, last cleared 0:00:03 ago
TX RDI state: false, Last TX RDI cleared: never
      Remote MEP ID    RDI State          RDI Detected    RDI Cleared
  ------------------- ---------------- ------------------ -----------
                2      cleared             0:02:10 ago    0:00:03 ago

Continuity Check Counters (Software CFM)

The counters parameter displays relevant counters for software CFM configurations. This parameter displays the counters per MEP. Using the details option displays the counters for each interface VLAN in addition to the MEP configured on an interface VLAN.

switch# cfm continuity-check counters
Maintenance domain: aCWWbXp5Z7, Level: 4
Maintenance association: 9783
Maintenance end point ID: 1, Interface: Ethernet14/1, VLAN: 1756
Total TX packets: 296
Total TX packet failures: 0
Total RX packets: 296
Total RX packet discards: 0
RX - CCM packet parse errors: 0
RX - Domain name invalid: 0
RX - Association name invalid: 0
RX - Traffic direction mismatch: 0
RX - CCM interval invalid: 0
RX - Remote MEP ID invalid: 0
RX - Duplicate remote MEP: 0
RX - Unconfigured remote MEP: 0

Continuity Check Counters Details

This example adds the details parameter.

switch# show cfm continuity-check counters
Interface: Ethernet11/1, VLAN: 1176
Total TX packets: 373
Total TX packet failures: 0
Total RX packets: 372
Total RX packet discards: 0
RX - No MEP configured: 0
RX - Ethernet header parse errors: 0
RX - CFM header parse errors: 0
RX - Domain level mismatch: 0
RX - TLV offset invalid: 0
Maintenance domain: aCWWbXp5Z7, Level: 4
Maintenance association: 9783
Maintenance end point ID: 2, Interface: Ethernet11/1, VLAN: 1176
Total TX packets: 373
Total TX packet failures: 0
Total RX packets: 372
Total RX packet discards: 0
RX - CCM packet parse errors: 0
RX - Domain name invalid: 0
RX - Association name invalid: 0
RX - Traffic direction mismatch: 0
RX - CCM interval invalid: 0
RX - Remote MEP ID invalid: 0
RX - Duplicate remote MEP: 0
RX - Unconfigured remote MEP: 0

Ethernet OAM CFM Commands

Global Configuration Commands

Configuration Commands

cfm continuity-check
cfm domain
cfm measurement
cfm profile

Show Commands

show cfm continuity-check end-point
show cfm endpoint

Configuring Ethernet OAM Delay Measurement

Configuring the TCAM Profile for Delay Measurement

Add the CFM feature to the TCAM profile using the following commands:

switch(config)# hardware tcam
switch(config-tcam)# profile CFM copy default
switch(config-tcam-profile-CFM)# feature cfm
switch(config-tcam-feature-cfm)# packet non-ip forwarding bridged
switch(config-tcam-feature-cfm)# packet ipv4 forwarding bridged
switch(config-tcam-feature-cfm)# packet ipv6 forwarding bridged
switch(config-tcam-feature-cfm)# exit
switch(config-tcam-profile-CFM)# exit
switch(config-tcam)# system profile CFM-test

Configuring the Modular Database (MDB) Profile

Use the following command to set the MDB profile to balanced or balanced-xl:

switch(config)# platform sand mdb profile balanced-xl

The MDB profile provides a common database of forwarding and lookup resources to the ingress and egress stages on the switch.

Configuring Delay Measurement

To configure Delay Measurement, use the cfm command to enter CFM Configuration Mode.

switch(config)# cfm
switch(config-cfm)#

Use the following commands to configure a Delay Measurement profile, DMM, and add a single-ended transmitter on the switch:

switch(config-cfm)# profile DMM
switch(config-cfm-profile-DMM-profile)# measurement delay single-ended

This enables the transmission of Two-way or Single-ended DMM PDUs in proactive mode, the default mode for Delay Measurement.

Use the parameter, tx-interval to set the transmission time interval between DMM PDUs to 10000 milliseconds (10 seconds). Delay Measurement uses 1000 milliseconds (1 second) by default.

switch(config-cfm-profile-DMM-profile)# measurement delay tx-interval 10000 milliseconds

Configuring a Maintenance Domain (MD)

Ethernet OAM Delay Measurement supports up to eight (8) MDs. Use the following commands to add an MD, DMM-MD, with a maintenance level of 5, to the switch:

switch(config-cfm)# domain DMM-MD level 5
switch(config-cfm-md-DMM-MD)#

Configuring a Maintenance Association (MA)

Currently, EOS supports only the 2B integer format for a MA name. Use the following command to create an MA, DMM-Assoc, on the switch:

switch(config-cfm-md-DMM-MD)# association DMM-Assoc

Setting the Maintenance End Point (MEP) Direction

EOS supports both up and down MEPs. In this configuration, set the direction as up.

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc)# direction up

Adding a CFM Profile

Use the following command to add the CFM profile, DMM1, to the configuration:

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc)# profile DMM1

Configuring the Maintenance Association VLAN

For DMM support on subinterfaces with unmatched flexible encapsulation, the MA VLAN must be configured to specify the bridging domain for sending DMM packets. Use the following command to set the VLAN as 101:

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc)# VLAN 101

Configuring a Local MEP

Use the following command to set the local maintenance end point for DMM as 25:

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc-mep-25)# end-point 25

Setting the MEP Interface

EOS supports Layer 2 and LAG subinterfaces on up and down MEP direction and specifically supports Layer 3 and LAG for MEPs configured in the down direction. Use the following command to set the interface to Eth1/1:

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc-mep-25)# interface Eth1/1

Adding Remote MEPs

Delay Measurement requires Point-to-Point (P2P) Ethernet connectivity and a single remote MEP configured for a local MEP. Use the following command to add a remote MEP, 30, to the local MEP25:

switch(config-cfm-md-DMM-MD-ma-DMM-Assoc-mep-25)# remote end-point 30

Example Configuration

Configuring a Transmitter

The following commands use these parameters to configure a transmitter on switch1:

CFM Profile - DMM
Measurement Delay - single-ended
Transmit Time Interval - 1000 milliseconds
Local MEP - MEP1
Local MEP direction - up
Ethernet Interface - eth1/2.1
Maintenance Domain and level - Domain1 level 1
Maintenance Association - Assoc1
Remote MEP - MEP2

switch1(config)# cfm
switch1(config-cfm)# profile DMM
switch1(config-cfm-profile-dmm)# measurement delay singled-ended
switch1(config-cfm-profile-dmm)# measurement delay tx-interval 1000 milliseconds
switch1(config-cfm-profile-dmm)# exit
switch1(config-cfm)# domain Domain1 level 1
switch1(config-cfm-md-Domain1)# association Assoc1
switch1(config-cfm-md-Domain1-ma-Assoc1)# profile DMM
switch1(config-cfm-md-Domain1-ma-Assoc1)# direction up
switch1(config-cfm-md-Domain1-ma-Assoc1)# end-point MEP1
switch1(config-cfm-md-Domain1-ma-Assoc1-MEP1)# remote end-point MEP2
switch1(config-cfm-md-Domain1-ma-Assoc1-MEP1)# interface et1.1.2

Configuring a Responder

The following commands use these parameters to configure a responder on switch2:

Local MEP - MEP2
Local MEP direction - up
Ethernet Interface - eth2/1.1
Maintenance Domain and level - Domain1 level 1
Maintenance Association - Assoc1
Remote MEP - MEP1

switch2(config-cfm)# domain Domain1 level 1
switch2(config-cfm-md-Domain1)# association Assoc1
switch2(config-cfm-md-Domain1-ma-Assoc1)# direction up
switch2(config-cfm-md-Domain1-ma-Assoc1)# end-point MEP2
switch2(config-cfm-md-Domain1-ma-Assoc1-MEP2)# remote end-point MEP1
switch2(config-cfm-md-Domain1-ma-Assoc1-MEP2)# interface et2/1.1

If you have an Arista device and want to configure it as the responder, then configure only the local MEP and the remote MEP on the switch. An Arista device does not require Delay Measurement configuration as a responder.

Displaying Ethernet OAM Delay Measurement Information

Execute the show cfm measurement delay proactive command on the transmitter switch to display the Delay Measurement configuration:

switch1# show cfm measurement delay proactive
Maintenance domain: Domain1
Maintenance association: Assoc1, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: MEP1, Interface: Ethernet1/2.1
Remote MEP ID: MEP2, Status: enabled
Start time: 0:00:01 ago
Number of samples: 2
Average two-way delay: 315 usec
Average two-way delay variation: 4 usec
Best case two-way delay: 310 usec at 0:00:01 ago
Worst case two-way delay: 320 usec at 0:00:00 ago

Execute the show cfm measurement delay proactive detail command on the transmitter switch to display detailed information about the Delay Measurement configuration:

switch1# show cfm measurement delay proactive detail
Maintenance domain: Domain1
Maintenance association: Assoc1, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: MEP1, Interface: Ethernet1/2.1
Remote MEP ID: MEP2, Status: enabled
Start time: 0:01:22 ago
Number of samples: 83
Average two-way delay: 320 usec
Average two-way delay variation: 20 usec
Best case two-way delay: 264 usec at 0:00:07 ago
Worst case two-way delay: 395 usec at 0:00:34 ago
Index    Two-way Delay (usec)
----------- --------------------
 1                       305.178
 2                       306.878
 3                       283.742
 4                       349.322
 5                       291.718
 6                       305.607
 7                       317.472
 8                       264.792
 9                       311.296
10                       328.36

Configuring Ethernet OAM Loss Measurement

Configuring the TCAM Profile for Loss Measurement

Add the CFM feature to the TCAM profile using the following commands:

switch(config)# hardware tcam
switch(config-tcam)# profile CFM copy default
switch(config-tcam-profile-CFM)# feature cfm
switch(config-tcam-feature-cfm)# packet non-ip forwarding bridged
switch(config-tcam-feature-cfm)# packet ipv4 forwarding bridged
switch(config-tcam-feature-cfm)# packet ipv6 forwarding bridged
switch(config-tcam-feature-cfm)# exit
switch(config-tcam-profile-CFM)# exit
switch(config-tcam)# system profile CFM-test

Configuring the Modular Database (MDB) Profile

Use the following command to set the MDB profile to balanced or balanced-xl:

switch(config)# platform sand mdb profile balanced-xl

The MDB profile provides a common database of forwarding and lookup resources to the ingress and egress stages on the switch.

Configuring Loss Measurement

To configure Loss Measurement, use the cfm command to enter CFM Configuration Mode.

switch(config)# cfm
switch(config-cfm)#

Use the following command to enable loss measurement on the Initiator and the Responder:

switch(config)# measurement loss inband

Use the following command to enable synthetic loss measurement on the Initiator and the Responder:

switch(config)# measurement loss synthetic

Configuring a Maintenance Domain (MD)

Ethernet OAM Loss Measurement supports up to eight (8) MDs. Use the following commands to add an MD, LM-MD, with a maintenance level of 5, to the switch:

switch(config-cfm)# domain LM-MD level 5
switch(config-cfm-md-LM-MD)#

Configuring a Maintenance Association (MA)

Currently, EOS supports only the 2B integer format for a MA name. Use the following command to create an MA, LM-Assoc, on the switch:

switch(config-cfm-md-LM-MD)# association LM-Assoc

Configuring the Maintenance Association VLAN

switch(config-cfm-md-LM-MD-ma-LM-Assoc)# VLAN 101

Adding Remote MEPs

Loss Measurement requires Point-to-Point (P2P) Ethernet connectivity and a single remote MEP configured for a local MEP. Use the following command to add a remote MEP, 30,

switch(config-cfm-md-LM-MD-ma-LM-Assoc)# remote end-point 30

Adding a Remote MEP MAC Address

Configure a MAC address, 30, for the remote MEP, 08:65:18:9C:F3:C5:

switch(config-cfm-md-LM-MD-ma-DMM-Assoc-mep-30)# mac address 08:65:18:9C:F3:C5

Configuring the CFM Profile on the Initiator

Use the following commands to configure a Loss Measurement profile on the Initiator, LMM, and add a single-ended Initiator on the switch:

switch(config-cfm)# profile LMM
switch(config-cfm-profile-LMM)# measurement loss single-ended

This enables the transmission of Two-way or Single-ended LMM PDUs in proactive mode, the default mode for Loss Measurement.

Use the parameter, tx-interval to set the transmission time interval between LM PDUs to 10000 milliseconds (10 seconds). Loss Measurement uses 1000 milliseconds (1 second) by default.

switch(config-cfm-profile-LMM)# measurement loss tx-interval 10000 milliseconds

Configuring the CoS Value for LMM

Set the Class of Service (CoS) for transmitted frames. By default, LMM uses a CoS value of 7 for LMM frames.

switch(config-cfm-profile-LMM)# measurement loss tx-interval cos 0

Configuring Synthetic Loss Measurement on the Initiator

Use the following commands to configure a Synthetic Loss Measurement profile on the Initiator, SLM, and add a single-ended Initiator on the switch:

switch(config-cfm)# profile SLM
switch(config-cfm-profile-SLM)# measurement loss synthetic single-ended

Use the parameter, tx-interval to set the transmission time interval between LM PDUs to 10 milliseconds. Synthetic Loss Measurement uses 1000 milliseconds (1 second) by default.

switch(config-cfm-profile-SLM)# measurement loss synthetic tx-interval 10 milliseconds

Set the SLM transmission period, the time interval to compute loss from transmitted synthetic frames, to 10 milliseconds:

switch(config-cfm-profile-SLM)# measurement loss synthetic tx-interval 10 milliseconds period 10

Displaying Ethernet OAM Loss Measurement Information

Use the show cfm measurement loss proactive to display information about Loss Measurement:

switch(config)# show cfm measurement loss proactive
Maintenance domain: EZUTUOu3JG, Level: 5
Maintenance association: 3967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet14/1.4097
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:27 ago
Number of samples: 87
Average far-end frame loss: 0
Average near-end frame Loss: 0

Maintenance domain: EZUTUOu3JG, Level: 5
Maintenance association: 3967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 2, Interface: Ethernet14/1.4098
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:27 ago
Number of samples: 87
Average far-end frame loss: 0
Average near-end frame Loss: 0

Use the show cfm measurement loss synthetic proactive command to display information about Synthetic Loss Management:

switch(config)# show cfm measurement loss synthetic proactive
Maintenance domain: CPASIYdcnN, Level: 3
Maintenance association: 4967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet20/1.4095, COS: 2
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance end point ID: 1, Interface: Ethernet20/1.4095, COS: 5
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance domain: CPASIYdcnN, Level: 3
Maintenance association: 4967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 2, Interface: Ethernet20/1.4096, COS: 2
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance end point ID: 2, Interface: Ethernet20/1.4096, COS: 5
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000

Configuring Hardware TCAM

Ternary Content-Addressable Memory (TCAM) is a specialized type of high-speed memory that increases the speed of route look-up, packet classification, packet forwarding, and access control list-based commands.

You can use the hardware tcam command to configure and place the switch in TCAM mode. In this mode the user can configure a few TCAM-related commands such as feature, profile, and system.

In TCAM mode, use the feature command to configure the reservation of TCAM banks for features such as ACL, IPsec, flow-spec, l2-protocol, PBR, QoS, TCP-MSS-ceiling, and traffic-policy. The profile command configures a new TCAM profile, or you can just copy a TCAM profile which is already created using the hardware tcam profile command: default, mirroring-acl, pbr-match-nexthop-group, qos, tap-aggregation-default, tap-aggregation-extended, tc-counters, test, VXLAN-routing. Similarly, the system command configures the system-wide TCAM profiles.

Example

This command places the switch into TCAM configuration mode.

switch(config)# hardware tcam
switch(config-hw-tcam)#

This is the list of the configuration commands in TCAM mode.

Examples

This command allows the switch to configure a TCAM feature.

switch(config)# hardware tcam
switch(config-hw-tcam)# feature

This command allows the switch to configure a TCAM profile.

switch(config)# hardware tcam
switch(config-hw-tcam)# profile

This command allows the switch to configure a TCAM system profile.
```
switch(config)# hardware tcam
switch(config-hw-tcam)# system
```

CPU Traffic Policy

Create a TCAM profile to enable actions such as permit, deny, and police in hardware before the traffic gets to the kernel for processing. The action is taken based on IP packet header information such as DSCP, L4 port values, fragmentation bits, etc.

TCAM Profile Example

The following file extract displays an example of a TCAM profile, cpu-traffic-policy, with features configured to enable CPU traffic policy.

hardware tcam
   profile cpu-traffic-policy
      feature acl port ip
         sequence 45
         key size limit 160
         key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip tcp-control ttl
         action count drop
         packet ipv4 forwarding bridged
         packet ipv4 forwarding routed
         packet ipv4 forwarding routed multicast
         packet ipv4 mpls ipv4 forwarding mpls decap
         packet ipv4 mpls ipv6 forwarding mpls decap
         packet ipv4 non-VXLAN forwarding routed decap
         packet ipv4 VXLAN eth ipv4 forwarding routed decap
         packet ipv4 VXLAN forwarding bridged decap
      feature acl port ipv6
         sequence 25
         key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-ops-3b l4-src-port src-ipv6-high src-ipv6-low tcp-control
         action count drop mirror
         packet ipv6 forwarding bridged
         packet ipv6 forwarding routed
         packet ipv6 forwarding routed multicast
         packet ipv6 ipv6 forwarding routed decap
      feature acl subintf ip
         sequence 40
         key size limit 160
         key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops-18b l4-src-port src-ip tcp-control ttl
         action count drop mirror
         packet ipv4 forwarding routed
      feature acl subintf ipv6
         sequence 15
         key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low tcp-control
         action count drop mirror redirect
         packet ipv6 forwarding routed
      feature counter lfib
         sequence 85
      feature mpls
         sequence 5
         key size limit 160
         action drop redirect set-ecn
         packet ipv4 mpls ipv4 forwarding mpls decap
         packet ipv4 mpls ipv6 forwarding mpls decap
         packet mpls ipv4 forwarding mpls
         packet mpls ipv6 forwarding mpls
         packet mpls non-ip forwarding mpls
      feature mpls pop ingress
         sequence 90
      feature pbr mpls
         sequence 65
         key size limit 160
         key field mpls-inner-ip-tos
         action count drop redirect
         packet mpls ipv4 forwarding mpls
         packet mpls ipv6 forwarding mpls
         packet mpls non-ip forwarding mpls
      feature qos ip
         sequence 75
         key size limit 160
         key field dscp dst-ip ip-frag ip-protocol l4-dst-port l4-ops l4-src-port src-ip
         action set-dscp set-policer set-tc
         packet ipv4 forwarding routed
         packet ipv4 forwarding routed multicast
         packet ipv4 mpls ipv4 forwarding mpls decap
         packet ipv4 mpls ipv6 forwarding mpls decap
         packet ipv4 non-VXLAN forwarding routed decap
      feature qos ipv6
         sequence 70
         key field dst-ipv6 ipv6-next-header ipv6-traffic-class l4-dst-port l4-src-port src-ipv6-high src-ipv6-low
         action set-dscp set-policer set-tct
         packet ipv6 forwarding routed
      feature traffic-policy cpu ipv4
         sequence 1
         key size limit 160
         key field dst-ip ip-frag ip-protocol l4-dst-port l4-src-port src-ip
         action count set-drop-precedence set-policer
      feature traffic-policy cpu ipv6
         sequence 2
         key field dst-ipv6 ipv6-next-header l4-dst-port l4-src-port src-ipv6-high src-ipv6-low
         action count set-drop-precedence set-policer
   system profile cpu-traffic-policy

Configuring the Policy

The following command configures a cpu traffic-policy under the traffic-policies global configuration mode.

traffic-policies
  cpu traffic-policy <name> vrf <vrf-list>
  traffic-policy <name>
    match <rule-name> <ipv4 | ipv6> [ <after | before> <rule-name> ]         
      source prefix       A.B.C.D/E [ A.B.C.D/E ]
      destination prefix  A.B.C.D/E [ A.B.C.D/E ]
      protocol <protocol-list> | {tcp,udp}
                          [ source port <port-list> | 
                                        field-set <port-set-name> ] |
                          [ destination port <port-list> |
                                        field-set <port-set-name> ]
      actions
         drop
         police rate <rate> <unit>
         count

The following command applies a policy to all the VRFs. The policy is applied to all the interfaces belonging to each VRF.

traffic-policies
  cpu traffic-policy <name> vrf all

Default Rules

The ipv4-all-default and ipv6-all-default rules are programmed by default and cannot be reordered or removed. Only the associated action can be changed. The permit rule is never installed and is the default action for packet processing.

Examples

L3 Protocol Match Criteria (protocol neighbors bgp)

The following example displays the configuration of a profile to match a set of configured protocol peers, allowing only TCP traffic from those BGP peers.

traffic-policies
  cpu traffic-policy <name> vrf <vrf-list>
  traffic-policy <name>
    match <rule-name> <ipv4 | ipv6> [ <after | before> <rule-name> ]         
      source prefix       A.B.C.D/E [ A.B.C.D/E ]
      destination prefix  A.B.C.D/E [ A.B.C.D/E ]
      protocol <protocol-list> | {tcp,udp}
                          [ source port <port-list> | 
                                        field-set <port-set-name> ] |
                          [ destination port <port-list> |
                                        field-set <port-set-name> ]
      actions
         drop
         police rate <rate> <unit>
         count

traffic-policies
  cpu traffic-policy <traffic-policy-name> vrf all
    match <rule-name> <ipv4 | ipv6> [ <after | before> <rule-name> ]        
      protocol neighbors bgp
      actions
         drop

traffic-policies
   cpu traffic-policy foo vrf all
      traffic-policy foo
         match BGP ipv4
            protocol neighbors bgp

The following policy permits dynamic peers from the listen-range 2.0.0.0/24 and all IPv6 BGP LL peers.

traffic-policies
   traffic-policy cpuPolicy
      match BGP ipv4
         protocol neighbors bgp
      match BGP-DYN ipv4
         source prefix 2.0.0.0/24
      match BGP-LL ipv6
         source prefix fe80::/64

Note: Configuring any match criteria will result in a CLI error when combined with the protocol neighbor bgp match criteria as these conflict with the expanded BGP rules.

The following displays error messages with conflicting configurations.

traffic-policies
   traffic-policy cpuPolicy
      match BGP ipv4
         protocol neighbors bgp
         source prefix 1.0.0.1/32
! The ‘source prefix’ subcommand is not supported when the ‘protocol neighbors’ subcommand is configured.

traffic-policies
   traffic-policy cpuPolicy
      match BGP ipv4
         source prefix 1.0.0.1/32
         protocol neighbors bgp
! The ‘protocol neighbors’ subcommand is not supported when any other match subcommands are configured.

Disable the ability to add implicit rules matching on fragmented packets:

switch(config-traffic-policies)# cpu traffic-policy fragment implicit-permit disabled.

Deny other BGP Traffic

The following example displays a policy to permit BGP and BFD sessions with management IPv4 addresses. This policy is inadequate/non optimal as it attempts to create BGP sessions (for example) from 1.0.0.0/24 which pass through this policy unfiltered.

traffic-policies
   cpu traffic-policy CPU vrf all   
   traffic-policy CPU
      match BGP ipv4
         protocol neighbors bgp
      match BFD ipv4
         source address 1.0.0.0/24 1.0.1.0/24 1.0.4.0/24
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

The following example displays a policy to permit (or drop) specific BGP and BFD sessions with management IPv4 addresses. This policy is more granular than the previous one and easier to implement for administrators.

traffic-policies
   cpu traffic-policy CPU
   traffic-policy CPU
      match BGP ipv4
         protocol neighbors bgp
      match BGP-REST ipv4
         protocol tcp udp destination port 179
         actions
            drop
      match BFD ipv4
         source address 1.0.0.0/24 1.0.1.0/24 1.0.4.0/24
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

The following example also shows a policy to permit (or drop) specific BGP and BFD sessions with management IPv4 addresses. This policy is also granular and easier to implement for administrators. The clause matches any inbound traffic destined for the configured BGP port(s).

traffic-policies
   cpu traffic-policy CPU
   traffic-policy CPU
      match BGP ipv4
         protocol neighbors bgp
      match BGP-REST ipv4
         protocol bgp
         actions
            drop
      match BFD ipv4
         source address 1.0.0.0/24 1.0.1.0/24 1.0.4.0/24
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

Actions

Drop: the packet is discarded on a match

Police: tracks the usage of each BGP neighbor and holds it to a maximum rate.

The police rate <rate-value> [rate-unit] command sets the policing rate. The optional rate-unit values are bps, kbps (default), mbps, and gbps. The following example configures a policing rate of 15 kbps for each BGP neighbor.

traffic-policies
   cpu traffic-policy CPU vrf all
   traffic-policy CPU
      match BGP ipv4
         protocol neighbors bgp
         actions
            police rate 15 kbps

Count

The following example enables counters for the CPU traffic policy to count all packets matching the rule in which the count action is configured.

no hardware counter feature acl out <address-family>

hardware counter feature traffic-policy cpu

traffic-policies
   cpu traffic-policy CPU vrf all
   traffic-policy CPU
      match BGP ipv4
         protocol neighbors bgp
         actions
            count

Use-case Scenarios

Securing BGP Neighbors

The following implements a policy to secure BGP neighbors.

traffic-policies
   cpu traffic-policy CPU-DEFAULT vrf all
   traffic-policy CPU-DEFAULT
      match ICMPV6 ipv6
         protocol icmpv6
      match BGP ipv4
         protocol neighbors bgp
      match BGP-OTHER ipv4
         protocol bgp
         actions
            drop
      match BGP6 ipv6
         protocol neighbors bgp
      match BGP-OTHER6 ipv6
         protocol bgp
         actions
            drop
      match OSPF ipv4
         protocol ospf
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

Whitelist BFD Neighbors (not neighbor-specific)

Add the following rule to permit BFD neighbors.

traffic-policies
   traffic-policy CPU-DEFAULT
      match BFD-DPORT ipv4
         protocol udp destination port 3784-3785
      match BFD-SPORT ipv4
         protocol udp source port 49152
      match BFD-DPORT6 ipv6
         protocol udp destination port 3784-3785
      match BFD-SPORT6 ipv6
         protocol udp source port 49152
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

Whitelist a few Common Control-plane Protocols and Deny others

Add the following rule to permit protocols such as ICMPv6 while denying others.

traffic-policies
   cpu traffic-policy CPU-DEFAULT vrf all
   traffic-policy CPU-DEFAULT
      match ICMPV6 ipv6
         protocol icmpv6
      match BGP ipv4
         protocol neighbors bgp
      match BGP-OTHER ipv4
         protocol bgp
         actions
            drop
      match BGP6 ipv6
         protocol neighbors bgp
      match BGP-OTHER6 ipv6
         protocol bgp
         actions
            drop
      match OSPF ipv4
         protocol ospf
      match PIM4 ipv4
         protocol pim
      match PIM6 ipv6
         protocol pim
      match ipv4-all-default ipv4
         actions
            drop
      match ipv6-all-default ipv6
         actions
            drop

URL-based Field Sets in Traffic Policy

Overview

Using field sets in Traffic Policies allows you to easily reuse groups of prefixes, ports, and VLAN IDs in multiple rules without copying and pasting the configuration to each rule. The number of entries in a field set could be a very large number up to hundreds of thousands entries. Loading a large configuration can be costly in terms of time and length of output. Using a URL-based approach allows you to use multiple field sets in a URL and update the entries in a single location.

The field sets update when exiting from the traffic-policies configuration mode or manually using the refresh traffic-policy field-set command.

Configuring URL-based Field Sets for Traffic Policies

Use the following commands to configure a URL-based field set for an IPv4 field set:

switch(configure)# traffic-policies
switch(config-traffic-policies)# field-set ipv4 prefix mybigfieldset 10.0.0.0/8
switch(config-traffic-policies-field-set-ipv4-mybigfieldset)# source http://10.0.0.1/mybigfieldset.txt

IPv4 addresses can use the format A.B.C.D or A.B.C.C/E. IPv6 addresses can use the format A:B:C:D:E:F:G:H or A:B:C:D:E:F:G:H/I.

Use the parameter except to create exceptions for specific IPv4 addresses:

switch(config-traffic-policies-field-set-ipv4-mybigfieldset)# 10.0.0.0/8 except 10.0.0.21

Use the parameter remove to remove IP prefixes from the IP prefix set:

switch(config-traffic-policies-field-set-ipv4-mybigfieldset)# remove 10.0.0.0/8

Add your URL location to the configuration in one of the following formats:

and-results - AND option to join two field sets together.
bgp - Provide a list of BGP prefixes.
file: - Use local URL to load the field set entries.
flash: - Use the local URL from a flash drive and add the field set entries.
http: - Use a remote URL to load the field set entries.
https: - Use a remote URL to load the field set entries
scp: - Use a remote URL to load the field set entries.
static - Configure a static entry for field sets.

Configuring Dynamic Link Flap Damping

To configure Dynamic Link Flap Damping, create profiles and then apply the profiles to interfaces. A profile contains the following set of configurable parameters required by the damping algorithm:

Remote Fault Penalty
Local Fault Penalty
Maximum Threshold
Suppress Threshold
Reuse Threshold
Demerit Half Life Time

Configuring Link Flap Damping Profiles

To create a new damping profile or modify an existing profile, use the monitor link-flap policy command to enter the damping profile configuration mode.

Example

Use the following commands to configure a damping profile, MyDampingProfile:

switch(config)# monitor link-flap policy
switch(config-link-flap)# profile MyDampingProfile damping
switch(config-link-flap-damping-profile-MyDampingProfile)# penalty mac fault local 1500
switch(config-link-flap-damping-profile-MyDampingProfile)# penalty mac fault remote 1800
switch(config-link-flap-damping-profile-MyDampingProfile)# penalty threshold reuse 800 suppression 2200 maximum 15000
switch(config-link-flap-damping-profile-MyDampingProfile)# penalty decay half-life 90 seconds

Applying Damping Profiles to Interfaces

Apply the configured damping profiles to interfaces or to groups of interfaces on the switch using one of two methods:

Create a damping profile and assign it to an interface or a group of interfaces.
Create a damping profile and designate it as the default profile. This profile automatically applies to all interfaces without Link Flap Damping explicitly disabled that do not have damping profiles assigned to them.

Example

To apply the damping profile, MyDampingProfile, to the interface, Ethernet3/9/1, use the following commands:

switch(config)# interface Ethernet3/9/1
switch(config-if-Et3/9/1)# monitor link-flap profiles MyDampingProfile

Assign multiple profiles to an interface using the following command:

switch(config)# interface Ethernet3/9/1
switch(config-if-Et3/9/1)# monitor link-flap profiles dp1 dp2 dp3

Any of the profiles can assign the damped state to the interface. The interface stays in the damped state if one of the profiles assigned to it assigns the damped state to it.

To remove all profiles from the interface, use the following commands:

switch(config)# interface Ethernet3/9/1
switch(config-if-Et3/9/1)# no monitor link-flap profiles

Adding Default Damping Profiles

Configure one or more damping profiles as default profiles on the switch. Profiles automatically apply to all interfaces on the switch without damping profiles that do not explicitly disable Link Flap Damping. Default profiles also apply to interfaces subsequently added to the switch.

Examples

Use the following commands to set a damping profile or group of profiles as the default damping profile on the switch:

switch(config)# monitor link-flap policy
switch(config-link-flap)# default-profiles dp1 dp2 dp5

To remove the default profiles, use the following commands:

switch(config)# monitor link-flap policy
switch(config-link-flap)# no default-profiles

Enabling and Disabling Link Flap Damping

Link Flap Damping can be enabled or disabled on a per-interface basis.

Examples

To enable Link Flap Damping on interface, Ethernet3/9/1, use the following commands:

switch(config)# interface Ethernet3/9/1
switch(config-if-Et3/9/1)# default monitor link-flap

To disable Link Flap Damping on interface, Ethernet3/9/1, use the following commands:

switch(config)# interface Ethernet3/9/1
switch(config-if-Et3/9/1)# no monitor link-flap

Displaying Dynamic Link Flap Damping

To display the current status of all interfaces enabled with Link Flap Damping, use the show interface link-flap damping command:

Example

switch(config)# show interface link-flap damping
Interface  Profile       Penalty  Suppressed           Re-use
---------- ------------- -------- -------------------  -------------------
Ethernet1  TestProfile1  2000     2023-10-24 18:47:00  2023-10-24 18:48:25
Ethernet1  TestProfile2  0
Ethernet3  TestProfile1  2500     2023-10-24 18:46:59  2023-10-24 18:48:43
Ethernet3  TestProfile2  300

The output displays the following information about Link Flap Damping:

Interface - The name of interfaces with one or more damping profiles assigned to them. An interface may be displayed more than once if it gets assigned multiple profiles.
Profile - The name of the assigned profile on the interface
Penalty - The current Damping Demerit value assigned to the profile.
Suppressed - The timestamp when the profile placed the interface into damped state. If not in damped state, no information is displayed for the interface.
Re-use - The timestamp when the profile releases the interface from the damped state if no further link flapping is detected on the interface.

Displaying the Interface Status

Use the show interfaces status command to display the status of interfaces on the switch. When configured on an interface, Link Flap Damping information is displayed in the output of the command.

Example

switch(config)# show interfaces Ethernet3/9/1 status
Port       Name   Status       Vlan     Duplex Speed  Type         Flags Encapsulation
Et3/9/1           notconnect   1        full   100G   100GBASE-CR4 d                 
                        
  Flags : m - Under Maintenance
  v - Violating traffic threshold
  d - Interface state is damped

TCAM Profile for Configurable Port Qualifier Sizing

You can create a TCAM profile from scratch, or changes can be added to a copy of the default TCAM profile. When creating a profile from scratch, care must be taken to ensure that all needed TCAM features are included in the profile.

Modifying a Default TCAM Profile to allow Dynamic Sizing for ACL Labels

The following commands create a copy of the default TCAM profile, name it port-qualifier-size, and configure it to support a 6-bit dynamic sizing for ACL labels for IPKGV. After the profile has been created, it can be applied to the system.

switch(config)# hardware tcam
switch(config-hw-tcam)# profile port-qualifier-size copy default
switch(config-hw-tcam-profile-port-qualifier-size)# feature port-qualifier-size ip copy 
system-feature-source-profile
switch(config-hw-tcam-profile-port-qualifier-size-feature-port-qualifier-size)# port-qualifier-size 6
switch(config-hw-tcam-profile-port-qualifier-size-feature-port-qualifier-size)# exit
switch(config-hw-tcam-profile-port-qualifier-size)# feature acl port ip
switch(config-hw-tcam-profile-port-qualifier-size)# exit
switch(config-hw-tcam)# exit
switch(config)#

Verifying the Configuration of Dynamic Qualifier Size

The following command verifies the configuration.

switch# show running-config
hardware tcam
   profile port-qualifier-size
      feature acl port ip
         port qualifier size 6 bits

Verifying the Configuration of System Profile

You can use the following command to verify the system profile was configured and applied successfully. The profile name appears in both the Configuration and Status columns.

switch# show harware tcam profile
              Configuration               Status
Linecard1     port-qualifier-size         port-qualifier-size
Linecard2     port-qualifier-size         port-qualifier-size
Linecard3     port-qualifier-size         port-qualifier-size

When the profile is not applied correctly, the Status column shows ERROR.

switch# show harware tcam profile
                Configuration              Status
Linecard1       port-qualifier-size        ERROR
Linecard2       port-qualifier-size        ERROR
Linecard3       port-qualifier-size        ERROR

Note: The packet type, the key field must be set. The dynamic qualifier size can be set for ACL. Not all hardware platforms support this feature. Modular systems require all line cards to support this feature for the profile to be applicable.

Internet Control Message Protocol (ICMP) Probing

ICMP probing provides a method of querying interface status from an ARP or Neighbor Discovery table remotely. It uses a request and a response protocol, similar to ping, but instead of simply responding to the request, the response returns information about a local interface or a remote neighbor. ICMP probing sends the request to the proxy node which can be identified by an interface index, interface name, or an IP address. A neighbor adjacent to the proxy node can be identified by the IP address.

Configuring ICMP Probing

Configure ICMP probing using the Router General Configuration Mode to add the functionality to the switch.

switch(config)# router general
switch(config-router-general)# icmp probe
switch(config-router-general-icmp-probe)# probe vrf default
switch(config-router-general-icmp-probe)# query-types all

The ICMP probing responds all probing requests on the default VRF. Permit each query type using the following parameters:

addr - Allow query by interface address.
all - Allow all query types.
ifindex - Allow query by interface address.
ifname - Allow query by interface name.
remote - Allow query by remote node address.

EOS permits probe requests using the default control plane ACL. To add limitations to the control plane ACL that permits or denies probe requests, use the parameter icmp-extended-echo.

Example

To allow probe requests from only the subnet 10.255.0.0/24, use the following commands:

switch(config-acl-control-plane)# permit icmp 10.255.0.0/24 any extended-echo-request
switch(config-acl-control-plane)# deny icmp any any extended-echo-request

Sending ICMP Probe Requests

To send a probe request to a remote system, use the probe execute command. Specify the destination and the identification of the interface or remote neighbor to probe. Additional parameters identify the probe target such as an interface local to the proxy node or a neighbor adjacent to the proxy node. Use IPv4 or IPv6 addresses, the interface index, or the interface name to specify the local host. Specify a remote neighbor using an IPv4 or IPv6 address. to specify a local inter

switch# probe 10.255.1.1

Additional parameters can be specified including the following:

interval - Specify the interval between probe messages..
repeat - Specify the number of times to send the probe message.
source - Specify the source address or choose an address from the specified interface.

Example

To send a probe to 10.255.1.1 with an interface index of 1, use the following command:

switch> probe 10.255.1.1 ifindex 1
PROBE 10.255.1.1 ifIndex 1 
Interface active with IPv4 configured from 10.255.1.1: icmp_seq=0 time=0.680 ms
Interface active with IPv4 configured from 10.255.1.1: icmp_seq=1 time=0.477 ms
Interface active with IPv4 configured from 10.255.1.1: icmp_seq=2 time=0.362 ms
--- 10.255.1.1 PROBE statistics ---
3 packets transmitted, 3 received, 0% packet loss
3 (100%) successful probes
3 (100%) Interface active with IPv4 configured

Displaying ICMP Probing Information

The show icmp probe command displays the following information:

switch# show icmp probe
VRF default:
Probe responses are enabled
Query types allowed: ifname, ifindex, addr, remote

PROBE requests received: 0
PROBE requests dropped due to size of queue: 0
PROBE responses sent: 0
PROBE requests received but too short: 0
PROBE requests received with an incorrect ICMP checksum: 0
PROBE requests received with a malformed ICMP extension header: 0
PROBE requests received with an incorrect ICMP extension checksum: 0
PROBE requests received with a bad ICMP extension object: 0
PROBE requests received with a request type that is not allowed: 0
PROBE requests for which we could not determine the interface: 0
PROBE requests which requested an interface in a different VRF: 0
PROBE requests for a remote node but specify an interface name or index: 0
PROBE responses that could not be sent due to a socket error: 0
The most recent socket error when sending a response: none

The first section displays the status as the location of the VRF with probe responses enable and the types of permitted queries.

The second section displays the counters for probe requests received from a client and the failure reason when not generating a successful response.

Ethernet Configuration Commands

Global Configuration Commands

clear counters
clear VXLAN counters
hardware port-group
hardware counter feature
hardware counter feature in (DCS-7050x, 7350x, 7300x)
hardware tcam
interface ethernet
interface ethernet create
interface management
monitor ethernet oam
monitor link-flap policy default-profiles
monitor link-flap policy profile damping
traffic-policies field-set
transceiver channel
transceiver qsfp default-mode

EOAM Configuration Commands

link-error
monitor ethernet oam profile
profile

Connectivity Fault Management (CFM) Commands

cfm
cfm continuity-check
cfm domain
cfm measurement
cfm measurement delay
cfm measurement loss
cfm profile
show cfm continuity-check end-point
show cfm endpoint
show cfm measurement delay proactive
show cfm measurement loss proactive

Hardware TCAM Commands

feature
system

Ethernet and Management Interfaces Commands

flowcontrol receive
flowcontrol send
link-debounce
mac-address
poe disabled
poe legacy detect
poe limit
power budget
power budget exceed action (warning | hold-down)
speed

Link-error Configuration Commands

action
period
phy link detection aggressive
recovery-time
threshold

Link-Flap Damping Profile Configuration Commands

penalty mac fault
penalty threshold

Traffic Policies Commands

refresh traffic-policy field-set
traffic-policies field-set

Interface Display Commands

show hardware counter
show hardware port-group
show hardware system forwarding-chips
show interface counters
show interfaces counters
show interfaces counters bins
show interfaces counters errors
show interfaces counters ip
show interfaces counters queue
show interfaces counters rates
show interfaces flow-control
show interfaces hardware
show interfaces hardware default
show interfaces interactions
show interface link-flap damping
show interfaces negotiation
show interfaces phy
show interfaces status
show interfaces status errdisabled
show interfaces transceiver
show interfaces transceiver channels
show interfaces transceiver hardware
show interfaces transceiver properties
show monitor ethernet oam profile
show platform fm6000 agileport map
show platform trident flexcounters
show platform trident flexcounters l3intf
show poe
show route counters
show VXLAN counters vni

400GBASE-ZR Transceivers Display Commands

show interface transceiver dom
show interface transceiver eeprom
show transceiver status interface

Shared Support across Multiple Subinterfaces Commands

qos scheduling
show qos scheduling

action

The action command configures the link monitoring action that is specified for the link fault signaling event.

The no actioncommand removes the action type specified for the chosen link fault signaling. The default action command configures the link monitoring action as system log type.

Command Mode

Link-error Configuration

Command Syntax

{fcs | symbol} action [linkfault | errdisable | log]

no {fcs | symbol} action [linkfault | errdisable | log]

default {fcs | symbol} action [linkfault | errdisable | log]

Parameters

fcs Inbound packets with frame check sequence (FCS) error.
symbol Inbound packets with symbol error.
linkfault The link fault action type.
errdisable The errdisable action type.
log The system log action type.

Related Commands

period
threshold

Example

These commands set the errdisable action for symbol error in link-error configuration mode in profile profile1.

switch(config)# monitor ethernet oam
switch(config-eoam)# profile profile1
switch(config-eoam-profile-profile1)# link-error
switch(config-eoam-profile-profile1-link-error)# symbol action errdisable

clear counters

The clear counters command in privileged EXEC mode resets the counters to zero for the specified interfaces including VLAN interfaces, sub-Interfaces, and GRE tunnel interfaces.

Command Mode

Privileged EXEC

Command Syntax

clear counters [vlan vlanId | tunnel tunnelID][[route][ipv4 | ipv6][vrf]]

Parameters

vlan vlanId Clears the VLAN Interface and subinterface Ingress and Egress counters.
tunnel tunnelID Clears the counters only for the specified tunnel.
routeClears the route counters.
- ipv4 Allows targeting the clearing of IPv4 route counters.
- ipv6 Allows targeting the clearing of IPv6 route counters.
vrf Allows specifying a VRF to only clear the route counters for that VRF.

Examples

Clears the VLAN interface and subinterface ingress and egress counters.
```
switch# clear counters vlan vlanId
```
Clears the GRE tunnel interface ingress and egress counters.
```
switch# clear counters tunnel tunnelId
```

clear VXLAN counters

Use the clear VXLAN counters command to clear the VXLAN encapsulation and decapsulation counters.

Command Mode

EXEC

Command Syntax

clear VXLAN counters [[vni | [vtep [vtep-ip-address | unlearnt]]]

Parameters

vni Clears the VXLAN counters.
vtep Clears the VTEP counters.
- vtep-ip-address Clears the counters for the specified VTEP.
- unlearnt Clears the counters for unlearned VTEPs. Unlearned VTEPs track the counts of packets the switch receives before the VTEP is learned.

cfm

The cfm command places the switch in CFM configuration mode to configure connectivity fault management on a Layer 3 interface.

The default or no commands remove the profile from the configuration.

Command Mode

Global Configuration

Command Syntax

switch(config-cfm)# continuity-check {loc-state | action | disable | interface |routing}

switch(config-cfm)# domain domain_name level 0-7 intermediate-point

Parameters

continuity-check - Configure continuity check global settings.
- loc-state - Configure settings when LOC detected.
- action- Configure the action to take based on LOC state.
- disable -Toggle the interface based on LOC state.
- interface -Apply the action to the interfaces.
- routing - Disable routing for the interfaces.
domain - Configure a maintenance domain.
- domain-name - Configure a name for the maintenance domain.
level - Configure a maintenance domain level from 0 to 7.
intermediate-point - Configure the switch as a Maintenance intermediate point in this domain.

Example

To display details about a CFM continuity-check configuration on a switch, use the following command:

switch(config-cfm)# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: false, Last TX RDI cleared: never
   Remote MEP ID    Connectivity          Last LOC Detected    Last LOC Cleared
------------------- ------------------ ----------------------- ----------------
               2    reachable                         never               never

cfm continuity-check

The cfm command places the switch in CFM configuration mode to configure connectivity fault management on a Layer 3 interface.

