Page 1: Network Management And Monitoring
HPE FlexNetwork 10500 Switch Series Network Management and Monitoring Command Reference Part number: 5200-1903 Software version: 10500-CMW710-R7524 Document version: 6W100-20161230...
Page 2 © Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Page 3: Table Of Contents
Contents Ping, tracert, and system debugging commands ············································ 1 debugging ·················································································································································· 1 display debugging ······································································································································ 1 ping ···························································································································································· 2 ping ipv6 ····················································································································································· 5 tracert ························································································································································· 7 tracert ipv6 ················································································································································· 9 NQA commands ···························································································· 12 NQA client commands ····································································································································· 12 advantage-factor ······································································································································ 12 codec-type ················································································································································...
Page 4 reaction checked-element icpif ················································································································· 65 reaction checked-element mos ················································································································ 66 reaction checked-element packet-loss ····································································································· 67 reaction checked-element probe-duration ································································································ 68 reaction checked-element probe-fail (for trap) ························································································· 69 reaction checked-element probe-fail (for trigger) ····················································································· 71 reaction checked-element rtt ···················································································································· 71 reaction trap ············································································································································· 73 reaction trigger per-probe ·························································································································...
Page 5 ntp-service source ·································································································································· 126 ntp-service unicast-peer ························································································································· 127 ntp-service unicast-server ······················································································································ 128 SNTP commands ························································································ 130 display sntp ipv6 sessions ······················································································································ 130 display sntp sessions ····························································································································· 130 sntp authentication enable ····················································································································· 131 sntp authentication-keyid ······················································································································· 132 sntp enable ············································································································································· 133 sntp ipv6 unicast-server ·························································································································...
Page 6 rmon event ············································································································································· 195 rmon history ··········································································································································· 196 rmon prialarm ········································································································································· 197 rmon statistics ········································································································································ 199 NETCONF commands ················································································ 201 netconf idle-timeout ································································································································ 201 netconf log ·············································································································································· 202 netconf soap domain ······························································································································ 203 netconf soap http acl ······························································································································ 203 netconf soap http dscp ··························································································································· 204 netconf soap http enable ························································································································...
Page 7 monitor kernel deadloop exclude-thread ································································································ 267 monitor kernel deadloop time ················································································································· 268 monitor kernel starvation enable ············································································································ 269 monitor kernel starvation exclude-thread ······························································································· 270 monitor kernel starvation time ················································································································ 271 monitor process ······································································································································ 272 monitor thread ········································································································································ 277 process core ··········································································································································· 281 reset exception context ··························································································································...
Page 8 ipv6 netstream export rate ····················································································································· 332 ipv6 netstream export source ················································································································· 332 ipv6 netstream export template refresh-rate ·························································································· 333 ipv6 netstream export version ················································································································ 334 ipv6 netstream filter ································································································································ 335 ipv6 netstream sampler ·························································································································· 336 ipv6 netstream timeout active ················································································································ 336 ipv6 netstream timeout inactive ··············································································································...
Page 9 terminal debugging ································································································································· 375 terminal logging level ····························································································································· 376 terminal monitor ····································································································································· 377 GOLD commands ······················································································· 378 diagnostic event-log size ························································································································ 378 diagnostic monitor enable ······················································································································ 378 diagnostic monitor interval ····················································································································· 379 diagnostic ondemand failure ·················································································································· 380 diagnostic ondemand repeating ············································································································· 381 diagnostic ondemand start ·····················································································································...
Page 10: Ping, Tracert, And System Debugging Commands
Ping, tracert, and system debugging commands debugging Use debugging to enable debugging for a module. Use undo debugging to disable debugging for a module or for all modules. Syntax debugging module-name [ option ] undo debugging { all | module-name [ option ] } Default Debugging is disabled for all modules.
Page 11: Ping
Syntax display debugging [ module-name ] Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters module-name: Specifies a module by its name. For a list of supported modules, use the display debugging ? command. If you do not specify a module name, this command displays the enabled debugging features for all modules.
Page 12 -i interface-type interface-number: Specifies the source interface for ICMP echo requests. If you do not specify this option, the system uses the primary IP address of the matching route's egress interface as the source interface for ICMP echo requests. -m interval: Specifies the interval (in milliseconds) to send ICMP echo requests. The value range is 1 to 65535, and the default is 200.
Page 13 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.963/2.028/2.137/0.062 ms # Test whether the device with an IP address of 1.1.2.2 in VPN instance vpn1 is reachable. <Sysname> ping -vpn-instance vpn1 1.1.2.2 Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break 56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=2.137 ms 56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=2.051 ms 56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=1.996 ms...
Page 14: Ping Ipv6
Field Description Received ICMP echo replies from the device whose IP address is 1.1.2.2. If no echo reply is received within the timeout period, no information is displayed. • bytes—Number of bytes in the ICMP echo reply. 56 bytes from 1.1.2.2: icmp_seq=0 •...
Page 15 -s packet-size: Specifies the length (in bytes) of ICMPv6 echo requests (excluding the IPv6 packet header and the ICMPv6 packet header). The value range is 20 to 8100, and the default is 56. -t timeout: Specifies the timeout time (in milliseconds) of an ICMPv6 echo reply. The value range is 0 to 65535, and the default is 2000.
Page 16: Tracert
--- Ping6 statistics for 2001::2 --- 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 4.000/25.000/62.000/20.000 ms Table 2 Command output Field Description Ping6(56 data bytes) An ICMPv6 echo reply with a data length of 56 bytes is sent from 2001::1 to 2001::2.
Page 17 -p port: Specifies an invalid UDP port of the destination. The value range is 1 to 65535, and the default is 33434. If the destination address is an EID address at a remote LISP site, specify a port number in the range of 33434 to 65535. -q packet-number: Specifies the number of probe packets to send per hop.
Page 18: Tracert Ipv6
1.1.1.2 (1.1.1.2) 673 ms 425 ms 30 ms 1.1.2.2 (1.1.2.2) 580 ms 470 ms 80 ms 1.1.3.2 (1.1.3.2) [AS 65535] 530 ms 472 ms 380 ms # Trace the path to destination (192.168.0.46) over an MPLS network. <Sysname> tracert 192.168.0.46 traceroute to 192.168.0.46(192.168.0.46), 30 hops at most, 40 bytes each packet, press CTRL_C to break 192.0.2.13 (192.0.2.13)
Page 19 Views Any view Predefined user roles network-admin mdc-admin Parameters -f first-hop: Specifies the TTL value of the first packet. The value range is 1 to 255, and the default is 1. The value must be no greater than the value of the max-hops argument. -m max-hops: Specifies the maximum number of hops allowed for a packet.
Page 20 Examples # Display the path that the packets traverse from source to destination (2001:3::2). <Sysname> tracert ipv6 2001:3::2 traceroute to 2001:3::2(2001:3::2), 30 hops at most, 60 byte packets, press CTRL_C to break 2001:1::2 0.661 ms 0.618 ms 0.579 ms 2001:2::2 [AS 100] 0.861 ms 0.718 ms 0.679 ms...
Page 21: Nqa Commands
NQA commands NQA client commands advantage-factor Use advantage-factor to set the advantage factor to be used for calculating Mean Opinion Scores (MOS) and Calculated Planning Impairment Factor (ICPIF) values. Use undo advantage-factor to restore the default. Syntax advantage-factor factor undo advantage-factor Default The advantage factor is 0.
Page 22: Community Read
Default The codec type for the voice operation is G.711 A-law. Views Voice operation view Predefined user roles network-admin mdc-admin Parameters g711a: Specifies G.711 A-law codec type. g711u: Specifies G.711 µ-law codec type g729a: Specifies G.729 A-law codec type. Examples # Set the codec type to g729a for the voice operation.
Page 23: Data-Fill
• The SNMP operation uses the SNMPv1 or SNMPv2c agent. • The SNMPv1 or SNMPv2c agent is configured with a read-only or read-write community name. The specified community name must be the same as the community name configured on the SNMP agent.
Page 24: Data-Size
• For the voice operation, the first 16 bytes of the payload of a UDP packet are for special purpose. The string fills the remaining part of the payload. • For the path jitter operation, the first four bytes of the payload of an ICMP echo request are for special purpose.
Page 25: Description
mdc-admin Parameters size: Specifies the payload size. Available value ranges include: • 20 to 65507 bytes for the ICMP echo, UDP echo, or UDP tracert operation. • 68 to 65507 bytes for the UDP jitter or path jitter operation. • 16 to 65507 bytes for the voice operation.
Page 26: Destination Host
<Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] description icmp-probe # In ICMP template view, configure the description as icmp-probe for the NQA operation. <Sysname> system-view [Sysname] nqa template icmp icmptplt [Sysname-nqatplt-icmp-icmptplt] description icmp-probe destination host Use destination host to configure the destination host name for the operation. Use undo destination host to restore the default.
Page 27: Destination Ipv6
Default No destination IPv4 address is configured for an operation. Views ICMP echo/TCP/UDP echo operation view DHCP/DLSw/DNS/FTP/HTTP/SNMP operation view UDP tracert operation view ICMP jitter/path jitter/UDP jitter/voice operation view DNS/ICMP/RADIUS/SSL/TCP/TCP half open/UDP template view Predefined user roles network-admin mdc-admin Parameters ip-address: Specifies the destination IPv4 address for the operation.
Page 28: Destination Port
Parameters ipv6-address: Specifies the destination IPv6 address for the operation. IPv6 link-local addresses are not supported. Examples # In ICMP template view, specify 1::1 as the destination IPv6 address for the operation. <Sysname> system-view [Sysname] nqa template icmp icmptplt [Sysname-nqatplt-icmp-icmptplt] destination ipv6 1::1 destination port Use destination port to configure the destination port number for the operation.
Page 29: Display Nqa History
<Sysname> system-view [Sysname] nqa template tcp tcptplt [Sysname-nqatplt-tcp-tcptplt] destination port 9000 display nqa history Use display nqa history to display the history records of NQA operations. Syntax display nqa history [ admin-name operation-tag ] Views Any view Predefined user roles network-admin network-operator mdc-admin...
Page 30: Display Nqa Reaction Counters
<Sysname> display nqa history administrator test NQA entry (admin administrator, tag test) history records: Index Response Status Time Succeeded 2011-04-29 20:54:26.5 Succeeded 2011-04-29 20:54:26.2 Succeeded 2011-04-29 20:54:25.8 Succeeded 2011-04-29 20:54:25.5 Succeeded 2011-04-29 20:54:25.1 Succeeded 2011-04-29 20:54:24.8 Succeeded 2011-04-29 20:54:24.5 Succeeded 2011-04-29 20:54:24.1 Succeeded 2011-04-29 20:54:23.8...
Page 31 The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-). If you do not specify an NQA operation, the command displays the current monitoring results of reaction entries for all NQA operations.
Page 32: Display Nqa Result
Monitored Threshold performance Collect data in Checked Num Over-threshold Num type metric Probes after the Number of accumulate Number of probe failures. operation starts. completed probes. probe-fail Probes after the Number of consecutive Number of probe failures. operation starts. completed probes. Table 9 Monitored performance metrics for ICMP jitter/UDP jitter/voice operations Monitored Threshold...
Page 33 The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-). If you do not specify an NQA operation, the command displays the most recent results of all NQA operations. Examples # Display the most recent result of the TCP operation with administrator name admin and operation tag test.
Page 34 One way results: Max SD delay: 1 Max DS delay: 2 Min SD delay: 1 Min DS delay: 2 Number of SD delay: 1 Number of DS delay: 1 Sum of SD delay: 1 Sum of DS delay: 2 Square-Sum of SD delay: 1 Square-Sum of DS delay: 4 Lost packets for unknown reason: 0 # Display the most recent result of the UDP jitter operation with administrator name admin and...
Page 35 Send operation times: 1000 Receive response times: 0 Min/Max/Average round trip time: 0/0/0 Square-Sum of round trip time: 0 Last packet received time: 0-00-00 00:00:00.0 Extended results: Packet loss ratio: 100% Failures due to timeout: 1000 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0...
Page 36 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Path-Jitter Results: Jitter number: 9 Min/Max/Average jitter: 0/0/0 Positive jitter number: 0 Min/Max/Average positive jitter: 0/0/0 Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0 Min/Max/Average negative jitter: 0/0/0 Sum/Square-Sum negative jitter: 0/0...
Page 37 UDP-tracert results: Hop IP Time 3.1.1.1 2013-09-09 14:23:24.5 4.1.1.1 2013-09-09 14:23:24.5 Table 10 Command output Field Description Data collecting in progress The operation is in progress. Send operation times Number of operations. Receive response times Number of response packets received. Min/Max/Average round trip time Minimum/maximum/average round-trip time in milliseconds.
Page 38 Field Description Positive DS number Number of positive jitters from destination to source. Positive SD sum Sum of positive jitters from source to destination. Positive DS sum Sum of positive jitters from destination to source. Positive SD average Average positive jitters from source to destination. Positive DS average Average positive jitters from destination to source.
Page 39: Display Nqa Statistics
Field Description Square-Sum of SD delay Square sum of delays from source to destination. Square-Sum of DS delay Square sum of delays from destination to source. SD lost packets Number of lost packets from the source to the destination. DS lost packets Number of lost packets from the destination to the source.
