efa tenant epg update
Updates an endpoint group.
Syntax
efa tenant epg update
[--name
epg-name|--tenanttenant-name
|--operation
[ port-group-add |
port-group-delete | ctag-range-add | ctag-range-delete | vrf-add, vrf-delete
| local-ip-add | local-ip-delete | anycast-ip-add |
anycast-ip-delete
]
|--port
ip-ethport|--po
po-name|--switchport-mode
access | trunk |
trunk-no-default-native
|--type
l3-hand-off |
extension
|--switchport-native-vlan-tagging
|--switchport-native-vlan
value|
--ctag-range
range|
--ctag description
desc|--vrf
vrf-name|
--l3-vni
vni|
--l2-vni
vni|
--anycast-ip
ipv4|
--anycast-ipv6
ipv6|--local-ip
ipv4|
--local-ipv6
ipv6|
--bridge-domain
bd-name|
--ipv6-nd-mtu
mtu-value|
--ipv6-nd-managed-config
flag
|
--ipv6-nd-other-config
other-flag|
--ipv6-nd-prefix
ipv6-prefix|
--ipv6-nd-prefix-valid-lifetime
lifetime|
--ipv6-nd-prefix-preferred-lifetime
pref-lifetime|
--ipv6-nd-prefix-no-advertise
|
--ipv6-nd-prefix-config-type
no-autoconfig | no-onlink
| off-link
|
--single-homed-bfd-session-type
auto | software |
hardware
|
--help]
Parameters
- --name
epg-name
- Specifies the name of the
endpoint group.
- --tenant
tenant-name
- Specifies the name of the
associated tenant.
- --operation
port-group-add | port-group-delete | ctag-range-add |
ctag-range-delete | vrf-add, vrf-delete | local-ip-add |
local-ip-delete | anycast-ip-add |
anycast-ip-delete
- Defines the operation to be performed. Valid
values are port-group-add, port-group-delete, ctag-range-add,
ctag-range-delete, vrf-add, vrf-delete, local-ip-add, local-ip-delete,
anycast-ip-add, or anycast-ip-delete.
- --port
ip-ethport
- Specifies the device IP
address and Ethernet port details. Example: SW1_IP[0/1], SW2_IP[0/5,0/6],
SW3_IP[0/7-10]
- --po
po-name
- Lists port channels. Example:
po1, po2
- --switchport-mode
access | trunk |
trunk-no-default-native
- Configures switch port mode
on the interfaces. Valid values are access, trunk, and
trunk-no-default-native. The default is trunk.
- --type
l3-hand-off |
extension
- Configures the BGP service
type. Valid values are l3-hand-off or extension. The default is
extension.
- --switchport-native-vlan-tagging
- Enables the native VLAN
characteristics on the ports of this endpoint group. Valid only if the
--switchport-mode parameter is set to trunk.
- --switchport-native-vlan
value
- Configures native VLAN on the
interfaces. Valid values are 2 through 4090 corresponding to the value of
the --ctag-range parameter.
- --ctag-range
range
- Specifies the customer VLAN
range in comma and hyphen separated format. Example: 2-20,30,40,50-55.
- --ctag-description
desc
- Specifies a unique
description of the ctag in the following format:
ctag:l2-vni
.
- --vrf
vrf-name
- Specifies the VRF to which
these networks are attached.
- --l3-vni
vni
- Specifies the Layer 3 VNI to
be used for this VRF.
- --l2-vni
vni
- Specifies the Layer 2 VNI to
be used for this network in the following format:
ctag:l2-vni
.
- --anycast-ip
ipv4
- Specifies the IPv4 anycast
address in the following format:
ctag:anycast-ip
.
- --anycast-ipv6
ipv6
- Specifies the IPv6 anycast
address in the following format:
ctag:anycast-ipv6
.
- --local-ip
ipv4
- Specifies the IPv4 local
address in the following format:
ctag,device-ip:local-ip
.
- --local-ipv6
ipv6
- Specifies the IPv6 local
address in the following format:
ctag,device-ip:local-ipv6
.
- --bridge-domain
bd-name
- Specifies the bridge domain
name in the following format;
ctag:bridge-domain
.