The default command sets the default alarms for defects to loc-state. The no command disables the alarms for the defect.

Command Mode

Global Configuration

Command Syntax

continuity-check loc-state action disable interface routing

Parameters

continuity-check - Configure continuity check global settings.
- loc-state - Configure settings when LOC detected.
- action- Configure the action to take based on LOC state.
- disable -Toggle the interface based on LOC state.
- interface -Apply the action to the interfaces.
- routing - Disable routing for the interfaces.

Example

The following command configures the switch in cfm configuration mode and disables routing for the interfaces.

switch(config-cfm)# continuity-check loc-state action disable interface routing

cfm domain

The cfm domaindomain-name command places the switch in CFM configuration mode to configure a maintenance domain on a device.

The no or default commands unconfigures the maintenance domain.

Command Mode

Global Configuration

Command Syntax

switch(config-cfm)# domain domain-name level 0-7 intermediate-point

Parameters

domain - Configure a maintenance domain.
- domain-name - Configure a name for the maintenance domain.
level - Configure a maintenance domain level from 0 to 7.
maintenance-association - Configure a maintenance association name.
- 1-65535 - Maintenance association name
- direction [up | down] - Set local maintenance end point direction as down or up.
- end-point 1-8191 - Configure local maintenance end point and set the local maintenance end point ID.
- profile profile_name - Apply a connectivity fault management profile.
- remote end-point 1-8191 - Configure remote parameters for an end-point.
- vlan 1-4094 - Set the VLAN in the maintenance association.

Example

To configure a maintenance domain with the name main-domain and a level of 5, use the following command:

switch(config-cfm)# domain main-domain level 5

cfm measurement

The cfm measurement command places the switch in CFM configuration mode to configure Ethernet OAM loss on a device.

Command Mode

Global Configuration

Command Syntax

measurement loss [inband | synthetic]

Parameters

loss - Ethernet OAM loss measurement functions.
- inband - Enable hardware support for OAM loss measurement.
- synthetic - Enable hardware support for OAM synthetic loss measurement.

Example

To configure measurement for CFM as inband, use the following command:

switch(config-cfm)# measurement loss inband

cfm measurement delay

The cfm measurement delay command configures Ethernet OAM Delay Measurement on a transmitter switch. Ethernet OAM Measurement Delay determines the network delay between a transmitter and a responder to manage network connectivity.

Command Mode

CFM Configuration Mode

Command Syntax

measurement delay single-ended tx-interval [10 | 100 | 1000 | 10000 | 60000 | 600000] milliseconds

Parameters

singled-ended - Enables transmission of Two-way or Single-ended DMM PDUs in proactive mode.
tx-interval - Configure the interval between successive measurement frames. EOS supports the following interval lengths:
- 10 milliseconds - Specify 10 milliseconds.
- 100 milliseconds -Specify 100 milliseconds.
- 1000 milliseconds - Specify 1000 milliseconds (1 second).
- 10000 milliseconds - Specify 10000 milliseconds (10 seconds).
- 60000 milliseconds - Specify 60000 milliseconds (1 minute).
- 60000 milliseconds - Specify 600000 milliseconds (10 minutes).

EOS supports only the listed times in milliseconds.

Example

Use the following command to configure the switch as a Delay Measurement transmitter in proactive mode and set the transmit interval to 10000 milliseconds:

switch(config)# cfm
switch(config-cfm)# measurement delay single-ended
switch(config-cfm)# measurement delay tx-interval 10000 milliseconds

cfm measurement loss

The cfm measurement loss command configures a switch as an Initiator or Responder for Ethernet OAM Loss Measurement for frame loss on large networks. The no | default parameters remove the configuration fron the running-config on the switch.

Command Mode

CFM Configuration Mode

Command Syntax

measurement loss [inband | synthetic]tx-interval [10 | 100 | 1000 | 10000 | 60000 | 600000] milliseconds period transmission_frames

Parameters

inband - Configure Ethernet OAM frame loss between connections.
inband - Configure Ethernet OAM synthetic frame loss between connections.
singled-ended - Enables transmission of Two-way or Single-ended LMM PDUs in proactive mode.
tx-interval - Configure the interval between successive measurement frames. EOS supports the following interval lengths:
- 10 milliseconds - Specify 10 milliseconds.
- 100 milliseconds -Specify 100 milliseconds.
- 1000 milliseconds - Specify 1000 milliseconds (1 second).
- 10000 milliseconds - Specify 10000 milliseconds (10 seconds).
- 60000 milliseconds - Specify 60000 milliseconds (1 minute).
- 60000 milliseconds - Specify 600000 milliseconds (10 minutes).

EOS supports only the listed times in milliseconds.

Example

Use the following command to configure the switch as a Loss Measurement transmitter in proactive mode and set the transmit interval to 10000 milliseconds:

switch(config)# cfm
            switch(config-cfm)# measurement loss single-ended
            switch(config-cfm)# measurement loss tx-interval 10000 milliseconds

cfm profile

The cfm profile command places the switch in CFM configuration mode to configure a CFM profile.

The no or default commands unconfigures the CFM profile.

Command Mode

Global Configuration

Command Syntax

profile profile-name alarm indication client level 0-7 tx-interval1-1 [minutes |seconds]

Parameters

alarm - Configure alarm indication signal protocol parameters.
- indication - Configure alarm indication signal protocol parameters.
- client - Configure client maintenance domain level for AIS transmission.
- level 0-7- Configure client maintenance domain level for AIS transmission. Choose a level between 0 and 7.
- tx-interval [minutes | seconds] - Sets the time for periodic transmission of CCMs. Configure interval in minutes or seconds. For example, set the interval and unit to one of the following supported transmission intervals:
  - 3.33 milliseconds
  - 10 milliseconds
  - 100 milliseconds
  - 1 second
  - 10 seconds
  - 1 minute
  - 10 minutes
  The no or default command sets the transmission interval to the default value of 1 second.
continuity-check alarm defect - Configure defects that raise alarms.
- cross-connection - Raise alarms when cross connection defects occur on the network. The defect logs when a local MEP receives a CCM PDU from another maintenance association.
- error-ccm - Raise alarms when invalid CCMs occur on the network. The defect logs when a local MEP receives a CCM PDU with the wrong CCM transmission interval or has an uncofnigured RMEP ID or the RMEP ID is the same as the local MEP ID.
- loc-state - Raise alarms when a loss of connectivity occurs on the network. The defect logs when a local MEP loses connectivity with a remote MEP. Enabled by default.
- rdi-ccm - Raise alarms when CCMs with the RDI bit set occur on the network. The defect logs when a local MEP receives a CCM with the RDI flag set to true from the remote MEP. Enabled by default.
- measurement [delay | loss] - Configure delay or loss measurement.
  - delay
    - qos cos 0-7 - Configure QoS parameters and set cos to a value between 0 and 7.
    - single-ended - Configure single-ended performance measurement.
    - tx-interval [minutes | seconds] - Sets the time for periodic transmission of CCMs. Configure interval in minutes or seconds. For example, set the interval and unit to one of the following supported transmission intervals:
      - 3.33 milliseconds
      - 10 milliseconds
      - 100 milliseconds
      - 1 second
      - 10 seconds
      - 1 minute
      - 10 minutes
  - loss
    - qos cos 0-7 - Configure QoS parameters and set cos to a value between 0 and 7.
    - single-ended - Configure single-ended performance measurement.
    - synthetic - Configure synthetic loss measurement.
      - qos cos 0-7 - Configure QoS parameters and set cos to a value between 0 and 7.
      - single-ended - Configure single-ended performance measurement.
    - tx-interval [minutes | seconds] - Sets the time for periodic transmission of CCMs. Configure interval in minutes or seconds. For example, set the interval and unit to one of the following supported transmission intervals:
      - 3.33 milliseconds
      - 10 milliseconds
      - 100 milliseconds
      - 1 second
      - 10 seconds
      - 1 minute
      - 10 minutes

feature

The feature command allows the user to reserve the number of TCAM banks for the following features: ACL, flow-spec, IPsec, l2-protocol, PBR, QoS, TCP-MSS-ceiling, and traffic-policy.

Theexit command returns the switch to global configuration mode.

Command Mode

Hardware TCAM

Command Syntax

feature

Example

This command allows the switch to configure the TCAM flow-spec feature for IPv4 ports.

switch(config-hw-tcam)# feature flow-spec port ipv4 bank maximum count 12

flowcontrol receive

The flowcontrol receive command configures administrative settings for inbound flow control packets. Ethernet ports use flow control to delay packet transmission when port buffers run out of space. Ports transmit a pause frame when their buffers are full, signaling their peer ports to delay sending packets for a specified period.

The flowcontrol receive command configures the configuration mode port's ability to receive flow control pause frames.

off: the port does not process the pause frames that it receives.
on: the port processes the pause frames that it receives.
desired: the port auto-negotiates flow control; it processes pause frames if the peer is set to send desired.

desired is not an explicit parameter option. Ethernet data ports cannot be set to desired. Management ports are set to desired by default and with the no flowcontrol receive command.

The port linking process includes flow control negotiation. Ports must have compatible flow control settings to create a link. The table below lists the compatible flow control settings.

Table 9. Compatible Settings for Flow Control Negotiation – Local Port Receiving
local port	peer port
receive on	send on or send desired
receive off	send off or send desired
receive desired	send on, send off, or send desired

The no flowcontrol receive and default flowcontrol receive commands restore the default flowcontrol setting for the configuration mode interface by removing the corresponding flowcontrol receive command from running-config. The default setting is off for Ethernet data ports and desired for Management ports.

Command Mode

Interface-Ethernet Configuration

Interface-Management Configuration

Command Syntax

flowcontrol receive state

no flowcontrol receive

default flowcontrol receive

Parameters

Options for the state flow control pause frame processing setting include:

on
off

Example

These commands set the flow control receive setting on Ethernet interface 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# flowcontrol receive on
switch(config-if-Et5)#

flowcontrol send

The flowcontrol send command configures administrative settings for outbound flow control packets. Ethernet ports use flow control to delay packet transmission when port buffers run out of space. Ports transmit a pause frame when their buffers are full, signaling their peer ports to delay sending packets for a specified period.

The flowcontrol send command configures the configuration mode port's ability to transmit flow control pause frames.

off: the port does not send pause frames.
on: the port sends pause frames.
desired: the port auto-negotiates flow control; it sends pause frames if the peer is set to receive desired.

desired is not an explicit parameter option. Ethernet data ports cannot be set to desired. Management ports are set to desired by default and with the no flowcontrol send command.

Table 10. Compatible Settings for Flow Control Negotiation Local Port Transmitting
local port	peer port
send on	receive on or receive desired
send off	receive off or receive desired
send desired	receive on, receive off, or receive desired

The no flowcontrol send and default flowcontrol send commands restore the default flow control setting for the configured interface by removing the corresponding flowcontrol send command from the running-config. The default setting is off for Ethernet data ports and desired for Management ports.

Command Mode

Interface-Ethernet Configuration

Interface-Management Configuration

Command Syntax

flowcontrol send state

no flowcontrol send

default flowcontrol send

Parameters

Options for the state flow control send setting include:

on
off

Example

These commands set the flow control send setting on Ethernet interface 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# flowcontrol send on
switch(config-if-Et5)#

hardware counter feature

You can enable the hardware counter feature functionality from global configuration mode on a per feature basis. The no hardware counter feature command disables the functionality. Multiple ingress and egress hardware counter features can work concurrently.

Command Mode

Global configuration mode

Command Syntax

Parameters

vlan-interface Enables VLAN interface counters
- in Enables ingress VLAN interface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets ingressing through the VLAN interface for every VLAN interface configured in the system.
- out Enables egress VLAN interface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets egressing the VLAN interface for every VLAN interface configured in the system.
subinterfaceEnables the counting subinterface counters.
- in Enables ingress subinterface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets ingressing through the subinterface for every L3 subinterface configured in the system.
- out Enables egress subinterface counters. When configured, the switch counts the number of unicast packets, multicast packets, and total octets egressing the subinterface for every L3 subinterface configured in the system.
vni Enables per-VNI counters.
- encap Enables the per-encapsulation counters. When enabled, the switch counts the number of packets/octets received from the edge, encapsulated on the device, and directed towards the core.
- decap Enables the per-VTEP decapsulation counters. When enabled, the switch counts the number of packets/octets coming from the core, decapsulated on the device, and heading towards the edge per each VTEP.
route Configures the route counters for the specified IP version and IP address/IP prefix. When enabled, the switch counts the number of packets/bytes hitting a route.
- ipv4 Identifies the IPv4 route.
- ipv6 Identifies the IPv6 route.
vrf name The VRF name is optional. The default VRF is assumed if no VRF is specified.
ip-address Specifies the target IP address.
ip-address-prefix Specifies the target IP address prefix.
gre tunnel interfaceEnables GRE tunnel interface counters.
- in Enables GRE tunnel interface decapsulation counters. When enabled, the switch counts the number of unicast GRE packets and total octets getting decapsulated on the tunnel interface.
- out Enables GRE tunnel interface encapsulation counters. When enabled, the switch counts the number of unicast GRE packets and total octets encapsulated on the tunnel interface.

Examples

switch# hardware counters feature vlan-interface in

switch# hardware counter feature vlan-interface out

switch# hardware counter feature subinterface in

switch# hardware counter feature subinterface out

switch(config)# hardware counter feature vni encap

switch(config)# hardware counter feature vni decap

switch(config)# hardware counter feature vtep encap

switch(config)# hardware counter feature vtep decap

switch(config)# hardware counter feature gre tunnel interface in

switch(config)# hardware counter feature gre tunnel interface out

hardware counter feature in (DCS-7050x, 7350x, 7300x)

The hardware counter feature command enables the switch to count the ingress traffic on a Layer 3 port of the switch. The switch accounts for any traffic on Layer 3 sub-interfaces and VLAN interfaces with IPv4 and IPv6 addresses irrespective of the routing decision.

The no hardware counter feature in command disables the counter configuration from the switch ports. By default the ingress counter feature is disabled on the switch.

Command Mode

Global Configuration

Command Syntax

hardware counter feature [interface] in

no hardware counter feature [interface] in

Parameters

interface Layer 3 interface on the switch.

subinterface Displays the subinterface traffic count.
vlan-interface Displays the VLAN interface traffic count.

Examples

This command configures the ingress traffic count on the sub-interfaces.
```
switch# hardware counter feature subinterface in
```
This command configures the ingress traffic count on the VLAN interfaces.
```
switch# hardware counter feature vlan-interface in
```

These commands enable the QSFP+ interface in port group 1 and SFP+ interfaces in port group 2 on a DCS-7050Q-16 switch, display the port group status, and display the interface status.


switch(config)# hardware port-group 1 select Et15/1-4
switch(config)# hardware port-group 2 select Et21-24
switch(config)# show hardware port-group

Portgroup: 1    Active Ports: Et17-20
Port            State
------------------------------------------
Ethernet17      ErrDisabled
Ethernet18      ErrDisabled
Ethernet19      ErrDisabled
Ethernet20      ErrDisabled
Ethernet15/1    Active
Ethernet15/2    Active
Ethernet15/3    Active
Ethernet15/4    Active

Portgroup: 2    Active Ports: Et16/1-4
Port            State
------------------------------------------
Ethernet16/1    Active
Ethernet16/2    Active
Ethernet16/3    Active
Ethernet16/4    Active
Ethernet21      ErrDisabled
Ethernet22      ErrDisabled
Ethernet23      ErrDisabled
Ethernet24      ErrDisabled
switch(config)# show interfaces status
Port      Name              Status       Vlan        Duplex  Speed Type
Et1/1                       connected    in Po621      full    40G 40GBASE-CR4
Et1/2                       errdisabled  inactive    unconf unconf 40GBASE-CR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et15/1                      connected    in Po711      full    40G 40GBASE-CR4
Et15/2                      errdisabled  inactive    unconf unconf Not Present
Et15/3                      errdisabled  inactive    unconf unconf Not Present
Et15/4                      errdisabled  inactive    unconf unconf Not Present
Et16/1                      errdisabled  inactive    unconf unconf Not Present
Et16/2                      errdisabled  inactive    unconf unconf Not Present
Et16/3                      errdisabled  inactive    unconf unconf Not Present
Et16/4                      errdisabled  inactive    unconf unconf Not Present
Et17                        errdisabled  inactive    unconf unconf Not Present
Et18                        errdisabled  inactive    unconf unconf Not Present
Et19                        errdisabled  inactive    unconf unconf Not Present
Et20                        errdisabled  inactive    unconf unconf Not Present
Et21                        connected    425           full    10G 10GBASE-SRL
Et22                        connected    611           full    10G 10GBASE-SRL
Et23                        connected    in Po998      full    10G 10GBASE-SLR
Et24                        connected    in Po998      full    10G 10GBASE-SLR
switch(config)#

These commands enable the QSFP+ interface in port group 1 and SFP+ interfaces in port group 2 on a DCS-7050Q-16 switch, display the port group status, and display the interface status.


switch(config)# hardware port-group 1 select Et15/1-4
switch(config)# hardware port-group 2 select Et21-24

switch(config)# show hardware port-group

Portgroup: 1    Active Ports: Et17-20
Port            State
------------------------------------------
Ethernet17      ErrDisabled
Ethernet18      ErrDisabled
Ethernet19      ErrDisabled
Ethernet20      ErrDisabled
Ethernet15/1    Active
Ethernet15/2    Active
Ethernet15/3    Active
Ethernet15/4    Active

Portgroup: 2    Active Ports: Et16/1-4
Port            State
------------------------------------------
Ethernet16/1    Active
Ethernet16/2    Active
Ethernet16/3    Active
Ethernet16/4    Active
Ethernet21      ErrDisabled
Ethernet22      ErrDisabled
Ethernet23      ErrDisabled
Ethernet24      ErrDisabled
switch(config)# show interfaces status
Port      Name              Status       Vlan        Duplex  Speed Type
Et1/1                       connected    in Po621      full    40G 40GBASE-CR4
Et1/2                       errdisabled  inactive    unconf unconf 40GBASE-CR4
<-------OUTPUT OMITTED FROM EXAMPLE-------->
Et15/1                      connected    in Po711      full    40G 40GBASE-CR4
Et15/2                      errdisabled  inactive    unconf unconf Not Present
Et15/3                      errdisabled  inactive    unconf unconf Not Present
Et15/4                      errdisabled  inactive    unconf unconf Not Present
Et16/1                      errdisabled  inactive    unconf unconf Not Present
Et16/2                      errdisabled  inactive    unconf unconf Not Present
Et16/3                      errdisabled  inactive    unconf unconf Not Present
Et16/4                      errdisabled  inactive    unconf unconf Not Present
Et17                        errdisabled  inactive    unconf unconf Not Present
Et18                        errdisabled  inactive    unconf unconf Not Present
Et19                        errdisabled  inactive    unconf unconf Not Present
Et20                        errdisabled  inactive    unconf unconf Not Present
Et21                        connected    425           full    10G 10GBASE-SRL
Et22                        connected    611           full    10G 10GBASE-SRL
Et23                        connected    in Po998      full    10G 10GBASE-SLR
Et24                        connected    in Po998      full    10G 10GBASE-SLR
switch(config)#

hardware port-group

The hardware port-group command configures a port group to activate either a single interface at a higher speed, such as a QSFP-DD at 400 Gb/s, or multiple interfaces at a lower speed, such as QSFP-56 interfaces at 200 Gb/s.

The no hardware port-group and default hardware port-group commands restore the default settings for the specified port group by removing the corresponding hardware port-group command from the running-config.

The hardware port-group command is available on the DCS-7280CR3-36S, DCS-7050Q-16, and DCS-7050QX-32S switches and has different parameters on each platform.

Command Mode

Global Configuration

Command Syntax

hardware port-group port_group_id select port_group_mode

no hardware port-group port_group_id [ select port_group_mode ]

default hardware port-group port_group_id [ select port_group_mode ]

Parameters

port_group_id

Label of the port group. On the 7280CR3-36S and 7050Q-16, the valid options are 1 and 2. On the 7050QX-32S, only label 1 is available.
port_group_mode
Ports activated by the command. Options vary by platform and depend on the port_group_id value.
- DCS-7280CR3-36
  - Port group 1:
    
    1x-qsfp-dd(Et33): Ethernet33/1 is capable of 400Gb/s. Ethernet34 is inactive.
    
    2x-qsfp-56(Et33,Et34): Ethernet33/1 is not capable of 400Gb/s. Ethernet34 is active.
  - Port group 2:
    
    1x-qsfp-dd(Et35): Ethernet35/1 is capable of 400Gb/s. Ethernet36 is inactive.
    
    2x-qsfp-56(Et35,36): Ethernet35/1 is not capable of 400Gb/s. Ethernet36 is active.
- DCS-7050Q-16
  - Port group 1:
    
    Et15/1-4: QSFP+ port is activated on port group 1.
    
    Et17-20: SFP+ ports are activated on port group 1.
  - Port group 2:
    
    Et16/1-4: QSFP+ port is activated on port group 2.
    
    Et21-23: SFP+ ports are activated on port group 2.
- DCS-7050QX-32S
  - Port group 1:
    
    Et15/1-4: QSFP+ port is activated on port group 1.
    
    Et17-20: SFP+ ports are activated on port group 1.
  - Port group 2:
    
    Invalid port group.

Examples

On a DCS-7280CR3-36S switch, the following commands activate Ethernet35/1 as a QSFP-DD (400 Gb/s) port, deactivate Ethernet36, and then display the port group status.

switch(config)# hardware port-group 2 select 1x-qsfp-dd(Et35)
!
                  WARNING!
   Changing the port-group mode will cause all
   interfaces on ports 35,36 to flap.

Do you wish to proceed with this command? [y/N]y
switch(config)# show hardware port-group

Portgroup: 1    Active Ports: Et33/1-4,34/1-4
Limitations: 400G unavailable on Ethernet33/1
Port            State
------------------------------------------
Ethernet33/1    Active
Ethernet33/2    Active
Ethernet33/3    Active
Ethernet33/4    Active
Ethernet33/5    Inactive
Ethernet33/6    Inactive
Ethernet33/7    Inactive
Ethernet33/8    Inactive
Ethernet34/1    Active
Ethernet34/2    Active
Ethernet34/3    Active
Ethernet34/4    Active

Portgroup: 2    Active Ports: Et35/1-8
Port            State
------------------------------------------
Ethernet35/1    Active
Ethernet35/2    Active
Ethernet35/3    Active
Ethernet35/4    Active
Ethernet35/5    Active
Ethernet35/6    Active
Ethernet35/7    Active
Ethernet35/8    Active
Ethernet36/1    Inactive
Ethernet36/2    Inactive
Ethernet36/3    Inactive
Ethernet36/4    Inactive
switch(config)#

On a DCS-7280CR3-36S switch, the following commands restore the settings for port group 2 to the default values and then display the port group status.

switch(config)# no hardware port-group 2
!
                  WARNING!
   Changing the port-group mode will cause all
   interfaces on ports 35,36 to flap.

Do you wish to proceed with this command? [y/N]y
switch(config)# show hardware port-group

Portgroup: 1    Active Ports: Et33/1-4,34/1-4
Limitations: 400G unavailable on Ethernet33/1
Port            State
------------------------------------------
Ethernet33/1    Active
Ethernet33/2    Active
Ethernet33/3    Active
Ethernet33/4    Active
Ethernet33/5    Inactive
Ethernet33/6    Inactive
Ethernet33/7    Inactive
Ethernet33/8    Inactive
Ethernet34/1    Active
Ethernet34/2    Active
Ethernet34/3    Active
Ethernet34/4    Active

Portgroup: 2    Active Ports: Et35/1-4,36/1-4
Limitations: 400G unavailable on Ethernet35/1
Port            State
------------------------------------------
Ethernet35/1    Active
Ethernet35/2    Active
Ethernet35/3    Active
Ethernet35/4    Active
Ethernet35/5    Inactive
Ethernet35/6    Inactive
Ethernet35/7    Inactive
Ethernet35/8    Inactive
Ethernet36/1    Active
Ethernet36/2    Active
Ethernet36/3    Active
Ethernet36/4    Active
switch(config)#

hardware tcam

The hardware tcam command places the switch in Hardware TCAM configuration mode.

The exit command returns the switch to global configuration mode.

Command Mode

Global Configuration

Command Syntax

hardware tcam

Related Commands

profile
interface ethernet

Example

This command places the switch in Hardware TCAM configuration mode.

switch(config)# hardware tcam
switch(config-hw-tcam)#

interface ethernet create

The interface ethernet create command is used to configure a range of Ethernet subinterfaces. The command places the switch in Ethernet interface configuration mode for the specified range of subinterfaces.

Command Mode

Global Configuration

Command Syntax

interface ethernet create sub_range

Parameters

sub_range Range of subinterfaces to be configured. Subinterfaces are named by adding a period followed by a unique subinterface number to the name of the parent interface.

Example

This command enters interface configuration mode for Ethernet subinterfaces 1/1.1-100:

switch(config)# interface ethernet create 1/1.100
switch(config-if-Et1/1.1-100)#

interface ethernet

The interface ethernet command places the switch in Ethernet-interface configuration mode for the specified interfaces. The command can specify a single interface or multiple interfaces.

Ethernet interfaces are physical interfaces and are not created or removed.

Interface management commands include:

description
exit
load-interval
mtu
shutdown (Interfaces)

Ethernet management commands include:

flowcontrol
mac-address
speed

Chapters describing supported protocols and other features list additional configuration commands available in Ethernet interface configuration mode.

Command Mode

Global Configuration

Command Syntax

interface ethernet e_range

Parameter

e_range Ethernet interfaces (number, range, or comma-delimited list of numbers and ranges). Valid Ethernet numbers depend on the switch available Ethernet interfaces.

Examples

This command enters interface configuration mode for Ethernet interfaces 1 and 2:
```
switch(config)# interface ethernet 1-2
switch(config-if-Et1-2)#
```
This command enters interface configuration mode for interface ethernet 1:
```
switch(config)# interface ethernet 1
switch(config-if-Et1)#
```

interface management

The interface management command places the switch in management-interface configuration mode for the specified interfaces. The list can specify a single interface or multiple interfaces if the switch contains more than one management interface.

Management interfaces are physical interfaces and are not created or removed.

Interface management commands include:

description
exit
load-interval
mtu
shutdown (Interfaces)

Ethernet management commands include:

flowcontrol
mac-address
speed

Chapters describing supported protocols and other features list additional configuration commands available from management-interface configuration mode.

Command Mode

Global Configuration

Command Syntax

interface management m_range

Parameter

m_range Management interfaces (number, range, or comma-delimited list of numbers and ranges).

Valid management numbers depend on the switch’s available management interfaces. A value of 0, where available, configures the virtual management interface on a dual-supervisor modular switch. Management interface 0 accesses management port 1 on the active supervisor of a dual-supervisor modular switch.

Examples

This command enters the interface configuration mode for management interfaces 1 and 2.
```
switch(config)# interface management 1-2
switch(config-if-Ma1-2)#
```
This command enters the interface configuration mode for management interface 1:
```
switch(config)# interface management 1
switch(config-if-Ma1)#
```

link-debounce

The link-debounce command configures the link debounce time for the configuration mode interface. The link debounce time is the amount of time advertisements for new link states are delayed after the link state is established. By default, debounce time is set to zero, disabling link debounce.

You can configure independent debounce times for link up and link down transitions.

Link-up debounce time: the delay before an interface advertises link down to link up transitions.
Link-down debounce time: the delay before an interface advertises link up to link down transitions.

The no link-debounce and default link-debounce commands restore the default debounce setting for the configuration mode interface by removing the corresponding link-debounce command from the running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Management Configuration

Command Syntax

link-debounce time wait_time

no link-debounce time wait_time

default link-debounce time wait_time

Parameters

wait_time Link debounce period (milliseconds). Debounce time values range from 0 (disabled) to 30000 (30 seconds). Options include:

0 - 30000 One debounce value assigned as both link up and link down.
0 - 30000 0 - 30000 Two debounce values: link up is first, link down is second.

Examples

These commands set the link-up and link-down debounce period to 10 seconds on interface ethernet 5.

switch(config)# interface ethernet 5
switch(config-if-Et5)# link-debounce time 10000
switch(config-if-Et5)#

These commands set the link-up debounce to 10 seconds and the link-down debounce period to zero on interface ethernet 5.
```
switch(config)# interface ethernet 5
switch(config-if-Et5)# link-debounce time 10000 0
switch(config-if-Et5)#
```
These commands set the link-up debounce to 0 and the link-down debounce period to 12.5 seconds on interface ethernet 5.
```
switch(config)# interface ethernet 5
switch(config-if-Et5)# link-debounce time 0 12500
switch(config-if-Et5)#
```

link-error

The link-error command places the Ethernet Operations, Administration, and Management (EOAM) profile in the EOAM link-error sub-mode.

The no link-error and default link-error commands exit from the EOAM link-error sub-mode.

Command Mode

EOAM Configuration

Command Syntax

link-error

no link-error

default link-error

Related Commands

monitor ethernet oam profile
show monitor ethernet oam profile

Example

These commands place the EOAM profile profile1 in the link-error sub-mode.

switch(config)# monitor ethernet oam
switch(config-eoam)# profile profile1
switch(config-eoam-profile-profile1)# link-error
switch(config-eoam-profile-profile1-link-error)#

mac-address

The mac-address command assigns a MAC address to the configuration mode interface. An interface's default MAC address is its burn-in address.

The no mac-address and default mac-address commands revert the interface to its default MAC address by removing the corresponding mac-address command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Management Configuration

Command Syntax

mac-address address

no mac-address

default mac-address

Parameter

address MAC address assigned to the interface. Its format is the dotted hex notation (H.H.H). Disallowed addresses are 0.0.0 and FFFF.FFFF.FFFF.

Example

These commands assign the 001c.2804.17e1 MAC address to interface ethernet 7, then display the interface parameters including the assigned address.

switch(config)# interface ethernet 7
switch(config-if-Et7)# mac-address 001c.2804.17e1
switch(config-if-Et7)# show interface ethernet 7
Ethernet3 is up, line protocol is up (connected)
  Hardware is Ethernet, address is 001c.2804.17e1 (bia 001c.7312.02e2)
  Description: b.e45
  MTU 9212 bytes, BW 10000000 Kbit
  Full-duplex, 10Gb/s, auto negotiation: off
  Last clearing of "show interface" counters never
  5 seconds input rate 7.84 kbps (0.0% with framing), 10 packets/sec
  5 seconds output rate 270 kbps (0.0% with framing), 24 packets/sec
     1363799 packets input, 222736140 bytes
     Received 0 broadcasts, 290904 multicast
     0 runts, 0 giants
     0 input errors, 0 CRC, 0 alignment, 0 symbol
     0 PAUSE input
     2264927 packets output, 2348747214 bytes
     Sent 0 broadcasts, 28573 multicast
     0 output errors, 0 collisions
     0 late collision, 0 deferred
     0 PAUSE output
switch(config-if-Et7)#

monitor ethernet oam profile

The monitor ethernet oam profile command applies the EOAM profile to the specific interface in interface configuration mode.

The no monitor ethernet oam profile and default monitor ethernet oam profile commands remove the EOAM profile from the interface.

Command Mode

Interface Configuration

Command Syntax

monitor ethernet oam profile name

no monitor ethernet oam profile

default monitor ethernet oam profile

Parameters

name The EOAM profile name. You cannot name an EOAM profile summary.

Related Commands

link-error
show monitor ethernet oam profile

Example

These commands apply the EOAM profile profile1 to the interface ethernet 1/1.

switch(config)# interface ethernet 1/1
switch(config-if-Et1/1)# monitor ethernet oam profile profile1

monitor ethernet oam

The monitor ethernet oam command places the switch in the Ethernet Operations, Administration, and Management (EOAM) configuration mode.

The no monitor ethernet oam and default monitor ethernet oam commands exit from the EOAM configuration mode.

Command Mode

Global Configuration

Command Syntax

monitor ethernet oam

no monitor ethernet oam

default monitor ethernet oam

Example

This command places the switch in the EOAM configuration mode.

switch(config)# monitor ethernet oam
switch(config-eoam)#

monitor link-flap policy default-profiles

The monitor link-flap policy default-profiles command permits you to enter the link-flap configuration mode and add a list of damping profiles as default profiles for the switch.

Command Mode

Global Configuration

Command Syntax

monitor link-flap policy [default-profiles | profiles]

Parameters

link-flap - Specify the flap setting values for the link flap errdisable cause
policy - Manage profiles for link flap detection.
default-profiles profile_name - Add default damping profiles to a switch.

Example

Use the following command to add damping profiles dp1, dp2, dp5 to the list of default damping profiles:

switch(config)#monitor link-flap policy
switch(config-link-flap)#default-profiles dp1, dp2, dp5

monitor link-flap policy profile damping

The monitor link-flap policy profile command puts the switch in link-flap configuration mode and allows you to add damping profiles to the configuration. This command then enters the link-flap damping profile configuration mode.

The no monitor link-flap policy profiles command removes all damping profiles from an interface.

Command Mode

Link-Flap Configuration Mode

Command Syntax

monitor link-flap profile profile_name damping

Parameters

profile_name - Specify the name of the damping profile.

Example

Use the following command to create a damping profile, MyDampingProfile:

switch(config)#monitor link-flap policy
switch(config-link-flap)#profile MyDampingProfile damping
switch(config-link-flap-damping-profile-MyDampingProfile)#

penalty mac fault

The penalty mac fault parameter permits configuration of the Damping policy MAC fault changes after entering the Link-Flap Damping Profile Configuration mode.

Command Mode

Link-Flap Damping Profile Configuration Mode

Command Syntax

penalty mac fault [local | remote] penalty_value

Parameters

mac - Configure the penalty for MAC address state changes.
fault - Configure the penalty for MAC fault changes.
local - Configure the penalty for local fault changes.
remote - Configure the penalty for remote fault changes.
penalty_value - Configure a value between 1 and 5000. Specify 0 for no penalty.

Example

Use the following commands to configure a local MAC fault penalty of 2500 for the Damping profile, MyDampingProfile:

switch(config)# monitor link-flap policy
switch(config-link-flap)# profile MyDampingProfile damping
switch(config-link-flap-damping-profile-MyDampingProfile)# penalty mac fault local 2500

penalty threshold

The penalty threshold parameter permits the configuration of the link-flap damping threshold for the penalty after entering the link-flap damping profile configuration mode.

Command Mode

Link-Flap Damping Profile Configuration Mode

Command Syntax

penalty threshold [maximum | reuse | suppression] penalty_value

Parameters

maximum penalty_value - Configure the maximum penalty value for a link. Specify a penalty value between 0 and 1000000 with a default value of 12000.
reuse penalty_value - Configure the penalty value to trigger the reuse of a suppressed link. Specify a penalty value between 0 and 1000000 with a default value of 750.
suppression penalty_value - Configure the penalty value to trigger suppression of a link. Specify a penalty value between 0 and 1000000 with a default value of 200.

Example

Use the following commands to configure the penalty thresholds, reuse 800, suppression 2200, and maximum 15000 for the damping profile, MyDampingProfile:

switch(config)#monitor link-flap policy
switch(config-link-flap)#profile MyDampingProfile damping
switch(config-link-flap-damping-profile-MyDampingProfile)#penalty reuse 800 suppression 2200 maximum 15000

period

The period command configures the link monitoring period for a link error in terms of number of frames or seconds.

The no period command removes the period type specified for the chosen link error. The defaultperiod command configures the link monitoring period as zero seconds.

Command Mode

Link-error Configuration

Command Syntax

{fcs | symbol} period num {seconds | frames}

no {fcs | symbol} period num {seconds | frames}

default {fcs | symbol} period num {seconds | frames}

Parameters

fcs Inbound packets with Frame Check Sequence (FCS) error.
symbol Inbound packets with symbol error.
num The link monitoring period in frames or seconds. The frame value ranges from 1 to 4000000000. The time value ranges from 2 to 200 seconds. The default value is 2 seconds.
- seconds Specifies the link monitoring period in seconds.
- frames Specifies the link monitoring period in frames.

Related Commands

action
threshold

Example

These commands set the frames period type for the profile profile1 in the Link-error configuration mode for 300 frames.

switch(config)# monitor ethernet oam                        
switch(config-eoam)# profile profile1
switch(config-eoam-profile-profile1)# link-error
switch(config-eoam-profile-profile1-link-error)# symbol period 300 frames

phy link detection aggressive

The phy link detection aggressive command allows the configuration of interfaces for aggressive link-up declaration (~50 ms) on those interfaces. The no/default phy link detection aggressive configuration reverts to a more reliable link-up with at least a two-second delay. When the aggressive mode is not supported, the system generates an advisory message.

Command Mode

Global Configuration

Command Syntax

phy link detection aggressive

no phy link detection aggressive

default phy link detection aggressive

Examples

This command configures aggressive link detection.

switch(config-if-Et1)# phy link detection aggressive
switch(config-if-Et1)#

This command configures aggressive link detection but fails on a platform that does not support the feature.

switch(config-if-Et1)# phy link detection aggressive
detection     detection not supported on this hardware platform
switch(config-if-Et1)#

poe disabled

Power over Ethernet (PoE) is enabled on all Ethernet ports by default on switches that support PoE. The poe disabled command disables PoE on the configuration-mode interface.

The no poe disabled and default poe disabled commands restore PoE on the interface by removing the corresponding poe disabled command from the running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

poe disabled

no poe disabled

default poe disabled

Example

These commands disable PoE on interface ethernet 7.

switch(config)# interface ethernet 7
switch(config-if-Et7)# poe disabled
switch(config-if-Et7)#

poe legacy detect

IEEE-compliant Powered Devices (PDs) are recognized by a specific resistance signature to a test signal sent by the switch, but non-compliant (legacy or proprietary) PDs may use a capacitive signature instead. The poe legacy detect command causes the configuration-mode interface to attempt to use hardware detection for these non-compliant PoE devices and power them. By default, legacy PD detection is disabled, and legacy devices are not powered.

The no poe legacy detect and default poe legacy detect commands restore the default behavior by removing the corresponding poe legacy detect command from running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

poe legacy detect

no poe legacy detect

default poe legacy detect

Example

These commands configure interface ethernet 7 to attempt to detect and power capacitive PDs.

switch(config)# interface ethernet 7
switch(config-if-Et7)# poe legacy detect
switch(config-if-Et7)#

poe limit

Power over Ethernet (PoE) power output is limited by the hardware-negotiated power level and by the total power capacity of the switch. The poe limit command sets an additional maximum power output for the configuration-mode interface. The power limit represents the power output at the Ethernet port; actual power delivered to the PD will be lower due to power loss along the Ethernet cable.

Note: If a power limit is set by this command, Power Via MDI TLVs will not be sent from the interface. See Configuring LLDP for Power over Ethernet for details.

The no poe limit and default poe limit commands restore the default power limitation by removing the corresponding poe limit command from running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

poe limit {class class_num | watt_num watts}

no poe limit

default poe limit

Parameters

class_num Specifies the power output limit by power class. Values range from 0-6 as follows:
- Class 0 = 15.4 W
- Class 1 = 4 W
- Class 2 = 7 W
- Class 3 = 15.4 W
- Class 4 = 30 W
- Class 5 = 45 W
- Class 6 = 60 W
watt_num Specifies the power output limit in watts. Values range from 0-60. A value of 0 watts prevents the port from providing PoE power.

Examples

These commands limit nominal PoE power output on interface ethernet 7 to 10 W.

switch(config)# interface ethernet 7
switch(config-if-Et7)# poe limit 10 watts
switch(config-if-Et7)#

These commands limit nominal PoE power output on interface ethernet 7 to 4 W.

switch(config)# interface ethernet 7
switch(config-if-Et7)# poe limit class 1
switch(config-if-Et7)#

power budget

Power over Ethernet (PoE) budget is not set on all Ethernet ports by default on switches that support PoE. The power budget [n] watts command sets a limit of 'n' watts available for use by the ports on the switch. Otherwise, available power for PoE is limited to the sum of all power provided by the PSUs minus the power reserved for the chassis.

The no power budget restores the default state.

Command Mode

Interface-Ethernet Configuration

Command Syntax

power budget [n] watts

no power budget

Example

The following command sets the PoE power budget to 600 W.

switch(config)# power budget 600 watts

power budget exceed action (warning | hold-down)

When the Power over Ethernet (PoE) ports exceeds the budgeted amount, the switch issues a warning and continues to provide additional power above the budgeted limit. The power budget exceed action hold-down command causes the switch to issue a warning and limit the power to the configured limit.

The no power budget restores the default state.

Command Mode

Interface-Ethernet Configuration

Command Syntax

power budget exceed action hold-down

no power budget

Example

The following commands set the PoE power budget to 600W and configure the switch to not exceed the limit.

switch(config)# power budget 600 watts
switch(config)# power budget exceed action hold-down

profile

The profile command creates an Ethernet Operations, Administration, and Management (EOAM) profile in the EOAM configuration mode.

The no profile and default profile commands exit from the EOAM configuration mode.

Command Mode

EOAM Configuration

Command Syntax

profile profile_name

no profile profile_name

default profile profile_name

Parameter

profile_name The profile name that is specified.

Related Commands

monitor ethernet oam profile
show monitor ethernet oam profile

Guidelines

Run the shutdown or no shutdown command to return the port to its normal state.

Example

These commands create an EOAM profile profile1 in the EOAM configuration mode.

switch(config)# monitor ethernet oam
switch(config-eoam)# profile profile1
switch(config-eoam-profile-profile1)#

qos scheduling

The qos scheduling command places the switch in the QoS scheduling mode under which the scheduling groups and scheduling policies are configured for shared shaper across multiple subinterfaces.

The no qos scheduling command removes the QoS scheduling configuration from the running-config.

Command Mode

QoS Scheduling Mode

Command Syntax

qos scheduling

no qos scheduling

Example

These commands create a scheduling policy with the desired shape rate and optional guaranteed bandwidth:

switch(config)# qos scheduling
switch(config-qos-scheduling)# scheduling policy P1
switch(config-qos-scheduling-policy-P1)# shape rate 75000000
switch(config-qos-scheduling-policy-P1)# bandwidth guaranteed 10000000

recovery-time

The recovery-time command configures the recovery timeout value for link fault signaling.

The no recovery-time command and the default recovery-time command remove the recovery timeout value specified for the chosen link error.

Command Mode

Link-error Configuration

Command Syntax

recovery-time value

no recovery-time value

default recovery-time value

Parameters

value Specifies the recovery timeout value for LFS. The value ranges from 20 to 200.

Related Commands

action
period
threshold

Example

These commands set a recovery time value of 40 for profile profile1 in link-error configuration mode.

switch(config)# monitor ethernet oam
switch(config-eoam)# profile profile1                      
switch(config-eoam-profile-profile1)# link-error
switch(config-eoam-profile-profile1-link-error)# recovery-time 40

refresh traffic-policy field-set

The refresh traffic-policy field-set provides the ability to refresh a field set for a traffic policy. Refresh all field sets or a field set by name.

Command Mode

EXEC

Command Syntax

refresh traffic-policy field-set [all | integer | ipv4 | ipv6 | l4-port | mac | vlan] prefix prefix_name

Command parameters

all - Refresh all field sets.
integer - Refresh a field set of integer ranges.
ipv4 - Refresh a field set of IPv4 address ranges.
ipv6 - Refresh a field set of IPv6 address ranges.
l4-ports - Refresh a field set of Layer 4 port ranges.
mac - Refresh a field set of MAC addresses.
vlan - Refresh a field set of VLAN IDs.
prefix prefix_name - Refresh a specific field set.

Example

Use the following command to refresh the IPv4 field set, mybigfieldset:

switch# refresh traffic-policy field-set ipv4 mybigfieldset
Refreshed ipv4 field-set mybigfieldset source URL
Number of accept prefixes: 100
Number of except prefixes: 0

The following error messages can be displayed if a problem exists with the configuration:

! IPv4 prefix field-set 'mybigfieldset' is not defined. - Undefined field set in the configuration.
% Failed to import file:/tmp/mybigfieldset.txt: aborted due to CLI error - An error exists in the URL contents.
% Failed to import file:/tmp/foo.txt: IPv4 prefix field-set 'mybigfieldset' not found in the URL - Cannot locate the field set in the URL.
% Failed to import file:/tmp/foo.txt: [Errno 2] No such file or directory: '/tmp/mybigfieldset.txt' - The URL no longer reachable or cannot find the requested file.

show cfm continuity-check end-point

The show cfm continuity-check command displays continuity and connectivity information for a CFM configuration.

Command Mode

EXEC

Command Syntax

switch# show cfm continuity-check end-point [remote-defect | counters] [domain domain_name [ association association_ID [ end-point end_point_id ] ] ]

Parameters

domain domain_name - Name of the domain for the endpoint.
association association_ID - The CFM association ID for the endpoint.
end-point end_point_id - The endpoint ID of the desired endpoint.
remote-defect - Display the remote defects for the endpoint.
counters - Display counters for software CFM configurations.

