3.2.4. system¶
Global system configuration.
vsr running config# system
hostname¶
The hostname of the device – should be a single domain label, without the domain.
vsr running config# system
vsr running system# hostname HOSTNAME
|
Description |
---|---|
|
The domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492. |
|
The domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492. |
cp-mask¶
Note
requires a Product License.
Cores on which control plane applications run.
vsr running config# system
vsr running system# cp-mask CP-MASK
|
Description |
---|---|
|
Use all cores except fast path ones for control plane. |
|
A comma-separated list of cores or core ranges. Example: ‘1,4-7,10-12’. |
- Default value
default
timezone¶
The timezone of the device.
vsr running config# system
vsr running system# timezone TIMEZONE
|
Description |
---|---|
|
Coordinated Universal Time. |
|
Greenwich Mean Time. |
|
McMurdo Station, Ross Island |
|
Amundsen-Scott Station, South Pole |
|
Rothera Station, Adelaide Island |
|
Palmer Station, Anvers Island |
|
Mawson Station, Holme Bay |
|
Davis Station, Vestfold Hills |
|
Casey Station, Bailey Peninsula |
|
Vostok Station, Lake Vostok |
|
Dumont-d’Urville Station, Terre Adelie |
|
Syowa Station, E Ongul I |
|
Macquarie Island Station, Macquarie Island |
|
Buenos Aires (BA, CF) |
|
most locations (CB, CC, CN, ER, FM, MN, SE, SF) |
|
(SA, LP, NQ, RN) |
|
Jujuy (JY) |
|
Tucuman (TM) |
|
Catamarca (CT), Chubut (CH) |
|
La Rioja (LR) |
|
San Juan (SJ) |
|
Mendoza (MZ) |
|
San Luis (SL) |
|
Santa Cruz (SC) |
|
Tierra del Fuego (TF) |
|
Lord Howe Island |
|
Tasmania - most locations |
|
Tasmania - King Island |
|
Victoria |
|
New South Wales - most locations |
|
New South Wales - Yancowinna |
|
Queensland - most locations |
|
Queensland - Holiday Islands |
|
South Australia |
|
Northern Territory |
|
Western Australia - most locations |
|
Western Australia - Eucla area |
|
Atlantic islands |
|
Amapa, E Para |
|
NE Brazil (MA, PI, CE, RN, PB) |
|
Pernambuco |
|
Tocantins |
|
Alagoas, Sergipe |
|
Bahia |
|
S & SE Brazil (GO, DF, MG, ES, RJ, SP, PR, SC, RS) |
|
Mato Grosso do Sul |
|
Mato Grosso |
|
W Para |
|
Rondonia |
|
Roraima |
|
E Amazonas |
|
W Amazonas |
|
Acre |
|
Newfoundland Time, including SE Labrador |
|
Atlantic Time - Nova Scotia (most places), PEI |
|
Atlantic Time - Nova Scotia - places that did not observe DST 1966-1971 |
|
Atlantic Time - New Brunswick |
|
Atlantic Time - Labrador - most locations |
|
Atlantic Standard Time - Quebec - Lower North Shore |
|
Eastern Time - Quebec - most locations |
|
Eastern Time - Ontario - most locations |
|
Eastern Time - Ontario & Quebec - places that did not observe DST 1967-1973 |
|
Eastern Time - Thunder Bay, Ontario |
|
Eastern Time - east Nunavut - most locations |
|
Eastern Time - Pangnirtung, Nunavut |
|
Central Standard Time - Resolute, Nunavut |
|
Eastern Standard Time - Atikokan, Ontario and Southampton I, Nunavut |
|
Central Time - central Nunavut |
|
Central Time - Manitoba & west Ontario |
|
Central Time - Rainy River & Fort Frances, Ontario |
|
Central Standard Time - Saskatchewan - most locations |
|
Central Standard Time - Saskatchewan - midwest |
|
Mountain Time - Alberta, east British Columbia & west Saskatchewan |
|
Mountain Time - west Nunavut |
|
Mountain Time - central Northwest Territories |
|
Mountain Time - west Northwest Territories |
|
Mountain Standard Time - Creston, British Columbia |
|
Mountain Standard Time - Dawson Creek & Fort Saint John, British Columbia |
|
Pacific Time - west British Columbia |
|
Pacific Time - south Yukon |
|
Pacific Time - north Yukon |
|
west Dem. Rep. of Congo |
|
east Dem. Rep. of Congo |
|
most locations |
|
Easter Island & Sala y Gomez |
|
east China - Beijing, Guangdong, Shanghai, etc. |
