HPE FlexNetwork MSR954 Command Reference Manual
  1. Manuals
  2. Brands
  3. HPE Manuals
  4. Network Router
  5. FlexNetwork MSR954
  6. Command reference manual

HPE FlexNetwork MSR954 Command Reference Manual

Msr series
Hide thumbs Also See for FlexNetwork MSR954:
1
2
Table Of Contents
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
Table of Contents

Advertisement

Quick Links

HPE FlexNetwork MSR Router Series
Comware 7 Network Management and Monitoring

Command Reference

Part number: 5998-8765
Software version: CMW710-E0407
Document version: 6W100-20160526

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the FlexNetwork MSR954 and is the answer not in the manual?

Questions and answers

Related Manuals for HPE FlexNetwork MSR954

Summary of Contents for HPE FlexNetwork MSR954

  • Page 1: Command Reference

    HPE FlexNetwork MSR Router Series Comware 7 Network Management and Monitoring Command Reference Part number: 5998-8765 Software version: CMW710-E0407 Document version: 6W100-20160526...
  • Page 2 © Copyright 2016 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

  • Page 3: Table Of Contents

    Contents Ping, tracert, and system debugging commands ····································· 1     debugging ·························································································································· 1   display debugging ··············································································································· 2   ping ·································································································································· 2   ping ipv6 ···························································································································· 6   tracert ······························································································································· 8   tracert ipv6 ······················································································································· 11 NQA commands ············································································ 14  ...
  • Page 4   operation (HTTP operation view) ·························································································· 52   out interface ····················································································································· 53   password ························································································································· 54   probe count ······················································································································ 55   probe packet-interval ·········································································································· 56   probe packet-number ········································································································· 57   probe packet-timeout ········································································································· 58   probe timeout ··················································································································· 59  ...
  • Page 5 NTP commands ············································································· 92     display ntp-service ipv6 sessions ·························································································· 92   display ntp-service sessions ································································································ 97   display ntp-service status ·································································································· 101   display ntp-service trace ··································································································· 103   ntp-service acl ················································································································ 104   ntp-service authentication enable ························································································ 106  ...
  • Page 6 PoE commands ··········································································· 137     apply poe-profile ············································································································· 137   apply poe-profile interface ································································································· 138   display poe device ··········································································································· 139   display poe interface ········································································································ 141   display poe interface power ······························································································· 143   display poe power-usage ·································································································· 144  ...
  • Page 7   snmp-agent ···················································································································· 190   snmp-agent calculate-password ························································································· 191   snmp-agent community ···································································································· 192   snmp-agent community-map ······························································································ 195   snmp-agent context ········································································································· 196   snmp-agent group ··········································································································· 197   snmp-agent local-engineid ································································································ 199   snmp-agent log ··············································································································· 200   snmp-agent mib-view ·······································································································...
  • Page 8   context (trigger view) ········································································································ 247   delta falling ···················································································································· 247   delta rising ····················································································································· 248   description (event view) ···································································································· 249   description (trigger view) ··································································································· 250   display snmp mib event ···································································································· 251   display snmp mib event event ···························································································· 252  ...
  • Page 9 NETCONF commands ·································································· 287     netconf log ····················································································································· 287   netconf soap http acl ········································································································ 288   netconf soap http enable ··································································································· 289   netconf soap https acl ······································································································ 290   netconf soap https enable ································································································· 290   netconf ssh server enable ································································································· 291  ...
  • Page 10   event hotplug ·················································································································· 321   event interface ················································································································ 323   event process ················································································································· 326   event snmp oid ··············································································································· 327   event snmp-notification ····································································································· 329   event syslog ··················································································································· 330   rtm cli-policy ··················································································································· 331   rtm environment ·············································································································· 332  ...
  • Page 11   reset kernel starvation ······································································································ 397   third-part-process start ····································································································· 398   third-part-process stop ······································································································ 399 Sampler commands ······································································ 401     display sampler ··············································································································· 401   sampler ························································································································· 402 Port mirroring commands ······························································· 404     display mirroring-group ····································································································· 404  ...
  • Page 12   display ipv6 netstream export ····························································································· 442   display ipv6 netstream template ························································································· 443   enable ··························································································································· 447   ipv6 netstream ················································································································ 448   ipv6 netstream filter ········································································································· 448   ipv6 netstream sampler ···································································································· 449   ipv6 netstream aggregation ······························································································· 450  ...
  • Page 13   info-center enable ············································································································ 481   info-center format ············································································································ 482   info-center logbuffer ········································································································· 482   info-center logbuffer size ··································································································· 483   info-center logfile directory ································································································ 484   info-center logfile enable ··································································································· 485   info-center logfile frequency ······························································································· 485   info-center logfile overwrite-protection ··················································································...
  • Page 14 Packet capture commands ····························································· 514     display packet-capture status ····························································································· 514   packet-capture (on wired devices) ······················································································· 515   packet-capture local interface (on wired devices/fat APs) ························································· 518   packet-capture read (on wired devices) ················································································ 520   packet-capture remote interface (on wired devices/fat APs) ······················································ 521  ...

  • Page 15: Ping, Tracert, And System Debugging Commands

    Ping, tracert, and system debugging commands debugging Use debugging to enable debugging for a module. Use undo debugging to disable debugging for a module. Syntax debugging module-name [ option ] undo debugging module-name [ option ] Default Debugging is disabled for all modules. Views User view Predefined user roles...

  • Page 16: Display Debugging

    display debugging Use display debugging to display the enabled debugging features for a module or for all modules. Syntax display debugging [ module-name ] Views Any view Predefined user roles network-admin network-operator Parameters module-name: Specifies a module by its name. For a list of supported modules, use the display debugging ? command.
  • Page 17 -a source-ip: Specifies an IP address of the device as the source IP address of ICMP echo requests. If this option is not specified, the source IP address of ICMP echo requests is the primary IP address of the outbound interface. -c count: Specifies the number of ICMP echo requests that are sent to the destination.
  • Page 18 -vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the destination belongs, where the vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the destination is on the public network, do not specify this option. host: Specifies the IP address or host name of the destination. The host name is a case-insensitive string of 1 to 253 characters.
  • Page 19 # Test whether the device with an IP address of 1.1.2.2 is reachable. The IP addresses of the hops that the ICMP packets passed in the path are displayed. <Sysname> ping -r 1.1.2.2 Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break 56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=4.685 ms 1.1.2.1 1.1.2.2...

  • Page 20: Ping Ipv6

    ping ipv6 Use ping ipv6 to test the reachability of the destination IPv6 address and display IPv6 ping statistics. Syntax ping ipv6 [ -a source-ipv6 | -c count | -i interface-type interface-number | -m interval | -q | -s packet-size | -t timeout | -tc traffic-class| -v | -vpn-instance vpn-instance-name ] * host Views Any view Predefined user roles...
  • Page 21 host: Specifies the IPv6 address or host name of the destination. The host name is a case-insensitive string of 1 to 253 characters. It can contain letters, digits, and special characters such as hyphen (-), underscore (_), and dot (.). Usage guidelines To ping a device identified by its host name, configure the DNS settings on the device first.

  • Page 22: Tracert

    Table 2 Command output Field Description Ping6(56 data bytes) An ICMPv6 echo reply with a data length of 56 bytes is sent from 2001::1 to 2001::2. 2001::1 --> 2001::2, press CTRL_C to break Press Ctrl+C to abort the ping IPv6 operation. Received ICMPv6 echo replies from the device whose IPv6 address is 2001::2.
  • Page 23 -p port: Specifies an invalid UDP port of the destination. The value range is 1 to 65535, and the default is 33434. If the destination address is an EID address at a remote LISP site, specify a port number in the range of 33434 to 65535. -q packet-number: Specifies the number of probe packets to send per hop.
  • Page 24 To abort the tracert operation during the execution of the command, press Ctrl+C. Examples # Display the path that the packets traverse from source to destination (1.1.2.2). <Sysname> tracert 1.1.2.2 traceroute to 1.1.2.2 (1.1.2.2), 30 hops at most, 40 bytes each packet, press CTRL_C to break 1.1.1.2 (1.1.1.2) 673 ms 425 ms 30 ms 1.1.2.2 (1.1.2.2) [AS 100] 580 ms 470 ms 80 ms...

  • Page 25: Tracert Ipv6

    Field Description ICMP timeout packets on an MPLS network, carrying MPLS label information: • Label—Label value that is used to identify a forwarding equivalence class (FEC). MPLS Label=100048 Exp=0 • Exp—Reserved, usually used for class of service (CoS). TTL=1 S=1 •...
  • Page 26 • global: Specifies the global routing table. • none: Disables AS resolution. • vpn: Specifies the VPN routing table. -w timeout: Specifies the timeout time (in milliseconds) of the reply packet of a probe packet. The value range is 1 to 65535, and the default is 5000. host: Specifies the IPv6 address or host name of the destination.
  • Page 27 Table 4 Command output Field Description Display the route that the IPv6 packets traverse from the current device traceroute to 2001:3::2 to the device whose IP address is 2001:3:2. Maximum number of hops of the probe packets, which can be set by the hops at most -m keyword.

  • Page 28: Nqa Commands

    NQA commands NQA client commands advantage-factor Use advantage-factor to set the advantage factor to be used for calculating Mean Opinion Scores (MOS) and Calculated Planning Impairment Factor (ICPIF) values. Use undo advantage-factor to restore the default. Syntax advantage-factor factor undo advantage-factor Default The advantage factor is 0.

  • Page 29: Data-Fill

    Use undo codec-type to restore the default. Syntax codec-type { g711a | g711u | g729a } undo codec-type Default The codec type for the voice operation is G.711 A-law. Views Voice operation view Predefined user roles network-admin Parameters g711a: Specifies G.711 A-law codec type. g711u: Specifies G.711 µ-law codec type g729a: Specifies G.729 A-law codec type.

  • Page 30: Data-Size

    Predefined user roles network-admin Parameters string: Specifies a case-sensitive string of 1 to 200 characters. Usage guidelines If the payload length is smaller than the string length, only the first part of the string is filled. For example, if you configure the string as abcd and set the payload size to 3 bytes, abc is filled. If the payload length is greater than the string length, the system fills the payload with the string cyclically until the payload is full.
  • Page 31 Table 5 Default payload size of a probe packet Operation type Codec type Default size (bytes) ICMP echo UDP echo UDP jitter UDP tracert Path jitter Voice G.711 A-law Voice G.711 µ-law Voice G.729 A-law Views ICMP/UDP echo operation view Path/UDP jitter operation view UDP tracert operation view Voice operation view...

  • Page 32: Description

    description Use description to configure a description for an NQA operation, such as the operation type or purpose. Use undo description to restore the default. Syntax description text undo description Default No description is configured for an NQA operation. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view...

  • Page 33: Destination Ipv6

    Views DHCP/DLSw/DNS/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view UDP tracert operation view Predefined user roles network-admin Parameters ip-address: Specifies the destination IPv4 address for the operation. Examples # Specify 10.1.1.1 as the destination IPv4 address for the ICMP echo operation. <Sysname>...

  • Page 34: Destination Port

    [Sysname-nqa-admin-test-icmp-echo] destination ipv6 1::1 destination port Use destination port to configure the destination port number for the operation. Use undo destination port to restore the default. Syntax destination port port-number undo destination port Default The destination port number is 33434 for the UDP tracert operation. No destination port number is configured for other types of operations.
  • Page 35 Predefined user roles network-admin network-operator Parameters admin-name operation-tag: Specifies an NQA operation by its administrator name and operation tag. The admin-name argument represents the name of the administrator who creates the NQA operation. The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-).

  • Page 36: Display Nqa Reaction Counters

    Succeeded 2011-04-29 20:54:24.5 Succeeded 2011-04-29 20:54:24.1 Succeeded 2011-04-29 20:54:23.8 Succeeded 2011-04-29 20:54:23.4 Table 6 Command output Field Description History record ID. Index The history records in one UDP tracert operation have the same ID. TTL value in the probe packet. Round-trip time if the operation succeeds, timeout time upon timeout, or 0 if the Response operation cannot be completed, in milliseconds.
  • Page 37 Usage guidelines The result fields display hyphens (-) in one of the following conditions: • The threshold type is the average value. • The monitored performance metric is ICPIF or MOS of the voice operation. The monitoring results of an operation are accumulated, and are not cleared after the operation completes.

  • Page 38: Display Nqa Result

    Monitored Threshold performance Collect data in Checked Num Over-threshold Num type metric Packets sent Number of packets with Number of sent accumulate after the round-trip time exceeding packets. operation starts. threshold. average Packets sent Number of packets with Number of sent accumulate after the the one-way jitter...
  • Page 39 Send operation times: 1 Receive response times: 1 Min/Max/Average round trip time: 35/35/35 Square-Sum of round trip time: 1225 Last succeeded probe time: 2011-05-29 10:50:33.2 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to disconnect: 0 Failures due to no connection: 0 Failures due to internal error: 0 Failures due to other errors: 0...
  • Page 40 # Display the most recent result of the UDP jitter operation with administrator name admin and operation tag test. <Sysname> display nqa result admin test NQA entry (admin admin, tag test) test results: Send operation times: 10 Receive response times: 10 Min/Max/Average round trip time: 15/46/26 Square-Sum of round trip time: 8103 Last packet received time: 2011-05-29 10:56:38.7...
  • Page 41 Failures due to timeout: 1000 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Voice results: RTT number: 0 Min positive SD: 0 Min positive DS: 0 Max positive SD: 0 Max positive DS: 0 Positive SD number: 0 Positive DS number: 0...
  • Page 42 Min/Max/Average jitter: 0/0/0 Positive jitter number: 0 Min/Max/Average positive jitter: 0/0/0 Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0 Min/Max/Average negative jitter: 0/0/0 Sum/Square-Sum negative jitter: 0/0 Hop IP 192.168.50.209 Basic Results: Send operation times: 10 Receive response times: 10 Min/Max/Average round trip time: 1/1/1 Square-Sum of round trip time: 10 Extended Results:...
  • Page 43 Table 9 Command output Field Description Data collecting in progress The operation is in progress. Send operation times Number of operations. Receive response times Number of response packets received. Min/Max/Average round trip time Minimum/maximum/average round-trip time in milliseconds. Square-Sum of round trip time Square sum of round-trip time.
  • Page 44 Field Description Positive SD average Average positive jitters from source to destination. Positive DS average Average positive jitters from destination to source. Positive SD square-sum Square sum of positive jitters from source to destination. Positive DS square-sum Square sum of positive jitters from destination to source. Minimum absolute value among negative jitters from source to Min negative SD destination.

  • Page 45: Display Nqa Statistics

    Field Description DS lost packets Number of lost packets from the destination to the source. Lost packets for unknown reason Number of lost packets for unknown reasons. Voice parameters. Voice scores This field is available only for the voice operation. MOS value MOS value calculated for the voice operation.
  • Page 46 Predefined user roles network-admin network-operator Parameters admin-name operation-tag: Specifies an NQA operation by its administrator name and operation tag. The admin-name argument represents the name of the administrator who creates the NQA operation. The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-).
  • Page 47 Send operation times: 1560 Receive response times: 1560 Min/Max/Average round trip time: 1/2/1 Square-Sum of round trip time: 1563 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 ICMP-jitter results:...
  • Page 48 Square-Sum of round trip time: 24360 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 UDP-jitter results: RTT number: 550 Min positive SD: 1 Min positive DS: 1...
  • Page 49 Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Voice results: RTT number: 10 Min positive SD: 3 Min positive DS: 1 Max positive SD: 10 Max positive DS: 1 Positive SD number: 3...
  • Page 50 Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Path-Jitter Results: Jitter number: 9 Min/Max/Average jitter: 0/0/0 Positive jitter number: 0 Min/Max/Average positive jitter: 0/0/0 Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0...
  • Page 51 Field Description Square-Sum of round trip time Square sum of round-trip time. Packet loss ratio Average packet loss ratio. Failures due to timeout Number of timeout occurrences in an operation. Failures due to disconnect Number of disconnections by the peer. Failures due to no connection Number of failures to connect with the peer.
  • Page 52 Field Description Negative SD number Number of negative jitters from source to destination. Negative DS number Number of negative jitters from destination to source. Sum of absolute values of negative jitters from source to Negative SD sum destination. Sum of absolute values of negative jitters from destination to Negative DS sum source.
  • Page 53 Field Description Checked Element Monitored element. Threshold Type Threshold type. Number of targets that have been monitored for data Checked Num collection. Over-threshold Num Number of threshold violations. Serial number for the path in the path jitter operation. Path This field is available only for the path jitter operation. IP address of the hop.

  • Page 54: Filename

    Monitored Threshold performance Collect data in Checked Num Over-threshold Num type metric Probes in the Number of consecutive Number of probe failures. counting interval. completed probes. Packets sent in Number of packets of Number of sent accumulate the counting which the round-trip time packets.

  • Page 55: Frequency

    Examples # Specify config.txt as the file to be transferred between the FTP server and the FTP client for the FTP operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type ftp [Sysname-nqa-admin-test-ftp] filename config.txt frequency Use frequency to specify the interval at which the NQA operation repeats. Use undo frequency to restore the default.

  • Page 56: History-Record Enable

    history-record enable Use history-record enable to enable the saving of history records for the NQA operation. Use undo history-record enable to disable the saving of history records. Syntax history-record enable undo history-record enable Default The saving of history records is enabled only for the UDP tracert operation. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view...

  • Page 57: History-Record Number

    Default The history records of an NQA operation are kept for 120 minutes. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view UDP tracert operation view Predefined user roles network-admin Parameters keep-time: Specifies how long the history records can be saved. The value range is 1 to 1440 minutes.

  • Page 58: Init-Ttl

    Predefined user roles network-admin Parameters number: Specifies the maximum number of history records that can be saved for an NQA operation. The value range is 0 to 50. Usage guidelines If the number of history records for an NQA operation exceeds the maximum number, earliest history records are removed.

  • Page 59: Lsr-Path

    lsr-path Use lsr-path to specify a loose source routing (LSR) path. Use undo lsr-path to restore the default. Syntax lsr-path ip-address&<1-8> undo lsr-path Default No LSR path is configured. Views Path jitter operation view Predefined user roles network-admin Parameters ip-address&<1-8>: Specifies a space-separated list of up to eight IP addresses. Each IP address represents a hop on the path.

  • Page 60: Mode

    Default A UDP tracert operation stops and fails when it detects five consecutive probe failures. Views UDP tracert operation view Predefined user roles network-admin Parameters times: Specifies the maximum number in the range of 0 to 255. When this argument is set to 0 or 255, the UDP tracert operation does not stop when consecutive probe failures occur.

  • Page 61: Next-Hop Ip

    Examples # Set the data transmission mode to passive for the FTP operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type ftp [Sysname-nqa-admin-test-ftp] mode passive next-hop ip Use next-hop ip to specify the next hop IPv4 address for probe packets. Use undo next-hop ip to restore the default.

  • Page 62: No-Fragment Enable

    undo next-hop ipv6 Default No next hop IPv6 address is specified for probe packets. Views ICMP echo operation view Predefined user roles network-admin Parameters ipv6-address: Specifies the IPv6 address of the next hop. IPv6 link-local addresses are not supported. Usage guidelines If the next hop IPv6 address is not configured, the device searches the routing table to determine the next hop IPv6 address for the probe packets.

  • Page 63: Nqa

    You can use this command to test the path MTU of a link. Examples # Enable the no-fragmentation feature for the UDP tracert operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-tracert [Sysname-nqa-admin-test-udp-tracert] no-fragment enable Use nqa to create an NQA operation and enter its view, or enter the view of an existing NQA operation.

  • Page 64: Nqa Schedule

    Use undo nqa agent enable to disable the NQA client and stop all operations being performed. Syntax nqa agent enable undo nqa agent enable Default The NQA client is enabled. Views System view Predefined user roles network-admin Examples # Enable the NQA client. <Sysname>...

  • Page 65: Operation (Ftp Operation View)

    start-time: Specifies the start time and date of the NQA operation. hh:mm:ss: Specifies the start time of an NQA operation. yyyy/mm/dd: Specifies the start date of an NQA operation. The default value is the current system time, and the value for the yyyy argument is in the range of 2000 to 2035. mm/dd/yyyy: Specifies the start date of an NQA operation.

  • Page 66: Operation (Http Operation View)

    undo operation Default The FTP operation type is get. Views FTP operation view Predefined user roles network-admin Parameters get: Gets a file from the FTP server. put: Transfers a file to the FTP server. Usage guidelines When you perform the put operation with the filename command configured, make sure the file exists on the NQA client.

  • Page 67: Out Interface

    Views HTTP operation view Predefined user roles network-admin Parameters get: Gets data from the HTTP server. post: Transfers data to the HTTP server. raw: Sends the RAW request to the HTTP server. Usage guidelines The HTTP operation use HTTP requests as probe packets. For the get or post operation, the content in the request is obtained from the URL specified by the url command.

  • Page 68: Password

    Views DHCP operation view ICMP echo operation view UDP tracert operation view Predefined user roles network-admin Parameters interface-type interface-number: Specifies an interface by its type and number. Usage guidelines For successful operation, the specified output interface must be up. If both the next-hop and out interface commands are configured for the ICMP echo operation, the out interface command does not take effect.

  • Page 69: Probe Count

    simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form. string: Specifies the password. The plaintext form of the password is a case-sensitive string of 1 to 32 characters. The encrypted form of the password is a case-sensitive string of 1 to 73 characters. Examples # Set the FTP login password to ftpuser.

  • Page 70: Probe Packet-Interval

    • For other types of operations, this argument specifies the times of probes to the destination per operation. The value range for this argument is 1 to 15. Usage guidelines The following describes how NQA performs different types of operations: •...

  • Page 71: Probe Packet-Number

    Use undo probe packet-interval to restore the default. Syntax probe packet-interval interval undo probe packet-interval Default The packet sending interval is 20 milliseconds. Views ICMP jitter operation view Path jitter operation view UDP jitter operation view Voice operation view Predefined user roles network-admin Parameters interval: Specifies the sending interval in the range of 10 to 60000 milliseconds.

