Bridge Commands
This chapter provides a description, syntax, and examples of the bridge commands. It includes the following commands:
bridge acquire
Use this command to enable a bridge to learn station location information for an instance. This helps in making forwarding decisions.
Use the no parameter with this command to disable learning.
Note: OcNOS supports only configuration of a single bridge.
Command Syntax
bridge <1-32> acquire
no bridge <1-32> acquire
Parameter
<1-32>
Bridge group ID.
Default
By default, learning is enabled for all instances.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#bridge 3 acquire
(config)#no bridge 3 acquire
bridge address
Use this command to add a static forwarding table entry for the bridge.
Use the no parameter with this command to remove the entry for the bridge
Note: Forward MAC must refer to the source MAC, and discard MAC must refer to the destination MAC.
Command Syntax
bridge <1-32> address XXXX.XXXX.XXXX (forward|discard) IFNAME
bridge <1-32> address XXXX.XXXX.XXXX (forward|discard) IFNAME vlan <2-4094>
bridge <1-32> address XXXX.XXXX.XXXX (forward|discard) IFNAME vlan <2-4094> svlan <2-4094>
no bridge <1-32> address XXXX.XXXX.XXXX
no bridge <1-32> address XXXX.XXXX.XXXX vlan <2-4094>
no bridge <1-32> address XXXX.XXXX.XXXX vlan <2-4094> svlan <2-4094>
Parameters
<1-32>
Bridge identifier
XXXX.XXXX.XXXX
Media Access Control (MAC) address in HHHH.HHHH.HHHH format.
forward
Forward matching frames.
discard
Discard matching frames.
IFNAME
Interface on which the frame comes out.
vlan
Identity of the VLAN in the range of <2-4094>.
svlan
Identity of the SVLAN in the range of <2-4094>.
Default
By default, bridge address is disabled
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#bridge 1 address 0000.000a.0021 forward eth0
(config)#no bridge 1 address 0000.000a.0021
(config)#bridge 1 address 0011.2222.3333 forward xe5 vlan 23
(config)#no bridge 1 address 0011.2222.3333 vlan 23
(config)#bridge 1 address 0011.2222.3333 forward xe5 vlan 11 svlan 21
(config)#no bridge 1 address 0011.2222.3333 vlan 11 svlan 21
(config)#bridge 1 address 0011.2222.3334 discard xe6 vlan 12 svlan 22
(config)#no bridge 1 address 0011.2222.3334 vlan 12 svlan 22
bridge ageing
Use this command to specify the aging time for a learned MAC address. A learned MAC address persists until this specified time.
Note: The bridge aging time affects the ARP entries which are dependent upon the MAC addresses in hardware. If a MAC address ages out, it causes the corresponding ARP entry to refresh.
Note: On Qumran, the MAC aging time can vary by up to 16%. For example, if the MAC aging time is set to 60 seconds, the aging time can happen anywhere between 50-60 seconds.
Use the no form of this command to set the MAC address aging time to its default (300).
Command Syntax
bridge <1-32> ageing-time (0|<10-572>)
bridge <1-32> ageing disable
no bridge <1-32> ageing-time
Parameters
0
Disable Ageing Time
<1-32>
Bridge group ID.
<10-572>
Aging time in seconds.
disable
Turn off MAC address aging completely.
Default
By default, the aging time is 300 seconds.
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#bridge 3 ageing-time 100
(config)#no bridge 3 ageing-time
bridge encapsulation dot1q
Use this command to add the TPID which is configured on a parent interface in the case of a routed packet destined to an SVI interface.
Use the no parameter with this command to configure the default behavior.
Note: OcNOS only supports configuration of a single bridge.
Command Syntax
bridge <1-32> encapsulation dot1q
no bridge <1-32> encapsulation dot1q
Parameter
<1-32>
Bridge group ID.
Default
By default, routed packets destined to an SVI interface adds 0x8100 as the outer TPID.
Command Mode
Configure mode
Applicability
This command was introduced in OcNOS version 4.0.
Example
#configure terminal
(config)#bridge 1 encapsulation dot1q
(config)#no bridge 1 encapsulation dot1q
bridge forward-time
Use this command to set the time (in seconds) after which (if this bridge is the root bridge) each port changes states to learning and forwarding. This value is used by all instances.
Use the no parameter with this command to restore the default value of 15 seconds.