Page 40 Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters admin-name operation-tag: Specifies an NQA operation by its administrator name and operation tag. The admin-name argument represents the name of the administrator who creates the NQA operation. The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-).
Page 41 Min/Max/Average round trip time: 1/2/1 Square-Sum of round trip time: 1563 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 ICMP-jitter results: RTT number: 1560 Min positive SD: 1...
Page 42 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 UDP-jitter results: RTT number: 550 Min positive SD: 1 Min positive DS: 1 Max positive SD: 7 Max positive DS: 1...
Page 43 Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Voice results: RTT number: 10 Min positive SD: 3 Min positive DS: 1 Max positive SD: 10 Max positive DS: 1 Positive SD number: 3 Positive DS number: 2...
Page 44 Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Path-Jitter Results: Jitter number: 9 Min/Max/Average jitter: 0/0/0 Positive jitter number: 0 Min/Max/Average positive jitter: 0/0/0 Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0 Min/Max/Average negative jitter: 0/0/0...
Page 45 Field Description Packet loss ratio Average packet loss ratio. Failures due to timeout Number of timeout occurrences in an operation. Failures due to disconnect Number of disconnections by the peer. Failures due to no connection Number of failures to connect with the peer. Failures due to internal error Number of failures due to internal errors.
Page 46 Field Description Negative DS number Number of negative jitters from destination to source. Sum of absolute values of negative jitters from source to Negative SD sum destination. Sum of absolute values of negative jitters from destination to Negative DS sum source.
Page 47 Field Description Threshold Type Threshold type. Number of targets that have been monitored for data Checked Num collection. Over-threshold Num Number of threshold violations. Serial number for the path in the path jitter operation. Path This field is available only for the path jitter operation. IP address of the hop.
Page 48: Expect Data
Table 13 Monitored performance metrics for ICMP jitter/UDP jitter/voice operations Monitored Threshold performance Collect data in Checked Num Over-threshold Num type metric Packets sent in Number of packets of Number of sent accumulate the counting which the round-trip time packets. interval.
Page 49: Expect Ip
Usage guidelines Upon receiving a response packet, the NQA client examines the target payload for the expected data. • If a match is found, the NQA client verifies the NQA destination device as legal. • If no match is found, the NQA client looks up the entire payload for a match. If no match is found again, the NQA destination device is verified as illegal.
Page 50: Expect Ipv6
[Sysname] nqa template dns dnstplt [Sysname-nqatplt-dns-dnstplt] expect ip 1.1.1.1 expect ipv6 Use expect ipv6 to specify the expected IPv6 address. Use undo expect ipv6 to restore the default. Syntax expect ipv6 ipv6-address undo expect ipv6 Default No expected IPv6 address is specified. Views DNS template view Predefined user roles...
Page 51: Filename
Predefined user roles network-admin mdc-admin Parameters status-list: Specifies a space-separated list of up to 10 status code items. Each item specifies a status code or a range of status codes in the form of status-num 1 to status-num 2. The value ranges for both the status-num 1 and status-num 2 arguments are 0 to 999.
Page 52: Frequency
# In FTP template view, specify config.txt as the file to be transferred between the FTP server and the FTP client. <Sysname> system-view [Sysname] nqa template ftp ftptplt [Sysname-nqatplt-ftp-ftptplt] filename config.txt frequency Use frequency to specify the interval at which the NQA operation repeats. Use undo frequency to restore the default.
Page 53: History-Record Enable
history-record enable Use history-record enable to enable the saving of history records for the NQA operation. Use undo history-record enable to disable the saving of history records. Syntax history-record enable undo history-record enable Default The saving of history records is enabled only for the UDP tracert operation. Views ICMP echo/TCP/UDP echo operation view DHCP/DLSw/DNS/FTP/HTTP/SNMP operation view...
Page 54: History-Record Number
UDP tracert operation view Predefined user roles network-admin mdc-admin Parameters keep-time: Specifies how long the history records can be saved. The value range is 1 to 1440 minutes. Usage guidelines When an NQA operation completes, the timer starts. All records are removed when the lifetime is reached.
Page 55: Init-Ttl
<Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] history-record number 10 init-ttl Use init-ttl to set the TTL value for UDP packets in the start round of the UDP tracert operation. Use undo init-ttl to restore the default. Syntax init-ttl value undo init-ttl...
Page 56: Lsr-Path
Parameters cipher: Specifies a key in encrypted form. simple: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form. string: Specifies the shared key string. Its plaintext form is a case-sensitive string of 1 to 64 characters.
Page 57: Max-Failure
max-failure Use max-failure to set the maximum number of consecutive probe failures in a UDP tracert operation. Use undo max-failure to restore the default. Syntax max-failure times undo max-failure Default A UDP tracert operation stops and fails when it detects five consecutive probe failures. Views UDP tracert operation view Predefined user roles...
Page 58: Next-Hop Ip
Predefined user roles network-admin mdc-admin Parameters active: Sets the data transmission mode to active. The FTP server initiates a connection request. passive: Sets the data transmission mode to passive. The FTP client initiates a connection request. Examples # Set the data transmission mode to passive for the FTP operation. <Sysname>...
Page 59: Next-Hop Ipv6
[Sysname-nqa-admin-test-icmp-echo] next-hop ip 10.1.1.1 next-hop ipv6 Use next-hop ipv6 to specify the next hop IPv6 address for probe packets. Use undo next-hop ipv6 to restore the default. Syntax next-hop ipv6 ipv6-address undo next-hop ipv6 Default No next hop IPv6 address is specified for probe packets. Views ICMP echo operation view ICMP/TCP half open template view...
Page 60: Nqa
Predefined user roles network-admin mdc-admin Usage guidelines The no-fragmentation feature sets the DF field to 1. Packets with the DF field set cannot be fragmented during the forwarding process. You can use this command to test the path MTU of a link. Examples # Enable the no-fragmentation feature for the UDP tracert operation.
Page 61: Nqa Agent Enable
nqa agent enable Use nqa agent enable to enable the NQA client. Use undo nqa agent enable to disable the NQA client and stop all operations being performed. Syntax nqa agent enable undo nqa agent enable Default The NQA client is enabled. Views System view Predefined user roles...
Page 62: Nqa Template
start-time: Specifies the start time and date of the NQA operation. hh:mm:ss: Specifies the start time of an NQA operation. yyyy/mm/dd: Specifies the start date of an NQA operation. The default value is the current system time, and the value for the yyyy argument is in the range of 2000 to 2035. mm/dd/yyyy: Specifies the start date of an NQA operation.
Page 63: Operation (Ftp Operation View)
Predefined user roles network-admin mdc-admin Parameters dns: Specifies the DNS template. ftp: Specifies the FTP template. http: Specifies the HTTP template. https: Specifies the HTTPS template. icmp: Specifies the ICMP template. radius: Specifies the RADIUS template. ssl: Specifies the SSL template. tcp: Specifies the TCP template.
Page 64: Operation (Http/Https Operation View)
Usage guidelines When you perform the put operation with the filename command configured, make sure the file exists on the NQA client. If you get a file from the FTP server, make sure the file specified in the URL exists on the FTP server. The NQA client does not save the file obtained from the FTP server.
Page 65: Out Interface
For the get or post operation, the content in the request is obtained from the URL specified by the url command. For the raw operation, the content in the request is configured in raw request view. You can use the raw-request command to enter the raw request view.
Page 66: Password
Examples # Specify VLAN-interface 1 as the output interface for probe packets in the UDP tracert operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-tracert [Sysname-nqa-admin-test-udp-tracert] out interface vlan-interface 1 password Use password to specify a password. Use undo password to restore the default. Syntax password { cipher | simple } string undo password...
Page 67: Probe Count
Related commands operation username probe count Use probe count to specify the probe times. Use undo probe count to restore the default. Syntax probe count times undo probe count Default In an UDP tracert operation, the NQA client sends three probe packets to each hop along the path. In other types of operations, the NQA client performs one probe to the destination per operation.
Page 68: Probe Packet-Interval
• A UDP tracert operation determines the routing path from the source to the destination. The number of probe packets sent to each hop is set by using the probe count command. • A frame loss, latency, or throughput operation sends probe frames to the destination device to test the frame loss ratio, latency, or throughput of the network.
Page 69: Probe Packet-Timeout
Use undo probe packet-number to restore the default. Syntax probe packet-number packet-number undo probe packet-number Default An ICMP jitter, UDP jitter, or path jitter probe sends 10 packets and a voice probe sends 1000 packets. Views ICMP jitter/path jitter/UDP jitter/voice operation view Predefined user roles network-admin mdc-admin...
Page 70: Probe Timeout
Parameters timeout: Specifies the timeout time in milliseconds. The value range is 10 to 3600000. Examples # Set the response timeout time to 100 milliseconds in the UDP jitter operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-jitter [Sysname-nqa-admin-test-udp-jitter] probe packet-timeout 100 probe timeout Use probe timeout to set the probe timeout time.
Page 71: Raw-Request
[Sysname-nqatplt-http-httptplt] probe timeout 10000 raw-request Use raw-request to enter raw request view and specify the content of an HTTP or HTTPS request. Use undo raw-request to restore the default. Syntax raw-request undo raw-request Default The contents of an HTTP or HTTPS raw request are not specified. Views HTTP operation view HTTP/HTTPS template view...
Page 72 Syntax reaction item-number checked-element { jitter-ds | jitter-sd } threshold-type { accumulate accumulate-occurrences average threshold-value upper-threshold lower-threshold [ action-type { none | trap-only } ] undo reaction item-number Default No reaction entries for monitoring one-way jitter exist. Views ICMP jitter/UDP jitter/voice operation view Predefined user roles network-admin mdc-admin...
Page 73: Reaction Checked-Element { Owd-Ds | Owd-Sd
[Sysname-nqa-admin-test] type udp-jitter [Sysname-nqa-admin-test-udp-jitter] reaction 1 checked-element jitter-ds threshold-type average threshold-value 50 5 action-type trap-only # Create reaction entry 2 for monitoring the destination-to-source jitter of UDP jitter probe packets, and set the upper limit to 50 milliseconds, and the lower limit to 5 milliseconds. Before the NQA operation starts, the initial state of the reaction entry is invalid.
Page 74: Reaction Checked-Element Icpif
No actions can be configured for a reaction entry of monitoring one-way delays. To display the monitoring results and statistics, use the display nqa reaction counters and display nqa statistics commands. Examples # Create reaction entry 1 for monitoring the destination-to-source delay of every UDP jitter packet, and set the upper limit to 50 milliseconds and lower limit to 5 milliseconds.
Page 75: Reaction Checked-Element Mos
Examples # Create reaction entry 1 for monitoring the ICPIF value in the voice operation, and set the upper limit to 50 and lower limit to 5. Before the voice operation starts, the initial state of the reaction entry is invalid.
Page 76: Reaction Checked-Element Packet-Loss
Examples # Create reaction entry 1 for monitoring the MOS value of the voice operation, and set the upper limit to 2 and lower limit to 1. Before the NQA operation starts, the initial state of the reaction entry is invalid.
Page 77: Reaction Checked-Element Probe-Duration
the lost packets is checked against the threshold. If the number reaches or exceeds 100, the state of the reaction entry is set to over-threshold. Otherwise, the state is set to below-threshold. Once the state of the reaction entry changes, a trap message is generated and sent to the NMS. <Sysname>...
Page 78: Reaction Checked-Element Probe-Fail (For Trap)
Usage guidelines You cannot edit a reaction entry after it is created. To change the attributes in a reaction entry, use the undo reaction command to delete the entry, and then configure a new one. Only successful probe packets are monitored. Statistics about failed probe packets are not collected. Examples # Create reaction entry 1 for monitoring the average probe duration of ICMP echo operation, and set the upper limit to 50 milliseconds and lower limit to 5 milliseconds.
Page 79 undo reaction item-number Default No reaction entries for monitoring probe failures exist. Views ICMP echo/TCP/UDP echo operation view DHCP/DLSw/DNS/FTP/HTTP/SNMP operation view Predefined user roles network-admin mdc-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-type: Specifies a threshold type.
Page 80: Reaction Checked-Element Probe-Fail (For Trigger)
reaction checked-element probe-fail (for trigger) Use reaction checked-element probe-fail to configure a reaction entry for monitoring probe failures. Use undo reaction to delete a reaction entry. Syntax reaction item-number checked-element probe-fail threshold-type consecutive consecutive-occurrences action-type trigger-only undo reaction item-number Default No reaction entries for monitoring probe failures exist.
Page 81 Syntax reaction item-number checked-element threshold-type accumulate accumulate-occurrences average threshold-value upper-threshold lower-threshold [ action-type { none | trap-only } ] undo reaction item-number Default No reaction entries for monitoring packet round-trip time exist. Views ICMP jitter/UDP jitter/voice operation view Predefined user roles network-admin mdc-admin Parameters...
Page 82: Reaction Trap
# Create reaction entry 2 for monitoring the round-trip time of UDP jitter probe packets, and set the upper limit to 50 milliseconds and lower limit to 5 milliseconds. Before the NQA operation starts, the initial state of the reaction entry is invalid. After the operation, the packet round-trip time is checked. If the total number of threshold violations reaches or exceeds 100, the state of the entry is set to over-threshold.
Page 83: Reaction Trigger Per-Probe
Usage guidelines The ICMP jitter, UDP jitter, and voice operations support only the test-complete keyword. The following parameters are not available for the UDP tracert operation: • The probe-failure consecutive-probe-failures option. • The accumulate-probe-failures argument. Examples # Configure the system to send a trap if five or more consecutive probe failures occur in an ICMP echo operation.
Page 84: Reaction Trigger Probe-Fail
reaction trigger probe-fail Use reaction trigger probe-fail to set the number of consecutive probe failures to determine an operation failure. Use undo reaction trigger probe-fail to restore the default. Syntax reaction trigger probe-fail count undo reaction trigger probe-fail Default The NQA client notifies the feature of the operation failure when the number of consecutive probe failures reaches 3.
Page 85: Resolve-Target
Default The NQA client notifies the feature of the successful operation event if the number of consecutive successful probes reaches 3. Views Any NQA template view Predefined user roles network-admin mdc-admin Parameters count: Specifies the number of consecutive successful probes, in the range of 1 to 15. Usage guidelines If number of consecutive successful probes is reached, the NQA client notifies the feature that uses the template of the successful operation event.
Page 86: Resolve-Type
Parameters domain-name: Specifies the domain name to be resolved. It is a dot-separated case-sensitive string of 1 to 255 characters including letters, digits, hyphens (-), and underscores (_) (for example, aabbcc.com). Each part consists of 1 to 63 characters, and consecutive dots (.) are not allowed. Examples # Specify domain1 as the domain name to be resolved.
Page 87: Source Interface (Icmp Echo/Udp Tracert Operation View)
Syntax route-option bypass-route undo route-option bypass-route Default The routing table bypass feature is disabled. Views ICMP echo/TCP/UDP echo operation view DLSw/DNS/FTP/HTTP/SNMP operation view UDP tracert operation view ICMP jitter/UDP jitter/voice operation view Predefined user roles network-admin mdc-admin Usage guidelines When the routing table bypass feature is enabled, the following events occur: •...
Page 88: Source Ip
Predefined user roles network-admin mdc-admin Parameters interface-type interface-number: Specifies an interface by its type and number. Usage guidelines The specified interface must be up. If the interface is down, no probe requests can be sent out. If you execute this command and the source ip or source ipv6 command for an ICMP echo operation or ICMP template multiple times, the most recent configuration takes effect.
Page 89: Source Ipv6
Predefined user roles network-admin mdc-admin Parameters ip-address: Specifies the source IPv4 address for probe packets. Usage guidelines The specified source IPv4 address must be the IPv4 address of a local interface, and the local interface must be up. Otherwise, no probe packets can be sent out. For an NQA template, if the source and destination addresses have different IP versions, the source address does not take effect.
Page 90: Source Port
Parameters ipv6-address: Specifies the source IPv6 address for probe packets. IPv6 link-local addresses are not supported. Usage guidelines The specified source IPv6 address must be the IPv6 address of a local interface. The local interface must be up. Otherwise, no probe packets can be sent out. For an NQA template, if the source and destination addresses have different IP versions, the source address does not take effect.
Page 91: Ssl-Client-Policy
[Sysname-nqa-admin-test] type udp-echo [Sysname-nqa-admin-test-udp-echo] source port 8000 # In DNS template view, set the source port number to 8000 for probe packets in the DNS operation. <Sysname> system-view [Sysname] nqa template dns dnstplt [Sysname-nqatplt-dns-dnstplt] source port 8000 ssl-client-policy Use ssl-client-policy to specify an SSL client policy for an HTTPS or SSL template. Use undo ssl-client-policy to restore the default.
Page 92: Statistics Interval
Views ICMP echo/TCP/UDP echo operation view DHCP/DLSw/DNS/FTP/HTTP/SNMP operation view ICMP jitter/path jitter/UDP jitter/voice operation view Predefined user roles network-admin mdc-admin Parameters hold-time: Specifies the hold time in minutes, in the range of 1 to 1440. Usage guidelines A statistics group is deleted when its hold time expires. Examples # Set the hold time to 3 minutes for statistics groups of the ICMP echo operation.
Page 93: Statistics Max-Group
Examples # Configure NQA to collect the ICMP echo operation statistics every 2 minutes. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] statistics interval 2 statistics max-group Use statistics max-group to set the maximum number of statistics groups that can be saved. Use undo statistics max-group to restore the default.
Page 94: Tos
undo target-only Default NQA performs the path jitter operation to the destination hop by hop. Views Path jitter operation view Predefined user roles network-admin mdc-admin Examples # Perform the path jitter operation only on the destination address. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type path-jitter [Sysname-nqa-admin-test-path-jitter] target-only Use tos to set the ToS value in the IP header for probe packets.
Page 95: Ttl
Use ttl to set the maximum number of hops that the probe packets can traverse. Use undo ttl to restore the default. Syntax ttl value undo ttl Default The maximum number of hops is 30 for probe packets of the UDP tracert operation, and is 20 for probe packets of other types of operations.