  • Page 72: Probe Packet-Timeout

    UDP jitter operation view Voice operation view Predefined user roles network-admin Parameters packet-number: Specifies the number of packets to be sent per probe. Available value ranges include: • 10 to 1000 for the ICMP jitter, UDP jitter, or path jitter operation. •...

  • Page 73: Probe Timeout

    Parameters timeout: Specifies the timeout time in milliseconds. The value range is 10 to 3600000. Examples # Set the response timeout time to 100 milliseconds in the UDP jitter operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-jitter [Sysname-nqa-admin-test-udp-jitter] probe packet-timeout 100 probe timeout Use probe timeout to set the probe timeout time.

  • Page 74: Raw-Request

    raw-request Use raw-request to enter raw request view and specify the content of an HTTP request. Use undo raw-request to restore the default. Syntax raw-request undo raw-request Default The contents of an HTTP raw request are not specified. Views HTTP operation view Predefined user roles network-admin Usage guidelines...
  • Page 75 Default No reaction entries for monitoring one-way jitter exist. Views ICMP jitter operation view UDP jitter operation view Voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. jitter-ds: Specifies the destination-to-source jitter of each probe packet as the monitored element (or performance metric).

  • Page 76: Reaction Checked-Element { Owd-Ds | Owd-Sd

    state of the reaction entry is set to over-threshold. If it is below the lower limit, the state is set to below-threshold. Once the state of the reaction entry changes, a trap message is generated and sent to the NMS. <Sysname>...

  • Page 77: Reaction Checked-Element Icpif

    owd-ds: Specifies the destination-to-source delay of each probe packet as the monitored element. owd-sd: Specifies the source-to-destination delay of each probe packet as the monitored element. threshold-value: Specifies threshold range in milliseconds. upper-threshold: Specifies the upper limit in the range of 0 to 3600000. lower-threshold: Specifies the lower limit in the range of 0 to 3600000.

  • Page 78: Reaction Checked-Element Mos

    Views Voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-value: Specifies threshold range. upper-threshold: Specifies the upper limit in the range of 1 to 100. lower-threshold: Specifies the lower limit in the range of 1 to 100.
  • Page 79 undo reaction item-number Default No reaction entries for monitoring the MOS value exist. Views Voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-value: Specifies threshold range. upper-threshold: Specifies the upper limit in the range of 1 to 500.

  • Page 80: Reaction Checked-Element Packet-Loss

    reaction checked-element packet-loss Use reaction checked-element packet-loss to configure a reaction entry for monitoring packet loss in UDP jitter or voice operation. Use undo reaction to delete the specified reaction entry. Syntax reaction item-number checked-element packet-loss threshold-type accumulate accumulate-occurrences [ action-type { none | trap-only } ] undo reaction item-number Default No reaction entries for monitoring packet loss exist.

  • Page 81: Reaction Checked-Element Probe-Duration

    the reaction entry is set to over-threshold. Otherwise, the state is set to below-threshold. Once the state of the reaction entry changes, a trap message is generated and sent to the NMS. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-jitter [Sysname-nqa-admin-test-udp-jitter] reaction 1 checked-element packet-loss threshold-type accumulate 100 action-type trap-only reaction checked-element probe-duration...
  • Page 82 action-type: Specifies what action to be triggered. The default action is none. none: Specifies the action of displaying results on the terminal display. trap-only: Specifies the action of displaying results on the terminal display and meanwhile sending SNMP trap messages to the NMS. This keyword is not available for the DNS operation. Usage guidelines You cannot edit a reaction entry after it is created.

  • Page 83: Reaction Checked-Element Probe-Fail (For Trap)

    [Sysname-nqa-admin-test-icmp-echo] reaction 3 checked-element probe-duration threshold-type consecutive 10 threshold-value 50 5 action-type trap-only reaction checked-element probe-fail (for trap) Use reaction checked-element probe-fail to configure a reaction entry for monitoring the probe failures of the operation. Use undo reaction to delete the specified reaction entry. Syntax reaction item-number...

  • Page 84: Reaction Checked-Element Probe-Fail (For Trigger)

    Examples # Create reaction entry 1 for monitoring the probe failures in ICMP echo operation. Before the NQA operation starts, the initial state of the reaction entry is invalid. If the total number of probe failures reaches or exceeds 10, the state of the entry is set to over-threshold. If it is below the threshold, the state of the entry is set to below-threshold.

  • Page 85: Reaction Checked-Element Rtt

    threshold-type: Specifies a threshold type. consecutive consecutive-occurrences: Checks the maximum number of consecutive probe failures, in the range of 1 to 16. action-type: Specifies what action to be triggered. trigger-only: Triggers other modules to react to certain conditions. Usage guidelines You cannot edit a reaction entry after it is created.
  • Page 86 Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-type: Specifies a threshold type. accumulate accumulate-occurrences: Checks the total number of threshold violations. Available value ranges include: • 1 to 15000 for the ICMP jitter and UDP jitter operations. •...

  • Page 87: Reaction Trap

    <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-jitter [Sysname-nqa-admin-test-udp-jitter] reaction 1 checked-element rtt threshold-type accumulate 100 threshold-value 50 5 action-type trap-only reaction trap Use reaction trap to configure the sending of traps to the NMS under specific conditions. Use undo reaction trap to restore the default.

  • Page 88: Rresolve-Target

    Usage guidelines The ICMP jitter, UDP jitter, and voice operations support only the test-complete keyword. The following parameters are not available for the UDP tracert operation: • The probe-failure consecutive-probe-failures option. • The accumulate-probe-failures argument. Examples # Configure the system to send a trap if five or more consecutive probe failures occur in an ICMP echo operation.

  • Page 89: Route-Option Bypass-Route

    route-option bypass-route Use route-option bypass-route to enable the routing table bypass feature to test the connectivity to the direct destination. Use undo route-option bypass-route to disable the routing table bypass feature. Syntax route-option bypass-route undo route-option bypass-route Default The routing table bypass feature is disabled. Views DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view...

  • Page 90: Source Ip

    Syntax source interface interface-type interface-number undo source interface Default No source IP address is specified for probe packets. The probe packets take the primary IP address of the outgoing interface as their source IP address. Views ICMP echo operation view UDP tracert operation view Predefined user roles network-admin...

  • Page 91: Source Ipv6

    undo source ip Default The probe packets takes the IP address of their output interface as the source IP address. Views DHCP/DLSw/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view UDP tracert operation view Predefined user roles network-admin Parameters ip-address: Specifies the source IPv4 address for probe packets.

  • Page 92: Source Port

    Views ICMP echo operation view Predefined user roles network-admin Parameters ipv6-address: Specifies the source IPv6 address for probe packets. IPv6 link-local addresses are not supported. Usage guidelines If you execute the source interface and source ipv6 commands for an ICMP echo operation multiple times, the most recent configuration takes effect.

  • Page 93: Statistics Hold-Time

    Predefined user roles network-admin Parameters port-number: Specifies the source port number in the range of 1 to 65535. Examples # Set the source port number to 8000 for probe packets in the UDP echo operation. <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-echo [Sysname-nqa-admin-test-udp-echo] source port 8000 statistics hold-time...

  • Page 94: Statistics Interval

    statistics interval Use statistics interval to set the statistics collection interval for an NQA operation. Use undo statistics interval to restore the default. Syntax statistics interval interval undo statistics interval Default The statistics collection interval is 60 minutes. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view Predefined user roles...

  • Page 95: Target-Only

    Default A maximum of two statistics groups can be saved. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view Predefined user roles network-admin Parameters number: Specifies the maximum number of statistics groups, in the range of 0 to 100. To disable statistics collection, set the value to 0.

  • Page 96: Tos

    <Sysname> system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type path-jitter [Sysname-nqa-admin-test-path-jitter] target-only Use tos to set the ToS value in the IP header for probe packets. Use undo tos to restore the default. Syntax tos value undo tos Default The ToS value in the IP header of probe packets is 0. Views Any operation view Predefined user roles...

  • Page 97: Type

    Views DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/UDP jitter operation view UDP tracert operation view Predefined user roles network-admin Parameters value: Specifies the maximum number of hops that the probe packets can traverse, in the range of 1 to 255. Usage guidelines The route-option bypass-route command sets the TTL to 1 for probe packets.

  • Page 98: Url

    dlsw: Specifies the DLSw operation type. dns: Specifies the DNS operation type. ftp: Specifies the FTP operation type. http: Specifies the HTTP operation type. icmp-echo: Specifies the ICMP echo operation type. icmp-jitter: Specifies the ICMP jitter operation type. path-jitter: Specifies the path jitter operation type. snmp: Specifies the SNMP operation type.

  • Page 99: Username

    Parameters url: Specifies the URL of the destination server, a case-sensitive string of 1 to 255 characters. The following table describes the URL format and parameters for different operations. Operation URL format Parameter description The host parameter represents the host name of the destination server.

  • Page 100: Version

    [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type ftp [Sysname-nqa-admin-test-ftp] username administrator Related commands operation password version Use version to specify the version used in the HTTP operation. Use undo version to restore the default. Syntax version { v1.0 | v1.1 } undo version Default Version 1.0 is used in the HTTP operation.

  • Page 101: Nqa Server Commands

    Default The operation applies to the public network. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP/voice operation view ICMP/UDP echo operation view ICMP/path/UDP jitter operation view UDP tracert operation view Predefined user roles network-admin Parameters vpn-instance-name: Specifies a VPN instance by its name, a case-sensitive string of 1 to 31 characters.

  • Page 102: Nqa Server Enable

    NQA server status: Enabled TCP connect: IP Address Port Vpn-instance 2.2.2.2 2000 UDP echo: IP Address Port Vpn-instance 3.3.3.3 3000 vpn1 Table 12 Command output Field Description NQA server status Whether the NQA server is enabled. TCP connect Information about the TCP listening service on the NQA server. UDP echo Information about the UDP listening service on the NQA server.

  • Page 103: Nqa Server Tcp-Connect

    Examples # Enable the NQA server. <Sysname> system-view [Sysname] nqa server enable Related commands display nqa server nqa server tcp-connect nqa server udp-echo nqa server tcp-connect Use nqa server tcp-connect to configure a TCP listening service to enable the NQA server to listen to a port on the specified IP address.

  • Page 104: Nqa Server Udp-Echo

    • The IP address must be the address of an interface on the NQA server. • To ensure successful NQA operations and avoid affecting existing services, do not configure the TCP listening service on well-known ports from 1 to 1023. Examples # Configure a TCP listening service to enable the NQA server to listen to port 9000 on the IP address 169.254.10.2.
  • Page 105 When you configure the IP address and port number for a UDP listening service on the NQA server, follow these restrictions and guidelines: • The IP address and port number must be unique on the NQA server and match the configuration on the NQA client.

  • Page 106: Ntp Commands

    NTP commands NTP is supported on the following Layer 3 interfaces: • Layer 3 Ethernet interfaces. • Layer 3 Ethernet subinterfaces. • Layer 3 aggregate interfaces. • Layer 3 aggregate subinterfaces. • VLAN interfaces. • Tunnel interfaces. display ntp-service ipv6 sessions Use display ntp-service ipv6 sessionsto display information about all IPv6 NTP associations.
  • Page 107 Table 13 Command output Field Description • 1—Clock source selected by the system (the current reference source). • 2—The stratum level of the clock source is less than or equal to 15. [12345] • 3—The clock source has survived the clock selection algorithm. •...
  • Page 108 Clock source: 1::1 Session ID: 36144 Clock stratum: 16 Clock status: configured, insane, valid, unsynced Reference clock ID: INIT VPN instance: Not specified Local mode: sym_active, local poll interval: 6 Peer mode: unspec, peer poll interval: 10 Offset: 0.0000ms, roundtrip delay: 0.0000ms, dispersion: 15937ms Root roundtrip delay: 0.0000ms, root dispersion: 0.0000ms Reachabilities:0, sync distance: 15.938...
  • Page 109 Field Description Status of the clock source corresponding to this association: • configured—The association was created at the CLI. • dynamic—The association is established dynamically. • master—The clock source is the primary time server of the current system. • selected—The clock source has survived the clock selection algorithm.
  • Page 110 Field Description Operation mode of the peer device: • unspec—The mode is unspecified. • sym_active—Active mode. • sym_passive—Passive mode. peer mode • client—Client mode. • server—Server mode. • broadcast—Broadcast or multicast server mode. • bclient—Broadcast or multicast client mode. Polling intervalfor the peer device, in seconds. The value peer poll interval displayed is a power of 2.

  • Page 111: Display Ntp-Service Sessions

    display ntp-service sessions Use display ntp-service sessionsto display information about all IPv4 NTP associations. Syntax display ntp-service sessions [verbose] Views Any view Predefined user roles network-admin network-operator Parameters verbose: Displays detailed information aboutall IPv4 NTP associations. If you do not specify this keyword, the command displays only brief information aboutthe NTP associations.
  • Page 112 Field Description Reference clock ID of the NTP server: • If the reference clock is the local clock, the value of this field is related to the value of the strafield: When the value of the strafield is 0 or 1, this field displaysLOCL. When the strafield has another value, this field displaysthe IP reference address of the local clock.
  • Page 113 Local mode: client, local poll interval: 6 Peer mode: server, peer poll interval: 6 Offset: 0.2862ms, roundtrip delay: 3.2653ms, dispersion: 4.5166ms Root roundtrip delay: 0.0000ms, root dispersion: 10.910ms Reachabilities:31, sync distance: 0.0194 Precision: 2^18, version: 3, source interface: Not specified Reftime: d17cbba5.1473de1e Tue, May 17 2011 9:17:25.079...
  • Page 114 Field Description Reference clock ID of the NTP server: • If the reference clock is the local clock, the value of this field is related to the value of the Clock stratumfield: When the value of the Clock stratumfield is 0 or 1, this field displaysLOCL.

  • Page 115: Display Ntp-Service Status

    Field Description Synchronization distance relative to the upper-level clock, in sync distance seconds, and calculated from dispersion and roundtrip delay values. Precision Accuracy of the system clock. version NTP version in the range of 1 to 4. Source interface. source interface If the source interface is not specified, this field isNot specified.
  • Page 116 Stability: 0.000 pps Clock precision: 2^-10 Root delay: 0.00000 ms Root dispersion: 3.96367 ms Reference time: d0c5fc32.92c70b1e Wed, Dec 29 2010 18:28:02.573 # Display the NTP service status when time is not synchronized. <Sysname>display ntp-service status Clock status: unsynchronized Clock stratum: 16 Reference clock ID: none Clock jitter: 0.000000 s Stability: 0.000 pps...

  • Page 117: Display Ntp-Service Trace

    Field Description For an IPv4 NTP server: The field represents the IP address of the remote server when the local device is synchronized to a remote NTP server. The field represents the local clock when the local device uses the local clock as the reference source. •...

  • Page 118: Ntp-Service Acl

    Predefined user roles network-admin network-operator Examples #Displaybrief information about each NTP server from the local device back to the primary time server. <Sysname>display ntp-service trace Server 127.0.0.1 Stratum 3, jitter 0.000, synch distance 0.0000. Server 3000::32 Stratum 2 , jitter 790.00, synch distance 0.0000. RefID 127.127.1.0 The output shows that server 127.0.0.1 is synchronized to server 3000::32, and server 3000::32 is...
  • Page 119 Predefined user roles network-admin Parameters peer: Allows time requests and NTP control queries (such as alarms, authentication status, and time server information) from a peer device and allows the local device to synchronize itself to a peer device. query: Allows only NTP control queries from a peer device to the local device. server: Allows time requests and NTP control queries from a peer device, but does not allow the local device to synchronize itself to a peer device.

  • Page 120: Ntp-Service Authentication Enable

    ntp-service authentication enable Use ntp-service authentication enableto enable NTP authentication. Use undo ntp-service authentication enableto disable NTP authentication. Syntax ntp-service authentication enable undo ntp-service authentication enable Default NTP authentication is disabled. Views System view Predefined user roles network-admin Usage guidelines Enable NTP authentication in networks that require time synchronization security to make sure NTP clients are synchronized only to authenticated NTP servers.

  • Page 121: Ntp-Service Broadcast-Client

    Views System view Predefined user roles network-admin Parameters keyid: Specifies a key ID to identify an authentication key, in the range of 1 to 4294967295. authentication-modemd5value: Uses the MD5 algorithm for key authentication. cipher: Specifies a key in encrypted form. simple: Specifies a key in plaintext form.For security purposes, the key specified in plaintext form will be stored in encrypted form.

  • Page 122: Ntp-Service Broadcast-Server

    Syntax ntp-servicebroadcast-client undontp-servicebroadcast-client Default The device does not operatein any NTP association mode. Views Interface view Predefined user roles network-admin Usage guidelines After you configure the command, the device listens to NTP messages sent by the NTP broadcast server and is synchronized based on the received NTP messages. If you have configured the device to operate in broadcast client mode on an interface with the command, do not add the interface to any aggregate group.

  • Page 123: Ntp-Service Dscp

    Predefined user roles network-admin Parameters authentication-keyid keyid: Specifies the key ID to be used for sending broadcast messages to broadcast clients. Thevalue range for the keyidargument is 1 to 4294967295. If you do not specify this option, the local device cannot synchronize broadcast clients enabled with NTP authentication. versionnumber: Specifies the NTP version.

  • Page 124: Ntp-Service Enable

    Parameters dscp-value: Sets a DSCP value in the range of 0 to 63 for IPv4 NTP packets. Usage guidelines The DSCP value is included in the ToS fieldof an IPv4 packet to identify the packet priority. Examples # Set the DSCP value forIPv4 NTP packets to 30. <Sysname>...

  • Page 125: Ntp-Service Ipv6 Acl

    Views Interface view Predefined user roles network-admin Usage guidelines Execute the undo ntp-service inbound enablecommand on an interface in the following cases: • You do not want the interface to synchronize the peer device in the corresponding subnet. • You do not want the device to be synchronized by the peer device in the subnet corresponding to theinterface.

  • Page 126: Ntp-Service Ipv6 Dscp

    synchronization: Allows only time requests from a system whose address passes the access list criteria. ipv6-acl-number: Specifies an ACL. The peer devices that match the ACL have the access right specified in the command. The ipv6-acl-number argument represents a basic ACL number in the range of 2000 to 2999.

  • Page 127: Ntp-Service Ipv6 Inbound Enable

    Default The DSCP value for IPv6 NTP packets is 56. Views System view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63 for IPv6 NTP packets. Usage guidelines The DSCP value is included in the TrafficClass field of an IPv6 packetto identify the packet priority. Examples # Set the DSCP value forIPv6 NTP packets to 30.

  • Page 128: Ntp-Service Ipv6 Multicast-Client

    <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] undo ntp-service ipv6 inboundenable ntp-service ipv6 multicast-client Use ntp-service ipv6 multicast-client to configure the device to operate in IPv6 NTP multicast client mode and use the current interface to receive IPv6 NTP multicast packets. Use undo ntp-service ipv6 multicast-clientto remove the configuration.

  • Page 129: Ntp-Service Ipv6 Multicast-Server

    ntp-service ipv6 multicast-server Use ntp-service ipv6 multicast-serverto configure the device to operate in IPv6 NTP multicast server mode and use the current interface to send IPv6 NTP multicast packets. Use undo ntp-service ipv6 multicast-serverto remove the configuration. Syntax ntp-service ipv6 multicast-serveripv6-address[authentication-keyidkeyid| ttlttl-number] * undo ntp-service ipv6multicast-server ipv6-address Default The device does not operate in anyNTP association mode.

  • Page 130: Ntp-Service Ipv6 Source

    ntp-service ipv6 source Use ntp-service ipv6 sourceto specify the source interface for IPv6 NTP messages. Use undo ntp-service ipv6 sourceto restore the default. Syntax ntp-service ipv6 sourceinterface-type interface-number undo ntp-service ipv6 source Default No source interface is specified for IPv6 NTP messages. The device automatically selects the source IP address for IPv6 NTP messages.

  • Page 131: Ntp-Service Ipv6 Unicast-Peer

    ntp-service ipv6 unicast-peer Use ntp-serviceipv6unicast-peerto specify an IPv6 symmetric-passive peer for the device. Use undo ntp-serviceipv6unicast-peerto remove the IPv6 symmetric-passive peer specified for the device. Syntax ntp-service ipv6 unicast-peer{ peer-name|ipv6-address }[vpn-instance vpn-instance-name ] [authentication-keyidkeyid| priority|sourceinterface-type interface-number]* undo ntp-service ipv6 unicast-peer{ peer-name| ipv6-address} [vpn-instancevpn-instance-name ]...

  • Page 132: Ntp-Service Ipv6 Unicast-Server

    Usage guidelines When you specify an IPv6 passive peer for the device, the device and its IPv6 passive peer can be synchronized to each other. If their clocks are in synchronized state, the clock with a high stratum level is synchronized to the clock with a lower stratum level. To synchronize the PE to a PE or CE in a VPN, provide thevpn-instance vpn-instance-nameoption in the command.
  • Page 133 Predefined user roles network-admin Parameters server-name: Specifies an NTP server by its host name, a case-insensitive string of 1 to 253 characters. ipv6-address: Specifies an NTP server by its IPv6 address. It must be a unicast address, rather than a multicast address. vpn-instance vpn-instance-name: Specifies the VPN to which the NTP server belongs.

  • Page 134: Ntp-Service Max-Dynamic-Sessions

    Related commands ntp-service authentication enable ntp-service authentication-keyid ntp-service reliable authentication-keyid ntp-service max-dynamic-sessions Use ntp-service max-dynamic-sessionsto set the maximum number of dynamic NTP sessions. Use undo ntp-service max-dynamic-sessionsto restore the default. Syntax ntp-service max-dynamic-sessions number undo ntp-service max-dynamic-sessions Default The maximum number of dynamic NTP sessions is 100. Views System view Predefined user roles...