Examples

To display the current status of the CFM endpoints, use the following command:

switch# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: false, Last TX RDI cleared: never
   Remote MEP ID    Connectivity          Last LOC Detected    Last LOC Cleared
------------------- ------------------ ----------------------- ----------------
                2    reachable                         never              never

switch# show cfm continuity-check end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Interface: Ethernet1.1
TX RDI state: true, Last TX RDI set: 0:00:04 ago
      Remote MEP ID    Connectivity          Last LOC Detected    Last LOC Cleared
     ------------------- ------------------ ----------------------- ----------------
                    2    unreachable                 0:00:04 ago               never

show cfm endpoint

The show cfm command displays information about a CFM configuration.

Command Mode

EXEC

Command Syntax

switch# show cfm end-point [ domain domain_name [ association association_ID [ end-point end_point_id ] ] ]

Parameters

domain domain_name - Name of the domain for the endpoint.
association association_ID - The CFM association ID for the endpoint.
end-point end_point_id - The endpoint ID of the desired endpoint.

Example>

To display the current status of the CFM endpoints, use the following command:

switch# show cfm end-point
Maintenance domain: domain6, Level: 6
Maintenance association: 100, Direction: up, CCM TX interval: 1 seconds
Maintenance end point ID: 1, Status: active, Interface: Ethernet1.1
  Remote MEP ID    Status
------------------- ------
            2       active

show cfm measurement delay proactive

The show cfm measurement delay proactive command displays statistical information about the Ethernet OAM Delay Measurement configuration.

Command Mode

EXEC

Command Syntax

show cfm measurement delay proactive [details]

Parameters

details - displays detailed statistical information about Delay Measurement on the switch.

Examples

Use the following command to display statistical information about the Ethernet OAM Delay Measurement configuration:

switch1(config)# show cfm measurement delay proactive
Maintenance domain: domain1
Maintenance association: 1, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet1/2.1
Remote MEP ID: 2, Status: enabled
Start time: 0:00:01 ago
Number of samples: 2
Average two-way delay: 315 usec
Average two-way delay variation: 4 usec
Best case two-way delay: 310 usec at 0:00:01 ago
Worst case two-way delay: 320 usec at 0:00:00 ago

Use the following command to display detailed statistical information about the Ethernet OAM Delay Measurement configuration:

switch1(config)# show cfm measurement delay proactive detail
Maintenance domain: domain1
Maintenance association: 1, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet1/2.1
Remote MEP ID: 2, Status: enabled
Start time: 0:01:22 ago
Number of samples: 83
Average two-way delay: 320 usec
Average two-way delay variation: 20 usec
Best case two-way delay: 264 usec at 0:00:07 ago
Worst case two-way delay: 395 usec at 0:00:34 ago
Index    Two-way Delay (usec)
----------- --------------------
 1                       305.178
 2                       306.878
 3                       283.742
 4                       349.322
 5                       291.718
 6                       305.607
 7                       317.472
 8                       264.792
 9                       311.296
10                       328.36

show cfm measurement loss proactive

The show cfm measurement loss proactive command displays statistical information about the Ethernet OAM Loss Measurement configuration.

Command Mode

EXEC

Command Syntax

show cfm measurement loss [inband | synthetic] proactive [details]

Parameters

inband | synthetic - displays statistical information about inband loss or synthetic loss measurement on the switch.
details - displays additional details about the configuration.

Examples

Use the following command to display information about an inband loss measurement configuration:

switch(config)# show cfm measurement loss proactive
Maintenance domain: EZUTUOu3JG, Level: 5
Maintenance association: 3967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet14/1.4097
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:27 ago
Number of samples: 87
Average far-end frame loss: 0
Average near-end frame Loss: 0

Maintenance domain: EZUTUOu3JG, Level: 5
Maintenance association: 3967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 2, Interface: Ethernet14/1.4098
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:27 ago
Number of samples: 87
Average far-end frame loss: 0
Average near-end frame Loss: 0

Use the following command to display information about a synthetic loss measurement configuration:

switch(config)# show cfm measurement loss synthetic proactive
Maintenance domain: CPASIYdcnN, Level: 3
Maintenance association: 4967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 1, Interface: Ethernet20/1.4095, COS: 2
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance end point ID: 1, Interface: Ethernet20/1.4095, COS: 5
Remote MEP ID: 4096, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance domain: CPASIYdcnN, Level: 3
Maintenance association: 4967, Direction: up
Measurement type: proactive, TX interval: 1000 milliseconds
Maintenance end point ID: 2, Interface: Ethernet20/1.4096, COS: 2
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000
Average near-end synthetic frame Loss: 0.000

Maintenance end point ID: 2, Interface: Ethernet20/1.4096, COS: 5
Remote MEP ID: 4097, Status: enabled
Start time: 0:01:49 ago
Number of measurements: 36, Measurement period: 3000 milliseconds
Average far-end synthetic frame loss: 0.000

show hardware counter

The show hardware counter command displays counter events across time intervals.

Command Mode

EXEC

Command Syntax

show hardware counter

Example

This command displays counter events across all time intervals, which are currently more than one standard deviation apart from a given time interval.

switch(config-handler-eventHandler1-counters)# show hardware counter events
-----------------------------------------------------------------------------------------
Interval | Event Name  | Chip | First  | Last  | Count | Z-Score
 |  | Name | Occurrence  | Occurrence  |  | 
-----------------------------------------------------------------------------------------
5 Min  | MacCounters |  All | 2017-01-31 09:31:35 | 2017-01-31 09:44:32 |  5 | -6.9430
10 Min | MacCounters |  All | 2017-01-31 09:39:43 | 2017-01-31 09:44:32 |  3 | -4.8123
-----------------------------------------------------------------------------------------
switch(config-handler-eventHandler1-counters)#

show hardware port-group

The show hardware port-group command displays the status of DCS-7050Q-16 port-groups. Port groups contain one QSFP+ interface and a set of four SFP+ interfaces. In each port group, either the QSFP+ interface or the SFP+ interface set is enabled. The port groups are configured independently of each other.

Port group 1 contains interface 15 (QSFP+) and interfaces 17-20 (SFP+).
Port group 2 contains interface 16 (QSFP+) and interfaces 21-24 (SFP+).

Command Mode

EXEC

Command Syntax

show hardware port-group

Guidelines

The hardware port-group command is available on the DCS-7050Q-16 switches.

Example

This command displays the status of ports in the two port groups on a DCS-7050Q-16 switch.

switch# show hardware port-group

Portgroup: 1    Active Ports: Et15/1-4
Port            State
------------------------------------------
Ethernet17      ErrDisabled
Ethernet18      ErrDisabled
Ethernet19      ErrDisabled
Ethernet20      ErrDisabled
Ethernet15/1    Active
Ethernet15/2    Active
Ethernet15/3    Active
Ethernet15/4    Active

Portgroup: 2    Active Ports: Et16/1-4
Port            State
------------------------------------------
Ethernet16/1    Active
Ethernet16/2    Active
Ethernet16/3    Active
Ethernet16/4    Active
Ethernet21      ErrDisabled
Ethernet22      ErrDisabled
Ethernet23      ErrDisabled
Ethernet24      ErrDisabled
switch>

show hardware system forwarding-chips

The command show hardware system forwarding-chips displays information about the forwarding chips on your switch.

Command Mode

Global Configuration

Command Syntax

show hardware system forwarding-chips

Parameters

system Displays information about the system hardware component configuration.
forwarding-chips Displays details about the forwarding chips on a switch.

Example

Use the following command to display information about the forwarding chips on your switch:

switch# show hardware system forwarding-chips
Slot      Chip Label   Chip Version Chip Name   Forwarding Agent
--------- ------------ ------------ ----------- ----------------
Fabric1   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric1   FabricAsic-1 88775B0      Fe3200      Sand            
Fabric2   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric2   FabricAsic-1 88775B0      Fe3200      Sand            
Fabric3   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric3   FabricAsic-1 88775B0      Fe3200      Sand            
Fabric4   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric4   FabricAsic-1 88775B0      Fe3200      Sand            
Fabric5   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric5   FabricAsic-1 88775B0      Fe3200      Sand            
Fabric6   FabricAsic-0 88775B0      Fe3200      Sand            
Fabric6   FabricAsic-1 88775B0      Fe3200      Sand            
Linecard3 SwitchAsic-0 88682A1      JerichoPlus Sand            
Linecard3 SwitchAsic-1 88682A1      JerichoPlus Sand            
Linecard3 SwitchAsic-2 88682A1      JerichoPlus Sand            
Linecard3 SwitchAsic-3 88682A1      JerichoPlus Sand            
Linecard6 SwitchAsic-0 88682A1      JerichoPlus Sand            
Linecard6 SwitchAsic-1 88682A1      JerichoPlus Sand            
Linecard6 SwitchAsic-2 88682A1      JerichoPlus Sand            
Linecard6 SwitchAsic-3 88682A1      JerichoPlus Sand

The output displays the following information:

Slot - the location of the forwarding chip
Chip Label - the type of forwarding chip
Chip Version - the version of the forwarding chip
Chip Name - the name of the forwarding chip
Forwarding Agent - the type of forwarding agent on the chip

show interface counters

Use the show interface counters command to view the VLAN interface, subinterface, and the GRE Tunnel interface ingress and egress counters. The show interface counters command output includes the L3 interfaces when the corresponding hardware counter feature is enabled.

Command Mode

EXEC

Command Syntax

show interface counters

Example

Use the show interface counters command to display the VLAN interface, subinterface, GRE tunnel interface ingress and egress counters:

switch# show interface counters
L3 Interface       InOctets     InUcastPkts     InMcastPkts
Vl12                      0               0               0
Et1.1                     0               0               0
                   InOctets          InPkts
Tun1 		       0               0


L3 Interface       OutOctets     OutUcastPkts     OutMcastPkts
Vl12                      0               0               0
Et1.1                     0               0               0
                   OutOctets          OutPkts
Tun1 		        0               0

show interfaces counters ip

Use the show interfaces counters ip command to display IPv4, IPv6 packets, and octets.

Command Mode

EXEC

Command Syntax

show interfaces counters ip

Example

The following command IPv4 and IPv6 ingress and egress counters: configuration mode.

switch# show interfaces counters ip
Interface   IPv4InOctets    IPv4InPkts     IPv6InOctets    IPv6InPkts
Et1/1            0               0               0               0Et1/2            0               0               0               0
Et1/3            0               0               0               0
Et1/4            0               0               0               0
 ...
Interface  IPv4OutOctets  IPv4OutPkts    IPv6OutOctets   IPv6OutPkts    
Et1/1            0               0               0               0
Et1/2            0               0               0               0
Et1/3            0               0               0               0
Et1/4            0               0               0               0
                        ...

show interfaces counters bins

The show interfaces counters bins command displays packet counters, categorized by packet length, for the specified interfaces. Packet length counters that the command displays include:

64 bytes
65-127 bytes
128-255 bytes
256-511 bytes
512-1023 bytes
1024-1522 bytes
larger than 1522 bytes

Command Mode

EXEC

Command Syntax

show interfaces [interface] counters bins

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
port-channel p_range Port-Channel Interface range specified by p_range.

Related Commands

show interfaces counters
show interfaces counters errors
show interfaces counters queue
show interfaces counters rates

Example

This command displays packet counter results for interface ethernet 1 and interface ethernet 2.

switch# show interfaces ethernet 1-2 counters bins
Input
Port                64 Byte      65-127 Byte     128-255 Byte     256-511 Byte
------------------------------------------------------------------------------
Et1                    2503         56681135          1045154          1029152
Et2                       8         50216275          1518179          1086297

Port          512-1023 Byte   1024-1522 Byte    1523-MAX Byte
-------------------------------------------------------------
Et1                  625825         17157823          8246822
Et2                  631173         27059077          5755101
switch>

show interfaces counters errors

The show interfaces counters errors command displays the error counters for the specified interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] counters errors

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
port-channel p_range Port-Channel Interface range specified by p_range.

Display Values

The table displays the following counters for each listed interface:

FCS: Inbound packets with CRC error and proper size.
Align: Inbound packets with improper size (undersized or oversized).
Symbol: Inbound packets with symbol error and proper size.
Rx: Total inbound error packets.
Runts: Outbound packets that terminated early or dropped because of underflow.
Giants: Outbound packets that overflowed the receiver and were dropped.
Tx: Total outbound error packets.

Related Commands

show interfaces counters
show interfaces counters bins
show interfaces counters queue
show interfaces counters rates

Examples

This command displays the error packet counters on interface ethernet 1 and interface ethernet 2.

switch# show interfaces ethernet 1-2 counters errors
Port               FCS    Align   Symbol       Rx    Runts   Giants       Tx
Et1                  0        0        0        0        0        0        0
Et2                  0        0        0        0        0        0        0
switch>

show interfaces counters queue

The show interfaces counters queue command displays the queue drop counters for the specified interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] counters queue

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
port-channel p_range Port-Channel Interface range specified by p_range.

Related Commands

show interfaces counters
show interfaces counters bins
show interfaces counters errors
show interfaces counters rates

Example

This command displays the queue drop counters for interface ethernet 1 and interface ethernet 2.

switch# show interfaces ethernet 1-2 counters queue
Port                  InDrops
Et1                       180
Et2                       169
switch>

show interfaces counters rates

The show interfaces counters rates command displays the received and transmitted packet rate counters for the specified interfaces. Counter rates include megabits per second (Mbps), thousands of packets per second (Kpps), and utilization percentage.

All port rates are approximately calculated. Note that, when displaying the rate information of a port channel, the rate value of the port channel differs from the sum of the rates for the member ports. The discrepancy is likely to be larger for port channels with fewer ports except for port channels with single ports. The rate values of individual member ports are less inaccurate than the rate values of the port channel as a whole.

Command Mode

EXEC

Command Syntax

show interfaces [interface] counters rates

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
port-channel p_range Port-Channel Interface range specified by p_range.

Related Commands

show interfaces counters
show interfaces counters bins
show interfaces counters errors
show interfaces counters queue

Example

This command displays rate counters for interface ethernet 1 and interface ethernet 2.

switch# show interfaces ethernet 1-2 counters rates
Port        Intvl   In Mbps      %  In Kpps  Out Mbps      % Out Kpps
Et1          0:05      53.3   0.5%        5      31.2   0.3%        2
Et2          0:05      43.3   0.4%        4       0.1   0.0%        0
switch#

show interfaces counters

The show interface counters command displays the Layer 3 ingress traffic count information. Run this command to view the traffic counts on a sub-interface or VLAN interface. The clear counters command resets the counters to zero. Counters displayed by the command include:

inbound bytes
inbound unicast packets
inbound multicast packets
inbound broadcast packets
outbound bytes
outbound unicast packets
outbound multicast packets
outbound broadcast packets

Command Mode

EXEC

Command Syntax

show interfaces [interface] counters [incoming]

Parameters

interface Interface type and numbers. Options include:
- no parameter All interfaces.
- ethernet e_range Ethernet interface range specified by e_range.
- management m_range Management interface range specified by m_range.
- port-channel p_range Port-Channel Interface range specified by p_range.
- subinterface Displays subinterface traffic counts.
- vlan-interface Displays VLAN interface traffic counts.
incoming Displays the traffic count for the ingress port.
Note: When no interface is specified, the output starts with ingress and egress counters section for regular interfaces, followed by section for the ingress L3 Interface counters.

Related Commands

show interfaces counters bins
show interfaces counters errors
show interfaces counters queue
show interfaces counters rates

Examples

This command displays byte and packet counters for interface ethernet 1 and interface ethernet 2

switch# show interfaces ethernet 1-2 counters
Port                 InOctets     InUcastPkts     InMcastPkts     InBcastPkts
Et1               99002845169        79116358           75557            2275
Et2               81289180585        76278345           86422              11

Port                OutOctets    OutUcastPkts    OutMcastPkts    OutBcastPkts
Et1                4347928323         6085482          356173            2276
Et2                4512762190         5791718          110498              15

switch>

This command displays the ingress traffic count on a VLAN interface vl12.

switch# show interface vl12 counters incoming
L3 Interface InOctets InUcastPkts InMcastPkts
Vl12           3136          47           2

show interfaces flow-control

The show interfaces flow-control command displays administrative and operational flow-control data for the specified interfaces. Administrative data is the parameter settings stored in running-config for the specified interface; the switch uses these settings to negotiate flow control with the peer switch. Operational data is the resolved flow-control setting that controls the port's behavior.

Command Mode

EXEC

Command Syntax

show [interface] flow-control

Parameters

interface Interface type and number for which the flow-control data is displayed.

no parameter All interfaces.
ethernet e_range Ethernet interfaces in the specified range.
management m_range Management interfaces in the specified range.

Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

This command shows the settings for Ethernet interfaces 1-10.

switch# show flow-control interface ethernet 1-10
Port       Send FlowControl  Receive FlowControl  RxPause       TxPause
           admin    oper     admin    oper
---------  -------- -------- -------- --------    ------------- -------------
Et1        off      off      off      off         0             0
Et2        off      off      off      off         0             0
Et3        off      off      off      off         0             0
Et4        off      off      off      off         0             0
Et5        off      off      off      off         0             0
Et6        off      off      off      off         0             0
Et7        off      off      off      off         0             0
Et8        off      off      off      off         0             0
Et9        off      off      off      off         0             0
Et10       off      off      off      off         0             0
switch#

show interfaces hardware default

The show interfaces hardware default command displays the static interface capability information of the specified interfaces. This command displays information about the speed, auto-negotiation, error correction, and modulation capabilities (when applicable) of a system’s ports. The command also provides information displayed by the show interfaces hardware command, such as model number, interface type, duplex mode, and flow control settings of the specific interface. Compared to the show interfaces hardware command, this command only accounts for the capabilities of the system architecture and does not consider the capabilities of a transceiver.

Command Mode

EXEC

Command Syntax

show interfaces [interface] hardware default

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.

Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.

Examples

This command displays the static interface capability information at the default level.

switch> show interfaces hardware default
Ethernet1
  Model:     DCS-7020TR-48
  Type:      1000BASE-T
  Speed/Duplex: 100M/full,1G/full
  Flowcontrol:  rx-(off,on,desired),tx-(off)
  Autoneg CL28: 100M/full,1G/full
  Autoneg CL37: 1G/full
switch>

This command displays the static interface capability information for interface ethernet 4/1/1

switch> show interfaces ethernet 4/1/1 hardware default
Ethernet4/1/1
  Model:     7500R2AK-36CQ-LC
  Type:      40GBASE-CR4
  Speed/Duplex: 1G/full,10G/full,25G/full,40G/full,50G/full,100G/full
  Flowcontrol:  rx-(off,on,desired),tx-(off)
  Autoneg CL28: 1G/full,10G/full
  Autoneg CL73:
IEEE:           25G/full,40G/full,100G/full
Consortium: 25G/full,50G/full
  Error Correction:
Reed-Solomon: 25G,50G,100G
Fire-code:   25G,50G

show interfaces hardware

The show interfaces hardware command displays the model number, interface type, duplex mode, and flow-control settings of the specified interfaces. The capabilities command is available on Ethernet and management interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] hardware

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.

Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

This command displays the model number, interface type, duplex mode, and flow control settings for interface ethernet 2 and interface ethernet 18.

switch# show interfaces ethernet 2,18 hardware
Ethernet2
  Model:        DCS-7150S-64-CL
  Type:         10GBASE-CR
  Speed/Duplex: 10G/full,40G/full,auto
  Flowcontrol:  rx-(off,on,desired),tx-(off,on,desired)
Ethernet18
  Model:        DCS-7150S-64-CL
  Type:         10GBASE-SR
  Speed/Duplex: 10G/full
  Flowcontrol:  rx-(off,on),tx-(off,on)
switch#

show interfaces interactions

The show interfaces interactions command aims to provide users with a resource that explains various relationships between Ethernet interfaces. It describes interactions in which a configuration on an interface causes another set of interfaces to become inactive or have reduced capabilities. Examples include a primary interface consuming subordinate interfaces to service a four-lane speed or platform restriction that requires four interfaces of a port to operate at the same speed.

Command Mode

EXEC

Command Syntax

show interfaces [intf] interactions

Parameter

intf Hardware Ethernet interface. You can restrict the output by interface name.

Examples

The information is displayed as a text dump. Each section of information appears on a separate indentation level. The first indent level is the interface, the second is the desired configuration, and the third is the list of interactions. For example, the output below describes the following:

If the user wants to configure Ethernet2/1 for 40G, Ethernet2/2-4 becomes inactive.

If the user wants to configure Ethernet2/1 for 10G, it does not affect other interfaces.

switch# show interface et2/1 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet2/1:
  For speed 40G
    Ethernet2/2-4 become inactive
  For speed 10G*
    No interactions with other interfaces

The asterisk next to the 10G entry indicates that these same interactions apply for speeds lower than 10G that the interface supports. In other words, if this interface also supports 1G or 100M, the configuration does not affect other interfaces.

Types of Interactions

No Interactions

If there are no interactions for the given interfaces, the display shows No interfaces interactions. Depending on what configurations have interactions, the line could appear at different indentation levels. The rules are:

If all specified interfaces have no interactions, print at the first indentation level.
If only some specified interfaces have no interactions and those interfaces have no interactions at any speeds, print at the second indentation level for those interfaces.

If only some specified interfaces have no interactions and those interfaces only have interactions at some speeds, print at the third indentation level for those speeds.

switch# show int et1,2 interactions
No interfaces interactions

switch# show int et1,2,5/1 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet1
  No interactions with other interfaces
Ethernet2
  No interactions with other interfaces
Ethernet5/1
  For speed 40G
    Ethernet5/2-4 become inactive
  For speed 10G*
    No interactions with other interfaces

Inactive Interfaces

If a configuration on an interface causes other interfaces to become inactive, a message like the ones bolded below appears. A common example of this is configuring a QSFP28 port for 100G, which results in the /2,/3, and /4 interfaces becoming inactive. Note that display information for inactive interfaces is included in the specified range, ignoring whether or not inactive interfaces are exposed.

switch# show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet11/1:
  For speed 100G-4
    Ethernet11/2-4 become inactive
  For speed 50G-2
    Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
  For speed 40G
    Ethernet11/2-4 become inactive
  For speed 25G
    Ethernet11/2-4 are limited to 25G
  For speed 10G*
    Ethernet11/2-4 are limited to 10G*
Ethernet11/3:
  For speed 50G-2
    Ethernet11/4 becomes inactive
    Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
    Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
    Primary interface Ethernet11/1 must be operating at 10G*

Required Primary Interface Configuration

Some interface configurations require a particular primary interface configuration to function. These interactions are captured with messages similar to the ones bolded below.

switch# show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet11/1:
  For speed 100G-4
    Ethernet11/2-4 become inactive
  For speed 50G-2
    Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
  For speed 40G
    Ethernet11/2-4 become inactive
  For speed 25G
    Ethernet11/2-4 are limited to 25G
  For speed 10G*
    Ethernet11/2-4 are limited to 10G*
Ethernet11/3:
  For speed 50G-2
    Ethernet11/4 becomes inactive
    Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
    Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
    Primary interface Ethernet11/1 must be operating at 10G*

Hardware Speed-Group Requirements

Some interface configurations require an additional speed-group configuration to operate correctly. If speed-group configurations are required, there will be a message displayed similar to the ones bolded below.

Note: A single speed-group may include more than one compatibility setting. Using the example below as reference, Ethernet1/1 at 100G-4 and Ethernet2/1 at 40G are compatible configurations as long as hardware speed-group 1 can include 50g and 10g rates simultaneously.

switch# show interfaces et1/1,2/1 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet1/1:
  For speed 100G-4
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 50g
  For speed 40G
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 10g
  For speed 25G
    Ethernet2/1,2/3 become inactive
    Ethernet1/3 is limited to 25G/10G
    Hardware speed-group 1 must include 25g
  For speed 10G
    Ethernet2/1,2/3 become inactive
    Ethernet1/3 is limited to 25G/10G
    Hardware speed-group 1 must include 10g
Ethernet2/1:
  For speed 100G-4
    Ethernet2/3 becomes inactive
    Ethernet1/1 must be operating at 100G-4/50G-2/40G
    Hardware speed-group 1 must include 50g
  For speed 40G
    Ethernet2/3 becomes inactive
    Ethernet1/1 must be operating at 100G-4/50G-2/40G
    Hardware speed-group 1 must include 10g

Compatible Parent Interface Configuration

The parent interface may be configured for any one of the compatible rates. Additionally, more than one interface may be required to be configured at a compatible rate. These interactions are captured with messages similar to the ones bolded below

Note: Using the example below as a reference, suppose that Ethernet1/1 is configured for 100G-4 and that the goal is to configure Ethernet1/8 to 50G-1. According to the display, Ethernet1/1 is configured for a compatible rate. That said, in order for Ethernet1/1 to operate at 100G-4, hardware speed-group 1 must be configured to include the 25g compatibility setting. Additionally, hardware speed-group 1 must also include the 50g compatibility setting to enable Ethernet1/8 to operate at 50G-1. Interactions on Ethernet1/5 and Ethernet1/7 must be considered as well (omitted from the example for brevity).

switch# show interfaces et1/1,1/8 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet1/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
  For speed 400G-8
    Ethernet1/2-8 become inactive
    Hardware speed-group 1 must include 50g
  For speed 200G-4
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 50g
  For speed 100G-2
    Ethernet1/2 becomes inactive
    Hardware speed-group 1 must include 50g
  For speed 100G-4
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 25g
  For speed 50G-1
    Hardware speed-group 1 must include 50g
  For speed 50G-2
    Ethernet1/2 becomes inactive
    Hardware speed-group 1 must include 25g
  For speed 40G
    Ethernet1/2-4 become inactive
    Hardware speed-group 1 must include 10g
  For speed 25G
    Hardware speed-group 1 must include 25g
  For speed 10G
    Hardware speed-group 1 must include 10g
Ethernet1/8:
  For speed 50G-1
    Ethernet1/1 must be operating at 200G-4/100G-2/100G-4/50G-1/50G-2/40G/25G/10G
    Ethernet1/5 must be operating at 100G-2/50G-1/50G-2/25G/10G
    Ethernet1/7 must be operating at 50G-1/25G/10G
    Hardware speed-group 1 must include 50g

Speed-limited Interfaces

Some interface configurations limit how other interfaces can operate. If such limitations occur, a message displays similar to the ones bolded below.

switch# show interfaces et11/1,11/3 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet11/1:
  For speed 100G-4
    Ethernet11/2-4 become inactive
  For speed 50G-2
    Ethernet11/2,11/4 become inactive
    Ethernet11/3 is limited to 50G-2
  For speed 40G
    Ethernet11/2-4 become inactive
  For speed 25G
    Ethernet11/2-4 are limited to 25G
  For speed 10G*
    Ethernet11/2-4 are limited to 10G*
Ethernet11/3:
  For speed 50G-2
    Ethernet11/4 becomes inactive
    Primary interface Ethernet11/1 must be operating at 50G-2
  For speed 25G
    Primary interface Ethernet11/1 must be operating at 25G
  For speed 10G*
    Primary interface Ethernet11/1 must be operating at 10G*

Interfaces Sharing Logical Ports

Some interface ranges share logical port resources. If an interface shares logical ports with other interfaces, a message displays similar to the ones bolded below.

switch# show interfaces et1/1,4/1 interactions
* = includes less than 10G speeds that the interface is capable of

Ethernet1/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
  For speed 400G-8
    ...
Ethernet4/1:
  Ethernet1/1-4/8 share 18 interface hardware resources
  For speed 400G-8
    ...

show interface link-flap damping

The show interface link-flap damping command displays information about the configured dynamic link flap damping parameters.

Command Mode

Global Configuration

Command Syntax

show interface link-flap damping

Parameters

Interface - Displays the names of interfaces configured with one or more damping profiles assigned to it. A single interface can be displayed multiple times if configured with more than one profile.
Profile - Displays the name of the profile assigned to the interface.
Penalty - Displays the current damping demerit value for the profile and interface.
Suppressed - Displays the timestamp when the interface entered the damped state. No entry displayed if the interface has not entered the damped state.
Re-use - Displays the timestamp of the expected exit from the damped state after detecting no more flaps on the interface. No entry displayed if the interface has not entered the damped state.

Example

Use the show interface link-flap damping command to display information about the current status of all interfaces with Link Flap damping enabled:

switch#show interface link-flap damping
Interface  Profile       Penalty  Suppressed           Re-use
---------- ------------- -------- -------------------  -------------------
Ethernet1  TestProfile1  2000     2023-10-24 18:47:00  2023-10-24 18:48:25
Ethernet1  TestProfile2  0
Ethernet3  TestProfile1  2500     2023-10-24 18:46:59  2023-10-24 18:48:43
Ethernet3  TestProfile2  300

show interfaces negotiation

The show interfaces negotiation command displays the speed, duplex, and flow control auto-negotiation status for the specified interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] negotiation [info_level]

Parameters

interface Interface type and numbers. Options include:

no parameter Display information for all interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.
info_level Amount of information that is displayed. Options include:
- no parameter Displays the status and negotiated settings of local ports.
- detail Displays the status and negotiated settings of local ports and their peers.

Examples

This command displays the negotiated status of the management 1 and management 2 interfaces.

switch# show interface management 1-2 negotiation
Port       Autoneg            Negotiated Settings
           Status   Speed     Duplex    Rx Pause  Tx Pause
---------  -------  --------  --------  --------  --------
Ma1        success  100M      full      off       off
Ma2        success  auto      auto      off       off
switch>

This command displays the negotiated status of management 1 interface and its peer interface.

switch# show interface management 1 negotiation detail
Management1 :

Auto-Negotiation Mode     10/100/1000 BASE-T (IEEE Clause 28)
Auto-Negotiation Status   Success

  Advertisements       Speed           Duplex     Pause
                       --------------- ---------- --------------------
      Local            10M/100M/1G     half/full  Disabled
      Link Partner     None            None       None

  Resolution           100Mb/s         full       Rx=off,Tx=off
switch>

show interfaces phy

The show interfaces phy command displays physical layer characteristics for the specified interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] phy [inf_level]

Parameters

interface - Displays the interface type and numbers. Options include the following:

no parameter All interfaces.
ethernet e_range - Ethernet interfaces in the specified range.
Valid e_range formats include number, number range, or comma-delimited list of numbers and ranges.
info_level - Amount of information that is displayed. Options include:
- no parameter - Displays a table that summarizes PHY data.
- detail - Displays a data block for each specified interface.

Examples

This command summarizes PHY information for Ethernet interfaces 1-5.

switch# show interfaces ethernet 1-5 phy
Key:
   U    = Link up
   D    = Link down
   R    = RX Fault
   T    = TX Fault
   B    = High BER
   L    = No Block Lock
   A    = No XAUI Lane Alignment
   0123 = No XAUI lane sync in lane N

                                  State    Reset
Port           PHY state        Changes    Count PMA/PMD PCS   XAUI
-------------- --------------- -------- -------- ------- ----- --------
Ethernet1      linkUp             14518     1750 U..     U.... U.......
Ethernet2      linkUp             13944     1704 U..     U.... U.......
Ethernet3      linkUp             13994     1694 U..     U.... U.......
Ethernet4      linkUp             13721     1604 U..     U.... U.......
Ethernet5      detectingXcvr          3        1               D..A0123
switch#

This command displays detailed PHY information for interface ethernet 1.

switch# show interfaces ethernet 1 phy detail
Current System Time: Mon Dec  5 11:32:57 2011
Ethernet1
                              Current State     Changes            Last Change
  PHY state                   linkUp              14523            0:02:01 ago
  HW resets                                        1751            0:02:07 ago
  Transceiver                 10GBASE-SRL          1704            0:02:06 ago
  Transceiver SN              C743UCZUD
  Oper speed                  10Gbps
  Interrupt Count                                 71142
  Diags mode                  normalOperation
  Model                       ael2005c
  Active uC image             microInit_mdio_SR_AEL2005C_28
  Loopback                    none
  PMA/PMD RX signal detect    ok                  11497            0:37:24 ago
  PMA/PMD RX link status      up                  11756            0:37:24 ago
  PMA/PMD RX fault            ok                  11756            0:37:24 ago
  PMA/PMD TX fault            ok                      0                  never
  PCS RX link status          up                   9859            0:02:03 ago
  PCS RX fault                ok                   9832            0:02:03 ago
  PCS TX fault                ok                    330            0:27:44 ago
  PCS block lock              ok                   9827            0:02:03 ago
  PCS high BER                ok                   8455            0:02:05 ago
  PCS err blocks              255                                  0:02:03 ago
  PCS BER                     16                  50092            0:02:05 ago
  XFI/XAUI TX link status     up                   1282            0:27:44 ago
  XFI/XAUI RX fault           ok                    585            0:27:44 ago
  XFI/XAUI TX fault           ok                   2142            0:02:05 ago
  XFI/XAUI alignment status   ok                   2929            0:02:05 ago
  XAUI lane 0-3 sync          (0123) = 1111        2932            0:02:05 ago
  XAUI sync w/o align HWM     0                                          never
  XAUI sync w/o align max OK  5
  XAUI excess sync w/o align  0                                          never
  Xcvr EEPROM read timeout                           46    4 days, 6:33:45 ago
  Spurious xcvr detection                             0                  never
  DOM control/status fail                             0
  I2C snoop reset             0
  I2C snoop reset (xcvr)      0
  Margin count                5                last > 0            0:00:00 ago
  EDC resets                  1                                    0:02:03 ago
  EDC FFE0 - FFE11            -4 -5 57 -6 -6 -2 1 0 -2 -1 1 -1
  EDC FBE1 - FBE4             6 -1 5 -1
  EDC TFBE1 - TFBE4           1 2 1 2
  EDC VGA1, VGA3              12 115
  TX path attenuation         3.0 dB
  TX preemphasis              (0,63,4) (pre,main,post)
switch#

To reset the counters, use the clear phy counters interfaces command.

show interfaces status errdisabled

The show interfaces status errdisabled command displays interfaces that are in errdisabled state, including their link status and errdisable cause.

Command Mode

EXEC

Command Syntax

show interfaces [interface] status errdisabled

Parameters

interface Interface type and numbers. Options include:

no parameter Display information for all interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
port-channel p_range Port-Channel Interface range specified by p_range.
Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

This command displays the error-disabled ports.

switch# show interfaces status errdisabled

Port    Name           Status        Reason
------- -------------- ------------- ------------------
Et49/2                 errdisabled   multi-lane-intf
Et49/3                 errdisabled   multi-lane-intf
Et49/4                 errdisabled   multi-lane-intf
switch>

show interfaces status

The show interfaces status command displays the interface name, link status, vlan, duplex, speed, and type of the specified interfaces. When the command includes a link status, the results are filtered to display only interfaces whose link status matches the specified type.

Command Mode

EXEC

Command Syntax

show interfaces [interface]status [status_type]

Parameters

interface Interface type and numbers. Options include:

no parameter All existing interfaces.
ethernet e_range Ethernet interfaces in the specified range.
management m_range Management interfaces in the specified range.
port-channel p_range All existing port-channel interfaces in the specified range.
Valid e_range, m_range, and p_range formats include number, number range, or comma-delimited list of numbers and ranges.
status_type Interface status upon which the command filters the output. Options include:
- no parameter Does not filter on interface status.
- connected Interfaces connected to another port.
- notconnect Unconnected interfaces that are capable of connecting to another port.
- disabled Interfaces that have been powered down or disabled.
- sub-interfaces L3 subinterfaces configured on the switch.
  The command may include multiple status types (connected, notconnect, disabled), which can be placed in any order.

Examples

This command displays the status of Ethernet interfaces 1-5.

switch# show interfaces ethernet 1-5 status
Port      Name              Status       Vlan        Duplex  Speed Type
Et1                         connected    1             full    10G 10GBASE-SRL
Et2                         connected    1             full    10G 10GBASE-SRL
Et3                         connected    1             full    10G 10GBASE-SRL
Et4                         connected    1             full    10G 10GBASE-SRL
Et5                         notconnect   1             full    10G Not Present
switch>

This command displays status information for all subinterfaces configured on the switch.

switch# show interfaces status sub-interfaces
Port       Name    Status       Vlan     Duplex Speed  Type                Flags
Et1.1              connect       101      full   10G   dot1q-encapsulation
Et1.2              connect       102      full   10G   dot1q-encapsulation
Et1.3              connect       103      full   10G   dot1q-encapsulation
Et1.4              connect       103      full   10G   dot1q-encapsulation
switch>

show interface transceiver dom

The show interface [<intf>] transceiver dom command displays the most important current performance data on the media (line) side.

Example

switch# show interface Ethernet11/1 transceiver dom
Ch: Channel, N/A: not applicable, TX: transmit, RX: receive
mA: milliamperes, dBm: decibels (milliwatts), C: Celsius, V: Volts

Port 11
Last update: 0:00:05 ago
                                             Value
                                        ----------------
   Case temperature                         66.59 C
   Voltage                                   3.26 V
   TX power                                -10.23 dBm
   RX total power                          -11.61 dBm
   RX channel power                        -11.94 dBm
   Pre-FEC BER                           1.82e-03 
   Post-FEC errored frames ratio         0.00e+00 
   Chromatic dispersion (short link)         0.00 ps/nm
   Chromatic dispersion (long link)          0.00 ps/nm
   Differential group delay                  9.31 ps
   SOPMD                                     0.00 ps^2
   Polarization dependent loss               0.40 dB
   Received OSNR estimate                   35.10 dB
   Received ESNR estimate                   17.50 dB
   Carrier frequency offset                  0.00 MHz
   Error vector magnitude                  100.00 %
   SOP rate of change                        0.00 krad/s
   Laser temperature                        59.54 C
   Laser frequency                         193100.00 GHz

BER: Bit Error Rate
FEC: Forward Error Correction
OSNR: Optical Signal to Noise Ratio
ESNR: Electrical Signal to Noise Ratio
SOP: State of Polarization
SOPMD: State of Polarization Mode Dispersion

show interface transceiver eeprom

The show interface [<intf>] transceiver eeprom command displays the parsed capabilities.

Example

For 400GBASE-ZR, parsing of frequency tuning, power tuning (page 04h), and VDM configuration pages (20h-23h) are added.

switch# show interface Ethernet15/1 transceiver eeprom
Ethernet15 EEPROM:
...
  Frequency tuning support (04h:128-129):
    Grid spacing capabilities (04h:128):
      100 GHz grid supported (04h:128): true
      12.5 GHz grid supported (04h:128): false
      25 GHz grid supported (04h:128): false
      3.125 GHz grid supported (04h:128): false
      33 GHz grid supported (04h:128): false
      50 GHz grid supported (04h:128): false
      6.25 GHz grid supported (04h:128): false
      75 GHz grid supported (04h:128): true
    Tunable wavelength (04h:128): true
    Fine tuning support (04h:129): false
  Supported channel boundaries (04h:130-161):
    100 GHz grid (04h:150-153):
      Lowest channel (04h:150-151): -18
      Lowest frequency (04h:150-151): 191300000 MHz
      Highest channel (04h:152-153): 30
      Highest frequency (04h:152-153): 196100000 MHz
    75 GHz grid (04h:158-161):
      Lowest channel (04h:158-159): -72
      Lowest frequency (04h:158-159): 191300000 MHz
      Highest channel (04h:160-161): 120
      Highest frequency (04h:160-161): 196100000 MHz
  Programmable output power advertisement (04h:196-201):
    Lane programmable output power supported (04h:196): false
  VDM configuration (20h:128-255;21h:128-255):
    VDM group 1 (20h:128-255):
      Parameter 1 (20h:128-129):
        Lane (20h:128): 0
        Threshold ID (20h:128): 0
        Parameter type (20h:129): Laser temperature
      Parameter 3 (20h:132-133):
        Lane (20h:132): 0
        Threshold ID (20h:132): 2
        Parameter type (20h:133): eSNR host input
      Parameter 4 (20h:134-135):
        Lane (20h:134): 1
        Threshold ID (20h:134): 2
        Parameter type (20h:135): eSNR host input
      Parameter 5 (20h:136-137):
        Lane (20h:136): 2
        Threshold ID (20h:136): 2
        Parameter type (20h:137): eSNR host input
...
       Parameter 84 (21h:166-167):
        Lane (21h:166): 0
        Threshold ID (21h:166): 14
        Parameter type (21h:167): MER
  Number of VDM groups supported (2Fh:128): 2

show interfaces transceiver channels

The show interfaces transceiver channels command displays the current wavelength/frequency settings for the specified channels.

Command Mode

EXEC

Command Syntax

show interfaces [interface e_range] transceiver channels

Parameters

interface Interface type and port numbers.

ethernet e_range Ethernet interface range specified by e_range.

Related Commands

transceiver channel
show interfaces transceiver hardware

Example

This command displays the supported wavelengths/frequencies and their corresponding channel numbers on Ethernet interface 4 for slots 3 through 4.

switch(config-as-if-Et4/1/3)# show interfaces ethernet 4/3/4 transceiver 
channels
Name: Et4/3/4
100GHz- 50GHz-
Wavelength Frequency spacing spacing
(nm) (GHz) Channel Channel
---------- --------- ------- -------
1567.95 191,200 1 1
1567.54 191,250 2
1567.13 191,300 2 3
1566.72 191,350 4
....
1529.16 196,050 98
1528.77 196,100 50 99
1528.38 196,150 100
switch(config-as-if-Et4/1/3)#

show interfaces transceiver hardware

The show interfaces transceiver hardware command displays the current wavelength/frequency settings for the specified transceiver interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] ethernet e_range transceiver hardware

Parameters

interface Interface type and port numbers.

ethernet e_range Ethernet interface range specified by e_range.

Related Commands

transceiver channel
show interfaces transceiver channels

Example

This command displays the current wavelength/frequency settings on interface ethernet 4 to slot 3 through 4.

switch(config-as-if-Et4/1/3)# show interfaces ethernet 4 / 3 / 4 transceiver hardware
Name: Et4/3/4
Media Type: 10GBASE-DWDM
Configured Channel : 39
Configured Grid (GHz) : 50
Computed Frequency (GHz) : 193,100
Computed Wavelength (nm) : 1552.52
Operational Channel : 39 (Default)
Operational Grid (GHz) : 50 (Default)
Operational Frequency (GHz): 193,100
Operational Wavelength (nm): 1552.52
switch(config-as-if-Et4/1/3)#

show interfaces transceiver properties

The show interfaces transceiver properties command displays configuration information for the specified interfaces. Information the command provides includes the media type, interface speed-duplex settings, and speed-duplex operating state.

Command Mode

EXEC

Command Syntax

show interfaces [interface] transceiver properties

Parameters

interface Interface type and numbers. Options include:

no parameter Display information for all interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.

Related Commands

show interfaces transceiver

Example

This command displays the media type, speed, and duplex properties for Ethernet interfaces 1-3.

switch# show interfaces ethernet 1-3 transceiver properties
Name : Et1
Administrative Speed: 10G
Administrative Duplex: full
Operational Speed: 10G (forced)
Operational Duplex: full (forced)
Media Type: 10GBASE-SRL

Name : Et2
Administrative Speed: 10G
Administrative Duplex: full
Operational Speed: 10G (forced)
Operational Duplex: full (forced)
Media Type: 10GBASE-SRL

Name : Et3
Administrative Speed: 10G
Administrative Duplex: full
Operational Speed: 10G (forced)
Operational Duplex: full (forced)
Media Type: 10GBASE-SRL

switch>

show interfaces transceiver

The show interfaces transceiver command displays the operational transceiver data for the specified interfaces.

Command Mode

EXEC

Command Syntax

show interfaces [interface] transceiver [data_format]

Parameters

interface Interface type and numbers. Options include:

no parameter All interfaces.
ethernet e_range Ethernet interface range specified by e_range.
management m_range Management interface range specified by m_range.
Valid e_range and m_range formats include number, number range, or comma-delimited list of numbers and ranges.
data_format format used to display the data. Options include:
- no parameter Table entries are separated by tabs.
- csv Table entries are separated by commas.

Related Commands

show interfaces transceiver properties

Example

This command displays transceiver data on interface ethernet 1 through interface ethernet 4.

switch# show interfaces ethernet 1-4 transceiver
If device is externally calibrated, only calibrated values are printed.
N/A: not applicable, Tx: transmit, Rx: receive.
mA: milliamperes, dBm: decibels (milliwatts).
                             Bias      Optical   Optical
        Temp       Voltage   Current   Tx Power  Rx Power  Last Update
Port    (Celsius)  (Volts)   (mA)      (dBm)     (dBm)     (Date Time)
-----   ---------  --------  --------  --------  --------  -------------------
Et1      34.17      3.30      6.75     -2.41     -2.83     2011-12-02 16:18:48
Et2      35.08      3.30      6.75     -2.23     -2.06     2011-12-02 16:18:42
Et3      36.72      3.30      7.20     -2.02     -2.14     2011-12-02 16:18:49
Et4      35.91      3.30      6.92     -2.20     -2.23     2011-12-02 16:18:45
switch#

show interface link-flap damping

The show interface link-flap damping command displays information about the configured dynamic link flap damping parameters.