Page 96: Url
Syntax type { dhcp | dlsw | dns | ftp | http | icmp-echo | icmp-jitter | path-jitter | snmp | tcp | udp-echo | udp-jitter | udp-tracert | voice } Default No operation type is specified. Views NQA operation view Predefined user roles network-admin mdc-admin...
Page 97: Username
Views FTP/HTTP operation view FTP/HTTP/HTTPS template view Predefined user roles network-admin mdc-admin Parameters url: Specifies the URL of the destination server, a case-sensitive string of 1 to 255 characters. The following table describes the URL format and parameters for different operations. Operation URL format Parameter description...
Page 98: Version
Views FTP/HTTP operation view FTP/HTTP/HTTPS/RADIUS template view Predefined user roles network-admin mdc-admin Parameters username: Specifies the username. This argument is case sensitive. It is a string of 1 to 32 characters for an FTP, HTTP, or HTTPS username, and a string of 1 to 253 characters for a RADIUS authentication username.
Page 99: Vpn-Instance
v1.1: Uses version 1.1. Examples # Configure the HTTP operation to use the HTTP version 1.1. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type http [Sysname-nqa-admin-test-http] version v1.1 vpn-instance Use vpn-instance to apply the operation to a VPN instance. Use undo vpn-instance to restore the default.
Page 100: Nqa Server Commands
NQA server commands IMPORTANT: Configure the NQA server only for UDP jitter, TCP, UDP echo, and voice operations. display nqa server Use display nqa server status to display NQA server status. Syntax display nqa server Views Any view Predefined user roles network-admin network-operator mdc-admin...
Page 101: Nqa Server Enable
Related commands nqa server enable nqa server tcp-connect nqa server udp-echo nqa server enable Use nqa server enable to enable the NQA server. Use undo nqa server enable to disable the NQA server. Syntax nqa server enable undo nqa server enable Default The NQA server is disabled.
Page 102: Nqa Server Udp-Echo
Predefined user roles network-admin mdc-admin Parameters ip-address: Specifies the IP address for the TCP listening service. port-number: Specifies the port number for the TCP listening service, in the range of 1 to 65535. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Page 103 mdc-admin Parameters ip-address: Specifies the IP address for the UDP listening service. port-number: Specifies the port number for the UDP listening service, in the range of 1 to 65535. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.
Page 104: Ntp Commands
NTP commands NTP is supported on the following Layer 3 interfaces: • Layer 3 Ethernet interfaces. • Layer 3 Ethernet subinterfaces. • Layer 3 aggregate interfaces. • Layer 3 aggregate subinterfaces. • VLAN interfaces. • Tunnel interfaces. display ntp-service ipv6 sessions Use display ntp-service ipv6 sessions to display information about all IPv6 NTP associations.
Page 105 Table 15 Command output Field Description • 1—Clock source selected by the system (the current reference source). • 2—The stratum level of the clock source is less than or equal to 15. [12345] • 3—The clock source has survived the clock selection algorithm. •...
Page 106 Clock source: 1::1 Session ID: 36144 Clock stratum: 16 Clock status: configured, insane, valid, unsynced Reference clock ID: INIT VPN instance: Not specified Local mode: sym_active, local poll interval: 6 Peer mode: unspec, peer poll interval: 10 Offset: 0.0000ms, roundtrip delay: 0.0000ms, dispersion: 15937ms Root roundtrip delay: 0.0000ms, root dispersion: 0.0000ms Reachabilities:0, sync distance: 15.938...
Page 107 Field Description Status of the clock source corresponding to this association: • configured—The association was created at the CLI. • dynamic—The association is established dynamically. • master—The clock source is the primary reference source of the current system. • selected—The clock source has survived the clock selection algorithm.
Page 108 Field Description Operation mode of the peer device: • unspec—The mode is unspecified. • sym_active—Active mode. • sym_passive—Passive mode. peer mode • client—Client mode. • server—Server mode. • broadcast—Broadcast or multicast server mode. • bclient—Broadcast or multicast client mode. Polling interval for the peer device, in seconds. The value peer poll interval displayed is a power of 2.
Page 109: Display Ntp-Service Sessions
display ntp-service sessions Use display ntp-service sessions to display information about all IPv4 NTP associations. Syntax display ntp-service sessions [ verbose ] Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters verbose: Displays detailed information about all IPv4 NTP associations. If you do not specify this keyword, the command displays only brief information about the NTP associations.
Page 110 Field Description Reference clock ID of the NTP server: • If the reference clock is the local clock, the value of this field is related to the value of the stra field: When the value of the stra field is 0 or 1, this field displays LOCL. ...
Page 111 VPN instance: Not specified Local mode: client, local poll interval: 6 Peer mode: server, peer poll interval: 6 Offset: 0.2862ms, roundtrip delay: 3.2653ms, dispersion: 4.5166ms Root roundtrip delay: 0.0000ms, root dispersion: 10.910ms Reachabilities:31, sync distance: 0.0194 Precision: 2^18, version: 3, source interface: Not specified Reftime: d17cbba5.1473de1e Tue, May 17 2011 9:17:25.079...
Page 112 Field Description Reference clock ID of the NTP server: • If the reference clock is the local clock, the value of this field is related to the value of the Clock stratum field: When the value of the Clock stratum field is 0 or 1, this ...
Page 113: Display Ntp-Service Status
Field Description Synchronization distance relative to the upper-level clock, in sync distance seconds, and calculated from dispersion and roundtrip delay values. Precision Accuracy of the system clock. version NTP version in the range of 1 to 4. Source interface. source interface If the source interface is not specified, this field is Not specified.
Page 114 Stability: 0.000 pps Clock precision: 2^-18 Root delay: 0.00000 ms Root dispersion: 3.96367 ms Reference time: d0c5fc32.92c70b1e Wed, Dec 29 2010 18:28:02.573 # Display the NTP service status when time is not synchronized. <Sysname> display ntp-service status Clock status: unsynchronized Clock stratum: 16 Reference clock ID: none Clock jitter: 0.000000 s...
Page 115: Display Ntp-Service Trace
Field Description For an IPv4 NTP server: The field represents the IP address of the remote server when the local device is synchronized to a remote NTP server. The field represents the local clock when the local device uses the local clock as a reference source. •...
Page 116 Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters source interface-type interface-number: Specifies the source interface for sending NTP packets to trace each NTP server from the local device back to the primary reference source. The source IP address of the NTP packets is the IPv4 address/IPv6 address of the specified source interface. If the IP address of an NTP server is a link-local address, the link-local address of the outgoing interface of NTP packets is used as the source IP address of the NTP packets.
Page 117: Ntp-Service Acl
ntp-service unicast-peer ntp-service acl Use ntp-service acl to configure the access-control right for peer devices to access NTP services of the local device. Use undo ntp-service acl to remove the configured NTP service access-control right. Syntax ntp-service { peer | query | server | synchronization } acl acl-number undo ntp-service { peer | query | server | synchronization } acl acl-number Default The access-control right for the peer devices to access the NTP services of the local device is peer.
Page 118: Ntp-Service Authentication Enable
[Sysname-acl-ipv4-basic-2001] rule permit source 10.10.0.0 0.0.255.255 [Sysname-acl-ipv4-basic-2001] quit [Sysname] ntp-service peer acl 2001 Related commands ntp-service authentication enable ntp-service authentication-keyid ntp-service reliable authentication-keyid ntp-service authentication enable Use ntp-service authentication enable to enable NTP authentication. Use undo ntp-service authentication enable to disable NTP authentication. Syntax ntp-service authentication enable undo ntp-service authentication enable...
Page 119 Default No NTP authentication key exists. Views System view Predefined user roles network-admin mdc-admin Parameters keyid: Specifies an authentication key ID in the range of 1 to 4294967295. authentication-mode: Specifies an authentication algorithm. • hmac-sha-1: Specifies the HMAC-SHA-1 algorithm. • hmac-sha-256: Specifies the HMAC-SHA-256 algorithm.
Page 120: Ntp-Service Broadcast-Client
ntp-service broadcast-client Use ntp-service broadcast-client to configure the device to operate in NTP broadcast client mode and use the current interface to receive NTP broadcast packets. Use undo ntp-service broadcast-client to remove the configuration. Syntax ntp-service broadcast-client undo ntp-service broadcast-client Default The device does not operate in any NTP association mode.
Page 121: Ntp-Service Dscp
Predefined user roles network-admin mdc-admin Parameters authentication-keyid keyid: Specifies the key ID to be used for sending broadcast messages to broadcast clients. The value range for the keyid argument is 1 to 4294967295. If you do not specify this option, the local device cannot synchronize broadcast clients enabled with NTP authentication. version number: Specifies the NTP version.
Page 122: Ntp-Service Enable
Examples # Set the DSCP value for IPv4 NTP packets to 30. <Sysname> system-view [Sysname] ntp-service dscp 30 ntp-service enable Use ntp-service enable to enable the NTP service. Use undo ntp-service enable to disable the NTP service. Syntax ntp-service enable undo ntp-service enable Default The NTP service is disabled.
Page 123: Ntp-Service Ipv6 Acl
• You do not want the device to be synchronized by the peer device in the subnet corresponding to the interface. Examples # Disable VLAN-interface 1 from receiving NTP messages. <Sysname> system-view [Sysname] interface vlan-interface 1 [Sysname-Vlan-interface1] undo ntp-service inbound enable ntp-service ipv6 acl Use ntp-service ipv6 acl to configure the access-control right for the peer devices to access the IPv6 NTP services of the local device.
Page 124: Ntp-Service Ipv6 Dscp
• If no ACL is created for any access right, peer is granted. The ntp-service ipv6 acl command provides a minimum security method. NTP authentication is more secure. Examples # Configure the peer devices on subnet 2001::1 to have full access to the local device. <Sysname>...
Page 125: Ntp-Service Ipv6 Multicast-Client
Use undo ntp-service ipv6 inbound enable to disable an interface from receiving IPv6 NTP messages. Syntax ntp-service ipv6 inbound enable undo ntp-service ipv6 inbound enable Default An interface receives IPv6 NTP messages. Views Interface view Predefined user roles network-admin mdc-admin Usage guidelines Execute the undo ntp-service ipv6 inbound enable command on an interface in the following cases:...
Page 126: Ntp-Service Ipv6 Multicast-Server
Usage guidelines After you configure the command, the device listens to IPv6 NTP messages using the specified multicast address as the destination address. It is synchronized based on the received IPv6 NTP messages. If you have configured the device to operate in IPv6 multicast client mode on an interface by using the command, do not add the interface to any aggregate group.
Page 127: Ntp-Service Ipv6 Source
If you have configured the device to operate in IPv6 multicast server mode on an interface with the command, do not add the interface to any aggregate group. To add the interface to an aggregate group, remove the configuration of the command. Examples # Configure the device to operate in IPv6 multicast server mode and send IPv6 NTP multicast messages on VLAN-interface 1 to the multicast address FF21::1, using key 4 for encryption.
Page 128: Ntp-Service Ipv6 Unicast-Peer
• In NTP symmetric active/passive mode, if you have specified the source interface for IPv6 NTP messages in the ntp-service ipv6 unicast-peer command, the specified interface acts as the source interface for IPv6 NTP messages. • In NTP multicast mode, if you have configured the ntp-service ipv6 multicast-server command on an interface, the interface acts as the source interface for NTP multicast messages.
Page 129: Ntp-Service Ipv6 Unicast-Server
specified source interface, and the source address of the messages is the link local address of the interface. The interface-type interface-number argument represents the interface type and number. If you do not specify an interface, the device automatically selects the source IPv6 address of IPv6 NTP messages.
Page 130: Ntp-Service Max-Dynamic-Sessions
Parameters server-name: Specifies an NTP server by its host name, a case-insensitive string of 1 to 253 characters. ipv6-address: Specifies an NTP server by its IPv6 address. It must be a unicast address, rather than a multicast address. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the NTP server belongs.
Page 131: Ntp-Service Multicast-Client
undo ntp-service max-dynamic-sessions Default The maximum number of dynamic NTP sessions is 100. Views System view Predefined user roles network-admin mdc-admin Parameters number: Sets the maximum number of dynamic NTP associations, in the range of 0 to 100. Usage guidelines A device can have a maximum of 128 concurrent associations, including static associations and dynamic associations.
Page 132: Ntp-Service Multicast-Server
Usage guidelines After you configure the command, the device listens to NTP messages using the specified multicast address as the destination address. If you have configured the device to operate in multicast client mode on an interface with the command, do not add the interface to any aggregate group. To add the interface to an aggregate group, remove the configuration of the command.
Page 133: Ntp-Service Refclock-Master
If you have configured the device to operate in multicast server mode on an interface with the command, do not add the interface to any aggregate group. To add the interface to an aggregate group, remove the configuration of the command. Examples # Configure the device to operate in multicast server mode and send NTP multicast messages on VLAN-interface 1 to the multicast address 224.0.1.1, using key 4 for encryption.
Page 134: Ntp-Service Reliable Authentication-Keyid
Use the command with caution to avoid time errors. As a best practice, set the local clock time to a correct value before you execute the command. Examples # Specify the local clock as the reference source, with the stratum level 2. <Sysname>...
Page 135: Ntp-Service Source
ntp-service source Use ntp-service source to specify a source interface for NTP messages. Use undo ntp-service source to restore the default. Syntax ntp-service source interface-type interface-number undo ntp-service source Default No source interface is specified for NTP messages. The device performs the following operations: •...
Page 136: Ntp-Service Unicast-Peer
ntp-service unicast-peer Use ntp-service unicast-peer to specify a symmetric-passive peer for the device. Use undo ntp-service unicast-peer to remove the symmetric-passive peer specified for the device. Syntax ntp-service unicast-peer { peer-name | ip-address } [ vpn-instance vpn-instance-name ] [ authentication-keyid keyid | priority | source interface-type interface-number | version number ] undo ntp-service unicast-peer { peer-name | ip-address } [ vpn-instance vpn-instance-name ] Default No symmetric-passive peer is specified.
Page 137: Ntp-Service Unicast-Server
include vpn-instance vpn-instance-name in the command, the command removes the symmetric-passive peer on the public network. Examples # Specify the device with the IP address of 10.1.1.1 as the symmetric-passive peer of the device, and configure the device to run NTP version 4. Specify the source interface of NTP messages as VLAN-interface 1.
Page 138 outgoing interface and uses the primary IP address of the outgoing interface as the source IP address of the NTP messages. version number: Specifies the NTP version. The value range for the number argument is 1 to 4. The default value is 4. Usage guidelines When you specify an NTP server for the device, the device is synchronized to the NTP server, but the NTP server is not synchronized to the device.
Page 139: Sntp Commands
SNTP commands display sntp ipv6 sessions Use display sntp ipv6 sessions to display information about all IPv6 SNTP associations. Syntax display sntp ipv6 sessions Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Examples # Display information about all IPv6 SNTP associations. <Sysname>...
Page 140: Sntp Authentication Enable
Syntax display sntp sessions Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Examples # Display information about all IPv4 SNTP associations. <Sysname> display sntp sessions SNTP server Stratum Version Last receive time 1.0.1.11 Tue, May 17 2011 9:11:20.833 (Synced) Table 22 Command output Field Description...
Page 141: Sntp Authentication-Keyid
Usage guidelines You need to enable SNTP authentication in networks that require time synchronization security to make sure SNTP clients are synchronized only to authenticated NTP servers. To authenticate an NTP server, set an authentication key and specify it as a trusted key. Examples # Enable SNTP authentication.
Page 142: Sntp Enable
Usage guidelines You need to enable SNTP authentication in networks that require time synchronization security to make sure SNTP clients are synchronized only to authenticated NTP servers. Configure the same key ID and key on the SNTP client and NTP server. Otherwise, the SNTP client cannot be synchronized to the NTP server.
Page 143 Use undo sntp ipv6 unicast-server to remove the IPv6 NTP server specified for the device. Syntax sntp ipv6 unicast-server { server-name | ipv6-address } [ vpn-instance vpn-instance-name ] [ authentication-keyid keyid | source interface-type interface-number ] * undo sntp ipv6 unicast-server { server-name | ipv6-address } [ vpn-instance vpn-instance-name ] Default No IPv6 NTP server is specified.
Page 144: Sntp Reliable Authentication-Keyid
Related commands sntp authentication enable sntp authentication-keyid sntp reliable authentication-keyid sntp reliable authentication-keyid Use sntp reliable authentication-keyid to specify a trusted key. Use undo sntp reliable authentication-keyid to remove the trusted key. Syntax sntp reliable authentication-keyid keyid undo sntp reliable authentication-keyid keyid Default No trusted key is specified.
Page 145 Use undo sntp unicast-server to remove an NTP server specified for the device. Syntax sntp unicast-server { server-name | ip-address } [ vpn-instance vpn-instance-name ] [ authentication-keyid keyid | source interface-type interface-number | version number ] * undo sntp unicast-server { server-name | ip-address } [ vpn-instance vpn-instance-name ] Default No NTP server is specified.
Page 146 sntp reliable authentication-keyid...
Page 147: Snmp Commands
SNMP commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. The SNMP agent sends notifications (traps and informs) to inform the NMS of significant events, such as link state changes and user logins or logouts.
Page 148 Role name: bb Storage-type: nonVolatile Community name: userv1 Group name: testv1 Storage-type: nonvolatile Community name: cc Group name: cc ACL name: testacl Storage-type: nonVolatile Table 23 Command output Field Description Community name created by using the snmp-agent community command or Community name username created by using the snmp-agent usm-user { v1 | v2c } command.
Page 149: Display Snmp-Agent Context
display snmp-agent context Use display snmp-agent context to display SNMP contexts. Syntax display snmp-agent context [ context-name ] Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters context-name: Specifies an SNMP context by its name, a case-sensitive string of 1 to 32 characters. If you do not specify this argument, the command displays all SNMP contexts.
Page 150: Display Snmp-Agent Local-Engineid
Group name: groupv3 Security model: v3 noAuthnoPriv Readview: ViewDefault Writeview: <no specified> Notifyview: <no specified> Storage-type: nonvolatile ACL name: testacl Table 24 Command output Field Description Group name SNMP group name. Security model of the SNMP group: • authPriv—Authentication with privacy. •...
Page 151: Display Snmp-Agent Mib-Node
Usage guidelines Every SNMP entity has one SNMP engine to provide services for sending and receiving messages, authenticating and encrypting messages, and controlling access to managed objects. An SNMP engine ID uniquely identifies an SNMP entity in an SNMP domain. Examples # Display the local SNMP engine ID.
