system port-hop, vpn 0 interface tunnel-interface—For a Viptela device that is behind a NAT device or for an individual tunnel interface (TLOC) on that Viptela device, rotate through a pool of preselected OMP port numbers, known as base ports, to establish DTLS connections with other Viptela devices when a connection attempt is unsuccessful (on vEdge routers, vManage NMSs, and vSmart controllers only). By default, port hopping is enabled on vEdge routers and on all tunnel interfaces on vEdge routers, and it is disabled on vManage NMSs and vSmart controllers.
There are five base ports: 12346, 12366, 12386, 12406, and 12426. These port numbers determine the ports used for connection attempts. The first connection attempt is made on port 12346. If the first connection does not succeed after about 1 minute, port 12366 is tried. After about 2 minutes, port 12386 is tried; after about 5 minutes, port 12406; after about 6 minutes, port 12426 is tried. Then the cycle returns to port 12346.
If you have configured a port offset with the port-offset command, the five base ports are a function of the configured offset. For example, with a port offset of 2, the five base ports are 12348, 12368, 12388, 12408, and 12428. Cycling through these base ports happens in the same way as if you had not configured an offset.
vManage Feature Template
For vEdge routers, vManage NMSs, and vSmart controllers only:
Configuration ► Templates ► System
Configuration ► Templates ► VPN Interface Cellular (for vEdge cellular wireless routers only)
Configuration ► Templates ► VPN Interface Ethernet
Configuration ► Templates ► VPN Interface PPP
- Disable Port Hopping
- no port-hop
Disable port hopping on the device, or if global port hopping is enabled, disable port hopping on an individual TLOC. If you disable port hopping on the device, by configuring no port-hop at the system level, port hopping on all tunnel interfaces is disable, and you cannot enable it on an individual tunnel interface.
By default, port hopping is enabled on vEdge routers and on all tunnel interfaces on vEdge routers, and it is and disabled on vManage NMSs and vSmart controllers.
Enable port hopping:
Command introduced in Viptela Software Release 14.3.
Starting in Release 15.1, port hopping is enabled by default.
Support for BFD port hopping added in Release 15.3.8.
In Release 16.2, port hopping is disabled by default on vManage NMSs and vSmart controllers.