<list_str>

• If the name is a number in the range of 1-99, you can define Cisco-style wildcard filter criteria with the set wildcard <ip> command.
• If the name has at least one alphabetic character, you can set the prefix to define regular filter criteria using the set prefix {<xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx> | any} command.

comments <comment_str>

Enter a descriptive comment.

<rule_int>

The rule identifier.

action {deny | permit}

Set whether the rule allows or denies the IPv4 address.

prefix {<xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx> | any}

Set the prefix to define regular filter criteria, such as any or subnets.

NOTE: The access list name must be a digit in the range of 1-99. Strings are not supported.

wildcard <IP_address>

Define Cisco-style wildcard filter criteria.

NOTE: The access list name must contain at least one alphabetic character.

<name_of_IPv6_access_list>

Enter the name of the IPv6 access list.

comments <string>

Enter a descriptive comment.

<rule_ID>

The rule identifier.

action {deny | permit}

Set whether the rule allows or denies the IPv6 address.

prefix6 {<xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx> | any}

Set the IPv6 prefix to define regular filter criteria, such as any or X:X::X:X/M.

<AS_path_list_name>

Enter the name of the AS path list.

<rule_identifier>

Enter a rule identifier.

action {deny | permit}

Set whether to permit or deny route-based operations, based on the routeʼs AS_PATH attribute.

as <MANDATORY_router_AS_number>

Mandatory. Enter an integer to specify the local autonomous system (AS) number of the FortiSwitch unit. The range is from 1 to 4 294 967 295. A value of 0 disables BGP (disabled by default).

router-id <MANDATORY_IP_address>

Mandatory. Specify a fixed identifier for the FortiSwitch unit. A value of 0.0.0.0 is not allowed.

keepalive-timer <0-65535>

How often (in seconds) the router sends out keepalive messages to neighbor routers to maintain those sessions.

holdtime-timer <0, 3-65535>

How long (in seconds) the router will wait for a keepalive message before declaring a router offline. A shorter time will find an off-line router faster.

always-compare-med {disable | enable}

Always compare Multi-Exit Discriminator (MED).

bestpath-as-path-ignore {disable | enable}

AS_PATH is the BGP attribute that keeps track of each AS that a route advertisement has passed through; it helps prevent routing loops. Enable this option if you want BGP to not use the best AS path. Disable this option if you want BGP to use the best AS path.

bestpath-cmp-confed-aspath {disable | enable}

Enable or disable the comparison of the AS_CONFED_SEQUENCE attribute, which defines an ordered list of AS numbers representing a path from the FortiSwitch unit through autonomous systems within the local confederation.

bestpath-cmp-routerid {disable | enable}

Compare router ID for identical external BGP (EBGP) paths.

bestpath-med-confed {disable | enable}

Compare MED among confederation paths.

bestpath-med-missing-as-worst {disable | enable}

Enable or disable (by default) treating any confederation path with a missing MED metric as the least preferred path.

client-to-client-reflection {disable | enable}

Enable (by default) or disable client-to-client route reflection between internal BGP (IBGP) peers. If the clients are fully meshed, route reflection may be disabled.

dampening {disable | enable}

Enable or disable (by default) route-flap dampening on all BGP routes. A flapping route is unstable and continually transitions down and up (see RFC 2439).

dampening-reachability-half-life <1-45>

If you enable dampening, set the maximum time that a route can be suppressed (in minutes). A route can continue to accumulate penalties while it is suppressed. However, the route cannot be suppressed longer than the maximum time.

dampening-reuse <1-20000>

If you enable dampening, set a dampening reuse limit based on the number of accumulated penalties. If the penalty assigned to a flapping route decreases enough to fall below the specified limit, the route is not suppressed.

dampening-suppress <1-20000>

If you enable dampening, set a dampening-suppression limit based on the number of accumulated penalties. A route is suppressed (not advertised) when its penalty exceeds the specified limit.

dampening-max-suppress-time <1-255>

If you enable dampening, set the maximum time that a route can be suppressed. A route can continue to accumulate penalties while it is suppressed. However, the route cannot be suppressed longer than the maximum time.

deterministic-med {disable | enable}

Enforce deterministic comparison of MED.

enforce-first-as {disable | enable}

Enforce first AS for EBGP routes.

fast-external-failover {disable | enable}

Reset peer BGP session if link goes down.

log-neighbor-changes {disable | enable}

Enable or disable logging of BGP neighborʼs changes.

cluster-id <IP_address>

Route reflector cluster ID.

confederation-identifier <1-4294967295>

Confederation identifier.

default-local-preference <0-4294967295>

Default local preference.

scan-time <5-60>

Background scanner interval (seconds).

