VPRN Service Configuration Commands
Page 1424 7750 SR OS Services Guide
tunnel
Syntax tunnel ipsec-tunnel-name [create]
no tunnel ipsec-tunnel-name
Context config>service>vprn>ipsec-interface>sap
Description This command specifies an IPSec tunnel name. An IPSec client sets up the encrypted tunnel across
public network. The 7750-SR IPSec MDA acts as a concentrator gathering, and terminating these
IPSec tunnels into an IES or VPRN service. This mechanism allows as service provider to offer a
global VPRN service even if node of the VPRN are on an uncontrolled or insecure portion of the
network.
Default none
Parameters ipsec-tunnel-name — Specifies an IPSec tunnel name up to 32 characters in length.
create — Keyword used to create the IPSec tunnel instance. The create keyword requirement can be
enabled/disabled in the environment>create context.
bfd-designate
Syntax [no] bfd-designate
Context config>service>vprn>ipsec-interface>sap>tunnel
Description This command specifies whether this IPSec tunnel is the BFD designated tunnel.
Default none
bfd-enable
Syntax [no] bfd-enable service service-id interface interface-name dst-ip ip-address
Context config>service>vprn>ipsec-interface>sap>tunnel
Description This command assign a BFD session provide heart-beat mechanism for given IPsec tunnel. There can
be only one BFD session assigned to any given IPsec tunnel, but there can be multiple IPsec tunnels
using same BFD session. BFD control the state of the associated tunnel, if BFD session goes down,
system will also bring down the associated non-designated IPsec tunnel.
Default none
Parameters service service-id — Specifies where the service-id that the BFD session resides.
interface interface-name — Specifies the name of the interface used by the BFD session.
dst-ip ip-address — Specifies the destination address to be used for the BFD session.
To Next Page
Loading...