  • Page 135: Ntp-Service Multicast-Client

    ntp-service multicast-client Use ntp-service multicast-client to configure the device to operate in NTP multicast client mode and use the current interface to receive NTP multicast packets. Use undo ntp-service multicast-clientto remove the configuration. Syntax ntp-servicemulticast-client[ ip-address ] undo ntp-service multicast-client [ ip-address ] Default The device does not operate in anyNTP association mode.
  • Page 136 Syntax ntp-service multicast-server[ ip-address ] [ authentication-keyidkeyid | ttlttl-number | versionnumber ] * undo ntp-service multicast-server [ ip-address ] Default The device does not operate in anyNTP association mode. Views Interface view Predefined user roles network-admin Parameters ip-address: Specifies a multicast IP address. Thedefault is224.0.1.1. A multicast server and client must be configured with the same multicast IP address.

  • Page 137: Ntp-Service Refclock-Master

    ntp-service refclock-master Use ntp-service refclock-masterto configure the local clock as the reference source. Use undo ntp-service refclock-masterto remove the configuration. Syntax ntp-service refclock-master [ip-address ] [stratum ] undo ntp-service refclock-master[ip-address ] Default The device does not use its local clock as the reference clock. Views System view Predefined user roles...

  • Page 138: Ntp-Service Reliable Authentication-Keyid

    ntp-service reliable authentication-keyid Use ntp-service reliable authentication-keyid to specify an authentication key asatrusted key. Use undontp-service reliable authentication-keyid to remove the configuration. Syntax ntp-service reliable authentication-keyidkeyid undo ntp-service reliable authentication-keyidkeyid Default No trusted key is specified. Views System view Predefined user roles network-admin Parameters keyid: Specifies an authentication key by its ID in the range of 1 to 4294967295.

  • Page 139: Ntp-Service Source

    ntp-service source Use ntp-service sourceto specify the source interface for NTP messages. Use undo ntp-service sourceto restore the default. Syntax ntp-service sourceinterface-type interface-number undo ntp-service source Default No source interface is specified for NTP messages. The deviceperforms the following operations: •...

  • Page 140: Ntp-Service Unicast-Peer

    ntp-service unicast-peer Use ntp-serviceunicast-peerto specify a symmetric-passive peer for the device. Use undo ntp-serviceunicast-peerto remove the symmetric-passive peer specified for the device. Syntax ntp-serviceunicast-peer peer-name |ip-address} [vpn-instance vpn-instance-name [authentication-keyidkeyid|priority| sourceinterface-type interface-number|versionnumber] * undontp-serviceunicast-peer { peer-name |ip-address} [vpn-instancevpn-instance-name ] Default No symmetric-passive peer is specified. Views System view Predefined user roles...

  • Page 141: Ntp-Service Unicast-Server

    Usage guidelines When you specify a passive peer for the device, the device and its passive peer can be synchronized to each other. If their clocks are in synchronized state, the clock with a high stratum level is synchronized to the clock with a lower stratum level. To synchronize the PE to a PE or CE in a VPN, provide vpn-instance vpn-instance-name in your command.
  • Page 142 Parameters server-name: Specifies an NTP server by its host name, a case-insensitive string of 1 to 253 characters. ip-address: Specifies an NTP server by its IP address. It must be a unicast address, rather than a broadcast address, a multicast address, or the IP address of the local clock. vpn-instance vpn-instance-name: Specifies the VPN to which the NTP server belongs.

  • Page 143: Sntp Commands

    SNTP commands display sntp ipv6 sessions Use display sntp ipv6 sessionsto display information about all IPv6 SNTP associations. Syntax display sntp ipv6 sessions Views Any view Predefined user roles network-admin network-operator Examples # Display information aboutall IPv6 SNTP associations. <Sysname> display sntp ipv6 sessions SNTP server: 2001::1 Stratum: 16 Version: 4...

  • Page 144: Display Sntp Sessions

    display sntp sessions Use display sntp sessionsto display information about all IPv4SNTP associations. Syntax display sntp sessions Views Any view Predefined user roles network-admin network-operator Examples # Display information aboutall IPv4SNTP associations. <Sysname>display sntp sessions SNTP server Stratum Version Last receive time 1.0.1.112 Tue, May 17 2011 9:11:20.833 (Synced)

  • Page 145: Sntp Authentication-Keyid

    Predefined user roles network-admin Usage guidelines You needto enable SNTP authentication in networks that require time synchronization security to make sure SNTP clients are synchronized only to authenticated NTP servers. To authenticate an NTP server, set an authentication key and specify it as a trusted key. Examples # Enable SNTP authentication.

  • Page 146: Sntp Enable

    Usage guidelines You need to enable SNTP authentication in networks that require time synchronization security to make sure SNTP clients are synchronized only to authenticated NTP servers. Configure the same key ID and key on the SNTP client and NTP server. Otherwise, the SNTP client cannot be synchronized to the NTP server.

  • Page 147: Sntp Ipv6 Unicast-Server

    sntp ipv6 unicast-server Use sntpipv6 unicast-server to specify an IPv6 NTP server for the device. Use undo sntpipv6 unicast-serverto remove theIPv6 NTP server specified for the device. Syntax sntp ipv6 unicast-server { server-name | ipv6-address } [ vpn-instancevpn-instance-name ] [authentication-keyidkeyid|sourceinterface-type interface-number ]* undo sntp ipv6unicast-server { server-name|ipv6-address} [ vpn-instance vpn-instance-name] Default No IPv6 NTP server is specified.

  • Page 148: Sntp Reliable Authentication-Keyid

    If you include thevpn-instance vpn-instance-nameoption in the undo ntp-service unicast-server command, the command removes the NTP server with the IP address of ip-address in the specified VPN. If you do not include thevpn-instance vpn-instance-nameoption in the command, the command removes the NTP server with the IP address of ip-address in the public network. If the specified IPv6 address of the NTP server is a link local address, you must specify the source interface for NTP messages and cannot specify a VPN for the NTP server.

  • Page 149: Sntp Unicast-Server

    Examples # Enable NTP authentication, and specify the MD5 encryption algorithm, with the key ID of 37 and key value of BetterKey. <Sysname> system-view [Sysname] sntp authentication enable [Sysname] sntp authentication-keyid 37 authentication-mode md5 simple BetterKey # Specify this key as a trusted key. [Sysname] sntp reliable authentication-keyid 37 Related commands sntp authentication-keyid...
  • Page 150 sourceinterface-type interface-number: Specifies the source interface for NTP messages. In an NTP message the local device sends to the NTP server, the source IP address is the primary IP address of this interface. The interface-type interface-numberargument represents the interface type and number.

  • Page 151: Poe Commands

    PoE commands This feature is supported only by MSR958(JH301A) and PoE-capable routers installed with the following modules: • DSIC-9FSWP. • HMIM-24GSWP. • SIC-4FSWP. PoE-capable routers include the following models: • MSR3012/3024/3044/3064. • MSR4060/4080. Commands and descriptions for centralized devices apply to the following routers: •...

  • Page 152: Apply Poe-Profile Interface

    Views PI view Predefined user roles network-admin Parameters index index: Specifies a PoE profile by its index number in the range of 1 to 100. name profile-name: Specifies a PoE profile by its name, a case-sensitive string of 1 to 15 characters. Examples # Apply the PoE profile named forIPphone to GigabitEthernet 1/0/1.

  • Page 153: Display Poe Device

    the end interface number. If an interface in the specified range does not support PoE, it is ignored when the PoE profile is applied. Examples # Apply the PoE profile named forIPphone to GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] apply poe-profile name forIPphone interface gigabitethernet 1/0/1 # Apply the PoE profile with index number 1 to PIs GigabitEthernet 1/0/2 to GigabitEthernet 1/0/8.
  • Page 154 Examples # Display general PSE information. <Sysname> display poe device PSE ID Slot No. SSlot No. PortNum MaxPower(W) State Model LSP2LTSUC LSP2LTSUC # (Distributed devices in IRF mode.) Display general PSE information. <Sysname> display poe device Chassis 1: PSE ID Slot No.

  • Page 155: Display Poe Interface

    display poe interface Use display poe interface to display power supplying information for PIs. Syntax display poe interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays power supplying information for all PIs.
  • Page 156 Field Description Operating status of a PI: • Off—PoE is disabled. • On—Power is being supplied to the PI correctly. • Power-lack—Remaining guaranteed power is insufficient for a critical PI. • Oper Power-deny—The PSE refuses to supply power. The power required by the PD is higher than the configured power.

  • Page 157: Display Poe Interface Power

    On State Ports: 2; Used: 8.4(W); Remaining: 171.6(W) Table 23 Command output Field Description Interface Interface name of a PI. PoE status: • Enabled. • Disabled. Power priority of a PI: • Critical (highest). Priority • High. • Low. CurPower Current power of a PI.

  • Page 158: Display Poe Power-Usage

    Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays power information for all PIs. Examples # Display power information for GigabitEthernet 1/0/1. <Sysname> display poe interface power gigabitethernet 1/0/1 Interface Current Peak...
  • Page 159 display poe power-usage Distributed devices in IRF mode: display poe power-usage [ chassis chassis-number ] Centralized devices in IRF mode display poe power-usage [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify a member device, the command displays information about all PoE power supplies and PSEs in the IRF fabric.
  • Page 160 PSE ID Current Peak Average Remaining Powered Guaranteed(W) Ports Chassis 2 : PoE Current Power : 600 PoE Max Power : 2000 PoE Max Guaranteed Power : 1000 PoE Remaining Allocable Power : 800 PoE Remaining Guaranteed Power : 600 Powered PoE Ports : 60 Statistics by PSE:...

  • Page 161: Display Poe Pse

    Table 25 Command output Field Description PoE power and PSE power information for member device 1. Chassis 1 (Distributed devices in IRF mode.) PoE power and PSE power information for member device 1. Slot 1 (Centralized devices in IRF mode.) PoE Current Power Total power that has been consumed by PSEs.
  • Page 162 Parameters pse-id: Specifies a PSE by its ID. If you do not specify a PSE, this command displays information about all PSEs. Examples # Display detailed information about PSE 7. <Sysname> display poe pse 7 PSE ID Slot No. PSE Model : LSBMPOEGV48TP PSE Status : Enabled...

  • Page 163: Display Poe Pse Interface

    PD Power Policy : Disabled PD Disconnect Detection Mode : DC Table 26 Command output Field Description PSE ID ID of the PSE. Slot No. Slot number of the PSE. SSlot No. Subslot number of the PSE. Chassis In IRF mode, member ID of the device where the PSE resides. PoE status of the PSE: •...
  • Page 164 Views Any view Predefined user roles network-admin network-operator Parameters pse pse-id: Specifies a PSE ID. To display PSE ID and slot mappings, use the display poe device command. Examples # Display the status of all PIs on PSE 7. <Sysname> display poe pse 7 interface Interface Priority CurPower...

  • Page 165: Display Poe Pse Interface Power

    Field Description Operating status of a PI: • Off—PoE is disabled. • On—Power is being supplied to the PI correctly. • Power-lack—Remaining guaranteed power is insufficient for a critical PI. Oper • Power-deny—The PSE refuses to supply power. The power required by the PD is higher than the configured power.

  • Page 166: Display Poe-Power

    <Sysname> display poe pse 7 interface power Interface Current Peak PD Description GE1/0/25 IP Phone on Room 309 for Peter Smith GE1/0/26 15.4 IP Phone on Room 409 for Peter Pan GE1/0/27 15.0 15.3 15.4 Access Point on Room 509 for Peter GE1/0/28 IP Phone on Room 609 for Peter John GE1/0/29...
  • Page 167 Parameters chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify a member device, the command displays information about all PoE power supplies and PSEs in the IRF fabric. (Distributed devices in IRF mode.) slot slot-number: Specifies an IRF member device by its member ID.
  • Page 168 PoE Hardware Version : 0002 PoE Software Version : 0001 PoE Power Supplies PoE Power Supply 1: Manufacturer : Tyco Electronics Com Type : PSE2500-A Status : Normal PoE Power Supply 2: Manufacturer : Tyco Electronics Com Type : PSE2500-B Status : Normal Chassis 2 :...
  • Page 169 PoE Hardware Version : 0002 PoE Software Version : 0001 PoE Power Supplies PoE Power Supply 1: Manufacturer : Tyco Electronics Com Type : PSE2500-A Status : Normal PoE Power Supply 2: Manufacturer : Tyco Electronics Com Type : PSE2500-B Status : Normal Slot 2 :...

  • Page 170: Display Poe-Profile

    Field Description PoE Current Voltage Current PoE voltage. PoE Lower Input Threshold AC input under-voltage threshold. PoE Upper Input Threshold AC input over-voltage threshold. PoE Lower Output Threshold DC output under-voltage threshold. PoE Upper Output Threshold DC output over-voltage threshold. PoE Hardware Version PoE hardware version number.

  • Page 171: Display Poe-Profile Interface

    Usage guidelines If you do not specify a profile, the command displays information about all PoE profiles. Examples # Display information about all PoE profiles. <Sysname> display poe-profile PoE Profile Index ApplyNum Interfaces Configuration forIPphone GE1/0/5 poe enable GE1/0/6 poe priority critical GE1/0/7 GE1/0/8 GE1/0/9...

  • Page 172: Poe Disconnect

    Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. Examples # Display information about the PoE profile on GigabitEthernet 1/0/1. <Sysname> display poe-profile interface gigabitethernet 1/0/1 PoEProfile Index ApplyNum Interface Effective configuration forIPphone GE1/0/1...

  • Page 173: Poe Enable

    Examples # Set the PD disconnection detection mode to dc. <Sysname> system-view [Sysname] poe disconnect dc Related commands display poe pse poe enable Use poe enable to enable PoE on a PI. Use undo poe enable to disable PoE on a PI. Syntax poe enable undo poe enable...

  • Page 174: Poe Enable Pse

    poe enable pse Use poe enable pse to enable PoE for a PSE. Use undo poe enable pse to disable PoE for the PSE. Syntax poe enable pse pse-id undo poe enable pse pse-id Default PoE is disabled on PSEs. Views System view Predefined user roles...

  • Page 175: Poe Max-Power

    Parameters pse pse-id: Specifies a PSE by its ID. Examples # Enable PSE 7 to detect nonstandard PDs. <Sysname> system-view [Sysname] poe legacy enable pse 7 Related commands display poe pse poe max-power Use poe max-power to set the maximum PI power. Use undo poe max-power to restore the default.

  • Page 176: Poe Max-Power (System View)

    poe max-power (system view) Use poe max-power to set the maximum PSE power. Use undo poe max-power to restore the default. Syntax poe pse pse-id max-power max-power undo poe pse pse-id max-power Default The maximum PSE power is 37 watts. Views System view Predefined user roles...

  • Page 177: Poe Pd-Policy Priority

    undo poe pd-description Default No description is configured for the PD that connects to a PI. Views PI view Predefined user roles network-admin Parameters text: Configures a description for the PD connected to the PI, a case-sensitive string of 1 to 80 characters.

  • Page 178: Poe Priority

    <Sysname> system-view [Sysname] poe pd-policy priority Related commands poe priority poe priority Use poe priority to set the power supply priority for a PI. Use undo poe priority to restore the default. Syntax poe priority { critical | high | low } undo poe priority Default The power supply priority of a PI is low.

  • Page 179: Poe Priority (System View)

    <Sysname> system-view [Sysname] poe-profile abc [Sysname-poe-profile-abc-1] poe priority critical [Sysname-poe-profile-abc-1] quit [Sysname] interface gigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] apply poe-profile name abc Related commands poe pd-policy priority poe priority (system view) Use poe priority to set the power supply priority for a PSE. Use undo poe priority to restore the default.

  • Page 180: Poe Pse-Policy Priority

    • Supplies power to the PSE that has higher priority. Examples # Set the power supply priority of PSE 7 to critical. <Sysname> system-view [Sysname] poe priority critical pse 7 Related commands poe pse-policy priority poe pse-policy priority Use poe pse-policy priority to enable PSE power management. Use undo poe pse-policy priority to disable PSE power management.

  • Page 181: Poe-Profile

    Syntax poe update { full | refresh } filename [ pse pse-id ] Views System view Predefined user roles network-admin Parameters full: Upgrades the PSE firmware in full mode. refresh: Upgrades the PSE firmware in refresh mode. filename: Specifies the name of the upgrade file, a case-insensitive string of 1 to 64 characters. The specified file must be in the root directory of the file system of the device.

  • Page 182: Poe Utilization-Threshold

    Predefined user roles network-admin Parameters profile-name: Specifies a PoE profile name, a case-sensitive string of 1 to 15 characters. A PoE configuration file name begins with a letter and must not contain reserved keywords including undo, all, name, interface, user, poe, disable, max-power, mode, priority, or enable. index: Specifies the index number of a PoE profile, in the range of 1 to 100.
  • Page 183 Views System view Predefined user roles network-admin Parameters value: Specifies alarm threshold as a percentage of 1 to 99. pse pse-id: Specifies a PSE by its ID. Usage guidelines If PSE power usage crosses the threshold multiple times in succession, the system sends notification messages only for the first crossing.

  • Page 184: Snmp Commands

    SNMP commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. The SNMP agent sends notifications (traps and informs) to inform the NMS of significant events, such as link state changes and user logins or logouts.
  • Page 185 Storage-type: nonVolatile Context name: con1 Community name: bb Role name: bb Storage-type: nonVolatile Community name: userv1 Group name: testv1 Storage type: nonvolatile Community name: cc Group name: cc ACL name: testacl Storage type: nonVolatile Table 31 Command output Field Description Community name created by using the snmp-agent community command or Community name username created by using the snmp-agent usm-user { v1 | v2c } command.

  • Page 186: Display Snmp-Agent Context

    Field Description SNMP context: • If a mapping between an SNMP community and an SNMP context is configured, Context name the SNMP context is displayed. • If no mapping between an SNMP community and an SNMP context exists, this field is empty. Related commands snmp-agent community snmp-agent usm-user { v1 | v2c }...
  • Page 187 Views Any view Predefined user roles network-admin network-operator Parameters group-name: Specifies an SNMPv1, SNMPv2c, or SNMPv3 group name in non-FIPS mode, and an SNMPv3 group name in FIPS mode. It is a case-sensitive string of 1 to 32 characters. If no group is specified, this command displays information about all SNMP groups.

  • Page 188: Display Snmp-Agent Local-Engineid

    Related commands snmp-agent group display snmp-agent local-engineid Use display snmp-agent local-engineid to display the local SNMP engine ID. Syntax display snmp-agent local-engineid Views Any view Predefined user roles network-admin network-operator Usage guidelines Every SNMP agent has one SNMP engine to provide services for sending and receiving messages, authenticating and encrypting messages, and controlling access to managed objects.
  • Page 189 Parameters details: Specifies detailed MIB node information, including node name, last octet of an OID string, and name of the next leaf node. index-node: Specifies SNMP MIB tables, and node names and OIDs of MIB index nodes. trap-node: Specifies node names and OIDs of MIB notification nodes, and node names and OIDs of notification objects.
  • Page 190 Field Description Leaf node or MIB table node. # Display detailed MIB node information. <Sysname> display snmp-agent mib-node details iso(1)(lldpMessageTxInterval) |-std(0)(lldpMessageTxInterval) |-iso8802(8802)(lldpMessageTxInterval) |-ieee802dot1(1)(lldpMessageTxInterval) |-ieee802dot1mibs(1)(lldpMessageTxInterval) |-lldpMIB(2)(lldpMessageTxInterval) |-lldpNotifications(0)(lldpMessageTxInterval) |-lldpNotificationPrefix(0)(lldpMessageTxInterval) |-lldpRemTablesChange(1)(NULL) |-lldpObjects(1)(lldpMessageTxInterval) |-lldpConfiguration(1)(lldpMessageTxInterval) |-*lldpMessageTxInterval(1)(lldpMessageTxHoldMultiplier) |-*lldpMessageTxHoldMultiplier(2)(lldpReinitDelay) |-*lldpReinitDelay(3)(lldpTxDelay) |-*lldpTxDelay(4)(lldpNotificationInterval) |-*lldpNotificationInterval(5)(lldpPortConfigPortNum) |-lldpPortConfigTable(6)(lldpPortConfigPortNum) |-lldpPortConfigEntry(1)(lldpPortConfigPortNum) |-*lldpPortConfigPortNum(1)(lldpPortConfigAdminStatus) |-*lldpPortConfigAdminStatus(2)(lldpPortConfigNotificationEnable) |-*lldpPortConfigNotificationEnable(3)(lldpPortConfigTLVsTxEnable) |-*lldpPortConfigTLVsTxEnable(4)(lldpConfigManAddrPortsTxEnable) Table 34 Command output Field...
  • Page 191 Table |lldpStatsTxPortTable Index ||lldpStatsTxPortNum 1.0.8802.1.1.2.1.2.6.1.1 Table |lldpStatsRxPortTable Index ||lldpStatsRxPortNum 1.0.8802.1.1.2.1.2.7.1.1 Table |lldpLocPortTable Index ||lldpLocPortNum 1.0.8802.1.1.2.1.3.7.1.1 Table 35 Command output Field Description Table MIB table name. Index Name of a MIB index node. OID of a MIB index node. # Display names and OIDs of MIB notification nodes, and names and OIDs of notification objects. <Sysname>...
  • Page 192 ||||1.3.6.1.2.1.10.166.11.1.2.1.1.5 Name |||mplsL3VpnVrfOperStatus ||||1.3.6.1.2.1.10.166.11.1.2.2.1.6 Table 36 Command output Field Description Name Name of a MIB notification node. OID of a MIB notification node. Trap Object Name and OID of a notification object. # Display detailed information about SNMP MIB nodes, including node names, OIDs, node types, permissions to MIB nodes, data types, MORs, and parent, child, and sibling nodes.
  • Page 193 Index ||[indexImplied:0, indexLength:1]: Name |lldpPortConfigPortNum ||1.0.8802.1.1.2.1.1.6.1.1 Properties ||NodeType: Column ||AccessType: NA ||DataType: Integer32 ||MOR: 0x020c1201 Parent ||lldpPortConfigEntry First child Next leaf ||lldpPortConfigAdminStatus Next sibling ||lldpPortConfigAdminStatus Allow ||get/set/getnext Index ||[indexImplied:0, indexLength:1]: Value range [1..4096] Name |lldpPortConfigAdminStatus ||1.0.8802.1.1.2.1.1.6.1.2 Properties ||NodeType: Column ||AccessType: RW ||DataType: Integer ||MOR:...

