ipip

Note

requires a Turbo Router Network License.

The list of ipip interfaces on the device.

vrouter running config# vrf <vrf> interface ipip <ipip>

<ipip>

An interface name.

mtu

Set the max transmission unit size in octets.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># mtu <uint32>

promiscuous

Set promiscuous mode.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># promiscuous true|false

description

A textual description of the interface.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># description <string>

enabled

The desired (administrative) state of the interface.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># enabled true|false
Default value
true

local (mandatory)

The source address that should be used for the tunnel.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># local LOCAL

LOCAL values

Description

<A.B.C.D>

An IPv4 address.

<X:X::X:X>

An IPv6 address.

remote (mandatory)

The destination address that should be used for the tunnel.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># remote REMOTE

REMOTE values

Description

<A.B.C.D>

An IPv4 address.

<X:X::X:X>

An IPv6 address.

ttl

The time-to-live (or hop limit) that should be utilised for the IP packets used for the tunnel transport.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># ttl <uint8>

tos

Set the DSCP bits in the Type of Service field.

vrouter running config# vrf <vrf> interface ipip <ipip>
vrouter running ipip <ipip># tos <uint8>

ifindex (state only)

System assigned number for each interface. Corresponds to ifIndex object in SNMP Interface MIB.

vrouter> show state vrf <vrf> interface ipip <ipip> ifindex

admin-status (state only)

The desired state of the interface. In RFC 7223 this leaf has the same read semantics as ifAdminStatus. Here, it reflects the administrative state as set by enabling or disabling the interface.

vrouter> show state vrf <vrf> interface ipip <ipip> admin-status

oper-status (state only)

The current operational state of the interface. This leaf has the same semantics as ifOperStatus.

vrouter> show state vrf <vrf> interface ipip <ipip> oper-status

last-change (state only)

This timestamp indicates the time of the last state change of the interface (e.g., up-to-down transition). This corresponds to the ifLastChange object in the standard interface MIB. The value is the timestamp in nanoseconds relative to the Unix Epoch (Jan 1, 1970 00:00:00 UTC).

vrouter> show state vrf <vrf> interface ipip <ipip> last-change

ipv4

Parameters for the IPv4 address family.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv4

enabled

Controls whether IPv4 is enabled or disabled on this interface. When IPv4 is enabled, this interface is connected to an IPv4 stack, and the interface can send and receive IPv4 packets.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv4
vrouter running ipv4# enabled true|false
Default value
true

address

The list of configured IPv4 addresses on the interface.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv4
vrouter running ipv4# address <address> peer PEER

<address> values

Description

<A.B.C.D>

An IPv4 address.

<A.B.C.D/M>

A masked IPv4 address: address and prefix of that subnet.

peer

The IPv4 address of the remote endpoint for point to point interfaces.

peer PEER

PEER

An IPv4 address.

origin (state only)

The origin of this address, e.g., statically configured, assigned by DHCP, etc..

vrouter> show state vrf <vrf> interface ipip <ipip> ipv4 address <address> origin

ipv6

Parameters for the IPv6 address family.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv6

enabled

Controls whether IPv6 is enabled or disabled on this interface. When IPv6 is enabled, this interface is connected to an IPv6 stack, and the interface can send and receive IPv6 packets.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv6
vrouter running ipv6# enabled true|false
Default value
true

address

The list of configured IPv6 addresses on the interface.

vrouter running config# vrf <vrf> interface ipip <ipip> ipv6
vrouter running ipv6# address <address> peer PEER

<address> values

Description

<X:X::X:X>

An IPv6 address.

<X:X::X:X/M>

A masked IPv6 address: address and prefix of that subnet.

peer

The IPv6 address of the remote endpoint for point to point interfaces.

peer PEER

PEER

An IPv6 address.

origin (state only)

The origin of this address, e.g., static, dhcp, etc.

vrouter> show state vrf <vrf> interface ipip <ipip> ipv6 address <address> origin

status (state only)

The status of an address. Most of the states correspond to states from the IPv6 Stateless Address Autoconfiguration protocol.

vrouter> show state vrf <vrf> interface ipip <ipip> ipv6 address <address> status

network-stack

Network stack parameters for this interface.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack

ipv4

IPv4 parameters.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4

send-redirects

Send ICMP redirect if host is on the same network than gateway.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# send-redirects true|false

accept-redirects

Accept redirect when acting as a host. It is always disabled when acting as a router. Must be activated at vrf or system level too to be activated.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# accept-redirects true|false

accept-source-route

Accept packets with source route option. Must be activated at vrf or system level too to be activated.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# accept-source-route true|false

arp-announce

Define different restriction levels for announcing the local source IP address from IP packets in ARP requests sent on interface. Increasing the restriction level gives more chance for receiving answer from the resolved target while decreasing the level announces more valid sender’s information.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# arp-announce ARP-ANNOUNCE

ARP-ANNOUNCE values

Description

any

Use any local address, configured on any interface.