Command Mode

Global Configuration

Command Syntax

show interface link-flap damping

Parameters

Interface - Displays the names of interfaces configured with one or more damping profiles assigned to it. A single interface can be displayed multiple times if configured with more than one profile.
Profile - Displays the name of the profile assigned to the interface.
Penalty - Displays the current damping demerit value for the profile and interface.
Suppressed - Displays the timestamp when the interface entered the damped state. No entry displayed if the interface has not entered the damped state.
Re-use - Displays the timestamp of the expected exit from the damped state after detecting no more flaps on the interface. No entry displayed if the interface has not entered the damped state.

Example

Use the show interface link-flap damping command to display information about the current status of all interfaces with Link Flap damping enabled:

switch#show interface link-flap damping
Interface  Profile       Penalty  Suppressed           Re-use
---------- ------------- -------- -------------------  -------------------
Ethernet1  TestProfile1  2000     2023-10-24 18:47:00  2023-10-24 18:48:25
Ethernet1  TestProfile2  0
Ethernet3  TestProfile1  2500     2023-10-24 18:46:59  2023-10-24 18:48:43
Ethernet3  TestProfile2  300

show monitor ethernet oam profile

The show monitor ethernet oam profile command displays configuration information for the specified ethernet OAM profile name or ?the summary information of all configured profile names.

Command Mode

EXEC

Command Syntax

show monitor ethernet oam profile [name | summary]

Parameters

name The EOAM profile name.
summary The EOAM summary of all the configured profiles.

Related Commands

link-error
monitor ethernet oam profile

Examples

This command displays the OAM profile configuration information for the specific profile name.

switch# show monitor ethernet oam profile[name] 

         Ethernet OAM Profile : p

         Error Type : symbol

                           Threshold  :    20  frames
                           Action     :           log
                           Period     :    20 seconds

         Error Type : fcs
                           Threshold  :    10  frames
                           Action     :     linkfault
                           Period     :   100  frame

         Recovery Timeout : 20

This command displays the OAM profile configuration summary for all profiles configured.

switch# show monitor ethernet oam profile [name] summary

         Eoam Profile : p 
            Configured on:  Et3/1-4,5

show platform fm6000 agileport map

The show platform fm6000 agileport map command displays the list of Ethernet interfaces that are combinable to form a higher-speed port.

Command Mode

Privileged EXEC

Command Syntax

show platform fm6000 agileport map

Example

This command displays the agile port map for the switch, then configures Ethernet interface 13 as a 40G port, subsuming Ethernet interfaces 15, 17, and 19.

switch# show platform fm6000 agileport map

-----------------------------------------------------------------
Agile Ports       |        Interfaces subsumed in 40G link
-----------------------------------------------------------------
Ethernet1         |  Ethernet3      Ethernet5      Ethernet7
Ethernet2         |  Ethernet4      Ethernet6      Ethernet8
Ethernet13        |  Ethernet15     Ethernet17     Ethernet19
Ethernet14        |  Ethernet16     Ethernet18     Ethernet20

switch# config
switch(config)# interface ethernet 13
switch(config-if-Et13)# speed 40gfull

  WARNING!  Executing this command will cause the forwarding agent
            to be restarted. All interfaces will briefly drop links
            and forwarding on all interfaces will momentarily stop.


            Do you wish to proceed with this command? [y/N]

Ethernet13 configured for 40G.
Ethernet15, Ethernet17 and Ethernet19 are now subsumed.
switch(config-if-Et13)#

show platform trident flexcounters

The show platform trident flexcounters command displays the L3 interfaces when the corresponding hardware counter feature is enabled.

Command Mode

Privileged EXEC

Command Syntax

show platform trident flexcounters [vni [egress summary | ingress summary]]|[[vtep [decap summary | encap summary]]

Parameters

vni Displays the VNI feature state.
- egress summary Displays the FlexCounter summary for the egress direction.
- ingress summary Displays the FlexCounter summary for the ingress direction.
vtep Displays the VTEP feature state
- decap summary Displays the FlexCounter summary for decapsulation.
- encap summary Displays the FlexCounter summary for encapsulation.

Examples

The following example displays the headings for the show platform trident flexcounters vni egress summary show command.

switch# show platform trident flexcounters vni egress summary
VNI      EgrVfiIndex    PoolId    OffsetMode    BaseCounterIndex
-----------------------------------------------------------------

The following example displays the headings for the show platform trident flexcounters vni ingress summary show command.

switch# show platform trident flexcounters vni ingress summary
VNI      VfiIndex    PoolId    OffsetMode    BaseCounterIndex
--------------------------------------------------------------

The following example displays the headings for the show platform trident flexcounters vtep decap summary show command.

switch# show platform trident flexcounters vtep decap summary
VTEP      SvpIndex    PoolId    OffsetMode    BaseCounterIndex
---------------------------------------------------------------

The following example displays the headings for the show platform trident flexcounters vtep encap summaryshow command.

switch# show platform trident flexcounters vtep encap summary
VTEP      DvpIndex    PoolId    OffsetMode    BaseCounterIndex
---------------------------------------------------------------

show platform trident flexcounters l3intf

Use the show platform trident flexcounters l3intf command to display the subinterface, SVI, and GRE tunnel interface features.

Command Mode

EXEC

Command Syntax

show platform trident flexcounters l3intf [[in | out] [summary | values]]

Parameters

in summary Displays the details of the hardware resources allocated to the ingress subinterface, SVI, and GRE tunnel interface features.
out summary Displays the details of the hardware resources allocated to the egress subinterface, SVI, and GRE tunnel interface features.
in values Displays the counters in the counter and snapshot table for the ingress subinterface, SVI, and GRE tunnel interface features.
out values Displays the counters in the counter and snapshot table for the egress subinterface, SVI, and GRE tunnel interface features.

Note: The counter values in this show command output are not reset by the clear counters command.

Examples

Use the show platform trident flexcounters l3intf in summary command to display the details of the hardware resources allocated to the ingress subinterface, SVI, and GRE Tunnel Interface features.

switch# show platform trident flexcounters l3intf in summary
L3intf     CounterIndex    PoolId    OffsetMode   BaseCounterIndex
-------------------------------------------------------------------

Use the show platform trident flexcounters l3intf out summary command to display the details of the hardware resources allocated to the egress subinterface, SVI, and GRE Tunnel Interface features.

switch# show platform trident flexcounters l3intf out summary
L3intf     CounterIndex    PoolId    OffsetMode   BaseCounterIndex
-------------------------------------------------------------------

Use the show platform trident flexcounters l3intf in values command to display the counters in the counter and snapshot table for the ingress subinterface, SVI, and GRE Tunnel Interface features.

switch# show platform trident flexcounters l3intf in values
L3intf   Offser Bytes(cntTbl)    Bytes(snapTbl)    Pkts(cntTbl)    Pkts(snapTbl)
---------------------------------------------------------------------------------

Use the show platform trident flexcounters l3intf out values command to display the counters in the counter and snapshot table for the egress subinterface, SVI, and GRE Tunnel Interface features.

switch# show platform trident flexcounters l3intf out values

L3intf   Offser Bytes(cntTbl)    Bytes(snapTbl)    Pkts(cntTbl)    Pkts(snapTbl)
--------------------------------------------------------------------------------

show poe

The show poe command displays PoE information for a specified port range or for all ports.

Command Mode

Privileged EXEC

Command Syntax

show poe [interface]

Parameters

interface Interface type and numbers. Options include:

no parameter Display information for all interfaces.
ethernet e_range Ethernet interface range specified by e_range.

Example

This command displays PoE information for interface ethernet 46.

switch(config)# show poe interface ethernet 46

Port Enabled Enabled Limit  Power   State   Class  Power Current Voltage Temperature
---- ------- ------- ------ ------- ------- ------ ----- ------- ------- -----------
46      True    True 15.40W  15.40W powered class0 1.40W 27.00mA  55.04V      41.25C
switch(config-if-Et7)#

show qos scheduling

The show qos scheduling command displays the QoS configuration on one or more scheduling groups. Both group name and parent interface name are optional, in which case all groups will be displayed.

Command Mode

Privileged EXEC

Command Syntax

show qos scheduling Options

Parameter

Options include the Group, Interface or the Hierarchy.

Example

This command displays the QoS configuration for scheduling group G1 of interface Ethernet1.

switch# show qos scheduling group G1 Ethernet1
Interface: Et1
Scheduling Group Name: G1
Bandwidth: 10.1 / 10.0 (Gbps)
Shape Rate: 75.2 / 75.0 (Gbps)

Member         Bandwidth        Shape Rate
                (units)           (units)
------       -------------  ------------------
Et1.1           - /  - (-)  50.1 / 50.0 (Gbps)
Et1.2           - /  - (-)  30.1 / 30.0 (Gbps)

show route counters

Use the show route [ipv4 | ipv6] counters to display the IPv4 or IPv6 pack and byte counts.

Command Mode

EXEC

Command Syntax

show route [ipv4 | ipv6]

Parameters

ipv4 Displays IPv4 route counters.
ipv6 Displays IPv6 route counters.

Example

The following example displays the IPv4 packet and byte count.

switch# show route ipv4 counters
Vrf Name        Prefix       Packet Count    Byte Count
-------- ---------------- ------------------ ----------
 default    22.0.0.0/8                     0          0
 default    32.0.0.0/8                     0          0

show transceiver status interface

The show transceiver status interface [interface_name] command displays the most important alarms, faults, and interface status.

Example

For 400GBASE-ZR modules, the command’s output includes media and host-side coherent alarms, host-side pre-FEC BER, defined in the Coherent CMIS, and post-FEC BER:

switch# show transceiver status interface Ethernet14/1
                                Current State        Changes       Last Change
                                -------------        -------       -----------
Port 14
  Transceiver                   400GBASE-ZR                1       0:15:09 ago
  Transceiver SN                200554050                          
  Presence                      present                            
  Adapters                      none                               
  Bad EEPROM checksums                                     0       never
  Resets                                                   0       0:15:14 ago
  Interrupts                                               0       never
  Data path firmware fault      ok                         0       never
  Module firmware fault         ok                         0       never
  Temperature high alarm        ok                         0       never
  Temperature high warn         ok                         0       never
  Temperature low alarm         ok                         0       never
  Temperature low warn          ok                         0       never
  Voltage high alarm            ok                         0       never
  Voltage high warn             ok                         0       never
  Voltage low alarm             ok                         0       never
  Voltage low warn              ok                         0       never
  Module state                  ready                      4       0:14:55 ago
  Data path 1 state             activated                  4       0:07:21 ago
  Data path 2 state             activated                  4       0:07:21 ago
  Data path 3 state             activated                  4       0:07:21 ago
  Data path 4 state             activated                  4       0:07:21 ago
  Data path 5 state             activated                  4       0:07:21 ago
  Data path 6 state             activated                  4       0:07:21 ago
  Data path 7 state             activated                  4       0:07:21 ago
  Data path 8 state             activated                  4       0:07:21 ago
  RX LOS                        ok                         2       0:05:54 ago
  TX fault                      ok                         0       never
  RX CDR LOL                    ok                         0       never
  TX power high alarm           ok                         0       never
  TX power high warn            ok                         2       0:07:39 ago
  TX power low alarm            ok                         2       0:07:50 ago
  TX power low warn             ok                         4       0:07:39 ago
  TX bias high alarm            ok                         0       never
  TX bias high warn             ok                         0       never
  TX bias low alarm             ok                         0       never
  TX bias low warn              ok                         0       never
  RX power high alarm           ok                         0       never
  RX power high warn            ok                         0       never
  RX power low alarm            ok                         0       never
  RX power low warn             ok                         0       never
  TX loss of alignment       ok                         0       never
  TX out of alignment           ok                         0       never
  TX clock monitor unit LOL     ok                         0       never
  TX reference clock LOL        ok                         0       never
  TX deskew LOL                 ok                         0       never
  TX FIFO error                 ok                         0       never
  RX demodulator LOL            ok                         0       never
  RX CD compensation LOL        ok                         0       never
  RX loss of alignment          ok                         0       never
  RX out of alignment           ok                         0       never
  RX deskew LOL                 ok                         0       never
  RX FIFO error                 ok                         0       never
  RX FEC excessive degrade      ok                         0       never
  RX FEC detected degrade       ok                         0       never
  Freq tuning in progress       idle                       0       never
  Freq tuning busy              ok                         0       never
  Freq tuning invalid channel   ok                         0       never
  Freq tuning completed         no                         2       0:07:34 ago
Ethernet14/1
  Operational speed             400Gbps                            
  Pre-FEC bit error rate        0.00e+00                           
  Post-FEC errored frames ratio 0.00e+00                           
  TX LOS
    Host lane 1                 ok                         0       never
    Host lane 2                 ok                         0       never
    Host lane 3                 ok                         0       never
    Host lane 4                 ok                         0       never
    Host lane 5                 ok                         0       never
    Host lane 6                 ok                         0       never
    Host lane 7                 ok                         0       never
    Host lane 8                 ok                         0       never
  TX CDR LOL
    Host lane 1                 ok                         0       never
    Host lane 2                 ok                         0       never
    Host lane 3                 ok                         0       never
    Host lane 4                 ok                         0       never
    Host lane 5                 ok                         0       never
    Host lane 6                 ok                         0       never
    Host lane 7                 ok                         0       never
    Host lane 8                 ok                         0       never
  TX adaptive input EQ fault
    Host lane 1                 ok                         0       never
    Host lane 2                 ok                         0       never
    Host lane 3                 ok                         0       never
    Host lane 4                 ok                         0       never
    Host lane 5                 ok                         0       never
    Host lane 6                 ok                         0       never
    Host lane 7                 ok                         0       never
    Host lane 8                 ok                         0       never

Note:In the operational state, module state is ‘Ready’ and data path state for all 8 lanes is activated.

show VXLAN counters vni

Use the show VXLAN counters vni command to display the encapsulation and decapsulation counters at the VNI.

Command Mode

PrivilegedEXEC

Command Syntax

show VXLAN counters vni [encap | decap]

Parameters

encap Displays the encapsulation-related counters at the VNI.
decap Displays the decapsulation-related counters at the VNI.

Examples

The following show VXLAN counters vni encap command displays the encapsulation-related counters at the VNI.

switch# show VXLAN counters vni encap
                                      Encap BUM   Encap Drop
VNI       Encap Bytes  Encap Packets  Packets     Packets
-------- ------------- -------------- ----------- -----------
2824963             0               0           0           0
7023745             0               0           0           0

Encap Packets displays the total count of L2 packets successfully encapsulated by the VNI towards the VTEP.

Encap Drop Or Exception Packets displays the total count of L2 packets encapsulated and dropped for any reason.

The following show VXLAN counters vni decap command displays the decapsulation-related counters at the VNI.

switch# show VXLAN counters vni decap
                                                      Decap Drop Or             
                            Decap Known   Decap BUM       Exception
VNI       Decap Bytes   Unicast Packets      Packets        Packets
-------   -----------   ---------------   ----------   -------------
2824963             0                 0            0               0
7023745             0                 0            0               0

Decap Known Unicast Packets displays the total count of L2 known unicast packets coming into the VTI, hitting the VTEP, and getting decapsulated.

Decap BUM Packets displays the total count of L2 BUM packets coming into the VTI, hitting the VTEP, and getting decapsulated.

Decap Drop or Exception Packets displays the count of L2 packets coming into the VTI and getting dropped for any reason.

speed

The speed command configures the transmission speed and duplex settings for the configuration mode interface. The scope and effect of this command depend on the interface type. Interface types include:

40GBASE (QSFP+): Default is 4x10G-full. The speed forced 40gfull and speed auto 40gfull commands configure an interface as a 40GbE port.
10GBASE-T: Default is 10G-full. The speed command affects the interface.
10GBASE (SFP+): Default is 10G-full. The speed command does not affect the interface.
1000BASE (copper): Default is 1G-full. The speed auto 100full command affects the interface.
1000BASE (fiber): Default is 1G-full. The speed command does not affect the interface.
10/100/1000: Default is auto-negotiation. The speed command (with the 10/100/1000 options) affects the interface.

The speed 40gfull and auto 40gfull commands configure a QSFP+ Ethernet interface as a 40GbE port. The no speed and no auto 40gfull commands configure a QSFP+ Ethernet interface as four 10GbE ports. These commands must be applied to the /1 port. These commands are hitless on the 7050X, 7060X, 7250X, 7260X, 7280SE, 7300X, 7320X and 7500E series platforms. On all other platforms, these commands restart the forwarding agent, which will result in traffic disruption.

The no speed and default speed commands restore the default setting for the configuration mode interface by removing the corresponding speed command from the running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Management Configuration

Command Syntax

speed mode

no speed

default speed

Parameters

mode Transmission speed and duplex settings. Options include:

speed auto auto-negotiation mode. (For SFP-1G-T, it auto-negotiates 1 Gbps because no speed is specified, and we are defaulting to advertise 1 Gbps).
speed auto 40gfull auto-negotiation mode with clause 73 auto-negotiation.
speed auto 1G full/ speed 1G auto-negotiated 1 Gbps (note that per BASE-T standard, 1 Gbps must be negotiated).
speed auto 100full auto-negotiated 100 Mbps.
speed 100full non-negotiated and true-forced 100 Mbps.
Note: Interfaces using clause 73 auto-negotiation must connect to a device that runs clause 73 auto-negotiation.
sfp-1000baset auto auto-negotiation mode.
10000full 10G full duplex.
1000full 1G full duplex.
1000half 1G half duplex.
100full 100M full duplex.
100gfull 100G full duplex.
100half 100M half duplex.
10full 10M full duplex.
10half 10M half duplex.
40gfull 40G full duplex.

On 40GBASE and 100GBASE interfaces, options that change the SFP+ and MXP interfaces (the auto 40gfull, the 40gfull, and the no speed options) may restart the forwarding agent on some switch platforms, disrupting traffic on all ports for more than a minute.

Guidelines

Note: The SFP-1G-T transceivers advertise one speed at a time only. Hence, the desired speed and negotiation must be configured explicitly using the speed auto, speed auto 1G full/ speed 1G, speed auto 100full, and speed 100full commands.

Examples

This command configures a 40GBASE interface as a 40GbE port.

switch(config)# interface ethernet 49/1
switch(config-if-Et49/1)# speed 40gfull
switch(config-if-Et49/1)# show interface ethernet 49/1 - 49/4 status
Port      Name          Status       Vlan        Duplex  Speed Type
Et49/1                  connected    in Po999      full    40G 40GBASE-CR4
Et49/2                  errdisabled  inactive    unconf unconf 40GBASE-CR4
Et49/3                  errdisabled  inactive    unconf unconf 40GBASE-CR4
Et49/4                  errdisabled  inactive    unconf unconf 40GBASE-CR4
switch(config-if-Et49/1)#

This command configures a 40GBASE interface as four 10GbE ports (the default configuration).

switch(config-if-Et49/1)# no speed
switch(config-if-Et49/1)# show interface ethernet 49/1 - 49/4 status
Port      Name          Status       Vlan        Duplex  Speed Type
Et49/1                  connected    routed        full    10G 40GBASE-SR4
Et49/2                  connected    routed        full    10G 40GBASE-SR4
Et49/3                  connected    routed        full    10G 40GBASE-SR4
Et49/4                  notconnect   inactive      full    10G 40GBASE-SR4
switch(config-if-Et49/1)#

system

The system command allows the user to configure the system-wide TCAM profiles: default, mirroring-acl, mpls-evpn, pbr-match-nexthop-group, qos, tap-aggregation-default, tap-aggregation-extended, tc-counters, test, and VXLAN-routing.

The exit command returns the switch to global configuration mode.

Command Mode

Hardware TCAM

Command Syntax

system profile name

Parameter

name TCAM profile name.

Reference

hardware tcam

Example

This command allows the switch to configure the TCAM profile qos.

switch(config-hw-tcam)# system profile qos

threshold

The threshold command configures the link monitoring threshold value that is specified for a link error.

The no threshold and the default threshold commands remove the threshold value specified for the chosen link error.

Command Mode

Link-error Configuration

Command Syntax

[fcs | symbol] threshold threshold_value

no [fcs | symbol] threshold threshold_value

default [fcs | symbol] threshold threshold_value

Parameters

fcs Inbound packets with a Frame Check Sequence (FCS) error.
symbol Inbound packets with a symbol error.
threshold_value Specifies the threshold value expressed as a number of errors. The value ranges from 1 to 100.

Related Commands

action
period

Example

These commands set a threshold value of 20 for profile profile1 in link-error configuration mode.

switch(config)# monitor ethernet oam
switch(config-eoam)# profile profile1
switch(config-eoam-profile-profile1)# link-error                        
switch(config-eoam-profile-profile1-link-error)# symbol threshold 20

traffic-policies field-set

The traffic-policies field-set creates field sets of prefixes, ports, or VLAN IDs to load from a location set by a URL. Reuse large field sets without copying and pasting each field set into a configuration. The no traffic-policies field-set disables the feature, and the default traffic-policies field-set sets the feature to the default settings.

Command Mode

Traffic Policies Configuration Mode

Command Syntax

Parameters

integer - Configure a field set of integer ranges.
ipv4 - Configure a field set of IPv4 address ranges.
ipv6 - Configure a field set of IPv6 address ranges.
l4-ports - Configure a field set of Layer 4 port ranges.
mac - Configure a field set of MAC addresses.
vlan - Configure a field set of VLAN IDs.
abort - Abandon all changes.
commit - Commit all changes.
except - Configure any exceptions to the field set.
limit - Limit the configuration within a field set.
remove - Remove IP prefix from the IP prefix set.
source - Configure a source of a field set.
- and-results
- bgp
- file: - Provide alocal URL to load the field set entries.
- flash: - Provide the local URL from a flash drive and add the field set entries.
- http: - Provide a remote URL to load the field set entries.
- https: - Provide a remote URL to load the field set entries
- scp: - Provide a remote URL to load the field set entries.
- static - Configure a static entry for field sets.

Example

Use the following command to add the HTTP URL, http://1.1.1.1, with the field set, mybigfieldset, to a traffic policy:

switch(config)#traffic-policies
switch(config-traffic-policies)#field-set ipv4 prefix
mybigfield-set switch(config-traffic-policies-field-set ipv4 prefix
mybigfieldset)#source http://1.1.1.1

transceiver channel

The transceiver channel command sets the transceiver wavelength/frequency by channel number. The channel numbering depends on the selected grid-spacing mode. The default grid-spacing mode is 50 GHz-spacing.

If the startup configuration does not specify the channel number for the interface, the transceiver will automatically tune to the default channel (i.e., channel-39 of the 50 GHz-spacing grid) when it is inserted.
If the configured wavelength/frequency is not supported by the transceiver, the transceiver is tuned to the default channel (i.e., channel-39 of the 50 GHz-spacing grid).

The interface is shut down before the channel number is configured.

Command Mode

Global Configuration

Command Syntax

transceiver channel channel_number grid-spacing spacing_grid

no transceiver channel channel_number grid-spacing spacing_grid

default transceiver channel channel_number grid-spacing spacing_grid

Parameters

channel_number The default channel is 39 (50 GHz-spacing grid), which corresponds to a frequency of 193,100 GHz and a wavelength of 1552.52 nm.
grid_spacing Grid-spacing mode (optional) depends on the selected grid-spacing mode. The default grid-spacing mode is 50 GHz-spacing. For example, channel 39 of the 50GHz-spacing grid is equivalent to channel 20 of the 100 GHz-spacing grid, which corresponds to a frequency of 193,100 GHz and a wavelength of 1552.52 nm.
- spacing_grid default grid-spacing mode in GHz.

Related Commands

show interfaces transceiver channels
show interfaces transceiver hardware

Example

This command tunes the transceiver on slot number 4 to slot 1 through 3 of the 50 GHz-spacing grid.

switch(config-as)# interface ethernet 4/1/3
switch(config-if-Et4/1/3)# transceiver channel 1 grid-spacing 50
switch(config-if-Et4/1/3)#

transceiver qsfp default-mode

The transceiver qsfp default-mode command specifies the transmission mode of all QSFP transceiver modules that are not explicitly configured.

Each QSFP+ module Ethernet interface is configurable as a single 40GbE port or as four 10GbE ports. The switch displays four ports for each interface. Each port's status depends on the interface configuration:

The /1 port is active (connected or not connected), regardless of the interface configuration.
The /2, /3, and /4 ports are error-disabled when the interface is configured as a single 40GbE port.
All ports are active (connected or not connected) when the interface is configured as four 10GbE ports.

QSFP modules that are not configured through a speed command operate as four 10GbE ports.

The no transceiver qsfp default-mode and default transceiver qsfp default-mode commands restore the default-mode transceiver setting from 40GbE to 4x10GbE.

Command Mode

Global Configuration

Command Syntax

transceiver qsfp default-mode 4x10G

no transceiver qsfp default-mode

default transceiver qsfp default-mode

Note: QSFP100 ports with external PHY always have 40GbE as the default QSFP mode.

Guidelines

The transceiver qsfp default-mode 4x10G statement is always in the running-config and cannot be modified or removed in the current release.

Example

When the default QSFP mode is configured as 4x10G, the show running-config output contains transceiver qsfp default-mode 4x10G. The show interfaces hardware output shows 10G as the default speed.

switch(config)# transceiver qsfp default-mode 4x10G
switch(config)# show running-config | grep 4x10G
transceiver qsfp default-mode 4x10G
switch(config)# show interfaces ethernet 35/1 hardware
*  = Requires speed group setting change
Ethernet35/1
  Model:          DCS-7280CR3-32P4
  Type:           40GBASE-CR4
  Speed/Duplex:   10G/full(default),40G/full,auto
  Flowcontrol:    rx-(off,on,desired),tx-(off)

When the QSFP mode configuration is reverted to the default, the show running-config output does not contain transceiver qsfp default-mode 4x10G. The show interfaces hardware output shows 40G as the default speed.

switch(config)# no transceiver qsfp default-mode
switch(config)# show running-config | grep 4x10G
switch(config)# show interfaces ethernet 35/1 hardware
*  = Requires speed group setting change
Ethernet35/1
  Model:          DCS-7280CR3-32P4
  Type:           40GBASE-CR4
  Speed/Duplex:   10G/full,40G/full(default),auto
  Flowcontrol:    rx-(off,on,desired),tx-(off)

Port Channels and LACP

This chapter describes channel groups, port channels, port channel interfaces, and the Link Aggregation Control Protocol (LACP). This chapter contains the following sections:

Port Channel Introduction
Port Channel Conceptual Overview
Port Channel Configuration Procedures
Load Balancing Hash Algorithms
Port Channel and LACP Configuration Commands

Port Channel Introduction

Arista’s switching platforms support industry-standard link aggregation protocols. Arista switches optimize traffic throughput by using MAC addressing, IP addressing, and services fields to effectively load share traffic across aggregated links. Managers can configure multiple ports into a logical port channel, either statically or dynamically through the IEEE Link Aggregation Control Protocol (LACP). Various negotiation modes are supported to accommodate different configurations and peripheral requirements, including LACP fallback to support devices that need simple network connectivity to retrieve images or configurations prior to engaging port channel aggregation modes.

Arista’s Multi-chassis Link Aggregation protocol (MLAG) supports LAGs across paired Arista switches to provide both link aggregation and active/active redundancy.

Port Channel Conceptual Overview

Channel Groups and Port Channels

A port channel is a communication link between two switches supported by matching channel group interfaces on each switch. A port channel is also referred to as a Link Aggregation Group (LAG). Port channels combine the bandwidth of multiple Ethernet ports into a single logical link.

A channel group is a collection of Ethernet interfaces on a single switch. A port channel interface is a virtual interface that serves a corresponding channel group and connects to a compatible interface on another switch to form a port channel. Port channel interfaces can be configured and used in a manner similar to Ethernet interfaces. Port channel interfaces are configurable as Layer 2 interfaces, Layer 3 (routable) interfaces, and VLAN members. Most Ethernet interface configuration options are also available to port channel interfaces.

Port Channel Subinterfaces

Port channel subinterfaces divide a single port channel interface into multiple logical L3 interfaces based on the 802.1q tag (VLAN ID) of incoming traffic. Subinterfaces are commonly used in the L2/L3 boundary device, but they can also be used to isolate traffic with 802.1q tags between L3 peers by assigning each subinterface to a different VRF.

For further details about subinterfaces, see Subinterfaces.

Link Aggregation Control Protocol (LACP)

The Link Aggregation Control Protocol (LACP), described by IEEE 802.3ad, defines a method for two switches to automatically establish and maintain link aggregation groups (LAGs, also called channel groups or port channels). Using LACP, a switch can configure LACP-compatible ports into a dynamic LAG. The ports try to complete LACP negotiation automatically with the linked ports (also configured as a dynamic LAG) on the partner switch. The maximum number of ports per LAG varies by platform; numbers for each platform in the latest EOS release are available here: https://www.arista.com/en/support/product-documentation/supported-features.

Static LAGs

In static mode (with the channel-group mode configured as on on the member interfaces), the switch aggregates links without an awareness of LAGs on the partner switch and without LACP negotiation. The member ports do not send LACP packets or process inbound LACP packets on static LAGs. Packets may drop when static LAG configurations differ between switches.

Dynamic LAGs

Dynamic LAGs are aware of their partners’ port-channel states. Interfaces configured as dynamic LAGs are designated as active or passive.

Active interfaces send LACP Protocol Data Units (LACP PDUs) at a rate of one per second when forming a channel with an interface on the peer switch. An aggregate forms if the peer runs LACP in active or passive mode.
Passive interfaces only send LACP PDUs in response to PDUs received from the partner. The partner switch must be in active mode and initiates negotiation by sending a LACP packet. The passive mode switch receives and responds to the packet to form a LAG.

An active interface can form port channels with passive or active partner interfaces, but port channels are not formed when the interface on each switch is passive.

Table 1 summarizes the effect of different LACP mode combinations:

Table 1. LACP Mode Combinations
Switch 1	Switch 2	Comments
active	active	Links aggregate when LACP negotiation is successful.
active	passive	Links aggregate when LACP negotiation is successful.
passive	passive	Links do not aggregate because LACP negotiation is not initiated.
on (static)	on (static)	Links aggregate without LACP.
on (static)	active or passive	Links aggregate on the static switch without LACP; links do not aggregate on the other switch, and no port-channel connection is established with the partner.

During synchronization, interfaces in dynamic LAGs transmit one LACP PDU per second. After synchronization is complete, interfaces exchange one PDU every thirty seconds, facilitated by a default timeout of 30 seconds and a failure tolerance of three. Under these parameters, when the switch does not receive a LACP PDU for an interface during a ninety-second period, it records the partner interface as failed and removes the interface from the port channel.

Fallback Mode

An active interface that is not in fallback mode does not form a LAG until it receives PDUs from, and negotiates with its peer. Fallback mode allows an active LACP interface to maintain a LAG without receiving PDUs from its peer. The fallback timer specifies the period the LAG waits to receive a peer PDU. Upon timer expiry, the port channel reverts to its configured fallback mode if one is configured.

Static fallback: the port channel maintains one active port while in fallback mode; all its other member ports are in standby mode until a LACP PDU is received by the port channel. All member ports send (and can receive) LACP PDUs, but only the active port sends or receives data.

Individual fallback: all member ports act as individual switch ports while in fallback mode. Individual port configuration (rather than port channel configuration) is active while the port channel is in fallback mode, with the exception of ACLs. This includes VLAN membership. All member ports send and receive data, and continue to send LACP PDUs. As soon as a LACP PDU is received by a member of the port channel, all ports revert to normal port-channel operation.

The switch uses a link aggregation hash algorithm to determine the forwarding path within a link aggregation group. The IP and MAC header fields can be selected as components of the hash algorithm.

Port Channel Mirroring

EOS supports Port Channels as mirroring destinations for both ingress and egress source directions. Traffic mirrors to a port channel and load-balances based on the global port channel load balancing configuration.

Configure port channel members as a mirroring source port for both ingress and egress source directions. A port channel has higher privileges in mirroring source membership than its members. When configuring a port channel and members as mirroring source ports, only the port channel source port becomes active.

Port Channel Configuration Procedures

These sections describe channel group and port channel configuration procedures:

Configuring a Channel Group
Configuring a Port Channel Interface
Configuring Port Channel Mirroring
Maximum Port Channel ID Increase
Configuring Port Channel Subinterfaces
Configuring LACP
Displaying Port Channel Information

Configuring a Channel Group

Creating a Channel Group

The channel-group command assigns the configuration-mode Ethernet interfaces to a channel group, creates the channel group if it does not already exist, and specifies LACP attributes for the channel.

Channel groups are associated with a port channel interface immediately upon their creation. A command that creates a new channel group also creates a port channel with a matching ID. The port channel is configured in port-channel configuration mode. Configuration changes to a port channel interface propagate to all Ethernet interfaces in the corresponding channel group.

LACP is enabled on the member interfaces by setting the channel-group mode to active or passive. Setting the mode to on disabled LACP on the member interfaces and creates a static channel group.

Example

These commands assign Ethernet interfaces 1 and 2 to channel group 10 (creating the channel group if it does not already exist), enable LACP on those interfaces, and place the channel group in a negotiating state.

switch(config)# interface ethernet 1-2
switch(config-if-Et1-2)# channel-group 10 mode active
switch(config-if-Et1-2)#

Adding an Interface to a Channel Group

The channel-group command is also used to add the configuration mode interface to an existing channel group. When adding channels to a previously created channel group, the channel-group mode for the new channel must match the mode for the existing group.

Example

These commands add Ethernet interfaces 7 through 10 to previously created channel group 10, using the channel-group mode (active) under which it was created.

switch(config)# interface ethernet 7-10
switch(config-if-Et7-10)# channel-group 10 mode active
switch(config-if-Et7-10)#

Removing an Interface from a Channel Group

The no channel-group command removes the configuration mode interface from the specified channel group. Deleting all members of a channel group does not remove the associated port channel interface from running-config.

Example

These commands removes interface ethernet 8 from previously created channel group 10.

switch(config)# interface ethernet 8
switch(config-if-Et8)# no channel-group
switch(config-if-Et8)#

Configuring a Port-Channel as Mixed-Speed

By default, only configured members of the same speed become active. The port-channel speed mixed command configures a port channel with the ability to have active members of multiple speeds.

Note: Available on the 7020, 7280, 7500, and 7800 platforms. Minimum links is not available on mixed-speed port channels.

Example

switch(config)# interface port-channel 1
switch(config-if-Po1)# port-channel speed mixed

Configuring Minimum Links

Note: Minimum links is not available on Mixed-Speed Port-Channels. If a minimum requirement is desired for a Mixed-Speed Port-Channel, consider Minimum Speed instead. On Port-Channels that are not mixed-speed, if both Minimum Links and Minimum Speed are configured, then Minimum Speed will take precedence.

Configuring Minimum Speed

The port-channel speed minimum command specifies the cumulative minimum speed of all active members in order for a port channel to become active. If there is less than the specified by this command, the port channel interface does not become active.

Note: If both minimum speed and minimum links are configured, minimum speed will take precedence.

Example

These command sets 100 Gbps as the minimum speed needed for port channel 1 to become active.

switch(config)# interface port-channel 1
switch(config-if-Po1)# port-channel speed minimum 100 gbps

Deleting a Channel Group

A channel group is deleted by removing all Ethernet interfaces from the channel group. A channel group’s LACP mode can be changed only by deleting the channel group and then creating an equivalent group with a different LACP mode. Deleting a channel group by removing all Ethernet interfaces from the group preserves the port channel interface and its configuration settings.

View running-config to verify the deletion of all Ethernet interfaces from a channel group.

Configuring a Port Channel Interface

Creating a Port Channel Interface

The switch provides two methods for creating port channel interfaces:

creating a channel group simultaneously creates an associated port channel.
the interface port-channel command creates a port channel without assigning Ethernet channels to the new interface.

The interface port-channel command places the switch in interface-port channel configuration mode.

Example

This command creates interface port-channel 8 and places the switch in port channel interface configuration mode.

switch(config)# interface port-channel 8
switch(config-if-Po8)#

Deleting a Port Channel Interface

The no interface port-channel command deletes the configuration mode port channel interface and removes the channel group assignment for each Ethernet interface assigned to the group associated with the port channel interface. Removing all Ethernet interfaces from a channel group does not remove the associated port channel interface from running-config.

Configuring Port Channel Mirroring

Port Channels can be configured as a mirroring destination or a mirroring source.

Configuring a Port Channel as a Mirroring Destination

Use the following command to configure a port channel as a mirroring destination:

switch(config)#monitor session 1 destination Port-Channel 1

Unconfigured port channel interfaces can be configured as mirroring destinations, but do not become active until after configuring the port channel. Use the show monitor session to display the status of the configured mirroring destination.

Configuring a Port Channel as a Mirroring Source

Configure an interface member, Ethernet3/3/1 and Ethernet4/32/1, of a port channel as a mirroring source interface, with the session name, testmember:

switch#show Port-Channel 10
Port Channel Port-Channel10:
 Active Ports: Ethernet4/32/1 Ethernet3/3/1
 
switch(config)#monitor session testmember source et3/3/1
switch(config)#monitor session testmember source et4/32/1
switch(config)#monitor session testmember destination po1

Configuring a new monitor session testlag with the port channel interface as a mirroring source inactivates previously the port-channel member testmember monitor session.

switch(config)#monitor session testlag source po10
switch(config)#monitor session testlag destination et5/22/1

Use the show monitor session to display the status of the configured mirroring sources. Port channel member now displays a status of inactive.

switch(config)#show monitor session
                
Session testlag
------------------------
Source Ports:
   Both:    Po10
Destination Ports:
    Et5/22/1 :  active
                
Session testmember
------------------------
Source Ports:
   Both:        Et4/32/1
   Inactive:    Et3/3/1 ( Lag configured as source ) 
Destination Ports:
   Po1 :  active

Removing port channel member Et3/3/1 from port channel 10 reactivates the interface as a mirroring source interface.

switch(config)#interface ethernet 3/3/1
switch(config-if-Et3/3/1)#no channel-group 10
switch(config-if-Et3/3/1)#exit
                
switch(config)#show port-channel 10
Port Channel Port-Channel10:
  Active Ports: Ethernet4/32/1

Interface Et3/3/1 no longer displays as an inactive port in the show monitor session output.

switch(config)#show monitor session 
                
Session testlag
-----------------------
Source Ports:
  Both:        Po10
Destination Ports:
    Et5/22/1 :  active
                
Session testmember
----------------------
Source Ports:
  Both:        Et3/3/1, Et4/32/1
Destination Ports:
  Po1 :  active

Displaying Port Channel Mirroring Information

Use the following command to display information about mirroring to a destination:

switch#show Port-Channel 1
Port Channel Port-Channel1
 Active Ports: Ethernet1/1
                
switch#show monitor session
Session 1
------------------------
Source Ports:
Destination Ports:
   Po1 :  active

Use the following command to display information about mirroring to a source:

switch#show monitor session
Session testmember
------------------------
                
Source Ports:
  Both:        Et3/3/1, Et4/32/1
                
Destination Ports:
  Po1 :  active

Maximum Port Channel ID Increase

Previously, the maximum valid port channel ID was equal to the maximum number of port channels configurable on the system, 2000, and this feature increases the maximum ID to 999,999 while maintaining the same limit of 2000 port channels on the system.

Configuration

This feature does not involve any specific configuration procedure, but it does include visible changes to port channel configuration commands. In the following examples, suppose port channels 1-2000 have already been configured, so creating Port-Channel 2001 would exceed the configuration limit.

switch(config)# interface create port-channel 2001
Port channel config limit 2000 reached. No interfaces were created.

switch(config-ifEtX)# channel-group 2001 mode 
Port channel config limit 2000 reached. No interfaces were created.

Show Commands

Changes to existing show commands simply involve displaying when a port channel is inactive. In the following examples, suppose port channels 2001-4001 are configured, Port-Channel 4001 is inactive, and Ethernet1 is a member of Port-Channel 4001.

switch(config)# show lacp 1-$ aggregates
Port channel 4001 is inactive. The number of configured port channels exceeds the config limit 2000.
Port-Channels1-2000,4002-999999 not configured as LAG
Port Channel Port-Channel2001:
Aggregate ID: [(8000,00-1c-73-04-36-d7,0001,0000,0000),(8000,00-1c-73-09-a0-f3,0001,0000,0000)]
  Bundled Ports: Ethernet43 Ethernet44 Ethernet45 Ethernet46
Port Channel Port-Channel2002:
Aggregate ID: [(8000,00-1c-73-01-02-1e,0002,0000,0000),(8000,00-1c-73-04-36-d7,0002,0000,0000)]
  Bundled Ports: Ethernet47 Ethernet48
Port Channel Port-Channel2003:
Aggregate ID: [(8000,00-1c-73-04-36-d7,0003,0000,0000),(8000,00-1c-73-0c-02-7d,0001,0000,0000)]
  Bundled Ports: Ethernet3 Ethernet4
Port Channel Port-Channel2004:
Aggregate ID: [(0001,00-22-b0-57-23-be,0031,0000,0000),(8000,00-1c-73-04-36-d7,0004,0000,0000)]
  Bundled Ports: Ethernet42
Port Channel Port-Channel2005:
Aggregate ID: [(0001,00-22-b0-5a-0c-51,0033,0000,0000),(8000,00-1c-73-04-36-d7,0005,0000,0000)]
  Bundled Ports: Ethernet41




switch(config)# show lacp 1-$ counters
Port channel 4001 is inactive. The number of configured port channels exceeds the config limit 2000.
Port-Channels1-2000,4002-999999 not configured as LAG


switch(config)# show lacp 1-$ internal
Port channel 4001 is inactive. The number of configured port channels exceeds the config limit 2000.
Port-Channels1-2000,4002-999999 not configured as LAG
LACP System-identifier: 8000,00-1c-73-04-36-d7
State: A = Active, P = Passive; S=ShortTimeout, L=LongTimeout;
       G = Aggregable, I = Individual; s+=InSync, s-=OutOfSync;
       C = Collecting, X = state machine expired,
       D = Distributing, d = default neighbor state
             |Partner                                 Actor
Port Status  | Sys-id                 Port#  State    OperKey  PortPriority
----------------------------------------------------------------------------
Port Channel Port-Channel2001:
Et43 Bundled | 8000,00-1c-73-09-a0-f3    43  ALGs+CD   0x0001         32768
Et44 Bundled | 8000,00-1c-73-09-a0-f3    44  ALGs+CD   0x0001         32768
Et45 Bundled | 8000,00-1c-73-09-a0-f3    45  ALGs+CD   0x0001         32768
Et46 Bundled | 8000,00-1c-73-09-a0-f3    46  ALGs+CD   0x0001         32768

switch(config)# show lacp 1-$ peer
Port channel 4001 is inactive. The number of configured port channels exceeds the config limit 2000.
Port-Channels1-2000,4002-999999 not configured as LAG
State: A = Active, P = Passive; S=ShortTimeout, L=LongTimeout;
       G = Aggregable, I = Individual; s+=InSync, s-=OutOfSync;
       C = Collecting, X = state machine expired,
       D = Distributing, d = default neighbor state
               |                          Partner
Port   Status  | Sys-id                  Port#   State     OperKey  PortPri
----------------------------------------------------------------------------
Port Channel Port-Channel2001:
Et1    Bundled | 8000,00-1c-73-00-13-19      1   ALGs+CD    0x0001    32768
Et2    Bundled | 8000,00-1c-73-00-13-19      2   ALGs+CD    0x0001    32768
Port Channel Port-Channel2002:
Et23   Bundled | 8000,00-1c-73-04-36-d7     47   ALGs+CD    0x0002    32768
Et24   Bundled | 8000,00-1c-73-04-36-d7     48   ALGs+CD    0x0002    32768
Port Channel Port-Channel2004*:
Et3    Bundled | 8000,00-1c-73-0b-a8-0e     45   ALGs+CD    0x0001    32768
Et4    Bundled | 8000,00-1c-73-0b-a8-0e     46   ALGs+CD    0x0001    32768
Port Channel Port-Channel2005*:
Et19   Bundled | 8000,00-1c-73-0c-30-09     49   ALGs+CD    0x0005    32768
Et20   Bundled | 8000,00-1c-73-0c-30-09     50   ALGs+CD    0x0005    32768
Port Channel Port-Channel2006*:
Et6    Bundled | 8000,00-1c-73-01-07-b9     49   ALGs+CD    0x0001    32768
Port Channel Port-Channel2007*:
Et5    Bundled | 8000,00-1c-73-0f-6b-22     51   ALGs+CD    0x0001    32768
Port Channel Port-Channel2008*:
Et10   Bundled | 8000,00-1c-73-10-40-fa     51   ALGs+CD    0x0001    32768
 
* - Only local interfaces for MLAGs are displayed. Connect to the peer to
    see the state for peer interfaces.

switch(config)# show lacp interface Ethernet1 [(internal|neighbor|peer)]
Interface Ethernet1 is a member of an inactive LACP port channel. The number of configured port channels exceeds the config limit 2000.

switch(config)# show port-channel 1-$
Port Channel Port-Channel2001:
  No Active Ports
...
Port Channel Port-Channel4000:
  No Active Ports
Port Channel Port-Channel4001:
  Inactive, The number of configured port channels exceeds the config limit 2000.

switch(config)# show port-channel (dense|summary)

                  Flags
-------------------------- ----------------------------- -------------------------
   a - LACP Active            p - LACP Passive           * - static fallback
   F - Fallback enabled       f - Fallback configured    ^ - individual fallback
   U - In Use                 D - Down                   
   + - In-Sync                - - Out-of-Sync            i - incompatible with agg
   P - bundled in Po          s - suspended              G - Aggregable
   I - Individual             S - ShortTimeout           w - wait for agg
   E - Inactive. The number of configured port channels exceeds the config limit

Number of channels in use: ...
Number of aggregators: ...

