Enable IPv6 Egress Filters

Enable IPv6 egress filters to add IPv6 egress qualifiers at startup.

Before you begin

If more than 200 IPv4 egress entries exist in the configuration file, make a backup of the configuration file before you enable IPv6 egress filters. Only a maximum of 200 IPv4 egress entries are saved in the configuration file after you save the configuration.

For example, you can enter more than 200 IPv4 egress entries in the configuration file prior to enabling IPv6 egress filters. However, the entries are stored in ascending numerical order with ACL ID and ACE ID respectively, and not in the order in which they were added. Therefore, after you enable IPv6 egress filters and restart, and because the configuration file is read in ascending order, you receive an error message after the 200 maximum has been reached, such as:

CP1 [2017-09-28T00:44:24.077+05:30] 7K-Fi-94-I6:1 0x001049d4 00000000 GlobalRouter FILTER ERROR Unable to allocate data path resources for ACL ID 12.

About this task

This flag is disabled by default.

Procedure

  1. In the navigation pane, expand Configuration > Edit.
  2. Select Chassis.
  3. Select the Boot Config tab.
  4. Select EnableIpv6EgressFilterMode.
  5. Select Apply.
  6. Save the configuration, and then restart the switch for the change to take effect.

Boot Config Field Descriptions

Use the data in the following table to use the Boot Config tab.

Name

Description

SwVersion

Specifies the software version that currently runs on the switch.

LastRuntimeConfigSource

Specifies the last source for the run-time image.

PrimaryConfigSource

Specifies the primary configuration source.

PrimaryBackupConfigSource

Specifies the backup configuration source to use if the primary does not exist.

EnableFactoryDefaultsMode

Specifies whether the switch uses the factory default settings after you reboot the switch. The options are:

  • false: The node does not use factory default settings.

  • fabric: This mode is not supported.

  • noFabric: The node uses the factory default mode settings.

    Removes the configuration files, primary and secondary config file names, all user account passwords, digital certificates, IKE/OSPF/IS-IS keys, and SNMP communities. All ports are disabled and assigned to VLAN 1. License files are not removed.

  • config-only

    Boots the switch with a blank configuration.

    This parameter preserves configuration files, primary and secondary configuration file names, user accounts and passwords, digital certificates, IKE/OSPF/IS-IS keys, license files, and SNMP communities. All ports are disabled and assigned to VLAN 1.

    Use this parameter as a temporary troubleshooting option to test or investigate if something is wrong with the configuration without permanently removing the configuration files, user accounts, and other preserved items.

  • reset-all-files:

    Equivalent to a switch that ships from the factory. The switch has no configuration files, default user accounts, default security mode, Auto-sense-enabled ports, and performs a ZTP+ configuration after reboot. The 30-day factory license is also reset. If required, you must revoke the license file.

    Important:

    Only CLI provides two options to achieve the same behavior; there is no option other than reset-all-files in EDM.

  • zero-touch:

    Boots the switch with a default configuration that enables Auto-sense. This parameter resets secure files but keeps the security mode and performs a ZTP+ configuration after reboot. License files are not removed.

  • zero-touch-config-only

    Boots the switch with a blank configuration that enables Auto-sense and performs a ZTP+ configuration.

    This parameter preserves configuration files, primary and secondary configuration file names, user accounts and passwords, digital certificates, IKE/OSPF/IS-IS keys, license files, and SNMP communities. All ports are disabled and assigned to VLAN 1.

    Use this parameter as a temporary troubleshooting option to test or investigate if something is wrong with the configuration without permanently removing the configuration files, user accounts, and other preserved items.

The default value is false. This flag is automatically reset to the default value after the switch restarts.

If you select an option but then want to select a different option and have not yet rebooted the switch, you must disable the first option before you select the second option.

EnableDebugMode

Enabling the debugmode allows a user to enable TRACE on any port by prompting the selection on the console during boot up. This allows the user start trace for debugging earlier on specified port. It only works on console connection. The default value is disabled.

Important:

Do not change this parameter.

EnableRebootOnError

Activates or disables automatic reboot on a fatal error. The default value is activated.

Important:

Do not change this parameter.

EnableTelnetServer

Activates or disables the Telnet server service. The default value is disabled.

EnableFtpServer

Activates or disables the FTP server on the switch. The default value is disabled. To enable FTP, ensure that the TFTPD flag is disabled.

EnableTftpServer

Activates or disables Trivial File Transfer Protocol server service. The default value is disabled.

EnableSshServer

Activates or disables the SSH server service. The default value is disabled.