|
Heilongjiang (except Mohe), Jilin |
|
central China - Sichuan, Yunnan, Guangxi, Shaanxi, Guizhou, etc. |
|
most of Tibet & Xinjiang |
|
west Tibet & Xinjiang |
|
mainland |
|
Galapagos Islands |
|
mainland |
|
Ceuta & Melilla |
|
Canary Islands |
|
Chuuk (Truk) and Yap |
|
Pohnpei (Ponape) |
|
Kosrae |
|
most locations |
|
east coast, north of Scoresbysund |
|
Scoresbysund / Ittoqqortoormiit |
|
Thule / Pituffik |
|
Java & Sumatra |
|
west & central Borneo |
|
east & south Borneo, Sulawesi (Celebes), Bali, Nusa Tengarra, west Timor |
|
west New Guinea (Irian Jaya) & Malukus (Moluccas) |
|
Gilbert Islands |
|
Phoenix Islands |
|
Line Islands |
|
most locations |
|
Qyzylorda (Kyzylorda, Kzyl-Orda) |
|
Aqtobe (Aktobe) |
|
Atyrau (Atirau, Gur’yev), Mangghystau (Mankistau) |
|
West Kazakhstan |
|
most locations |
|
Kwajalein |
|
most locations |
|
Bayan-Olgiy, Govi-Altai, Hovd, Uvs, Zavkhan |
|
Dornod, Sukhbaatar |
|
Central Time - most locations |
|
Central Time - Quintana Roo |
|
Central Time - Campeche, Yucatan |
|
Mexican Central Time - Coahuila, Durango, Nuevo Leon, Tamaulipas away from US border |
|
US Central Time - Coahuila, Durango, Nuevo Leon, Tamaulipas near US border |
|
Mountain Time - S Baja, Nayarit, Sinaloa |
|
Mexican Mountain Time - Chihuahua away from US border |
|
US Mountain Time - Chihuahua near US border |
|
Mountain Standard Time - Sonora |
|
US Pacific Time - Baja California near US border |
|
Mexican Pacific Time - Baja California away from US border |
|
Mexican Central Time - Bahia de Banderas |
|
peninsular Malaysia |
|
Sabah & Sarawak |
|
most locations |
|
Chatham Islands |
|
Society Islands |
|
Marquesas Islands |
|
Gambier Islands |
|
Gaza Strip |
|
West Bank |
|
mainland |
|
Madeira Islands |
|
Azores |
|
Moscow-01 - Kaliningrad |
|
Moscow+00 - west Russia |
|
Moscow+00 - Caspian Sea |
|
Moscow+00 - Samara, Udmurtia |
|
Moscow+02 - Urals |
|
Moscow+03 - west Siberia |
|
Moscow+03 - Novosibirsk |
|
Moscow+03 - Novokuznetsk |
|
Moscow+04 - Yenisei River |
|
Moscow+05 - Lake Baikal |
|
Moscow+06 - Lena River |
|
Moscow+07 - Amur River |
|
Moscow+07 - Sakhalin Island |
|
Moscow+08 - Magadan |
|
Moscow+08 - Kamchatka |
|
Moscow+08 - Bering Sea |
|
most locations |
|
Ruthenia |
|
Zaporozh’ye, E Lugansk / Zaporizhia, E Luhansk |
|
central Crimea |
|
Johnston Atoll |
|
Midway Islands |
|
Wake Island |
|
Eastern Time |
|
Eastern Time - Michigan - most locations |
|
Eastern Time - Kentucky - Louisville area |
|
Eastern Time - Kentucky - Wayne County |
|
Eastern Time - Indiana - most locations |
|
Eastern Time - Indiana - Daviess, Dubois, Knox & Martin Counties |
|
Eastern Time - Indiana - Pulaski County |
|
Eastern Time - Indiana - Crawford County |
|
Eastern Time - Indiana - Pike County |
|
Eastern Time - Indiana - Switzerland County |
|
Central Time |
|
Central Time - Indiana - Perry County |
|
Central Time - Indiana - Starke County |
|
Central Time - Michigan - Dickinson, Gogebic, Iron & Menominee Counties |
|
Central Time - North Dakota - Oliver County |
|
Central Time - North Dakota - Morton County (except Mandan area) |
|
Central Time - North Dakota - Mercer County |
|
Mountain Time |
|
Mountain Time - south Idaho & east Oregon |
|
Mountain Time - Navajo |
|
Mountain Standard Time - Arizona |
|
Pacific Time |
|
Alaska Time |
|
Alaska Time - Alaska panhandle |
|
Alaska Time - southeast Alaska panhandle |
|
Alaska Time - Alaska panhandle neck |
|
Alaska Time - west Alaska |
|
Aleutian Islands |
|
Metlakatla Time - Annette Island |
|
Hawaii |
|
west Uzbekistan |
|
east Uzbekistan |
|
A timezone location as defined by the IANA timezone database (http://www.iana.org/time-zones) |
troubleshooting-report (state only) (pushed)¶
The existing troubleshooting reports available on the system.