   Port-Channel       Protocol    Ports
------------------ -------------- -------------------
   Po2001(U)          LACP(a)     Et47(PG+) Et48(PG+)
   Po2002(U)          LACP(a)     Et39(PG+) Et40(PG+)
   Po4001(E)          Static      Et7(P)

Limitations

The number of configured port channels can exceed the configurable limit if two configuration sessions simultaneously create two different port channels. In this scenario, port channels that exceed the limit are inactive. This is uncommon and does not impact traffic in any way. If an inactive port channel exists and an active port channel is deleted, then the inactive port channel is activated.
Only port channels with ID from 1 to 2000 are configured as MLAG port channels.

Configuring Port Channel Subinterfaces

When configuring subinterfaces on a port channel interface (the virtual interface associated with a port channel), the following restrictions apply:

An L3 interface with subinterfaces configured on it should not be made a member of a port channel.

An interface that is a member of a port channel should not have subinterfaces configured on it.
A subinterface cannot be made a member of a port channel.

Port channel subinterfaces are otherwise configured similarly to Ethernet subinterfaces. For additional information, see Subinterfaces.

Configuring LACP

Configuring the Channel-group Mode

The channel-group mode is configured when a channel group is created using the channel-group command. A channel group’s mode cannot be modified without deleting the entire channel group, but it can be modified without deleting the port channel interface associated with the channel group. The mode setting defines whether the port channel is static or dynamic, and whether a dynamic port channel is active or passive.

Examples

These commands create a dynamic channel group and place it in LACP active mode.

switch(config)# interface ethernet 1-2
switch(config-if-Et1-2)# channel-group 10 mode active
switch(config-if-Et1-2)#

These commands create a static channel group.

switch(config)# interface ethernet 4-5
switch(config-if-Et4-5)# channel-group 11 mode on
switch(config-if-Et4-5)#

Configuring the System Priority

Each switch is assigned a globally unique system identifier by concatenating the system priority (16 bits) to the MAC address of one of its physical ports (48 bits). The system identifier is used by peer devices when forming an aggregation to verify that all links are from the same switch. The system identifier is also used when dynamically changing aggregation capabilities in response to LACP information; the system with the numerically lower system identifier is permitted to dynamically change advertised aggregation capabilities.

The lacp system-priority command configures the switch’s LACP system priority.

Example

This command assigns the system priority of 8192 to the switch.

switch(config)# lacp system-priority 8192
switch(config)#

Configuring Port Priority

LACP port priority determines the port that is active in a LAG in fallback mode. Numerically lower values have higher priority. Port priority is supported on port channels that are enabled with LACP physical interfaces.

The lacp port-priority command sets the aggregating port priority for the configuration mode interface.

Example

This command assigns the port priority of 4096 to Ethernet interface 1.

switch(config-if-Et1)# lacp port-priority 4096
switch(config-if-Et1)#

Configuring the LACP Packet Reception Rate

The lacp timer command sets the reception rate of LACP packets on the local device for the interface being configured. This command supports the following reception rates:

normal: LACP packets are received at the following rates:
- 30 seconds for synchronized interfaces.
- One second for interfaces that are being synchronized.
fast: LACP packets are received every second.

Example

This command sets the LACP reception rate to one second on the Ethernet interface 4.

switch(config-if-Et4)# lacp timer fast
switch(config-if-Et4)#

Configuring LACP Fallback

Fallback mode (static or individual) is configured on a port channel interface with the port-channel lacp fallback command. The fallback timeout interval is configured with the port-channel lacp fallback timeout command. Fallback timeout settings persist in running-config without taking effect for interfaces that are not configured into fallback mode. The default fallback timeout period is 90 seconds.

Examples

These commands enable LACP static fallback mode, then configure an LACP fallback timeout of 100 seconds on port channel interface 13. If LACP negotiation fails, only the member port with the lowest LACP priority will remain active until an LACP PDU is received by one of the member ports.

switch(config)# interface port-channel 13
switch(config-if-Po13)# port-channel lacp fallback static
switch(config-if-Po13)# port-channel lacp fallback timeout 100
switch(config-if-Po13)# show active
interface Port-Channel13
   port-channel lacp fallback static
   port-channel lacp fallback timeout 100
switch(config-if-Po13)#

These commands enable LACP individual fallback mode, then configure an LACP fallback timeout of 50 seconds on port channel interface 17. If LACP negotiation fails, all member ports will act as individual switch ports, using port-specific configuration, until a LACP PDU is received by one of the member ports.

switch(config)# interface port-channel 17
switch(config-if-Po17)# port-channel lacp fallback individual
switch(config-if-Po17)# port-channel lacp fallback timeout 50
switch(config-if-Po17)# show active
interface Port-Channel17
   port-channel lacp fallback individual
   port-channel lacp fallback timeout 50
switch(config-if-Po17)#

Configuring Minimum Links

The port-channel min-links command specifies the minimum number of interfaces that the configuration mode LAG requires to be active. If there are fewer ports than specified by this command, the port channel interface does not become active.

Note: In static LAGs, the min-links value must be met for the LAG to be active. The LAG will not become active until it has at least the min-links number of functioning links in the channel group. If failed links cause the number to drop below the minimum, the LAG will go down and administrator action will be required to bring it back up. In dynamic LAGs, the LACP protocol must determine that at least min-links physical ports are aggregable (they are physically compatible and have the same keys both remotely and locally) before it begins negotiating to make any ports active members of the port-channel. However once negotiation begins, an error on the partner’s side or an error in programming of member interfaces can cause the LAG to become active with fewer than the minimum number of links. EOS evaluates min-links after min-links-review-timeout (linearly proportional to configured min-links) when LACP protocol collecting and/or distributing state changes. If the number of active member interfaces in a port-channel is less than configured min-links, it brings the corresponding port-channel Link Down and syslogs LAG-4-MINLINK_INTF_INSUFFICIENT message. If additional interfaces get programmed as collecting and distributing, EOS re-evaluates min-links on the port-channel. If sufficient number of interfaces are available to be a part of port-channel, then all interfaces of the corresponding port-channel are re-enabled for LACP negotiation and the port-channel becomes Link Up. LAG-4-MINLINK_INTF_NORMAL is syslogged after min-links-review-timeout if the min-links condition is satisfied; otherwise LAG-4-MINLINK_INTF_INSUFFICIENT is syslogged and the port-channel goes Link Down. If an interface remains in collecting state but not in distributing state for min-links-review-timeout, it is moved out of collecting state. It is periodically re-enabled after min-links-retry-timeout (which is 360 seconds) till it progresses to collecting and distributing. Meanwhile, if a port-channel becomes Link Up because sufficient number of interfaces progressed to collecting and distributing states, then this interface is enabled for LACP negotiation.

Example

This command sets four as the minimum number of ports required for port channel 5 to become active.

switch(config-if-Po5)# port-channel min-links 4
switch(config-if-Po5)#

Configuring Minimum Links Review Interval

The port-channel min-links review interval command enables or disables timer based min-links review feature for all port-channels. The timer based min-links feature is enabled when all of the following conditions are true. It is disabled otherwise:

The min-links configured is greater than 1.
LACP fallback is disabled.
The number of interfaces configured in the port-channel is more than min-links.
The number of active member interfaces in the port-channel is less than min-links.
The default timer values are:
- min-links-review-timeout = min-links-timeout-base + f (configured min-links).
- min-links-timeout-base = 180 seconds.
- min-links-retry-timeout = 360 seconds.

Displaying Port Channel Information

Port channel information is accessed using some of the show commands listed under Interface Display Commands. Ensure that while using the show interfaces counters rates command to view the rate information of a port channel, rate values for the individual member ports are less inaccurate than rate values of the port channel.

Both the port channel rate and the individual port rates are calculated approximations; the rate value of a port channel might vary from the total of the rates for the member ports. The discrepancy is likely to be larger for port channels with fewer ports, and will be most obvious in single-port port channels.

Load Balancing Hash Algorithms

The switch balances packet load across multiple links in a port channel by calculating a hash value based on packet header fields. The hash value determines the active member link through which the packet is transmitted. This method, in addition to balancing the load in the LAG, ensures that all packets in a data stream follow the same network path.

In network topologies that include MLAGs or Multiple Paths with Equal Cost (ECMP), programming all switches to perform the same hash calculation increases the risk of hash polarization, which leads to uneven load distribution among LAG and MLAG member links. This uneven distribution is avoided by performing different hash calculations on each switch routing the paths.

The port-channel load-balance command specifies the seed for hashing algorithms that balance the load across ports comprising a port channel. Available seed values vary by switch platform.

Example

This command configures the hash seed of 10 on 7150 Series (FM6000 platform) switches.

switch(config)# port-channel load-balance fm6000 10
switch(config)#

Hashing algorithm inputs varies by switch platform. These sections describe hashing algorithm inputs for each platform.

Load Balance Hash Algorithms on 7048 and 7500 Series Switches
Load Balance Hash Algorithms on 7500E Series Switches
Load Balance Hash Algorithms on 7050 Series Switches
Load Balance Hash Algorithms on 7150 Series Switches

Load Balance Hash Algorithms on 7048 and 7500 Series Switches

One command configures the load balance hash algorithm on 7048 and 7500 Series switches:

port-channel load-balance petraA fields ip: controls the hash algorithm for IP packets by specifying the algorithm’s use of IP and MAC header fields. Fields that the command can specify include source and destination IP addresses, source and destination port fields (for TCP and UDP packets), and the entire MAC address header.

The hash algorithm for non-IP packets is not configurable and always includes the entire MAC header.

Example

These commands configure the load balance algorithm for IP packets by using the entire MAC header.

switch(config)# port-channel load-balance petraA fields ip mac-header
switch(config)#

Load Balance Hash Algorithms on 7500E Series Switches

One command configures the load balance hash algorithm on 7500E Series switches:

port-channel load-balance arad fields ip: controls the hash algorithm for IP packets by specifying the algorithm’s use of IP and MAC header fields. Fields that the command can specify include source and destination IP addresses, source and destination port fields (for TCP and UDP packets), and the entire MAC address header.

The hash algorithm for non-IP packets is not configurable and always includes the entire MAC header.

Example

These commands configure the load balance algorithm for IP packets by using the entire MAC header.

switch(config)# port-channel load-balance arad fields ip mac-header
switch(config)#

Dynamic and Symmetric LAG Hashing

Dynamic LAG hashing enables high link utilization and highly even distribution among LAG members by employing a randomized hashing algorithm. Symmetric LAG hashing allows the two flows of a bidirectional communication link, even when the two flows enter the switch on different ingress ports, to be hashed to the same member of a LAG on egress.

Dynamic and symmetric LAG hashing policies are enabled via named port-channel load-balancing profiles. LAG load-balancing policies can be provisioned on per line-card basis using these profiles. Load-balancing profiles can be used to provision all LAG load-balance attributes, including hash polynomials, hash seeds, and hash fields.

When no specific LAG hashing profile is assigned to a line card, then a global LAG hashing profile can be defined and applied to all the line cards with no LAG hashing defined on them.

Note, if no profile is selected as global profile then the default profile takes the precedence and set as a global profile. The default profile is reserved and if it is set as a global profile it cannot be deleted, if the profile is deleted then the following warning message is displayed.

Note: When a global profile is already set and if some other profile is tried to configured as a default profile the following warning message is displayed “! A global load balancing profile myProfile is currently active. This setting will not take effect.”

Examples

These commands configure a load balance profile for symmetric hashing.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance arad profile
switch(config-sand-load-balance-profile-symmetric-profile-1)# hash symmetric
switch(config-sand-load-balance-profile-symmetric-profile-1)# show active
load-balance policies
   load-balance arad profile symmetric-profile-1
      hash symmetric

These commands configure a load balance profile for dynamic hashing.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance arad profile
switch(config-sand-load-balance-profile-dynamic-hash-profile-1)# distribution clock
switch(config-sand-load-balance-profile-dynamic-hash-profile-1)# show active load-balance policies
   load-balance arad profile dynamic-hash-profile-1
      distribution clock

This command assigns a named load-balancing profile to a linecard.

switch(config)# port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

This command unassigns a named load-balancing profile to a linecard.

switch(config)# no port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

This command configures a global profile on all line cards on which LAG hashing is not defined.
```
switch(config)# port-channel load-balance sand profile myGlobalProfile
```

These commands designates a default profile as a global profile, if no other profile is set as a global profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance sand profile default

These commands configure a hash seed in a profile and assigns it as a global profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance sand profile myGlobalProfile
switch(config-sand-load-balance-profile-myGlobalProfile)# hash seed 20
switch(config)# port-channel load-balance sand profile myGlobalProfile

This command assigns a named load-balancing profile to a linecard.

switch(config)# port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

This command unassigns a named load-balancing profile to a linecard.

switch(config)# no port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

Load Balance Hash Algorithms on 7050 Series Switches

Three commands configure the load balance hash algorithm on 7050 Series switches:

port-channel load-balance trident fields ip controls the hash algorithm for IP packets by specifying the algorithm’s use of IP and MAC header fields. Fields that the command can specify include source and destination IP addresses, source and destination port fields (for TCP and UDP packets), and fields specified by the port-channel load-balance trident fields mac command.
port-channel load-balance trident fields ipv6 controls the hash algorithm for IPv6 packets by specifying the algorithm’s use of IP and MAC header fields. Fields that the command can specify include source and destination IP addresses, source and destination port fields (for TCP and UDP packets), and fields specified by the port-channel load-balance trident fields mac command.
port-channel load-balance trident fields mac controls the hash algorithm for non-IP packets b specifying the algorithm’s use of MAC header fields. Fields that the command can specify include the MAC source address, MAC destination address, and Ethernet type fields.

Example

These commands configure the switch’s port channel load balance for non IP packets by using the MAC destination and Ethernet type fields in the hashing algorithm.

switch(config)# port-channel load-balance trident fields mac dst-mac eth-type
switch(config)#

Load Balance Hash Algorithms on 7150 Series Switches

Load balance profiles specify parameters used by hashing algorithms that distribute traffic across ports comprising a port channel or among component ECMP routes. The switch supports 16 load balance profiles, including the default profile. The default load balance profile is configured through port-channel load-balance fm6000 fields ip and port-channel load-balance fm6000 fields mac commands.

Load Balance Profiles

Load balance profiles are managed in load-balance-policies configuration mode. The load-balance-policies configuration mode provides commands that display the contents of all configured profiles and place the switch in load-balance-profile command. Load balance profiles are created by entering the load-balance-profile mode and edited while in that mode.

The load-balance policies command places the switch in load-balance-policies configuration mode. Load balance profiles specify the inputs used by the hashing algorithms that distribute traffic across ports comprising a port channel or among ECMP routes.

Examples

This command places the switch in load-balance-policies configuration mode.

switch(config)# load-balance policies
switch(config-load-balance-policies)#

This command displays the contents of the four load balance profiles configured on the switch.

switch(config-load-balance-policies)# show active

load-balance policies
   load-balance fm6000 profile F-01
      port-channel hash-seed 22
      fields ip dscp
      distribution random port-channel
   !
   load-balance fm6000 profile F-02
      fields ip protocol dst-ip
      distribution random port-channel
   !
   load-balance fm6000 profile F-03
      fields ip protocol dst-ip
      fields mac dst-mac eth-type
      distribution random ecmp port-channel
   !
   load-balance fm6000 profile F-04

switch(config-load-balance-policies)#

Creating a Load Balance Profile

The load-balance fm6000 profile command places the switch in load-balance-profile configuration mode to configure a specified load balance profile. The command specifies the name of the profile that subsequent commands modify. It creates a profile if the profile it references does not exist.

Example

These commands enter load-balance-profile configuration mode, creates the LB-5 profile, and lists the default settings for the profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-5
switch(config-load-balance-profile-LB-5)# show active all

load-balance policies
   load-balance fm6000 profile LB-5
      port-channel hash-seed 0
      fields mac dst-mac src-mac eth-type vlan-priority vlan-id
      fields ip protocol dst-ip dst-port src-ip src-port dscp
      no distribution symmetric-hash
      no distribution random

switch(config-load-balance-profile-LB-5)#

Configuring a Load Balance Profile

These commands are available in load-balance-profile configuration mode to specify the parameters that comprise a profile.

The fields ip command specifies the L3/L4 data fields used by the hash algorithm defined by the configuration mode load balance profile.
The fields mac command specifies the L2 data fields used by the hash algorithm defined by the configuration mode load balance profile.
The distribution symmetric-hash command enforces traffic symmetry on data distributed by the hash algorithm defined by the configuration mode load balance profile. Symmetric traffic is the flow of both directions of a data stream across the same physical link.
The distribution random command specifies the random distribution of data packets handled by the hash algorithm defined by the configuration mode load balance profile.

Example

These commands configure the following components of the hash algorithm defined by the LB-7 load balance profile:

L2 header fields: MAC destination address, VLAN priority.
L3/L4 header fields: Source IP address, protocol field.

Symmetric hash distribution of IP and non-IP packets.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-7
switch(config-load-balance-profile-LB-7)# fields ip src-ip protocol
switch(config-load-balance-profile-LB-7)# fields mac dst-mac vlan-priority
switch(config-load-balance-profile-LB-7)# distribution symmetric-hash mac-ip
switch(config-load-balance-profile-LB-7)# show active
load-balance policies
   load-balance fm6000 profile LB-7
      fields mac dst-mac vlan-priority
      fields ip protocol src-ip
      distribution symmetric-hash mac-ip
switch(config-load-balance-profile-LB-7)# exit
switch(config-load-balance-policies)# exit
switch(config)# exit

Assigning a Load Balance Profile to an Interface

The ingress load-balance profile command applies a specified load-balance profile to the configuration mode interface. Load balance profiles specify parameters used by hashing algorithms that distribute traffic across ports comprising a port channel or among ECMP routes. The switch supports 16 load balance profiles, including the default profile.

Example

This command applies the LB-1 load balance profile to interface port-channel 100.

switch(config)# interface port-channel 100
switch(config-if-Po100)# ingress load-balance profile LB-1
switch(config-if-Po100)# show active
interface Port-Channel100
   ingress load-balance profile LB-1
switch(config-if-Po100)#

Default Load Balance Profile

Two commands configure the load balance default profile on 7150 Series switches:

port-channel load-balance fm6000 fields ip controls the hash algorithm for IP packets by specifying the algorithm’s use of IP and MAC header fields. Fields that the command can specify include source and destination IP addresses, source and destination port fields (for TCP and UDP packets).
port-channel load-balance fm6000 fields mac controls the hash algorithm for non-IP packets by specifying the algorithm’s use of MAC header fields. Fields that the command can specify include include the MAC source address, MAC destination address, and Ethernet type, VLAN-ID, and VLAN-priority fields.

Examples

These commands configure the load balance default profile for IP packets by using source and destination IP address fields, along with source and destination port fields for TCP, and UDP packets.
```
switch(config)# port-channel load-balance fm6000 fields ip ip-tcp-udp-header
switch(config)#
```

This command applies the default load balance profile to interface port-channel 100.

switch(config)# interface port-channel 100
switch(config-if-Po100)# no ingress load-balance profile
switch(config-if-Po100)# show active
interface Port-Channel100
switch(config-if-Po100)#

Conditional UDP Payload Hashing

EOS supports an alternative set of bytes used for calculating the LAG and ECMP hash if a 16-bit field in the payload matches a provided pattern.

Supported Platforms

DCS-7280R3 series
DCS-7500R3 series
DCS-7800R3 series

Configuring Conditional UDP Payload Hashing

Configure UDP conditional payload hashing as part of a load balancing profile on the switch. Use the following commands to enter Load Balance Profile Configuration Mode:

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance sand profile udp-profile
switch(config-sand-load-balance-profile-udp-profile)#

Use the fields udp dst-port command and add the destination port, 1234, for the configuration:

switch(config-sand-load-balance-profile-udp-profile)# fields udp dst-port 1234

Use the match payload bits bitrange pattern pattern hash payload bytes byterange to specify the conditional matching criteria and the bytes to hash if the payload matches the pattern and offset. The bitrange parameter can be up to 16 bits long from anywhere in the first 63 bytes of the payload, and the byterange allows any of the first 63 bytes of the UDP payload to use in the hash.

Example

Use the following command to set bytes 0-9 for hashing if bytes 2 and 3 match 0xbeef:

switch(config-sand-lb-udp-dst-port)# match payload bits 16-31 pattern 0xbeef hash payload bytes 10-19

Apply the load-balance profile, udp-profile, using the port-channel load-balance sand profile PROFILENAME command:

switch(config)# port-channel load-balance sand profile udp-profile

Displaying the Conditional UDP Payload Hashing Information

Use the show load-balance profile udp-profile command to display information about the configuration:

switch# show load-balance profile udp-profile
udp-profile:
----------------
LAG hashing on IP-TCP-UDP headers for IP packets is ON
LAG hashing on MAC header for IP packets is ON
...
UDP hash fields:
    Payload bytes for destination port 1234 is 10-19 if payload bits 16 to 31 match 0xbeef
    Payload bytes for destination port 1234 is 0-9
...
Profile udp-profile (global) is applied on the following
Linecard3
Linecard4
Linecard5

Port Channel and LACP Configuration Commands

Global Port Channel and LACP Configuration Commands

interface port-channel
lacp system-priority

Interface Configuration Commands – Ethernet Interface

channel-group
lacp port-priority
lacp timer
monitor session destination
monitor session source
port-channel lacp fallback
port-channel lacp fallback timeout
port-channel min-links
port-channel min-links review interval
port-channel speed minimum
port-channel speed mixed

Load Balance (Default) Commands

port-channel load-balance
port-channel load-balance arad fields ip
port-channel load-balance fm6000 fields ip
port-channel load-balance fm6000 fields mac
port-channel load-balance module
port-channel load-balance petraA fields ip
port-channel load-balance sand profile (7500E/7500R)
port-channel load-balance trident fields ip
port-channel load-balance trident fields ipv6
port-channel load-balance trident fields mac

Load Balance Policies Commands

distribution random
distribution symmetric-hash
fields ip
fields mac
hash-seed
ingress load-balance profile
load-balance fm6000 profile
load-balance policies
load-balance sand profile (7500E/7500R)
port-channel hash-seed

EXEC Commands

show lacp aggregates
show lacp counters
show lacp interface
show lacp internal
show lacp peer
show lacp sys-id
show load-balance profile
show port-channel
show port-channel dense
show port-channel limits
show port-channel load-balance
show port-channel load-balance fields

channel-group

The channel-group command assigns the configuration mode Ethernet interfaces to a channel group, creates the group if it does not already exist, and sets the port-channel mode for the group. When adding interfaces to a previously created channel group, the port-channel mode for the newly added interfaces must match the mode for the existing group.

Channel groups are associated with a port channel interface immediately upon their creation. A command that creates a new channel group also creates a port channel with a matching ID. The port channel is configured in Port-channel Configuration Mode. Configuration changes to a port channel interface propagate to all Ethernet interfaces in the corresponding channel group. The interface port-channel command places the switch in the interface-port-channel configuration mode.

The no channel-group and default channel group commands remove the configuration-mode interface from the specified channel group.

Command Mode

Interface-Ethernet Configuration

Command Syntax

channel-group number mode group_mode

no channel-group

default channel-group

Parameters

number Specifies a channel group ID. Values range from 1 through 2000.
group_mode Specifies the channel-group mode for the channel group. Values include:
- on Port channel is static and LACP is disabled on member interfaces. Port neither verifies nor negotiates port channel membership.
  - active Port channel is dynamic and member interfaces are active LACP ports that transmit and receive LACP negotiation packets.
  - passive Port channel is dynamic and member interfaces are passive LACP ports that respond to LACP negotiation packets but do not generate them.

Guidelines: Port Channels

You can configure a port channel to contain many ports, but only a subset may be active at a time. All active ports in a port channel must be compatible. Compatibility includes many factors and is platform-specific. For example, compatibility may require identical operating parameters such as speed and Maximum Transmission Unit (MTU). Compatibility may only be possible between specific ports because of the internal organization of the switch.

Guidelines: MLAG Configurations

Static LAG is not recommended in MLAG configurations. However, these considerations apply when the channel group mode is on while configuring static MLAG:

When configuring multiple interfaces on the same static port channel:
- all interfaces must physically connect to the same neighboring switch.
- the neighboring switch must configure all interfaces into the same port channel.

The switches are misconfigured when these conditions are not met.

Disable the static port channel membership before moving any cables connected to these interfaces or changing a static port channel membership on the remote switch.

Examples

These commands assign Ethernet interfaces 8 and 9 to channel group 10, and enable LACP in negotiating mode.

switch(config)# interface ethernet 8-9
switch(config-if-Et8-9)# channel-group 10 mode active
switch(config-if-Et8-9)# show active
interface Ethernet8
   channel-group 10 mode active
interface Ethernet9
   channel-group 10 mode active
switch(config-if-Et8-9)#

These commands assign Ethernet interfaces 12 and 13 to static channel group 11. LACP is disabled on these interfaces.

switch(config)# interface ethernet 12-13
switch(config-if-Et12-13)# channel-group 11 mode on
switch(config-if-Et12-13)# show active
interface Ethernet12
   channel-group 11 mode on
interface Ethernet13
   channel-group 11 mode on
switch(config-if-Et12-13)#

distribution random

The distribution random command specifies the random distribution of data packets handled by the hash algorithm defined by the configuration mode load balance profile. All data fields and hash seeds that are configured for the profile are used as seeds for the random number generator that defines the distribution of individual packets.

Command options allow for the random distribution of traffic across port channel links and ECMP routes. Random distribution can be enabled for either, both, or neither.

The no distribution random and default distribution random commands remove random distribution on the configuration mode load balance profile by deleting the corresponding distribution random command from the configuration.

Command Mode

Load-balance-profile Configuration

Command Syntax

distribution random BALANCE_TYPE

no distribution random

default distribution random

Parameters

SCOPE Specifies use of random distribution for port channels and ECMP routes. Options include:

no parameter Random distribution is enabled for ECMP routes and port channel links.
ecmp Random distribution is enabled for ECMP routes.
port-channel Random distribution is enabled for port channel links.
port-channel ecmp Random distribution is enabled for ECMP routes and port channel links.
ecmp port-channel Random distribution is enabled for ECMP routes and port channel links.

Guidelines

The distribution random command takes precedence over the distribution symmetric-hash command when both methods are simultaneously enabled.

Related Commands

load-balance fm6000 profile places the switch in the load-balance-profile configuration mode.

Example

These commands configure symmetric hashing on all traffic distributed through the algorithm defined by the LB-1 load balance profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# distribution random ecmp port-channel
switch(config-load-balance-profile-LB-1)# show active
load-balance policies
   load-balance fm6000 profile LB-1
      distribution random ecmp port-channel
switch(config-load-balance-profile-LB-1)#

distribution symmetric-hash

The distribution symmetric-hash command enforces traffic symmetry on data distributed by the hash algorithm defined by the configuration mode load balance profile. Symmetric traffic is the flow of both directions of a data stream across the same physical link.

Two symmetric-hash options specify the traffic upon which symmetry is enforced:

distribution symmetric-hash mac specifies that only non-IP traffic is hashed symmetrically. IP traffic is hashed normally without regard to symmetry.
distribution symmetric-hash mac-ip specifies that all traffic is hashed symmetrically.

The no distribution symmetric-hash and default distribution symmetric-hash commands remove the specified hashing symmetry restriction on the configuration mode load balance profile by deleting the corresponding distribution symmetric-hash command from running-config.

Command Mode

Load-balance-profile

Command Syntax

distribution symmetric-hash FIELD_TYPE

no distribution symmetric-hash

default distribution symmetric-hash

Parameters

FIELD_TYPE Fields the hashing algorithm uses for Layer 3 routing. Options include:

mac Non-IP traffic is hashed symmetrically.
mac-ip All traffic is hashed symmetrically.

Guidelines

The distribution random command takes precedence over the distribution symmetric-hash command when both methods are simultaneously enabled.

Related Commands

load-balance fm6000 profile places the switch in the load-balance-profile configuration mode.

Example

These commands configure symmetric hashing on all traffic distributed through the algorithm defined by the LB-1 load balance profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# distribution symmetric-hash mac-ip
switch(config-load-balance-profile-LB-1)# show active
load-balance policies
   load-balance fm6000 profile LB-1
      distribution symmetric-hash mac-ip
switch(config-load-balance-profile-LB-1)#

fields ip

The fields ip command specifies the L3/L4 data fields used by the hash algorithm defined by the configuration mode load balance profile. When a load balance profile is assigned to a port channel or Ethernet interface, its associated hash algorithm determines the distribution of packets that ingress the interface. Profile algorithms can load balance packets across port channel links or ECMP routes.

The switch calculates a hash value by using the packet header fields to balance packets across links. The hash value determines the link through which the packet is transmitted. This method also ensures that all packets in a flow follow the same network path. Packet flow is modified by changing the inputs to the port channel hash algorithm.

In network topologies that include MLAGs, programming all switches to perform the same hash calculation increases the risk of hash polarization, which leads to uneven load distribution among LAG and MLAG member links in MLAG switches. This problem is avoided by performing different hash calculations between the MLAG switch, and a non-peer switch connected to it.

The no fields ip configures the algorithm not to use L3/L4 data fields. The default fields ip command restores the default data L3/L4 fields to the load balancing algorithm defined by the configuration mode profile by removing the corresponding fields ip or no fields ip command from running-config.

Command Mode

Load-balance-profile Configuration

Command Syntax

fields ip IP_FIELD

no fields ip

default fields ip

Parameters

IP_FIELD Specifies the L3/L4 fields the hashing algorithm uses. Options include:

dscp Algorithm uses dscp field.
dst-ip Algorithm uses destination IP address field.
dst-port Algorithm uses destination TCP/UDP port field.
protocol Algorithm uses protocol field.
src-ip Algorithm uses source IP address field.
src-port Algorithm uses source TCP/UDP port field.

Command may include from one to six fields, in any combination and listed in any order. The default setting is the selection of all fields.

Related Commands

load-balance fm6000 profile places the switch in the load-balance-profile configuration mode.

Example

These commands specify the IP source and protocol fields as components of the hash algorithm defined by the LB-1 load balance profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# fields ip src-ip protocol
switch(config-load-balance-profile-LB-1)# show active
load-balance policies
   load-balance fm6000 profile LB-1
      fields ip protocol src-ip
switch(config-load-balance-profile-LB-1)#

fields mac

The fields mac command specifies the L2 data fields used by the hash algorithm defined by the configuration mode load balance profile. When a load balance profile is assigned to a port channel or Ethernet interface, its associated hash algorithm determines the distribution of packets that ingress the interface. Profile algorithms can load balance packets across port channel links or ECMP routes.

The switch calculates a hash value using the packet header fields to balance packets across links. The hash value determines the link through which the packet is transmitted. This method also ensures that all packets in a flow follow the same network path. Packet flow is modified by changing the inputs to the port channel hash algorithm.

The no fields mac configures the algorithm not to use L2 data fields. The default fields mac command restores the default data L2 fields to the load balancing algorithm defined by the configuration mode profile by removing the corresponding fields mac or no fields mac command from running-config.

Command Mode

Load-balance-profile Configuration

Command Syntax

fields mac MAC_FIELD

no fields mac

default fields mac

Parameters

MAC_FIELD Specifies the L2 fields the hashing algorithm uses. Options include:

dst-mac Algorithm uses the MAC destination field.
eth-type Algorithm uses the Ethernet port type field.
src-mac Algorithm uses MAC source field.
vlan-id Algorithm uses VLAN ID field.
vlan-priority Algorithm uses VLAN priority field.

Related Commands

The load-balance fm6000 profile command places the switch in to the load-balance-profile configuration mode.

Example

These commands specify the MAC destination and VLAN priority fields as components of the hash algorithm defined by the LB-1 load balance profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# fields mac dst-mac vlan-priority
switch(config-load-balance-profile-LB-1)# show active
load-balance policies
   load-balance fm6000 profile LB-1
      fields mac dst-mac vlan-priority
switch(config-load-balance-profile-LB-1)#

hash-seed

The hash-seed command specifies the seed used by the hash algorithm defined by the configuration mode load balance profile. Profile algorithms can load balance packets across port channel links or ECMP routes.

The no hash-seed and default hash-seed commands restore the default hash seed value of 0 to the load balancing algorithm defined by the configuration mode profile by removing the corresponding hash-seed command from running-config.

Command Mode

Load-balance-profile Configuration

Command Syntax

hash-seed number

no hash-seed number

default hash-seed number

Parameters

number Specifies the value of the hash seed. Value ranges from 0 to 39.

Example

These commands configure the hash seed 20 in a profile and assign it as the global profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance sand profile myGlobalProfile
switch(config-sand-load-balance-profile-myGlobalProfile)# hash-seed 20
switch(config)# port-channel load-balance sand profile myGlobalProfile

ingress load-balance profile

The ingress load-balance profile command applies the specified load-balance profile to the configuration mode interface. Load balance profiles specify parameters used by hashing algorithms that distribute traffic across ports comprising a port channel or among ECMP routes. The switch supports 16 load balance profiles, including the default profile.

Load balance profiles can be assigned to Ethernet and port channel interfaces. Profiles define the distribution method of traffic that ingresses the interface among the ports comprising a port channel or routes comprising an ECMP.

The default load balance profile is configured through port-channel load-balance fm6000 fields ip and port-channel load-balance fm6000 fields mac commands.

The no ingress load-balance profile and default ingress load-balance profile commands restore the default load balance profile for the configuration mode interface by removing the corresponding ingress load-balance profile command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-Channel Configuration

Command Syntax

ingress load-balance profile profile_name

no ingress load-balance profile

default ingress load-balance profile

Parameters

profile_name Name of profile assigned to interface.

Example

This command applies the LB-1 load balance profile to port channel interface 100.

switch(config)# interface port-channel 100
switch(config-if-Po100)# show active
interface Port-Channel100

switch(config-if-Po100)# ingress load-balance profile LB-1
switch(config-if-Po100)#
interface Port-Channel100
   ingress load-balance profile LB-1

switch(config-if-Po100)#

interface port-channel

The interface port-channel command places the switch in port-channel interface configuration mode for modifying parameters of specified link aggregation (LAG) interfaces. When entering configuration mode to modify existing port channel interfaces, the command can specify multiple interfaces.

The command creates a port channel interface if the specified interface does not exist prior to issuing the command. When creating an interface, the command can only specify a single interface.

The no interface port-channel and default interface port-channel commands delete the specified LAG interfaces from running-config.

Command Mode

Global Configuration

Command Syntax

interface port-channel p_range

no interface port-channel p_range

default interface port-channel p_range

Parameter

p_range Port channel interfaces (number, range, or comma-delimited list of numbers and ranges).

Port channel numbers range from 1 to 2000.

Guidelines

When configuring a port channel, you do not need to issue the interface port-channel command before assigning a port to the port channel (see the channel-group command). The port channel number is implicitly created when a port is added to the specified port channel with the channel-group number command.

To display ports that are members of a port channel, enter show port-channel. To view information about hardware limitations for a port channel, enter show port-channel limits.

All active ports in a port channel must be compatible. Compatibility comprises many factors and is specific to a given platform. For example, compatibility may require identical operating parameters such as speed and/or Maximum Transmission Unit (MTU). Compatibility may only be possible between specific ports because of internal organization of the switch.

You can configure a port channel with a set of ports such that more than one subset of the member ports are mutually compatible. Port channels in EOS are designed to activate the compatible subset of ports with the largest aggregate capacity. A subset with two 40 Gbps ports (aggregate capacity 80 Gbps) has preference to a subset with five active 10 Gbps ports (aggregate capacity 50 Gbps).

Example

This example creates interface port-channel 3:

switch(config)# interface port-channel 3
switch(config-if-Po3)#

lacp port-priority

The lacp port-priority command sets the aggregating port priority for the configuration mode interface. Priority is supported on port channels with LACP-enabled physical interfaces. LACP port priority determines the port that is active in a LAG in fallback mode. Numerically lower values have higher priority.

Each port in an aggregation is assigned a 32-bit port identifier by prepending the port priority (16 bits) to the port number (16 bits). Port priority determines the ports that are placed in standby mode when hardware limitations prevent a single aggregation of all compatible ports.

Priority numbers range from 0 to 65535. The default is 32768. Interfaces with higher priority numbers are placed in standby mode before interfaces with lower priority numbers.

The no lacp port-priority and default lacp port-priority commands restore the default port-priority to the configuration mode interface by removing the corresponding lacp port-priority command from running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

lacp port-priority priority_value

no lacp port-priority

default lacp port-priority

Parameters

priority_level Port priority. Values range from 0 to 65535. Default is 32768

Example

These commands assign the port priority of 4096 to interface ethernet 8.

switch(config)# interface ethernet 8
switch(config-if-Et8)# lacp port-priority 4096
switch(config-if-Et8)# show active
interface Ethernet8
   lacp port-priority 4096
switch(config-if-Et8)#

lacp system-priority

The lacp system-priority command configures the switch’s LACP system priority. Values range between 0 and 65535. Default value is 32768.

Each switch is assigned a globally unique 64-bit system identifier by prepending the system priority (16 bits) to the MAC address of one of its physical ports (48 bits). Peer devices use the system identifier when forming an aggregation to verify that all links are from the same switch. The system identifier is also used when dynamically changing aggregation capabilities resulting from LACP data; the system with the numerically lower system identifier can dynamically change advertised aggregation parameters.

The no lacp system-priority and default lacp system-priority commands restore the default system priority by removing the lacp system-priority command from running-config.

Command Mode

Global Configuration

Command Syntax

lacp system-priority priority_value

no lacp system-priority

default lacp system-priority

Parameters

priority_value System priority number. Values range from 0 to 65535. Default is 32768.

Example

This command assigns the system priority of 8192 to the switch.

switch(config)# lacp system-priority 8192
switch(config)#

lacp timer

The lacp timer command configures the LACP reception interval on the configuration mode interface. The LACP timeout specifies the reception rate of LACP packets at interfaces supporting LACP. Supported rates include:

normal: 30 seconds with synchronized interfaces; one second while interfaces are synchronizing.
fast: one second.

This command is supported on LACP-enabled interfaces. The default value is normal.

The no lacp timer and default lacp timer commands restore the default value of normal on the configuration mode interface by deleting the corresponding lacp timer command from running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

lacp timer RATE_LEVEL

no lacp timer

default lacp timer

Parameters

RATE_LEVEL LACP reception interval. Options include:

fast One second.
normal 30 seconds for synchronized interfaces; 1 second while interfaces synchronize.

Example

This command sets the LACP timer to 1 second on ethernet interface 4.

switch(config-if-Et4)# lacp timer fast
switch(config-if-Et4)#

load-balance fm6000 profile

The load-balance fm6000 profile command places the switch in load-balance-profile configuration mode to configure a specified load balance profile. The command specifies the name of the profile that subsequent commands modify. It creates a profile if the profile it references does not exist.

Load balance profiles specify parameters used by hashing algorithms that distribute traffic across ports comprising a port channel or among component ECMP routes. The switch supports 16 load balance profiles, including the default profile. The default load balance profile is configured through port-channel load-balance fm6000 fields ip and port-channel load-balance fm6000 fields mac commands.

The load balance profile name is referenced when it is applied to an interface. The default profile is not associated with a name and is applied to an interface in the absence of a named profile assignment.

The no load-balance fm6000 profile and default load-balance fm6000 profile commands delete the specified load balance profile from running-config. Profiles that are assigned to an interface cannot be deleted. Attempts to delete an assigned profile generate a profile in use error messages.

The load-balance fm6000 profile command is accessible from load-balance-policies configuration mode. The load-balance-profile configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the load-balance-policies configuration mode does not affect the configuration. The exit command returns the switch to the load-balance-policies configuration mode.

Command Mode

Load-balance-policies Configuration

Command Syntax

load-balance fm6000 profile profile_name

no load-balance fm6000 profile profile_name

default load-balance fm6000 profile profile_name

Parameters

profile_name Name of the load-balance profile.

Commands Available in Load-balance-profile Configuration Mode

fields ip
fields mac
distribution random
distribution symmetric-hash
port-channel hash-seed
show active displays the contents of the configuration mode profile.

Related Commands

The load-balance policies command places the switch in to theload-balance-policies configuration mode.
The ingress load-balance profile command applies a load-balance profile to an Ethernet or port channel interface.
The show load-balance profile command displays the contents of load balance profiles.

Example

These commands enters the load-balance-profile configuration mode, creates the LB-1 profile, and lists the default settings for the profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# show active all
load-balance policies
   load-balance fm6000 profile LB-1
      port-channel hash-seed 0
      fields mac dst-mac src-mac eth-type vlan-priority vlan-id
      fields ip protocol dst-ip dst-port src-ip src-port dscp
      no distribution symmetric-hash
      no distribution random
switch(config-load-balance-profile-LB-1)#

load-balance policies

The load-balance policies command places the switch in Load-Balance-Policies Configuration Mode. Load-balance-policies configuration mode provides commands for managing load-balance profiles. Load balance profiles specify the inputs used by the hashing algorithms that distribute traffic across ports comprising a port channel or among ECMP routes.

The no load-balance policies and default load-balance policies commands delete all load balance profiles from running-config. The command generates an error message when at least one profile is assigned to an interface.

Load-balance-policies configuration mode is not a group change mode; running-config is changed immediately upon entering commands. Exiting the load-balance-policies configuration mode does not affect running-config. The exit command returns the switch to global configuration mode.

Command Mode

Global Configuration

Command Syntax

load-balance policies

no load-balance policies

default load-balance policies

Commands Available in Load-Balance-Policies Configuration Mode

The load-balance fm6000 profile command places the switch inLoad-Balance-Policies Configuration Mode.
show active displays contents of all load balance profiles.

Related Commands

The ingress load-balance profile command applies a load-balance profile to an Ethernet or port channel interface.
The show load-balance profile command displays the contents of load balance profiles.

Examples

This command places the switch in the Load-Balance-Policies Configuration Mode.
```
switch(config)# load-balance policies
switch(config-load-balance-policies)#
```

This command displays the contents of the three configured load balance profiles.

switch(config-load-balance-policies)# show active

load-balance policies
   load-balance fm6000 profile F-01
      port-channel hash-seed 22
      fields ip dscp
      distribution random port-channel
   !
   load-balance fm6000 profile F-02
      fields ip protocol dst-ip
      fields mac dst-mac eth-type
      distribution random ecmp port-channel
   !
   load-balance fm6000 profile F-03

switch(config-load-balance-policies)#

load-balance sand profile (7500E/7500R)

The load-balance sand profile command configures a load-balance profile on a sand module switch. A default profile is designated as a global profile when no other profile is set as global profile. Note, a warning message is displayed when a profile is entered or deleted.

If no load-balance sand profile command is executed when the profile set is default then the following warning message is displayed:

! profile default is a reserved profile and cannot be deleted

Command Mode

Global Configuration

Command Syntax

load-balance sand profile profile_name

no load-balance sand profile profile_name

Parameter

profile_name Name of the profile assigned to the selected module.

Examples

These commands designate a default profile as a global profile on sand module platform switch. Note, a warning message is displayed when a profile is entered or deleted.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance sand profile default
 ! profile default is a reserved profile
! profile default is the current global profile

When no form of the command is executed it displays the following warning message.

switch(config)# load-balance policies
switch(config-load-balance-policies)# no load-balance sand profile default
! profile default is a reserved profile and cannot be deleted

monitor session destination

The monitor session destination configures Port Channel interfaces as a mirroring destination for both ingress and egress traffic.

The no | default versions of the command removes the configuration from the running-configuration.

Command Mode

Global Configuration

Command Syntax

monitor session session_name destination Port-Channel interface_number

Parameters

session session_name - Configure a name for the session.
destination - Specify the mirroring for Port Channel traffic as the destination.
Port-Channel interface_number - Specify the Port Channel to be the destination.

Example

Use the following command to configure Port Channel 1 as a mirroring destination:

switch(config)#monitor session 1 destination Port-Channel 1

monitor session source

The monitor session source configures Port Channel interfaces as a mirroring source for both ingress and egress traffic.

The no | default versions of the command removes the configuration from the running-configuration.

Command Mode

Global Configuration

Command Syntax

monitor session session_name source interface_number

Parameters

session session_name - Configure a name for the session.
source - Specify the mirroring for Port Channel traffic as the source.
interface_number - Specify the Ethernet interface to be the source of the ingress and egress traffic.

Example

Use the following command to configure a session, testmember with the Ethernet interface Et3/3/1:

switch(config)#monitor session testmember source Et3/3/1

port-channel hash-seed

The port-channel hash-seed command specifies the seed used by the hash algorithm defined by the configuration mode load balance profile when distributing the load across ports comprising a port channel. When a load balance profile is assigned to a port channel or Ethernet interface, its associated hash algorithm determines the distribution of packets that ingress the interface. Profile algorithms can load balance packets across port channel links or ECMP routes.