  • Page 194: Display Snmp-Agent Mib-View

    Field Description Permissions to MIB nodes: • NA—Not accessible. • NF—Supports notifications. • AccessType RO—Supports read-only access. • RW—Supports read and write access. • RC—Supports read-write-create access. • WO—Supports write-only access. Data types of MIB nodes: • Integer—An integer. • Integer32—A 32-bit integer.
  • Page 195 Syntax display snmp-agent mib-view [ exclude | include | viewname view-name ] Views Any view Predefined user roles network-admin network-operator Parameters exclude: Displays the subtrees excluded from any MIB view. include: Displays the subtrees included in any MIB view. viewname view-name: Displays information about the specified MIB view. The view-name argument is a case-sensitive string of 1 to 32 characters.

  • Page 196: Display Snmp-Agent Remote

    View Type: excluded View status: active ViewDefault is the default MIB view. The output shows that except for the MIB objects in the snmpUsmMIB, snmpVacmMIB, and snmpModules.18 subtrees, all the MIB objects in the iso subtree are accessible. Table 38 Command output Field Description View name...

  • Page 197: Display Snmp-Agent Statistics

    vpn-instance vpn-instance-name: Specifies the VPN for a remote SNMP entity. The vpn-instance-name argument specifies the name of the MPLS L3VPN, a case-sensitive string of 1 to 31 characters. If this parameter is not specified, the remote SNMP entity is in the public network. Usage guidelines Every SNMP agent has one SNMP engine to provide services for sending and receiving messages, authenticating and encrypting messages, and controlling access to managed objects.
  • Page 198 <Sysname> display snmp-agent statistics 1684 messages delivered to the SNMP entity. 5 messages were for an unsupported version. 0 messages used an unknown SNMP community name. 0 messages represented an illegal operation for the community supplied. 0 ASN.1 or BER errors in the process of decoding. 1679 messages passed from the SNMP entity.

  • Page 199: Display Snmp-Agent Sys-Info

    Field Description Number of getNext requests that have been GetNextRequest-PDU accepted and processed received and processed. Number of getBulk requests that have been GetBulkRequest-PDU accepted and processed received and processed. Number of get responses that have been GetResponse-PDU accepted and processed received and processed.

  • Page 200: Display Snmp-Agent Trap Queue

    The location information of the agent: The SNMP version of the agent: SNMPv3 Related commands snmp-agent sys-info display snmp-agent trap queue Use display snmp-agent trap queue to display basic information about the trap queue, including the queue size and number of traps in the queue. Syntax display snmp-agent trap queue Views...

  • Page 201: Display Snmp-Agent Usm-User

    Usage guidelines You can use the snmp-agent trap enable command to enable or disable the notification function of a module. For a module that has sub-modules, the notification function status is enable if the trap function of any of its sub-modules is enabled. Examples # Display the modules that can generate notification and their notification function status.
  • Page 202 username user-name: Displays information about the specified SNMPv3 user. The username is case sensitive. Usage guidelines This command displays only SNMPv3 users that you have created by using the snmp-agent usm-user v3 command. To display SNMPv1 or SNMPv2c users created by using the snmp-agent usm-user { v1 | v2c } command, use the display snmp-agent community command.

  • Page 203: Enable Snmp Trap Updown

    Field Description Storage type: • volatile. • nonvolatile. • permanent. Storage type • readOnly. • other. Table For more information about these storage types, see SNMP user status: • active—The SNMP user is effective. • notInService—The SNMP user is correctly configured but not activated. •...

  • Page 204: Snmp-Agent

    Usage guidelines For an interface to generate linkUp/linkDown notifications when its state changes, you must also enable the linkUp/linkDown notification function globally by using the snmp-agent trap enable standard [ linkdown | linkup ] * command. Examples # Enable GigabitEthernet 1/0/1 to send linkUp/linkDown SNMP traps to 10.1.1.1 in the community public.

  • Page 205: Snmp-Agent Calculate-Password

    snmp-agent calculate-password Use snmp-agent calculate-password to calculate a digest for the encrypted from of an authentication or privacy key in plaintext form. Syntax In non-FIPS mode: snmp-agent calculate-password plain-password mode { 3desmd5 | 3dessha | md5 | sha } { local-engineid | specified-engineid engineid } In FIPS mode: snmp-agent calculate-password...

  • Page 206: Snmp-Agent Community

    Usage guidelines Make sure the SNMP agent is enabled before you execute the snmp-agent calculate-password command. For security purposes, use this command to calculate digests for ciphertext authentication and privacy keys when you create SNMPv3 users by using the snmp-agent usm-user v3 command. The converted key is valid only under the engine ID specified for key conversion.
  • Page 207 Parameters read: Assigns the specified community read-only access to MIB objects. A read-only community can only inquire MIB information. write: Assigns the specified community read and write access to MIB objects. A read and write community can configure MIB information. simple: Specifies a community name in plaintext form.
  • Page 208 • Role based access control—RBAC mode controls access to MIB objects by assigning user roles to SNMP communities. The network-admin, mdc-admin, and level-15 user roles have the read and write access to all MIB objects. The network-operator user role and mdc-operator user role have the read-only access to all MIB objects.

  • Page 209: Snmp-Agent Community-Map

    [Sysname] snmp-agent community write simple writeaccess acl 2001 # Create the read and write community writeaccess in plain text so only the SNMPv2c NMS at 1.1.1.2 can use the community name writeaccess to read or set the MIB objects in the default view ViewDefault.

  • Page 210: Snmp-Agent Context

    context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters. Usage guidelines This command enables a module on an agent to obtain the context mapped to a community name when an NMS accesses the agent by using SNMPv1 or SNMPv2c. You can configure a maximum of 10 community-context mappings on the device.

  • Page 211: Snmp-Agent Group

    Related commands display snmp-agent context snmp-agent group Use snmp-agent group to create an SNMP group. Use undo snmp-agent group to delete an SNMP group. Syntax SNMPv1 and SNMP v2c: snmp-agent group { v1 | v2c } group-name [ read-view view-name ] [ write-view view-name ] [ notify-view view-name ] [ acl { ipv4-acl-number | name ipv4-acl-name } | acl ipv6 { ipv6-acl-number | name ipv6-acl-name } ] * undo snmp-agent group { v1 | v2c } group-name...
  • Page 212 read-view view-name: Specifies a read-only MIB view. The view-name represents a MIB view name, a string of 1 to 32 characters. If no read-only MIB view is specified, the SNMP group has read access to the default view ViewDefault. write-view view-name: Specifies a read and write MIB view. The view-name represents a MIB view name, a string of 1 to 32 characters.

  • Page 213: Snmp-Agent Local-Engineid

    Security model Security key Security model keyword for the settings for the Remarks group user If no authentication key is configured, SNMP communication will fail. Authentication without authentication Authentication key privacy The privacy key (if any) for the user does not take effect.

  • Page 214: Snmp-Agent Log

    Default The engine ID of a device is the combination of the company ID and the device ID. The device ID varies by device model. Views System view Predefined user roles network-admin Parameters engineid: Specifies an SNMP engine ID, a hexadecimal string. Its length is an even number in the range of 10 to 64.

  • Page 215: Snmp-Agent Mib-View

    Parameters all: Enables logging SNMP authentication failures, Get operations, and Set operations. authfail: Enables logging SNMP authentication failures. get-operation: Enables logging SNMP Get operations. set-operation: Enables logging SNMP Set operations. Usage guidelines Use SNMP logging to record the SNMP operations performed on the SNMP agent or authentication failures from the NMS to the agent for auditing NMS behaviors.

  • Page 216: Snmp-Agent Packet Max-Size

    Parameters excluded: Denies access to any node in the specified MIB subtree. included: Permits access to all the nodes in the specified MIB subtree. view-name: Specifies a view name, a string of 1 to 32 characters. oid-tree: Specifies a MIB subtree by its root node's OID (for example, 1.3.6.1.2.1.1) or object name (for example, system), a case-sensitive string of 1 to 255 characters.

  • Page 217: Snmp-Agent Port

    Use undo snmp-agent packet max-size to restore the default. Syntax snmp-agent packet max-size byte-count undo snmp-agent packet max-size Default An SNMP agent can process SNMP packets with a maximum size of 1500 bytes. Views System view Predefined user roles network-admin Parameters byte-count: Sets the maximum size (in bytes) of SNMP packets that the SNMP agent can receive or send.

  • Page 218: Snmp-Agent Remote

    Parameters port-num: Specifies the UDP port for receiving SNMP packets, in the range of 1 to 65535. The default is 161. Usage guidelines After changing the port number for receiving SNMP packets, reconnect the device by using the port number for SNMP get and set operations. To display UDP port information, use the display current-configuration command.

  • Page 219: Snmp-Agent { Inform | Trap } Source

    Usage guidelines To send informs to an NMS, you must configure the SNMP engine ID of the NMS on the SNMP agent. The NMS accepts the SNMPv3 informs from the SNMP agent only if the engine ID in the informs is the same as its local engine ID.

  • Page 220: Snmp-Agent Sys-Info Contact

    Usage guidelines The snmp-agent source command enables the SNMP agent to use the primary IP address of an interface or subinterface as the source IP address in all its SNMP informs or traps, regardless of their outgoing interfaces. An NMS can use this IP address to filter all the informs or traps sent by the SNMP agent.

  • Page 221: Snmp-Agent Sys-Info Location

    Examples # Configure the system contact as Dial System Operator # 27345. <Sysname> system-view [Sysname] snmp-agent sys-info contact Dial System Operator # 27345 Related commands display snmp-agent sys-info snmp-agent sys-info location Use snmp-agent sys-info location to configure the system location. Use undo snmp-agent sys-info location to restore the default location.

  • Page 222: Snmp-Agent Target-Host

    Syntax In non-FIPS mode: snmp-agent sys-info contact version { all | { v1 | v2c | v3 } * } undo snmp-agent sys-info version { all | { v1 | v2c | v3 } * } In FIPS mode: snmp-agent sys-info version v3 undo snmp-agent sys-info version v3 Default SNMPv3 is enabled.
  • Page 223 snmp-agent target-host inform address udp-domain { ipv4-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string { v2c | v3 [ authentication | privacy ] } snmp-agent target-host trap address udp-domain { ipv4-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string [ v1 | v2c | v3 [ authentication | privacy ] ] undo snmp-agent target-host { trap | inform } address udp-domain { ipv4-address | ipv6...
  • Page 224 udp-port port-number: Specifies the UDP port for SNMP notifications. If no UDP port is specified, UDP port 162 is used. vpn-instance vpn-instance-name: Specifies the VPN for the target host. The vpn-instance-name argument specifies the name of the MPLS L3VPN, a case-sensitive string of 1 to 31 characters. If this parameter is not specified, the target host is in the public network.

  • Page 225: Snmp-Agent Trap Enable

    snmp-agent trap enable Use snmp-agent trap enable to enable SNMP notifications. Use undo snmp-agent trap enable to disable SNMP notifications. Syntax snmp-agent trap enable [ configuration | protocol | standard [ authentication | coldstart | linkdown | linkup | warmstart ] * | system ] undo snmp-agent trap enable [ configuration | protocol | standard [ authentication | coldstart | linkdown | linkup | warmstart ] * | system ] Default...

  • Page 226: Snmp-Agent Trap If-Mib Link Extended

    You can use the snmp-agent target-host command to enable the device to send the notifications as informs or traps to a host. If no optional parameters are specified, this command or its undo form enables or disables all SNMP notifications supported by the device. Examples # Enable the SNMP agent to send SNMP authentication failure traps to 10.1.1.1 in the community public.

  • Page 227: Snmp-Agent Trap Life

    snmp-agent trap life Use snmp-agent trap life to set the lifetime of notifications in the SNMP notification queue. Use undo snmp-agent trap life to restore the default notification lifetime. Syntax snmp-agent trap life seconds undo snmp-agent trap life Default The SNMP notification lifetime is 120 seconds. Views System view Predefined user roles...

  • Page 228: Snmp-Agent Trap Queue-Size

    Default SNMP notification logging is disabled. Views System view Predefined user roles network-admin Usage guidelines Use SNMP notification logging to record SNMP notifications sent by the SNMP agent for notification tracking. The SNMP agent sends the logs to the information center. You can configure the information center to output the logs to a destination as needed.

  • Page 229: Snmp-Agent Usm-User { V1 | V2C

    Examples # Set the SNMP notification queue size to 200. <Sysname> system-view [Sysname] snmp-agent trap queue-size 200 Related commands snmp-agent target-host snmp-agent trap enable snmp-agent trap life snmp-agent usm-user { v1 | v2c } Use snmp-agent usm-user { v1 | v2c } to create an SNMPv1 or SNMPv2c user. Use undo snmp-agent usm-user { v1 | v2c } to delete an SNMPv1 or SNMPv2c user.
  • Page 230 ipv6-acl-number: Specifies a basic IPv6 ACL by its number in the range of 2000 to 2999. name ipv6-acl-name: Specifies a basic IPv6 ACL for the user. The ipv6-acl-name argument represents a basic IPv6 ACL name, a case-insensitive string of 1 to 63 characters. Usage guidelines This command is not available in FIPS mode.

  • Page 231: Snmp-Agent Usm-User V3

    [Sysname] acl basic name testacl [Sysname-acl-ipv4-basic-testacl] rule permit source 1.1.1.2 0.0.0.0 [Sysname-acl-ipv4-basic-testacl] rule deny source any [Sysname-acl-ipv4-basic-testacl] quit [Sysname] snmp-agent sys-info version v2c [Sysname] snmp-agent group v2c readCom [Sysname] snmp-agent usm-user v2c userv2c readCom acl name testacl Related commands display snmp-agent community snmp-agent community snmp-agent group snmp-agent usm-user v3...
  • Page 232 In FIPS mode (in RBAC mode): snmp-agent usm-user v3 user-name user-role role-name [ remote { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] ] [ { cipher | simple } authentication-mode sha auth-password [ privacy-mode aes128 priv-password ] ] [ acl { ipv4-acl-number | name ipv4-acl-name } | acl ipv6 { ipv6-acl-number | name ipv6-acl-name } ] * undo snmp-agent usm-user v3 user-name { local | engineid engineid-string | remote { ipv4-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] }...
  • Page 233 • The plaintext form of the key in non-FIPS mode is a string of 1 to 64 characters. The plaintext form of the key in FIPS mode is a string of 15 to 64 characters, which must contain numbers, uppercase letters, lowercase letters, and special characters. •...
  • Page 234 name ipv6-acl-name: Specifies a basic IPv6 ACL for the user. The ipv6-acl-name argument represents a basic IPv6 ACL name, a case-insensitive string of 1 to 63 characters. local: Specifies the local SNMP engine. By default, an SNMPv3 user is associated with the local SNMP engine.
  • Page 235 For more information about ACL, see ACL and QoS Configuration Guide. Examples In VACM mode: # Add the user testUser to the SNMPv3 group testGroup, and enable the authentication without privacy security model for the group. Specify the authentication algorithm SHA-1 and the authentication key 123456TESTplat&! in plain text for the user.

  • Page 236: Snmp-Agent Usm-User V3 User-Role

    # Create the SNMPv3 user testUser with the user role network-operator and enable the authentication without privacy security model for the user. Specify the authentication algorithm SHA-1 and the authentication key 123456TESTplat&! in plain text for the user. <Sysname> system-view [Sysname] snmp-agent usm-user v3 testUser user-role network-operator simple authentication-mode sha 123456TESTplat&! # For an NMS to have read-only access to all MIB objects, make sure the following configurations on...
  • Page 237 Usage guidelines You can assign a maximum of 64 user roles to an SNMPv3 user. An SNMPv3 user must have a minimum of one user role. Examples # Assign the user role testRole2 to the SNMPv3 user testUser. <Sysname> system-view [Sysname] snmp-agent usm-user v3 testUser user-role testRole2 Related commands snmp-agent usm-user v3...

  • Page 238: Rmon Commands

    RMON commands display rmon alarm Use display rmon alarm to display information about RMON alarm entries. Syntax display rmon alarm [ entry-number ] Views Any view Predefined user roles network-admin network-operator Parameters entry-number: Specifies an alarm entry by its index in the range of 1 to 65535. If you do not specify an entry, the command displays all RMON alarm entries.

  • Page 239: Display Rmon Event

    Field Description Sample type: • absolute—RMON compares the value of the variable with the rising and falling thresholds at the end of the sampling interval. Sample type • delta—RMON subtracts the value of the variable at the previous sample from the current value, and then compares the difference with the rising and falling thresholds.
  • Page 240 Syntax display rmon event [ entry-number ] Views Any view Predefined user roles network-admin network-operator Parameters entry-number: Specifies an event entry by its index in the range of 1 to 65535. If you do not specify an entry, the command displays all event entries. Usage guidelines An event entry includes the following information: •...

  • Page 241: Display Rmon Eventlog

    Field Description SNMP community name for the RMON event. You can specify an SNMP community name when you create an RMON event entry, but the setting does Community not take effect. The system always uses the settings configured with the SNMP feature when it sends RMON event notifications.

  • Page 242: Display Rmon History

    Description: The 1.3.6.1.2.1.16.1.1.1.4.5 defined in alarmEntry 77, uprise 16760000 with alarm value 16776314. Alarm sample type is absolute. LogEntry 99.2 created at 50days 09h:11m:13s uptime. Description: The 1.3.6.1.2.1.16.1.1.1.4.5 defined in alarmEntry 77, less than(or =) 20000000 with alarm value 16951648. Alarm sample type is absolute. LogEntry 99.3 created at 50days 09h:18m:43s uptime.
  • Page 243 Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, the command displays history samples for all interfaces that have an RMON history control entry. Usage guidelines RMON uses the etherHistoryTable object to store the history samples of Ethernet statistics for Ethernet interfaces.
  • Page 244 Sampling interval : 9(sec) with 1 buckets max Sampling record 1 : dropevents , octets : 1150 packets : 12 , broadcast packets multicast packets : 8 , CRC alignment errors : 0 undersize packets : 0 , oversize packets fragments , jabbers collisions...

  • Page 245: Display Rmon Prialarm

    Field Description Number of oversize packets received during the sampling interval. oversize packets Oversize packets are longer than 1518 octets (excluding framing bits but including FCS octets). Number of undersize packets with CRC errors received during the sampling fragments interval. Number of oversize packets with CRC errors received during the sampling jabbers interval.
  • Page 246 Table 50 Command output Field Description Alarm entry owner and status: • entry-number—Alarm entry index. • owner—Entry owner. • status—Entry status: VALID—The entry is valid. PrialarmEntry entry-number UNDERCREATION—The entry is invalid. owned by owner is status. The status field is not configurable at the CLI. All alarm entries created from the CLI are valid by default.

  • Page 247: Display Rmon Statistics

    Field Description Alarm that can be generated when the entry becomes valid: • risingAlarm—Generates a rising alarm if the first sample after the entry becomes valid is greater than or equal to the rising threshold. • fallingAlarm—Generates a falling alarm if the first sample after the Alarm sent upon entry entry becomes valid is less than or equal to the rising threshold.
  • Page 248 <Sysname> display rmon statistics gigabitethernet 1/0/1 EtherStatsEntry 1 owned by user1 is VALID. Interface : GigabitEthernet1/0/1<ifIndex.3> etherStatsOctets : 43393306 , etherStatsPkts : 619825 etherStatsBroadcastPkts : 503581 , etherStatsMulticastPkts : 44013 etherStatsUndersizePkts , etherStatsOversizePkts etherStatsFragments , etherStatsJabbers etherStatsCRCAlignErrors : 0 , etherStatsCollisions etherStatsDropEvents (insufficient resources): 0 Incoming packets by size: 65-127...

  • Page 249: Rmon Alarm

    Field Description Incoming-packet statistics by packet length: • 64—Number of packets with a length less than or equal to 64 bytes. • 65-127—Number of 65- to 127-byte packets.. • Incoming packets by size: 128-255—Number of 128- to 255-byte packets. • 256-511—Number of 256- to 511-byte packets.
  • Page 250 Format Examples etherStatsOctets.1 etherStatsPkts.1 etherStatsBroadcastPkts.1 Object name.instance ifInOctets.1 ifInUcastPkts.1 ifInNUcastPkts.1 sampling-interval: Sets the sampling interval in the range of 5 to 65535 seconds. absolute: Specifies absolute sampling. RMON compares the value of the variable with the rising and falling thresholds at the end of the sampling interval. delta: Specifies delta sampling.

  • Page 251: Rmon Event

    To trigger the event associated with an alarm condition, you must create the event with the rmon event command. RMON samples the monitored alarm variable at the specified sampling interval, compares the sampled value with the predefined thresholds, and does one of the following: •...
  • Page 252 Views System view Predefined user roles network-admin Parameters entry-number: Specifies an event entry index in the range of 1 to 65535. description string: Configures an event description, a case-sensitive string of 1 to 127 characters. log: Logs the event when it occurs. log-trap: Logs the event and sends an SNMP notification when the event occurs.

  • Page 253: Rmon History

    rmon history Use rmon history to create an RMON history control entry. Use undo rmon history to remove an RMON history control entry. Syntax rmon history entry-number buckets number interval interval [ owner text ] undo rmon history entry-number Default No RMON history control entries exist.

  • Page 254: Rmon Prialarm

    Related commands display rmon history rmon prialarm Use rmon prialarm to create an RMON private alarm entry. Use undo rmon prialarm to remove an RMON private alarm entry. Syntax rmon prialarm entry-number prialarm-formula prialarm-des sampling-interval { absolute | delta } [ startup-alarm { falling | rising | rising-falling } ] rising-threshold threshold-value1 event-entry1 falling-threshold threshold-value2 event-entry2 entrytype { forever | cycle cycle-period } [ owner text ]...
  • Page 255 • Generates a rising alarm if the first sample crosses the rising threshold. • Generates a falling alarm if the first sample crosses the falling threshold. rising: Generates a rising alarm if the first sample after the entry becomes valid is greater than or equal to the rising threshold.