Page 152 |-ieee802dot1<1.0.8802.1>(NA) |-ieee802dot1mibs<1.0.8802.1.1>(NA) Table 25 Command output Field Description -std MIB node name. <1.0> OID of a MIB node. Permissions to MIB nodes: • NA—Not accessible. • NF—Notifications. • (NA) RO—Read-only access. • RW—Read and write access. • RC—Read-write-create access. • WO—Write-only access.
Page 153 Field Description OID of a MIB index node. # Display names and OIDs of MIB notification nodes, and names and OIDs of notification objects. <Sysname> display snmp-agent mib-node trap-node Name |lldpRemTablesChange ||1.0.8802.1.1.2.0.0.1 Trap Object Name |||lldpStatsRemTablesInserts ||||1.0.8802.1.1.2.1.2.2 Name |||lldpStatsRemTablesDeletes ||||1.0.8802.1.1.2.1.2.3 Name |||lldpStatsRemTablesDrops ||||1.0.8802.1.1.2.1.2.4...
Page 154 Field Description OID of a MIB node. MIB node types: • Table—Table node. • Row—Row node in a MIB table. • Column—Column node in a MIB table. NodeType • Leaf—Leaf node. • Group—Group node (parent node of a leaf node). •...
Page 155: Display Snmp-Agent Mib-View
Field Description Value range Value range of a MIB node. Index Table index. This field appears only for a table node. display snmp-agent mib-view Use display snmp-agent mib-view to display MIB views. Syntax display snmp-agent mib-view [ exclude | include | viewname view-name ] Views Any view Predefined user roles...
Page 156: Display Snmp-Agent Remote
Subtree mask: Storage-type: nonVolatile View Type: excluded View status: active View name: ViewDefault MIB Subtree: snmpModules.18 Subtree mask: Storage-type: nonVolatile View Type: excluded View status: active ViewDefault is the default MIB view. The output shows that except for the MIB objects in the snmpUsmMIB, snmpVacmMIB, and snmpModules.18 subtrees, all the MIB objects in the iso subtree are accessible.
Page 157: Display Snmp-Agent Statistics
Parameters ipv4-address: Specifies a remote SNMP entity by its IPv4 address. ipv6 ipv6-address: Specifies a remote SNMP entity by its IPv6 address. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the remote SNMP entity belongs. The vpn-instance-name argument represents the VPN instance name, a case-sensitive string of 1 to 31 characters.
Page 158 mdc-operator Examples # Display SNMP message statistics. <Sysname> display snmp-agent statistics 1684 messages delivered to the SNMP entity. 5 messages were for an unsupported version. 0 messages used an unknown SNMP community name. 0 messages represented an illegal operation for the community supplied. 0 ASN.1 or BER errors in the process of decoding.
Page 159: Display Snmp-Agent Sys-Info
Field Description Number of MIB objects that have been MIB objects altered successfully successfully modified. Number of GetRequest requests that have GetRequest-PDU accepted and processed been received and processed. Number of getNext requests that have been GetNextRequest-PDU accepted and processed received and processed.
Page 160: Display Snmp-Agent Trap Queue
Palo Alto, CA 94304 The location information of the agent: The SNMP version of the agent: SNMPv3 Related commands snmp-agent sys-info display snmp-agent trap queue Use display snmp-agent trap queue to display basic information about the trap queue. Syntax display snmp-agent trap queue Views Any view Predefined user roles...
Page 161: Display Snmp-Agent Usm-User
mdc-operator Usage guidelines If a module has multiple sub-modules and SNMP notifications are enabled for one of its sub-modules, the command output shows that the module is SNMP notifications-enabled. To determine whether a module supports SNMP notifications, execute the snmp-agent trap enable ? command.
Page 162 Usage guidelines This command displays only SNMPv3 users that you have created by using the snmp-agent usm-user v3 command. To display SNMPv1 or SNMPv2c users created by using the snmp-agent usm-user { v1 | v2c } command, use the display snmp-agent community command. Examples # Display information about all SNMPv3 users.
Page 163: Enable Snmp Trap Updown
Field Description Storage type: • volatile. • nonvolatile. • permanent. Storage-type • readOnly. • other. For more information about these storage types, see Table SNMP user status: • active—The SNMP user is effective. • UserStatus notInService—The SNMP user is correctly configured but not activated. •...
Page 164: Snmp-Agent
[Sysname] snmp-agent trap enable [Sysname] snmp-agent target-host trap address udp-domain 10.1.1.1 params securityname public [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] enable snmp trap updown Related commands snmp-agent target-host snmp-agent trap enable snmp-agent Use snmp-agent to enable the SNMP agent. Use undo snmp-agent to disable the SNMP agent. Syntax snmp-agent undo snmp-agent...
Page 165: Snmp-Agent Calculate-Password
Views System view Predefined user roles network-admin mdc-admin Parameters inform: Specifies informs. trap: Specifies traps. interface-type { interface-number | interface-number.subnumber }: Specifies an interface by its type and number. The interface-number argument specifies a main interface number. The subnumber argument specifies a subinterface number in the range of 1 to 4094. Usage guidelines The snmp-agent source command enables the SNMP agent to use the primary IP address of an interface or subinterface as the source IP address in all its SNMP informs or traps, regardless of their...
Page 166 Views System view Predefined user roles network-admin mdc-admin Parameters plain-password: Specifies a key in plaintext form. The plain-password argument is a case-sensitive string of 1 to 64 characters. mode: Specifies an authentication algorithm and encryption algorithm. The device supports the HMAC-MD5 and HMAC-SHA1 authentication algorithms.
Page 167: Snmp-Agent Community
Examples # Use the local engine ID and the HMAC-SHA1 algorithm to calculate the encrypted form for key authkey. <Sysname> system-view [Sysname] snmp-agent calculate-password authkey mode sha local-engineid The encrypted key is: 09659EC5A9AE91BA189E5845E1DDE0CC Related commands snmp-agent local-engineid snmp-agent usm-user v3 snmp-agent community Use snmp-agent community to configure an SNMPv1 or SNMPv2c community.
Page 168 set of accessible MIB objects. If you do not specify a view, the specified community can access the MIB objects in the default MIB view ViewDefault. user-role role-name: Specifies a user role name for the community, a case-sensitive string of 1 to 63 characters.
Page 169: Snmp-Agent Community-Map
For more information about ACL, see ACL and QoS Configuration Guide. You can also create an SNMP community by using the snmp-agent usm-user { v1 | v2c } and snmp-agent group { v1 | v2c } commands. These two commands create an SNMPv1 or SNMPv2c user and the group to which the user is assigned.
Page 170: Snmp-Agent Context
Use undo snmp-agent community-map to delete the mapping between an SNMP community and an SNMP context. Syntax snmp-agent community-map community-name context context-name undo snmp-agent community-map community-name context context-name Default No mapping exists between an SNMP community and an SNMP context. Views System view Predefined user roles...
Page 171: Snmp-Agent Group
Parameters context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters. Usage guidelines For an NMS and an SNMP agent to communicate, configure the same SNMP context for them or do not configure a context for the NMS. You can create a maximum of 20 SNMP contexts.
Page 172 Parameters v1: Specifies SNMPv1. v2c: Specifies SNMPv2c. v3: Specifies SNMPv3. group-name: Specifies an SNMP group name, a case-sensitive string of 1 to 32 characters. authentication: Specifies the authentication without privacy security model for the SNMPv3 group. privacy: Specifies the authentication with privacy security model for the SNMPv3 group. read-view view-name: Specifies a read-only MIB view.
Page 173: Snmp-Agent Local-Engineid
Security model Security key Security model keyword for the settings for the Remarks group user If no authentication key is configured, SNMP communication will fail. Authentication without authentication Authentication key privacy The encryption key (if any) for the user does not take effect.
Page 174: Snmp-Agent Log
Parameters engineid: Specifies an SNMP engine ID, a case-insensitive hexadecimal string. Its length is an even number in the range of 10 to 64. All-zero and all-F strings are invalid. Usage guidelines An SNMP engine ID uniquely identifies a device in an SNMP managed network. Make sure the local SNMP engine ID is unique within your SNMP managed network to avoid communication problems.
Page 175: Snmp-Agent Mib-View
Examples # Enable logging SNMP Get operations. <Sysname> system-view [Sysname] snmp-agent log get-operation # Enable logging SNMP Set operations. <Sysname> system-view [Sysname] snmp-agent log set-operation # Enable logging SNMP authentication failures. <Sysname> system-view [Sysname] snmp-agent log authfail snmp-agent mib-view Use snmp-agent mib-view to create or update a MIB view. Use undo snmp-agent mib-view to delete a MIB view.
Page 176: Snmp-Agent Packet Max-Size
The system can store entries for up to 20 unique MIB view records. In addition to the four default MIB view records, you can create up to 16 unique MIB view records. After you delete the default view with the undo snmp-agent mib-view command, you can create up to 20 unique MIB view records. Be cautious with deleting the default MIB view.
Page 177: Snmp-Agent Port
[Sysname] snmp-agent packet max-size 1024 snmp-agent port Use snmp-agent port to specify the UDP port for receiving SNMP packets. Use undo snmp-agent port to restore the default. Syntax snmp-agent port port-num undo snmp-agent port Default The device uses UDP port 161 for receiving SNMP packets. Views System view Predefined user roles...
Page 178: Snmp-Agent Sys-Info Contact
Views System view Predefined user roles network-admin mdc-admin Parameters ipv4-address: Specifies a remote SNMP entity by its IPv4 address. ipv6 ipv6-address: Specifies a remote SNMP entity by its IPv6 address. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the remote SNMP entity belongs.
Page 179: Snmp-Agent Sys-Info Location
Parameters sys-contact: Specifies the system contact, a case-sensitive string of 1 to 255 characters. Usage guidelines Configure the system contact for system maintenance and management. Examples # Configure the system contact as Dial System Operator # 27345. <Sysname> system-view [Sysname] snmp-agent sys-info contact Dial System Operator # 27345 Related commands display snmp-agent sys-info snmp-agent sys-info location...
Page 180: Snmp-Agent Target-Host
Syntax In non-FIPS mode: snmp-agent sys-info version { all | { v1 | v2c | v3 } * } undo snmp-agent sys-info version { all | { v1 | v2c | v3 } * } In FIPS mode: snmp-agent sys-info version v3 undo snmp-agent sys-info version v3 Default SNMPv3 is enabled.
Page 181 undo snmp-agent target-host { trap | inform } address udp-domain { ipv4-address | ipv6 ipv6-address } params securityname security-string [ vpn-instance vpn-instance-name ] In FIPS mode: snmp-agent target-host inform address udp-domain { ipv4-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string v3 { authentication | privacy } snmp-agent target-host trap address udp-domain { ipv4-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string v3...
Page 182: Snmp-Agent Trap Enable
• privacy: Specifies the security model to be authentication with privacy. You must specify the authentication key and encryption key when you create the SNMPv3 user. Usage guidelines You can specify multiple SNMP notification target hosts. Make sure the SNMP agent uses the same UDP port for SNMP notifications as the target host. Typically, NMSs, for example, IMC and MIB Browser, use port 162 for SNMP notifications as defined in the SNMP protocols.
Page 183: Snmp-Agent Trap If-Mib Link Extended
protocol: Specifies a protocol module. You can use the snmp-agent trap enable ? command to obtain the value of this argument. For more information about this argument, see the command reference for each module. standard: Specifies SNMP standard notifications. Table 35 Standard SNMP notifications Keyword Definition Authentication failure notification sent when an NMS fails to be authenticated by the...
Page 184: Snmp-Agent Trap Life
Usage guidelines Extended linkUp and linkDown notifications add interface description and interface type to the standard linkUp/linkDown notifications for fast failure point identification. When you use this command, make sure the NMS supports the extended linkup and linkDown notifications. Examples # Enable extended linkUp/linkDown notifications.
Page 185: Snmp-Agent Trap Queue-Size
Syntax snmp-agent trap log undo snmp-agent trap log Default SNMP notification logging is disabled. Views System view Predefined user roles network-admin mdc-admin Usage guidelines Use SNMP notification logging to record SNMP notifications sent by the SNMP agent for notification tracking. The SNMP agent sends the logs to the information center. You can configure the information center to output the logs to a destination as needed.
Page 186: Snmp-Agent Usm-User { V1 | V2C
Examples # Set the SNMP notification queue size to 200. <Sysname> system-view [Sysname] snmp-agent trap queue-size 200 Related commands snmp-agent target-host snmp-agent trap enable snmp-agent trap life snmp-agent usm-user { v1 | v2c } Use snmp-agent usm-user { v1 | v2c } to create an SNMPv1 or SNMPv2c user. Use undo snmp-agent usm-user { v1 | v2c } to delete an SNMPv1 or SNMPv2c user.
Page 187 Only users with the network-admin, mdc-admin, or level-15 user role can execute this command. Users with other user roles cannot execute this command even if these roles are granted access to commands of the SNMP feature or this command. On an SNMPv1 or SNMPv2c network, NMSs and agents authenticate each other by using the community name.
Page 188: Snmp-Agent Usm-User V3
snmp-agent community snmp-agent group snmp-agent usm-user v3 Use snmp-agent usm-user v3 to create an SNMPv3 user. Use undo snmp-agent usm-user v3 to delete an SNMPv3 user. Syntax In non-FIPS mode: • In VACM mode: snmp-agent usm-user v3 user-name group-name [ remote { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] ] [ { cipher | simple } authentication-mode { md5 | sha } auth-password [ privacy-mode { 3des | aes128 | aes192 | aes256 | des56 } priv-password ] ] [ acl { ipv4-acl-number | name ipv4-acl-name } | acl ipv6 { ipv6-acl-number | name ipv6-acl-name } ] *...
Page 189 Parameters user-name: Specifies an SNMPv3 username, a case-sensitive string of 1 to 32 characters. group-name: Specifies an SNMPv3 group name, a case-sensitive string of 1 to 32 characters. The group can be one that has been created or not. The user takes effect only after you create the group. user-role role-name: Specifies a user role name, a case-sensitive string of 1 to 63 characters.
Page 190 name ipv6-acl-name: Specifies a basic IPv6 ACL by its name, a case-insensitive string of 1 to 63 characters. local: Specifies the local SNMP engine. By default, an SNMPv3 user is associated with the local SNMP engine. engineid engineid-string: Specifies an SNMP engine ID. The engineid-string argument is an even number of hexadecimal characters, in the range of 10 to 64.
Page 191 <Sysname> system-view [Sysname] snmp-agent group v3 testGroup authentication [Sysname] snmp-agent usm-user v3 testUser testGroup simple authentication-mode sha 123456TESTplat&! # For an NMS to access the MIB objects in the default view ViewDefault, make sure the following configurations on the NMS are the same as the SNMP agent: •...
Page 192: Snmp-Agent Usm-User V3 User-Role
snmp-agent calculate-password snmp-agent group snmp-agent remote snmp-agent usm-user v3 user-role snmp-agent usm-user v3 user-role Use snmp-agent usm-user v3 user-role to assign a user role to an SNMPv3 user created in RBAC mode. Use undo snmp-agent usm-user user-role to remove a user role. Syntax snmp-agent usm-user v3 user-name user-role role-name undo snmp-agent usm-user v3 user-name user-role role-name...
Page 193: Rmon Commands
RMON commands display rmon alarm Use display rmon alarm to display information about RMON alarm entries. Syntax display rmon alarm [ entry-number ] Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters entry-number: Specifies an alarm entry by its index in the range of 1 to 65535. If you do not specify an entry, the command displays all RMON alarm entries.
Page 194: Display Rmon Event
Field Description Sample type: • Sample type absolute. • delta. Sampled variable Monitored variable. Sampling interval Interval (in seconds) at which data is sampled. Rising threshold Alarm rising threshold. associated with event Event index associated with the alarm.. Falling threshold Alarm falling threshold.
Page 195: Display Rmon Eventlog
Examples # Display information about all RMON event entries. <Sysname> display rmon event EventEntry 1 owned by user1 is VALID. Description: N/A Community: Security Take the action log-trap when triggered, last triggered at 0days 00h:02m:27s uptime. Table 37 Command output Field Description Event entry owner and status:...
Page 196 Parameters entry-number: Specifies an event entry by its index in the range of 1 to 65535. If you do not specify an entry, the command displays log entries for all event entries. Usage guidelines If the log action is specified for an event, the system adds a record in the event log table each time the event occurs.
Page 197: Display Rmon History
Related commands rmon event display rmon history Use display rmon history to display RMON history control entries and history samples of Ethernet statistics for Ethernet interfaces. Syntax display rmon history [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator mdc-admin...
Page 198 Table 39 Command output Field Description Status and owner of the history control entry: • entry-number—History control entry index. • owner—Entry owner. • status—Entry status: HistoryControlEntry VALID—The entry is valid.  entry-number owned by UNDERCREATION—The entry is invalid.  owner is status. The status field is not configurable at the CLI.
Page 199: Display Rmon Prialarm
Related commands rmon history display rmon prialarm Use display rmon prialarm to display information about RMON private alarm entries. Syntax display rmon prialarm [ entry-number ] Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters entry-number: Specifies an alarm entry index in the range of 1 to 65535. If you do not specify an entry, the command displays all private alarm entries.
Page 200: Display Rmon Statistics
Field Description Sample type: • Sample type absolute. • delta. Variable formula Variable formula. Description Description of the alarm. Sampling interval Interval (in seconds) at which data is sampled. Rising threshold Alarm rising threshold. Falling threshold Alarm falling threshold. associated with event Event index associated with the alarm..
Page 201 Examples # Display RMON statistics for Ten-GigabitEthernet 1/0/1. <Sysname> display rmon statistics ten-gigabitethernet 1/0/1 EtherStatsEntry 1 owned by user1 is VALID. Interface : Ten-GigabitEthernet1/0/1<ifIndex.3> etherStatsOctets : 43393306 , etherStatsPkts : 619825 etherStatsBroadcastPkts : 503581 , etherStatsMulticastPkts : 44013 etherStatsUndersizePkts , etherStatsOversizePkts etherStatsFragments , etherStatsJabbers etherStatsCRCAlignErrors : 0...
Page 202: Rmon Alarm
Field Description Incoming-packet statistics by packet length: • 64—Number of packets with a length less than or equal to 64 bytes. • 65-127—Number of 65- to 127-byte packets. • Incoming packets by size: 128-255—Number of 128- to 255-byte packets. • 256-511—Number of 256- to 511-byte packets.
Page 203 sampling-interval: Sets the sampling interval in the range of 5 to 65535 seconds. absolute: Specifies absolute sampling. RMON compares the value of the variable with the rising and falling thresholds. delta: Specifies delta sampling. RMON subtracts the value of the variable at the previous sample from the current sampled value, and then compares the difference with the rising and falling thresholds.
Page 204: Rmon Event
[Sysname] rmon alarm 1 1.3.6.1.2.1.16.1.1.1.4.1 10 absolute rising-threshold 5000 1 falling-threshold 5 2 owner user1 In this example, you can replace 1.3.6.1.2.1.16.1.1.1.4.1 with etherStatsOctets.1, where 1 is the statistics entry index for the interface. If you execute the rmon statistics 5 command, you can use etherStatsOctets.5 to replace 1.3.6.1.2.1.16.1.1.1.4.5.
Page 205: Rmon History
Usage guidelines You can create a maximum of 60 event entries. You can associate an event entry with a standard or private alarm entry to specify the action to take when an alarm condition occurs. Depending on your configuration, the system logs the event, sends an SNMP notification, does both, or does neither.