maximum-paths-ebgp <1-64>

Set the maximum number of paths for equal-cost multi-path (ECMP) routing using the External Border Gateway Protocol (EBGP).

bestpath-aspath-multipath-relax {disable | enable}

Enable or disable load sharing across routes that are the same length but have different autonomous system (AS) paths.

maximum-paths-ibgp <1-64>

Set the maximum number of paths for equal-cost multi-path (ECMP) routing using the Internal Border Gateway Protocol (IBGP).

distance-external <1-255>

Distance for routes external to the AS.

distance-internal <1-255>

Distance for routes internal to the AS.

distance-local <1-255>

Distance for routes local to the AS.

graceful-stalepath-time <1-3600>

Time to hold stale paths of restarting neighbor(sec).

<identifier>

Enter an identifier to set administrative distance modifications for BGP routes.

distance <1-255>

Set the administrative distance to apply.

neighbour-prefix <IP_address_netmask>

Neighbor address prefix. Enter the class IP address and netmask with correction.

route-list <string>

The list of routes this distance will be applied to.

<identifier>

Enter a BGP aggregate entry in the routing table.

When you aggregate routes, routing becomes less precise because path details are not readily available for routing purposes. The aggregate address represents addresses in several autonomous systems. Aggregation reduces the length of the network mask until it masks only the bits that are common to all of the addresses being summarized.

as-set {disable | enable}

Enable or disable the generation of an unordered list of AS numbers to include in the path information.

prefix <IP_address_netmask>

Aggregate prefix. The prefix 0.0.0.0 0.0.0.0 is not allowed.

summary-only {disable | enable}

Filter more specific routes from updates.

<IPv4_address>

Enter the IPv4 address of the BGP neighbor.

advertisement-interval <0-600>

Set the minimum amount of time (in seconds) that the FortiSwitch unit waits before sending a BGP routing update to the BGP neighbor.

allowas-in-enable {disable | enable}

Enable to allow my AS in AS path (IPv4).

allowas-in <1-10>

If you enable allowas-in-enable, set the maximum number of occurrences of my AS numbers allowed (IPv4).

attribute-unchanged {as-path | MED | next-hop}

• To advertise unchanged next-hop attributes, select as-path.
• To advertise unchanged MULTI_EXIT_DISC attributes, select med.
• To keep the next-hop attribute as is, select next-hop.
• An empty set (default) is a supported value.

activate {disable | enable}

Enable address family IPv4 for this neighbor.

bfd {disable | enable}

Enable BFD for this neighbor.

capability-dynamic {disable | enable}

Advertise dynamic capability to this neighbor.

capability-orf {both | none | receive | send}

• none: disable the advertising of ORF prefix-list capability.
• receive: enable receive capability.
• send: enable send capability.
• both: enable send and receive capability.

capability-default-originate {disable | enable}

Advertise default IPv4 route to this neighbor.

dont-capability-negotiate {disable | enable}

Do not negotiate capabilities with this neighbor.

ebgp-enforce-multihop {disable | enable}

Allow multi-hop EBGP neighbors.

ebgp-multihop-ttl <1-255>

If you enable ebgp-enforce-multihop, define a TTL value for BGP packets sent to the BGP neighbor.

ebgp-ttl-security-hops <1-254>

If you enable ebgp-enforce-multihop, specify the maximum number of hops to the EBGP peer.

next-hop-self {disable | enable}

Disable IPv4 next-hop calculation for this neighbor.

override-capability {disable | enable}

Override result of capability negotiation.

passive {disable | enable}

Disable sending of open messages to this neighbor.

remove-private-as {disable | enable}

Remove private AS number from IPv4 outbound updates.

route-server-client {disable | enable}

Configure IPv4 AS route server client.

shutdown {disable | enable}

Shutdown this neighbor.

soft-reconfiguration {disable | enable}

Allow IPv4 inbound soft reconfiguration.

strict-capability-match {disable | enable}

Enable strict capability matching.

description <string>

Description of this neighbor.

distribute-list-in <string>

Limit route updates from the BGP neighbor based on the Network Layer Reachability Information (NLRI) IP prefixes defined in the specified access list (IPv4). You must create the access list before it can be selected here. See config router access-list.

distribute-list-out <string>

Limit route updates to the BGP neighbor based on the NLRI defined in the specified access list (IPv4). You must create the access list before it can be selected here. See config router access-list.

aspath-filter-list-in <string>

BGP AS path filter for IPv4 inbound routes. You must create the AS path list before it can be selected here. See config router aspath-list.

aspath-filter-list-out <string>

BGP AS path filter for IPv4 outbound routes. You must create the AS path list before it can be selected here. See config router aspath-list.