vsr> show state system troubleshooting-report
traffic-capture (state only) (pushed)¶
The existing traffic captures available on the system.
vsr> show state system traffic-capture
network-stack¶
Note
requires a Product License.
Network stack parameters.
vsr running config# system network-stack
bridge¶
Bridge default parameters.
vsr running config# system network-stack bridge
call-ipv4-filtering¶
Call IPv4 filtering hooks on bridges.
vsr running config# system network-stack bridge
vsr running bridge# call-ipv4-filtering true|false
- Default value
false
call-ipv6-filtering¶
Call IPv6 filtering hooks on bridges.
vsr running config# system network-stack bridge
vsr running bridge# call-ipv6-filtering true|false
- Default value
false
icmp¶
ICMP default parameters.
vsr running config# system network-stack icmp
ignore-icmp-echo-broadcast¶
Ignore all ICMP ECHO and TIMESTAMP requests sent via broadcast or multicast.
vsr running config# system network-stack icmp
vsr running icmp# ignore-icmp-echo-broadcast true|false
- Default value
false
rate-limit-icmp¶
unit: milliseconds
The minimum time space that separates the sending of two consecutive ICMP packets. By default, such space is 1000 ms.
vsr running config# system network-stack icmp
vsr running icmp# rate-limit-icmp <0-1000>
- Default value
1000
rate-mask-icmp¶
Mask made of ICMP types for which rates are being limited.
vsr running config# system network-stack icmp
vsr running icmp# rate-mask-icmp RATE-MASK-ICMP
|
Description |
---|---|
|
Echo Reply. |
|
Destination Unreachable. |
|
Source Quench. |
|
Redirect. |
|
Echo Request. |
|
Time Exceeded. |
|
Parameter Problem. |
|
Timestamp Request. |
|
Timestamp Reply. |
|
Info Request. |
|
Info Reply. |
|
Address Mask Request. |
|
Address Mask Reply. |
- Default value
destination-unreachable source-quench time-exceeded parameter-problem
ipv4¶
IPv4 default parameters.
vsr running config# system network-stack ipv4
forwarding¶
Enable IP forwarding.
vsr running config# system network-stack ipv4
vsr running ipv4# forwarding true|false
- Default value
true
send-redirects¶
Send ICMP redirect if host is on the same network than gateway.
vsr running config# system network-stack ipv4
vsr running ipv4# send-redirects true|false
- Default value
true
accept-redirects¶
Accept redirect when acting as a host. It is always disabled when acting as a router.
vsr running config# system network-stack ipv4
vsr running ipv4# accept-redirects true|false
- Default value
false
accept-source-route¶
Accept packets with source route option.
vsr running config# system network-stack ipv4
vsr running ipv4# accept-source-route true|false
- Default value
false
arp-announce¶
Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface. Increasing the restriction level gives more chance for receiving answer from the resolved target while decreasing the level announces more valid sender’s information.
vsr running config# system network-stack ipv4
vsr running ipv4# arp-announce ARP-ANNOUNCE
|
Description |
---|---|
|
Use any local address, configured on any interface. |
|
Try to avoid local addresses that are not in the target’s subnet for this interface. This mode is useful when target hosts reachable via this interface require the source IP address in ARP requests to be part of their logical network configured on the receiving interface. When we generate the request we will check all our subnets that include the target IP and will preserve the source address if it is from such subnet. If there is no such subnet we select source address according to the rules for level 2, ‘best-local’. |
|
Always use the best local address for this target. In this mode we ignore the source address in the IP packet and try to select local address that we prefer for talks with the target host. Such local address is selected by looking for primary IP addresses on all our subnets on the outgoing interface that include the target IP address. If no suitable local address is found we select the first local address we have on the outgoing interface or on all other interfaces, with the hope we will receive reply for our request and even sometimes no matter the source IP address we announce. |
- Default value
any
arp-filter¶
Allows to have multiple network interfaces on the same subnet, and have the ARPs for each interface be answered based on whether or not the kernel would route a packet from the ARP’d IP out that interface (therefore you must use source based routing for this to work). In other words it allows control of which cards (usually 1) will respond to an arp request.