Command Syntax
bridge <1-32> forward-time <4-30>
no bridge <1-32> forward-time
Parameters
<1-32>
Specify the bridge group ID.
<4-30>
Specify the forwarding time delay in seconds.
Note: Care should be exercised if the value is to be made below 7 seconds.
Default
By default, value is 15 seconds
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#bridge 3 forward-time 6
(config)#no bridge 3 forward-time
bridge hello-time
Use this command to set the hello-time, the time in seconds after which (if this bridge is the root bridge) all the bridges in a bridged LAN exchange Bridge Protocol Data Units (BPDUs). A very low value of this parameter leads to excessive traffic on the network, while a higher value delays the detection of topology change.This value is used by all instances.
Configure the bridge instance name before using this command. The allowable range of values is 1-10 seconds. However, make sure that the value of hello time is always greater than the value of hold time (2 seconds by default).
Use the no parameter to restore the default value of the hello time.
Note: A Bridge enforces the following relationships for Hello-time, Max-age and Forward-delay.
• 2 × (Bridge_Forward_Delay – 1.0 seconds) >= Bridge_Max_Age
• Bridge_Max_Age >= 2 × (Bridge_Hello_Time + 1.0 seconds)
Note: Hello-time is allowed only on RSTP, IEEE and Provider-RSTP types of bridges. For MSTP and Provider-MSTP hello timer is restricted.
Command Syntax
bridge <1-32> hello-time <1-10>
no bridge <1-32> hello-time
Parameters
<1-32>
Specify the bridge group ID.
<1-10>
Specify the hello BPDU interval in seconds.
Default
By default, value is 2 seconds
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#bridge 3 hello-time 3
(config)#no bridge 3 hello-time
bridge max-age
Use this command to set the maximum age for a bridge. This value is used by all instances.
Maximum age is the maximum time in seconds for which (if a bridge is the root bridge) a message is considered valid. This prevents the frames from looping indefinitely. The value of maximum age should be greater than twice the value of hello time plus 1, but less than twice the value of forward delay minus 1. The allowable range for max-age is 6-40 seconds. Configure this value sufficiently high, so that a frame generated by root can be propagated to the leaf nodes without exceeding the maximum age.
Use the no parameter with this command to restore the default value of the maximum age.
Note: A Bridge shall enforce the following relationships for Hello-time, Max-age and Forward-delay.
• 2 × (Bridge_Forward_Delay – 1.0 seconds) >= Bridge_Max_Age
• Bridge_Max_Age >= 2 × (Bridge_Hello_Time + 1.0 seconds)
Command Syntax
bridge <1-32> max-age <6-40>
no bridge <1-32> max-age
Parameters
<1-32>
Specify the bridge group ID.
<6-40>
Specify the maximum time, in seconds, to listen for the root bridge <6-40>.
Default
By default, bridge maximum age is 20 seconds
Command Mode
Configure Mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#bridge 2 max-age 12
(config)#no bridge 2 max-age
bridge max-hops
Use this command to specify the maximum allowed hops for a BPDU in an MST region. This parameter is used by all the instances of the MST. Specifying the maximum hops for a BPDU prevents the messages from looping indefinitely in the network. When a bridge receives an MST BPDU that has exceeded the allowed maximum hops, it discards the BPDU.
Use the no parameter with this command to restore the default value.
Command Syntax
bridge <1-32> max-hops <1-40>
no bridge <1-32> max-hops
Parameters
<1-32>
Specify the bridge-group ID.
<1-40>
Specify the maximum hops for which the BPDU will be valid <1-40>.
Default
By default, maximum hops in an MST region are 20
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#bridge 3 max-hops 25
#configure terminal
(config)#no bridge 3 max-hops
bridge priority
Use this command to set the bridge priority for the common instance. Using a lower priority indicates a greater likelihood of the bridge becoming root. The priority values can be set only in increments of 4096.
Use the no form of the command to reset it to the default value.
Command Syntax
bridge (<1-32> | ) priority <0-61440>
no bridge (<1-32> | )priority
Parameters
<1-32>
Specify the bridge group ID.
<0-61440>
Specify the bridge priority in the range of <0-61440>.
Default
By default, priority is 32768 (or hex 0x8000).
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#bridge 2 priority 4096
(config)#no bridge 2 priority
bridge shutdown
Use this command to disable a bridge.
Use the no parameter to reset the bridge.