maximum-prefix <1-4294967295>

Maximum number of IPv4 prefixes to accept from this peer.

prefix-list-in <string>

Limit route updates from a BGP neighbor based on the Network Layer Reachability Information (NLRI) in the specified prefix list (IPv4). The prefix list defines the NLRI prefix and length advertised in a route. You must create the prefix list before it can be selected here. See config router prefix-list.

prefix-list-out <string>

Limit route updates to a BGP neighbor based on the NLRI in the specified prefix list (IPv4). The prefix list defines the NLRI prefix and length advertised in a route. You must create the prefix list before it can be selected here. See config router prefix-list.

remote-as <MANDATORY_1-4294967295>

Mandatory. Adds a BGP neighbor to the FortiSwitch configuration and sets the AS number of the neighbor. If the number is identical to the AS number of the FortiSwitch unit, the FortiSwitch unit communicates with the neighbor using internal BGP (IBGP). Otherwise, the neighbor is an external peer, and the FortiSwitch unit uses EBGP to communicate with the neighbor.

route-map-in <string>

Limit route updates or change the attributes of route updates from the BGP neighbor according to the specified route map (IPv4). You must create the route map before it can be selected here. See config router route-map.

route-map-out <string>

Limit route updates or change the attributes of route updates to the BGP neighbor according to the specified route map (IPv4). You must create the route map before it can be selected here. See config router route-map.

send-community {both | disable | extended | standard}

• standard: advertise standard capabilities
• extended: advertise extended capabilities
• both: advertise extended and standard capabilities (default)
• disable: disable the advertising of the COMMUNITY attribute

keep-alive-timer <0-65535>

How often (in seconds) the router sends out keepalive messages to neighbor routers to maintain those sessions.

holdtime-timer <0, 3-65535>

How long (in seconds) the router will wait for a keepalive message before declaring a router offline. A shorter time will find an off-line router faster.

connect-timer <0-65535>

Interval (in seconds) for connect timer.

unsuppress-map <string>

Specify the name of the route map to selectively unsuppress suppressed routes (IPv4). You must create the route map before it can be selected here. See config router route-map.

update-source {interface_name}

Interface to use as source IP/IPv6 address of TCP connections.

weight <0-65535>

Neighbor weight.

password <string>

Password used in MD5 authentication.

<identifier>

Enter an identifier.

backdoor {disable | enable}

Enable route as backdoor.

prefix <IP_address_netmask>

Set the network prefix. Use the class IP address and netmask with correction.

route-map <string>

Specify the name of the route map that will be used to modify the attributes of the route before it is advertised. You must create the route map before it can be selected here. See config router route-map.

status {disable | enable}

You can enable BGP to provide connectivity between connected, static, RIP, and/or OSPF routes. BGP redistributes the routes from one protocol to another. When a large internetwork is divided into multiple routing domains, use the subcommand to redistribute routes to the various domains.

<community_list_name>

Enter a name for the community list.

type {expanded | standard}

Specify the type of community to match.

<rule_identifier>

Enter a rule identifier.

action {deny | permit}

Permit or deny route-based operations, based on the routeʼs COMMUNITY attribute.

regexp <regular_expression>

If you select an expanded community, specify an ordered list of COMMUNITY attributes as a regular expression. The value or values are used to match a community. Delimit a complex regular expression value using double-quotation marks.

auth-keychain-area <string>

IS-IS area authentication keychain. This command is applicable when the areaʼs authentication mode is md5.

auth-keychain-domain <string>

IS-IS domain authentication key-chain. This command is applicable when domainʼs auth mode is md5.

auth-mode-area {md5 | password}

IS-IS area (level-1) authentication mode.

auth-mode-domain {md5 | password}

IS-IS domain (level-2) authentication mode.

auth-password-area <password>

IS-IS area (level-1) authentication password. This command is applicable when areaʼs authentication mode is password.

auth-password-domain <password>

IS-IS domain (level-2) authentication password. This command is applicable when domainʼs authentication mode is password.

auth-sendonly-area {enable | disable}

IS-IS area (level-1) authentication send-only.

auth-sendonly-domain {enable | disable}

IS-IS domain (level-2) authentication send-only.

default-information-level {level-1 | level-1-2 | level-2}

Distribute default route into levelʼs link-state packet (LSP).

default-information-metric <0-4261412864>

Default information metric.

default-information-originate {always | disable | enable}

Enable or disable the generation of a default route.

default-information-route-map <string>

The default information route map.

ignore-attached-bit {disable | enable}

Ignore attached bit on incoming level-1 LSP.

