Segmentation CLI Reference

Segmentation Configuration Commands

Use the following commands to configure segmentation on a vEdge router.

vpn vpn-id
  bandwidth-downstream kbps (on vEdge routers and vManage NMSs only)
  bandwidth-upstream kbps (on vEdge routers and vManage NMSs only)
  dns ip-address [primary | secondary]
  ecmp-hash-key level4 (on vEdge routers only)
  ​host hostname ip ip-address  
  interface interface-name    
    access-list acl-list (in | out) on vEdge routers only)
    arp 
      ip ip-address mac mac-address    
    arp-timeout seconds (on vEdge routers only)
    autonegotiate (on vEdge routers only)
    clear-dont-fragment  
    description text    
    dhcp-helper ip-address (on vEdge routers only)
    dhcp-server (on vEdge routers only)
      address-pool prefix/length
      admin-state (down | up)
      exclude ip-address
      lease-time seconds
      max-leases number
      offer-time seconds
      options
        default-gateway ip-address
        dns-servers ip-address
        domain-name domain-name
        interface-mtu mtu
        tftp-servers ip-address
      static-lease mac-address ip ip-address host-name hostname
    ​duplex (full | half)
    flow-control (bidirectional | egress | ingress)
    (ip address address/subnet | ip dhcp-client [dhcp-distance number])   
    keepalive seconds retries (on vEdge routers only)
    mac-address mac-address    
    mtu bytes
    nat (on vEdge routers only)
      block-icmp-error
      port-forward port-start port-number1 port-end port-number2
        proto (tcp | udp) private-ip-address ip-address private-vpn vpn-id
      refresh (bi-directional | outbound)
      respond-to-ping
      tcp-timeout minutes
      udp-timeout minutes
    pmtu
    policer policer-name (on vEdge routers only)
    ppp (on vEdge routers only)
      ac-name name
      authentication (chap | pap) hostname hostname password password
    pppoe-client (on vEdge routers only)
      ppp-interface interface-name
    profile profile-id (on vEdge routers only)
    qos-map name (on vEdge routers only)
    rewrite-rule name (on vEdge routers only)
    shaping-rate name (on vEdge routers only)
    shutdown
    speed speed
    static-ingress-qos number (on vEdge routers only)
    tcp-mss-adjust bytes    
    tunnel-interface
      allow-service service-name
      bind interface-name (on vEdge routers only)
      carrier carrier-name
   ​   color color [restrict]
      connections-limit number
      encapsulation (gre | ipsec) (on vEdge routers only)
        preference number
        weight number
      hello-interval milliseconds
      hello-tolerance seconds
      hold-time milliseconds (on vEdge routers only)
      last-resort-circuit (on vEdge routers only)
      max-control-connections number
      nat-refresh-interval seconds
    tunnel-destination ip-address (on vEdge routers only)
    tunnel-source ip-address (on vEdge routers only)
    vrrp group-name (on vEdge routers only)
       priority number
       timer seconds
       track-omp
    ! end vpn interface
  ip route ip-address/subnet next-hop-address
  name text  
  router (on vEdge routers only) 
    bgp ... 
    igmp ...
    multicast-replicator local
      threshold number 
    ospf ...
    pim ...
  service service-name address ip-address (on vEdge routers only)

Segmentation Monitoring Commands

Use the following commands to monitor segmentation:

show bgp commands
show interface commands
show ospf commands

Additional Information

Segmentation (VPN) Overview
Segmentation (VPN) Configuration Examples
Service Chaining