Command Syntax
bridge shutdown <1-32>
bridge shutdown <1-32> ((bridge-blocked|bridge-forward)|)
no bridge shutdown <1-32>
Parameters
<1-32>
Specify the bridge group ID.
bridge-forward
Put all ports of the bridge into forwarding state
bridge-blocked
Put all ports of the bridge into blocked state
Default
No default value is specified
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#bridge shutdown 4
(config)#no bridge shutdown 4
bridge transmit-holdcount
Use this command to set the maximum number of transmissions of BPDUs by the transmit state machine.
Use the no parameter with this command to restore the default transmit hold-count value.
Command Syntax
bridge <1-32> transmit-holdcount <1-10>
no bridge <1-32> transmit-holdcount
Parameters
<1-32>
Specify the bridge group ID.
<1-10>
Transmit hold-count value.
Default
By default, transmit hold-count is 6
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#bridge 1 transmit-holdcount 5
(config)#no bridge 1 transmit-holdcount
bridge-group
Use this command to bind an interface with a bridge specified by the parameter.
Use the no parameter with this command to disable this command.
Command Syntax
bridge-group (<1-32>)
no bridge-group (<1-32>)
Parameters
<1-32>
Specify the bridge group ID.
Default
By default, bridge-group is disabled
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface eth1
(config-if)#bridge-group 2
(config)#interface eth1
(config-if)#no bridge-group 2
bridge-group path-cost
Use this command to set the cost of a path associated with a bridge group. The lower the path cost, the greater the likelihood of the bridge becoming root.
Use the no parameter with this command to restore the default priority value.
Command Syntax
bridge-group <1-32> path-cost <1-200000000>
no bridge-group <1-32> path-cost
Parameters
<1-32>
Specify the bridge group ID.
path-cost
Specify the path-cost of a port.
<1-200000000>
Specify the cost to be assigned to the group.
Default
By default, bridge-group is disabled
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth1
(config-if)#bridge-group 3 path-cost 123
(config-if)#no bridge-group 3 path-cost
bridge-group priority
Use this command to set the port priority for a bridge. A lower priority indicates a greater likelihood of the bridge becoming root.
Command Syntax
bridge-group <1-32> priority <0-240>
no bridge-group <1-32> priority
Parameters
<1-32>
Specify the bridge group ID.
<0-240>
Specify the port priority range (a lower priority indicates greater likelihood of the interface becoming a root). The priority values can only be set in increments of 16.
Default
By default, priority is 1
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth1
(config-if)#bridge-group 4 priority 96
(config)#interface eth1
(config-if)#no bridge-group 4 priority
clear allowed-ethertype
Use this command to clear statistics for each ethertype per interfaces.
clear allowed-ethertype statistics (IFNAME|)
Parameters
IFNAME
Interface name.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#clear allowed-ethertype statistics xe54/1
#show allowed-ethertype statistics xe54/1
Interface xe54/1
arp: 0 Packets, 0 Bytes
ipv4: 0 Packets, 0 Bytes
ipv6: 0 Packets, 0 Bytes
dropped: 0 Packets, 0 Bytes
clear mac address-table
Use this command to clear the filtering database for the bridge. This command can be issued to do the following:
• clear the filtering database
• clear all filtering database entries configured through CLI (static)
• clear all multicast filtering database entries
• clear all multicast filtering database entries for a given VLAN or interface
• clear all static or multicast database entries based on a mac address
Command Syntax
clear mac address-table (dynamic|multicast) bridge <1-32>
clear mac address-table (dynamic|multicast) (address MACADDR | interface IFNAME | vlan VID ) bridge <1-32>
clear mac address-table (dynamic|multicast) (address MACADDR | interface IFNAME | vlan VID ) (instance INST) bridge <1-32>
Parameters
dynamic
Clears all dynamic entries.
multicast
Clears all multicast filtering database entries.
address
Clear the specified MAC Address.
MACADDR
When filtering database, entries are cleared based on the MAC address.
bridge
Clears the bridge group ID. Value range is 1-32.
bridge
Clears the bridge group ID. Value range is 1-32.
interface
Clears all MAC address for the specified interface.
bridge
Clears the bridge group ID. Value range is 1-32.
instance
Clears MSTP instance ID. Value range is <1-63>.
vlan
Clears all MAC address for the specified VLAN. Value range is 1-4094.
bridge
Clears the bridge group ID. Value range is 1-32.