is-type {level-1 | level-1-2 | level-2-only}

• level-1: intra-area
• level-1-2: both intra-area and inter-area
• level-2-only: inter-area

log-neighbour-changes {disable | enable}

Enable logging of IS-IS neighborʼs changes

lsp-gen-interval-l1 <1-120>

Minimum interval for level-1 LSP regenerating.

lsp-gen-interval-l2 <1-120>

Minimum interval for level-2 LSP regenerating.

lsp-refresh-interval <1-65535>

LSP refresh time in seconds.

max-lsp-lifetime <350-65535>

Maximum LSP lifetime in seconds.

metric-style {narrow | transition | wide}

• narrow: Use the old style of TLVs with narrow metric (default)
• transition: Send and accept both styles of TLVs during the transition.
• wide: Use the new style of TLVs to carry a wider metric.

overload-bit {disable | enable}

Signal other routers not to use this bit in shortest-path-first (SPF).

redistribute-l1 {disable | enable}

Redistribute level-1 routes into level 2.

redistribute-l1-list <string>

Access-list for redistributing level-1 routes to level 2.

router-id <IP_address>

Router identifier.

spf-interval-exp-l1 <1-120>

Level-1 SPF minimum calculation delay in seconds.

spf-interval-exp-l2 <1-120>

Level-2 SPF minimum calculation delay in seconds.

{IS-IS interface name}

Select the IS-IS interface name to configure.

auth-keychain-hello <string>

Hello protocol data unit (PDU) authentication keychain. This command is applicable when the hello packetʼs authentication mode is md5.

auth-mode-hello {md5 | password}

Hello PDU authentication mode.

auth-password-hello <password>

Hello PDU authentication password. This command is applicable when hello's authentication mode is password.

bfd {enable | disable}

Enable or disable bidirectional forwarding detection (BFD).

circuit-type {level-1 | level-1-2 | level-2}

• level-1: intra-area
• level-1-2: both intra-area and inter-area
• level-2-only: inter-area

csnp-interval-l1 <1-65535>

Level-1 complete sequence number PDU (CSNP) interval, in number of seconds.

csnp-interval-l2 <1-6553>

Level-2 CSNP interval, in number of seconds.

hello-interval-l1 <1-65535>

Level-1 hello packet interval, in number of seconds. Use 0 for a 1-second hold time.

hello-interval-l2 <1-65535>

Level-2 hello packet interval, in number of seconds. Use 0 for a 1-second hold time.

hello-multiplier-l1 <2-100>

Level-1 multiplier for hello packet holding time.

hello-multiplier-l2 <2-100>

Level-2 multiplier for hello packet holding time.

hello-padding {disable | enable}

Enable padding to IS-IS hello packets.

metric-l1 <1-63>

Level-1 metric for interface.

metric-l2 <1-63>

Level-2 metric for interface.

passive {disable | enable}

Set this interface as passive.

priority-l1 <0-127>

Level-1 priority.

priority-l2 <0-127>

Level-2 priority.

status {disable | enable}

Enable or disable the interface for IS-IS.

wide-metric-l1 <1-16777214>

Level-1 wide metric for interface.

wide-metric-l2 <1-16777214>

Level-2 wide metric for interface.

<identifier>

An integer identifier; 0 is the lowest available identifier.

<IS-IS net xx.xxxx. ... .xxxx.xx>

Set the IS-IS network.

status {disable | enable}

Enable or disable the redistribution of routes from other routing protocols using IS-IS.

metric <0-4261412864>

Redistribution metric.

metric-type {external | internal}

Select external or internal for the metric type.

level {level-1 | level-1-2 | level-2}

• level-1: intra-area
• level-1-2: both intra-area and inter-area
• level-2-only: inter-area

routemap <string>

Enter the route map name. You must create the route map before selecting it. See config router route-map.

<summary address entry identifier>

Enter the summary address entry ID. The value range is 0-4294967295.

level {level-1 | level-1-2 | level-2}

• level-1: intra-area
• level-1-2: both intra-area and inter-area
• level-2-only: inter-area

<keychain_name>

Enter a name for your keychain.

<keychain_int>

Enter the keychain identifier.

key-string <key_str>

Enter a password string for the key.

accept-lifetime <START> <END>

• HH:MM:SS is the time of day then the lifetime starts in hours, minutes, and seconds.
• DAY is the day of the month to start. The range is 1-31.
• MONTH is the month of the year to start. The range is 1-12.
• YEAR is the year to start. The range is 1993-2035.

multicast-routing {disable | enable}

Enable or disable multicast routing.