- --ipv6-nd-mtu
mtu-value
- Sets the maximum transmission
unit (MTU) for IPv6 neighbor discovery. Valid values range from 1280 through
65535. The format is
ctag:mtu
.
- --ipv6-nd-managed-config
flag
- Sets the managed
configuration flag for IPv6 router advertisement. The format is
ctag:managedflag
.
- --ipv6-nd-other-config
other-flag
- Sets the other configuration
flag for IPv6 router advertisement. The format is
ctag:otherflag
.
- --ipv6-nd-prefix
ipv6-prefix
- Configures the IPv6 prefix
address in the following format:
ctag:prefix1,prefix2,
.
- --ipv6-nd-prefix-valid-lifetime
lifetime
- Sets IPv6 prefix valid
lifetime. A valid range is from 0 through 4294967295 to infinite. The format
is
ctag,prefix:validTime
.
- --ipv6-nd-prefix-preferred-lifetime
pref-lifetime
- Sets the IPv6 prefix
preferred lifetime. A valid range is from 0 through 4294967295 to
infinite.The format is
ctag,prefix:preferredTime
.
- --ipv6-nd-prefix-no-advertise
- Enables the prevention of
prefix advertisement. The format is
ctag,prefix:noadvertiseflag
.
- --ipv6-nd-prefix-config-type
no-autoconfig |
no-onlink | off-link
- Sets the configuration type
for the IPv6 prefix. Valid values are no-autoconfig, no-onlink, or off-link.
The format is
ctag,prefix:configType
.
- --single-homed-bfd-session-type
auto | software |
hardware
- Specifies the BFD session type for the endpoint group. Valid values are
auto, software, or hardware. The default is auto, which means that the BFD
session type is automatically determined based on the value of the
--type parameter: extension or L3 hand-off.
- --help
- Displays help for the
command.
Usage Guidelines
An empty endpoint group has no network-policy, network-property, or port-property.
An endpoint group can be created with a port-property and without a port-group. But an
endpoint group cannot be created with a port-group and without a port-property.
ARP suppression is enabled for all the possible broadcast domains VLAN or BD on the
device.
CEP is handled by replicating all the tenant configuration on the MCT neighbor except for the
endpoint configuration, since the endpoint does not exist on the MCT neighbor.
The update operation for a bridge domain-based endpoint group is similar to that of a
VLAN-based endpoint group. During a port-group add or delete operation, the logical
interface configurations will be created or deleted for the existing ctags, and the
corresponding bridge-domains.
During a ctag-range-add or delete operation, the logical interface and bridge-domain
configurations are updated on the endpoint group.
During vrf-add or delete operation, the corresponding Layer 3 configurations are added to or
deleted from the endpoint group.
Event handling sets the corresponding tenant networks to the
cfg-refreshed
state. However, there is no way to re-push the
refreshed configuration onto the devices.
The value of --single-homed-bfd-session-type
is configured for one endpoint group
and then propagated to all Ethernet and single-homed port channel interfaces defined
for that endpoint group.
EFA does not distinguish between SRIOV (single-root input/output virtualization) and non-SRIOV
connections. Therefore, it treats both connections the same way. If you want to use
hardware-based BFD sessions for CEP non-SRIOV connections, then create an endpoint
group that contains all the CEP non-SRIOV connections and set the --single-homed-bfd-session-type
to hardware
.
Examples
The following example adds a port to the endpoint group.
$ efa tenant epg update --name epg1
--tenant tenant11 --operation port-group-add --port 10.20.216.15[0/20]
EndpointGroup updated successfully.
--- Time Elapsed: 32.208253521s ---
The following example adds a ctag with network properties to endpoint group.
$ efa tenant epg update --name epg1 --tenant tenant11
--operation ctag-range-add --ctag-range 100 --anycast-ip 100:1.1.100.1/24
--local-ip 100,10.20.216.15:100.100.1.1/28
EndpointGroup updated successfully.
--- Time Elapsed: 37.428381252s ---
The following example adds a automatic
BFD session type to an endpoint
group.
$ efa tenant epg update --name epg5 --tenant tenant11 --operation port-group-add
--port 10.20.216.15[0/11],10.20.216.16[0/11] --po po1 --switchport-mode trunk
--single-homed-bfd-session-type auto