Page 206: Rmon Prialarm
If an Ethernet interface has a history control entry, RMON periodically samples packet statistics on the interface and stores the samples to the history table. When the bucket size for the history control entry is reached, RMON overwrites the oldest sample with the most recent sample. You can create multiple RMON history control entries for an Ethernet interface.
Page 207 delta: Specifies delta sampling. RMON subtracts the value of the variable at the previous sample from the current sampled value, and then compares the difference with the rising and falling thresholds. startup-alarm: Specifies alarms that can be generated at the first sampling when a rising or falling threshold is reached or exceeded.
Page 208: Rmon Statistics
[Sysname] rmon event 1 log [Sysname] rmon event 2 none [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] rmon statistics 1 [Sysname-Ten-GigabitEthernet1/0/1] quit [Sysname] rmon prialarm 1 (.1.3.6.1.2.1.16.1.1.1.6.1*100/.1.3.6.1.2.1.16.1.1.1.5.1) BroadcastPktsRatioOfXGE1/0/1 10 absolute rising-threshold 80 1 falling-threshold 5 2 entrytype forever owner user1 The last number in the OID forms of variables must be the same as the statistics entry index for the interface.
Page 209 [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] rmon statistics 20 owner user1 Related commands display rmon statistics...
Page 210: Netconf Commands
NETCONF commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. netconf idle-timeout Use netconf idle-timeout to set the NETCONF session idle timeout time.
Page 211: Netconf Log
netconf log Use netconf log to enable NETCONF logging. Use undo netconf log to remove the configuration for the specified NETCONF operation sources and NETCONF operations. Syntax netconf log source { all | { agent | soap | web } * } { { protocol-operation { all | { action | config | get | session | set | syntax | others } * } } | verbose } undo netconf log source { all | { agent | soap | web } * } { { protocol-operation { all | { action | config | get | session | set | syntax | others } * } } | verbose }...
Page 212: Netconf Soap Domain
Examples # Configure the device to log NETCONF edit-config information sourced from agent clients. <Sysname> system-view [Sysname] netconf log source agent protocol-operation set netconf soap domain Use netconf soap domain to specify a mandatory authentication domain for NETCONF users. Use undo netconf soap domain to restore the default. Syntax netconf soap domain domain-name undo netconf soap domain domain-name...
Page 213: Netconf Soap Http Dscp
undo netconf soap http acl Default No ACL is applied to NETCONF over SOAP over HTTP traffic. Views System view Predefined user roles network-admin mdc-admin Parameters acl-number: Specifies an ACL by its number in the range of 2000 to 2999. name acl-name: Specifies an ACL by its name.
Page 214: Netconf Soap Http Enable
Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63. A larger DSCP value represents a higher priority. Usage guidelines The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.
Page 215: Netconf Soap Https Dscp
Default No ACL is applied to NETCONF over SOAP over HTTPS traffic. Views System view Predefined user roles network-admin mdc-admin Parameters acl-number: Specifies an ACL by its number in the range of 2000 to 2999. name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters.
Page 216: Netconf Soap Https Enable
Usage guidelines The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet. Examples # Set the DSCP value to 30 for outgoing NETCONF over SOAP over HTTPS packets. <Sysname>...
Page 217: Netconf Ssh Server Port
Predefined user roles network-admin mdc-admin Usage guidelines This feature allows you to use an SSH client to invoke NETCONF as an SSH subsystem. Then, you can directly use XML messages to perform NETCONF operations without using the xml command. Before you execute this command, configure the authentication mode for users as scheme on the device.
Page 218 For example, in user line view, you configured "a" as the shortcut key by using the escape-key a command. When a NETCONF message includes the character "a," only the contents after the last "a" in the message can be processed. Examples # Enter XML view. <Sysname> xml <?xml version="1.0" encoding="UTF-8"?><hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><capabilities><capability>urn:ietf:pa rams:netconf:base:1.1</capability><capability>urn:ietf:params:netconf:writable-runnin g</capability><capability>urn:ietf:params:netconf:capability:notification:1.0</capabi lity><capability>urn:ietf:params:netconf:capability:validate:1.1</capability><capabil ity>urn:ietf:params:netconf:capability:interleave:1.0</capability><capability>urn:hpe...
Page 219 :params:netconf:capability:hpe-netconf-ext:1.0</capability></capabilities><session-id >1</session-id></hello>]]>]]> # Exchange capabilities. <hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <capabilities> <capability> urn:ietf:params:netconf:base:1.0 </capability> </capabilities> </hello>]]>]]> # Quit XML view. <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <close-session> </close-session> </rpc>]]>]]> <Sysname>...
Page 220: Eaa Commands
EAA commands action cli Use action cli to add a CLI action to a monitor policy. Use undo action to remove an action. Syntax action number cli command-line undo action number Default A monitor policy does not contain any actions. Views CLI-defined policy view Predefined user roles...
Page 221: Action Reboot
[Sysname-rtm-test] action 3 cli shutdown action reboot Use action reboot to add a reboot action to a monitor policy. Use undo action to remove an action. Syntax In standalone mode: action number reboot [ slot slot-number [ subslot subslot-number ] ] undo action number In IRF mode: action number reboot [ chassis chassis-number [ slot slot-number [ subslot subslot-number ] ] ]...
Page 222: Action Switchover
Examples # (In standalone mode.) Configure an action for the CLI-defined policy test to reboot the specified slot. <Sysname> system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] action 3 reboot slot 1 action switchover Use action switchover to add an active/standby switchover action to a monitor policy. Use undo action to remove an action.
Page 223: Action Syslog
action syslog Use action syslog to add a Syslog action to a monitor policy. Use undo action to remove an action. Syntax action number syslog priority priority facility local-number msg msg-body undo action number Default A monitor policy does not contain any actions. Views CLI-defined policy view Predefined user roles...
Page 224: Display Rtm Environment
Default No CLI-defined monitor policies are enabled. Views CLI-defined policy view Predefined user roles network-admin mdc-admin Usage guidelines You must execute this command for a CLI-defined monitor policy to take effect. After changing the settings in a policy that has been enabled, you must re-execute this command for the changes to take effect.
Page 225: Display Rtm Policy
Table 44 Command output Field Description Name of a user-defined EAA environment variable. This field displays a maximum of Name 30 characters. To display a user-defined EAA environment variable name of more than 30 characters, use the display current-configuration command. Value of the user-defined EAA environment variable.
Page 226 Field Description Event type, including CLI, hotplug, interface, process, SNMP, SNMP-Notification, Event Syslog, and track. TimeActive Time when the monitor policy was triggered. PolicyName Name of the monitor policy. # Display brief information about all created monitor policies. <Sysname> display rtm policy registered Total number: 1 Type Event...
Page 227: Event Cli
event cli Use event cli to configure a CLI event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy. Syntax event cli { async [ skip ] | sync } mode { execute | help | tab } pattern regular-exp undo event Default No CLI event is configured.
Page 228: Event Hotplug
[Sysname] rtm cli-policy test [Sysname-rmt-test] event cli async mode tab pattern display interface brief # Configure a CLI-defined policy to monitor the use of the question mark (?) at command lines that contain the display interface brief string. Enable the system to execute a policy-matching command line only if the actions in the policy are executed successfully when a question mark is entered at the command line.
Page 229: Event Interface
You can configure only one event entry for a monitor policy. If the monitor policy already contains an event entry, the new event entry replaces the old event entry. Examples # (In standalone mode.) Configure a CLI-defined policy to monitor the specified slot for card swapping.
Page 230 Monitored traffic Description statistic input-errors Number of incoming error packets. output-drops Number of discarded outgoing packets. output-errors Number of outgoing error packets. rcv-bps Receive rate, in bps. rcv-broadcasts Number of incoming broadcasts. rcv-pps Receive rate, in packets per second. tx-bps Transmit rate, in bps.
Page 231: Event Process
EAA to re-execute the policy if the statistic exceeds 1000 each time after the statistic has dropped below 50. <Sysname> system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] event interface ten-gigabitethernet 1/0/1 monitor-obj input-errors start-op gt start-val 1000 restart-op lt restart-val 50 interval 60 event process Use event process to configure a process event for a CLI-defined monitor policy.
Page 232: Event Snmp Oid
chassis chassis-number: Specifies an IRF member device by its member ID or specifies a PEX by its virtual chassis number. On an IRF fabric, the policy applies to all member devices if you do not specify a member device. On an eIRF system, the policy applies to all IRF member devices and PEXs if you do not specify a member device or PEX.
Page 233: Event Snmp-Notification
restart-op op: Specifies the operator for comparing the sampled value with the restart threshold. The restart threshold is crossed if the comparison result meets the condition. For keywords available for the start-op argument, see Table restart-op restart-val: Specifies the restart threshold to be compared with the sampled value. The restart-val argument can be any data type supported by SNMP, including numerals and character strings.
Page 234: Event Syslog
Default No SNMP-Notification event is configured. Views CLI-defined policy view Predefined user roles network-admin mdc-admin Parameters oid oid: Specifies the OID of the monitored MIB variable, a string of 1 to 256 characters. oid-val oid-val: Specifies the threshold to be compared with the sampled value. The oid-val argument can be any data type supported by SNMP, including numerals and character strings.
Page 235: Event Track
Predefined user roles network-admin mdc-admin Parameters priority priority: Specifies the lowest severity level for matching log messages. The level argument can be an integer in the range of 0 to 7, or the word all. A lower number represents higher priority level.
Page 236: Rtm Cli-Policy
Predefined user roles network-admin mdc-admin Parameters track-list: Specifies a space-separated list of up to 16 track items. Each item specifies a track entry number or a range of track entry numbers in the form of track-entry-number to track-entry-number. The value range for the track-entry-number argument is 1 to 1024. state { negative | positive }: Triggers the policy when the states of the track entries change.
Page 237: Rtm Environment
undo rtm cli-policy policy-name Default No CLI-defined monitor policies exist. Views System view Predefined user roles network-admin mdc-admin Parameters policy-name: Specifies the name of a CLI-defined monitor policy, a case-sensitive string of 1 to 63 characters. Usage guidelines You must create a CLI-defined monitor policy before you can use the CLI to configure settings in the policy.
Page 238 Variable name Description _event_id Event ID. _event_type Event type. _event_type_string Event type description. _event_time Time when the event occurs. _event_severity Severity level of an event. CLI: _cmd Commands that are matched. Syslog: _syslog_pattern Log message content. Hotplug: _slot ID of the slot where card hot-swapping occurs. ID of the subslot where subcard hot-swapping occurs.
Page 239: Rtm Event Syslog Buffer-Size
Examples # Create an environment variable: set its name to if and set its value to interface. <Sysname> system-view [Sysname] rtm environment if interface rtm event syslog buffer-size Use rtm event syslog buffer-size to set the size for the EAA-monitored log buffer. Use undo rtm event syslog buffer-size to restore the default.
Page 240: Rtm Tcl-Policy
Views System view Predefined user roles network-admin mdc-admin Usage guidelines You need to suspend the monitor policies under the following circumstances: • The monitor policies are triggered frequently, affecting the system services and performance. • The Tcl script of a policy needs to be revised. After you execute this command, EAA will not execute the policies even if the trigger conditions are met.
Page 241: Running-Time
after you finish revising the script. The system cannot execute a Tcl-defined policy if you edit its Tcl script without suspending all monitor policies. To bind a Tcl-defined policy to a different Tcl script file: Execute the undo rtm tcl-policy command to delete the Tcl policy. Create the Tcl policy again, and then bind it to the new Tcl script file.
Page 242 Use undo user-role to remove a user role from a CLI-defined policy. Syntax user-role role-name undo user-role role-name Default A monitor policy contains user roles that its creator had at the time of policy creation. Views CLI-defined policy view Predefined user roles network-admin mdc-admin Parameters...
Page 243: Process Monitoring And Maintenance Commands
Process monitoring and maintenance commands The display memory, display process, display process cpu, monitor process and monitor thread commands display information about both user processes and kernel threads. In these commands, "process" refers to both user processes and kernel threads. display exception context Use display exception context to display context information for process exceptions.
Page 244 Core file path: flash:/core/node0_routed_120_7_20130409-171430_1365527670.core 0xb7caba4a 0x0804cb79 0xb7cd77c4 0x08049f45 Backtrace stopped. Registers' content eax:0xfffffffc ebx:0x00000003 ecx:0xbfe244ec edx:0x0000000a esp:0xbfe244b8 ebp:0xbfe244c8 esi:0xffffffff edi:0xbfe24674 eip:0xb7caba4a eflag:0x00000292 cs:0x00000073 ss:0x0000007b ds:0x0000007b es:0x0000007b fs:0x00000000 gs:0x00000033 # Display the exception context information on the x86-based 64-bit terminal. <Sysname> display exception context Index 1 of 1 ------------------------------ Crashed PID: 121 (routed)
Page 245 Core file path: flash:/core/node0_routed_133_7_20130410-154749_1365608869.core 0x184720bc 0x10006b4c Backtrace stopped. Registers' content grp00: 0x000000ee 0x7ffd6ad0 0x1800f440 0x00000004 grp04: 0x7ffd6af8 0x0000000a 0xffffffff 0x184720bc grp08: 0x0002d200 0x00000003 0x00000001 0x1847209c grp12: 0x10006b4c 0x10020534 0xd6744100 0x00000000 grp16: 0x00000000 0xa0203ff0 0xa028b12c 0xa028b13c grp20: 0xa028b148 0xa028b168 0xa028b178 0xa028b190 grp24: 0xa028b1a8 0xa028b1b8 0x00000000 0x7ffd6c08 grp28: 0x10006cac 0x7ffd6f92 0x184c1b84 0x7ffd6ae0 nip:0x184720bc...
Page 246 nip:0x00000fff803c66b4 lr:0x0000000010009b94 cr:0x0000000058000482 ctr:0x00000fff803c66ac msr:0x000000008002d000 xer:0x0000000000000000 ret:0xfffffffffffffffc dsisr:0x0000000000000000 gr3:0x0000000000000003 softe:0x0000000000000001 trap:0x0000000000000c00 dar:0x00000fff8059d14c # Display the exception context information on the MIPS-based 32-bit terminal. <Sysname> display exception context Index 1 of 1 ------------------------------ Crashed PID: 182 (routed) Crash signal: SIGBUS Crash time: Sun Jan 2 08:11:38 2013 Core file path: flash:/core/node4_routed_182_10_20130102-081138_1293955898.core...
Page 247: Display Exception Filepath
a6:0xffffffff8021349c a7:0x20696e206368616e t0:0x0000000000000000 t1:0xffffffff80105078 t2:0xffffffff80213890 t3:0x0000000000000008 s0:0x0000005555a99c40 s1:0x000000ffff89af5f s2:0x0000000120007320 s3:0x0000005555a5f470 s4:0x000000ffff899f80 s5:0xffffffff803cc6c0 s6:0xffffffff803cc6a8 s7:0xffffffff803cc690 t8:0x0000000000000002 t9:0x0000005555a3bc98 k0:0x0000000000000000 k1:0x0000000000000000 gp:0x0000000120020460 sp:0x000000ffff899d70 s8:0x000000ffff899d80 ra:0x0000000120006c1c sr:0x000000000400fff3 lo:0xdf3b645a1cac08c9 hi:0x000000000000007f bad:0x000000555589ba84 cause:0x0000000000800020 pc:0x0000005555a3bcb4 Table 51 Command output Filed Description Crashed PID ID of the crashed process. Signals that led to the crash: •...
Page 248: Display Kernel Deadloop
Views Any view Predefined user roles network-admin mdc-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays the core file directory on the active MPU. (In standalone mode.) chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. If you do not specify this option, the command displays the core file directory on the global active MPU.
Page 249 Examples # (In standalone mode.) Display brief information about the most recent kernel thread deadloop. <Sysname> display kernel deadloop 1 ----------------- Deadloop record 1 ----------------- Description : BUG: soft lockup - CPU#0 stuck for 61! [comsh: 16306] Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01...
Page 250 Reg: r26, Val = 0x00000000 ; Reg: r27, Val = 0x057d9484 ; Reg: r28, Val = 0x0000002c ; Reg: r29, Val = 0x00000000 ; Reg: r30, Val = 0x0000002c ; Reg: r31, Val = 0x00000000 ; Reg: cr, Val = 0x84000028 ; Reg: nip, Val = 0x057d9550 ;...
Page 251: Display Kernel Deadloop Configuration
Function Address = 0x8012d734 Function Address = 0x80100a00 Function Address = 0xe0071004 Function Address = 0x8016ce0c Function Address = 0x801223a0 Instruction dump: 41a2fe9c 812300ec 800200ec 7f890000 409efe8c 80010014 540b07b9 40a2fe80 4bfffe6c 80780290 7f64db78 4804ea35 <807f002c> 38800000 38a00080 3863000c Table 52 Command output Field Description Description for the kernel thread deadloop, including the CPU number,...
Page 252 Syntax In standalone mode: display kernel deadloop configuration [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display kernel deadloop configuration [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin mdc-admin Parameters slot slot-number: Specifies an MPU by its slot number.
Page 253: Display Kernel Exception
display kernel exception Use display kernel exception to display kernel thread exception information. Syntax In standalone mode: display kernel exception show-number [ offset ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display kernel exception show-number [ offset ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view...
Page 254 module name (disk) module address (0xe00bd000) # (In standalone mode.) Display detailed information about the most recent kernel thread exception. <Sysname> display kernel exception 1 verbose ----------------- Exception record 1 ----------------- Description : Oops[#0] Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01 11:16:00.823018 Instruction address...
Page 255 0xe2be5ec0: 02 be 60 a0 01 86 ef f0 00 00 00 00 00 00 00 00 0xe2be5ed0: 02 04 05 b4 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ef0: 95 47 73 35 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f00: a0 e1 64 21 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f10: 00 00 00 00 00 00 00 00 00 00 00 00 01 e9 00 00...
Page 256: Display Kernel Reboot
display kernel reboot Use display kernel reboot to display reboot information for cards. Syntax In standalone mode: display kernel reboot show-number [ offset ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display kernel reboot show-number [ offset ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view...
Page 257 <Sysname> display kernel reboot 1 verbose ----------------- Reboot record 1 ----------------- Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01 11:16:00.823018 Reason : 0x31 Thread : comsh (TID: 16306) Context : thread context Slot Target Slot VCPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)-->...
Page 258 0xe2be6050: 00 00 00 04 02 21 00 00 00 00 00 00 01 e9 00 00 0xe2be6060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be6070: 00 00 00 00 00 00 00 00 02 be 66 c0 02 be 66 d0 0xe2be6080: 02 be 61 e0 00 00 00 02 00 00 00 00 02 be 61 70 0xe2be6090: 00 00 00 00 02 21 00 00 05 8d 34 c4 05 7d 92 44 Call trace:...
Page 259: Display Kernel Starvation