avoid-not-in-subnet

Try to avoid local addresses that are not in the target’s subnet for this interface. This mode is useful when target hosts reachable via this interface require the source IP address in ARP requests to be part of their logical network configured on the receiving interface. When we generate the request we will check all our subnets that include the target IP and will preserve the source address if it is from such subnet. If there is no such subnet we select source address according to the rules for level 2, ‘best-local’.

best-local

Always use the best local address for this target. In this mode we ignore the source address in the IP packet and try to select local address that we prefer for talks with the target host. Such local address is selected by looking for primary IP addresses on all our subnets on the outgoing interface that include the target IP address. If no suitable local address is found we select the first local address we have on the outgoing interface or on all other interfaces, with the hope we will receive reply for our request and even sometimes no matter the source IP address we announce.

arp-filter

Allows to have multiple network interfaces on the same subnet, and have the ARPs for each interface be answered based on whether or not the kernel would route a packet from the ARP’d IP out that interface (therefore you must use source based routing for this to work). In other words it allows control of which cards (usually 1) will respond to an arp request.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# arp-filter true|false

arp-ignore

Define different modes for sending replies in response to received ARP requests that resolve local target IP addresses.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# arp-ignore ARP-IGNORE

ARP-IGNORE values

Description

any

Reply for any local target IP address, configured on any interface.

check-interface

Reply only if the target IP address is local address configured on the incoming interface.

check-interface-and-subnet

Reply only if the target IP address is local address configured on the incoming interface and both with the sender’s IP address are part from same subnet on this interface.

ignore-scope

Do not reply for local addresses configured with scope host, only resolutions for global and link addresses are replied.

ignore-all

Do not reply for all local addresses.

log-invalid-addresses

Log packets with impossible addresses.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv4
vrouter running ipv4# log-invalid-addresses true|false

ipv6

IPv6 parameters.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6

autoconfiguration

Autoconfigure addresses using Prefix Information in Router Advertisements.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# autoconfiguration true|false

accept-router-advert

Accept Router Advertisements.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# accept-router-advert ACCEPT-ROUTER-ADVERT

ACCEPT-ROUTER-ADVERT values

Description

never

Do not accept Router Advertisements.

norouter-mode

Accept Router Advertisements if forwarding is disabled.

always

Accept Router Advertisements even if forwarding is enabled.

accept-redirects

Accept redirect when acting as a host. It is always disabled when acting as a router.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# accept-redirects true|false

accept-source-route

Accept packets with source route option.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# accept-source-route true|false

router-solicitations

Number of Router Solicitations to send until assuming no routers are present.

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# router-solicitations <int16>

use-temporary-addresses

Preference for Privacy Extensions (RFC4941). Not applied to point-to- point and loopback devices (always 0).

vrouter running config# vrf <vrf> interface ipip <ipip> network-stack ipv6
vrouter running ipv6# use-temporary-addresses USE-TEMPORARY-ADDRESSES

USE-TEMPORARY-ADDRESSES values

Description

never

Disable Privacy Extensions, i.e. use the public address, subnet prefix/interface id, where interface id is always the same.

prefer-public-addresses

Enable Privacy Extensions, but prefer public addresses over temporary addresses.

always

Enable Privacy Extensions and prefer temporary addresses over public addresses.

qos

Note

requires a Turbo Router Network License.

QoS configuration.

vrouter running config# vrf <vrf> interface ipip <ipip> qos

ingress

Ingress QoS configuration.

vrouter running config# vrf <vrf> interface ipip <ipip> qos ingress

rate-limit

Rate limit configuration.

vrouter running config# vrf <vrf> interface ipip <ipip> qos ingress rate-limit
policer (config only)

Traffic policer defined in the QoS context.

vrouter running config# vrf <vrf> interface ipip <ipip> qos ingress rate-limit
vrouter running rate-limit# policer <leafref>
shared-policer (config only)

Traffic shared policer defined in the QoS context.

vrouter running config# vrf <vrf> interface ipip <ipip> qos ingress rate-limit
vrouter running rate-limit# shared-policer <leafref>
policer (state only)

Traffic policer.

bandwidth (state only)

Maximum bandwidth of regular traffic, a.k.a. CIR (Committed Information Rate), in bps. 0 allows no regular traffic.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer bandwidth
burst (state only)

Maximum burst size of shaped traffic, a.k.a. CBS (Committed Burst Size), in bytes. The default value is set to bandwidth / 80 to handle a burst of 100 ms at the targeted bandwidth. If not set or set to 0, the default value is applied.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer burst
excess-bandwidth (state only)

Maximum bandwidth of excess traffic, a.k.a. EIR (Excess Information Rate), in bps. 0 allows no excess traffic.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer excess-bandwidth
excess-burst (state only)

Maximum burst size of excess traffic, a.k.a. EBS (Excess Burst Size), in bytes. The default value is set to excess-bandwidth / 80 to handle a burst of 100 ms at the targeted bandwidth. If not set or set to 0, the default value is applied.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer excess-burst
shared-policer (state only)

Shared policer name.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer shared-policer
stats (state only)

Traffic policer statistics.

pass-packets (state only)

Number of packets passed (regular traffic that conforms to (bandwidth, burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats pass-packets
pass-bytes (state only)

Number of bytes passed (regular traffic that conforms to (bandwidth, burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats pass-bytes
pass-excess-packets (state only)

Number of excess packets passed (excess traffic that conforms to (excess-bandwidth, excess-burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats pass-excess-packets
pass-excess-bytes (state only)

Number of excess bytes passed (excess traffic that conforms to (excess-bandwidth, excess-burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats pass-excess-bytes
drop-packets (state only)

Number of packets dropped (traffic that does not conform to bandwidth or excess-bandwidth).