Command Mode
Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
This example shows how to clear multicast filtering database entries:
#clear mac address-table multicast bridge 1
This example shows how to clear multicast filtering database entries for a given VLAN.
#clear mac address-table multicast vlan 2 bridge 1
This example shows how to clear all filtering database entries learned through bridge operation for a given MAC address.
#clear mac address-table dynamic address 0202.0202.0202 bridge 1
show allowed-ethertype
Use this command to show allowed and denied traffic statistics.
Note: Dropped slow protocol packets provides the count of slow protocol packets among the total dropped count. Total drop count is fetched from hardware and slow protocol packet count is fetched from software. Hence there can be one or two packet difference.
Command Syntax
show allowed-ethertype statistics (IFNAME|)
Parameters
IFNAME
Interface name.
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#show allowed-ethertype statistics
Interface po1
arp : 0 Packets, 0 Bytes
ipv4 : 511016709 Packets, 184897169366 Bytes
ipv6 : 0 Packets, 0 Bytes
dropped : 220 Packets, 28160 Bytes
dropped slow protocol pkts : lacp 220, efm 0, others 0
Interface xe47
arp : 0 Packets, 0 Bytes
ipv4 : 169763534 Packets, 61427990740 Bytes
ipv6 : 0 Packets, 0 Bytes
dropped : 0 Packets, 0 Bytes
Interface xe48
arp : 0 Packets, 0 Bytes
ipv4 : 0 Packets, 0 Bytes
ipv6 : 0 Packets, 0 Bytes
dropped : 0 Packets, 0 Bytes
show bridge
Use this command to display the filtering database for the bridge. The filtering database is used by a switch to store the MAC addresses that have been learned and which ports that MAC address was learned on.
Command Syntax
show bridge (ieee|rpvst+|mstp|)
Parameters
ieee
STP bridges.
rpvst+
RPVST+ bridges.
mstp
MSTP bridges.
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show bridge
Ageout time is global and if something is configured for vxlan then it will be affected here also
Bridge CVLAN SVLAN BVLAN Port MAC Address FWD Time-out
---------+------+------+------+-----------+-----------------+-----+---------+
1 1 eth1 5254.0029.929c 1 0
1 2 eth1 5254.004c.dcc6 1 297
1 1 eth1 5254.004c.dcc6 1 291
Table 3-9 explains the show command output fields.
Table 3-9: show bridge output fields
Field | Description |
---|
Bridge | Bridge identifier. |
VLAN, SVLAN, BVLAN | CVLAN, SVLAN, and BVLAN identifiers. |
Port | Interface name. |
MAC Address | Learned MAC address. |
FWD | Whether frames for the MAC addresses are forwarded. |
Time-out | How long the learned MAC address persists. |
show interface switchport
Use this command to display the characteristics of the interface with the current VLAN.
Command Syntax
show interface switchport bridge <1-32>
Parameter
bridge
Bridge name.
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
The following is an output of this command displaying the characteristics of this interface on bridge 2.
#show interface switchport bridge 2
Interface name : eth5
Switchport mode : access
Ingress filter : disable
Acceptable frame types : all
Vid swap : disable
Default vlan : 2
Configured vlans : 2
Interface name : eth4
Switchport mode : access
Ingress filter : disable
Acceptable frame types : all
Vid swap : disable
Default vlan : 1
Configured vlans : 1
Table 3-10 explains the show command output fields.
Table 3-10: show interface switchport output fields
Field | Description |
---|
Interface name | Display the name of interface. |
Switchport mode | Port that used to connect between switches and access port. |
Ingress filter | Ingress filtering examines all inbound packets and then permits or denies entry to the network. |
Acceptable frame types | Type of acceptable frame in the interface. |
VID swap | Displays the status of the VID swap. |
Default vlan | Default value for the VLAN. |
Configured vlans | Displays the information on configured VLANs. |
show mac address-table count bridge
Use this command to display a count of MAC entries from the filtering database.
Command Syntax
show mac address-table (local|remote|) count bridge <1-32> ({(dynamic | multicast | static) | address MAC | interface IFNAME | vlan <1-4094> | svlan <1-4094>}|)
Parameter
local
Local dynamic FDB entries
remote
Remote dynamic FDB entries
<1-32>
Bridge group
dynamic
Dynamic entries
multicast
Multicast entries
static
Static entries
MAC
MAC address in HHHH.HHHH.HHHH format
IFNAME
Name of the interface
<1-4094>
VLAN identifier
<1-4094>
SVLAN identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show mac address-table count bridge 1
MAC Entries for all vlans:
Dynamic Address Count: 3
Static (User-defined) Unicast MAC Address Count: 0
Static (User-defined) Multicast MAC Address Count: 0
Total MAC Addresses in Use: 3
Table 3-11 explains the show command output fields.