{interface_name | internal | mgmt}

Set which interface to configure for multicast routing.

pim-mode ssm-mode

Set the PIM operation mode to SSM mode.

hello-interval <1-180>

Specify the amount of time that the FortiSwitch unit waits between sending hello messages to neighboring PIM routers.

dr-priority <1-4294967295>

Assign a priority to the FortiSwitch unit Designated Router (DR) candidacy. The value is compared to that of other DR interfaces connected to the same network segment, and the router having the highest DR priority is selected to be the DR. If two DR priority values are the same, the interface having the highest IP address is selected.

multicast-flow <string>

Connect the named multicast flow to this interface. You must create the multicast flow before it can be selected here. See config router multicast-flow.

query-interval <1-65535>

Set the interval between queries to IGMP hosts (in seconds).

<name>

Name of the multicast flow.

<string>

Enter an optional description of the multicast flow.

<muliticast-flow_entry_identifier>

Enter the multicast-flow entry identifier.

group-addr <224-239.xxx.xxx.xxx>

Enter the multicast group address (IPv4).

router-id <router_ipv4>

Required. Enter the IPv4 address of the OSPF router.

abr-type {cisco | ibm | shortcut | standard}

Enter the area border router (ABR) type. Set abr-type to cisco or ibm to allow routes through nonbackbone area when links to the backbone are down. For more information about this option, see RFC 3509, Alternative Implementations of OSPF Area Border Routers.

distance-external <external_int>

Set the OSPF route administrative external distance. The value range is from 0 to 255.

distance-inter-area <inter_int>

Set the OSPF route administrative inter-area distance. The value range is from 0 to 255.

distance-intra-area <intra_int>

Set the OSPF route administrative intra-area distance. The value range is from 0 to 255.

default-information-originate {always | disable | enable}

Enable or disable the generation of the default route into all external routing capable areas using the metric specified by the default-information-metric value and the metric type specified by the default-information-metric-type value. Set the value to always for the default to always be advertised, even when the routing table contains no default.

default-information-metric <metric_int>

Set the metric value for the default route. The value range is from 1 to 16777214.

default-information-metric-type {1 | 2}

Set the metric type for the default route.

default-information-route-map <map_str>

Enter the name of the route map.

distance <distance_int>

Enter the distance of the route. The value range is from 1 to 255.

rfc1583-compatible {disable | enable}

Enable or disable RFC1583 compatibility.

spf-timers <delay_int> <hold_int>

Set the number of seconds before the shortest path first (SPF) is calculated and the number of seconds between consecutive SPF calculations. The range for each value is from 0 to 600.

log-neighbour-changes {disable | enable}

Enable or disable the logging of changes to the OSPF neighbor

passive-interface <name_str>

Select which interface to set to passive mode.

<area_ipv4>

Enter the IP address for the area.

shortcut {default | disable | enable}

Enable or disable whether shortcuts are allowed in the area.

type {nssa | regular | stub}

Set the area type.

default-cost <cost_int>

If the area type is stub or not-so-stubby area (NSSA), set the cost of default-summary link state advertisements (LSAs) announced to stubby areas. The value range is 0-2147483647.

stub-type {no-summary | summary}

If the area type is stub or NSSA, set whether inter-area summaries can be used.

nssa-translator-role {always | candidate | never}

If the area type is NSSA, set the type of NSSA translator role.

<filter_int>

Enter the filter list identifier.

direction {in | out}

Set the direction to or from the area for the prefix list and access list.

list <list_str>

Enter the access-list name or prefix-list name for the area.

<range_int>

Enter the range list identifier.

advertise {enable | disable}

Enable or disable the advertise status. If this option is set to disable, the intra area paths from this range are not advertised in other areas.

prefix <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the summary prefix.

substitute <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the substitute prefix.

substitute-status {enable | disable}

Enable or disable whether the substitute prefix is used instead of the prefix.

<virtual_int>

Enter the virtual-link identifier.

authentication {md5 | none | text}

Set the authentication type.

dead-interval <dead_int>

Enter the dead interval.

hello-interval <hello_int>

Enter the hello interval.

peer <peer_ipv4>

Enter the IP address of the virtual link neighbor.

retransmit-interval <retransmit_int>

Enter the retransmit interval.

transmit-delay <transmit_int>

Enter the transmit delay.

<key_ID>

Enter the MD5 key identifier.

<MD5_key>

Enter a string up to 16 characters.