vsr running config# system network-stack ipv4
vsr running ipv4# arp-filter true|false
- Default value
false
arp-ignore¶
Define different modes for sending replies in response to received ARP requests that resolve local target IP addresses.
vsr running config# system network-stack ipv4
vsr running ipv4# arp-ignore ARP-IGNORE
|
Description |
---|---|
|
Reply for any local target IP address, configured on any interface. |
|
Reply only if the target IP address is local address configured on the incoming interface. |
|
Reply only if the target IP address is local address configured on the incoming interface and both with the sender’s IP address are part from same subnet on this interface. |
|
Do not reply for local addresses configured with scope host, only resolutions for global and link addresses are replied. |
|
Do not reply for all local addresses. |
- Default value
any
arp-proxy¶
Enable ARP proxy.
vsr running config# system network-stack ipv4
vsr running ipv4# arp-proxy true|false
- Default value
false
log-invalid-addresses¶
Log packets with impossible addresses.
vsr running config# system network-stack ipv4
vsr running ipv4# log-invalid-addresses true|false
- Default value
false
ipv6¶
IPv6 default parameters.
vsr running config# system network-stack ipv6
forwarding¶
Enable IPv6 forwarding.
vsr running config# system network-stack ipv6
vsr running ipv6# forwarding true|false
- Default value
true
max-cached-routes¶
Maximum number of ipv6 cached routes.
vsr running config# system network-stack ipv6
vsr running ipv6# max-cached-routes <uint32>
autoconfiguration¶
Autoconfigure addresses using Prefix Information in Router Advertisements.
vsr running config# system network-stack ipv6
vsr running ipv6# autoconfiguration true|false
- Default value
true
accept-duplicate-address-detection¶
Accept Duplicate Address Detection (DAD).
vsr running config# system network-stack ipv6
vsr running ipv6# accept-duplicate-address-detection ACCEPT-DUPLICATE-ADDRESS-DETECTION
|
Description |
---|---|
|
Disable DAD. |
|
Enable DAD. |
|
Enable DAD, and disable IPv6 operation if MAC-based duplicate link-local address has been found. |
- Default value
always
accept-router-advert¶
Accept Router Advertisements.
vsr running config# system network-stack ipv6
vsr running ipv6# accept-router-advert ACCEPT-ROUTER-ADVERT
|
Description |
---|---|
|
Do not accept Router Advertisements. |
|
Accept Router Advertisements if forwarding is disabled. |
|
Accept Router Advertisements even if forwarding is enabled. |
- Default value
never
accept-redirects¶
Accept redirect when acting as a host. It is always disabled when acting as a router.
vsr running config# system network-stack ipv6
vsr running ipv6# accept-redirects true|false
- Default value
false
accept-segment-routing¶
Accept Segment Routing IPv6 packets.
vsr running config# system network-stack ipv6
vsr running ipv6# accept-segment-routing true|false
- Default value
false
accept-source-route¶
Accept packets with source route option.
vsr running config# system network-stack ipv6
vsr running ipv6# accept-source-route true|false
- Default value
false
router-solicitations¶
Number of Router Solicitations to send until assuming no routers are present.
vsr running config# system network-stack ipv6
vsr running ipv6# router-solicitations <-1-8192>
- Default value
-1
use-temporary-addresses¶
Preference for Privacy Extensions (RFC4941). Not applied to point-to- point and loopback devices (always 0).
vsr running config# system network-stack ipv6
vsr running ipv6# use-temporary-addresses USE-TEMPORARY-ADDRESSES
|
Description |
---|---|
|
Disable Privacy Extensions, i.e. use the public address, subnet prefix/interface id, where interface id is always the same. |
|
Enable Privacy Extensions, but prefer public addresses over temporary addresses. |
|
Enable Privacy Extensions and prefer temporary addresses over public addresses. |
- Default value
never
neighbor¶
Neighbor advanced configuration.