The hash seed that the algorithm uses to select port channel links or ECMP routes is configured by the ip load-sharing command.

The no port-channel hash-seed and default port-channel hash-seed commands restore the default hash seed value of 0 to the load balancing algorithm defined by the configuration mode profile by removing the corresponding port-channel hash-seed command from running-config.

Command Mode

Load-balance-profile Configuration

Command Syntax

port-channel hash-seed number

no port-channel hash-seed

default port-channel hash-seed

Parameters

number The hash seed. Value ranges from 0 to 39.

Related Commands

The load-balance fm6000 profile command places the switch in to the load-balance-profile configuration mode.

Example

These commands configure the port-channel hash seed of 22 for the hash algorithm defined by the LB-1 load balance profile.

switch(config)# load-balance policies
switch(config-load-balance-policies)# load-balance fm6000 profile LB-1
switch(config-load-balance-profile-LB-1)# port-channel hash-seed 22
switch(config-load-balance-profile-LB-1)# show active
load-balance policies
   load-balance fm6000 profile LB-1
      port-channel hash-seed 22
switch(config-load-balance-profile-LB-1)#

port-channel lacp fallback

The port-channel lacp fallback command enables the LACP fallback mode on the interface.

LACP fallback is unconfigured and disabled by default. An LACP interface without fallback enabled does not form a LAG until it receives PDUs from its peer.

LACP fallback can be configured on an interface in static or individual mode:

static mode The port channel member with the lowest LACP port priority is active and maintains contact with the peer (sending and receiving data) while other port channel members remain in standby mode until a LACP PDU is received. All members continue to send (and can receive) LACP PDUs.
individual mode All port channel members act as individual ports, reverting to their port-specific configuration while the channel is in fallback mode, and continue to send and receive data. All members continue to send LACP PDUs until a LACP PDU is received by one of the member ports.

The no port-channel lacp fallback and default port-channel lacp fallback commands disable LACP fallback mode on the configuration mode interface by removing the corresponding port-channel lacp fallback command from running-config.

Command Mode

Interface-Port-Channel Configuration

Command Syntax

port-channel lacp fallback [MODE]

no port-channel lacp fallback

default port-channel lacp fallback

Parameters

MODE LACP fallback mode. Options include:

no parameter Enables static LACP fallback mode.
- static Enables static LACP fallback mode.
- individual Enables individual LACP fallback mode.

Related Commands

The port-channel lacp fallback timeout command configures the fallback timeout period for a port channel interface. The default LACP fallback timeout period is 90 seconds.
The lacp port-priority command configures the port priority for an individual interface.

Examples

These commands enable LACP static fallback mode, then configure an LACP fallback timeout of 100 seconds on interface port-channel 13. If LACP negotiation fails, only the member port with the lowest LACP priority will remain active until an LACP PDU is received by one of the member ports.

switch(config)# interface port-channel 13
switch(config-if-Po13)# port-channel lacp fallback static
switch(config-if-Po13)# port-channel lacp fallback timeout 100
switch(config-if-Po13)# show active
interface Port-Channel13
   port-channel lacp fallback static
   port-channel lacp fallback timeout 100
switch(config-if-Po13)#

These commands enable LACP individual fallback mode, then configure an LACP fallback timeout of 50 seconds on interface port-channel 17. If LACP negotiation fails, all member ports will act as individual switch ports, using port-specific configuration, until a LACP PDU is received by one of the member ports.

switch(config)# interface port-channel 17
switch(config-if-Po17)# port-channel lacp fallback individual
switch(config-if-Po17)# port-channel lacp fallback timeout 50
switch(config-if-Po17)# show active
interface Port-Channel17
   port-channel lacp fallback individual
   port-channel lacp fallback timeout 50
switch(config-if-Po17)#

port-channel lacp fallback timeout

The port-channel lacp fallback timeout command specifies the fallback timeout period for the configuration mode interface.

Fallback timeout settings persist in running-config without taking effect for interfaces that are not configured into fallback mode. The default fallback timeout period is 90 seconds.

The no port-channel lacp fallback timeout and default port-channel lacp fallback timeout commands restore the default fallback timeout of 90 seconds for the configuration mode interface by removing the corresponding port-channel lacp fallback timeout command from running-config.

Command Mode

Interface-Port-Channel Configuration

Command Syntax

port-channel lacp fallback timeout period

no port-channel lacp fallback timeout

default port-channel lacp fallback timeout

Parameters

period Maximum interval between receipt of LACP PDU packets (seconds). Value ranges from 1 to 300 seconds. Default value is 90.

Related Commands

The port-channel lacp fallback command configures fallback mode for a port channel interface.

Guidelines

The fallback timeout period should not be shorter than the LACP reception interval (lacp timer). The default LACP reception interval is 30 seconds.

Example

This command enables LACP fallback mode, then configures an LACP fallback timeout of 100 seconds on interface port-channel 13.

switch(config)# interface port-channel 13
switch(config-if-Po13)# port-channel lacp fallback
switch(config-if-Po13)# port-channel lacp fallback timeout 100
switch(config-if-Po13)# show active
interface Port-Channel13
   port-channel lacp fallback
   port-channel lacp fallback timeout 100
switch(config-if-Po13)#

port-channel load-balance

The port-channel load-balance command specifies the seed in the hashing algorithm that balances the load across ports comprising a port channel. Available seed values vary by switch platform.

The no port-channel load-balance and default port-channel load-balance commands remove the port-channel load-balance command from running-config, restoring the default hash seed value of 0.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance platform { hash_seed | fields ip fields | hash hash_function }

no port-channel load-balance platform [ hash_seed ]

default port-channel load-balance platform [ hash_seed ]

Parameters

Note: Parameter options vary by switch model. Verify available options with the ? command.

platform ASIC switching device. Value depends on the switch model.
hash_seed The numerical seed for the hash function. Value range varies by switch platform:
- arad 0 to 65535.
- fm6000 0 to 39.
- petraA Uses field inputs only.
- trident 0 to 47.
For trident platform switches, algorithms using hash seeds between 0 and 15 typically result in more effective distribution of data streams across the port channels.
fields Which fields will be used as inputs to the port channel hash.
- gre Configure which GRE fields are inputs to the hash.
- ip Configure which fields are inputs to the hash for IPv4 packets.
- ipv6 Configure which fields are inputs to the hash for IPv6 packets.
- mac Configure which MAC fields are inputs to the hash.
- mac-in-mac Configure which MAC-in-MAC fields are inputs to the hash.
- mpls Configure which MPLS fields are inputs to the hash.
- destination-ip Use the Layer 3 IP destination address in the hash.
- destination-port Use the Layer 4 TCP/UDP destination port in the hash.
- dst-ip Use the destination IP address in the hash.
- dst-mac Use the destination Payload MAC in the hash (or the destination MAC address in the MAC hash).
- eth-type Use the Ethernet type in the MAC hash.
- ip-in-ip Use the outer IP header in the hash for IPv4 over IPv4 GRE tunnel.
- ip-in-ipv6 Use the outer IP header in the hash for IPv4 over IPv6 GRE tunnel.
- ipv6-in-ip Use the outer IP header in the hash for IPv6 over IPv4 GRE tunnel.
- ipv6-in-ipv6 Use the outer IP header in the hash for IPv6 over IPv6 GRE tunnel.
- ip-tcp-udp-header Use the Layer 3 and Layer 4 hashes.
- isid Use the MAC-in-MAC ISID in the hash.
- label Use the MPLS label in the hash.
- mac-header Use the MAC hash.
- outer-mac Use the outer MAC of source and destination in the hash.
- source-ip Use the Layer 3 IP source address in the hash.
- src-ip Use the source IP address in the hash.
- source-port Use l\Layer 4 TCP/UDP source port in the hash.
- src-mac Use the source payload MAC in the hash (or the source MAC address in the MAC hash).

hash_function Specifies the hash polynomial function. Values range from 0-2.

Example

This command configures a hash seed of 10 on an FM6000 platform switch.

switch(config)# port-channel load-balance fm6000 10
switch(config)#

port-channel load-balance arad fields ip

The port-channel load-balance arad fields ip command specifies the data fields that the port channel load balance hash algorithm uses for distributing IP packets on Arad platform switches. The hashing algorithm fields used for IP packets differ from the fields used for non-IP packets.

The switch calculates a hash value using the packet header fields to load balance packets across links in a port channel. The hash value determines the link through which the packet is transmitted. This method also ensures that all packets in a flow follow the same network path. Packet flow is modified by changing the inputs to the port channel hash algorithm.

The no port-channel load-balance arad fields ip and default port-channel load-balance arad fields ip commands restore the default data fields for the IP packet load balancing algorithm by removing the port-channel load-balance arad A fields ip command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance arad fields ip IP_FIELD_NAME

no port-channel load-balance arad fields ip

default port-channel load-balance arad fields ip

Parameters

IP_FIELD_NAME Fields the hashing algorithm uses for Layer 3 routing. Options include:

ip-tcp-udp-header Algorithm uses source and destination IP address fields. Source and destination port fields are included for TCP and UDP packets.
- mac-header Algorithm uses entire MAC header.
  A command can only specify one option. The default setting is ip-tcp-udp-header.

Guidelines

The port channel hash algorithm for non-IP packets is not configurable and always includes the entire MAC header.

Related Command

The port-channel load-balance command configures the hash seed for the algorithm.

Example

These commands configure the switch’s port channel load balance hash algorithm for IP packets to use source and destination IP address (and port) fields.

switch(config)# port-channel load-balance fm6000 fields ip ip-tcp-udp-header
switch(config)#

port-channel load-balance fm6000 fields ip

The port-channel load-balance fm6000 fields ip command specifies the data fields that the port channel load balance hash algorithm uses for distributing IP packets on FM6000 platform switches. The hashing algorithm fields used for IP packets differ from the fields used for non-IP packets.

The no port-channel load-balance fm6000 fields ip and default port-channel load-balance fm6000 fields ip commands restore the default data fields for the IP packet load balancing algorithm by removing the port-channel load-balance fm6000 fields ip command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance fm6000 fields ip IP_FIELD_NAME

no port-channel load-balance fm6000 fields ip

default port-channel load-balance fm6000 fields ip

Parameters

IP_FIELD_NAME Specifies fields the hashing algorithm uses for layer 3 routing. Options include:

ip-tcp-udp-header Algorithm uses source and destination IP address fields. Source and destination port fields are included for TCP and UDP packets.

A command can only specify one option. The default setting is ip-tcp-udp-header.

Related Commands

The port-channel load-balance command configures the hash seed for the algorithm.
The port-channel load-balance fm6000 fields mac command controls the hash algorithm for non-IP packets.

Example

These commands configure the switch’s port channel load balance for IP packets by source and destination IP address and port fields.

switch(config)# port-channel load-balance fm6000 fields ip ip-tcp-udp-header
switch(config)#

port-channel load-balance fm6000 fields mac

The port-channel load-balance fm6000 fields mac command specifies data fields that configure the port channel load balance hash algorithm for non-IP packets on FM6000 platform switches. The hashing algorithm fields used for balancing non-IP packets differ from the fields used for IP packets.

The no port-channel load-balance fm6000 fields mac and default port-channel load-balance fm6000 fields mac commands restore the default data fields for the non-IP packet load balancing algorithm by removing the port-channel load-balance fm6000 fields mac command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance fm6000 fields mac MAC_FIELD_NAME

no port-channel load-balance fm6000 fields mac

default port-channel load-balance fm6000 fields mac

Parameters

MAC_FIELD_NAME Fields the hashing algorithm uses for Layer 2 routing. Options include:

dst-mac MAC destination field.
eth-type EtherType field.
src-mac MAC source field.
vlan-id VLAN ID field.
vlan-priority VLAN priority field.

Command may include from one to five fields, in any combination and listed in any order. The default setting is the selection of all fields.

Related Commands

The port-channel load-balance command configures the hash seed for the algorithm.
The port-channel load-balance fm6000 fields ip command controls the hash algorithm for IP packets.

Example

These commands configure the switch’s port channel load balance for non-IP packets by using the MAC destination and Ethernet type fields in the hashing algorithm.

switch(config)# port-channel load-balance fm6000 fields mac dst-mac eth-type 
switch(config)#

port-channel load-balance module

The port-channel load-balance module command assigns a named load-balancing profile to a linecard.

Note: Available on the 7500E platform.

The no port-channel load-balance module and default port-channel load-balance module commands unassigns the load balancing module, or restores the default data fields for the load balancing module.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance module LINECARD_RANGE sand profile PROFILE_NAME

no port-channel load-balance module LINECARD_RANGE sand profile PROFILE_NAME

default port-channel load-balance module LINECARD_RANGE sand profile PROFILE_NAME

Parameters

LINECARD_RANGE Linecard number range includes:
- 3-10 Linecard number range.
PROFILE_NAME Load-balance profile name.

Examples

This command assigns a named load-balancing profile to a linecard.

switch(config)# port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

This command unassigns a named load-balancing profile to a linecard.

switch(config)# no port-channel load-balance module 3-7 sand profile Linecard5
switch(config)#

port-channel load-balance petraA fields ip

The port-channel load-balance petraA fields ip command specifies the data fields that the port channel load balance hash algorithm uses for distributing IP packets on Petra platform switches. The hashing algorithm fields used for IP packets differ from the fields used for non-IP packets.

The no port-channel load-balance petraA fields ip and default port-channel load-balance petraA fields ip commands restore the default data fields for the IP packet load balancing algorithm by removing the port-channel load-balance petraA fields ip command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance petraA fields ip IP_FIELD_NAME

no port-channel load-balance petraA fields ip

default port-channel load-balance petraA fields ip

Parameters

IP_FIELD_NAME Fields the hashing algorithm uses for Layer 3 routing. Options include:

ip-tcp-udp-header Algorithm uses source and destination IP address fields. Source and destination port fields are included for TCP and UDP packets.
mac-header Algorithm uses entire MAC header.

A command can only specify one option. The default setting is ip-tcp-udp-header.

Guidelines

The port channel hash algorithm for non-IP packets is not configurable and always includes the entire MAC header.

Related Command

The port-channel load-balance command configures the hash seed for the algorithm.

Example

These commands configure the switch’s port channel load balance hash algorithm for IP packets to use source and destination IP address (and port) fields.

switch(config)# port-channel load-balance fm6000 fields ip ip-tcp-udp-header
switch(config)#

port-channel load-balance sand profile (7500E/7500R)

The port-channel load-balance sand profile command configures a global LAG hashing profile on the port channel interface. A default profile is set as a global profile when no other profile is set as global.

The no port-channel load-balance sand profile command removes the active profile from the port-channel load-balance command from running-config, restoring the default profile.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance sand profile profile_name

no port-channel load-balance sand profile profile_name

Parameter

profile_name Name of the profile assigned to the selected module.

Example

This command configures a global LAG hashing profile on 7500 series platform switch.

switch(config)# port-channel load-balance sand profile myGlobalProfile
switch(config)#

port-channel load-balance trident fields ip

The port-channel load-balance trident fields ip command specifies the data fields that the port channel load balance hash algorithm uses for distributing IP packets on Trident platform switches. The hashing algorithm fields used for IP packets differ from the fields used for non-IP packets.

The no port-channel load-balance trident fields ip and default port-channel load-balance trident fields ip commands restore the default data fields for the IP packet load balancing algorithm by removing the port-channel load-balance trident fields ip command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance trident fields ip IP_FIELD_NAME

no port-channel load-balance trident fields ip

default port-channel load-balance trident fields ip

default port-channel load-balance trident fields ip ingress-interface disabled

Parameters

IP_FIELD_NAME Specifies fields the hashing algorithm uses for Layer 3 routing. Command may include from one to four of the following four options, in any combination and listed in any order.
- destination-ip Algorithm uses destination IP address field.
- source-ip Algorithm uses source IP address field.
- destination-port Agorithm uses destination TCP/UDP port field.
- source-port Algorithm uses source TCP/UDP port field.
  - ip-tcp-udp-header Algorithm uses source and destination IP address fields. Source and destination port fields are included for TCP and UDP packets.
    
    Note: This option cannot be used in combination with any other option.
- mac-header Algorithm uses fields specified by port-channel load-balance trident fields mac.
  
  Note: This option cannot be used in combination with any other option.
- ingress-interface Disable from LAG hashing.

Default setting is ip-tcp-udp-header.

Related Commands

The port-channel load-balance command configures the hash seed for the algorithm.
The port-channel load-balance trident fields ipv6 command controls the hash algorithm for IPv6 packets.
The port-channel load-balance trident fields mac command controls the hash algorithm for non-IP/IPv6 packets.

Examples

These commands configure the switch’s port channel load balance for IP packets by using the IPv6 destination field in the hashing algorithm.
```
switch(config)# port-channel load-balance trident fields ip destination-ip
switch(config)#
```

This command disables the ingress interface for IPv4 traffic.

switch(config)# port-channel load-balance trident fields ip ingress-interface disabled
switch(config)#

port-channel load-balance trident fields ipv6

The port-channel load-balance trident fields ipv6 command specifies the data fields that the port channel load balance hash algorithm uses for distributing IPv6 packets on Trident platform switches. The hashing algorithm fields used for IPv6 packets differ from the fields used for non-IPv6 packets.

The no port-channel load-balance trident fields ipv6 and default port-channel load-balance trident fields ipv6 commands restore the default data fields for the IPv6 packet load balancing algorithm by removing the port-channel load-balance trident fields ipv6 command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance trident fields ipv6 IP_FIELD_NAME

no port-channel load-balance trident fields ipv6

default port-channel load-balance trident fields ipv6

Parameters

IP_FIELD_NAME Specifies fields the hashing algorithm uses for Layer 3 routing. Command may include from one to four of the following four options, in any combination and listed in any order.
- destination-ip Algorithm uses destination IPv6 address field.
- source-ip Algorithm uses source IPv6 address field.
- destination-port Algorithm uses destination TCP/UDP port field.
- source-port Algorithm uses source TCP/UDP port field.
  - ip-tcp-udp-header Algorithm uses source and destination IPv6 address fields. Source and destination port fields are included for TCP and UDP packets.
    
    Note: This option can’t be used in combination with any other option.
  - mac-header Algorithm uses fields specified by port-channel load-balance trident fields mac.
    
    Note: This option can’t be used in combination with any other option.
  - ingress-interface Disable from LAG hashing.
  Default setting is ip-tcp-udp-header

Related Commands

The port-channel load-balance command configures the hash seed for the algorithm.
The port-channel load-balance trident fields ipv6 commands controls the hash algorithm for non-IP packets.
The port-channel load-balance trident fields mac command controls the hash algorithm for non-IP packets.

Examples

These commands configure the switch’s port channel load balance for IP packets by using the IPv6 source field in the hashing algorithm.
```
switch(config)# port-channel load-balance trident fields ipv6 source-ip
switch(config)#
```

This command disables the ingress interface for IPv6 traffic.

switch(config)# port-channel load-balance trident fields ipv6 ingress-interface disabled
switch(config)#

port-channel load-balance trident fields mac

The port-channel load-balance trident fields mac command specifies data fields that the port channel load balance hash algorithm uses for distributing non-IP packets on Trident platform switches. The hashing algorithm fields used for non-IP packets differ from the fields used for IP packets.

The no port-channel load-balance trident fields mac and default port-channel load-balance trident fields mac commands restore the default data fields for the non-IP packet load balancing algorithm by removing the port-channel load-balance trident fields mac command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel load-balance trident fields mac MAC_FIELD_NAME

no port-channel load-balance trident fields mac

default port-channel load-balance trident fields mac

default port-channel load-balance trident fields mac ingress-interface disabled

Parameters

MAC_FIELD_NAME Fields the hashing algorithm uses for Layer 2 routing. Options include:
- dst-mac MAC destination field.
- eth-type EtherType field.
- src-mac MAC source field.
- ingress-interface Disable from LAG hashing.
Command may include from one to three fields, in any combination and listed in any order. The default setting is the selection of all fields.

Related Commands

port-channel load-balance configures the hash seed for the algorithm.
port-channel load-balance trident fields ip controls the hash algorithm for IP packets.
port-channel load-balance trident fields ipv6 controls the hash algorithm for IP packets.

Examples

These commands configure the switch’s port channel load balance for non-IP packets by using the MAC destination and Ethernet type fields in the hashing algorithm.
```
switch(config)# port-channel load-balance trident fields mac dst-mac eth-type  
switch(config)#
```

This command disables the ingress interface for IPv4 traffic.

switch(config)# port-channel load-balance trident fields mac ingress-interface disabled
switch(config)#

port-channel min-links

The port-channel min-links command specifies the minimum number of interfaces that the configuration mode LAG requires to become active. If there are fewer ports than specified by this command, the port channel interface does not become active. The default min-links value is 0.

The no port-channel min-links and default port-channel min-links commands restore the default min-links setting for the configuration mode LAG by removing the corresponding port-channel min-links command from the configuration.

Note: In static LAGs, the min-links value must be met for the LAG to be active. The LAG will not become active until it has at least the min-links number of functioning links in the channel group. If failed links cause the number to drop below the minimum, the LAG will go down and administrator action will be required to bring it back up. In dynamic LAGs, the LACP protocol must determine that at least min-links physical ports are aggregable (they are physically compatible and have the same keys both remotely and locally) before it begins negotiating to make any ports active members of the port-channel. However once negotiation begins, an error on the partner’s side or an error in programming of member interfaces can cause the LAG to become active with fewer than the minimum number of links. EOS evaluates min-links after min-links-review-timeout (linearly proportional to configured min-links) when LACP protocol collecting and/or distributing state changes. If the number of active member interfaces in a port-channel is less than configured min-links, it brings the corresponding port-channel Link Down and syslogs LAG-4-MINLINK_INTF_INSUFFICIENT message. If additional interfaces get programmed as collecting and distributing, EOS re-evaluates min-links on the port-channel. If sufficient number of interfaces are available to be a part of port-channel, then all interfaces of the corresponding port-channel are re-enabled for LACP negotiation and the port-channel becomes Link Up. LAG-4-MINLINK_INTF_NORMAL is syslogged after min-links-review-timeout if the min-links condition is satisfied; otherwise LAG-4-MINLINK_INTF_INSUFFICIENT is syslogged and the port-channel goes Link Down. If an interface remains in collecting state but not in distributing state for min-links-review-timeout, it is moved out of collecting state. It is periodically re-enabled after min-links-retry-timeout (which is 360s seconds) till it progresses to collecting and distributing. Meanwhile, if a port-channel becomes Link Up because sufficient number of interfaces progressed to collecting and distributing states, then this interface is enabled for LACP negotiation.

Command Mode

Interface-Port-Channel Configuration

Command Syntax

port-channel min-links quantity

no port-channel min-links

default port-channel min-links

Parameters

quantity Minimum number of interfaces. Value range varies by platform. Default value is 0.

Example

These commands set 4 as the minimum number of ports required for port channel 13 to become active.

switch(config)# interface port-channel 13
switch(config-if-Po13)# port-channel min-links 4
switch(config-if-Po13)# show active
interface Port-Channel13
   port-channel min-links 4
switch(config-if-Po13)#

port-channel min-links review interval

The port-channel min-links review interval command enables or disables timer based min-links review feature for all port-channels.

The no port-channel min-links review interval and default port-channel min-links review intervalcommands restore the default min-links-timeout-base to 180 seconds by removing the corresponding port-channel min-links review interval command from running-config.

Command Mode

Global Configuration

Command Syntax

port-channel min-links review interval timeout (seconds)

no port-channel min-links review interval

default port-channel min-links review interval

Guidelines

The min-links-timeout-base interval for port-channels can be set within the range of 0 to 600 seconds. When setting the review interval to zero, the command has the following effect:

Disables the timer-based min-links review feature for all port-channels.
- For LACP port-channels, it prevents the port-channel from bringing link up (even after one or more member ports were negotiated to collect or distribute (rx or tx)) until there are sufficient member interfaces ready to join the port-channel. Meanwhile, the partner can enable the port-channel link with fewer than required member interfaces. This configuration does not impact port-channels without min-links configuration.

Related Command

port-channel min-links

Example

This command sets the port-channel min-links interval to 200 seconds.

switch(config)# port-channel min-links review interval 200

port-channel speed mixed

The port-channel speed mixed command configures a port channel with the ability to have active members of multiple speeds.

Note: Available on the 7020, 7280, 7500, and 7800 platforms. Minimum links is not available on mixed-speed port channels.

Command Mode

Interface-Port-Channel Configuration

Command Syntax

port-channel speed mixed

Related Commands

The interface port-channel command places the switch in the interface-port-channel configuration mode.

Example

These commands place the switch in the interface port-channel mode and configure the mixed speed port-channel.

switch(config)# interface port-channel 1
switch(config-if-Po1)# port-channel speed mixed

port-channel speed minimum

The port-channel speed minimum command specifies the cumulative minimum speed of all active members in order for a port channel to become active. If there is less than the specified by this command, the port channel interface does not become active.

Note: If both minimum speed and minimum links are configured, minimum speed will take precedence.

Command Mode

Interface-Port-Channel Configuration

Command Syntax

port-channel speed minimum speed-value

Parameter

speed-value Minimum speed value. The value ranges from 1 to 65535.

Related Command

The interface port-channel command places the switch in interface-port-channel configuration mode.

Example

These command sets 100 Gbps as the minimum speed needed for port channel 1 to become active.

switch(config)# interface port-channel 1
switch(config-if-Po1)# port-channel speed minimum 100 gbps

show lacp aggregates

The show lacp aggregates command displays aggregate IDs and the list of bundled ports for all specified port channels.

Command Mode

EXEC

Command Syntax

show lacp [PORT_LIST] aggregates [PORT_LEVEL] [INFO_LEVEL]

Note: PORT_LEVEL and INFO_LEVEL parameters can be placed in any order.

Parameters

PORT_LIST Port channels for which aggregate information is displayed. Options include:
- <no parameter> All configured port channels.
- c_range Channel list (number, range, or comma-delimited list of numbers and ranges).
PORT_LEVEL Ports displayed, in terms of aggregation status. Options include:
- no parameter Ports bundled by LACP into the port channel.
- all-ports All channel group ports, including channel group members not bundled into the port channel interface.
INFO_LEVEL Amount of information that is displayed. Options include:
- no parameter Aggregate ID and bundled ports for each channel.
- brief Aggregate ID and bundled ports for each channel.
- detailed Aggregate ID and bundled ports for each channel.

Example

This command lists aggregate information for all configured port channels.

switch> show lacp aggregates

Port Channel Port-Channel1:
 Aggregate ID: 
[(8000,00-1c-73-04-36-d7,0001,0000,0000),(8000,00-1c-73-09-a0-f3,0001,0000,0000)]
  Bundled Ports: Ethernet43 Ethernet44 Ethernet45 Ethernet46
Port Channel Port-Channel2:
 Aggregate ID: 
[(8000,00-1c-73-01-02-1e,0002,0000,0000),(8000,00-1c-73-04-36-d7,0002,0000,0000)]
  Bundled Ports: Ethernet47 Ethernet48
Port Channel Port-Channel3:
 Aggregate ID: 
[(8000,00-1c-73-04-36-d7,0003,0000,0000),(8000,00-1c-73-0c-02-7d,0001,0000,0000)]
  Bundled Ports: Ethernet3 Ethernet4
Port Channel Port-Channel4:
 Aggregate ID: 
[(0001,00-22-b0-57-23-be,0031,0000,0000),(8000,00-1c-73-04-36-d7,0004,0000,0000)]
  Bundled Ports: Ethernet1 Ethernet2
Port Channel Port-Channel5:
 Aggregate ID: 
[(0001,00-22-b0-5a-0c-51,0033,0000,0000),(8000,00-1c-73-04-36-d7,0005,0000,0000)]
  Bundled Ports: Ethernet41
switch>

show lacp counters

The show lacp counters command displays LACP traffic statistics.

Command Mode

EXEC

Command Syntax

show lacp [PORT_LIST] counters [PORT_LEVEL] [INFO_LEVEL]

Note: PORT_LEVEL and INFO_LEVEL parameters can be interchanged while running the command.

Parameters

PORT_LIST Ports for which port information is displayed. Options include:
- no parameter All configured port channels.
- c_rangePorts in specified channel list (number, number range, or list of numbers and ranges).
- interface Ports on all interfaces.
- interface ethernet e_num Port on Ethernet interface specified by e_num.
- interface port-channel p_num Port on port channel interface specified by p_num.
PORT_LEVELPorts displayed, in terms of aggregation status. Options include:
- no parameter Only ports bundled by LACP into an aggregate.
- all-ports All ports, including LACP candidates that are not bundled.
INFO_LEVEL Amount of information that is displayed. Options include:
- no parameter Displays packet transmission (TX and RX) statistics.
- brief Displays packet transmission (TX and RX) statistics.
- detailed Displays packet transmission (TX and RX) statistics and actor-partner statistics.

Example

This command displays transmission statistics for all configured port channels.

switch> show lacp counters brief

                      LACPDUs         Markers   Marker Response
Port   Status        RX         TX   RX    TX   RX    TX   Illegal
------------------------------------------------------------------
Port Channel Port-Channel1:
Et43   Bundled   396979     396959    0     0    0     0    0
Et44   Bundled   396979     396959    0     0    0     0    0
Et45   Bundled   396979     396959    0     0    0     0    0
Et46   Bundled   396979     396959    0     0    0     0    0

Port Channel Port-Channel2:
Et47   Bundled   396836     396883    0     0    0     0    0
Et48   Bundled   396838     396883    0     0    0     0    0

switch>

show lacp interface

The show lacp interface command displays port status for all port channels that include the specified interfaces. Within the displays for each listed port channel, the output displays sys-id, partner port, state, actor port, and port priority for each interface in the channel.

Command Mode

EXEC

Command Syntax

show lacp interface [INTERFACE_PORT] [PORT_LEVEL] [INFO_LEVEL]

Note: INTERFACE_PORT is listed first when present. Other parameters can be listed in any order.

Parameters

INTERFACE_PORT Interfaces for which information is displayed. Options include:
- no parameter All interfaces in channel groups.
- ethernet e_num Ethernet interface specified by e_num.
- port-channel p_num Port channel interface specified by p_num.
PORT_LEVEL Ports displayed, in terms of aggregation status. Options include:
- no parameter Command lists data for ports bundled by LACP into the aggregate.
- all-ports Command lists data for all ports, including LACP candidates that are not bundled.
INFO_LEVEL Amount of information that is displayed. Options include:
- no parameter Displays same information as brief option.
- brief Displays LACP configuration data, including sys-id, actor, priorities, and keys.
- detailed Includes brief option information plus state machine data.

Example

This command displays LACP configuration information for all ethernet interfaces.

switch> show lacp interface
State: A = Active, P = Passive; S=ShortTimeout, L=LongTimeout;
       G = Aggregable, I = Individual; s+=InSync, s-=OutOfSync;
       C = Collecting, X = state machine expired,
       D = Distributing, d = default neighbor state

             |                       Partner                         Actor
Port Status  | Sys-id                 Port# State   OperKey PortPri  Port#
----------------------------------------------------------------------------
Port Channel Port-Channel1:
Et43 Bundled | 8000,00-1c-73-09-a0-f3    43 ALGs+CD  0x0001   32768   43
Et44 Bundled | 8000,00-1c-73-09-a0-f3    44 ALGs+CD  0x0001   32768   44
Et45 Bundled | 8000,00-1c-73-09-a0-f3    45 ALGs+CD  0x0001   32768   45
Et46 Bundled | 8000,00-1c-73-09-a0-f3    46 ALGs+CD  0x0001   32768   46
Port Channel Port-Channel2:
Et47 Bundled | 8000,00-1c-73-01-02-1e    23 ALGs+CD  0x0002   32768   47
Et48 Bundled | 8000,00-1c-73-01-02-1e    24 ALGs+CD  0x0002   32768   48

             |                 Actor
Port Status  |   State         OperKey    PortPriority
-------------------------------------------------------
Port Channel Port-Channel1:
Et43 Bundled |   ALGs+CD        0x0001           32768
Et44 Bundled |   ALGs+CD        0x0001           32768
Et45 Bundled |   ALGs+CD        0x0001           32768
Et46 Bundled |   ALGs+CD        0x0001           32768
Port Channel Port-Channel2:
Et47 Bundled |   ALGs+CD        0x0002           32768
Et48 Bundled |   ALGs+CD        0x0002           32768

switch>

show lacp internal

The show lacp internal command displays the local LACP state for all specified channels. Local state data includes the state machines and LACP protocol information.

Command Mode

EXEC

Command Syntax

show lacp [PORT_LIST] internal [PORT_LEVEL] [INFO_LEVEL]

Parameters

PORT_LIST Interface for which port information is displayed. Options include:
- no parameter All configured port channels.
- c_rangePorts in specified channel list (number, number range, or list of numbers and ranges).
- interface Ports on all interfaces.
- interface ethernet e_num Ethernet interface specified by e_num.
- interface port-channel p_num Port channel interface specified by p_num.
PORT_LEVEL Ports displayed, in terms of aggregation status. Options include:
- no parameter Command lists data for ports bundled by LACP into an aggregate.
- all-ports Command lists data for all ports, including LACP candidates that are not bundled.
INFO_LEVEL Amount of information that is displayed. Options include:
- no parameter Displays same information as brief option.
- brief Displays LACP configuration data, including sys-id, actor, priorities, and keys.
- detailed Includes brief option information plus state machine data.
Note: PORT_LEVEL and INFO_LEVEL parameters can be placed in any order.

Example

This command displays internal data for all configured port channels.

switch> show lacp internal

LACP System-identifier: 8000,00-1c-73-04-36-d7
State: A = Active, P = Passive; S=ShortTimeout, L=LongTimeout;
       G = Aggregable, I = Individual; s+=InSync, s-=OutOfSync;
       C = Collecting, X = state machine expired,
       D = Distributing, d = default neighbor state
             |Partner                                 Actor
Port Status  | Sys-id                 Port#  State    OperKey  PortPriority
----------------------------------------------------------------------------
Port Channel Port-Channel1:
Et43 Bundled | 8000,00-1c-73-09-a0-f3    43  ALGs+CD   0x0001   32768
Et44 Bundled | 8000,00-1c-73-09-a0-f3    44  ALGs+CD   0x0001   32768
Et45 Bundled | 8000,00-1c-73-09-a0-f3    45  ALGs+CD   0x0001   32768
Et46 Bundled | 8000,00-1c-73-09-a0-f3    46  ALGs+CD   0x0001   32768

show lacp peer

The show lacp peer command displays the LACP protocol state of the remote neighbor for all specified port channels.

Command Mode

EXEC

Command Syntax

show lacp [PORT_LIST] peer [PORT_LEVEL] [INFO_LEVEL]

Note: PORT_LEVEL and INFO_LEVEL parameters can be placed in any order.

Parameters

PORT_LISTInterface for which port information is displayed. Options include:
- no parameter Displays information for all configured port channels.
- c_range Ports in specified channel list (number, number range, or list of numbers and ranges).
- interface Ports on all interfaces.
- interface ethernet e_num Ethernet interface specified by e_num.
- interface port-channel p_num Port channel interface specified by p_num.
PORT_LEVEL Ports displayed, in terms of aggregation status. Options include:
- no parameter Command lists data for ports bundled by LACP into an aggregate.
- all-ports Command lists data for all ports, including LACP candidates that are not bundled.
INFO_LEVEL Amount of information that is displayed. Options include:
- no parameter Displays same information as brief option.
- brief Displays LACP configuration data, including sys-id, actor, priorities, and keys.
- detailed Includes brief option information plus state machine data.

Example

This command displays the LACP protocol state of the remote neighbor for all port channels.

switch> show lacp peer
 
State: A = Active, P = Passive; S=ShortTimeout, L=LongTimeout;
       G = Aggregable, I = Individual; s+=InSync, s-=OutOfSync;
       C = Collecting, X = state machine expired,
       D = Distributing, d = default neighbor state
               |                          Partner
Port   Status  | Sys-id                  Port#   State     OperKey  PortPri
----------------------------------------------------------------------------
Port Channel Port-Channel1:
Et1    Bundled | 8000,00-1c-73-00-13-19      1   ALGs+CD    0x0001    32768
Et2    Bundled | 8000,00-1c-73-00-13-19      2   ALGs+CD    0x0001    32768
Port Channel Port-Channel2:
Et23   Bundled | 8000,00-1c-73-04-36-d7     47   ALGs+CD    0x0002    32768
Et24   Bundled | 8000,00-1c-73-04-36-d7     48   ALGs+CD    0x0002    32768
Port Channel Port-Channel4*:
Et3    Bundled | 8000,00-1c-73-0b-a8-0e     45   ALGs+CD    0x0001    32768
Et4    Bundled | 8000,00-1c-73-0b-a8-0e     46   ALGs+CD    0x0001    32768
Port Channel Port-Channel5*:
Et19   Bundled | 8000,00-1c-73-0c-30-09     49   ALGs+CD    0x0005    32768
Et20   Bundled | 8000,00-1c-73-0c-30-09     50   ALGs+CD    0x0005    32768
Port Channel Port-Channel6*:
Et6    Bundled | 8000,00-1c-73-01-07-b9     49   ALGs+CD    0x0001    32768
Port Channel Port-Channel7*:
Et5    Bundled | 8000,00-1c-73-0f-6b-22     51   ALGs+CD    0x0001    32768
Port Channel Port-Channel8*:
Et10   Bundled | 8000,00-1c-73-10-40-fa     51   ALGs+CD    0x0001    32768

* - Only local interfaces for MLAGs are displayed. Connect to the peer to
    see the state for peer interfaces.
switch>

show lacp sys-id

The show lacp sys-id command displays the System Identifier the switch uses when negotiating remote LACP implementations.

Command Mode

EXEC

Command Syntax

show lacp sys-id [INFO_LEVEL]

Parameters

INFO_LEVEL Amount of information that is displayed. Options include:

no parameter Displays system identifier.
brief Displays system identifier.
detailed Displays system identifier and system priority, including the MAC address.

Examples

This command displays the system identifier.

switch> show lacp sys-id brief
8000,00-1c-73-04-36-d7

This command displays the system identifier and system priority.

switch> show lacp sys-id detailed
System Identifier used by LACP:
System priority: 32768  Switch MAC Address: 00:1c:73:04:36:d7
  802.11.43 representation: 8000,00-1c-73-04-36-d7

show load-balance profile

The show load-balance profile command displays the contents of the specified load balance profiles. Load balance profiles specify parameters used by hashing algorithms that distribute traffic across ports comprising a port channel or among component ECMP routes.

Command Mode

EXEC

Command Syntax

show load-balance profile [PROFILES]

Parameters

PROFILES Load balance profiles for which command displays contents. Options include:

no parameter Displays all load balance profiles.
profile_name Displays specified profile.

Related Commands

load-balance policies places the switch in load-balance-policies configuration mode.
ingress load-balance profile applies a load-balance profile to an Ethernet or port channel interface.

Example

This command displays the contents of the LB-1 load balance profile.

switch> show load-balance profile LB-1

---------- LB-1 ----------

Source MAC address hashing               ON
Destination MAC address hashing          ON
Ethernet type hashing                    ON
VLAN ID hashing                          ON
IP protocol field hashing                ON
DSCP field hashing is                    ON
Symmetric hashing for non-IP packets     OFF
Symmetric hashing for IP packets         OFF
Random distribution for port-channel     ON
Random distribution for ecmp             ON

Profile LB-1 is applied on the following
    Port-Channel100

---------- myGlobalProfile (global) ----------
L3 hashing is ON
Symmetric hashing is OFF
Hashing mode is flow-based
Hash polynomial is 3
Hash seed is 0
Profile myGlobalProfile (global) is applied on the following
Linecard3
Linecard4
Linecard5
Linecard6

switch>

show port-channel

The show port-channel command displays information about members the specified port channels.

Command Mode

EXEC

Command Syntax

show port-channel [MEMBERS] [PORT_LIST] [INFO_LEVEL]

Parameters

MEMBERSList of port channels for which information is displayed. Options include:
- no parameterAll configured port channels.
- p_range Ports in specified channel list (number, number range, or list of numbers and ranges).
PORT_LEVELPorts displayed, in terms of aggregation status. Options include:
- no parameterDisplays information on ports that are active members of the LAG.
- active-portsDisplays information on ports that are active members of the LAG.
- all-ports Displays information on all ports (active or inactive) configured for LAG.
INFO_LEVELAmount of information that is displayed. Options include:
- no parameterDisplays information at the brief level.
- briefDisplays information at the brief level.
- detailed Displays information at the detail level.

Display Values

Port Channel Type and name of the port channel.
Time became active Time when the port channel came up.
Protocol Protocol operating on the port channel.
Mode Status of the Ethernet interface on the port. The status value is Active or Inactive.
No active ports Number of active ports on the port channel.
Configured but inactive ports Ports configured but that are not actively up.
Reason unconfigured Reason why the port is not part of the LAG.

Guidelines

You can configure a port channel to contain many ports, but only a subset may be active at a time. All active ports in a port channel must be compatible. Compatibility includes many factors and is platform specific. For example, compatibility may require identical operating parameters such as speed and Maximum Transmission Unit (MTU). Compatibility may only be possible between specific ports because of the internal organization of the switch.

Examples

This command displays output from the show port-channel command.

switch> show port-channel 3
Port Channel Port-Channel3: 
  Active Ports: 
       Port                Time became active       Protocol    Mode    
    ----------------------------------------------------------------------- 
       Ethernet3           15:33:41                 LACP        Active 
       PeerEthernet3       15:33:41                 LACP        Active

This command displays output from the show port-channel active-ports command.

switch> show port-channel active-ports
Port Channel Port-Channel3:
  No Active Ports
Port Channel Port-Channel11:
  No Active Ports
switch>

This command displays output from the show port-channel all-ports command.

switch> show port-channel all-ports
Port Channel Port-Channel3:
  No Active Ports
  Configured, but inactive ports:
      Port            Time became inactive    Reason unconfigured
    ----------------------------------------------------------------------------
      Ethernet3       Always                  not compatible with aggregate

Port Channel Port-Channel11:
  No Active Ports
  Configured, but inactive ports:
      Port            Time became inactive    Reason unconfigured
    ----------------------------------------------------------------------------
      Ethernet25      Always                  not compatible with aggregate
      Ethernet26      Always                  not compatible with aggregate

This command displays details about the port-channel configuration:
```
switch#show port-channel 50 detailed 
Port Channel Port-Channel50 (Fallback State: Unconfigured): 
Minimum links: unconfigured Minimum speed: unconfigured 
Current weight/Max weight: 1/16 

Active Ports: 
Port                  Time Became Active        Protocol       Mode         Weight      State
-------------------- ------------------------ -------------- ------------ ------------ ------
Ethernet51            Wed 15:19:30              LACP           Active       1           Rx,Tx 
PeerEthernet52        Wed 15:19:28              LACP           Active       0           Unknown
```
This output displays the following information:
- Port - the Active ports on an interface.
- Time Became Active - The time when a port came up on the network.
- Protocol - the network protocol associated with the port.
- Mode - the current mode of the port as Active or Inactive.
- Weight - The member port weight is directly proportional to other members speeds and determines the number of packets sent over the member port when it becomes active. For same speed port-channels, all members have a weight of one (1).
- State - the state of the port as receiving (Rx) traffic, transmitting (Tx) traffic, or Unknown.

show port-channel dense

The show port-channel dense command displays the port-channels on the switch and lists their component interfaces, LACP status, and set flags.

Command Mode

EXEC

Command Syntax

show port-channel dense

Example

This command displays show port-channel dense output:

switch> show port-channel dense

    Flags
---------------------------------------------------------------------
a - LACP Active        p - LACP Passive
U - In Use             D - Down
+ - In-Sync            - - Out-of-Sync      i - incompatible with agg
P - bundled in Po      s - suspended        G - Aggregable
I - Individual         S - ShortTimeout     w - wait for agg

Number of channels in use: 2
Number of aggregators:2

   Port-Channel       Protocol    Ports
-------------------------------------------------------
   Po1(U)             LACP(a)      Et47(PG+) Et48(PG+)
   Po2(U)             LACP(a)      Et39(PG+) Et40(PG+)

show port-channel limits

The show port-channel limits command displays groups of ports that are compatible and may be joined into port channels. Each group of compatible ports is called a LAG group. For each LAG group, the command also displays Max interfaces and Max ports per interface.

Max interfaces defines the maximum number of active port channels that may be formed out of these ports.
Max ports per interface defines the maximum number of active ports allowed in a port channel from the compatibility group.