<interface_str>

Enter the OSPF interface name.

authentication {md5 | none | text}

Set the authentication type for OSPF packets.

bfd {disable | enable | global}

Enable or disable BFD on this interface. Set this option to global to use the global configuration.

cost <cost_int>

Enter the link cost on this interface. The value range is 0-65535. Set this option to 0 for auto-cost.

dead-interval <dead_int>

Enter the dead interval.

hello-interval <hello_int>

Enter the hello interval.

interface <string>

Set the interface.

mtu <mtu_int>

Enter the maximum transmission unit (MTU) size in bytes for the database description packets. The value range is 576-65535.

mtu-ignore {disable | enable}

Set whether to use the MTU size.

priority <priority_int>

Set the router priority for this interface. the router with the highest priority is more eligible to become the designated router. Setting the option to 0 makes the router ineligible to become the designated router. The value range is 0-255.

retransmit-interval <retransmit_int>

Enter the retransmit interval.

transmit-delay <transmit_int>

Enter the transmit delay.

<key_ID>

Enter the MD5 key identifier.

<MD5_key>

Enter a string up to 16 characters.

<network_int>

Enter the network identifier.

<area_ipv4>

Enter the IPv4 address for the area.

prefix <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the IPv4 address and netmask.

<summary_int>

Enter the identifier for the summary address.

prefix <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the IPv4 address and netmask.

set tag <tag_int>

Enter the tag value. The range is 0-2147483647.

<distribute_int>

Enter the distribute list identifier.

access-list <access_str>

Enter the access list name.

protocol {bgp | connected | isis | rip | static}

Set the protocol type.

redistribute {bgp | connected | isis | rip | static}

Set the type of network to redistribute.

status {disable | enable}

Enable or disable the redistribution.

metric <metric_int>

Enter the metric for redistributed routes.

routemap <routemap_str>

Enter the route map name to filter the redistributed routes.

metric-type {1 | 2}

Set the metric type of redistributed routes.

router-id <router_ipv4>

Required. Enter the IPv4 address of the OSPF router.

spf-timers <delay_int> <hold_int> <max_int>

Set the number of milliseconds to delay before the shortest path first (SPF) is calculated, the initial number of milliseconds between consecutive SPF calculations, and the maximum number of milliseconds between consecutive SPF calculations. The range for each value is from 0 to 600.

log-neighbor-changes {disable | enable}

Enable or disable the logging of changes to the OSPF neighbor

<area_ipv4>

Enter the IPv4 address for the area.

type {regular | stub}

Set the area type to regular or stub.

stub-type {summary | no-summary}

If the type is set to stub, set the stub type to summary or no summary.

<filter_int>

Enter the filter list identifier.

direction {in | out}

Set the direction to or from the area for the prefix list and access list.

list <list_str>

Enter the IPv6 access-list name or IPv6 prefix-list name for the area.

<range_int>

Enter the range list identifier.

advertise {enable | disable}

Enable or disable the advertise status. If this option is set to disable, the intra-area paths from this range are not advertised in other areas.

prefix <xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx>

Required. Enter the IPv6 prefix.

<interface_str>

Enter the OSPF interface name.

area-id <IPv4_address>

Required. Enter the IPv4 address of the area.

bfd {disable | enable}

Enable or disable bidirectional forwarding detection (BFD).

cost <cost_int>

Enter the link cost on this interface. The value range is 0-65535.

dead-interval <dead_int>

Enter the dead interval.

hello-interval <hello_int>

Enter the hello interval.

passive {disable | enable}

Enable or disable the passive interface.

priority <priority_int>

Set the router priority for this interface. the router with the highest priority is more eligible to become the designated router. Setting the option to 0 makes the router ineligible to become the designated router. The value range is 0-255.

retransmit-interval <retransmit_int>

Enter the retransmit interval.

status {enable | disable}

Enable or disable the IPv6 OSPF routing on this interface.

transmit-delay <transmit_int>

Enter the transmit delay.

status {disable | enable}

Enable or disable the redistribution.

<list_int>

Enter the prefix list identifier.

comments <comment_str>

Enter a descriptive comment.

rule_int

Enter the rule identifier.

action {deny | permit}

Set the action to deny or permit.

prefix {<xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx> | any}

Set the prefix to define regular filter criteria, such as any or subnets.

ge <ge_int>

Enter the minimum IPv4 prefix length to be matched. The value range is between 0 and 32. The prefix list is used if the prefix length is greater than or equal to this value.

<name_of_IPv6_prefix_list>

Enter the name of the IPv6 prefix list.

comments <string>

Enter a descriptive comment.