display kernel starvation Use display kernel starvation to display kernel thread starvation information. Syntax In standalone mode: display kernel starvation show-number [ offset ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display kernel starvation show-number [ offset ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view...
Page 260 Description : INFO: task comsh: 16306 blocked for more than 10 seconds. Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01 11:16:00.823018 Instruction address : 0x4004158c Thread : comsh (TID: 16306) Context : thread context Slot VCPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)-->...
Page 261 0xe2be5f00: a0 e1 64 21 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f10: 00 00 00 00 00 00 00 00 00 00 00 00 01 e9 00 00 0xe2be5f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f30: 00 00 00 00 00 00 00 00 02 be 66 c0 02 be 66 d0 0xe2be5f40: 02 be 61 e0 00 00 00 02 00 00 00 00 02 44 b3 a4 0xe2be5f50: 02 be 5f 90 00 00 00 08 02 be 5f e0 00 00 00 08...
Page 262: Display Kernel Starvation Configuration
display kernel starvation configuration Use display kernel starvation configuration to display kernel thread starvation detection configuration. Syntax In standalone mode: display kernel starvation configuration [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display kernel starvation configuration [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view...
Page 263: Display Process
display process Use display process to display process state information. Syntax In standalone mode: display process [ all | job job-id | name process-name ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display process [ all | job job-id | name process-name ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view...
Page 264 Process state: sleeping Max. core: 0 ARGS: - LAST_CPU Stack State HH:MM:SS:MSEC Name 0:0:5:220 scmd Table 56 Command output Field Description Job ID Job ID of the process. The job ID never changes. Number of the process. The number identifies the process, and it might change as the process restarts.
Page 265 • Z—Zombie. HH:MM:SS:MSEC Running time since the most recent start. Name Process name. # Display state information for all processes. <Sysname> display process all PID %CPU %MEM STAT PRI THIRD TTY HH:MM:SS COMMAND 00:00:04 scmd 00:00:00 [kthreadd] 00:00:00 [migration/0] 00:00:05 [ksoftirqd/0] 00:00:00 [watchdog/0] 00:00:00 [events/0] 00:00:00 [khelper]...
Page 266: Display Process Cpu
TTY used by a process. This field displays a hyphen (-) for non-default MDCs. This field is not supported in the current software version. HH:MM:SS Running time since the most recent start. Name and parameters of a process. If square brackets ([ ]) exist in a process name, COMMAND the process is a kernel thread.
Page 267: Display Process Log
1 min: 4.7%; 5 mins: 4.7% Job ID of a process. It never changes. 5Sec CPU usage of the process within the last 5 seconds. 1Min CPU usage of the process within the last minute. 5Min CPU usage of the process within the last 5 minutes. Name of the process.
Page 268: Display Process Memory
pkg_update 12-17 07:10:30 12-17 07:10:31 Table 59 Command output Field Description Process Name of a user process. JobID Job ID of a user process. ID of a user process. Indicates whether the process exited abnormally: • Abort Y—Yes. • N—No. Indicates whether the process can generate core files: •...
Page 269: Display Process Memory Heap
cpu cpu-number: Specifies a CPU by its number. Usage guidelines When a user process starts, it requests the following types of memory from the system: • Text memory—Stores code for the user process. • Data memory—Stores data for the user process. •...
Page 270 display process memory heap job job-id [ verbose ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: display process memory heap job job-id [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin...
Page 271: Display Process Memory Heap Address
4096 8192 81920 Summary: Total virtual memory heap space (in bytes) 2293760 Total physical memory heap space (in bytes) : 58368 Total allocated memory (in bytes) 42368 Table 61 Command output Field Description Size Size of each memory block, in bytes. Free Number of free memory blocks.
Page 272: Display Process Memory Heap Size
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays memory content information on the active MPU.(In standalone mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF 2 member device or specifies a PEX.
Page 273: Exception Filepath
Parameters job job-id: Specifies a process by its job ID, in the range of 1 to 2147483647. size memory-size: Specifies the memory block size in the range of 1 to 4294967295. offset offset-size: Specifies an offset in the range of 0 to 4294967295. The default value is 128. For example, suppose the system allocates 100 16-byte memory blocks to process job 1, and the process has used 66 blocks.
Page 274: Monitor Kernel Deadloop Action
Default The default directory is the root directory of the flash: file system on the active MPU (in standalone mode) or global active MPU (in IRF mode). Views User view Predefined user roles network-admin mdc-admin Parameters directory: Specifies the directory for saving core files. Usage guidelines (In standalone mode.) The specified directory must be the root directory of a file system on the active MPU.
Page 275: Monitor Kernel Deadloop Enable
Default The system logs the kernel thread deadloop event. Views System view Predefined user roles network-admin Parameters reboot: Logs the event and reboots the specified slot or CPU. record-only: Logs the event. slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command specifies the action for the active MPU.
Page 276: Monitor Kernel Deadloop Exclude-Thread
Default Kernel thread deadloop detection is enabled. Views System view Predefined user roles network-admin Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the active MPU is specified. (In standalone mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF member device. If you do not specify this option, the global active MPU is specified.
Page 277: Monitor Kernel Deadloop Time
monitor kernel deadloop exclude-thread tid [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] undo monitor kernel deadloop exclude-thread [ tid ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default Kernel thread deadloop detection monitors all kernel threads. Views System view Predefined user roles...
Page 278: Monitor Kernel Starvation Enable
monitor kernel deadloop time time [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] undo monitor kernel deadloop time [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default The interval for identifying a kernel thread deadloop is 600 seconds. Views System view Predefined user roles...
Page 279: Monitor Kernel Starvation Exclude-Thread
monitor kernel starvation enable [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] undo monitor kernel starvation enable [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default Kernel thread starvation detection is disabled. Views System view Predefined user roles network-admin Parameters slot slot-number: Specifies a card by its slot number.
Page 280: Monitor Kernel Starvation Time
undo monitor kernel starvation exclude-thread [ tid ] [ slot slot-number [ cpu cpu-number ] ] In IRF mode: monitor kernel starvation exclude-thread tid [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] undo monitor kernel starvation exclude-thread [ tid ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default Kernel thread starvation detection, if enabled, monitors all kernel threads.
Page 281: Monitor Process
undo monitor kernel starvation time [ slot slot-number [ cpu cpu-number ] ] In IRF mode: monitor kernel starvation time time [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] undo monitor kernel starvation time [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default The interval for identifying a kernel thread starvation is 120 seconds.
Page 282 monitor process [ dumbtty ] [ iteration number ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin mdc-admin Parameters dumbtty: Specifies dumbtty mode. In this mode, the command displays process statistics in descending order of CPU usage without refreshing statistics.
Page 283 Commands Description Changes the maximum number of processes displayed within a screen, in the range of 0 to 2147483647. The default value is 10. A value of 0 means no limit. Only processes not exceeding the screen size can be displayed. Quits the interactive mode.
Page 284 5373 5373 1496K 00:00:00 0.51% 00:00:00 0.00% [kthreadd] 00:00:00 0.00% [migration/0] 00:00:00 0.00% [watchdog/0] 00:00:01 0.00% [events/0] 00:00:00 0.00% [khelper] 4796 4796 2744K 00:00:00 0.00% login 4797 4797 28832K 00:00:03 0.00% comsh Five seconds later, the system refreshes process statistics as follows (which is the same as executing the monitor process dumbtty command twice at a 5-second interval): 76 processes;...
Page 285 5491 5491 1500K 00:00:00 0.18% 00:00:00 0.00% [kthreadd] The system refreshes process statistics every 5 seconds. You can enter interactive commands to perform operation as follows: • Enter h or a question mark (?) to display help information as follows: Help for interactive commands: Show the available interactive commands Toggle SMP view: '1' single/separate states...
Page 286: Monitor Thread
• Enter k and then enter a JID to kill a process. If you enter 884, the process with the JID of 884 is killed. Enter the JID to kill: 884 84 processes; 107 threads; 683 fds Thread states: 1 running, 106 sleeping, 0 stopped, 0 zombie CPU states: 59.03% idle, 1.92% user, 37.88% kernel, 1.15% interrupt Memory: 755M total, 419M available, page size 4K State...
Page 287 Views Any view Predefined user roles network-admin mdc-admin Parameters dumbtty: Specifies dumbtty mode. In this mode, the command displays all thread statistics in descending order of CPU usage without refreshing statistics. If you do not specify the keyword, the command displays statistics for top 10 processes in descending order of CPU usage in an interactive mode, and refreshes statistics every 5 seconds by default.
Page 288 CPU states: 83.19% idle, 1.68% user, 10.08% kernel, 5.04% interrupt Memory: 755M total, 417M available, page size 4K LAST_CPU State HH:MM:SS Name 1175 1175 00:00:00 10.75% 00:00:06 2.68% scmd 00:00:09 2.01% diagd 00:00:01 0.67% [DEVD] 00:00:11 0.67% devd 00:00:00 0.00% [kthreadd] 00:00:01 0.00%...
Page 289 Enter the delay interval between screen updates (1~2147483647): 3 • Enter n, and then enter a number to modify the maximum number of displayed threads. If you enter 5, statistics for five threads are displayed. Enter the max number of threads to display(0 means unlimited): 5 84 processes;...
Page 290: Process Core
Name of a thread. If square brackets ([ ]) exist in a thread name, the thread is a Name kernel thread. process core Use process core to enable or disable a process to generate core files for exceptions and set the maximum number of core files.
Page 291: Reset Exception Context
Because the core files consume system storage resources, you can disable core file generation for processes for which you do not need to review exception information. Examples # Disable core file generation for process routed. <Sysname> process core off name routed # Enable core file generation for process routed and set the maximum number of core files to 5.
Page 292: Reset Kernel Exception
reset kernel deadloop [ slot slot-number [ cpu cpu-number ] ] In IRF mode: reset kernel deadloop [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread deadloop information for the active MPU.
Page 293: Reset Kernel Reboot
Related commands display kernel exception reset kernel reboot Use reset kernel reboot to clear kernel thread reboot information. Syntax In standalone mode: reset kernel reboot [ slot slot-number [ cpu cpu-number ] ] In IRF mode: reset kernel reboot [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles...
Page 294 Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread starvation information for the active MPU. (In standalone mode.) chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. If you do not specify this option, the command clears kernel thread starvation information for the global active MPU.
Page 295: Sampler Commands
Sampler commands display sampler Use display sampler to display configuration information for a sampler. Syntax In standalone mode: display sampler [ sampler-name ] [ slot slot-number ] In IRF mode: display sampler [ sampler-name ] [ chassis chassis-number slot slot-number ] Views Any view Predefined user roles...
Page 296: Sampler
sampler Use sampler to create a sampler. Use undo sampler to delete a sampler. Syntax sampler sampler-name mode fixed packet-interval n-power rate undo sampler sampler-name Default No samplers exist. Views System view Predefined user roles network-admin mdc-admin Parameters sampler-name: Specifies a sampler by its name, a case-insensitive string of 1 to 31 characters. fixed: Specifies the fixed sampling mode.
Page 297: Port Mirroring Commands
Port mirroring commands display mirroring-group Use display mirroring-group to display mirroring group information. Syntax display mirroring-group { group-id | all | local | remote-destination | remote-source } Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters group-id: Specifies a mirroring group by its number. The value range for this argument is 1 to 16. all: Specifies all mirroring groups.
Page 298: Mirroring-Group
Field Description Type of the mirroring group: • Local. Type • Remote source. • Remote destination. Status of the mirroring group: • Active—The mirroring group has taken effect. Status • Incomplete—The mirroring group configuration is not complete and does not take effect. Mirroring port Source port.
Page 299 Use undo mirroring-group mirroring-cpu to remove source CPUs from a mirroring group. Syntax In standalone mode: mirroring-group group-id mirroring-cpu slot slot-number-list { both | inbound | outbound } undo mirroring-group group-id mirroring-cpu slot slot-number-list In IRF mode: mirroring-group group-id mirroring-cpu chassis chassis-number slot slot-number-list { both | inbound | outbound } undo mirroring-group group-id mirroring-cpu chassis chassis-number slot slot-number-list Default...
Page 300: Mirroring-Group Mirroring-Port (Interface View)
mirroring-group mirroring-port (interface view) Use mirroring-group mirroring-port to configure a port as a source port for a mirroring group. Use undo mirroring-group mirroring-port to restore the default. Syntax mirroring-group group-id mirroring-port { both | inbound | outbound } undo mirroring-group group-id mirroring-port Default A port does not act as a source port for any mirroring groups.
Page 301: Mirroring-Group Mirroring-Port (System View)
mirroring-group mirroring-port (system view) Use mirroring-group mirroring-port to configure source ports for a mirroring group. Use undo mirroring-group mirroring-port to remove source ports from a mirroring group. Syntax mirroring-group group-id mirroring-port interface-list { both | inbound | outbound } undo mirroring-group group-id mirroring-port interface-list Default No source port is configured for a mirroring group.
Page 302: Mirroring-Group Monitor-Egress
Related commands mirroring-group mirroring-group monitor-egress Use mirroring-group monitor-egress to configure the egress port for a remote source group. Use undo mirroring-group monitor-egress to restore the default. Syntax In system view: mirroring-group group-id monitor-egress interface-type interface-number undo mirroring-group group-id monitor-egress interface-type interface-number In interface view: mirroring-group group-id monitor-egress undo mirroring-group group-id monitor-egress...
Page 303: Mirroring-Group Monitor-Port (Interface View)
<Sysname> system-view [Sysname] mirroring-group 1 remote-source [Sysname] mirroring-group 1 monitor-egress ten-gigabitethernet 1/0/1 # Create remote source group 2. Configure Ten-GigabitEthernet 1/0/2 as its egress port in interface view. <Sysname> system-view [Sysname] mirroring-group 2 remote-source [Sysname] interface ten-gigabitethernet 1/0/2 [Sysname-Ten-GigabitEthernet1/0/2] mirroring-group 2 monitor-egress Related commands mirroring-group mirroring-group monitor-port (interface view)
Page 304: Mirroring-Group Monitor-Port (System View)
Examples # Create local mirroring group 1 and configure Ten-GigabitEthernet 1/0/1 as its monitor port. <Sysname> system-view [Sysname] mirroring-group 1 local [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] mirroring-group 1 monitor-port # Create remote destination group 2 and configure Ten-GigabitEthernet 1/0/2 as its monitor port. <Sysname>...
Page 305: Mirroring-Group Reflector-Port
A Layer 2 or Layer 3 aggregate interface cannot be configured as the monitor port for a Layer 2 remote destination group. The member port of an existing mirroring group cannot be configured as a monitor port. The member port of an aggregate interface cannot be configured as a monitor port. Examples # Create local mirroring group 1 and configure Ten-GigabitEthernet 1/0/1 as its monitor port.
Page 306: Mirroring-Group Remote-Probe Vlan
Parameters group-id: Specifies a mirroring group by its number. The specified mirroring group must already exist. The value range for this argument is 1 to 16. interface-type interface-number: Specifies a port by its type and number. Usage guidelines You can configure reflector ports only for remote source groups. Do not assign the reflector port of a mirroring group to a source VLAN of the mirroring group.
Page 307 undo mirroring-group group-id remote-probe vlan vlan-id Default No remote probe VLAN is configured for a mirroring group. Views System view Predefined user roles network-admin mdc-admin Parameters group-id: Specifies a mirroring group by its number. The specified mirroring group must already exist. The value range for this argument is 1 to 16.
Page 308: Flow Mirroring Commands
Flow mirroring commands mirror-to cpu Use mirror-to cpu to configure a mirroring action that mirrors traffic to the CPU. Use undo mirror-to cpu to delete the mirroring action that mirrors traffic to the CPU. Syntax mirror-to cpu undo mirror-to cpu Default No mirroring action exists to mirror traffic to the CPU.
Page 309 Usage guidelines You can execute this command multiple times for a traffic behavior to mirror traffic to different interfaces. The encapsulation parameters for the mirrored packets are available only when the mirrored packets are sent out of Ethernet interfaces. Examples # Create traffic behavior 1 and configure the action of mirroring traffic to Ten-GigabitEthernet 1/0/1 for the traffic behavior.
Page 310: Netstream Configuration Commands
NetStream configuration commands display ip netstream cache Use display ip netstream cache to display NetStream entry information. Syntax In standalone mode: display ip netstream cache [ verbose ] [ type { ip | ipl2 | l2 | mpls [ label-position1 label-value1 [ label-position2 label-value2 [ label-position3 label-value3 ] ] ] } ] [ destination destination-ip | interface interface-type interface-number | source source-ip ] * [ slot slot-number ] In IRF mode:...
Page 311 slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information about NetStream entries for all cards. (In standalone mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF member device or specifies a PEX.
Page 312 11.1.1.1(1024) 11.1.1.2(21) 128 N/A GE1/0/1 (I) 42996 TCPFlag: DstMask: SrcMask: NextHop: 0.0.0.0 DstAS: SrcAS: BGPNextHop: 0.0.0.0 InVRF: SamplerMode: SamplerInt: Active: 120.600 Bytes/Pkt: First packet arrived: 10/28/2013, 14:10:03 Last packet arrived: 10/28/2013, 14:21:03 0012-3f86-e94c(10) 0012-3f86-e86a(0) GE1/0/1(I) 1253 SamplerMode: SamplerInt: Active: 5.510 Bytes/Pkt: First packet arrived: 10/28/2013, 14:10:00 Last packet arrived:...
Page 313 Field Description This field is not supported in the current software version. Distribution of IP packets by packet size, and the bracketed IP packet size distribution (0 packets in number is the total number of IP packets. total) The value is displayed in the proportion of the number of IP packets of the specified sizes to the total number of IP packets, and the value is displayed with 3 decimal places.
Page 314: Display Ip Netstream Export
Field Description Layer 2 information of the active flows in the current cache: • Destination MAC address. • DstMAC(VLAN) SrcMAC(VLAN) Destination VLAN ID. • Source MAC address. • Source VLAN ID. This field is not supported in the current software version. Information about the active MPLS flows in the current cache: •...