Command Mode

EXEC

Command Syntax

show port-channel limits

Example

This command displays show port-channel list output:

switch> show port-channel limits

LAG Group: focalpoint
--------------------------------------------------------------------------
  Max port-channels per group: 24, Max ports per port-channel: 16
  24 compatible ports: Ethernet1  Ethernet2  Ethernet3  Ethernet4
                       Ethernet5  Ethernet6  Ethernet7  Ethernet8
                       Ethernet9  Ethernet10 Ethernet11 Ethernet12
                       Ethernet13 Ethernet14 Ethernet15 Ethernet16
                       Ethernet17 Ethernet18 Ethernet19 Ethernet20
                       Ethernet21 Ethernet22 Ethernet23 Ethernet24
--------------------------------------------------------------------------

show port-channel load-balance fields

The show port-channel load-balance fields command displays the fields that the hashing algorithm uses to distribute traffic across the interfaces that comprise the port channels.

Command Mode

EXEC

Command Syntax

show port-channel load-balance HARDWARE fields

Parameters

HARDWARE ASIC switching device. Selection options depend on the switch model and include:

arad
fm6000
petraA
trident

Example

This command displays the hashing fields used for balancing port channel traffic.

switch> show port-channel load-balance fm6000 fields

Source MAC address hashing for non-IP packets is ON
Destination MAC address hashing for non-IP packets is ON
Ethernet type hashing for non-IP packets is ON
VLAN ID hashing for non-IP packets is ON
VLAN priority hashing for non-IP packets is ON
Source MAC address hashing for IP packets is ON
Destination MAC address hashing for IP packets is ON
Ethernet type hashing for IP packets is ON
VLAN ID hashing for IP packets is ON
VLAN priority hashing for IP packets is ON
IP source address hashing is ON
IP destination address hashing is ON
IP protocol field hashing is ON
TCP/UDP source port hashing is ON
TCP/UDP destination port hashing is ON

switch>

show port-channel load-balance

The show port-channel load-balance command displays the traffic distribution between the member ports of the specified port channels. The command displays distribution for unicast, multicast, and broadcast streams.

The distribution values displayed are based on the total interface counters which start from 0 at boot time or when the counters are cleared. For more current traffic distribution values, clear the interface counters of the member interfaces using the clear counters command.

Command Mode

EXEC

Command Syntax

show port-channel load-balance [MEMBERS]

Parameters

MEMBERS list of port channels for which information is displayed. Options include:

no parameter all configured port channels.
c_range ports in specified channel list (number, number range, or list of numbers and ranges).

Example

This command displays traffic distribution for all configured port channels.

switch> show port-channel load-balance
ChanId      Port Rx-Ucst Tx-Ucst Rx-Mcst Tx-Mcst Rx-Bcst Tx-Bcst
------ --------- ------- ------- ------- ------- ------- -------
     8      Et10 100.00% 100.00% 100.00% 100.00%   0.00% 100.00%
------ --------- ------- ------- ------- ------- ------- -------
     1       Et1  13.97%  42.37%  47.71%  30.94%   0.43%  99.84%
     1       Et2  86.03%  57.63%  52.29%  69.06%  99.57%   0.16%
------ --------- ------- ------- ------- ------- ------- -------
     2      Et23  48.27%  50.71%  26.79%  73.22%   0.00% 100.00%
     2      Et24  51.73%  49.29%  73.21%  26.78%   0.00%   0.00%
------ --------- ------- ------- ------- ------- ------- -------
     4       Et3  55.97%  63.29%  51.32%  73.49%   0.00%   0.00%
     4       Et4  44.03%  36.71%  48.68%  26.51%   0.00%   0.00%
------ --------- ------- ------- ------- ------- ------- -------
     5      Et19  39.64%  37.71%  50.00%  90.71%   0.00%   0.00%
     5      Et20  60.36%  62.29%  50.00%   9.29%   0.00% 100.00%
------ --------- ------- ------- ------- ------- ------- -------
     6       Et6 100.00% 100.00% 100.00% 100.00%   0.00% 100.00%
------ --------- ------- ------- ------- ------- ------- -------
     7       Et5 100.00%   0.00% 100.00% 100.00%   0.00%   0.00%
switch>

Multi-Chassis Link Aggregation

Arista switches support Multi-Chassis Link Aggregation (MLAG) to logically aggregate ports across two switches. For example, two 10-gigabit Ethernet ports, one each from two MLAG configured switches, can connect to two 10-gigabit ports on a host, switch, or network device to create a link that appears as a single 20-gigabit port. MLAG-configured ports provide Layer 2 multipathing, increased bandwidth, higher availability, and other improvements on traditional active-passive or Spanning Tree governed infrastructures.

The Multi-Chassis Link Aggregation section contains these topics:

MLAG Introduction
MLAG Conceptual Overview
MLAG Maintenance
Configuring MLAG
EVPN - MLAG Single-homed Hosts
Configuring MLAG Layer 2 Subinterfaces
Configuring Forced Periodic ARP and NDP Refresh
MLAG Implementation Example
MLAG Commands

MLAG Introduction

High availability data center topologies typically provide redundancy protection at the expense of over-subscription by connecting Top-Of-Rack (TOR) switches and servers to dual aggregation switches. In these topologies, Spanning Tree Protocol prevents network loops by blocking half of the links to the aggregation switches. This reduces the available bandwidth by 50%.

Deploying MLAG removes over-subscription by configuring an MLAG link between two aggregation switches to create a single logical switching instance that utilizes all connections to the switches. Interfaces on both devices participate in a distributed port channel, enabling all active paths to carry data traffic while maintaining the integrity of the Spanning Tree topology.

MLAG provides these benefits:

Aggregates multiple Ethernet ports across two switches.
Provides higher bandwidth links as network traffic increases.
Utilizes bandwidth more efficiently with fewer links blocked by STP.
Connects to other switches and servers by static LAG or LACP without other proprietary protocols.
Supports normal STP operation to prevent loops.
Supports active-active Layer-2 redundancy.

Note: For information on enabling Precision Timing Protocol (PTP) on an MLAG interface, see the Timing Protocols chapter.

Note: The global STP configuration is derived from the primary peer device while the secondary device parameters are ignored. When STP is disabled on the primary device, the secondary device will not contain any STP configuration information from the primary device. As a result, the secondary device will not be able to decide on the port roles or states, and will remain in the default state which is the discarding state. This is an expected behavior.

Note: It is highly recommended that both MLAG peer switches are identical platforms and run identical EOS images. Running different images/platform may result in a failure to form an association with the MLAG peer or see discrepancy in behavior.

MLAG Conceptual Overview

MLAG Operation Process

A Multi-chassis Link Aggregation Group (MLAG) is a pair of links that terminate on two cooperating switches and appear as an ordinary Link Aggregation Group (LAG). The cooperating switches are MLAG peer switches and communicate through an interface called a peer link. While the peer link’s primary purpose is exchanging MLAG control information between peer switches, it also carries data traffic from devices that are attached to only one MLAG peer and have no alternative path. An MLAG domain consists of the peer switches and the control links that connect the switches.

In the figure below, Switch A and Switch B are peer switches in the MLAG domain and connect to each other through the peer link. Each peer switch uses the peer address to form and maintain the peer link.

The MLAG domain ID is a text string configured in each peer switch. MLAG switches use this string to identify their peers. The MLAG System ID (MSI) is the MLAG domain’s MAC address. The MSI is automatically derived when the MLAG forms and does not match the bridge MAC address of either peer. Each peer uses the MSI in STP and LACP PDUs.

The topology shown below contains four MLAGs: one MLAG connects each device to the MLAG domain. Each peer switch connects to the four servers through MLAG link interfaces.

In a conventional topology, with dually-attaching devices to multiple switches for redundancy, Spanning Tree Protocol (STP) blocks half of the switch-device links. In the MLAG topology, STP does not block any portion because it views the MLAG Domain as a single switch and each MLAG as a single port. The MLAG protocol facilitates the balancing of device traffic between the peer switches.

When MLAG is disabled, peer switches revert to their independent state. MLAG is disabled by any of the following:

MLAG configuration changes.
The TCP connection breaks.
The peer-link or local-interface goes down.
A switch does not receive a response to a keep alive message from its peer within a specified period.

MLAG Interoperability with Other Features

The following sections describe MLAG interaction with other switch features.

VLANs

VLAN parameters must be configured identically on each peer for the LAGs comprising the peer link and MLAGs. These parameters include the switchport access VLAN, switchport mode, trunk-allowed VLANs, the trunk native VLAN, and switchport trunk groups.

Configuration discrepancies may result in traffic loss in certain failure scenarios. Port-specific bridging configuration originates on the switch where the port is physically located.

LACP

Link Aggregation Control Protocol (LACP) should be used on all MLAG interfaces, including the peer-link. LACP control packets reference the MLAG system ID.

Static MAC Addresses

A static MAC address configured on an MLAG interface is automatically configured on the peer’s corresponding interface. Configuring static MAC addresses on both peers prevents undesired flooding if an MLAG peer relationship fails.

If the MLAG peering relationship is disabled, the static MAC previously learned from peer is removed.

Spanning Tree Protocol (STP)

When implementing MLAG in a spanning tree network, spanning tree must be configured globally and on port-channels configured with an MLAG ID. Port specific spanning tree configuration comes from the switch where the port physically resides. This includes spanning-tree PortFast BPDU Guard and BPDU filter.

Port Mirroring

A port channel which is a member of an MLAG must not be used as the destination port for a port mirroring (port monitoring) session.

IPv6 Flow Label Hashing

Arista switches use the hashing algorithm to load-balance traffic among LAG members and Layer 3 ECMP (equal cost multipath) paths. For IP and IPv6 traffic, the hashing algorithm includes (if so configured for LAG) the IP packet fields such as source and destination IP addresses as well as source and destination ports for UDP and TCP traffic.

To improve traffic distribution for IPv6 traffic, IPv6 Flow Label field has been added to the hashing algorithm for both LAG and ECMP.

Note: IPv6 Flow Label is included in the LAG hashing algorithm only when the MAC header hashing is not enabled for IPv6 traffic.

MLAG Maintenance

These sections describe tasks required for MLAG to operate on the switch:

Ensuring Control Plane ACL Compatibility
MLAG Availability through a Single Functional Peer
Upgrading MLAG Peers
Forced Periodic ARP and NDP Refresh on IPv4 and IPv6 Networks

Ensuring Control Plane ACL Compatibility

The control plane Access Control List (ACL) on any interface participating in the MLAG must be configured to allow only the peer link neighbor to generate MLAG control traffic. The required rules are included in the default control plane ACL for Ethernet ports.

Any custom control plane ACL applied to a participating port must include these three rules:

permit tcp any any eq mlag ttl eq 255 
permit udp any any eq mlag ttl eq 255 
permit tcp any eq mlag any ttl eq 255

MLAG peers that function as routers must each have routing enabled.

MLAG Availability through a Single Functional Peer

MLAG high availability advantages are fully realized when all devices that connect to one MLAG switch also connect to the peer switch. A switch can continue supporting MLAG when its peer is offline if the STP agent is restartable. When one peer is offline, data traffic flows from the devices through the MLAG component link that connects to the functioning switch. When a switch is offline, its interfaces and ports do not appear in show mlag and show spanning tree protocol commands of the functioning peer.

To view the restartability status of the STP agent, use the detail option of theshow spanning-tree instancecommand:

switch-1# show spanning-tree instance detail | grep agent
Stp agent restartable                      :            True

STP agent restartability requires consistent configuration between the peers of STP, LACP, MLAG, and switchport parameters. Events triggering an STP state machine change may also briefly prevent the STP agent from being restartable.

Reload Delay

If an MLAG peer reboots, all ports except those in the peer-link port-channel remain in errdisabled state for a specified time, called the reload-delay period. This period allows all topology states to stabilize before the switch begins forwarding traffic. Each Arista switch defaults to the recommended reload-delay value, which varies by switch platform:

Fixed configuration switches: 300 seconds
Trident II modular switches: 1200 seconds
- 7304
- 7308
- 7316
- 7300X series
Sand platform fixed configuration switches: 600 seconds
- 7280 series (except 7280CR2 and 7280SR2)
- 7020 series
Sand platform modular switches: 1800 seconds
- 7504
- 7508
- 7500E series
- 7548S
Sand Jericho+ fixed configuration switches: 900 seconds
- 7280CR2 series
- 7280SR2 series

In those cases where network topology requires additional time to stabilize or where a shorter delay can be tolerated, the reload-delay period can be configured using the reload-delay mlag command.

Severing the physical connection (cable) that establishes the peer-link between MLAG peers may result in a split brain state where each peer independently enters spanning tree state to prevent topology loops. Sessions established through one interface of a dual attached device may fail if its path is disrupted by the STP reconvergence, possibly resulting in temporarily lost connectivity. Sessions can be reestablished if permitted by the resulting topology.

Upgrading MLAG Peers

MLAG ISSU (In-Service Software Upgrade) upgrades EOS software on one MLAG peer with minimal traffic disruptions on active MLAG interfaces and without changing the network topology.

Verifying Configuration Compatibility

A seamless EOS upgrade on an MLAG peer requires that the following features are configured consistently on each switch:

VLANs.
Switchport configuration on port channel interfaces that are configured with an MLAG ID.
STP configuration (global).

Version Compatibility

A switch running MLAG can be upgraded without disrupting MLAG traffic when the upgraded EOS version is compatible with the version on the peer switch. Refer to the Release Notes for a list of compatible EOS versions.

Reload Warning Conditions

Entering an EOS reload command while MLAG is active generates warning messages if conditions that can result in packet loss during the upgrade are present. All warnings should be resolved before confirming the reload request. The following table displays the reload conditions and a common resolution method for each condition.

Table 1. Reload Warning Resolutions
Reload Condition	Resolution Method
Compatibility check	Refer to the Release Notes to verify that the new version is compatible with the currently installed version.
Active-partial MLAG warning	Bring up the remote port-channel. If the MLAG is not actively used, then this warning can be ignored.
STP is not restartable	Wait for STP to be restartable: typically 30 seconds, up to 120 seconds for a newly started STP agent. Refer to MLAG Availability through a Single Functional Peer for information on checking restartability.
Reload delay too low	Configure a reload delay value greater than or equal to the default. Recommend delay is 300 seconds for TOR switches, 900 seconds for modular switches, and 600 seconds for Sand platform fixed configuration switches (7020 and 7280 series (except 7280CR2 and 7280SR2)).
Peer has error-disabled interfaces	Wait for reload-delay to expire on the peer.

Example

The following reload command generates MLAG warning conditions that should be addressed before confirming the proceed with reload prompt.

switch(config)# reload
If you are performing an upgrade, and the Release Notes for the
new version of EOS indicate that MLAG is not backwards-compatible 
with the currently installed version (4.9.2), the upgrade will 
result in packet loss.

The following MLAGs are not in Active mode. Traffic to or from these ports will 
be lost during the upgrade process.
                                                               local/remote 
  mlag      desc               state      local      remote          status 
--------- --------- ------------------- ---------- ----------- ------------ 
    14                active-partial       Po14        Po14         up/down 
    15                active-partial       Po15        Po15         up/down

Stp is not restartable. Topology changes will occur during the upgrade process.

The configured reload delay of 100 seconds is below the default
value of 300 seconds. A longer reload delay allows more time to
rollback an unsuccessful upgrade due to incompatibility.

The other MLAG peer has errdisabled interfaces. Traffic loss will occur during 
the upgrade process.

Proceed with reload? [confirm]

Performing an MLAG ISSU Upgrade

The following procedure performs an MLAG ISSU upgrade:

Verify configuration consistency on each peer (Verifying Configuration Compatibility).
Verify version compatibility between the new and existing images (Version Compatibility).
Configure reload-delay mlag (MLAG Availability through a Single Functional Peer) if needed. Recommended delay period varies by switch type, and each switch defaults to its recommended delay period.
Install the new image onto one of the peers:
1. Upload the new image to the switch.
2. Set the boot path to the new image.
3. Enter the reload command.
Resolve all reload warnings.
Confirm the reload.
Wait for MLAG peers to renegotiate to the active state and reload-delay expiry on rebooted peer; until reload-delay period has expired, ports on the rebooted peer (except the peer-link) will be in errdisabled state with err-disabled reason being mlag-issu.

Avoid configuration changes on both peers until after this step.
Repeat the upgrade process for the other peer.

When upgrading modular switches with dual supervisors, upgrade the standby supervisors first, then upgrade the active supervisors.

Forced Periodic ARP and NDP Refresh on IPv4 and IPv6 Networks

Overview

In MLAG configurations where, each leaf connects to both spines (bowtie setups) and relies on Address Resolution Protocol (ARP) and Neighbor Discovery Protocol (NDP) refresh requests to keep VMACs in downstream MLAG switches up to date. Configure forced periodic ARP and NDP refresh requests to send ARP and NDR in periodic intervals independently of the confirmed time of ARP and NDR entries in the kernel. By default, when various processes confirm a neighbor entry using ARP synchronization between MLAG peers, the switch may not send an ARP refresh request for another duration of ARP aging timeout for IPv4 networks or NDP cache expiration time for IPv6 networks.

In topologies where the two upstream MLAG switches with VXLAN virtual MAC addresses, the VMAC can age out from the MAC tables of the downstream MLAG switches. Aging out can happen when the upstream switch sending APR or NDP requests through the downstream switch that owns the VMAC does not send an ARP or NDP request in that period because of ARP synchronization between the upstream MLAG peers. Adding this feature ensures that the upstream switches send ARP and NDP requests at the configured cache interval to prevent aging out of the VMAC on downstream switches.

Configuring MLAG

These sections describe the basic MLAG configuration steps:

Configuring the MLAG Peers
Configuring MLAG Services

Configuring the MLAG Peers

Connecting two switches as MLAG peers requires the establishment of the peer link and an SVI that defines local and peer IP addresses on each switch.

The peer link is composed of a LAG between the switches. When all devices that connect to the MLAG domain are dually connected to the switches through an MLAG, a peer link of two Ethernet interfaces is sufficient to handle MLAG control data and provide N+1 redundancy. When the domain connects to devices through only one MLAG peer, the peer link may require additional Ethernet interfaces to manage data traffic.

Disruptions to peer link connectivity due to forwarding agent restarts may cause an extended MLAG outage. Forwarding agent restart event include some configuration changes, such as port speed change or UFT mode change). The following precautions can reduce the risk of losing peer-link connectivity:

all switches: constructing peer-links from port-channels in preference to a single Ethernet interface.
modular systems: peer-link port-channel members should span multiple line cards.
multi-chip systems: peer-link port-channel member should span multiple chips.

Managing Switch Configuration Settings describes modular systems.

The steps that configure two switches as MLAG peers include:

Configuring the Port Channels, VLAN Interfaces, and IP addresses
Configuring Peer Parameters
Configuring MLAG Peer Gateway

Configuring the Port Channels, VLAN Interfaces, and IP addresses

The peer link is a normal port channel. The local address is the SVI that maps to the peer link port channel. The port channel and SVI must be configured on each peer switch. The port channel should be an active LACP port. The local and peer addresses must be located on the same IP address subnet. Autostate should be disabled on the SVI configured as the local interface.

Note: EOS supports IPv4 and IPv6 addresses.

Examples

These commands create an active mode LACP port channel interface from two Ethernet interfaces and configure it as part of a trunk group on each switch.

The switchport mode trunk command permits all VLANs on the interface by default, so all VLANs are permitted on port channel 10 in the following example. The configuration of a trunk group for a VLAN restricts only that specific VLAN to the associated ports: VLAN 4094 is only permitted on port channel 10, and not on any other ports on the switch. It is important to remember that all VLANs must be permitted between the peers on the peer link for correct operation.

Switch 1

switch1# config
switch1(config)# vlan 4094
switch1(config-vlan-4094)# trunk group m1peer
switch1# config
switch1(config)# interface ethernet 1-2
switch1(config-if-et1-2)# channel-group 10 mode active
switch1(config-if-et1-2)# interface port-channel 10
switch1(config-if-po10)# switchport mode trunk
switch1(config-if-po10)# switchport trunk group m1peer
switch1(config-if-po10)# exit
switch1(config)#

Switch 2

switch2# config
switch2(config)# vlan 4094
switch2(config-vlan-4094)# trunk group m1peer
switch2(config-vlan-4094)# exit
switch2(config)# interface ethernet 1-2
switch2(config-if-et1-2)# channel-group 10 mode active
switch2(config-if-et1-2)# interface port-channel 10
switch2(config-if-po10)# switchport mode trunk
switch2(config-if-po10)# switchport trunk group m1peer
switch2(config-if-po10)# exit
switch2(config)#

These commands create an SVI for the local interface and associate it to the trunk group assigned to the peer link port channel.
The SVI creates a Layer 3 endpoint in the switch and enables MLAG processes to communicate via TCP. The IP address can be any unicast address that does not conflict with other SVIs. STP is disabled for the peer link vlan 4094 to prevent any potential STP disruption of inter peer communications. Recall that the VLAN has been restricted to port-channel 10 by the earlier trunk group configuration thus preventing potential Layer 2 loop conditions within vlan 4094.

Switch 1
```
switch1# config
switch1(config)# interface vlan 4094
switch1(config-if-vl4094)# ip address 10.0.0.1/30
switch1(config-if-vl4094)# no autostate
switch1(config-if-vl4094)# exit
switch1(config)# no spanning-tree vlan-id 4094
switch1(config)#
```
Switch 2
```
switch2# config
switch2(config)# interface vlan 4094 
switch2(config-if-vl4094)# ip address 10.0.0.2/30
switch2(config-if-vl4094)# no autostate
switch2(config-if-vl4094)# exit
switch2(config)# no spanning-tree vlan-id 4094
switch2(config)#
```

Configuring Peer Parameters

Peer connection parameters configure the connection between the MLAG peer switches. This section describes the following peer configuration parameters.

MLAG Configuration Mode
Local VLAN Interface
Peer Address
Peer Link
Domain ID
Heartbeat Interval and Timeout
Reload Delay Period
Shutdown

MLAG Configuration Mode

Peer connection parameters are configured in MLAG-configuration mode. The mlag configuration (global configuration) command places the switch in MLAG configuration mode.

Example

This command places the switch in MLAG configuration mode.

switch(config)# mlag configuration
switch(config-mlag)#

Local VLAN Interface

The local interface specifies the SVI upon which the switch sends MLAG control traffic. The local IP address is specified within the definition of the VLAN associated with the local interface. The Peer Address configures the control traffic destination on the peer switch.

The local-interface command specifies a VLAN interface as the peer link SVI.

Example

This command configures vlan 4094 as the local interface.

switch(config-mlag)# local-interface vlan 4094
switch(config-mlag)#

Peer Address

The peer address is the destination address on the peer switch for MLAG control traffic. If the peer IP address is unreachable, MLAG peering fails and both peer switches revert to their independent state.

The peer-address command specifies the peer address.

Example

This command configures a peer address of 10.0.0.2.

switch(config-mlag)# peer-address 10.0.0.2
switch(config-mlag)#

Peer Link

An MLAG is formed by connecting two switches through an interface called a peer link. The peer link carries MLAG advertisements, keepalive messages, and data traffic between the switches. This information keeps the two switches working together as one. While interfaces comprising the peer links on each switch must be compatible, they need not use the same interface number. Ethernet and port-channel interfaces can be configured as peer links.

The peer-link command specifies the interface the switch uses to communicates MLAG control traffic.

Example

This command configures port-channel 10 as the peer link.

switch(config-mlag)# peer-link port-channel 10
switch(config-mlag)#

Domain ID

The MLAG domain ID is a unique identifier for an MLAG domain. The MLAG domain ID must be the identical on each switch to facilitate MLAG communication.

The domain-id command configures the MLAG domain ID.

Example

This command configures mlagDomain as the domain ID:

switch(config-mlag)# domain-id mlagDomain
switch(config-mlag)#

Heartbeat Interval and Timeout

The heartbeat interval specifies the period between the transmission of successive keepalive messages. Each MLAG switch transmits keepalive messages and monitors message reception from its peer. The heartbeat timeout is reset when the switch receives a keepalive message. If the heartbeat timeout expires, the switch disables MLAG under the premise that the peer switch is not functioning.

The heartbeat-interval (MLAG) command configures the heartbeat interval between 1 and 30 seconds, with a default value of 4 seconds. The heartbeat timeout expiry is 30 seconds.

Note: On 7500 and 7500E Series Switches, Arista recommends setting the heartbeat interval to 10 seconds.

Example

This command configures the heartbeat interval as 2500 milliseconds (2.5 seconds).

switch(config-mlag)# heartbeat-interval 2500
switch(config-mlag)#

Reload Delay Period

The reload delay period specifies the interval that non-peer links are disabled after an MLAG peer reboots. This interval allows non-peer links to learn multicast and OSPF states and synchronize ARP caches before the ports start handling traffic. Each Arista switch defaults to the recommended reload-delay value, which varies by switch platform.

Fixed configuration switches: 300 seconds (five minutes).
Trident II platform modular switches: 1200 seconds (twenty minutes).
Sand platform fixed configuration switches (7020 and 7280 series (except 7280CR2 and 7280SR2)): 600 seconds (ten minutes).
Sand platform modular switches: 1800 seconds (thirty minutes).

In those cases where network topology requires additional time to stabilize or where a shorter delay can be tolerated, the reload-delay period can be configured using the reload-delay mlag command.

Example

This command configures the reload delay interval as 2.5 minutes (150 seconds).

switch(config-mlag)# reload-delay 150
switch(config-mlag)#

Shutdown

The shutdown (MLAG) command disables MLAG operations without disrupting the MLAG configuration. The no mlag configuration command (global configuration mode) disables MLAG and removes the MLAG configuration. The no shutdown command resumes MLAG activity.

Examples

This command disables MLAG activity on the switch.

switch(config-mlag)# shutdown
switch(config-mlag)#

This command resumes MLAG activity on the switch.

switch(config-mlag)# no shutdown
switch(config-mlag)#

Configuring MLAG Peer Gateway

In an MLAG setup, routing on a MLAG peer switch is possible using its own bridge system MAC, VARP MAC, or VRRP MAC. On a peer receiving an IP packet with destination MAC set to one of these MACs, a packet gets routed if its hardware has enough information to route the packet. Configuring sending traffic to a cached MAC involves routing the session table and MLAG peer traffic if packets are received with the MAC peer.

Examples

This command enables the MLAG peer gateway.

switch(config)# ip virtual-router mac-address mlag-peer
switch1(config)#

This command disables the MLAG peer gateway.

switch(config)# no ip virtual-router mac-address mlag-peer
switch1(config)#

Configuring Ingress Replication to LAGs

Hardware support for ingress replication to LAGs is enabled by default when the user configures ingress replication. When multicast traffic is sent over the LAG, the hardware uses its built-in algorithm, based on the L2/L3/L4 headers, to load balance traffic over ports in the LAG. When a port goes down in a LAG, the hardware quickly hashes the multicast traffic over the remaining ports in the LAG, resulting in fewer drops than software based LAG support.

Examples

This command enables ingress replication.

switch(config)# platform sand multicast replication default ingress
switch(config)#

This command configures the maximum members (within a range of 1 through 64) for ingress only replication in a multicast group.
```
switch(config)# platform sand multicast replication ingress maximum 32
switch(config)#
```

Configuring MLAG Services

An MLAG is a pair of links that originate on a network attached device and terminate on the two MLAG peer switches. The MLAG switches coordinate traffic to the device through a common mlag (port-channel interface configuration) command on the interfaces that connect to the device.

The MLAG ID differs from the MLAG domain ID. The MLAG domain ID is assigned globally per switch in MLAG configuration mode, and the same MLAG domain ID must be on both switches.

Port channels configured as an MLAG must have identical port channel numbers. Although the MLAG ID is a distinct parameter from the port channel number, best practices recommend assigning the MLAG ID to match the port channel number.

Note: Arista recommends configuring the downstream switch or router connected to the MLAG peers to negotiate a LAG using LACP rather than configuring static LAGs. (On Arista switches, LACP is enabled using the command channel-group mode active. See Port Channels and LACP.) Using LAGs negotiated by LACP can help avoid problems caused by miscabling because LACP PDUs include the system ID and LACP key, which identify the switch and the LAG it belongs to. If MLAG miscabling happens using a LACP LAG, some ports become inactive in the LAG which prevents it from bridging traffic erroneously. More importantly, when the MLAG state is primary on one switch and inactive on another, the peer switches are acting as two independent L2 switches rather than as one logical L2 switch. In this scenario, the downstream switch will have its LAG (logical L2 port) connected to two distinct L2 switches, which can result in spanning tree problems on the downstream switch because it will receive BPDUs with different system IDs on the same LAG. If spanning tree is not running, an L2 loop will be created between MLAG peer switches and the downstream device. Allowing LACP to negotiate the downstream LAG avoids this problem because only ports connected to a given peer become active in the LAG, and the other set of ports cannot bridge traffic.

The example below does not follow this convention to emphasize the distinct parameters. The example in MLAG Implementation Example follows the best practices convention.

Examples

These switch1 commands bundle Ethernet interfaces 3 and 4 in port channel 20, then associate that port channel with mlag 12.

switch1(config)# interface ethernet 3-4
switch1(config-if-et3-4)# channel-group 20 mode active
switch1(config-if-et3-4)# interface port-channel 20
switch1(config-if-po20)# mlag 12
switch1(config-if-po20)# exit
switch1(config)#

These switch2 commands bundle Ethernet interfaces 9 and 10 in port channel 20, then associate that port channel with mlag 12.

switch2(config)# interface ethernet 9-10
switch2(config-if-et9-10)# channel-group 20 mode active
switch2(config-if-et9-10)# interface port-channel 20
switch2(config-if-po20)# mlag 12
switch2(config-if-po20)# exit
switch2(config)#

These commands configure the port channels that attach to the MLAG on network attached device:

NAD(config)# interface ethernet 1-4
NAD(config-if-Et1-4)# channel-group 1 mode active
NAD(config-if-Et1-4)# exit
NAD(config)#

The following figure displays the result of the interface MLAG configuration.

EVPN - MLAG Single-homed Hosts

Add a local VTEP to each MLAG peer for the control plane to advertise singly connected hosts directly behind a specific local VTEP-MLAG peer. Outgoing EVPN route advertisements contain nexthop and router MAC extended community when multi-VTEP MLAG mode is enabled. The following table summarizes the information. For symmetric IRB support, MLAG shared router MAC must be enabled.

Table 2. Route Advertisement
Routes	Single-homed Host	Multi-homed Host
MAC/IP routes (Type-2)	Local VTEP IP / Bridge MAC	MLAG VTEP IP / Shared MLAG Router MAC
IMET routes (Type-3)	MLAG VTEP IP
IP Prefix routes (Type-5)	Local VTEP IP / Bridge MAC

In multi-VTEP MLAG mode, IP prefix routes are advertised independently by each MLAG peer with its own local VTEP IP as nexthop, even when both peers are connected to that route. Additionally, egress VXLAN packets use the appropriate source IP address to match what is advertised by the EVPN control plane.

Displaying EVPN with MLAG Single-home Hosts

The following displays the nexthop address of locally generated EVPN Type-2 and Type-3 routes. The real IP address helps identify the VTEP in use. The nexthop of locally generated EVPN Type-5 routes are displayed as "-". The shared MLAG VTEP IP is 1.1.1.1 and the local VTEP IPs of the two MLAG peers are 1.0.1.1 and 1.0.2.2.

switch# show bgp evpn
BGP routing table information for VRF default
Router identifier 0.0.0.1, local AS number 300
Route status codes: s - suppressed, * - valid, > - active, # - not installed, E - ECMP head, e - ECMP
                    S - Stale, c - Contributing to ECMP, b - backup
                    % - Pending BGP convergence
Origin codes: i - IGP, e - EGP, ? - incomplete
AS Path Attributes: Or-ID - Originator ID, C-LST - Cluster List, LL Nexthop - Link Local Nexthop

Network	Next Hop		Metric	LocPref	Weight	Path
* >	RD: 1.0.1.1:200 mac-ip 52de.3c26.a0b0 10.2.0.2
                1.0.1.1		-		-	    0		i
* >	RD: 1.0.1.1:100 mac-ip 822c.0630.7ef4 10.1.0.2
                1.1.1.1 		-		-	   0		 i
	RD: 1.0.2.2:100 mac-ip 822c.0630.7ef4 10.1.0.2
                1.1.1.1 		-		100	 0		 i
* >	RD: 1.0.2.2:200 mac-ip 8650.1ecc.3595 10.2.0.3
                1.0.2.2 		-		100	  0		i
* >	RD: 1.0.1.1:100 imet 1.1.1.1
                1.1.1.1 		-		-	    0		i
* >	RD: 1.0.1.1:200 imet 1.1.1.1
                1.1.1.1 		-		-	     0	      i
* >	RD: 31000:300 ip-prefix 10.1.0.0/16
                -	 		-		-	    0		i
* 	RD: 31000:300 ip-prefix 10.1.0.0/16
                1.0.2.2	 	-		100         0		i

Configuration Considerations

The MLAG VTEP IP advertises BUM traffic. VXLAN flooded packets may be seen on the peer-link.
The singly connected interfaces or non-MLAG interfaces must be placed in an exclusive VLAN with an MLAG interface as a member.
Enable the MLAG shared router MAC to support symmetric IRB.
For an EVPN Type-5 setup, the VRF to VNI mapping must be configured on both VTEPs of the MLAG pair.
For an EVPN Type-5 setup as well as EVPN symmetric IRB setup, the VRF to VNI mapping must be configured identically across all the VTEPs in the network. The same VRF must be mapped to the same value of VNI on all the VTEPs that participate in the EVPN network.

Configuring MLAG Layer 2 Subinterfaces

To configure an MLAG L2 subinterface, first configure an MLAG interface and then add an L2 subinterface to the interface on both peers. After configuration, an MLAG subinterface automatically inherits the MLAG ID of the parent interface to generate a unique MLAG ID.

For example, if configuring Port-Channel10 as MLAG 11, the subinterface has an MLAG ID 11.1 as an implicit configuration.

When configuring an L2 subinterface, the parent interface must be a routed port. This does not comply with MLAG protocols, as the MLAG interface must not be a routed port. An interface with the parameters mlag 10 and no switchport becomes ignored as an MLAG interface until you create L2 subinterfaces on that interface.

Example Configuration

The following commands add an MLAG L2 subinterface to switch1 and switch2:

switch1# conf
switch1(config)# interface ethernet 3-4
switch1(config-if-et3-4)# channel-group 10 mode active
switch1(config-if-et3-4)# interface port-channel 10
switch1(config-if-po10)# mlag 10
switch1(config-if-po10)# no switchport
switch1(config-if-po10)# interface port-channel 10.1
switch1(config-if-po10.1)# encapsulation dot1q vlan 10
switch1(config-if-po10.1)# vlan id 100
switch1(config-if-po10.1)# exit
switch1(config)#

switch2# conf
switch2(config)# interface ethernet 9-10
switch2(config-if-et9-10)# channel-group 10 mode active
switch2(config-if-et9-10)# interface port-channel 10
switch2(config-if-po10)# mlag 10
switch2(config-if-po10)# no switchport
switch2(config-if-po10)# interface port-channel 10.1
switch2(config-if-po10.1)# encapsulation dot1q vlan 10
switch2(config-if-po10.1)# vlan id 100
switch2(config-if-po10.1)# exit
switch2(config)#

To display information about MLAG L2 subinterfaces configured on a switch, use the show mlag subinterfaces command:

switch# show mlag subinterfaces
MLAG       Desc        Local Sub-Interface    Local Status
---------- ---------- ---------------------  -------------
10.1                           Po10.1             up
10.2                           Po10.2             up
10.3                           Po10.3             up
10.4                           Po10.4             up

If you have an MLAG interface with a routed port, but no subinterfaces configured, you may see output similar to the following:

switch(config)# show mlag interfaces
            
mlag       desc                 state       local       remote          status
---------- ---------- --------------------- ----------- ------------ ------------
10                             active-full       Po10         Po10           up/up
11                       disabled-ignored      Po11            -               -
12                             active-full       Po12         Po12           up/up

MLAG interface 11 has a routed port but no subinterfaces configured and returns the state disabled-ignored.

Use the show mlag config-sanity command to verify that subinterfaces for an MLAG have a consistent configuration between both peers:

switch# show mlag config-sanity
Interface configuration inconsistencies:
        
        
Feature        Attribute                                    Interfaces  Local       Peer
—-----------  —-------------------------------------------- —---------  —-----      —---- 
subinterface  subintf-vlan mlag1.1                          Po1.1       11          10
subinterface  dot1q-encapsulation outer-inner vlan mlag1.1  Po1.1       15,100      14,100
subinterface  subintf-vlan mlag1.2                          Po1.2       -           1
subinterface  dot1q-encapsulation outer-inner vlan mlag1.2  Po1.2       5,-         -,5
subinterface  flex-encap ~ client outer-inner mlag1.2       Po1.2       5(dot1q),-  -,5(dot1q)
subinterface  flex-encap ~ network outer-inner mlag1.2      Po1.2       Client      -

Configuring Forced Periodic ARP and NDP Refresh

To enable Forced Periodic ARP Refresh on an IPv4 network, use the following command:

switch(config-if-Et1)# arp aging refresh always

To enable Forced Periodic NDP Refresh on an IPv6 network, use the following command:

switch(config-if-Et1)# ipv6 nd cache refresh always

To disable the feature, use the following command with no or default prefix:

switch(config-if-Et1)# no arp aging refresh always

switch(config-if-Et1)# no ipv6 nd cache refresh always

MLAG Implementation Example

This example creates an MLAG Domain, then configures MLAG connections between the peer switches and four Network Attached Devices (NADs). The MLAG switches connect through a LAG and communicate with the NADs through MLAGs. Although the NADs can be any device that supports LACP LAGs, the devices in this example are Arista switches.

Topology

Figure 3 displays the MLAG topology. Switch 1 and Switch 2 are MLAG peers that logically represent a single Layer 2 switch. The peer link between the switches contains the following interfaces:

Switch 1: ethernet 47, ethernet 48
Switch 2: ethernet 23, ethernet 24

The example configures MLAGs from the MLAG Domain to four network attached devices (NAD-1, NAD-2, NAD-3, NAD-4).

Configuring the Peer Switch Connections

To configure the switches in the described topology, perform the tasks in these sections:

Configuring the Peer Switch Port Channels
Configuring the Peer Switch SVIs
Configuring the Peer Links

Configuring the Peer Switch Port Channels

These commands create the port channels the switches use to establish the peer link.

These commands create port channels on Switch1

switch1(config)# interface ethernet 47-48
switch1(config-if-et47-48)# channel-group 101 mode active
switch1(config-if-et47-48)# interface port-channel 101
switch1(config-if-po101)# switchport mode trunk
switch1(config-if-po101)# switchport trunk group peertrunk
switch1(config-if-po101)# exit
switch1(config)#

These commands create port channels on Switch2

switch2(config)# interface ethernet 23-24
switch2(config-if-et23-24)# channel-group 201 mode active
switch2(config-if-et23-24)# interface port-channel 201
switch2(config-if-po201)# switchport mode trunk
switch2(config-if-po201)# switchport trunk group peertrunk
switch2(config-if-po201)# exit
switch2(config)#

Configuring the Peer Switch SVIs

For each peer switch, these commands create an SVI and associate it to the trunk group assigned to the peer link port channel. STP is disabled on the VLAN.

These commands configure the SVI on Switch1

switch1(config)# vlan 4094
switch1(config-vlan-4094)# trunk group peertrunk
switch1(config-vlan-4094)# interface vlan 4094
switch1(config-if-vl4094)# ip address 172.17.0.1/30
switch1(config-if-vl4094)# no autostate
switch1(config-if-vl4094)# exit
switch1(config)# no spanning-tree vlan-id 4094
switch1(config)#

These commands configure the SVI on Switch2

switch2(config)# vlan 4094
switch2(config-vlan-4094)# trunk group trunkpeer
switch2(config-vlan-4094)# interface vlan 4094
switch2(config-if-vl4094)# ip address 172.17.0.2/30
switch2(config-if-vl4094)# no autostate
switch2(config-if-vl4094)# exit
switch2(config)# no spanning-tree vlan-id 4094
switch2(config)#

Configuring the Peer Links

These commands create the peer links on each MLAG switch.

These commands create peer links on Switch1

switch1(config)# mlag configuration            
switch1(config-mlag)# local-interface vlan 4094          
switch1(config-mlag)# peer-address 172.17.0.2      
switch1(config-mlag)# peer-link port-channel 101            
switch1(config-mlag)# domain-id mlag_01               
switch1(config-mlag)# heartbeat-interval 2500            
switch1(config-mlag)# reload-delay 150             
switch1(config-mlag)# exit            
switch2(config)#

These commands create peer links on Switch2

switch2(config)# mlag configuration       
switch2(config-mlag)# local-interface vlan 4094           
switch2(config-mlag)# peer-address 172.17.0.1           
switch2(config-mlag)# peer-link port-channel 201                 
switch2(config-mlag)# domain-id mlag_01            
switch2(config-mlag)# heartbeat-interval 2500          
switch2(config-mlag)# reload-delay 150       
switch2(config-mlag)# exit            
switch2(config)#

Configuring Peer Switch MLAGs

These commands create the MLAGs that connect the MLAG domain to the network attached devices.

These commands configure MLAG 1 on Switch1

switch1(config)# interface ethernet 17-18
switch1(config-if-et17-18)# channel-group 1 mode active
switch1(config-if-et17-18)# interface port-channel 1
switch1(config-if-po1)# mlag 1
switch1(config-if-po1)# exit
switch1(config)#

These commands configure MLAG 1 on Switch2

switch2(config)# interface ethernet 1-2
switch2(config-if-et1-2)# channel-group 1 mode active
switch2(config-if-et1-2)# interface port-channel 1
switch2(config-if-po1)# mlag 1
switch2(config-if-po1)# exit
switch2(config)#

These commands configure MLAG 2 on Switch1

switch1(config)# interface ethernet 19-20
switch1(config-if-et19-20)# channel-group 2 mode active
switch1(config-if-et19-20)# interface port-channel 2
switch1(config-if-po2)# mlag 2
switch1(config-if-po2)# exit
switch1(config)#

These commands configure MLAG 2 on Switch2

switch2(config)# interface ethernet 3-4
switch2(config-if-et3-4)# channel-group 2 mode active
switch2(config-if-et3-4)# interface port-channel 2
switch2(config-if-po2)# mlag 2
switch2(config-if-po2)# exit
switch2(config)#

These commands configure MLAG 3 on Switch1

switch1(config)#  interface ethernet 23
switch1(config-if-et23)# channel-group 3 mode active
switch1(config-if-et23)# interface port-channel 3
switch1(config-if-po3)# mlag 3
switch1(config-if-po3)# exit
switch1(config)#

These commands configure MLAG 3 on Switch2

switch2(config)# interface ethernet 7
switch2(config-if-et7)# channel-group 3 mode active
switch2(config-if-et7)# interface port-channel 3
switch2(config-if-po3)# mlag 3
switch2(config-if-po3)# exit
switch2(config)#

These commands configure MLAG 4 on Switch1

switch1(config)# interface ethernet 25
switch1(config-if-et25)# channel-group 4 mode active
switch1(config-if-et25)# interface port-channel 4
switch1(config-if-po4)# mlag 4
switch1(config-if-po4)# exit
switch1(config)#

These commands configure MLAG 4 on Switch2

switch2(config)# interface ethernet 9
switch2(config-if-et9)# channel-group 4 mode active
switch2(config-if-et9)# interface port-channel 4
switch2(config-if-po4)# mlag 4
switch2(config-if-po4)# exit
switch2(config)#

Configuring the Network Attached Devices

These commands create the LAGs on the Network Attached Devices that connect to the MLAG domain.

These commands configure the port channels on NAD-1

NAD-1(config)# interface ethernet 7-10
NAD-1(config-if-Et7-10)# channel-group 1 mode active
NAD-1(config-if-Et7-10)# exit
NAD-1(config)#

These commands configure the port channels on NAD-2

NAD-2(config)# interface ethernet 25-28
NAD-2(config-if-Et25-28)# channel-group 7 mode active
NAD-2(config-if-Et25-28)# exit
NAD-2(config)#

These commands configure the port channels on NAD-3

NAD-3(config)# interface ethernet 3-4
NAD-3(config-if-Et3-4)# channel-group 5 mode active
NAD-3(config-if-Et3-4)# exit
NAD-3(config)#

These commands configure the port channels on NAD-4

NAD-4(config)# interface ethernet 1-2
NAD-4(config-if-Et1-2)# channel-group 2 mode active
NAD-4(config-if-Et1-2)# exit
NAD-4(config)#

Verification

The following tasks verify the MLAG peer and connection configuration:

Verify the Peer Switch Connection
Verify the MLAGs
Verify Spanning Tree Protocol (STP)
Verify the MLAG Port Channel
Verify the VLAN Membership

Verify the Peer Switch Connection

To display the MLAG configuration and the MLAG status on switch 1, use the show mlag command:

switch1# show mlag    
MLAG Configuration:
domain-id         :            mlag_01
local-interface   :           Vlan4094
peer-address      :         172.17.0.2
peer-link         :    Port-Channel101

MLAG Status:
state             :             Active
peer-link status  :                 Up
local-int status  :                 Up
system-id         :  02:1c:FF:00:15:38

MLAG Ports:
Disabled          :   0
Configured        :   0
Inactive          :   0
Active-partial    :   0
Active-full       :   4

To display the MLAG configuration and the MLAG status on switch 2, use the show mlag command:

switch2# show mlag
MLAG Configuration:
domain-id         :            mlag_01
local-interface   :           Vlan4094
peer-address      :         172.17.0.1
peer-link         :    Port-Channel102

MLAG Status:
state             :             Active
peer-link status  :                 Up
local-int status  :                 Up
system-id         :  02:1c:FF:00:15:41

MLAG Ports:
Disabled          :   0
Configured        :   0
Inactive          :   0
Active-partial    :   0
Active-full       :   4

Verify the MLAGs

The show mlag interfaces command displays MLAG connections between the MLAG switches and the Network Attached Devices.