<rule_ID>

Enter the rule identifier.

action {deny | permit}

Set the action to deny or permit.

prefix6 {<IPv6_prefix> | any}

Enter the IPV6 prefix to match or any.

ge <0-128>

Enter the minimum IPv6 prefix length to be matched. The IPv6 prefix list is used if the prefix length is greater than or equal to this value.

bfd {disable | enable}

Enable or disable BFD.

default-information-originate {disable | enable}

Enable or disable whether a default route is advertised.

default-metric <defaultmetric_int>

Enter the default metric for redistributed routes. This setting does not affect connected routes. Use the config redistribute connected or config offset-list command to set the metric value for connected routes.

garbage-timer <garbage_int>

Enter the number of seconds before a route is removed from the routing table.

passive-interface <name_str>

Specify which interface to set to passive mode. In passive mode, multicast and unicast RIP packets are sent only to RIP neighbors.

timeout-timer <timeout_int>

Enter the number of seconds before a route is no longer valid. The route is not removed from the routing table until the neighboring RIP routers are notified that the route has been dropped.

update-timer <update_int>

Enter the number of seconds between when the complete routing table is sent to neighboring RIP routers.

version {1 | 2}

Set the RIP version for receiving and sending RIP packets.

<distanceid_int>

Enter the distance identifier.

access-list <access_string>

Enter the access list for the route destination. The default RIP distance is used only when the routeʼs source IP address matches the specified prefix and the specified access list.

distance <distance_int>

Enter the default RIP distance. The value range is from 1 to 255. The default RIP distance is used only when the routeʼs source IP address matches the specified prefix and the specified access list.

prefix <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the prefix.

<distribute_int>

Enter the distribute list identifier.

direction {in | out}

Set the list direction.

interface <interface_str>

Enter the RIP interface name for the distribute list.

listname <listname_str>

Enter the access or prefix list name.

status {disable | enable}

Enable or disable whether the distribute list is used.

<interface_str>

Enter the interface name.

auth-keychain <keychain_str>

Enter the name of the keychain to use for this interface.

auth-mode {md5 | none | text}

Set the authentication mode used for packets.

RIP version 1 does not use authentication. If auth-mode is set to md5 or text for RIP version 1, routing updates are ignored.

NOTE: You must create a keychain first before you can use the MD5 authentication mode with RIP version 2.

auth-string <password_str>

If the auth-mode is set to text, enter a password that is less than 16 characters long.

receive-version {1 | 2 | both | global}

Set which version of RIP packets are accepted on this interface. Setting this option to both accepts RIP version 1 and 2. Setting this option to global uses the global RIP version. This setting overrides the global RIP version setting.

send-version {1 | 2 | both | global}

Set which version of RIP packets are sent for this interface. Setting this option to both sends RIP version 1 and 2. Setting this option to global uses the global RIP version. This setting overrides the global RIP version setting.

split-horizon-status {disable | enable}

Enable or disable split horizon.

split-horizon {poisoned | regular}

Set the split-horizon type.

<neighbor_int>

Enter a RIP neighbor identifier.

<neighbor_ipv4>

Enter an IP address for a RIP neighbor. Use this command if a RIP neighbor does not accept multicast packets.

<network_int>

Enter a network identifier.

prefix <xxx.xxx.xxx.xxx> <xxx.xxx.xxx.xxx>

Enter the prefix.

<offsetlist_int>

Enter the offset list identifier.

<accesslist_str>

Enter the name of the access list.

direction {in | out}

Set the list direction.

interface {in | out}

Set whether to filter incoming or outgoing packets.

offset <offset_int>

Enter the offset for incoming and outgoing metrics to routes learned using RIP. The value range is between 1 and 16.

status {disable | enable}

Enable or disable whether the offset list is used.

redistribute {bgp | connected | isis | ospf | staticc}

Redistribute routes so that they are included in RIP routing.

status {disable | enable}

Enable or disable whether the routes are redistributed.

metric <metric_int>

Enter the metric of the redistributed routes. The value range is between 0 and 16.

<routemap_str>

Enter the name for the individual route map.

comments <comments_str>

Enter a descriptive comment.

protocol {bgp | isis | ospf | ospf6 | rip | zebra}

Set the protocol to BGP, IS-IS, OSPF (IPv4 or IPv6), RIP, or the core router daemon.

<rule_int>

Enter the rule identifier.

action {deny | permit}

Set whether the rule permits or denies routes that match this rule.

match-as-path <string>

BGP only. Match the BGP Autonomous System (AS) path list.

match-community <string>

BGP only. Match the BGP community list.

match-interface {<interface_str> | internal | mgmt}

Set which interface will be matched.

match-ip-address <address_str>

Match the IPv4 address permitted by the IPv4 access list or IPv4 prefix list.

match-ip6-address <access-list6 or prefix-list6>

OSPF (IPv6) only. Match the IPv6 address permitted by the IPv6 access list or IPv6 prefix list.

match-ip-nexthop <nexthop_str>

Match the next-hop IP address passed by the access list or prefix list.

match-metric <metric_int>

BGP and RIP only. Enter the metric to be matched for redistributed routes. The value range is 0-2147483647.