  • Page 256: Rmon Statistics

    Triggers the event associated with the rising alarm event if the result is equal to or greater than the rising threshold. Triggers the event associated with the falling alarm event if the result is equal to or less than the falling threshold. Examples # Add a permanent private alarm entry to monitor the ratio of incoming broadcasts to the total number of incoming packets on GigabitEthernet 1/0/1.
  • Page 257 Predefined user roles network-admin Parameters entry-number: Specifies a statistics entry index in the range of 1 to 65535. owner text: Specifies the entry owner, a case-sensitive string of 1 to 127 characters. Usage guidelines You can create RMON statistics entries only for Layer 2 or Layer 3 Ethernet interfaces. You can create one statistics entry for each Ethernet interface, and a maximum of 100 statistics entries on the device.

  • Page 258: Event Mib Commands

    Event MIB commands action Use action to set an action for an event. Use undo action to remove an action. Syntax action { notification | set } undo action { notification | set } Default An event does not have an action. Views Event view Predefined user roles...

  • Page 259: Comparison

    [Sysname-event-owner1-EventA-set] oid ipForwarding.0 [Sysname-event-owner1-EventA-set] value 2 Related commands event enable snmp mib event comparison Use comparison to specify a Boolean comparison type for the sampled value and the reference value. Use undo comparison to restore the default. Syntax comparison { equal | greater | greaterorequal | less | lessorequal | unequal } undo comparison Default The Boolean comparison type is unequal.

  • Page 260: Context (Action-Set View)

    For an event to be triggered at the first sampling, execute the startup enable command. Examples # Specify the Boolean comparison type as unequal. <Sysname> system-view [Sysname] snmp mib event trigger owner owner1 name triggerA [Sysname-trigger-owner1-triggerA] test boolean [Sysname-trigger-owner1-triggerA-boolean] comparison unequal Related commands snmp mib event trigger test...

  • Page 261: Context (Trigger View)

    wildcard context context (trigger view) Use context to configure a context for a monitored object. Use undo context to restore the default. Syntax context context-name undo context Default A monitored object does not have a context. Views Trigger view Predefined user roles network-admin Parameters context-name: Specifies a context, a case-sensitive string of 1 to 32 characters.

  • Page 262: Delta Rising

    Default The delta falling threshold is 0, and no falling event is specified. Views Trigger-threshold view Predefined user roles network-admin Parameters event owner event-owner name event-name: Specifies an event by its owner and its name. Use the trigger owner as the event owner. The event-name argument is a case-sensitive string of 1 to 32 characters.

  • Page 263: Description (Event View)

    Views Trigger-threshold view Predefined user roles network-admin Parameters event owner event-owner name event-name: Specifies an event by its owner and its name. Use the trigger owner as the event owner. The event-name argument is a case-sensitive string of 1 to 32 characters.

  • Page 264: Description (Trigger View)

    Views Event view Predefined user roles network-admin Parameters text: Specifies a description, a case-sensitive string of 1 to 255 characters. Examples # Configure the description EventA is an RMON event for the event with the owner owner1 and the name eventA. <Sysname>...

  • Page 265: Display Snmp Mib Event

    Related commands snmp mib event trigger display snmp mib event Use display snmp mib event to display Event MIB configuration and statistics. Syntax display snmp mib event Views Any view Predefined user roles network-admin network-operator Examples # Display Event MIB configuration and statistics. <Sysname>...

  • Page 266: Display Snmp Mib Event Event

    EvtComment : event is to set ifAdminStatus EvtAction : Notification | Set EvtEnabled : true Notification entry: NotifyOID : 1.3.6.1.2.1.88.2.0.1<mteTriggerFired> NotifyObjOwner : N/A NotifyObjName : N/A Set entry: SetObj : 1.3.6.1.2.1.2.2.1.7<ifAdminStatus> SetObjWildcard : true SetValue SetTargetTag : N/A SetContextName : context1 SetContextNameWildcard : false Object list objectA owned by owner3:...
  • Page 267 1 to 32 characters. If you do not specify an event, this command displays information about all events and event actions. Examples # Display information about the event with the owner owner2 and name eventA and the event actions. <Sysname> display snmp mib event event owner owner2 name eventA Event entry eventA owned by owner2: EvtComment : event is to set ifAdminStatus...

  • Page 268: Display Snmp Mib Event Object List

    Field Description SetContextName Context for the set-action object. Wildcarding option for the context • SetContextNameWildcard false—Specifies a context. • true—Enables wildcard search for the context. Related commands snmp mib event display snmp mib event object list Use display snmp mib event event to display information about object lists. Syntax display snmp mib event object list [ owner objects-owner name objects-name ] Views...

  • Page 269: Display Snmp Mib Event Summary

    Field Description Wildcarding option for the OID: • ObjIDWildcard false—Specifies the OID. • true—Enables wildcarded search for the OID. Related commands snmp mib event object list display snmp mib event summary Use display snmp mib event summary to display the Event MIB brief information. Syntax display snmp mib event summary Views...

  • Page 270: Display Snmp Mib Event Trigger

    Related commands display snmp mib event display snmp mib event trigger Use display snmp mib event trigger to display information about a trigger and the trigger tests. Syntax display snmp mib event trigger [ owner trigger-owner name trigger-name ] Views Any view Predefined user roles network-admin...
  • Page 271 Boolean entry: BoolCmp : unequal BoolValue BoolStartUp : true BoolObjOwner : owner1 BoolObjName : Objects1 BoolEvtOwner : N/A BoolEvtName : N/A Threshold entry: ThresStartUp : falling ThresRising : 40 ThresFalling : 20 ThresDeltaRising : 40 ThresDeltaFalling : 20 ThresObjOwner : N/A ThresObjName : N/A ThresRisEvtOwner...
  • Page 272 Field Description TriggerObjOwner Owner of the trigger object. TriggerObjName Name of the trigger object. Trigger status: • TriggerEnabled Enabled. • Disabled. Existence entry Type of the existence test: • present. ExiTest • absent. • changed. Type of the existence test for the first sampling: •...

  • Page 273: Event Enable

    Field Description ThresDeltaFalling Delta falling threshold. ThresObjOwner Owner of the threshold test object. ThresObjName Name of the threshold test object. ThresRisEvtOwner Owner of the rising event. ThresRisEvtName Name of the rising event. ThresFalEvtOwner Owner of the falling event. ThresFalEvtName Name of the falling event. ThresDeltaRisEvtOwner Owner of the Delta rising event.

  • Page 274: Event Owner (Trigger-Boolean View)

    Related commands action snmp mib event event owner (trigger-Boolean view) Use event owner to specify an event for a Boolean test. Use undo event to restore the default. Syntax event owner event-owner name event-name undo event Default No event is specified for a Boolean test. Views Trigger-Boolean view Predefined user roles...

  • Page 275: Falling

    Syntax event owner event-owner name event-name undo event Default No event is specified for an existence test. Views Trigger-existence view Predefined user roles network-admin Parameters event owner event-owner: Specifies the owner of an event. Use the trigger owner as the event owner.

  • Page 276: Frequency

    Parameters event owner event-owner: Specifies the owner of an event. Use the trigger owner as the event owner. name event-name: Specifies the name of an event, a case-sensitive string of 1 to 32 characters. value integer-value: Specifies a falling threshold in the range of –2147483648 to 2147483647. The value must be smaller than or equal to the rising threshold.

  • Page 277: Object List (Action-Notification View)

    Parameters interval: Specifies a sampling interval in the range of 1 to 4294967295 seconds. The sampling interval must be greater than or equal to the minimum sampling interval. Usage guidelines To set the minimum sampling interval, execute the snmp mib event sample minimum command. To avoid sampling failure, do not set the sampling interval too small when there are a large number of sampled objects.

  • Page 278: Object List (Trigger View)

    For more information, see "object list (trigger view)." Examples # Specify the object list with the owner owner1 and name listA for an event with the owner owner1 and name EventA. <Sysname> system-view [Sysname] snmp mib event owner owner1 name EventA [Sysname-event-owner1-EventA] action notification [Sysname-event-owner1-EventA-notification] object list owner owner1 name listA Related commands...

  • Page 279: Object List (Trigger-Boolean View)

    Examples # Specify the object list with the owner owner1 and name objectA for a trigger. <Sysname> system-view [Sysname] snmp mib event trigger owner owner1 name triggerA [Sysname-trigger-owner1-triggerA] object list owner owner1 name objectA Related commands snmp mib event trigger object list (trigger-Boolean view) Use object list to specify an object list for a Boolean trigger test.

  • Page 280: Object List (Trigger-Existence View)

    object list (trigger-existence view) Use object list to specify an object list for a Boolean trigger test. The objects in the list will be added to the notification triggered by the test. Use undo object list to restore the default. Syntax object list owner objects-owner name objects-name undo object list...

  • Page 281: Oid (Action-Notification View)

    undo object list Default No object list is specified for a trigger-threshold test. Views Trigger-threshold view Predefined user roles network-admin Parameters owner objects-owner: Specifies an object list owner. Use the trigger owner as the object list owner. name objects-name: Specifies an object list name, a case-sensitive string of 1 to 32 characters. Usage guidelines For more information, see "object list (trigger view)."...

  • Page 282: Oid (Action-Set View)

    Parameters object-identifier: Specifies a notification OID, a case-sensitive string of 1 to 255 characters. It must be a trap node. Usage guidelines The notification OID configured by using this command will be carried in the notification when the notification action is taken. Examples # Specify the notification OID 1.3.6.1.2.1.14.16.2.1 for the event with the owner owner1 and name EventA.

  • Page 283: Oid (Trigger View)

    <Sysname> system-view [Sysname] snmp mib event owner owner1 name EventA [Sysname-event-owner1-EventA] action set [Sysname-event-owner1-EventA-set] oid 1.3.6.1.2.1.2.2.1.7.3 Related commands action snmp mib event owner wildcard oid (action-set view) oid (trigger view) Use oid to specify a MIB object for trigger sampling. Use undo oid to restore the default.

  • Page 284: Sample

    Use undo rising to restore the default. Syntax rising { event owner event-owner name event-name | value integer-value } undo rising { event | value } Default The rising threshold is 0, and no rising event is specified. Views Trigger-threshold view Predefined user roles network-admin Parameters...

  • Page 285: Snmp Mib Event

    Syntax sample { absolute | delta } undo sample Default The sampling method is absolute. Views Trigger view Predefined user roles network-admin Parameters absolute: Specifies the absolute sampling method. Use the current sampled value. delta: Specifies the delta sampling method. Use the difference between the current sampled value and previous sampled value.

  • Page 286: Snmp Mib Event Object List

    Views System view Predefined user roles network-admin Parameters event-owner: Specifies an event owner. The event owner must be an existing SNMPv3 user. event-name: Specifies an event name, a case-sensitive string of 1 to 32 characters. Usage guidelines An event is identified by its owner and name. Examples # Create an event with the owner owner1 and the name EventA and enter its view.

  • Page 287: Snmp Mib Event Sample Instance Maximum

    Parameters owner group-owner: Specifies an object list owner. The object list owner must be an existing SNMPv3 user. name group-name: Specifies an object list name, a case-sensitive string of 1 to 32 characters. object-index argument: Specifies an object list index in the range of 1 to 4294967295. oid object-identifier: Specifies an object by its OID or name, a case-sensitive string of 1 to 255 characters.

  • Page 288: Snmp Mib Event Sample Minimum

    Predefined user roles network-admin Parameters max-number: Specifies the maximum number of object instances that can be concurrently sampled. The value is in the range of 0 to 4294967295. Usage guidelines If you use the wildcard option for an object, Event MIB also samples the wildcarded object instances. Include the wildcarded object instances when you calculate the number of the concurrently sampled instances.

  • Page 289: Snmp Mib Event Trigger

    Usage guidelines After you configure the minimum sampling interval, make sure the trigger sampling interval is greater than or equal to the minimum sampling interval. Changing the minimum sampling interval does not affect the existing instances. If the minimum sampling interval is changed to a value smaller than the sampling interval of a trigger, the existing instances of the trigger will continue to be sampled at its interval.

  • Page 290: Snmp-Agent Trap Enable Event-Mib

    If the trigger owner has no read access to the monitored object configured in trigger view, sampling on the object cannot be performed. For more information about SNMPv3 user access rights, see Network Management and Monitoring Configuration Guide. Examples # Create a trigger with the owner owner1 and name triggerA. <Sysname>...

  • Page 291: Startup (Trigger-Threshold View)

    Syntax startup { absent | present } undo startup { absent | present } Default The existence test types for the first sampling are present and absent. Views Trigger-existence view Predefined user roles network-admin Parameters absent: Monitors the absence of a MIB object. present: Monitors the presence of a MIB object.

  • Page 292: Startup Enable

    Default The threshold trap type for the first sampling is rising-or-falling. Views Trigger-threshold view Predefined user roles network-admin Parameters falling: Specifies the falling trap. rising: Specifies the rising trap. rising-or-falling: Specifies the rising or falling trap. Usage guidelines If the trap type for the first sampling is rising or rising-or-falling, a rising trap is triggered when the first sample value is greater than or equal to the rising threshold.

  • Page 293: Test

    Default An event is triggered for the first Boolean sampling. Views Trigger-Boolean view Predefined user roles network-admin Usage guidelines For an event to be triggered when a trigger condition is met at the first Boolean sampling, execute the startup enable command. If the first sampling fails or the monitored object does not exist at the first sampling, the second sampling is considered the first sampling.

  • Page 294: Trigger Enable

    Parameters boolean: Specifies the Boolean test. This test compares the value of the monitored object with the reference value. existence: Specifies the existence test. This test monitors the absence, presence, and change of the monitored object. threshold: Specifies the threshold test. This test compares the value of the monitored object with the specified thresholds, such as rising threshold and falling threshold.

  • Page 295: Type

    Examples # Create and enable a trigger. <Sysname>system-view [Sysname] snmp mib event trigger owner owner1 name triggerA [Sysname-trigger-owner1-triggerA] oid 1.3.6.1.2.1.2.2.1.1.3 [Sysname-trigger-owner1-triggerA] frequency 360 [Sysname-trigger-owner1-triggerA] trigger enable Related commands snmp mib event trigger type Use type to specify existence trigger test types. Use undo type to remove the existence trigger test types.

  • Page 296: Value (Action-Set View)

    Related commands snmp mib event trigger startup test value (action-set view) Use value to set a value for a set-action object. Use undo value to restore the default. Syntax value integer-value undo value Default The value of a set-action object is 0. Views Action-set view Predefined user roles...

  • Page 297: Wildcard Context (Action-Set View)

    Use undo value to restore the default. Syntax value integer-value undo value Default The reference value is 0. Views Trigger-Boolean view Predefined user roles network-admin Parameters integer-value: Specifies a reference value in the range of –2147483648 to +2147483647. Usage guidelines A Boolean trigger test compares the sampled value with the reference value.

  • Page 298: Wildcard Context (Trigger View)

    Views Action-set view Predefined user roles network-admin Usage guidelines This command must be used in conjunction with the context command. A wildcarded context has two parts: the context specified by the context command and the wildcarded part. Examples # Specify the context for the set-action object as contextname1 and enable wildcard search for the contexts.

  • Page 299: Wildcard Oid (Action-Set View)

    Examples # Specify the contexts for the monitored object as contextname and enable wildcard search for the contexts. <Sysname> system-view [Sysname] snmp mib event trigger owner owner1 name triggerA [Sysname-trigger-owner1-triggerA] context contextname [Sysname-trigger-owner1-triggerA] wildcard context Related commands context snmp mib event trigger wildcard oid (action-set view) Use wildcard oid to enable wildcard search for the set-action object OIDs.

  • Page 300: Wildcard Oid (Trigger View)

    snmp mib event owner wildcard oid (trigger view) Use wildcard oid to enable wildcard search for the monitored object OIDs. Use undo wildcard oid to restore the default. Syntax wildcard oid undo wildcard oid Default A MIB object OID is fully specified. Views Trigger view Predefined user roles...

  • Page 301: Netconf Commands

    NETCONF commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. netconf log Use netconf log to enable NETCONF logging.

  • Page 302: Netconf Soap Http Acl

    • set: Specifies all edit-config operations. • session: Specifies session-related NETCONF operations, including the kill-session and close-session operations, and capability exchanges by hello messages. • syntax: Specifies the requests that include XML and schema errors. • others: Specifies NETCONF operations except for those specified by keywords action, config, get, set, session, and syntax.

  • Page 303: Netconf Soap Http Enable

    Usage guidelines This command is not available in FIPS mode. Only NETCONF clients permitted by the applied ACL can access the device through SOAP over HTTP. If you execute this command multiple times, the most recent configuration takes effect. Examples # Use ACL 2001 to allow only NETCONF clients in the subnet 10.10.0.0/16 to access the device through SOAP over HTTP.

  • Page 304: Netconf Soap Https Acl

    netconf soap https acl Use netconf soap https acl to apply an ACL to NETCONF over SOAP over HTTPS traffic. Use undo netconf soap https acl to restore the default. Syntax netconf soap https acl { acl-number | name acl-name } undo netconf soap https acl Default No ACL is applied to NETCONF over SOAP over HTTPS traffic.

  • Page 305: Netconf Ssh Server Enable

    Syntax netconf soap https enable undo netconf soap https enable Default NETCONF over SOAP over HTTPS is disabled. Views System view Predefined user roles network-admin Usage guidelines This command enables the device to resolve NETCONF messages that are encapsulated with SOAP in HTTPS packets.

  • Page 306: Netconf Ssh Server Port

    Only capability set urn:ietf:params:netconf:base:1.0 is available. It is supported by both the device and user terminals. Examples # Enable NETCONF over SSH. <Sysname> system-view [Sysname] netconf ssh server enable netconf ssh server port Use netconf ssh server port to specify a port to listen for NETCONF over SSH connections. Use undo netconf ssh server port to restore the default.
  • Page 307 When a NETCONF message includes the character "a," only the contents after the last "a" in the message can be processed. Examples # Enter XML view. <Sysname> xml <?xml version="1.0" encoding="UTF-8"?><hello xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"><capabilities><capability>urn:ietf:pa rams:netconf:base:1.1</capability><capability>urn:ietf:params:netconf:writable-runnin g</capability><capability>urn:ietf:params:netconf:capability:notification:1.0</capabi lity><capability>urn:ietf:params:netconf:capability:validate:1.1</capability><capabil ity>urn:ietf:params:netconf:capability:interleave:1.0</capability><capability>urn:hpe :params:netconf:capability:h3c-netconf-ext:1.0</capability></capabilities><session-id >1</session-id></hello>]]>]]> # Quit XML view. <rpc message-id="101" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0"> <close-session> </close-session> </rpc>]]>]]> <Sysname>...

  • Page 308: Cwmp Commands

    CWMP commands cwmp Use cwmp to enter CWMP view. Syntax cwmp Views System view Predefined user roles network-admin Examples # Enter CWMP view. <Sysname> system-view [Sysname] cwmp Related commands cwmp enable cwmp acs default password Use cwmp acs default password to configure a password for authentication to the default ACS URL.

  • Page 309: Cwmp Acs Default Url

    simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form. string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 255 characters. Its encrypted form is a case-sensitive string of 33 to 373 characters. Usage guidelines You can configure only one password for authentication to the default ACS URL.

  • Page 310: Cwmp Acs Default Username

    Usage guidelines The CPE attempts to connect to the default ACS URL if no ACS URL has been assigned to it through the cwmp acs url command or DHCP. You can configure only one default ACS URL. If you execute this command multiple times, the most recent configuration takes effect.

  • Page 311: Cwmp Acs Password

    <Sysname> system-view [Sysname] cwmp [Sysname-cwmp] cwmp acs default username newname Related commands cwmp acs default password cwmp acs default url cwmp acs password Use cwmp acs password to configure the password for authentication to the preferred ACS URL. Use undo cwmp acs password to restore the default. Syntax cwmp acs password { cipher | simple } string undo cwmp acs password...

  • Page 312: Cwmp Acs Url

    [Sysname] cwmp [Sysname-cwmp] cwmp acs password simple newpsw Related commands cwmp acs url cwmp acs username cwmp acs url Use cwmp acs url to specify a preferred ACS URL. Use undo cwmp acs url to restore the default. Syntax cwmp acs url url undo cwmp acs url Default No preferred ACS URL is specified.

  • Page 313: Cwmp Acs Username

    cwmp acs username Use cwmp acs username to configure the username for authentication to the preferred ACS URL. Use undo cwmp acs username to restore the default. Syntax cwmp acs username username undo cwmp acs username Default No username is configured for authentication to the preferred ACS URL. Views CWMP view Predefined user roles...

  • Page 314: Cwmp Cpe Connect Retry

    Default No CWMP connection interface is specified. The CPE automatically selects the CWMP connection interface. Views CWMP view Predefined user roles network-admin Parameters interface-type interface-number: Specifies the type and number of the CWMP connection interface. Usage guidelines A CWMP connection interface is the interface that the CPE uses to communicate with the ACS. To establish a CWMP connection, the CPE sends the IP address of this interface in the Inform message, and the ACS replies to this IP address.

  • Page 315: Cwmp Cpe Inform Interval

    Predefined user roles network-admin Parameters retries: Specifies the maximum number of CWMP connection retries. The value range is 0 to 100. To disable the CPE to retry a CWMP connection, set this argument to 0. Usage guidelines The CPE retries connecting to the ACS when its initial connection attempt fails or the CWMP session is ended before the CPE receives a session closed message from the ACS.

  • Page 316: Cwmp Cpe Inform Interval Enable

    [Sysname] cwmp [Sysname-cwmp] cwmp cpe inform interval enable [Sysname-cwmp] cwmp cpe inform interval 3600 Related commands cwmp cpe inform interval enable cwmp cpe inform interval enable Use cwmp cpe inform interval enable to enable the periodic Inform feature. Use undo cwmp cpe inform interval enable to restore the default. Syntax cwmp cpe inform interval enable undo cwmp cpe inform interval enable...

  • Page 317: Cwmp Cpe Password

    undo cwmp cpe inform time Default No connection initiation has been scheduled. Views CWMP view Predefined user roles network-admin Parameters time: Specifies the time at which the CPE sends an Inform message. The time format is yyyy-mm-ddThh:mm:ss, and the value range is 1970-01-01T00:00:00 to 2035-12-31T23:59:59. The specified time must be greater than the current system time.