vsr running config# system network-stack neighbor
ipv4-max-entries¶
Maximum number of IPv4 neighbors.
vsr running config# system network-stack neighbor
vsr running neighbor# ipv4-max-entries <16-400000>
ipv6-max-entries¶
Maximum number of IPv6 neighbors.
vsr running config# system network-stack neighbor
vsr running neighbor# ipv6-max-entries <16-400000>
ipv4-base-reachable-time¶
unit: seconds
Time during which an IPv4 neighbor entry stays reachable.
vsr running config# system network-stack neighbor
vsr running neighbor# ipv4-base-reachable-time <uint32>
ipv6-base-reachable-time¶
unit: seconds
Time during which an IPv6 neighbor entry stays reachable.
vsr running config# system network-stack neighbor
vsr running neighbor# ipv6-base-reachable-time <uint32>
conntrack¶
Conntrack advanced configuration.
vsr running config# system network-stack conntrack
max-entries¶
Maximum number of Netfilter conntracks.
vsr running config# system network-stack conntrack
vsr running conntrack# max-entries <16-10000000>
tcp-timeout-close¶
Conntrack TCP timeout close.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-close <0-8589934>
tcp-timeout-close-wait¶
Conntrack TCP timeout close wait.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-close-wait <0-8589934>
tcp-timeout-established¶
Conntrack TCP timeout established.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-established <0-8589934>
tcp-timeout-fin-wait¶
Conntrack TCP timeout fin wait.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-fin-wait <0-8589934>
tcp-timeout-last-ack¶
Conntrack TCP timeout last ack.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-last-ack <0-8589934>
tcp-timeout-max-retrans¶
Conntrack TCP timeout max retrans.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-max-retrans <0-8589934>
tcp-timeout-syn-recv¶
Conntrack TCP timeout syn recv.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-syn-recv <0-8589934>
tcp-timeout-syn-sent¶
Conntrack TCP timeout syn sent.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-syn-sent <0-8589934>
tcp-timeout-time-wait¶
Conntrack TCP timeout time wait.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-time-wait <0-8589934>
tcp-timeout-unacknowledged¶
Conntrack TCP timeout unacknowledged.
vsr running config# system network-stack conntrack
vsr running conntrack# tcp-timeout-unacknowledged <0-8589934>
udp-timeout¶
Conntrack UDP timeout.
vsr running config# system network-stack conntrack
vsr running conntrack# udp-timeout <0-8589934>
udp-timeout-stream¶
Conntrack UDP timeout stream.
vsr running config# system network-stack conntrack
vsr running conntrack# udp-timeout-stream <0-8589934>
fast-path¶
Fast path network global configuration.
vsr running config# system network-stack fast-path
alg¶
Set Application-level gateway (ALG) configuration.
vsr running config# system network-stack fast-path alg <alg>
|
Description |
---|---|
|
Set FTP ALG. |
|
Set H323 RAS ALG. |
|
Set H323 Q931 ALG. |
|
Set PPTP ALG. |
|
Set RTSP ALG. |
|
Set SIP on TCP ALG. |
|
Set SIP on TCP ALG. |
|
Set TFTP ALG. |
|
Set DNS ALG. |
port¶
Set ALG port.
vsr running config# system network-stack fast-path alg <alg>
vsr running alg <alg># port <uint16>
session-timeout¶
Set ALG session timeout.
vsr running config# system network-stack fast-path alg <alg>
vsr running alg <alg># session-timeout <uint32>
conntrack¶
Conntrack options.
vsr running config# system network-stack fast-path conntrack
behavior¶
Specific TCP options.
vsr running config# system network-stack fast-path conntrack
vsr running conntrack# behavior <behavior> enabled true|false
|
Description |
---|---|
|
TCP window check. |
|
TCP rst strict order. |
timeouts¶
Timeouts for the different events/protocols.
vsr running config# system network-stack fast-path conntrack timeouts
icmp¶
Conntrack options for ICMP.
vsr running config# system network-stack fast-path conntrack timeouts
vsr running timeouts# icmp <icmp> <uint32>
|
Description |
---|---|
|
State NEW. |
|
State ESTABLISHED. |
|
State CLOSED. |
udp¶
Conntrack options for UDP.