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats drop-packets
drop-bytes (state only)

Number of bytes dropped (traffic that does not conform to bandwidth or excess-bandwidth).

vrouter> show state vrf <vrf> interface ipip <ipip> qos ingress rate-limit policer stats drop-bytes

egress

Egress QoS configuration.

vrouter running config# vrf <vrf> interface ipip <ipip> qos egress

rate-limit

Rate limit configuration.

vrouter running config# vrf <vrf> interface ipip <ipip> qos egress rate-limit
policer (config only)

Traffic policer defined in the QoS context.

vrouter running config# vrf <vrf> interface ipip <ipip> qos egress rate-limit
vrouter running rate-limit# policer <leafref>
shared-policer (config only)

Traffic shared policer defined in the QoS context.

vrouter running config# vrf <vrf> interface ipip <ipip> qos egress rate-limit
vrouter running rate-limit# shared-policer <leafref>
policer (state only)

Traffic policer.

bandwidth (state only)

Maximum bandwidth of regular traffic, a.k.a. CIR (Committed Information Rate), in bps. 0 allows no regular traffic.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer bandwidth
burst (state only)

Maximum burst size of shaped traffic, a.k.a. CBS (Committed Burst Size), in bytes. The default value is set to bandwidth / 80 to handle a burst of 100 ms at the targeted bandwidth. If not set or set to 0, the default value is applied.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer burst
excess-bandwidth (state only)

Maximum bandwidth of excess traffic, a.k.a. EIR (Excess Information Rate), in bps. 0 allows no excess traffic.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer excess-bandwidth
excess-burst (state only)

Maximum burst size of excess traffic, a.k.a. EBS (Excess Burst Size), in bytes. The default value is set to excess-bandwidth / 80 to handle a burst of 100 ms at the targeted bandwidth. If not set or set to 0, the default value is applied.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer excess-burst
shared-policer (state only)

Shared policer name.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer shared-policer
stats (state only)

Traffic policer statistics.

pass-packets (state only)

Number of packets passed (regular traffic that conforms to (bandwidth, burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats pass-packets
pass-bytes (state only)

Number of bytes passed (regular traffic that conforms to (bandwidth, burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats pass-bytes
pass-excess-packets (state only)

Number of excess packets passed (excess traffic that conforms to (excess-bandwidth, excess-burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats pass-excess-packets
pass-excess-bytes (state only)

Number of excess bytes passed (excess traffic that conforms to (excess-bandwidth, excess-burst) specification.

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats pass-excess-bytes
drop-packets (state only)

Number of packets dropped (traffic that does not conform to bandwidth or excess-bandwidth).

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats drop-packets
drop-bytes (state only)

Number of bytes dropped (traffic that does not conform to bandwidth or excess-bandwidth).

vrouter> show state vrf <vrf> interface ipip <ipip> qos egress rate-limit policer stats drop-bytes

counters (state only)

A collection of interface-related statistics objects.

in-octets (state only)

The total number of octets received on the interface, including framing characters. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters in-octets

in-unicast-pkts (state only)

The number of packets, delivered by this sub-layer to a higher (sub-)layer, that were not addressed to a multicast or broadcast address at this sub-layer. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters in-unicast-pkts

in-discards (state only)

The number of inbound packets that were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. One possible reason for discarding such a packet could be to free up buffer space. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters in-discards

in-errors (state only)

For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher- layer protocol. For character- oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol. Discontinuities in the value of this counter can occur at re- initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters in-errors

out-octets (state only)

The total number of octets transmitted out of the interface, including framing characters. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters out-octets

out-unicast-pkts (state only)

The total number of packets that higher-level protocols requested be transmitted, and that were not addressed to a multicast or broadcast address at this sub-layer, including those that were discarded or not sent. Discontinuities in the value of this counter can occur at re- initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters out-unicast-pkts

out-discards (state only)

The number of outbound packets that were chosen to be discarded even though no errors had been detected to prevent their being transmitted. One possible reason for discarding such a packet could be to free up buffer space. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters out-discards

out-errors (state only)

For packet-oriented interfaces, the number of outbound packets that could not be transmitted because of errors. For character-oriented or fixed-length interfaces, the number of outbound transmission units that could not be transmitted because of errors. Discontinuities in the value of this counter can occur at re-initialization of the management system, and at other times as indicated by the value of ‘last-clear’.

vrouter> show state vrf <vrf> interface ipip <ipip> counters out-errors