Page 315 Usage guidelines IP NetStream export information varies by aggregation mode. This command displays IP NetStream export information for all the configured aggregation modes. Examples # Display information about the NetStream data export. <Sysname> display ip netstream export IP export information: Flow source interface : GigabitEthernet1/0/1 Flow destination VPN instance...
Page 316: Display Ip Netstream Template
Field Description Version 5 exported flows number Number of flows that are exported in version 5 format. Number of UDP packets that are sent in version 5 format. The Version 5 exported UDP datagram field in the parentheses indicates the number of UDP packets that number (failed) failed to be sent.
Page 317 Usage guidelines IP NetStream templates vary by aggregation mode. This command displays IP NetStream template information for all the configured aggregation modes. Examples # Display NetStream template information. <Sysname> display ip netstream template Flow template refresh frequency : 20 Flow template refresh interval : 30 min Active flow templates Created flow templates...
Page 318: Enable
L4 destination port Sampling algorithm Sampling interval Table 70 Command output Field Description Flow template refresh frequency Refresh frequency at which the templates are sent, in packets. Flow template refresh interval Refresh interval at which the templates are sent, in minutes. Active flow templates Number of active NetStream templates.
Page 319: Ip Netstream
Default No NetStream aggregation mode is enabled. Views NetStream aggregation mode view Predefined user roles network-admin mdc-admin Examples # Enable NetStream destination-prefix aggregation mode. <Sysname> system-view [Sysname] ip netstream aggregation destination-prefix [Sysname-ns-aggregation-dstpre] enable Related commands ip netstream aggregation ip netstream Use ip netstream to enable NetStream on an interface.
Page 320 Use undo ip netstream aggregation to remove the configuration for a NetStream aggregation mode. Syntax ip netstream aggregation { destination-prefix | prefix | prefix-port | protocol-port | source-prefix | tos-destination-prefix | tos-prefix | tos-protocol-port | tos-source-prefix } undo ip netstream aggregation { destination-prefix | prefix | prefix-port | protocol-port | source-prefix | tos-destination-prefix | tos-prefix | tos-protocol-port | tos-source-prefix } Default No NetStream aggregation mode is specified.
Page 321: Ip Netstream Aggregation Advanced
tos-prefix: Specifies the ToS-prefix aggregation by the following criteria: • ToS. • Source AS number. • Source prefix. • Source address mask length. • Destination AS number. • Destination address mask length. • Destination prefix. • Inbound interface index. • Outbound interface index.
Page 322: Ip Netstream Export Host
Predefined user roles network-admin mdc-admin Usage guidelines The hardware aggregation does not take effect if the destination host is configured for NetStream traditional data export. The NetStream hardware aggregation entries are stored in the same cache as NetStream traditional data entries and are exportable. Examples # Enable NetStream hardware aggregation.
Page 323: Ip Netstream Export Rate
If no destination host is specified in a NetStream aggregation mode view, the destination host in system view applies. If destination hosts are specified in a NetStream aggregation view and system view, the destination hosts in aggregation view take effect. You can specify a maximum of four destination hosts in system view or a NetStream aggregation mode view.
Page 324: Ip Netstream Export Source
[Sysname] ip netstream export rate 10 ip netstream export source Use ip netstream export source to specify the source interface for data packets sent to NetStream servers. Use undo ip netstream export source to restore the default. Syntax ip netstream export source interface interface-type interface-number undo ip netstream export source Default The packets take the IP address of the output interface as the source IP address.
Page 325: Ip Netstream Export Version
Syntax ip netstream export template refresh-rate { packet packets | time minutes } undo ip netstream export template refresh-rate { packet | time } Default The packet count-based refresh rate is 20 packets, and the time-based refresh interval is 30 minutes.
Page 326: Ip Netstream Filter
Views System view Predefined user roles network-admin mdc-admin Parameters origin-as: Records the source AS of the source address and the destination AS of the destination address. peer-as: Records the ASs before and after the AS where the NetStream device resides as the source AS and destination AS, respectively.
Page 327: Ip Netstream Sampler
Predefined user roles network-admin mdc-admin Parameters inbound: Filters incoming traffic. outbound: Filters outgoing traffic. acl ipv4-acl-number: Specifies an IPv4 ACL by its number. The value range is 2000 to 2999 for basic ACLs, 3000 to 3999 for advanced ACLs, and 4000 to 4999 for Layer 2 ACLs. Usage guidelines NetStream filtering uses an ACL to identify intended packets.
Page 328: Ip Netstream Timeout Active
<Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] ip netstream inbound [Sysname-GigabitEthernet1/0/1] ip netstream inbound sampler abc ip netstream timeout active Use ip netstream timeout active to set the aging timer for active flows. Use undo ip netstream timeout active to restore the default. Syntax ip netstream timeout active minutes undo ip netstream timeout active...
Page 329: Reset Ip Netstream Statistics
Views System view Predefined user roles network-admin mdc-admin Parameters seconds: Sets the aging timer for inactive flows, in the range of 10 to 320 seconds. Usage guidelines A flow is considered inactive if no packet for the NetStream entry arrives before the timer set by this command expires.
Page 330: Ipv6 Netstream Commands
IPv6 NetStream commands display ipv6 netstream cache Use display ipv6 netstream cache to display IPv6 NetStream entry information. Syntax In standalone mode: display ipv6 netstream cache [ slot slot-number ] [ verbose ] In IRF mode: display ipv6 netstream cache [ chassis chassis-number slot slot-number ] [ verbose ] Views Any view Predefined user roles...
Page 331 1-32 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 576 1024 1536 2048 2560 3072 3584 4096 4608 >4608 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 Protocol Total Packets Flows Packets Active(sec) Idle(sec) Flows /sec...
Page 332 number is the total number of IPv6 packets. The value is displayed in the proportion of the number of IPv6 packets of the specified sizes to the total number of IPv6 packets. The value is displayed with three decimal places. This field is not supported in the current software version.
Page 333: Display Ipv6 Netstream Export
• Type of the labels at the top of the label stack: IP address associated with the label.  Mask associated with the label.  • Label list: Lbl—20-bit label value.  Exp—3-bit field for implementing QoS.  S—1-bit bottom of stack flag. The S field is set to 1 if ...
Page 334: Display Ipv6 Netstream Template
Flow destination VPN instance : Not specified Flow destination IP address (UDP) : 40::1 (30000) Version 9 exported flows number : 16 Version 9 exported UDP datagram number (failed) : 2 (0) Version 10 exported flows number Version 10 exported UDP datagram number (failed) : 0 (0) IPv6 export information: Flow source interface...
Page 335 Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Parameters slot slot-number: Specifies a card by its slot number. If you do not specify a card, the command displays IPv6 NetStream template information for the active MPU. (In standalone mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF member device or specifies a PEX.
Page 336 Sampling interval Protocol-port inbound template: Template ID : 3257 Field count : 14 Field type Field length (bytes) --------------------------------------------------------------------------- Flows In packets In bytes First forwarded Last forwarded Protocol IP protocol version Direction L4 source port L4 destination port Sampling algorithm Sampling interval Table 73 Command output Field...
Page 337: Enable
accurate to milliseconds. Direction Traffic direction. L4 source port Source UDP or TCP port. L4 destination port Destination UDP or TCP port. Padding string. Sampling interval Sampling rate. enable Use enable to enable an IPv6 NetStream aggregation mode. Use undo enable to disable an IPv6 NetStream aggregation mode. Syntax enable undo enable...
Page 338: Ipv6 Netstream Aggregation
Predefined user roles network-admin mdc-admin Parameters inbound: Enables IPv6 NetStream for incoming traffic. outbound: Enables IPv6 NetStream for outgoing traffic. Examples # Enable NetStream for incoming traffic on GigabitEthernet1/0/1. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] ipv6 netstream inbound ipv6 netstream aggregation Use ipv6 netstream aggregation to specify an IPv6 NetStream aggregation mode and enter its view.
Page 339: Ipv6 Netstream Aggregation Advanced
source-prefix: Specifies the source-prefix aggregation by source AS number, source address mask length, source prefix, and input interface index. Usage guidelines In IPv6 NetStream aggregation mode view, you can perform the following tasks: • Enable or disable the specified IPv6 NetStream aggregation mode. •...
Page 340: Ipv6 Netstream Export Host
Related commands ipv6 netstream export host ipv6 netstream aggregation ipv6 netstream export host Use ipv6 netstream export host to specify a destination host for IPv6 NetStream data export. Use undo ipv6 netstream export host to remove the specified destination host or all destination hosts that are configured in the current view.
Page 341: Ipv6 Netstream Export Rate
Examples # In system view, specify 40::1 as the IP address of the destination host and UDP port 5000 as the export destination port number. <Sysname> system-view [Sysname] ipv6 netstream export host 40::1 5000 Related commands ipv6 netstream aggregation ipv6 netstream export source ipv6 netstream export rate Use ipv6 netstream export rate to limit the IPv6 NetStream data export rate.
Page 342: Ipv6 Netstream Export Template Refresh-Rate
undo ipv6 netstream export source Default The packets take the IPv6 address of the output interface as the source IPv6 address. Views System view IPv6 NetStream aggregation mode view Predefined user roles network-admin mdc-admin Parameters interface-type interface-number: Specifies a source interface by its type and number for the IPv6 NetStream data export.
Page 343: Ipv6 Netstream Export Version
Views System view Predefined user roles network-admin mdc-admin Parameters packet packets: Specifies the number of packets that are sent before the template is sent. The value range is 1 to 600. time minutes: Specifies the interval at which the template is sent, in the range of 1 to 3600 minutes. Usage guidelines Version 9 and version 10 are template-based and support user-defined formats.
Page 344: Ipv6 Netstream Filter
peer-as: Records the ASs before and after the AS where the NetStream device resides as the source AS and destination AS, respectively. bgp-nexthop: Records BGP next hops. Usage guidelines Only one version format can take effect on the device. If you execute the ipv6 netstream export version command multiple times, the most recent configuration takes effect.
Page 345: Ipv6 Netstream Sampler
Examples # Use ACL 2003 for outbound IPv6 NetStream filtering on GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] ipv6 netstream outbound [Sysname-GigabitEthernet1/0/1] ipv6 netstream outbound filter acl 2003 ipv6 netstream sampler Use ipv6 netstream sampler to enable IPv6 NetStream sampling. Use undo ipv6 netstream sampler to disable IPv6 NetStream sampling.
Page 346: Ipv6 Netstream Timeout Inactive
Views System view Predefined user roles network-admin mdc-admin Parameters minutes: Sets the aging timer for active flows, in the range of 1 to 5 minutes. Usage guidelines A flow is considered active if packets for the IPv6 NetStream entry arrive before the timer set by this command expires.
Page 347: Reset Ipv6 Netstream Statistics
Related commands ipv6 netstream timeout active reset ipv6 netstream statistics Use reset ipv6 netstream statistics to age out all flows in the cache and export IPv6 NetStream data. Syntax reset ipv6 netstream statistics Views User view Predefined user roles network-admin mdc-admin Usage guidelines It takes the system several minutes to execute the command.
Page 348: Sflow Commands
sFlow commands display sflow Use display sflow to display sFlow configuration and operation information. Syntax display sflow Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Examples # Display sFlow configuration and operation information. <Sysname> display sflow sFlow datagram version: 5 Global information: Agent IP: 10.10.10.1(CLI) Source address: 10.0.0.1 2001::1...
Page 349: Sflow Agent
Field Description Port sFlow collector port. Remaining lifetime of the sFlow collector. If this field displays N/A, the sFlow Aging collector never ages out. Size Maximum length of the sFlow data portion in an sFlow packet. VPN-instance Name of the VPN instance to which the sFlow collector belongs. Description Description of the sFlow collector.
Page 350: Sflow Collector
Parameters ip ipv4-address: Specifies an IPv4 address for the sFlow agent. ipv6 ipv6-address: Specifies an IPv6 address for the sFlow agent. Usage guidelines As a best practice, manually configure an IP address for the sFlow agent. If you execute this command multiple times, the most recent configuration takes effect. Examples # Specify IP address 10.10.10.1 for the sFlow agent.
Page 351: Sflow Counter Collector
Examples # Configure the following parameters for sFlow collector 2: • IP address—3.3.3.1. • Port number—Default. • Description—netserver. • Aging timer—1200 seconds. • Maximum length of the sFlow data portion in the sFlow packet—1000 bytes. <Sysname> system-view [Sysname] sflow collector 2 ip 3.3.3.1 description netserver time-out 1200 datagram-size 1000 sflow counter collector Use sflow counter collector to specify an sFlow collector for counter sampling.
Page 352: Sflow Flow Collector
Default Counter sampling is disabled. Views Layer 2 Ethernet interface view Layer 3 Ethernet interface view Predefined user roles network-admin mdc-admin Parameters interval: Specifies the counter sampling interval in the range of 2 to 86400 seconds. Examples # Enable counter sampling and set the counter sampling interval to 120 seconds on Ten-GigabitEthernet 1/0/1.
Page 353: Sflow Flow Max-Header
sflow flow max-header Use sflow flow max-header to set the maximum number of bytes (starting from the packet header) that flow sampling can copy per packet. Use undo sflow flow max-header to restore the default. Syntax sflow flow max-header length undo sflow flow max-header Default Flow sampling can copy up to 128 bytes of a packet.
Page 354: Sflow Sampling-Rate
Parameters determine: Specifies the fixed sampling mode. For example, if the flow sampling interval is set to 4000 (by using the sflow sampling-rate command), the device samples packets as follows: • The device randomly samples a packet, like the tenth packet, from the first 4000 packets. •...
Page 355: Sflow Source
Examples # Enable flow sampling to sample a packet out of 32768 packets on Ten-GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface ten-gigabitethernet 1/0/1 [Sysname-Ten-GigabitEthernet1/0/1] sflow sampling-rate 32768 Related commands sflow sampling-mode sflow source Use sflow source to specify the source IP address of sent sFlow packets. Use undo sflow source to restore the default.
Page 356: Information Center Commands
Information center commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. diagnostic-logfile save Use diagnostic-logfile save to manually save diagnostic logs from the diagnostic log file buffer to the diagnostic log file.
Page 357: Display Info-Center
network-operator mdc-admin mdc-operator Examples # Display the diagnostic log file configuration. <Sysname> display diagnostic-logfile summary Diagnostic log file: Enabled. Diagnostic log file size quota: 10 MB Diagnostic log file directory: flash:/diagfile Writing frequency: 24 hour 0 min 0 sec Table 75 Command output Field Description Status of the diagnostic log file:...
Page 358: Display Logbuffer
Log buffer: Enabled Max buffer size 1024, current buffer size 512, Current messages 0, dropped messages 0, overwritten messages 0 Log file: Enabled Security log file: Enabled Information timestamp format: Log host: Date Other output destination: Date display logbuffer Use display logbuffer to display the state of the log buffer and the log information in the log buffer. Syntax In standalone mode: display logbuffer [ reverse ] [ level severity | size buffersize | slot slot-number ] *...
Page 359 Severity Keyword in Level Description value commands Normal but significant condition. For example, a terminal Notification notification logs in to the device, or the device reboots. Informational message. For example, a command or a Informational informational ping operation is executed. Debugging Debugging message.
Page 360: Display Logbuffer Summary
display logbuffer summary Use display logbuffer summary to display the summary of the log buffer. Syntax In standalone mode: display logbuffer summary [ level severity | slot slot-number ] * In IRF mode: display logbuffer summary [ level severity | chassis chassis-number slot slot-number ] * Views Any view Predefined user roles...
Page 361: Display Logfile Summary
display logfile summary Use display logfile summary to display the log file configuration. Syntax display logfile summary Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Examples # Display the log file configuration. <Sysname> display logfile summary Log file: Enabled. Log file size quota: 10 MB Log file directory: flash:/logfile Writing frequency: 0 hour 1 min 10 sec...
Page 362: Enable Log Updown
Examples # Display the summary of the security log file. <Sysname> display security-logfile summary Security log file: Enabled Security log file size quota: 10 MB Security log file directory: flash:/seclog Alarm threshold: 80% Current usage: 30% Writing frequency: 1 hour 0 min 0 sec Table 80 Command output Field Description...
Page 363: Info-Center Diagnostic-Logfile Directory
[Sysname-Ten-GigabitEthernet1/0/1] undo enable log updown info-center diagnostic-logfile directory Use info-center diagnostic-logfile directory to configure the directory to save the diagnostic log file. Syntax info-center diagnostic-logfile directory dir-name Default The diagnostic log file directory is flash:/diagfile. Views System view Predefined user roles network-admin mdc-admin Parameters...
Page 364: Info-Center Diagnostic-Logfile Frequency
Predefined user roles network-admin mdc-admin Usage guidelines This command enables saving diagnostic logs to the diagnostic log file for centralized management. Users can view the diagnostic logs to monitor device activities and to troubleshoot problems. Examples # Enable saving diagnostic logs to the diagnostic log file. <Sysname>...
Page 365: Info-Center Enable
Syntax info-center diagnostic-logfile quota size undo info-center diagnostic-logfile quota Default The maximum size for the diagnostic log file is 10 MB. Views System view Predefined user roles network-admin mdc-admin Parameters size: Specifies the maximum size for the diagnostic log file, in MB. The value range is 1 to 10. Examples # Set the maximum size to 6 MB for the diagnostic log file.
Page 366: Info-Center Logbuffer
Syntax info-center format { cmcc | unicom } undo info-center format Default Logs are sent to log hosts in standard format. Views System view Predefined user roles network-admin mdc-admin Parameters cmcc: Specifies the China Mobile Communications Corporation (cmcc) format. unicom: Specifies the China Unicom (unicom) format. Usage guidelines Logs can be sent to log hosts in standard, unicom, or cmcc format.
Page 367: Info-Center Logbuffer Size
Related commands display logbuffer info-center enable info-center logbuffer size Use info-center logbuffer size to set the maximum number of logs that can be stored in the log buffer. Use undo info-center logbuffer size to restore the default. Syntax info-center logbuffer size buffersize undo info-center logbuffer size Default The log buffer can store a maximum of 512 logs.
Page 368: Info-Center Logfile Enable
Predefined user roles network-admin mdc-admin Parameters dir-name: Specifies a directory by its name, a string of 1 to 64 characters. Usage guidelines The specified log file directory must have been created. The log file uses the .log extension. (In standalone mode.) This command cannot survive a reboot or an active/standby switchover. (In IRF mode.) This command cannot survive an IRF reboot or a global active/standby switchover in an IRF fabric.
Page 369: Info-Center Logfile Frequency