EnableSpbmConfigMode

Enables you to configure SPB and IS-IS, but you cannot configure PIM and IGMP either globally or on an interface.

The boot flag is enabled by default.

EnableIpv6Mode

Enable this flag to support IPv6 routes with prefix-lengths greater than 64 bits. This flag is disabled by default.

EnableEnhancedsecureMode

Enables or disables the enhanced secure mode. Select either jitc or non-jitc to enable the enhanced secure mode in one of these sub-modes. The default is disabled.

Note:

As a best practice, enable the enhanced secure mode in the non-JITC sub-mode because the JITC sub-mode is more restrictive and prevents the use of some troubleshooting utilities.

EnableUrpfMode

Enables Unicast Reverse Path Forwarding (uRPF) globally. You must enable uRPF globally before you configure it on a port or VLAN. The default is disabled.

EnableVxlanGwFullInterworkingMode

Note:

Exception: only supported on 7520 Series and 7720 Series.

Enables VXLAN Gateway in Full Interworking Mode, which supports SPB, SMLT, and vIST.

By default, the Base Interworking Mode is enabled and Full Interworking Mode is disabled. You change modes by enabling this boot configuration flag.

In Base Interworking Mode, VXLAN Gateway supports Layer 2 gateway communication between VXLAN and traditional VLAN environments.

EnableFlowControlMode

Enables or disables flow control globally. When disabled, the system does not generate nor configure the transmission of flow control messages. The system always honors received flow control messages regardless of the flow control mode status. You must enable this mode before you configure an interface to send pause frames.

The default is disabled.

AdvancedFeatureBwReservation

Note:

Exception: high is supported on 5720 Series, 7520 Series, and 7720 Series .

Exception: low is not supported on 5720 Series.

Exception: vim is only supported on 5520 Series and 5720 Series.

Enables the switch to support advanced features by reserving ports as loopback ports. When disabled, you can use all ports on the switch, but advanced features do not work.

When you select low or high, the corresponding bandwidth of the reserved Ethernet ports is allocated to the loopback required for advanced feature functionality.

When you select vim, the bandwidth is allocated from the unused vim slot capacity and cannot be selected if the VIM card is present.

The default varies depending on the platform:

  • The default for 5320 Series, 5420 Series, 7520 Series, and 7720 Series is enabled with low level.

  • The default for 5520 Series is enabled with vim level if Versatile Interface Module (VIM) is not installed, else low level is enabled.

  • The default for 5720 Series is enabled with vim level if Versatile Interface Module (VIM) is not installed, else high level is enabled.

If you change this parameter, you must restart the switch.

EnableDvrLeafMode

Enables the switch to be configured as a DvR Leaf.

When enabled, you cannot configure the switch to operate as a DvR Controller.

EnablevrfScaling

Changes the maximum number of VRFs and Layer 3 VSNs that the switch supports. If you select this check box, the maximum number increases. The default is disabled.

Important:

If you select both this check box and the EnableSpbmConfigMode check box, the switch reduces the number of configurable VLANs. For more information about maximum scaling numbers, see Fabric Engine Release Notes.

EnableSyslogRfc5424Format

Enables or disables the RFC 5424 syslog format.

The default is enabled. If the pre-existing configuration file is for a release prior to this enhancement, then the flag is disabled automatically.

NniMstp

Enables MSTP, and allows non SPBM B-VLAN configuration on SPBM network-to-network interface (NNI) ports. The default is disabled.

Note:

Spanning Tree is disabled on all SPBM NNIs.

You cannot add an SPBM NNI port or MLT port to any non SPBM B-VLAN.

EnableIpv6EgressFilterMode

Enables IPv6 egress filters. The default is disabled.

If you change this parameter, you must restart the switch.

For 5320 Series, 5420 Series, and 5720 Series platforms, EnableIpv6EgressFilterMode and EnableMacsec are mutually exclusive.

EnableMacsec

Note:

Exception: only required for 5320 Series and 5420 Series.

Enables Media Access Control Security (MACsec) mode globally. To enable MACsec mode, you must configure the boot flag.

EnableIpv6EgressFilterMode and EnableMacsec are mutually exclusive.

EnableSpbmNodeScaling

Note:

Exception: only applies to 5320 Series and 5420 Series.

Enables the switch to increase the number of supported SPB nodes per area. By default, the switch supports up to 350 SPB nodes per area.

The default is disabled.

If you change this parameter, you must restart the switch.

Slot

Specifies the slot number.

TftpHash

Enables TFTP hashing.

TftpRetransmit

Set TFTP retransmit timeout counter.

TftpTimeout

Set TFTP timeout counter.

User

Configure host user.

Password

Configure host password.