  • Page 318: Cwmp Cpe Provision-Code

    Usage guidelines You can configure only one password for the ACS to authenticate to the CPE when it initiates a connection. If you execute this command multiple times, the most recent configuration takes effect. For a successful connection, make sure the ACS has the same username and password settings as the CPE.

  • Page 319: Cwmp Cpe Stun Enable

    ACS. For information about the support of your ACS for provision codes, see the ACS documentation. The CPE can have only one provision code. If you execute this command multiple times, the most recent configuration takes effect. Examples # Set the provision code to ABC20150714. <Sysname>...

  • Page 320: Cwmp Cpe Username

    Examples # Enable NAT traversal for the CPE. <Sysname> system-view [Sysname] cwmp [Sysname-cwmp] cwmp cpe stun enable cwmp cpe username Use cwmp cpe username to configure the username for the CPE to authenticate the ACS. Use undo cwmp cpe username to restore the default. Syntax cwmp cpe username username undo cwmp cpe username...

  • Page 321: Cwmp Cpe Wait Timeout

    cwmp cpe wait timeout Use cwmp cpe wait timeout to set the close-wait timer for the CPE to close an idle connection. Use undo cwmp cpe wait timeout to restore the default. Syntax cwmp cpe wait timeout seconds undo cwmp cpe wait timeout Default The close-wait timer is 30 seconds.

  • Page 322: Display Cwmp Configuration

    Default CWMP is disabled. Views CWMP view Predefined user roles network-admin Usage guidelines CWMP configuration takes effect only after CWMP is enabled. Examples # Enable CWMP. <Sysname> system-view [Sysname] cwmp [Sysname-cwmp] cwmp enable Related commands cwmp display cwmp configuration Use display cwmp configuration to display the CWMP configuration. Syntax display cwmp configuration Views...

  • Page 323: Display Cwmp Status

    Source IP interface : None STUN state : Disabled SSL policy name : Null Table 58 Command output Field Description Status of CWMP: Enabled or Disabled. CWMP state Preferred ACS URL. ACS URL This field displays Null if no preferred ACS URL has been specified. Username for the CPE to authenticate to the ACS.
  • Page 324 Syntax display cwmp status Views Any view Predefined user roles network-admin network-operator Examples # Display CWMP state information. <Sysname> display cwmp status CWMP state : Enabled ACS URL of most recent connection : http://www.acs.com:80/acs ACS information source : User ACS username of most recent connection : newname Connection status : Disconnected...

  • Page 325: Ssl Client-Policy

    Field Description Amount of time (in seconds) that the CPE must wait before it initiates the next Length of time before next connection. This field displays None if the CPE does not detect an event that connection attempt will trigger a connection attempt. Related commands display cwmp configuration ssl client-policy...

  • Page 326: Eaa Commands

    EAA commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. • action cli Use action cli to add a CLI action to a monitor policy.

  • Page 327: Action Reboot

    To execute a command in a view other than user view, you must define actions required for accessing the target view before defining the command execution action. In addition, you must number the actions in the order they should be executed, starting with entering system view. For example, to shut down an interface, you must create the following actions in order: Action to enter system view.
  • Page 328 Predefined user roles network-admin Parameters number: Specifies an action ID in the range of 0 to 231. chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify a member device, the command reboots all IRF member devices. (Distributed devices in IRF mode.) slot slot-number: Specifies a card by its slot number.

  • Page 329: Action Switchover

    <Sysname> system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] action 3 reboot # (Centralized devices in IRF mode.) Configure an action for the CLI-defined policy test to reboot IRF member device 1. <Sysname> system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] action 3 reboot slot 1 # (Distributed devices in IRF mode.) Configure an action for the CLI-defined policy test to reboot IRF member device 1.

  • Page 330: Action Syslog

    • The device has only one MPU. • The standby MPU is not in up state. (Centralized devices in IRF mode.) This command does not trigger an active/standby switchover in either of the following situations: • No subordinate device is configured. •...

  • Page 331: Commit

    Usage guidelines EAA sends log messages to the information center. You can configure the information center to output these messages to certain destinations. For more information about the information center, see "Configuring the information center." You can configure a series of actions to be executed in response to the event specified in a monitor policy.

  • Page 332: Display Rtm Environment

    display rtm environment Use display rtm environment to display user-defined EAA environment variables and their values. Syntax display rtm environment [ var-name ] Views Any view Predefined user roles network-admin Parameters var-name: Specifies a user-defined EAA environment variable by its name, a case-sensitive string of 1 to 63 characters.
  • Page 333 Predefined user roles network-admin Parameters active: Displays policies that are running. registered: Displays policies that have been created. policy-name: Specifies a policy by its name. If you do not specify a policy, the command displays all monitor policies that are running or have been created. verbose: Displays detailed information about monitor policies.

  • Page 334: Event Cli

    Field Description Source of the event specified in the policy. Event Options include CLI, HOTPLUG, INTERFACE, PROCESS, SNMP, SNMP_NOTIF, Event Type and SYSLOG. TimeActive Time when the policy started to execute. TimeRegistered Time when the policy was created. Total number Total number of policies.

  • Page 335: Event Hotplug

    Usage guidelines Use CLI event monitor policies to monitor operations performed at the CLI. You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event. Examples # Configure a CLI-defined policy to monitor execution of commands that contain the dis inter brief string.
  • Page 336 undo event Default No hotplug event is configured. Views CLI-defined policy view Predefined user roles network-admin Parameters insert: Specifies the card insert event. EAA executes the policy when card insertion occurs while the device is operating. remove: Specifies the card remove event. EAA executes the policy when card removal occurs while the device is operating.

  • Page 337: Event Interface

    (Centralized devices in IRF mode.) After you configure the event, the monitor policy is triggered when the member device joins or leaves the IRF fabric, or when a subcard is inserted in or removed from the specified subcard slot. If you do not specify the insert or remove keyword, EAA monitors the member device for joining or leaving the IRF fabric and the subcard slot for subcard hot-swapping.
  • Page 338 Default No interface event is configured. Views CLI-defined policy view Predefined user roles network-admin Parameters interface-type interface-number: Specifies an interface by its type and number. monitor-obj monitor-obj: Specifies the traffic statistic to be monitored on the interface. For keywords Table available for the monitor-obj argument, see start-op start-op: Specifies the operator for comparing the monitored traffic statistic with the start threshold.
  • Page 339 Table 63 Comparison operators Comparison operator Description Equal to. Greater than or equal to. Greater than. Less than or equal to. Less than. Not equal to. Usage guidelines Use interface event monitor policies to monitor traffic statistics on an interface. You can configure only one event for a monitor policy.

  • Page 340: Event Process

    event process Use event process to configure a process event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy. Syntax Distributed devices in standalone mode/centralized devices in standalone or IRF mode: event process { exception | restart | shutdown | start } [ name process-name [ instance instance-id ] ] [ slot slot-number ] undo event Distributed devices in IRF mode:...

  • Page 341: Event Snmp Oid

    slot slot-number: Specifies a card by its slot number. If you do not specify a card, the policy applies to all cards. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, the policy applies to all IRF member devices.
  • Page 342 Parameters oid oid: Specifies the OID of the monitored MIB variable, a string of 1 to 256 characters. monitor-obj { get | next }: Specifies the SNMP operation used for sampling variable values. The get keyword represents the SNMP get operation, and the next keyword represents the SNMP getNext operation.

  • Page 343: Event Snmp-Notification

    Compares the variable sample with the start threshold at sampling intervals until the start threshold is crossed. Executes the policy again. This process cycles for the monitor policy to be executed and re-executed. Examples # Configure a CLI-defined policy to get the value of the MIB variable 1.3.6.4.9.9.42.1.2.1.6.4 every five seconds.

  • Page 344: Event Syslog

    Usage guidelines Use SNMP-Notification event monitor policies to monitor variables in SNMP notifications. EAA executes an SNMP-Notification event monitor policy when the value of the monitored variable in an SNMP notification meets the specified condition. You can configure only one event for a monitor policy. If the monitor policy already contains an event, the new event replaces the old event.

  • Page 345: Rtm Cli-Policy

    occurs times period period: Executes the policy if the number of log matches over an interval exceeds the limit. The times argument specifies the maximum number of log matches in the range of 1 to 32. The period argument specifies an interval in the range of 1 to 4294967295 seconds. Usage guidelines Use Syslog event monitor policies to monitor log messages.

  • Page 346: Rtm Environment

    Usage guidelines You must create a CLI-defined monitor policy before you can use the CLI to configure settings in the policy. You can assign the same policy name to a CLI-defined policy and a Tcl-defined policy, but you cannot assign the same name to policies that are the same type. For a CLI-defined monitor policy to take effect, you must execute the commit command after you complete configuring the policy.
  • Page 347 Variable name Description _syslog_pattern Log message content. Hotplug: (Centralized devices in standalone mode.) 0. (Distributed devices.) ID of the slot where card hot-swapping occurs. _slot (Centralized devices in IRF mode.) ID of the member device that joins or leaves the IRF fabric. _subslot ID of the subslot where a hot swap event occurs.

  • Page 348: Rtm Scheduler Suspend

    rtm scheduler suspend Use rtm scheduler suspend to suspend monitor policies. Use undo rtm scheduler suspend to resume monitor policies. Syntax rtm scheduler suspend undo rtm scheduler suspend Views System view Predefined user roles network-admin Usage guidelines This command disables all CLI-defined and Tcl-defined monitor policies except for the monitor policies that are running.

  • Page 349: Running-Time

    Parameters policy-name: Specifies a policy name, a case-sensitive string of 1 to 63 characters. tcl-filename: Specifies a .tcl script file name. The file name is case sensitive. You must make sure the file is available on a storage medium of the device. Usage guidelines When you use this command to create a Tcl-defined policy, follow these guidelines: (Centralized devices in IRF mode.) Make sure the script file is saved on all IRF member devices.

  • Page 350: User-Role

    Predefined user roles network-admin Parameters time: Specifies the runtime of the CLI-defined policy, in the range of 0 to 31536000 seconds. If you specify 0, the policy can run forever until it is manually interrupted. Usage guidelines Policy runtime limits the amount of time that the monitor policy can run from the time it is triggered. When the runtime is reached, the system stops executing the policy even if the execution is not finished.
  • Page 351 For example, a monitor policy has four actions numbered from 1 to 4. The policy has user roles that are required for performing actions 1, 3, and 4, but it does not have the user role required for performing action 2. When the policy is triggered, EAA executes only action 1. A monitor policy supports a maximum of 64 valid user roles.

  • Page 352: Process Monitoring And Maintenance Commands

    Process monitoring and maintenance commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. The display memory, display process, display process cpu, monitor process, and monitor thread commands display information about both user processes and kernel threads.
  • Page 353 slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays context information for process exceptions on the active MPU. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its ID. If you do not specify this option, the command displays context information for process exceptions on the IRF master device.
  • Page 354 flash:/core/node0_routed_121_7_20130331-111221_1364728341.core 0x00007fae7dbad20c 0x00000000004059fa 0x00007fae7dbd96c0 0x0000000000402b29 Backtrace stopped. Registers' content rax:0xfffffffffffffffc rbx:0x00007fff88a5dd10 rcx:0xffffffffffffffff rdx:0x000000000000000a rsi:0x00007fff88a5dd10 rdi:0x0000000000000003 rbp:0x00007fff88a5dcf0 rsp:0x00007fff88a5dcf0 r8:0x00007fae7ea587e0 r9:0x0000000000000079 r10:0xffffffffffffffff r11:0x0000000000000246 r12:0x0000000000405b18 r13:0x00007fff88a5ff7a r14:0x00007fff88a5de30 r15:0x0000000000000000 rip:0x00007fae7dbad20c flag:0x0000000000000246 cs:0x0000000000000033 ss:0x000000000000002b ds:0x0000000000000000 es:0x0000000000000000 fs:0x0000000000000000 gs:0x0000000000000000 fs_base:0x00007fae80a5d6a0 gs_base:0x0000000000000000 orig_ax:0x00000000000000e8 # Display the exception context information on the PowerPC-based 32-bit device. <Sysname>...
  • Page 355 <Sysname> display exception context Index 1 of 1 ------------------------------ Crashed PID: 172 (routed) Crash signal: SIGBUS Crash time: Sat Sep 15 16:53:16 2007 Core file path: cfa0:/core/node1_routed_172_7_20070915-165316_1189875196.core 0x00000fff803c66b4 0x0000000010009b94 0x00000fff80401814 Backtrace stopped. Registers' content grp00: 0x00000000000000ee 0x00000fffffd04840 grp02: 0x00000fff80425c28 0x0000000000000004 grp04: 0x00000fffffd048c0 0x000000000000000a grp06: 0xffffffffffffffff 0x00000fff803c66b4 grp08: 0x000000008002d000 0x0000000000000000...
  • Page 356 Registers' content zero:0x00000000 at:0x1000dc00 v0:0x00000004 v1:0x00000003 a0:0x00000003 a1:0x7fd267e8 a2:0x0000000a a3:0x00000001 t0:0x00000000 t1:0xcf08fa14 t2:0x80230510 t3:0xfffffff8 t4:0x69766520 t5:0x00000000 t6:0x63cc6000 t7:0x44617461 s0:0x7fd26f81 s1:0x00401948 s2:0x7fd268f8 s3:0x803e1db0 s4:0x803e1da0 s5:0x803e1d88 s6:0x803e1d70 s7:0x803e1d60 t8:0x00000008 t9:0x2af2fae0 k0:0x00000000 k1:0x00000000 gp:0x2af9a3a0 sp:0x7fd267c0 s8:0x7fd267c0 ra:0x00406d8c sr:0x0000dc13 lo:0xef9db265 hi:0x0000003f bad:0x2add2010 cause:0x00800020 pc:0x2af2faf4 # Display the exception context information on the MIPS-based 64-bit device.

  • Page 357: Display Exception Filepath

    Filed Description Signals that led to the crash: • SIGABRT—Abort. • SIGBUS—Bus error. • SIGFPE—Erroneous arithmetic operation. • SIGILL—Illegal hardware instructions. • SIGQUIT—Quit signal sent by the controlling terminal. Crash signal • SIGSEGV—Invalid memory access. • SIGSYS—Invalid system call. • SIGTRAP—Trap message.

  • Page 358: Display Kernel Deadloop

    slot slot-number: Specifies an IRF member device by its ID. If you do not specify this option, the command displays the core file directory on the IRF master device. (Centralized devices in IRF mode.) chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. If you do not specify this option, the command displays the core file directory on the global active MPU.
  • Page 359 Predefined user roles network-admin Parameters show-number: Specifies the number of deadloops to display, in the range of 1 to 10. offset: Specifies the offset between the starting deadloop and the latest deadloop, in the range of 0 to 9. The default value is 0. verbose: Displays detailed information.
  • Page 360 Thread : comsh (TID: 16306) Context : thread context Chassis Slot CPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)--> swapper (11:16:00.833018)--> kthreadd (11:16:00.833518)--> swapper (11:16:00.833550)-->...
  • Page 361 0xe2be5f40: 02 be 61 e0 00 00 00 02 00 00 00 00 02 44 b3 a4 0xe2be5f50: 02 be 5f 90 00 00 00 08 02 be 5f e0 00 00 00 08 0xe2be5f60: 02 be 5f 80 00 ac 1b 14 00 00 00 00 00 00 00 00 0xe2be5f70: 05 b4 5f 90 02 be 5f e0 00 00 00 30 02 be 5f e0 0xe2be5f80: 02 be 5f c0 00 ac 1b f4 00 00 00 00 02 45 00 00 0xe2be5f90: 00 03 00 00 00 00 00 00 02 be 5f e0 00 00 00 30...

  • Page 362: Display Kernel Deadloop Configuration

    Field Description Thread Name and number of the kernel thread deadloop. Context Context for the kernel thread deadloop. Chassis Number of the IRF member device on which the kernel thread ran. Slot number of the MPU on which the kernel thread ran. (Distributed devices in IRF or standalone mode.) ID of the IRF member device on which the kernel thread ran.

  • Page 363: Display Kernel Exception

    Views Any view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays kernel thread deadloop detection configuration for the active MPU. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its ID.
  • Page 364 Syntax Centralized devices in standalone mode: display kernel exception show-number [ offset ] [ verbose ] Distributed devices in standalone mode/centralized devices in IRF mode: display kernel exception show-number [ offset ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: display kernel exception show-number [ offset ] [ verbose ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]...
  • Page 365 Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01 11:16:00.823018 Instruction address : 0x4004158c Thread : comsh (TID: 16306) Context : thread context Chassis Slot CPU ID Kernel module info : module name (mrpnc) module address (0xe332a000) module name (disk) module address (0xe00bd000) # Display detailed information about the latest kernel thread exception.
  • Page 366 Reg: cr, Val = 0x84000028 ; Reg: nip, Val = 0x057d9550 ; Reg: xer, Val = 0x00000000 ; Reg: lr, Val = 0x0186eff0 ; Reg: ctr, Val = 0x682f7344 ; Reg: msr, Val = 0x00784b5c ; Reg: trap, Val = 0x0000b030 ; Reg: dar, Val = 0x77777777 ;...

  • Page 367: Display Kernel Reboot

    Function Address = 0x8016ce0c Function Address = 0x801223a0 Instruction dump: 41a2fe9c 812300ec 800200ec 7f890000 409efe8c 80010014 540b07b9 40a2fe80 4bfffe6c 80780290 7f64db78 4804ea35 <807f002c> 38800000 38a00080 3863000c Table For detailed information about the command output, see Related commands reset kernel exception display kernel reboot Use display kernel reboot to display kernel thread reboot information.
  • Page 368 chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. If you do not specify this option, the command displays kernel thread reboot information for the global active MPU. (Distributed devices in IRF mode.) cpu cpu-number: Specifies a CPU by its number. (Centralized devices in IRF mode/distributed devices in IRF or standalone mode.) Examples # Display brief information about the latest kernel thread reboot.
  • Page 369 0xe2be5f00: a0 e1 64 21 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f10: 00 00 00 00 00 00 00 00 00 00 00 00 01 e9 00 00 0xe2be5f20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f30: 00 00 00 00 00 00 00 00 02 be 66 c0 02 be 66 d0 0xe2be5f40: 02 be 61 e0 00 00 00 02 00 00 00 00 02 44 b3 a4 0xe2be5f50: 02 be 5f 90 00 00 00 08 02 be 5f e0 00 00 00 08...

  • Page 370: Display Kernel Starvation

    Field Description Chassis Number of the IRF member device where the kernel thread ran. Slot number of the MPU where the kernel thread ran. (Distributed devices in IRF or standalone mode.) IRF member ID of the device where the kernel thread ran. (Centralized devices Slot in IRF mode.) Fixed to 0 without any special meaning.
  • Page 371 offset: Specifies the offset between the starting starvation and the latest starvation, in the range of 0 to 9. The default value is 0. verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information. slot slot-number: Specifies an MPU by its slot number.
  • Page 372 module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)--> swapper (11:16:00.833018)--> kthreadd (11:16:00.833518)--> swapper (11:16:00.833550)--> disk (11:16:00.833560) Register content: Reg: r0, Val = 0x00000000 ; Reg: r1, Val = 0xe2be5ea0 ; Reg: r2, Val = 0x00000000 ; Reg: r3, Val = 0x77777777 ;...

  • Page 373: Display Kernel Starvation Configuration

    0xe2be5fa0: 02 be 5f c0 00 ac 1b 14 61 f1 2e ae 02 45 00 00 0xe2be5fb0: 02 44 b3 74 02 be 5f d0 00 00 00 30 02 be 5f e0 0xe2be5fc0: 02 be 60 60 01 74 ff f8 00 00 00 00 00 00 08 00 0xe2be5fd0: 02 be 5f f0 00 e8 93 7e 02 be 5f f8 02 be 5f fc 0xe2be5fe0: 00 00 00 00 00 00 00 00 00 00 00 00 02 be 60 18 0xe2be5ff0: 02 be 60 10 00 e9 65 98 00 00 00 58 00 00 2a 4f...
  • Page 374 Distributed devices in IRF mode: display kernel starvation configuration [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays kernel thread starvation detection configuration on the active MPU.

  • Page 375: Display Process

    display process Use display process to display process state information. Syntax Centralized devices in standalone mode: display process [ all | job job-id | name process-name ] Distributed devices in standalone mode/centralized devices in IRF mode: display process [ all | job job-id | name process-name ] [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: display process [ all | job job-id | name process-name ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]...
  • Page 376 Examples # Display state information for process scmd. <Sysname> display process name scmd Job ID: 1 PID: 1 Parent JID: 0 Parent PID: 0 Executable path: - Instance: 0 Respawn: OFF Respawn count: 1 Max. spawns per minute: 0 Last started: Wed Jun 1 14:45:46 2013 Process state: sleeping Max.
  • Page 377 Field Description Maximum number of core files that the process can create. 0 indicates that the process never creates a core file. A process creates a core file after it Max. core abnormally restarts. If the number of core files reaches the maximum value, no more core files are created.

  • Page 378: Display Process Cpu

    Table 71 Command output Field Description Job ID of a process. It never changes. Number of a process. %CPU CPU usage in percentage (%). %MEM Memory usage in percentage (%). State of a process: • R—Running. • S—Sleeping. STAT • T—Traced or stopped.
  • Page 379 slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for the master device. (Centralized devices in IRF mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device.

  • Page 380: Display Process Log

    Field Description Name of the process. If square brackets ([ ]) exist in a process name, the Name process is a kernel thread. display process log Use display process log to display log information for all user processes. Syntax Centralized devices in standalone mode: display process log Distributed devices in standalone mode/centralized devices in IRF mode: display process log [ slot slot-number [ cpu cpu-number ] ]...