info-center logfile frequency Use info-center logfile frequency to configure the interval at which the system saves logs from the log file buffer to the log file. Use undo info-center logfile frequency to restore the default. Syntax info-center logfile frequency freq-sec undo info-center logfile frequency Default The log file saving interval is 86400 seconds.
Page 370: Info-Center Logfile Size-Quota
Parameters all-port-powerdown: Shuts down all the service ports on the device when no log file space or storage device space is available. If you do not specify this keyword, the device does not shut down service ports when no log file space or storage device space is available. Usage guidelines This command is available only in FIPS mode.
Page 371 undo info-center logging suppress duplicates Default Duplicate log suppression is disabled. Views System view Predefined user roles network-admin mdc-admin Usage guidelines Outputting consecutive duplicate logs at an interval of less than 30 seconds wastes system and network resources. With this feature enabled, the system starts a suppression period when outputting a new log: •...
Page 372: Info-Center Logging Suppress Module
%Jan 1 07:30:19:542 2000 Sysname CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=[12]-CommandSource=[2]-ConfigSource=[4]-ConfigDestination=[2]; Configuration is changed. The output shows that a different log is generated during the suppression period. %Jan 1 07:30:24:643 2000 Sysname ARP/6/DUPIFIP: Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-0058-123d %Jan 1 07:30:55:645 2000 Sysname ARP/6/DUPIFIP: Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-0058-123d This message repeated 4 times in last 30 seconds.
Page 373: Info-Center Loghost
Related commands info-center source info-center loghost Use info-center loghost to specify a log host and to configure output parameters. Use undo info-center loghost to remove a log host. Syntax info-center loghost [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address } [ port port-number ] [ facility local-number ] undo info-center loghost [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address }...
Page 374: Info-Center Loghost Source
info-center loghost source Use info-center loghost source to specify a source IP address for logs sent to log hosts. Use undo info-center loghost source to restore the default. Syntax info-center loghost source interface-type interface-number undo info-center loghost source Default The source IP address of logs sent to log hosts is the primary IP address of the outgoing interface. Views System view Predefined user roles...
Page 375: Info-Center Security-Logfile Directory
Predefined user roles network-admin mdc-admin Parameters usage: Specifies an alarm threshold. The value must be an integer in the range of 1 to 100. Usage guidelines When the security log file is full, the system deletes the oldest logs and then writes new logs to the security log file.
Page 376: Info-Center Security-Logfile Enable
info-center security-logfile enable Use info-center security-logfile enable to enable saving of security logs to the security log file. Use undo info-center security-logfile enable to restore the default. Syntax info-center security-logfile enable undo info-center security-logfile enable Default The saving of security logs to the security log file is disabled. Views System view Predefined user roles...
Page 377: Info-Center Security-Logfile Size-Quota
Usage guidelines The system outputs security logs to the security log file buffer, and then saves the buffered logs to the security log file at the specified interval. Examples # Set the security log file saving interval to 600 seconds. <Sysname>...
Page 378 Default Table 81 lists the default log output rules. Table 81 Default output rules Source Destinatio module Common log Security log Diagnostic log Hidden log Console supported debugging Disabled Disabled Disabled modules Monitor supported debugging Disabled Disabled Disabled terminal modules Log host supported informational...
Page 379: Info-Center Synchronous
level severity: Specifies a severity level in the range of 0 to 7. The smaller the severity value, the higher the severity level. See Table 76 for more information. Logs at the specified severity level and higher levels are allowed or denied to be output. Usage guidelines If you do not set an output rule for a module, the module uses the output rule set by using the default keyword.
Page 380: Info-Center Syslog Min-Age
[Sysname] info-center synchronous Info-center synchronous output is on [Sysname] display current- At this time, the system receives log information. It displays the log information first, and then displays your previous input, which is display current- in this example. %May 21 14:33:19:425 2007 Sysname SHELL/4/LOGIN: VTY login from 192.168.1.44 [Sysname] display current- Enter configuration to complete the display current-configuration command, and press the Enter key to execute the command.
Page 381: Info-Center Timestamp
info-center timestamp Use info-center timestamp to set the timestamp format for logs sent to the console, monitor terminal, log buffer, and log file. Use undo info-center timestamp to restore the default. Syntax info-center timestamp { boot | date | none } undo info-center timestamp Default The timestamp format for logs sent to the console, monitor terminal, log buffer, and log file is date.
Page 382: Info-Center Trace-Logfile Quota
Default The timestamp format for logs sent to log hosts is date. Views System view Predefined user roles network-admin mdc-admin Parameters date: Sets the timestamp format to mmm dd hh:mm:ss yyyy, such as Dec 8 10:12:21 2007. The date time shows the current system time. iso: Sets the ISO 8601 timestamp format, for example, 2009-09-21T15:32:55.
Page 383: Logfile Save
<Sysname> system-view [Sysname] info-center trace-logfile quota 6 logfile save Use logfile save to manually save logs in the log file buffer to the log file. Syntax logfile save Views Any view Predefined user roles network-admin mdc-admin Usage guidelines You can specify the directory to save the log file by using the info-center logfile directory command.
Page 384: Security-Logfile Save
Related commands display logbuffer security-logfile save Use security-logfile save to manually save security logs from the security log file buffer to the security log file. Syntax security-logfile save Views Any view Predefined user roles security-audit Usage guidelines The system clears the security log file buffer after saving the buffered security logs to the security log file automatically or manually.
Page 385: Terminal Logging Level
mdc-admin Usage guidelines To enable display of debug information on the console, perform the following tasks: Execute the terminal debugging command. Enable the information center. The information center is enabled by default. Use a debugging command to enable the related debugging. To enable display of debug information on the current terminal, perform the following tasks: Execute the terminal monitor and terminal debugging commands.
Page 386: Terminal Monitor
mdc-admin Parameters severity: Specifies a log severity level in the range of 0 to 7. Usage guidelines This command enables the device to output logs with a severity level higher than or equal to the specified level to the current terminal. For example, if you set the severity argument to 6, logs with a severity value from 0 to 6 are output to the current terminal.
Page 387: Gold Commands
GOLD commands diagnostic event-log size Use diagnostic event-log size to configure the maximum number of GOLD log entries. Use undo diagnostic event-log size to restore the default. Syntax diagnostic event-log size number undo diagnostic event-log size Default GOLD can save up to 512 log entries. Views System view Predefined user roles...
Page 388: Diagnostic Monitor Interval
Default The status of monitoring diagnostics varies by test. Use the display diagnostic content command to view the status of monitoring diagnostics for a test. Views System view Predefined user roles network-admin Parameters slot slot-number-list: Specifies a space-separated list of up to seven slot number items. An item specifies a card by its slot number or specifies a range of cards in the form of start-slot-number to end-slot-number.
Page 389: Diagnostic Ondemand Failure
diagnostic monitor interval chassis chassis-number slot slot-number-list [ test test-name ] time interval undo diagnostic monitor interval chassis chassis-number slot slot-number-list [ test test-name ] Default The execution interval varies by test. Use the display diagnostic content command to view the execution interval for a test.
Page 390: Diagnostic Ondemand Repeating
Use undo diagnostic ondemand failure to restore the default. Syntax diagnostic ondemand failure failure-number undo diagnostic ondemand failure Default The maximum number of failed on-demand diagnostic tests is not specified. Views User view Predefined user roles network-admin Parameters failure-number: Specifies the maximum number of failed tests, in the range of 1 to 999. Usage guidelines After you use the diagnostic ondemand start command to enable on-demand diagnostics, you can stop the diagnostic tests by using any of the following commands:...
Page 391: Diagnostic Ondemand Start
Views User view Predefined user roles network-admin Parameters repeating-number: Specifies the number of executions for on-demand diagnostic tests, in the range of 1 to 999. Usage guidelines Use this command to configure the number of executions for diagnostic tests to be enabled. This command does not survive a device reboot.
Page 392: Diagnostic Ondemand Stop
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. An item specifies a card or a PEX by its slot number or specifies a range of cards or PEXs in the form of start-slot-number to end-slot-number. The end slot number must be equal to or greater than the start slot number.
Page 393: Diagnostic Simulation
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. An item specifies a card or a PEX by its slot number or specifies a range of cards or PEXs in the form of start-slot-number to end-slot-number. The end slot number must be equal to or greater than the start slot number.
Page 394: Display Diagnostic Content
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. An item specifies a card or a PEX by its slot number or specifies a range of cards or PEXs in the form of start-slot-number to end-slot-number. The end slot number must be equal to or greater than the start slot number.
Page 395 verbose: Displays detailed information about diagnostic tests. If you do not specify this keyword, the command displays brief information about the diagnostic tests. Examples # (In standalone mode.) Display brief information about all diagnostic tests on the specified slot. <Sysname> display diagnostic content slot 1 Diagnostic test suite attributes: #B/*: Bootup test/NA #O/*: Ondemand test/NA...
Page 396 Test name : TaskMonitor Test attributes : **M*PA Test interval : 00:00:10 Min interval : 00:00:10 Correct-action : -NA- Description : A Real-time test, enabled by default that checks the importan t tasks. Exec : -NA- Test name : PortMonitor Test attributes : **M*PA Test interval...
Page 397: Display Diagnostic Event-Log
display diagnostic event-log Use display diagnostic event-log to display GOLD log entries. Syntax display diagnostic event-log [ error | info ] Views Any view Predefined user roles network-admin network-operator Parameters error: Displays all error log entries. info: Displays all log entries except error log entries. Usage guidelines If you do not specify the error and info keywords, the command displays all GOLD log entries.
Page 398: Display Diagnostic Result
<Sysname> display diagnostic ondemand configuration Maximum test-repeating times: 4 Maximum test-failure times: 1 Related commands diagnostic ondemand failure diagnostic ondemand repeating display diagnostic result Use display diagnostic result to display test results. Syntax In standalone mode: display diagnostic result [ slot slot-number [ test test-name ] ] [ verbose ] In IRF mode: display diagnostic result [ chassis chassis-number [ slot slot-number [ test test-name ] ] ] [ verbose ]...
Page 399 PortMonitor Success ComponentMonitor Success # (In standalone mode.) Display detailed test results for all diagnostic tests. <Sysname> display diagnostic result verbose Slot 1: Test name : IPCMonitor Total run count : 52 Total failure count Consecutive failure count: 0 Last execution time : Fri Nov 21 23:13:25 2014 First failure time : -NA-...
Page 400: Display Diagnostic Result Statistics
Last execution time : Fri Nov 21 23:13:35 2014 First failure time : -NA- Last failure time : -NA- Last pass time : Fri Nov 21 23:13:35 2014 Last execution result : Success Last failure reason : -NA- Next execution time : Fri Nov 21 23:13:45 2014 test result: pass Test name...
Page 401 display diagnostic result [ slot slot-number [ test test-name ] ] statistics In IRF mode: display diagnostic result [ chassis chassis-number [ slot slot-number [ test test-name ] ] ] statistics Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a card by its slot number.
Page 402: Display Diagnostic Simulation
display diagnostic simulation Use display diagnostic simulation to display configurations for simulated diagnostic tests. Syntax In standalone mode: display diagnostic simulation [ slot slot-number ] In IRF mode: display diagnostic simulation [ chassis chassis-number [ slot slot-number ] ] Views Any view Predefined user roles network-admin...
Page 403: Reset Diagnostic Result
Examples # Clear GOLD logs. <Sysname> reset diagnostic event-log Related commands display diagnostic event-log reset diagnostic result Use reset diagnostic result to clear test results. Syntax In standalone mode: reset diagnostic result [ slot slot-number [ test test-name ] ] In IRF mode: reset diagnostic result [ chassis chassis-number [ slot slot-number [ test test-name ] ] ] Views...
Page 404: Packet Capture Commands
Packet capture commands packet-capture interface IMPORTANT: To use the packet capture feature, you must install the feature image by using the boot-loader, install, or issu command. For more information about the commands, see Fundamentals Command Reference. Use packet-capture interface to capture incoming packets on an interface. Syntax Save captured packets to a file: packet-capture interface interface-type interface-number [ capture-filter capt-expression |...
Page 405 autostop duration seconds: Stops capturing packets when the capturing duration expires. The seconds argument sets the capturing duration. The value range is 1 to 2147483647 seconds. If you do not set a limit, the capturing duration is unlimited. autostop files numbers: Stops capturing packets when the maximum number of file rotations is reached.
Page 406: Packet-Capture Read
Table 85 Using the packet filter parameters Purpose Options Remarks • Stop based on the capturing duration: The packet capture stops if any one of autostop duration seconds the limits for the stop options is • Stop based on the number of reached.
Page 407 Parameters filepath: Specifies the full path of the packet file to store captured packet data. The path must be a case-sensitive string of up to 64 characters. The filename extension must be .pcap or .pcapng. For more information about setting a file path, see file system management in Fundamentals Configuration Guide.
Page 408: Vcf Fabric Commands
VCF fabric commands display vcf-fabric topology Use display vcf-fabric topology to display VCF fabric topology information. Syntax display vcf-fabric topology Views Any view Predefined user roles network-admin network-operator mdc-admin mdc-operator Usage guidelines You can execute this command only on the master spine node. Before you display VCF fabric topology information, make sure VCF fabric topology discovery and automated underlay network provisioning are enabled.
Page 409: Display Vcf-Fabric Underlay Autoconfigure
Field Description This field displays Deploying if automated underlay network provisioning is in progress. Related commands vcf-fabric underlay autoconfigure vcf-fabric topology enable display vcf-fabric underlay autoconfigure Use display vcf-fabric underlay autoconfigure to display information about automated underlay network provisioning. Syntax display vcf-fabric underlay autoconfigure Views Any view...
Page 410: Vcf-Fabric Role
local-user aaa password simple aaa service-type telnet https authorization-attribute user-role network-admin line vty 0 63 authentication-mode scheme user-role network-admin bgp 100 vcf topo enable neutron rabbit user openstack rabbit password plain 12345678 rabbit host ip 10.11.113.143 username aaa password plain aaa network-type vxlan-central l2agent enable l3agent enable...
Page 411: Vcf-Fabric Spine-Role Master
Syntax vcf-fabric role { access | leaf | spine } undo vcf-fabric role Default No role is specified for the device. Views Neutron view Predefined user roles network-admin mdc-admin Parameters access: Specifies the access node. leaf: Specifies the leaf node. spine: Specifies the spine node.
Page 412: Vcf-Fabric Topology Enable
Examples # Specify the device as a master spine. <Sysname> system-view [Sysname] vcf-fabric spine-role master Related commands vcf-fabric role vcf-fabric topology enable Use vcf-fabric topology enable to enable VCF fabric topology discovery. Use undo vcf-fabric topology enable to disable VCF fabric topology discovery. Syntax vcf-fabric topology enable undo vcf-fabric topology enable...
Page 413: Vcf-Fabric Underlay Pause
Parameters template: Specifies a template file by its name, a case-insensitive string of 1 to 127 characters. A template file is a file that ends with the .template file extension. Usage guidelines After this command is executed, the device uses the specified template file to deploy the underlay network.
Page 414: Document Conventions And Icons
Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.
Page 415: Network Topology Icons
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 416: Support And Other Resources
Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...
Page 417: Websites
For more information and device support details, go to the following website: www.hpe.com/info/insightremotesupport/docs Documentation feedback Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title,...
Page 418 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Page 419: Index
Index A C D E F H I K L M N O P R S T U V X display ipv6 netstream export,324 display ipv6 netstream template,325 action cli,211 display kernel deadloop,239 action reboot,212 display kernel deadloop configuration,242 action switchover,213 display kernel exception,244...
Page 420 display snmp-agent remote,147 info-center logfile size-quota,361 display snmp-agent statistics,148 info-center logging suppress duplicates,361 display snmp-agent sys-info,150 info-center logging suppress module,363 display snmp-agent trap queue,151 info-center loghost,364 display snmp-agent trap-list,151 info-center loghost source,365 display snmp-agent usm-user,152 info-center security-logfile alarm-threshold,365 display sntp ipv6 sessions,130 info-center security-logfile directory,366...
Page 421 mirroring-group,289 ntp-service inbound enable,113 mirroring-group mirroring-cpu,289 ntp-service ipv6 acl,114 mirroring-group mirroring-port (interface view),291 ntp-service ipv6 dscp,115 mirroring-group mirroring-port (system view),292 ntp-service ipv6 inbound enable,115 mirroring-group monitor-egress,293 ntp-service ipv6 multicast-client,116 mirroring-group monitor-port (interface view),294 ntp-service ipv6 multicast-server,117 mirroring-group monitor-port (system view),295 ntp-service ipv6 source,118 mirroring-group...
Page 422 reset diagnostic event-log,393 snmp-agent sys-info location,170 reset diagnostic result,394 snmp-agent sys-info version,170 reset exception context,282 snmp-agent target-host,171 reset ip netstream statistics,320 snmp-agent trap enable,173 reset ipv6 netstream statistics,338 snmp-agent trap if-mib link extended,174 reset kernel deadloop,282 snmp-agent trap life,175 reset kernel exception,283 snmp-agent trap log,175...
Page 423 xml,208...

HPE FlexNetwork 10500 Series Network Management And Monitoring Command Reference

Ping, Tracert, and System Debugging Commands

NQA Commands

NTP Commands

SNTP Commands

SNMP Commands

RMON Commands

NETCONF Commands

EAA Commands

Process Monitoring and Maintenance Commands

Sampler Commands

Port Mirroring Commands

Flow Mirroring Commands

Netstream Configuration Commands

Ipv6 Netstream Commands

Quick Links

Network Management and Monitoring

Command Reference

Related Manuals for HPE FlexNetwork 10500 Series

Summary of Contents for HPE FlexNetwork 10500 Series