vsr running config# system network-stack fast-path conntrack timeouts
vsr running timeouts# udp <udp> <uint32>
|
Description |
---|---|
|
State NEW. |
|
State ESTABLISHED. |
|
State CLOSED. |
gre-pptp¶
Conntrack options for GRE-PPTP.
vsr running config# system network-stack fast-path conntrack timeouts
vsr running timeouts# gre-pptp <gre-pptp> <uint32>
|
Description |
---|---|
|
State NEW. |
|
State ESTABLISHED. |
|
State CLOSED. |
tcp¶
Conntrack options for TCP.
vsr running config# system network-stack fast-path conntrack timeouts
vsr running timeouts# tcp <tcp> <uint32>
|
Description |
---|---|
|
State SYN-SENT. |
|
State SIMSYN-SENT. |
|
State SYN-RECEIVED. |
|
State ESTABLISHED. |
|
State FIN-SENT. |
|
State FIN-RECEIVED. |
|
State CLOSED. |
|
State CLOSE-WAIT. |
|
State FIN-WAIT. |
|
State LAST-ACK. |
|
State TIME-WAIT. |
nat64¶
NAT64 conntrack options.
vsr running config# system network-stack fast-path conntrack nat64
option¶
Specific NAT64 options.
vsr running config# system network-stack fast-path conntrack nat64
vsr running nat64# option <option> true|false
|
Description |
---|---|
|
Enable/Disable TCP MSS update. |
|
Enable/Disable UDP null checksum packet drops. |
|
Fragment IPv4 packets (with DF flag) if the MTU is too small. |
|
Fragment IPv6 packets if the MTU is too small. |
audit-trail¶
Audit trail configuration.
vsr running config# system audit-trail
enabled (pushed)¶
Enable audit trails.
vsr running config# system audit-trail
vsr running audit-trail# enabled true|false
- Default value
true
max-file-count¶
unit: bytes
Number of files to keep. The following files will be deleted.
vsr running config# system audit-trail
vsr running audit-trail# max-file-count <int32>
- Default value
200
max-file-size¶
Max log size before rotating.
vsr running config# system audit-trail
vsr running audit-trail# max-file-size <int32>
- Default value
1048576
uptime (state only)¶
The system uptime.
string (state only)¶
A human readable value (e.g DD days, HH:mm:ss).
vsr> show state system uptime string
installed-image (state only)¶
The list of installed images.
version (state only)¶
The version of the image.
vsr> show state system installed-image <string> version
current (state only)¶
The image is currently booted.
vsr> show state system installed-image <string> current
default (state only)¶
The image is booted by default.
vsr> show state system installed-image <string> default
next (state only)¶
The next reboot will use this image.
vsr> show state system installed-image <string> next
confirm-pending (state only) (pushed)¶
The system will reboot on the default image, unless the user executes a cmd system-image set-default command.
vsr> show state system installed-image <string> confirm-pending
aws¶
Note
requires a Product License.
AWS configuration.
vsr running config# system aws
account-id (state only)¶
The identifier of the AWS account that launched the instance.
vsr> show state system aws account-id
architecture (state only)¶
The architecture of the AMI used to launch the instance.
vsr> show state system aws architecture
availability-zone (state only)¶
The availability zone in which the instance is running.
vsr> show state system aws availability-zone
image-id (state only)¶
The identifier of the AMI used to launch the instance.
vsr> show state system aws image-id
private-ip (state only)¶
The private IPv4 address of the instance.
vsr> show state system aws private-ip
ha-notification¶
Specify AWS configuration changes when HA group state switch to master.
vsr running config# system aws ha-notification
group¶
The HA group to monitor.
vsr running config# system aws ha-notification group <leafref>
|
The name of the HA group to monitor. |
assign-private-ip¶
Assign a private IP to an interface of the AWS VPC when HA group is active.
vsr running config# system aws ha-notification group <leafref>
vsr running group <leafref># assign-private-ip ip <ip> interface <leafref> vrf <leafref>
|
An IPv4 address. |
|
The interface on which the virtual IP is set. |
|
The vrf where the interface is located. |
change-route¶
Change a route on the AWS VPC when HA group is active.
vsr running config# system aws ha-notification group <leafref>
vsr running group <leafref># change-route subnet <subnet> destination <destination> \
... interface <leafref> vrf <leafref>
|
An IPv4 prefix: address and CIDR mask. |
|
An IPv4 prefix: address and CIDR mask. |