  • Page 381: Display Process Memory

    knotify 12-17 07:10:31 12-17 07:10:31 autocfgd 12-17 07:10:31 12-17 07:10:31 pkg_update 12-17 07:10:30 12-17 07:10:31 Table 73 Command output Field Description Process Name of a user process. JobID Job ID of a user process. ID of a user process. Indicates whether the process exited abnormally: •...
  • Page 382 Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays memory usage for all user processes on the active MPU. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for the master device.

  • Page 383: Display Process Memory Heap

    Field Description Stack Stack memory used by the user process, in KB. The value for a kernel thread is 0. Dynamic Dynamic memory used by the user process, in KB. The value for a kernel thread is 0. Name of the user process. If square brackets ([ ]) exist in a process name, the process is Name a kernel thread.
  • Page 384 chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays information for the global active MPU.

  • Page 385: Display Process Memory Heap Address

    Field Description Free Ratio Ratio of free memory to total memory. It helps identify fragment information. Related commands display process memory display process memory heap address display process memory heap size display process memory heap address Use display process memory heap address to display heap memory content starting from a specified memory block for a process.

  • Page 386: Display Process Memory Heap Size

    chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays information for the global active MPU.
  • Page 387 Views Any view Predefined user roles network-admin network-operator Parameters job job-id: Specifies a process by its job ID, in the range of 1 to 2147483647. size memory-size: Specifies the memory block size in the range of 1 to 4294967295. offset offset-size: Specifies an offset in the range of 0 to 4294967295. The default value is 128. For example, suppose the system allocates 100 16-byte memory blocks to process job 1, and the process has used 66 blocks.

  • Page 388: Exception Filepath

    0xb7e30180 0xb7e30190 0xb7e301a0 0xb7e301b0 0xb7e301c0 0xb7e301d0 0xb7e301e0 0xb7e301f0 0xb7e30200 0xb7e30210 0xb7e30220 0xb7e30230 Related commands display process memory heap display process memory heap address exception filepath Use exception filepath to specify the directory for saving core files. Use undo exception filepath to remove the specified directory. Syntax exception filepath directory undo exception filepath directory...

  • Page 389: Monitor Kernel Deadloop Enable

    Examples # Specify the directory for saving core files as flash:/. <Sysname> exception filepath flash:/ Related commands display exception filepath process core monitor kernel deadloop enable Use monitor kernel deadloop enable to enable kernel thread deadloop detection. Use undo monitor kernel deadloop enable to disable kernel thread deadloop detection. Syntax Centralized devices in standalone mode: monitor kernel deadloop enable...

  • Page 390: Monitor Kernel Deadloop Exclude-Thread

    cpu cpu-number: Specifies a CPU by its number. (Centralized devices in IRF mode/distributed devices in IRF or standalone mode.) Usage guidelines Kernel threads share resources in kernel space. If a kernel thread monopolizes the CPU for a long time, other threads cannot run, resulting in a deadloop. The command enables the device to detect deadloops.
  • Page 391 undo monitor kernel deadloop exclude-thread [ tid ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Default Kernel thread deadloop detection monitors all kernel threads. Views System view Predefined user roles network-admin Parameters tid: Specifies a kernel thread by its ID, in the range of 1 to 2147483647. If no kernel thread is specified for the undo command, the default is restored.

  • Page 392: Monitor Kernel Deadloop Time

    monitor kernel deadloop time Use monitor kernel deadloop time to set the interval for identifying a kernel thread deadloop. Use undo monitor kernel deadloop time to restore the default. Syntax Centralized devices in standalone mode: monitor kernel deadloop time time undo monitor kernel deadloop time Distributed devices in standalone mode/centralized devices in IRF mode: monitor kernel deadloop time time [ slot slot-number [ cpu cpu-number ] ]...

  • Page 393: Monitor Kernel Starvation Enable

    Usage guidelines If a kernel thread runs for the specified interval, kernel thread deadloop detection considers that a deadloop has occurred. The system records the deadloop and restarts. Inappropriate use of the command can cause service problems or system breakdown. Make sure you understand the impact of the command on your network before you use it.

  • Page 394: Monitor Kernel Starvation Exclude-Thread

    Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the active MPU is specified. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its ID. If you do not specify this option, the master device is specified.
  • Page 395 Syntax Centralized devices in standalone mode: monitor kernel starvation exclude-thread tid undo monitor kernel starvation exclude-thread [ tid ] Distributed devices in standalone mode/centralized devices in IRF mode: monitor kernel starvation exclude-thread tid [ slot slot-number [ cpu cpu-number ] ] undo monitor kernel starvation exclude-thread [ tid ] [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: monitor kernel starvation exclude-thread tid [ chassis chassis-number slot slot-number [ cpu...

  • Page 396: Monitor Kernel Starvation Time

    Examples # Disable kernel thread starvation detection for kernel thread 15. <Sysname> system-view [Sysname] monitor kernel starvation exclude-thread 15 Related commands display kernel starvation display kernel starvation configuration monitor kernel starvation time monitor kernel starvation enable monitor kernel starvation time Use monitor kernel starvation time to set the interval for identifying a kernel thread starvation.

  • Page 397: Monitor Process

    slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the active MPU is specified. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its ID. If you do not specify this option, the master device is specified.
  • Page 398 Predefined user roles network-admin Parameters dumbtty: Specifies dumbtty mode. In this mode, the command displays process statistics in descending order of CPU usage without refreshing statistics. If you do not specify this keyword, the command displays statistics for the top 10 processes in descending order of CPU usage in an interactive mode, and refreshes statistics every 5 seconds by default.
  • Page 399 Commands Description Refreshes the screen. Sorts processes by memory usage in descending order. Changes the maximum number of processes displayed within a screen, in the range of 0 to 2147483647. The default value is 10. A value of 0 means no limit. Only processes not exceeding the screen size can be displayed.
  • Page 400 00:00:06 0.51% [ksoftirqd/0] 1009 1009 00:00:08 0.51% [karp/1] 1010 1010 00:00:13 0.51% [kND/1] 5373 5373 1496K 00:00:00 0.51% 00:00:00 0.00% [kthreadd] 00:00:00 0.00% [migration/0] 00:00:00 0.00% [watchdog/0] 00:00:01 0.00% [events/0] 00:00:00 0.00% [khelper] 4796 4796 2744K 00:00:00 0.00% login 4797 4797 28832K 00:00:03...
  • Page 401 1009 1009 00:00:09 0.36% [karp/1] 00:00:06 0.18% [ksoftirqd/0] 1010 1010 00:00:13 0.18% [kND/1] 4795 4795 2372K 00:00:01 0.18% telnetd 5491 5491 1500K 00:00:00 0.18% 00:00:00 0.00% [kthreadd] The system refreshes process statistics every 5 seconds. You can enter interactive commands to perform operation as follows: •...

  • Page 402: Monitor Thread

    State HH:MM:SS Name 5384K 00:00:01 0.00% dbmd 2464K 00:00:02 0.00% ipbased 1956K 00:00:00 0.00% 30600K 00:00:00 0.00% lsmd 61592K 00:00:00 0.00% routed • Enter k and then enter a JID to kill a process. If you enter 884, the process with the JID of 884 is killed.
  • Page 403 Syntax Centralized devices in standalone mode: monitor thread [ dumbtty ] [ iteration number ] Distributed devices in standalone mode/centralized devices in IRF mode: monitor thread [ dumbtty ] [ iteration number ] [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: monitor thread [ dumbtty ] [ iteration number ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]...
  • Page 404 Table 78 Interactive commands Commands Description ? or h Displays help information that includes available interactive commands. Sets the interval for refreshing statistics. The default interval is 5 seconds. Kills a process. Because the command can impact system operation, be cautious when you use it.
  • Page 405 00:00:06 0.42% scmd 1160 1160 00:00:01 0.21% sshd 00:00:00 0.00% [kthreadd] 00:00:01 0.00% [ksoftirqd/0] 00:00:00 0.00% [watchdog/0] 00:00:00 0.00% [events/0] 00:00:00 0.00% [khelper] • Enter h or a question mark (?) to display help information as follows: Help for interactive commands: Show the available interactive commands Sort by the CPU field(default) Set the delay interval between screen updates...

  • Page 406: Process Core

    00:00:04 0.12% [DIBC] 00:00:22 0.12% [MNET] • Enter q to quit interactive mode. Table 79 Command output Field Description 84 processes; 107 Numbers of processes and threads. threads Job ID of a thread, which never changes. ID of a thread. LAST_CPU Number of the CPU on which the latest thread scheduling occurs.
  • Page 407 Default A process generates a core file for the first exception and does not generate any core files for subsequent exceptions. Predefined user roles network-admin Parameters off: Disables core file generation. maxcore value: Enables core file generation and sets the maximum number of core files, in the range of 1 to 10.

  • Page 408: Reset Exception Context

    exception filepath reset exception context Use reset exception context to clear context information for process exceptions. Syntax Centralized devices in standalone mode: reset exception context Distributed devices in standalone mode/centralized devices in IRF mode: reset exception context [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: reset exception context [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views...

  • Page 409: Reset Kernel Deadloop

    reset kernel deadloop Use reset kernel deadloop to clear kernel thread deadloop information. Syntax Centralized devices in standalone mode: reset kernel deadloop Distributed devices in standalone mode/centralized devices in IRF mode: reset kernel deadloop [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: reset kernel deadloop [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views...

  • Page 410: Reset Kernel Reboot

    Syntax Centralized devices in standalone mode: reset kernel exception Distributed devices in standalone mode/centralized devices in IRF mode: reset kernel exception [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: reset kernel exception [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles...

  • Page 411: Reset Kernel Starvation

    reset kernel reboot [ slot slot-number [ cpu cpu-number ] ] Distributed devices in IRF mode: reset kernel reboot [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread reboot information for the active MPU.

  • Page 412: Third-Part-Process Start

    Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread starvation information for the active MPU. (Distributed devices in standalone mode.) slot slot-number: Specifies an IRF member device by its ID.

  • Page 413: Third-Part-Process Stop

    Usage guidelines Use this command to start a third-party process, such as Wifidog, Puppet, or Chef. Examples # Start third-party process puppet. <Sysname> system-view [Sysname] third-part-process start name puppet arg agent --certname=1.1.1.1 --server=1.1.1.2 Related commands third-part-process stop third-part-process stop Use third-part-process stop to stop a third-party process. Syntax third-part-process stop pid pid&<1-10>...
  • Page 414 00:00:00 [ata_aux] 00:00:00 [kseriod] 00:00:00 [vzmond] 00:00:00 [pdflush] 00:00:00 [pdflush] 00:00:00 [kswapd0] 00:00:00 [aio/0] 00:00:00 [scsi_eh_0] 00:00:00 [scsi_eh_1] 00:00:00 [scsi_eh_2] 00:00:00 puppet ---- More ---- <Sysname> system-view [Sysname] third-part-process stop pid 35 Related commands display process all third-part-process start...

  • Page 415: Sampler Commands

    Sampler commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. display sampler Use display sampler to display configuration information for a sampler. Syntax Centralized devices in standalone mode: display sampler [ sampler-name ]...

  • Page 416: Sampler

    slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays sampler configuration information for the master device. (Centralized devices in IRF mode.) chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device.
  • Page 417 Default No samplers exist. Views System view Predefined user roles network-admin Parameters sampler-name: Specifies a sampler by its name, a case-insensitive string of 1 to 31 characters. fixed: Specifies the fixed sampling mode. A sampler in this mode selects the first packet per sampling.

  • Page 418: Port Mirroring Commands

    Port mirroring commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. display mirroring-group Use display mirroring-group to display mirroring group information.

  • Page 419: Mirroring-Group

    Monitor port: GigabitEthernet1/0/2 GigabitEthernet1/0/3 GigabitEthernet1/0/4 Mirroring group 3: Type: Local Status: Active Mirroring port: GigabitEthernet1/0/5 Inbound GigabitEthernet1/0/6 Both Monitor port: GigabitEthernet1/0/7 Table 81 Command output Field Description Mirroring group Number of the mirroring group. Type Type of the mirroring group: Local. Status of the mirroring group: •...

  • Page 420: Mirroring-Group Mirroring-Port (Interface View)

    Examples # Create local mirroring group 1. <Sysname> system-view [Sysname] mirroring-group 1 local mirroring-group mirroring-port (interface view) Use mirroring-group mirroring-port to configure a port as a source port for a mirroring group. Use undo mirroring-group mirroring-port to restore the default. Syntax mirroring-group group-id mirroring-port { both | inbound | outbound } undo mirroring-group group-id mirroring-port...

  • Page 421: Mirroring-Group Mirroring-Port (System View)

    mirroring-group mirroring-port (system view) Use mirroring-group mirroring-port to configure source ports for a mirroring group. Use undo mirroring-group mirroring-port to remove source ports from a mirroring group. Syntax mirroring-group group-id mirroring-port interface-list { both | inbound | outbound } undo mirroring-group group-id mirroring-port interface-list Default No source port is configured for a mirroring group.

  • Page 422: Mirroring-Group Monitor-Port (Interface View)

    mirroring-group monitor-port (interface view) Use mirroring-group monitor-port to configure a port as a monitor port for a mirroring group. Use undo mirroring-group monitor-port to restore the default. Syntax mirroring-group group-id monitor-port undo mirroring-group group-id monitor-port Default A port does not act as a monitor port for any mirroring groups. Views Interface view Predefined user roles...
  • Page 423 undo mirroring-group group-id monitor-port interface-type interface-number Default No monitor port is configured for a mirroring group. Views System view Predefined user roles network-admin Parameters group-id: Specifies an existing mirroring group by its ID in the range of 1 to 6. interface-type interface-number: Specifies an interface by its type and number.

  • Page 424: Flow Mirroring Commands

    Flow mirroring commands mirror-to Use mirror-to to configure a mirroring action for a traffic behavior. Use undo mirror-to to delete a mirroring action. Syntax mirror-to interface interface-type interface-number undo mirror-to interface interface-type interface-number Default No mirroring action is configured for a traffic behavior. Views Traffic behavior view Predefined user roles...

  • Page 425: Netstream Configuration Commands

    NetStream configuration commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. display ip netstream cache Use display ip netstream cache to display NetStream entry information.
  • Page 426 type: Specifies the NetStream entry type. If you do not specify this keyword, this commands displays information about all types of NetStream entries. ip: Specifies Layer 3 NetStream entries. ipl2: Specifies Layer 2 and Layer 3 NetStream entries. l2: Specifies Layer 2 NetStream entries. mpls: Specifies MPLS NetStream entries.
  • Page 427 L2 flow entries counted : 10 IPL2 flow entries counted : 20 Last statistics resetting time : 01/01/2000 at 00:01:02 IP packet size distribution (1103746 packets in total): 1-32 .249 .694 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 576 1024 1536 2048 2560 3072 3584 4096 4608 >4608 .000 .000 .027 .000 .027 .000 .000 .000 .000 .000 .000 .000 Protocol...
  • Page 428 Last packet arrived: 10/28/2013, 14:21:03 IP& 192.168.123.1(2- 192.168.1.1(0) GE1/0/2(O) 0012-3f86-e95d(0) 0012-3f86-e116(1008) TCPFlag: DstMask: SrcMask: NextHop: 192.168.1.2 DstAS: SrcAS: BGPNextHop: 0.0.0.0 OutVRF: TCPFlag: SamplerMode: SamplerInt: Active: 12.030 Bytes/Pkt: First packet arrived: 10/28/2013, 14:10:04 Last packet arrived: 10/28/2013, 14:21:03 IP& 172.16.1.1(68) 172.16.2.1(67) GE1/0/3(I) 1848 MPLS LDP(4.4.4.4/24)
  • Page 429 Flows /sec /sec /flow /flow /flow -------------------------------------------------------------------------- TCP-Telnet 2656855 TCP-FTP 5900082 TCP-FTPD 3200453 1006 TCP-WWW 546778274 11170 TCP-other 49148540 3752 UDP-DNS 117240379 UDP-other 45502422 2272 ICMP 14837957 IP-other 77406 Type DstIP(Port) SrcIP(Port) Pro ToS VNI APPID If(Direct) Pkts DstMAC(VLAN) SrcMAC(VLAN) TopLblType(IP/Mask) Lbl-Exp-S-List --------------------------------------------------------------------------...
  • Page 430 MPLS LDP(4.4.4.4/24) 1:55-6-0 2:16-6-1 DstMask: SrcMask: NextHop: 172.16.2.10 DstAS: SrcAS: BGPNextHop: 0.0.0.0 InVRF: SamplerMode: SamplerInt: Active: 382.542 Bytes/Pkt: 1426 First packet arrived: 10/28/2013, 14:12:03 Last packet arrived: 10/28/2013, 14:23:03 Table 82 Command output Field Description Active flow timeout Aging timer for active flows, in minutes. Inactive flow timeout Aging timer for inactive flows, in seconds.
  • Page 431 Field Description Statistics of packets by protocol type: • Protocol type. • Protocol Total Flows Packets Total number of flows. /sec • Number of packets per second. • Flows/sec Packets/flow Number of flows per second. • Active(sec)/flow Idle(sec)/flow Number of packets per flow. •...

  • Page 432: Display Ip Netstream Export

    Field Description Other information about the active flows in the cache: • TCP tag. • Destination mask. • Source mask. • Routing next hop. TCPFlag: • Destination AS. DstMask: SrcMask: • Source AS. NextHop: • BGP next hop. DstAS: SrcAS: •...

  • Page 433: Display Ip Netstream Template

    MPLS export information: Flow source interface : GigabitEthernet1/0/1 Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 10.10.0.10 (30000) Version 9 exported flows number : 20 Version 9 exported UDP datagrams number (failed) : 2 (0) as aggregation export information: Flow source interface : GigabitEthernet1/0/1 Flow destination VPN instance...
  • Page 434 display ip netstream template Distributed devices in standalone mode/centralized devices in IRF mode: display ip netstream template [ slot slot-number ] Distributed devices in IRF mode: display ip netstream template [ chassis chassis-number slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters...
  • Page 435 Flows Out packets Out bytes First forwarded Last forwarded Source AS Destination AS Input interface index Output interface index Direction Sampling algorithm Sampling interval AS inbound template: Template ID : 3257 Packets Last template export time : Never Field count : 14 Field type Field length (bytes)

  • Page 436: Enable

    Field Description Field type Type of a field in the template. Field length (bytes) Length of the field, in bytes. Flows Number of aggregate flows. Out packets Number of sent packets. In packets Number of received packets. Out bytes Size of sent packets, in bytes. In bytes Size of received packets, in bytes.

  • Page 437: Ip Netstream

    ip netstream Use ip netstream to enable NetStream on an interface. Use undo ip netstream to disable NetStream on an interface. Syntax ip netstream [ inbound | outbound ] undo ip netstream [ inbound | outbound ] Default NetStream is disabled on an interface. Views Interface view Predefined user roles...

  • Page 438: Ip Netstream Sampler

    Predefined user roles network-admin Parameters inbound: Filters incoming traffic. outbound: Filters outgoing traffic. acl ipv4-acl-number: Specifies an IPv4 ACL by its number. For an IPv4 basic ACL, the value range is 2000 to 2999. For an IPv4 advanced ACL, the value range is 3000 to 3999. Usage guidelines NetStream filtering uses an ACL to identify intended packets.

  • Page 439: Ip Netstream Aggregation

    sampler sampler-name: Specifies a sampler by its name, a case-insensitive string of 1 to 31 characters. Examples # Use sampler abc for inbound NetStream sampling on GigabitEthernet 1/0/1. <Sysname> system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] ip netstream inbound [Sysname-GigabitEthernet1/0/1] ip netstream inbound sampler abc ip netstream aggregation Use ip netstream aggregation to specify a NetStream aggregation mode and enter its view.
  • Page 440 • Source prefix. • Destination prefix. • Inbound interface index. • Outbound interface index. prefix-port: Specifies the prefix-port aggregation by the following criteria: • Source prefix. • Destination prefix. • Source address mask length. • Destination address mask length. • ToS.

  • Page 441: Ip Netstream Export Host

    tos-protocol-port: Specifies the ToS-protocol-port aggregation by ToS, protocol number, source port, destination port, inbound interface index, and outbound interface index. tos-source-prefix: Specifies the ToS-source-prefix aggregation by ToS, source AS number, source prefix, source address mask length, and inbound interface index. Usage guidelines In NetStream aggregation mode view, you can perform the following tasks: •...

  • Page 442: Ip Netstream Export Rate

    Parameters ip-address: Specifies the destination IP address. udp-port: Specifies the destination UDP port number in the range of 0 to 65535. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the destination host belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the destination is on the public network, do not specify this option.

  • Page 443: Ip Netstream Export Source

    Use undo ip netstream export rate to restore the default. Syntax ip netstream export rate rate undo ip netstream export rate Default The export rate of NetStream data is not limited. Views System view Predefined user roles network-admin Parameters rate: Specifies the maximum number of packets to be exported per second. The value range is 1 to 1000.

  • Page 444: Ip Netstream Export V9-Template Refresh-Rate Packet

    Usage guidelines You can configure different source interfaces in different NetStream aggregation mode views. If no source interface is configured in NetStream aggregation mode view, the source interface in system view applies. Examples # In system view, specify GigabitEthernet 1/0/1 as the source interface for NetStream traditional data packets.

  • Page 445: Ip Netstream Export V9-Template Refresh-Rate Time

    Usage guidelines Version 9 is template-based and supports user-defined formats. A NetStream device must send the version 9 templates to NetStream servers regularly, because the servers do not permanently save templates. You can configure the refresh frequency or refresh interval for the device to send version 9 templates. If both settings are configured, templates are sent when either of the conditions is met.

  • Page 446: Ip Netstream Export Version

    You can adjust the refresh frequency or refresh interval for the device to send version 9 templates. If both settings are configured, templates are sent when either of the conditions is met. To configure the refresh frequency for version 9 templates, use the ip netstream export v9-template refresh-rate packet command.

  • Page 447: Ip Netstream Max-Entry

    Usage guidelines A NetStream entry records the source IP address and destination IP address, and two AS numbers for each IP address. You can choose to configure which AS numbers are to be exported as the source AS and destination AS. You can choose to record BGP next hop data only when you configure the version 9 format.