Table 3-11: show mac address-table count output fields
Field | Description |
---|
Dynamic Address Count | Number of dynamic addresses. |
Unicast MAC Address Count | Number of unicast addresses. |
Multicast MAC Address Count | Number of multicast addresses. |
Total MAC Addresses | Total number of addresses. |
show mac address-table bridge
Use this command to display MAC entries from the filtering database.
Note: The hardware can learn the MAC address at line rate, but OcNOS will learn the MAC address at a much slower rate. The learning in OcNOS will also depend upon the current load in the system. Under normal conditions OcNOS can learn the mac-address at approximately 3000 MACs per sec.
Command Syntax
show mac address-table (local|remote|) bridge <1-32> ({(dynamic | multicast | static) | address MAC | interface IFNAME | vlan <1-4094> | svlan <1-4094>}|)
Parameter
local
Local dynamic FDB entries
remote
Remote dynamic FDB entries
<1-32>
Bridge group
dynamic
Dynamic entries
multicast
Multicast entries
static
Static entries
MAC
MAC address in HHHH.HHHH.HHHH format
IFNAME
Name of the interface
<1-4094>
VLAN identifier
<1-4094>
SVLAN identifier
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show mac address-table bridge 1
CVLAN SVLAN MAC Address Type Ports Port-security
------+------+---------------+---------+---------+--------------
100 200 1111.2222.1111 static xe12 Disable
102 202 1111.2222.1111 static xe12 Disable
201 1111.1111.1111 static xe14 Disable
202 1111.1111.1111 static xe14 Disable
203 1111.1111.1111 static xe14 Disable
201 0000.0700.0d00 dynamic xe14 Disable
202 0000.0700.0d00 dynamic xe14 Disable
203 0000.0700.0d00 dynamic xe14 Disable
204 0000.0700.0d00 dynamic xe14 Disable
205 0000.0700.0d00 dynamic xe14 Disable
206 0000.0700.0d00 dynamic xe14 Disable
207 0000.0700.0d00 dynamic xe14 Disable
208 0000.0700.0d00 dynamic xe14 Disable
209 0000.0700.0d00 dynamic xe14 Disable
103 203 0000.0700.0b00 dynamic xe12 Disable
101 201 0000.0700.0b00 dynamic xe12 Disable
100 200 0000.0700.0b00 dynamic xe12 Disable
102 202 0000.0700.0b00 dynamic xe12 Disable
Table 3-12 explains the show command output fields.
Table 3-12: show mac address-table output fields
Field | Description |
---|
VLAN | VLAN identifier. |
MAC Address | Media Access Control address. |
Type | Dynamic, multicast, or static. |
Ports | Interface name. |
switchport
Use this command to set the mode of an interface to switched.
All interfaces are configured routed by default. To change the behavior of an interface from switched to routed, you must explicitly give the no switchport command.
Note: When you change the mode of an interface from switched to routed and vice-versa, all configurations for that interface are erased.
Use the no form of this command to set the mode to routed.
Command Syntax
switchport
no switchport
Parameters
None
Default
All interfaces are configured routed by default. To change the behavior of an interface from switched to routed, you must explicitly give the no switchport command.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface eth0
(config-if)#switchport
(config)#interface eth0
(config-if)#no switchport
switchport allowed ethertype
Use this command to allow a set of ethertype on the access port and deny remaining traffic.
Use the no command to remove ethertype configuration.
Command Syntax
switchport allowed ethertype {arp|ipv4|ipv6|mpls|WORD|log}
no switchport allowed ethertype ({arp|ipv4|ipv6|mpls|WORD|log}|)
Parameters
arp
Ethertype 0x0806.
ipv4
Ethertype 0x0800.
ipv6
Ethertype 0x086dd.
mpls
Ethertype 0x8847.
WORD
Any Ethertype value (0x600 - 0xFFFF).
log
Log unwanted ethertype packets.
Default
No default value is specified
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface xe1
(config-if)#switchport allowed ethertype arp ipv4 ipv6 log
(config-if)#no switchport allowed ethertype ipv4