This show mlag interfaces command displays MLAG connections between the MLAG peer switch 1 and the network attached devices:

switch1# show mlag interfaces
                                                               local/remote
  mlag     desc                   state     local     remote         status
----------------------------------------------------------------------------
     1     sw1.po1          active-full       Po1        Po1          up/up
     2     sw1.po2          active-full       Po2        Po2          up/up
     3     sw1.po3          active-full       Po3        Po3          up/up
     4     sw1.po4          active-full       Po4        Po4          up/up

The following show mlag interfaces command, with the detail option, displays MLAG connections between the MLAG peer switch 1 and the network attached devices.

switch2#show mlag interfaces detail
                               local/remote
mlag       state local remote   oper   config          last change  changes
----------------------------------------------------------------------------
   1 active-full   Po1    Po1  up/up  ena/ena  6 days, 2:08:28 ago        5
   2 active-full   Po2    Po2  up/up  ena/ena  6 days, 2:08:30 ago        5
   3 active-full   Po3    Po3  up/up  ena/ena  6 days, 2:08:33 ago        5
   4 active-full   Po4    Po4  up/up  ena/ena  6 days, 2:08:41 ago        5
switch2#

Verify Spanning Tree Protocol (STP)

STP functions can be displayed from each peer switch. MLAG interfaces are displayed as a single entry. Configured interfaces on each switch that are not included in an MLAG are displayed. Local interfaces have the normal notation; remote interfaces are preceded by P or Peer.

VLAN Output 1: Assume VLAN 3903 includes MLAG 1

switch1# show spanning-tree vlan-id 3903
Spanning tree instance for vlan 3903
VL3903
  Spanning tree enabled protocol rapid-pvst
  Root ID    Priority    36671
             Address     001c.730c.3009
             Cost        1999 (Ext) 0 (Int)
             Port        105 (Port-Channel5)
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

  Bridge ID  Priority    36671  (priority 32768 sys-id-ext 3903)
             Address     021c.7300.1319
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- --------------------
Po1              root       forwarding 1999      128.105  P2p
switch1#

The output displays mlag 1 under its local interface name (Po1). A peer interface is not displayed because spanning tree considers the local and remote Port Channels as a single MLAG interface.

VLAN Output 2: Assume VLAN 3908 does not include any MLAGs

switch1# show spanning-tree vlan-id 3908
Spanning tree instance for vlan 3908
VL3908
  Spanning tree enabled protocol rapid-pvst
  Root ID    Priority    36676
             Address     021c.7300.1319
             This bridge is the root

  Bridge ID  Priority    36676  (priority 32768 sys-id-ext 3908)
             Address     021c.7300.1319
             Hello Time  2.000 sec  Max Age 20 sec  Forward Delay 15 sec

Interface        Role       State      Cost      Prio.Nbr Type
---------------- ---------- ---------- --------- -------- ---------------
Et17             designated forwarding 2000      128.217  P2p
Et18             designated forwarding 2000      128.218  P2p
PEt17            designated forwarding 2000      128.17   P2p
PEt18            designated forwarding 2000      128.18   P2p

The output displays all interfaces from both switches. Each interface is explicitly displayed because they are individual units that STP must consider when selecting ports to block.

Et17 and Et18 are located on the switch where the show spanning-tree command is issued.
PEt17 and PEt18 are located on the remote switch from where the command was issued

An identical command issued on the peer switch displays similar information.

Verify the MLAG does not create topology loops (show spanning-tree blocked)

switch1# show spanning-tree blocked
Name       Blocked Interfaces List
------------------------------------------------------

Number of blocked ports (segments) in the system : 0
switch1#

Verify the MLAG Port Channel

Issue the command show port-channel for channels 1-4 from switch 1:

switch# show port-channel 1-4
Port Channel Port-Channel1:
  Active Ports: Ethernet17     Ethernet18     PeerEthernet1 PeerEthernet2
Port Channel Port-Channel2:
  Active Ports: Ethernet19     Ethernet20     Ethernet21     Ethernet22
                PeerEthernet3 PeerEthernet4 PeerEthernet5 PeerEthernet6
Port Channel Port-Channel3:
  Active Ports: Ethernet23     Ethernet24     PeerEthernet7 PeerEthernet8
Port Channel Port-Channel4:
  Active Ports: Ethernet25     Ethernet26     PeerEthernet9 PeerEthernet10

Issue the command show port-channel load-balance fields detailed command for channel 1 from switch 2:

switch2# show port-channel 1 detailed
Port Channel Port-Channel1:
  Active Ports:
       Port                Time became active       Protocol    Mode
    -----------------------------------------------------------------------
       Ethernet17          7/7/11 15:27:36          LACP        Active
       Ethernet18          7/7/11 15:27:36          LACP        Active
       PeerEthernet1       7/7/11 15:27:36          LACP        Active
       PeerEthernet2       7/7/11 15:27:36          LACP        Active

Verify the VLAN Membership

The show vlancommand displays VLAN member ports, including MLAG ports and ports on each peer not bundled in an MLAG.

Switch1# show vlan 3903, 3908
VLAN  Name                             Status    Ports
----- -------------------------------- --------- -------------------------------
3903  ar.mg.rn.172.17.254.16/29        active    Cpu, Po1
3908  po.ra.ar.mg.172.17.254.64/29     active    Cpu, Et17, Et18, PEt17, PEt18

MLAG Commands

Global MLAG Commands

mlag configuration (global configuration)

MLAG Interface Configuration Commands

mlag (port-channel interface configuration)

MLAG Configuration Commands

arp aging refresh always
domain-id
dual-primary detection delay
dual-primary recovery delay
heartbeat-interval (MLAG)
local-interface
ipv6 nd cache refresh always
peer-address
peer-address heartbeat
peer-link
reload-delay mlag
reload-delay mode
reload-delay non-mlag
shutdown (MLAG)

Display Commands

show mlag
show mlag config-sanity
show mlag interfaces
show mlag interfaces members
show mlag subinterfaces
show mlag interfaces states
show mlag issu warnings

arp aging refresh always

The arp aging refresh always command enables the switch to send forced periodic ARP requests for an MLAG configuration in an IPv4 network. This may be necessary to prevent the VMAC from aging out on downstream switches. Using the no or default disables the feature.

Command Mode

Interface Configuration Mode

Command Syntax

arp aging refresh always

no arp aging refresh always

default arp aging refresh always

Example

Use the following command to enable Forced Periodic ARP requests on the switch:

switch(config-if-Et1)#arp aging refresh always

domain-id

The domain-id command specifies a name for the Multi-chassis Link AGgregation (MLAG) domain.

The no domain-id and default domain-id commands remove the MLAG domain name by deleting the domain-id statement from running-config.

Command Mode

MLAG Configuration

Command Syntax

domain-id identifier

no domain-id

default domain-id

Parameter

identifier alphanumeric string that names the MLAG domain.

Example

This command names the MLAG domain mlag1.

switch(config)# mlag
switch(config-mlag)# domain-id mlag1
switch(config-mlag)#

dual-primary detection delay

Use the dual-primary detection delay command to configure a dual primary detection delay with an optional action to errdisable all interfaces on secondary MLAG peer after a dual primary condition is detected.

Command Mode

MLAG configuration mode

Command Syntax

dual-primary detection delay seconds [action erridisable all-interfaces]

no dual-primary detection delay seconds [action erridisable all-interfaces]

default dual-primary detection delay seconds [action erridisable all-interfaces]

Parameters

seconds Dual primary detection delay in seconds.
actionSpecifies the action when dual-primary is detected.
erridisableErrdisable interfaces.
all-interfaces Disables all Ethernet interfaces except the peer-link.

Examples

In this example, the command errdisables all physical interfaces on secondary MLAG peer when dual primary condition is detected.
```
switch(config-mlag)# dual-primary detection delay 5 action errdisable all-interfaces
```
Both MLAG peers must have equivalent configurations.
The following command removes the Dual Primary Detection feature. You must unconfigure both MLAG peers.
```
switch(config-mlag)# no dual-primary detection
```

dual-primary recovery delay

Use the dual-primary recovery delay command to configure dual-primary detection recovery-delay for MLAG interfaces and non-MLAG interfaces. Negating the configurations or configuring default values makes both recovery delay values reset back to 0. The non-MLAG delay must always be less than the MLAG delay so you have more time for L3 convergence before enabling MLAG interfaces.

Command Mode

MLAG configuration mode

Command Syntax

dual-primary recovery delay mlag seconds non-mlag seconds

no dual-primary recovery delay mlag seconds non-mlag seconds

default dual-primary recovery delay mlag seconds non-mlag seconds

Parameters

mlag seconds Delay in seconds after dual-primary detection resolves until non peer-link ports that are part of an MLAG are enabled. Range 0 - 1000 seconds. A suggested value for MLAG is 60 seconds. These values can be adjusted depending on the network scale.
non-mlag seconds Delay in seconds after dual-primary detection resolves until ports that are not part of an MLAG are enabled. Range 0 - 1000 seconds. A suggested value for non-MLAG is 0 seconds. These values can be adjusted depending on the network scale.

Example

switch(config)# mlag
switch(config-mlag)# dual-primary recovery delay mlag 60 non-mlag 0

heartbeat-interval (MLAG)

The heartbeat-interval command configures the interval at which heartbeat messages are issued in a Multi-chassis Link AGgregation (MLAG) configuration.

The no heartbeat-interval and default heartbeat-interval commands revert the heartbeat interval to the default setting by removing the heartbeat-interval command from running-config.

Command Mode

MLAG Configuration

Command Syntax

heartbeat-interval period

no heartbeat-interval

default heartbeat-interval

Parameters

period Interval duration in milliseconds. Value ranges from 1000 through 30000 milliseconds. Default interval is 4000 milliseconds.

Guidelines

Heartbeat messages flow independently in both directions between the MLAG peers. If a peer stops receiving heartbeat messages within the expected time frame (30 seconds), the other peer can assume it no longer functions and without intervention or repair, the MLAG becomes disabled. Both switches revert to their independent state.

Note: On 7500 and 7500E Series Switches, Arista recommends setting the heartbeat interval to 10 seconds.

Example

This command configures the heartbeat interval to 15000 milliseconds:

switch(config)# mlag
switch(config-mlag)# heartbeat-interval 15000
switch(config-mlag)#

ipv6 nd cache refresh always

The ipv6 nd cache refresh always command enables the switch to send forced periodic ARP requests for an MLAG configuration in an IPv6 network. This may be necessary to prevent the VMAC from aging out on downstream switches. Using the no or default disables the feature.

Command Mode

Interface Configuration Mode

Command Syntax

ipv6 nd cache refresh always

no ipv6 nd cache refresh always

default ipv6 nd cache refresh always

Example

Use the following command to enable Forced Periodic ARP requests on the switch:

switch(config-if-Et1)# ipv6 nd cache refresh alwayss

local-interface

The local-interface command assigns a VLAN interface for use in Multi-chassis Link AGgregation (MLAG) configurations. The VLAN interface is used for both directions of communication between the MLAG peers.

The no local-interface and default local-interface commands delete the VLAN interface assignment by removing the local-interface command from running-config.

Command Mode

MLAG Configuration

Command Syntax

local-interface vlan vlan_number

no local-interface

default local-interface

Parameter

vlan_number VLAN number, in the range from 1 through 4094.

Guidelines

When configuring the local interface, the VLAN interface must exist already. To configure a VLAN interface, issue the command interface vlan.

Example

This command assigns VLAN 4094 as the local interface.

switch(config)# mlag
switch(config-mlag)# local-interface vlan 4094
switch(config-mlag)#

mlag (port-channel interface configuration)

The mlag command assigns an MLAG ID to a port-channel. MLAG peer switches form an MLAG when each switch configures the same MLAG ID to a port-channel interface. Only one MLAG ID can be assigned to an interface. An individual MLAG number cannot be assigned to more than one interface.

The no mlag and default mlag commands remove the MLAG ID assignment from the configuration mode interface by deleting the corresponding mlag command from running-config.

Command Mode

Interface-Port Channel Configuration

Command Syntax

mlag number

no mlag

default mlag

Parameter

number Number used as MLAG ID. Value ranges from 1 to 2000.

Example

These commands configures a port channel and assigns it mlag 4.

switch(config)# interface ethernet 5-10
switch(config-if-Et5-10)# channel-group 1 mode active
switch(config-if-Et5-10)# interface port-channel 4
switch(config-if-Po4)# switchport trunk group group4
switch(config-if-Po4)# mlag 4
switch(config-if-Po4)# exit
switch(config)#

peer-address

The peer-address command specifies the peer IPv4 address for a Multi-chassis Link AGgregation (MLAG) domain. MLAG control traffic, including keepalive messages, is sent to the peer IPv4 address. If the peer IPv4 address is unreachable, then MLAG peering fails and both peer switches revert to their independent state.

The no peer-address and default peer-address commands remove the MLAG peer’s IPv4 address assignment by deleting the peer-address command from running-config.

Command Mode

MLAG Configuration

Command Syntax

peer-address ipv4_addr

no peer-address

default peer-address

Parameter

ipv4_addr MLAG peer IPv4 address.

Example

These commands configure the MLAG peer address.

switch(config)# mlag
switch(config-mlag)# peer-address 10.0.0.2
switch(config-mlag)#

peer-address heartbeat

The peer-address heartbeat command causes the MLAG agent to start using Peer-IP address in the given VRF for UDP-based heartbeat control messages.

To enable MLAG dual primary detection feature, the command must be configured on both MLAG peers in the MLAG configuration mode.

Note:The command supports both IPv4 and IPv6 addresses.

Command Mode

MLAG configuration mode

Command Syntax

peer-address heartbeat [Peer-IPv4 | Peer-IPv6] [vrf vrf_name]

no peer-address heartbeat [Peer-IPv4 | Peer-IPv6] [vrf vrf_name]

default peer-address heartbeat [Peer-IPv4 | Peer-IPv6] [vrf vrf_name]

Parameters

Peer-IP The Management IP address of the MLAG peer reachable in the VRF VRF-NAME (or default VRF if there is no VRF configured).
vrf vrf_name Named VRF.

Examples

switch(config)# mlag
switch(config-mlag)# peer-address heartbeat 172.30.118.190

This example removes the feature.

switch(config-mlag)# no peer-address heartbeat

peer-link

The peer-link command specifies the interface that connects Multi-chassis Link AGgregation (MLAG) peers. To form an MLAG, two switches are connected through an interface called a peer link. The peer link carries control and data traffic between the two switches. Control traffic includes MLAG-related advertisements and keepalive messages. This information keeps the two switches working as one.

The no peer-link and default peer-link command remove the peer link by deleting the peer-link command from running-config.

Command Mode

MLAG Configuration

Command Syntax

peer-link INT_NAME

no peer-link

default peer-link

Parameters

INT_NAME denotes the interface type and number of the interface. Values include:

ethernet e_num Ethernet interface range specified by e_num.
port-channel p_num Channel group interface range specified by p_num.

Example

These commands creates a peer link.

switch(config)# mlag configuration
switch(config-mlag)# peer-link port-channel 10
switch(config-mlag)

mlag configuration (global configuration)

The mlag configuration command enters MLAG configuration mode to configure Multi-chassis Link AGgregation (MLAG) features. MLAG configuration mode is not a group change mode; running-config is changed immediately after commands are executed. The exit command does not affect the configuration.

The no mlag configuration and default mlag configuration commands remove all MLAG configuration commands from running-config.

The exit command returns the switch to global configuration mode.

Command Mode

Global Configuration

Command Syntax

mlag configuration

no mlag configuration

default mlag configuration

mlag and mlag configuration are identical commands.

Guidelines

An MLAG is formed by connecting two switches through an interface called a peer link. The peer link carries control and data traffic between the switches, including advertisements and keepalive messages. This information coordinates the switches. Functioning peers are in the active state.

Each peer switch uses IP-level connectivity between their local addresses and the MLAG peer IP address to form and maintain the peer link.

Commands Available in MLAG Configuration Mode

domain-id
heartbeat-interval (MLAG)
local-interface
peer-address
peer-link
reload-delay mlag
shutdown (MLAG)

Example

These commands enter MLAG configuration mode and configure MLAG parameters:

switch(config)# mlag
switch(config-mlag)# local-interface vlan 4094
switch(config-mlag)# peer-address 10.0.0.2
switch(config-mlag)# peer-link port-channel 10
switch(config-mlag)# domain-id mlagDomain
switch(config-mlag)# heartbeat-interval 2500
switch(config-mlag)# reload-delay 2000
switch(config-mlag)# exit
switch(config)#

reload-delay mlag

The reload-delay mlag command configures the reload delay period for MLAG links. The command also specifies the reload delay period for non-MLAG links when the reload-delay non-mlag command is not configured.

Each Arista switch defaults to the recommended reload-delay value, which varies by switch platform:

Fixed configuration switches: 300 seconds
Trident II modular switches: 1200 seconds
- 7304
- 7308
- 7316
- 7300X series
Sand platform fixed configuration switches: 600 seconds
- 7280 series (except 7280CR2 and 7280SR2)
- 7020 series
Sand platform modular switches: 1800 seconds
- 7504
- 7508
- 7500E series
- 7548S
Sand Jericho+ fixed configuration switches: 900 seconds
- 7280CR2 series
- 7280SR2 series

The no reload-delay mlag and default reload-delay mlag commands restore the default value by deleting the reload-delay mlag statement from running-config.

Command Mode

MLAG Configuration

Command Syntax

reload-delay [mlag] PERIOD

no reload-delay [mlag]

default reload-delay [mlag]

Parameters

PERIOD Period that non-peer links are disabled after an MLAG peer reboots. Options include:
- infinity link is not enabled after reboot.
- 0 to 86400 disabled link interval (seconds). Default varies by switch platform as described above.

Guidelines

The reload-delay and reload-delay mlag commands are equivalent.

Example

These commands configure the reload-delay interval to 15 minutes.

switch(config)# mlag configuration
switch(config-mlag)# reload-delay mlag 900
switch(config-mlag)#

reload-delay mode

The reload-delay mode command specifies the state of LACP LAG ports during the MLAG reload delay period. By default, MLAG ports remain in the errdisabled state during reload delay. This command configures MLAG ports to come up to standby mode before the expiration of the reload delay period.

The no reload-delay mode and default reload-delay mode commands restore the default behavior of MLAG ports by deleting the reload-delay mode statement from running-config. The default behavior is for the MLAG ports to remain in the errdisabled state until the expiration of the reload delay period

Command Mode

MLAG Configuration

Command Syntax

reload-delay mode lacp standby

no reload-delay mode

default reload-delay mode

Related Commands

reload-delay mlag configures the MLAG reload delay period.

Example

These commands configure the MLAG port to come up to standby state before the end of the reload delay period.

switch(config)# mlag configuration
switch(config-mlag)# reload-delay mode lacp standby
switch(config-mlag)#

reload-delay non-mlag

The reload-delay non-mlag command specifies the period that non-MLAG links are disabled after an MLAG peer reboots. This interval allows non peer links to learn multicast and OSPF states before the ports start handling traffic. The recommended minimum value required to ensure the forwarding hardware is initialized with the topology state depends on the switch platform:

Fixed configuration switches: 300 seconds (five minutes.)
Sand platform fixed configuration switches (7020 and 7280 series (except 7280CR2 and 7280SR2)): 600 seconds (ten minutes.)
Modular switches: 1200 seconds (twenty minutes.)

When the reload-delay non-mlag command is not configured, the reload-delay mlag command specifies the reload delay time for non-MLAG and MLAG links.

The no reload-delay non-mlag and default reload-delay non-mlag command restores the default behavior by deleting the reload-delay non-mlag statement from running-config.

Command Mode

MLAG Configuration

Command Syntax

reload-delay non-mlag PERIOD

no reload-delay non-mlag

default reload-delay non-mlag

Parameters

PERIOD Period that non-MLAG links are disabled after an MLAG peer reboots. Options include:

infinity links are not enabled after reboot.
0 to 86400 disabled link interval (seconds). Values range from 0 to 86400 (24 hours).

Example

These commands configure the reload-delay interval of non-MLAG links to 20 minutes.

switch(config)# mlag configuration
switch(config-mlag)# reload-delay non-mlag 1200
switch(config-mlag)#

show mlag

The show mlag command displays information about the Multi-chassis Link AGgregation (MLAG) configuration on bridged Ethernet interfaces.

Command Mode

EXEC

Command Syntax

show mlag [INFO_LEVEL]

Parameters

INFO_LEVEL specifies information displayed by command. Options include:

no parameter command displays MLAG configuration, status, and ports.
detail command displays MLAG configuration, status, ports, and detailed status.

Example

This command displays output from the show mlag command:

switch> show mlag
MLAG Configuration:
domain-id         :         ar.mg.mlag
local-interface   :           Vlan3901
peer-address      :       172.17.254.2
peer-link         :      Port-Channel1

MLAG Status:
state             :             Active
peer-link status  :                 Up
local-int status  :                 Up
system-id         :  02:1c:73:00:13:19

MLAG Ports:
Disabled          :   0
Configured        :   0
Inactive          :   0
Active-partial    :   0
Active-full       :   5
switch>

show mlag config-sanity

The show mlag config-sanity command to ensure MLAG configuration consistency on interfaces and subinterfaces.

Command Mode

EXEC

Command Syntax

show mlag config-sanity

Example

Use the show mlag config-sanity command to display configuration consistency for MLAG subinterfaces:

switch# show mlag config-sanity
Interface configuration inconsistencies:
                    
                    
Feature        Attribute                                    Interfaces  Local       Peer
—-----------  —-------------------------------------------- —---------  —-----      —---- 
subinterface   subintf-vlan mlag1.1                          Po1.1       11          10
subinterface   dot1q-encapsulation outer-inner vlan mlag1.1  Po1.1       15,100      14,100
subinterface   subintf-vlan mlag1.2                          Po1.2       -           1
subinterface   dot1q-encapsulation outer-inner vlan mlag1.2  Po1.2       5,-         -,5
subinterface   flex-encap ~ client outer-inner mlag1.2       Po1.2       5(dot1q),-  -,5(dot1q)
subinterface   flex-encap ~ network outer-inner mlag1.2      Po1.2       Client      -

show mlag interfaces members

The show mlag interfaces members command displays information about the Multi-chassis Link AGgregation (MLAG) members on bridged Ethernet interfaces.

Command Mode

EXEC

Command Syntax

show mlag interfaces members

Example

This command displays the MLAG interface members.

switch# show mlag interface members
Mlag4 is Port-Channel4
  Active Ports: Ethernet3 PeerEthernet3
Mlag5 is Port-Channel5
  Active Ports: Ethernet14
Mlag7 is Port-Channel7
  Active Ports: Ethernet5 PeerEthernet5
Mlag8 is Port-Channel8
  Active Ports: Ethernet10 PeerEthernet10
Mlag9 is Port-Channel9
  Active Ports: Ethernet15 Ethernet21 PeerEthernet19 PeerEthernet20
Mlag10 is Port-Channel10
  Active Ports: Ethernet19 Ethernet20 PeerEthernet21 PeerEthernet22
switch#

show mlag interfaces states

The show mlag interfaces states command displays information about the Multi-chassis Link AGgregation (MLAG) states on bridged Ethernet interfaces.

Command Mode

EXEC

Command Syntax

show mlag interfaces [MLAGS] states [ STATE_NAMES][INFO_LEVEL]

Parameters

MLAGS MLAG channels for which command displays data. Options include:
- no parameter command displays data for all MLAGs.
- mlag_id specifies MLAG for which command displays data. Value ranges from 1 to 2000.
STATE_NAMES MLAG channels for which command displays data. Parameter may specify more than one name, which can be listed in any order. Valid state names include:
- active-full includes active-full interfaces.
- active-partial includes active-partial interfaces.
- configured includes configured interfaces.
- disabled includes disabled interfaces.
- inactive includes inactive interfaces.
INFO_LEVEL specifies information displayed by command. Options include:
- no parameter command displays basic MLAG interface parameters.
- detail command displays detailed MLAG interface state parameters.

Example

This command displays the MLAG interface states that are active-full.

switch# show mlag interfaces states active-full
                                                                   local/remote
  mlag     desc                       state     local     remote         status
-------- -------------------- --------------- --------- ---------- ------------
     4     b.po1                active-full       Po4        Po4          up/up
     7     ar.mg.au.po1         active-full       Po7        Po7          up/up
     8     co.po1               active-full       Po8        Po8          up/up
     9     k.po5                active-full       Po9        Po9          up/up
    10     ar.mg.pt.ir.po10     active-full      Po10       Po10          up/up
switch#

show mlag interfaces

The show mlag interfaces command displays information about the Multi-chassis Link AGgregation (MLAG) configuration on bridged Ethernet interfaces.

Command Mode

EXEC

Command Syntax

show mlag interfaces [MLAGS][INFO_LEVEL]

Parameters

MLAGS MLAG channels for which command displays data. Options include:
- no parameter command displays data for all MLAGs.
- mlag_id specifies MLAG for which command displays data. Value ranges from 1 to 2000.
INFO_LEVEL specifies information displayed by command. Options include:
- no parameter command displays basic MLAG interface parameters.
- detail command displays detailed MLAG interface parameters.

Example

This command displays output from the show mlag interfaces detail command:

switch> show mlag interfaces detail
                                local/remote
mlag       state local remote   oper   config          last change  changes
----------------------------------------------------------------------------
   4 active-full   Po4    Po4  up/up  ena/ena  6 days, 1:19:26 ago        5
   5 active-full   Po5    Po5  up/up  ena/ena  6 days, 1:19:24 ago        5
   6 active-full   Po6    Po6  up/up  ena/ena  6 days, 1:19:23 ago        5
   7 active-full   Po7    Po7  up/up  ena/ena  6 days, 1:19:23 ago        5

show mlag issu warnings

The show mlag issu warnings command displays a warning message regarding the backward-compatibility of this feature before you upgrade.

Command Mode

EXEC

Command Syntax

show mlag issu warnings

Example

This command displays the MLAG backward-compatibility warning message. Refer to the MLAG ISSU Compatibility Matrix for details about upgrading the configuration.

switch# show mlag issu warnings
Please use the MLAG ISSU Compatibility Check tool at https://www.arista.com/en/support/mlag-portal to verify ISSU compatibility.
If you are performing an upgrade, and the Release Notes for the new version of EOS indicate that MLAG is not backwards-compatible 
with the currently installed version (4.28.8.1M), the upgrade will result in packet loss.

Stp is not restartable. Topology changes will occur during the upgrade
process.

switch#

show mlag subinterfaces

The show mlag subinterfaces command displays information about MLAG Layer 2 subinterfaces configured on a switch.

Command Mode

EXEC

Command Syntax

show mlag subinterfaces

Parameters

1_2048 - Specify the MLAG interface ID.

Example

To display information about MLAG L2 subinterfaces configured on a switch, use the show mlag subinterfaces command:

switch# show mlag subinterfaces
MLAG       Desc        Local Sub-Interface    Local Status
---------- ---------- ---------------------  -------------
10.1                           Po20.1             up
10.2                           Po20.2             up
10.3                           Po20.3             up
11.1                           Po11.1             up

shutdown (MLAG)

The shutdown command disables MLAG on the switch without modifying the MLAG configuration.

The no shutdown and default shutdown commands re-enable MLAG by removing the shutdown command from running-config.

Command Mode

MLAG Configuration

Command Syntax

shutdown

no shutdown

default shutdown

Example

These commands disable MLAG on the switch.

switch(config)# mlag configuration
switch(config-mlag)# shutdown
switch(config-mlag)#

Upgrades and Downgrades

This chapter describes the procedures for upgrading or downgrading the switch software.

This chapter contains these sections:

Upgrade/Downgrade Overview

Upgrading or downgrading the Arista Extensible Operating System (EOS) is accomplished by replacing the EOS image and reloading the switch. It may be possible to minimize (or virtually eliminate) downtime and packet loss during an upgrade, depending on the switch model and the software change being made. There are two upgrade methods for the EOS:

Smart System Upgrade: SSU significantly decreases downtime and packet loss during upgrades. SSU is available on selected platforms and is ideal for leaf switches and other non-redundant deployments.

Standard Upgrades and Downgrades: In cases where an accelerated upgrade is not needed or an option (such as software downgrades and on unsupported platforms), performing a standard upgrade or downgrade using the steps described here will minimize downtime and packet loss.

Note: To upgrade the software on switches participating in an MLAG, see Upgrading MLAG Peers.

Smart System Upgrade

Smart System Upgrade (SSU) dramatically speeds up system upgrades and minimizes network disruptions with:

Faster Reloads: SSU streamlines and optimizes the upgrade process, significantly reducing the reload time.
Uninterrupted Connections: Even while the system reboots, SSU keeps your network connections active by sending LACP PDUs. These PDUs are essential signals that maintain port channels, ensuring your devices stay connected.
Minimal Traffic Loss: SSU uses protocols that support "graceful restart," allowing network services to restart without dropping connections, preventing interruptions to your data flow.

Features capable of hitless restart under SSU include:

QinQ
802.3ad Link Aggregation/LACP
802.3x Flow Control
BGP (you must enable BGP graceful restart; refer to Configuring BGP.)
MP-BGP (you must enableBGP graceful restart; refer to Configuring BGP.)
128-way Equal Cost Multipath Routing (ECMP)
VRF
Route Maps
L2 MTU
QoS

Note: SSU and VRRP are not compatible. Use a different upgrade method if you have VRRP configured on the switch.

Upgrading the EOS image with Smart System Upgrade

Using SSU to upgrade the active EOS image requires a five-step process:

Preparing the Switch for SSU.
Transfer the Image File for SSU. Not required if the desired file already exists on the switch
Modify boot-config.
Start the SSU Process.
Verify Success of the Upgrade.

Preparing the Switch for SSU

To prepare the switch for SSU, take the following steps:

Note: Configuring BGP graceful restart resets BGP sessions. If configuring BGP graceful restart as part of the SSU process, ensure that BGP sessions are stable and all BGP routing information has been learned and advertised before proceeding with SSU.

Backing Up Critical Software

Before upgrading the EOS image, ensure copies of the currently running EOS version and the running-config file are available in case of corruption during the upgrade process. To copy the running-config file, use the copy running-config command. In this example, the system copies the running-config contents to a file on the switch flash drive.

switch# copy running-config flash:/cfg_06162014
Copy completed successfully.
switch#

Making Room on the Flash Drive

Determine the size of the new EOS image. Verify enough space exists on the flash drive for two copies of this image, plus a recommended 240MB (if available) for diagnostic information in case of a fatal error. Use the dir command to check the bytes free figure.

switch# dir flash:
Directory of flash:/
-rwx   293168526      Nov 4    22:17   EOS4.11.0.swi
-rwx          36      Nov 8    10:24   boot-config
-rwx       37339      Jun 16   14:18   cfg_06162014

606638080 bytes total (602841088 bytes free)

Verifying Connectivity

Ensure the switch has a management interface configured with an IP address and default gateway. See Assigning a Virtual IP Address to Access the Active Ethernet Management Port and Configuring a Default Route to the Gateway. Confirm network connectivity to the switch using the show interfaces status command and pinging the default gateway.

switch# show interfaces status
Port    Name     Status     Vlan       Duplex   Speed      Type
Et3/1            notconnect   1         auto    auto     1000BASE-T

<-------OUTPUT OMITTED FROM EXAMPLE-------->
Ma1/1            connected   routed     unconf   unconf    Unknown 

switch#ping 1.1.1.10
PING 172.22.26.1 (172.22.26.1) 72(100) bytes of data.
80 bytes from 1.1.1.10: icmp_seq=1 ttl=64 time=0.180 ms
80 bytes from 1.1.1.10: icmp_seq=2 ttl=64 time=0.076 ms
80 bytes from 1.1.1.10: icmp_seq=3 ttl=64 time=0.084 ms
80 bytes from 1.1.1.10: icmp_seq=4 ttl=64 time=0.073 ms
80 bytes from 1.1.1.10: icmp_seq=5 ttl=64 time=0.071 ms

Verifying Configuration

Verify the switch configuration is valid for SSU using the show reload fast-boot command. If parts of the configuration are blocking SSU execution, an error message will be displayed explaining what they are. For SSU to proceed, correct the configuration conflicts before issuing the reload fast-boot command.

switch# show reload fast-boot
switch#'reload fast-boot' cannot proceed due to the following:
  Spanning-tree portfast is not enabled for one or more ports
  Spanning-tree BPDU guard is not enabled for one or more ports
switch#

Note: You can still use the show reload hitless and reload hitless commands, but they have the same effect as the commands shown earlier.

Configuring BGP

For hitless restart of BGP and MP-BGP, BGP graceful restart must first be enabled using the graceful-restart command. The default restart time value (300 seconds) is appropriate for most configurations.

The BGP configuration mode issuing the graceful-restart command determines which BGP connections will restart gracefully.

Note: configuring BGP graceful restart resets BGP sessions. If configuring BGP graceful restart as part of the SSU process, ensure that BGP sessions are stable and all BGP routing information has been learned and advertised before proceeding with SSU.

For all BGP connections, use the graceful-restart command in BGP configuration mode:

switch# config
switch(config)# router bgp 64496
switch(config-router-bgp)# graceful-restart
switch(config-router-bgp)#

For all BGP connections in a specific VRF, use the graceful-restart command in BGP VRF configuration mode:

switch# config
switch(config)# router bgp 64496
switch(config-router-bgp)# vrf purple
switch(config-router-bgp-vrf-purple)# graceful-restart
switch(config-router-bgp-vrf-purple)# exit
switch(config-router-bgp)#

For all BGP connections in a specific BGP address family, use the graceful-restart command in BGP address-family configuration mode:

switch# config
switch(config)# router bgp 64496
switch(config-router-bgp)# address-family ipv6
switch(config-router-bgp-af)# graceful-restart
switch(config-router-bgp-af)# exit
switch(config-router-bgp)#

Transfer the Image File for SSU

The target image must be copied to the file system on the switch, typically onto the flash drive:

Verify that the flash drive has enough space for two copies of the image plus an optional 240MB for diagnostic information.
Use the copy command to copy the image to the flash drive.
Confirm that the system transferred the new image file correctly.

The following command examples illustrate transferring an image file from various locations to the flash drive.

USB Memory

Command

copy usb1:/sourcefile flash:/destfile

Example

switch# copy usb1:/EOS-4.14.4.swi flash:/EOS-4.14.4.swi

FTP Server

Command

copy ftp:/ftp-source/sourcefile flash:/destfile

Example

switch# copy ftp:/user:password@10.0.0.3/EOS-4.14.4.swi flash:/EOS-4.14.4.swi

SCP

Command

copy scp://scp-source/sourcefile flash:/destfile

Example

switch# copy scp://user@10.1.1.8/user/EOS-4.13.2.swi flash:/EOS-4.13.2.swi

HTTP

Command

copy http://http-source/sourcefile flash:/destfile

Example

switch# copy http://10.0.0.10/EOS-4.14.4.swi flash:/EOS-4.14.4.swi

After transferring the file, verify that it is present in the directory, then confirm the MD5 checksum using the verify command. The MD5 checksum is available from the EOS download page of the Arista website.

switch# dir flash:
Directory of flash:/
-rwx     293168526   Nov 4     22:17     EOS4.14.2.swi
-rwx            36   Nov 8     10:24     boot-config
-rwx         37339   Jun 16    14:18     cfg_06162014
-rwx     394559902   May 30    02:57     EOS4.13.1.swi

606638080 bytes total (208281186 bytes free)
switch# verify /md5 flash:EOS-4.14.4.swi 
verify /md5 (flash:EOS-4.14.4.swi) =c277a965d0ed48534de6647b12a86991
switch#

Modify boot-config

After transferring and confirming the desired image file, use the boot system command to update the boot-config file to point to the new EOS image.

This command changes the boot-config file to point to the image file located in flash memory at EOS-4.14.4.swi.

switch# configure terminal
switch(config)# boot system flash:/EOS-4.14.4.swi

Use the show boot-config command to verify that the boot-config file is correct:

switch(config)# show boot-config
Software image: flash:/EOS-4.14.4.swi
Console speed: (not set)
Aboot password (encrypted): $1$ap1QMbmz$DTqsFYeauuMSa7/Qxbi2l1

Save the configuration to the startup-config file with the write command.

switch# write

Start the SSU Process

After updating the boot-config file, verify that your configuration supports SSU (if you have not already done so) using the show reload fast-boot command. If parts of the configuration are blocking SSU execution, an error message will be displayed explaining what they are.

switch# show reload fast-boot
switch#'reload fast-boot' cannot proceed due to the following:
  Spanning-tree portfast is not enabled for one or more ports
  Spanning-tree BPDU guard is not enabled for one or more ports
switch#

Start the SSU process using the reload fast-boot command to reload the switch and activate the new image. The CLI will identify any changes that must be made to the configuration before starting SSU, prompt the saving of any modifications to the system configuration, and request confirmation before reloading.

switch# reload fast-boot
System configuration has been modified. Save? [yes/no/cancel/diff]:y
Copy completed successfully.
Proceed with reload? [confirm]y

Note: You can still use the show reload hitless and reload hitless commands, but they have the same effect as the commands shown earlier.

Verify Success of the Upgrade

Before making any configuration changes to the switch after reloading, verify that the SSU process is complete using the command show boot stages log. If it is, the last message should be Hitless boot stages complete.

switch# show boot stages log
Timestamp           Delta Begin Msg
2022-10-03 12:42:06 000.000000 Asu Hitless boot stages started
2022-10-03 12:42:06 000.001592 stage CriticalAgent started
2022-10-03 12:42:06 000.001834   event CriticalAgent:PhyEthtool completed

[ . . . ]

2022-10-03 12:43:02 056.316874 stage BootSanityCheck is complete
2022-10-03 12:43:02 056.317491 Asu Hitless boot stages complete
switch#

You can also verify the completion of the SSU process by checking the syslog for the following message:

LAUNCHER-6-BOOT_STATUS: 'reload fast-boot' reconciliation complete

To verify whether the SSU upgrade was successful, use the show reload cause command. Suppose a fatal error occurred during the upgrade process. In that case, the switch will have completely rebooted, and the fatal error details will be displayed along with the directory containing the diagnostic information.

If the SSU upgrade has succeeded, it will read Hitless reload requested by the user.

Fatal Error Display

switch# show reload cause
Reload Cause 1:
-------------------
Fatal error occurred during Asu Hitless boot. (stageMgr - LinkStatusUpdate timed out)

Reload Time:
------------
Reload occurred at Sun Oct 02 12:06:37 2022 PDT.

Recommended Action:
-------------------
The system rebooted due to a fatal error.
If the problem persists, contact your customer support representative.

Debugging Information:
-------------------------------
/mnt/flash/persist/fatalError-2022-10-02_120637
switch#

Successful Upgrade Display

switch# show reload cause
Reload Cause 1:
-------------------
Hitless reload requested by the user.

Reload Time:
------------
Reload occurred at Mon Oct 03 13:29:31 2022 PDT.

Recommended Action:
-------------------
No action necessary.

Debugging Information:
-------------------------------
None available.
switch#

The show version command confirms whether the correct image is loaded. The Software image version: line displays the version of the active image file.

switch# show version
Arista DCS-7050QX-32-F
Hardware version: 02.00
Serial number: JPE14071098
System MAC address: 001c.7355.556f
Software image version: 4.14.5F-2353054.EOS4145F
Architecture: i386
Internal build version: 4.14.5F-2353054.EOS4145F
Internal build ID: e8748ea7-916d-4217-878f-4bfe2adc7122
Uptime: 4 minutes
Total memory: 3981328 kB
Free memory: 1342408 kB
switch#

Note: If a fatal error occurs during the SSU process, the new EOS image will still be loaded and booted.

Scheduling an SSU

SSU supports scheduling an upgrade with the reload fast-boot in command. If the switch has unsaved configuration changes, or saved configuration changes that block an SSU upgrade, the scheduled reload stops at the scheduled time.

Configuring a Scheduled SSU Upgrade

Use the reload fast-boot in command to schedule the upgrade at a specific time. The switch detects any unsaved configuration and prompts you to save the changes first. Replying no exits the command and the scheduled upgrade does not proceed.

switch#reload fast-boot in 10:00
System configuration has been modified. Save? [yes/no/cancel/diff]:yes
Copy completed successfully.
Proceed with reload? [confirm]y
Reload scheduled for Mon Jan 20 19:31:09 2025 (in 9 hours 59 minutes)
No warnings or unsupported configuration found.

Specify the time to reboot in hours, for example, 10:00, as shown in the example.

Override the confirmation prompt by adding the optional parameter force and specify a reason using the reason.

switch#reload fast-boot in 10:00 force reason scheduled maintenance
Copy completed successfully.
Reload scheduled for Mon Jun 17 19:38:12 2024 (in 9 hours 59 minutes)
Reload reason: scheduled maintenance
No warnings or unsupported configuration found.

Note: EOS supports only one pending scheduled SSU, either normal or scheduled, at a time. To schedule a new SSU, cancel the existing scheduled SSU.

Canceling a Scheduled SSU

To cancel a scheduled SSU reload, use the reload cancel command:

switch# reload cancel
Scheduled reload has been canceled.

Displaying Scheduled SSU Information

Use the following command to display information about scheduled SSU configurations:

switch# show reload fast-boot
Reload scheduled for Mon Jan 20 19:31:09 2025 (in 9 hours 59 minutes)
Reload reason: scheduled maintenance
No warnings or unsupported configuration found.

If no scheduled reload exists on the switch, the command returns the following output:

switch3 show reload fast-boot
No reload is scheduled
No warnings or unsupported configuration found.

Page 9 of 15

End of Support

EOS 4.33.2F User Manual - Layer 2 Protocol Forwarding

Layer 2 Protocol Forwarding

Configuring L2 Protocol Forwarding

TCAM Profile

Consumption of TCAM

L2 Protocol Forwarding Limitations

L2 Protocol Forwarding Show commands

EOS 4.33.2F User Manual - Quality of Service

Quality of Service

Quality of Service Conceptual Overview

Identifying the Switch Platform

QoS Data Fields and Traffic Classes

QoS Data Fields

Port Settings – Trust Mode and Traffic Class

Rewriting CoS and DSCP

CoS Rewrite

DSCP Rewrite

Traffic Classes

Transmit Queues and Port Shaping

Explicit Congestion Notification (ECN)

ECN Conceptual Overview

ACL Policing

Single Rate Two Color Marker

Single Rate Three Color Marker

Two Rate Three Color Marker

Configuring ACL Policing

Quality of Service (QoS) Profiles

IPv6 Flow Label Matches for QoS

QoS Configuration: Platform-Independent Features

Creating QoS Profiles

Configuring QoS Profiles

Attaching Policy-Map to a QoS Profile

Applying a QoS profile on an Interface

Example

Displaying the QoS Profile Information

QoS Configuration: Arad Platform Switches

CoS and DSCP Port Settings – Arad Platform Switches

Configuring Port Trust Settings

Configuring Default Port Settings

Traffic Class Derivations – Arad Platform Switches

Traffic Class Derivation Source

Mapping CoS to Traffic Class

Mapping DSCP to Traffic Class

CoS Rewrite – Arad Platform Switches

Traffic Class to CoS Rewrite Map

Traffic Class to DSCP Rewrite Map

Transmit Queues and Port Shaping – Arad Platform Switches

Mapping Traffic Classes to a Transmit Queue

Entering Tx-Queue Configuration Mode

Configuring the Shape Rate – Port and Transmit Queues

Configuring Queue Priority

ECN Configuration – Arad Platform Switches

ACL Policing – Arad Platform Switches

Example

Displaying ACL Policing Information

Examples

QoS Configuration: Jericho Platform Switches

CoS and DSCP Port Settings – Jericho Platform Switches

Configuring Port Trust Settings

Configuring Default Port Settings

Traffic Class Derivations – Jericho Platform Switches

Traffic Class Derivation Source

Mapping CoS to Traffic Class

Mapping DSCP to Traffic Class

CoS Rewrite – Jericho Platform Switches

Traffic Class to CoS Rewrite Map

Traffic Class to DSCP Rewrite Map

Transmit Queues and Port Shaping – Jericho Platform Switches

Mapping Traffic Classes to a Transmit Queue

Entering Tx-Queue Configuration Mode

Configuring the Shape Rate – Port and Transmit Queues

Configuring Queue Priority

ACL Policing – Jericho Platform Switches

Example

Displaying ACL Policing Information

Examples

QoS Configuration: FM6000 Platform Switches

CoS and DSCP Port Settings – FM6000 Platform Switches

Configuring Port Trust Settings