match-origin {egp | igp | incomplete | none}

• egp—Set the value to the NLRI learned from the Exterior Gateway Protocol (EGP).
• igp—Set the value to the NLRI learned from a protocol internal to the originating AS.
• incomplete—Match routes that were learned some other way (for example, through redistribution).
• none—Disable the matching of BGP routes based on the origin of the route.

match-tag <tag_int>

Enter the tag to be matched. The value range is 0-2147483647.

set-aggregator-as <1-4294967295>

BGP only. Set the BGP aggregator AS.

set-aspath <1-4294967295>

BGP only. Prepend the BGP AS path attribute. Use quotation marks for repeating numbers, for example: "1 1 2"

set-atomic-aggregate {enable | disable}

BGP only. Enable or disable the BGP atomic aggregate attribute.

set-community-delete <string>

BGP only. Delete communities matching the community list.

set-community <community>

• Use decimal notation to set a specific COMMUNITY attribute for the route. The value has the syntax AA:NN, where AA represents an AS, and NN is the community identifier. Delimit complex expressions with double-quotation marks (for example, "123:234 345:456").
• To make the route part of the Internet community, select internet.
• To make the route part of the LOCAL_AS community, select local-AS.
• To make the route part of the NO_ADVERTISE community, select no-advertise.
• To make the route part of the NO_EXPORT community, select no-export.

set-extcommunity-rt <community>

BGP only. Set the Route-Target extended community: AA:NN

set-extcommunity-soo <community>

BGP only. Set the Site-of-Origin extended community: AA:NN

set-ip-nexthop <class_ipv4>

BGP and RIP only. Enter the IPv4 address of the next hop.

set-ip6-nexthop <IPv6_address>

OSPF (IPv6) only. Enter the IPv6 address of the next hop.

set-local-preference <1-4294967295>

BGP only. Set the BGP local-preference path attribute.

set-metric <setmetric_int>

Enter the route metric value. The value range is 0-2147483647.

set-metric-type {1 | 2}

BGP and OSPF only. Set the metric type to external-type1 or external-type2.

set-origin {egp | igp | incomplete | none}

• egp—Set the value to the NLRI learned from the Exterior Gateway Protocol (EGP).
• igp—Set the value to the NLRI learned from a protocol internal to the originating AS.
• incomplete—If not egp or igp.
• none—Disable the ORIGIN attribute.

set-originator-id <IP_address>

BGP only. Set the BGP originator ID attribute.

set-tag <settag_int>

Enter the route tag value. The value range is 0-2147483647.

<routemap_int>

Enter a route map identifier.

protocol {any | bgp | connected | isis | ospf | rip | static}

Set which protocol this route map applies to.

<sequence_number>

Enter a sequence number for the static route. The sequence number may influence routing priority in the forwarding table.

bfd {enable | disable | global}

Enable or disable Bidirectional Forwarding on this interface. If you set the value to global, the BFD value for this interface is the same as the global BFD value.

blackhole {enable | disable}

Enable or disable dropping all packets that match this route. This route is advertised to neighbors through dynamic routing protocols as any other static route.

comment <comment_str>

Optionally enter a descriptive comment.

device <interface_name>

This field is available when blackhole is set to disable. Enter the name of the interface through which to route traffic. Enter ‘?’ to see a list of interfaces.

distance <1-255>

Enter the administrative distance for the route. The distance value may influence route preference in the routing table. The range is an integer from 1-255.

dst <destination-address_IPv4mask>

Enter the destination IPv4 address and network mask for this route. You can enter 0.0.0.0/0 to create a new static default route.

dynamic-gateway {enable | disable}

When enabled, dynamic-gateway hides the gateway variable for a dynamic interface, such as a DHCP or PPPoE interface. When the interface connects or disconnects, the corresponding routing entries are updated to reflect the change.

gateway <gateway-address_IPv4>

This field is available when blackhole is set to disable. Enter the IPv4 address of the next-hop router to which traffic is forwarded.

<sequence_number>

Enter a sequence number for the static route.

bfd {enable | disable}

Enable or disable bidirectional forwarding detection (BFD).

blackhole {enable | disable}

Enable or disable dropping all packets that match this route.

comment <comment_str>

Optionally enter a descriptive comment.

device <interface_name>

Enter the name of the interface through which to route traffic. Enter ‘?’ to see a list of interfaces.

distance <1-255>

Enter the administrative distance for the route. The distance value may influence route preference in the routing table. The range is an integer from 1-255.

dst <destination-address_IPv6mask>

Enter the destination IPv6 address and network mask for this route.

gateway <gateway-address_IPv6>

Enter the IPv6 address of the next-hop router to which traffic is forwarded.