  • Page 448: Ip Netstream Mpls

    (Distributed devices in IRF mode.) The max-entries argument takes effect on each card of each IRF member device. (Centralized devices in IRF mode.) The max-entries argument takes effect on each IRF member device. If you execute this command multiple times, the most recent configuration takes effect. Examples # Set the upper limit to 5000 for NetStream entries.

  • Page 449: Ip Netstream Timeout Active

    Examples # Enable NetStream for MPLS packets with top label counted but without IP fields. <Sysname> system-view [Sysname] ip netstream mpls no-ip-fields ip netstream timeout active Use ip netstream timeout active to set the aging timer for active flows. Use undo ip netstream timeout active to restore the default. Syntax ip netstream timeout active minutes undo ip netstream timeout active...

  • Page 450: Reset Ip Netstream Statistics

    undo ip netstream timeout inactive Default The aging timer is 30 seconds for inactive flows. Views System view Predefined user roles network-admin Parameters seconds: Sets the aging timer for inactive flows, in the range of 10 to 600 seconds. Usage guidelines A flow is considered inactive if no packet for the NetStream entry arrives before the timer set by this command expires.

  • Page 451: Ipv6 Netstream Commands

    IPv6 NetStream commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. display ipv6 netstream cache Use display ipv6 netstream cache to display IPv6 NetStream entry information.
  • Page 452 chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command displays information about IPv6 NetStream entries for all cards.
  • Page 453 2:24-6-0 3:30-6-1 IP& 2010::1(1024) 2020::1(67) 0x12345 0x0 GE1/0/3(I) 1848 MPLS LDP(4.4.4.4/24) 1:55-6-0 2:16-6-1 2:0-0-0 # (Distributed devices in standalone mode.) Display information about IPv6 NetStream entries for the card in slot 1. <Sysname> display ipv6 netstream cache slot 1 IPv6 NetStream cache information: Active flow timeout : 60 min Inactive flow timeout...
  • Page 454 DstAS: SrcAS: NextHop: 2001::2 BGPNextHop: 0:0:0:0:0:0:0:0 InVRF: SamplerMode: SamplerInt: Active: Bytes/Pkt: MPLS LDP(3.3.3.3/24) 1:18-6-0 GE1/0/2(O) 2:24-6-0 3:30-6-1 SamplerMode: SamplerInt: Active: Bytes/Pkt: 2003::1(2048) 2008::1(0) GE1/0/2(O) IP& 2010::1(1024) 2020::1(67) 255 0x12345 0x0 GE1/0/3(I) 1848 MPLS LDP(4.4.4.4/24) 1:55-6-0 2:16-6-1 3:0-0-0 TcpFlag: DstMask: SrcMask: DstAS: SrcAS: NextHop:...
  • Page 455 Field Description Range of IPv6 packet length (excluding data link layer header). • For the values in the range of 1 to 576 bytes, the range increases in the step of 32 bytes. For example, 1-32 shows the number of packets with the size of 1 to 32 1-32 64 96 128 160 192 224 256 288 bytes.

  • Page 456: Display Ipv6 Netstream Export

    Field Description Information about the active MPLS flows in the current cache: • Type of the labels at the top of the label stack: IP address associated with the label. Mask associated with the label. • TopLblType(IP/MASK) Lbl-Exp-S-List Label list: Lbl—20-bit label value.

  • Page 457: Display Ipv6 Netstream Template

    Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 40::1 (30000) Version 9 exported flows number : 16 Version 9 exported UDP datagrams number (failed) : 2 (0) IPv6 export information: Flow source interface : GigabitEthernet1/0/1 Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 40::1 (30000)
  • Page 458 display ipv6 netstream template [ slot slot-number ] Distributed devices in IRF mode: display ipv6 netstream template [ chassis chassis-number slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a card by its slot number. If you do not specify a card, the command displays IPv6 NetStream template information for the active MPU.
  • Page 459 Source AS Destination AS Input Interface Index Output Interface Index IP protocol version Direction Sampling algorithm Sampling interval AS inbound template: Template ID : 3292 Field count : 14 Field type Field length (bytes) --------------------------------------------------------------------------- Flows In packets In bytes First forwarded Last forwarded Source AS...
  • Page 460 L4 source port L4 destination port IP protocol version TCP flags Protocol Source ToS IPv6 source mask IPv6 destination mask Direction Forwarding offset Out VPN ID Sampling algorithm Sampling interval L3 inbound template: Template ID : 3306 Field count : 27 Field type Field length (bytes) ---------------------------------------------------------------------------...

  • Page 461: Enable

    Table 87 Command output Field Description Refresh frequency at which the templates are sent, in Flow template refresh frequency packets. Refresh interval at which the templates are sent, in Flow template refresh interval minutes. Active flow templates Number of active IPv6 NetStream templates. Created flow templates Number of templates that have been created.

  • Page 462: Ipv6 Netstream

    Views IPv6 NetStream aggregation mode view Predefined user roles network-admin Examples # Enable IPv6 NetStream AS aggregation mode. <Sysname> system-view [Sysname] ipv6 netstream aggregation as [Sysname-ns6-aggregation-as] enable Related commands ipv6 netstream aggregation ipv6 netstream Use ipv6 netstream to enable IPv6 NetStream on an interface. Use undo ipv6 netstream to disable IPv6 NetStream on an interface.

  • Page 463: Ipv6 Netstream Sampler

    Use undo ipv6 netstream filter to disable IPv6 NetStream filtering. Syntax ipv6 netstream { inbound | outbound } filter acl ipv6-acl-number undo ipv6 netstream { inbound | outbound } filter Default IPv6 NetStream filtering is disabled. IPv6 NetStream collects statistics about all IPv6 packets passing through an interface.

  • Page 464: Ipv6 Netstream Aggregation

    Default IPv6 NetStream sampling is disabled. Views Interface view Predefined user roles network-admin Parameters inbound: Enables IPv6 NetStream sampling in the inbound direction. outbound: Enables IPv6 NetStream sampling in the outbound direction. sampler sampler-name: Specifies a sampler by its name. The name is a case-insensitive string of 1 to 31 characters.
  • Page 465 Parameters as: Specifies the AS aggregation by source AS number, destination AS number, input interface index, and output interface index. bgp-nexthop: Specifies the BGP nexthop aggregation by BGP next hop IPv6 address and output interface index. destination-prefix: Specifies the destination-prefix aggregation by destination AS number, destination address mask length, destination prefix, and output interface index.

  • Page 466: Ipv6 Netstream Export Host

    ipv6 netstream export host Use ipv6 netstream export host to specify a destination host for IPv6 NetStream data export. Use undo ipv6 netstream export host to remove the specified destination host or all destination hosts that are configured in the current view. Syntax ipv6 netstream export host { ipv4-address | ipv6-address } udp-port [ vpn-instance vpn-instance-name ]...

  • Page 467: Ipv6 Netstream Export Rate

    IPv6 NetStream traditional data is exported to all destination hosts in system view. IPv6 NetStream aggregation data is exported to all destination hosts in the related aggregation view. If you expect only IPv6 NetStream aggregation data, specify destination hosts only in the IPv6 NetStream aggregation mode view.

  • Page 468: Ipv6 Netstream Export Source

    [Sysname] ipv6 netstream export rate 10 ipv6 netstream export source Use ipv6 netstream export source to specify the source interface for data packets sent to NetStream servers. The IPv6 address of the interface is used as the source IPv6 address of the data packets.

  • Page 469: Ipv6 Netstream Export V9-Template Refresh-Rate Packet

    ipv6 netstream export v9-template refresh-rate packet Use ipv6 netstream export v9-template refresh-rate packet to configure the refresh frequency (in packets) for IPv6 NetStream version 9 templates. The templates are sent after the specified number of packets are sent. Use undo ipv6 netstream export v9-template refresh-rate packet to restore the default. Syntax ipv6 netstream export v9-template refresh-rate packet packets undo ipv6 netstream export v9-template refresh-rate packet...

  • Page 470: Ipv6 Netstream Export V9-Template Refresh-Rate Time

    ipv6 netstream export v9-template refresh-rate time Use ipv6 netstream export v9-template refresh-rate time to configure the sending interval for IPv6 NetStream version 9 templates. Use undo ipv6 netstream export v9-template refresh-rate time to restore the default. Syntax ipv6 netstream export v9-template refresh-rate time minutes undo ipv6 netstream export v9-template refresh-rate time Default Version 9 templates are sent every 30 minutes.

  • Page 471: Ipv6 Netstream Max-Entry

    Syntax ipv6 netstream export version 9 [ origin-as | peer-as ] [ bgp-nexthop ] undo ipv6 netstream export version Default The version 9 format is used to export IPv6 NetStream traditional data, IPv6 NetStream aggregation data, and MPLS flow data with IPv6 fields. The peer AS numbers are recorded.

  • Page 472: Ipv6 Netstream Timeout Active

    Default The upper limit for IPv6 NetStream entries is 10000. Views System view Predefined user roles network-admin Parameters max-entries: Specifies the upper limit for IPv6 NetStream entries that the cache can accommodate. The value range is 1000 to 100000. Usage guidelines (Distributed devices in standalone mode.) The max-entries argument takes effect on each card.

  • Page 473: Ipv6 Netstream Timeout Inactive

    Parameters minutes: Sets the aging timer for active flows, in the range of 1 to 60 minutes. Usage guidelines A flow is considered active if packets for the IPv6 NetStream entry arrive before the timer set by this command expires. Examples # Set the aging timer to 60 minutes for active flows.

  • Page 474: Reset Ipv6 Netstream Statistics

    reset ipv6 netstream statistics Use reset ipv6 netstream statistics to age out all flows in the cache and export IPv6 NetStream data. Syntax reset ipv6 netstream statistics Views User view Predefined user roles network-admin Usage guidelines It takes the system several minutes to execute the command. During this period, the system does not collect IPv6 NetStream data.

  • Page 475: Sflow Commands

    sFlow commands sFlow is not supported on Layer 2 Ethernet interfaces and Layer-configurable Ethernet interfaces. The following matrix shows the feature and hardware compatibility: Hardware sFlow compatibility MSR954(JH296A/JH297A/JH298A/JH299A/JH373A) MSR958(JH300A/JH301A) MSR1002-4/1003-8S MSR2003 Yes on GigabitEthernet 0/0 MSR2004-24/2004-48 No on GigabitEthernet 0/1 and GigabitEthernet 0/2 MSR3012/3024/3044/3064 No on the management Ethernet interfaces of the MPUs...

  • Page 476: Sflow Agent

    Interface Interval(s) FID MaxHLen Rate Mode Status GE1/0/1 1000 determine Active GE1/0/2 1000 determine Active Table 88 Command output Field Description sFlow version, which can only take the value of 5. The device can send only sFlow datagram version sFlow packets whose sFlow version is 5. Global information Global sFlow information.

  • Page 477: Sflow Collector

    Use undo sflow agent to restore the default. Syntax sflow agent { ip ipv4-address | ipv6 ipv6-address } undo sflow agent { ip | ipv6 } Default No IP address is configured for the sFlow agent. The device periodically identifies whether the sFlow agent has an IP address.

  • Page 478: Sflow Counter Interval

    Predefined user roles network-admin Parameters collector-id: Specifies an sFlow collector by its ID. The value range for this argument is 1 to 10. vpn-instance vpn-instance-name: Specifies a VPN instance by its name for the sFlow collector. A VPN instance name is a case-sensitive string of 1 to 31 characters and cannot contain spaces. By default, the sFlow collector belongs to the public network.

  • Page 479: Sflow Counter Collector

    undo sflow counter interval Default Counter sampling is disabled. Views Layer 3 Ethernet interface view Predefined user roles network-admin Parameters interval: Specifies the counter sampling interval in the range of 2 to 86400 seconds. Examples # Enable counter sampling and set the counter sampling interval to 120 seconds on GigabitEthernet 1/0/1.

  • Page 480: Sflow Flow Collector

    sflow flow collector Use sflow flow collector to specify an sFlow collector for flow sampling. Use undo sflow flow collector to restore the default. Syntax sflow flow collector collector-id undo sflow flow collector Default No sFlow collector is specified for flow sampling. Views Layer 3 Ethernet interface view Predefined user roles...

  • Page 481: Sflow Sampling-Mode

    Parameters length: Specifies the maximum number of bytes that can be copied, in the range of 18 to 512. As a best practice, use the default value. Examples # Set the maximum number of bytes to 60 for flow sampling to copy per packet on GigabitEthernet 1/0/1.

  • Page 482: Sflow Sampling-Rate

    sflow sampling-rate Use sflow sampling-rate to enable flow sampling and specify the number of packets out of which flow sampling will sample a packet on an interface. Use undo sflow sampling-rate to disable flow sampling on an interface. Syntax sflow sampling-rate rate undo sflow sampling-rate Default Flow sampling is disabled.
  • Page 483 Views System view Predefined user roles network-admin Parameters ip ipv4-address: Specifies the source IPv4 address of sent sFlow packets. ipv6 ipv6-address: Specifies the source IPv6 address of sent sFlow packets. Examples # Specify the source IPv4 address of sent sFlow packets as 10.0.0.1. <Sysname>...

  • Page 484: Information Center Commands

    Information center commands Commands and descriptions for centralized devices apply to the following routers: • MSR1002-4/1003-8S. • MSR2003. • MSR2004-24/2004-48. • MSR3012/3024/3044/3064. • MSR954(JH296A/JH297A/JH298A/JH299A/JH373A). • MSR958(JH300A/JH301A). Commands and descriptions for distributed devices apply to MSR4060 and MSR4080 routers. diagnostic-logfile save Use diagnostic-logfile save to manually save diagnostic logs from the diagnostic log file buffer to the diagnostic log file.

  • Page 485: Display Diagnostic-Logfile Summary

    info-center diagnostic-logfile directory display diagnostic-logfile summary Use display diagnostic-logfile summary to display the diagnostic log file configuration. Syntax display diagnostic-logfile summary Views Any view Predefined user roles network-admin network-operator Examples # Display the diagnostic log file configuration. <Sysname> display diagnostic-logfile summary Diagnostic log file: Enabled.

  • Page 486: Display Logbuffer

    Predefined user roles network-admin network-operator Examples # Display information center configuration. <Sysname> display info-center Information Center: Enabled Console: Enabled Monitor: Enabled Log host: Enabled 192.168.0.1, port number: 514, host facility: local7 Log buffer: Enabled Max buffer size 1024, current buffer size 512, Current messages 0, dropped messages 0, overwritten messages 0 Log file: Enabled Security log file: Enabled...
  • Page 487 Parameters reverse: Displays log entries chronologically, with the most recent entry at the top. If you do not specify this keyword, the command displays log entries chronologically, with the oldest entry at the top. level severity: Specifies a severity level in the range of 0 to 7. If you do not specify a severity level, this command displays log information for all levels.
  • Page 488 Actual buffer size: 512 Dropped messages: 0 Overwritten messages: 718 Current messages: 512 %Jun 17 15:57:09:578 2006 Sysname SYSLOG/7/SYS_RESTART:System restarted -- … # (Distributed devices in standalone mode/centralized devices in IRF mode.) Display the state and log information of the log buffer. <Sysname>...

  • Page 489: Display Logbuffer Summary

    display logbuffer summary Use display logbuffer summary to display the summary of the log buffer. Syntax Centralized devices in standalone mode: display logbuffer summary [ level severity ] Distributed devices in standalone mode/centralized devices in IRF mode: display logbuffer summary [ level severity | slot slot-number ] * Distributed devices in IRF mode: display logbuffer summary [ level severity | chassis chassis-number slot slot-number ] * Views...

  • Page 490: Display Logfile Summary

    # (Distributed devices in standalone mode.) Display the summary of the log buffer. <Sysname> display logbuffer summary SLOT EMERG ALERT CRIT ERROR WARN NOTIF INFO DEBUG # (Distributed devices in IRF mode.) Display the summary of the log buffer. <Sysname> display logbuffer summary CHASSIS SLOT EMERG ALERT CRIT ERROR...

  • Page 491: Display Security-Logfile Summary

    Views Any view Predefined user roles network-admin network-operator Examples # Display the log file configuration. <Sysname> display logfile summary Log file: Enabled. Log file size quota: 10 MB Log file directory: flash:/logfile Writing frequency: 0 hour 1 min 10 sec Table 93 Command output Field Description...

  • Page 492: Enable Log Updown

    Security log file size quota: 10 MB Security log file directory: flash:/seclog Alarm threshold: 80% Current usage: 30% Writing frequency: 1 hour 0 min 0 sec Table 94 Command output Field Description • Enabled—Security logs can be output to the security log file. Security log file •...

  • Page 493: Info-Center Diagnostic-Logfile Directory

    info-center diagnostic-logfile directory Use info-center diagnostic-logfile directory to configure the directory to save the diagnostic log file. Syntax info-center diagnostic-logfile directory dir-name Default Diagnostic log files are saved in the diagfile directory under the root directory of the storage device. Views System view Predefined user roles...

  • Page 494: Info-Center Diagnostic-Logfile Frequency

    Syntax info-center diagnostic-logfile enable undo info-center diagnostic-logfile enable Default Saving diagnostic logs to the diagnostic log file is enabled. Views System view Predefined user roles network-admin Usage guidelines This command enables saving diagnostic logs to the diagnostic log file for centralized management. Users can view the diagnostic logs to monitor device activities and to troubleshoot problems.

  • Page 495: Info-Center Diagnostic-Logfile Quota

    Examples # Set the diagnostic log file saving interval to 600 seconds. <Sysname> system-view [Sysname] info-center diagnostic-logfile frequency 600 Related commands info-center diagnostic-logfile enable info-center diagnostic-logfile quota Use info-center diagnostic-logfile quota to set the maximum size for the diagnostic log file. Use undo info-center diagnostic-logfile quota to restore the default.

  • Page 496: Info-Center Format

    Views System view Predefined user roles network-admin Examples # Enable the information center. <Sysname> system-view [Sysname] info-center enable Information center is enabled. info-center format Use info-center format to set the format for logs sent to log hosts. Use undo info-center format to restore the default. Syntax info-center format { unicom | cmcc } undo info-center format...

  • Page 497: Info-Center Logbuffer Size

    Use undo info-center logbuffer to disable log output to the log buffer. Syntax info-center logbuffer undo info-center logbuffer Default Log output to the log buffer is enabled. Views System view Predefined user roles network-admin Examples # Enable log output to the log buffer. <Sysname>...

  • Page 498: Info-Center Logfile Directory

    Examples # Set the maximum log buffer size to 50. <Sysname> system-view [Sysname] info-center logbuffer size 50 # Restore the default maximum log buffer size. <Sysname> system-view [Sysname] undo info-center logbuffer size Related commands display logbuffer info-center enable info-center logfile directory Use info-center logfile directory to specify the directory to save the log file.

  • Page 499: Info-Center Logfile Enable

    Examples # Create a directory named test under the flash root directory. <Sysname> mkdir test Creating directory flash:/test... Done. # Set the log file directory to flash:/test. <Sysname> system-view [Sysname] info-center logfile directory flash:/test Related commands info-center logfile enable info-center logfile enable Use info-center logfile enable to enable the log file feature.

  • Page 500: Info-Center Logfile Overwrite-Protection

    Default The log file saving interval is 86400 seconds. Views System view Predefined user roles network-admin Parameters freq-sec: Specifies the log file saving interval in seconds. The value range is 1 to 86400. Usage guidelines This command enables the system to automatically save logs in the log file buffer to the log file at the specified interval.

  • Page 501: Info-Center Logfile Size-Quota

    Log file overwrite protection enables the system to stop saving new logs when the last log file is full or the storage device runs out of space. Examples # Enable log file overwrite-protection. <Sysname> system-view [Sysname] info-center logfile overwrite-protection info-center logfile size-quota Use info-center logfile size-quota to set the maximum size for the log file.
  • Page 502 Default Duplicate log suppression is disabled. Views System view Predefined user roles network-admin Usage guidelines Outputting consecutive duplicate logs at an interval of less than 30 seconds wastes system and network resources. With this feature enabled, the system starts a suppression period when outputting a new log: •...

  • Page 503: Info-Center Loghost

    %Jan 1 07:30:20:541 2000 Sysname ARP/6/DUPIFIP: Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-fc58-123d This message repeated 1 times in last 1 second. %Jan 1 07:30:19:542 2000 Sysname CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=[12]-CommandSource=[2]-ConfigSource=[4]-ConfigDestination=[2]; Configuration is changed. The output shows that a different log is generated during the suppression period. %Jan 1 07:30:24:643 2000 Sysname ARP/6/DUPIFIP: Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-fc58-123d...

  • Page 504: Info-Center Loghost Source

    port port-number: Specifies the port number of the log host, in the range of 1 to 65535. The default is 514. It must be the same as the value configured on the log host. Otherwise, logs cannot be sent to the log host.

  • Page 505: Info-Center Security-Logfile Alarm-Threshold

    [Sysname-LoopBack0] ip address 2.2.2.2 32 [Sysname-LoopBack0] quit [Sysname] info-center loghost source loopback 0 info-center security-logfile alarm-threshold Use info-center security-logfile alarm-threshold to set the alarm threshold for security log file usage. Use undo info-center security-logfile alarm-threshold to restore the default. Syntax info-center security-logfile alarm-threshold usage undo info-center security-logfile alarm-threshold Default...

  • Page 506: Info-Center Security-Logfile Enable

    Syntax info-center security-logfile directory dir-name Default The security log file is saved in the seclog directory under the root directory of the storage device. Views System view Predefined user roles security-audit Parameters dir-name: Specifies a directory by its name, a string of 1 to 64 characters. Usage guidelines The specified directory must have been created.

  • Page 507: Info-Center Security-Logfile Frequency

    Default The saving of security logs to the security log file is disabled. Views System view Predefined user roles network-admin Usage guidelines This feature enables the system to output security logs to the security log file buffer, and then saves the buffered logs to the security log file regularly.

  • Page 508: Info-Center Security-Logfile Size-Quota

    [Sysname] info-center security-logfile frequency 600 Related commands info-center security-logfile enable info-center security-logfile size-quota Use info-center security-logfile size-quota to set the maximum size for the security log file. Use undo info-center security-logfile size-quota to restore the default. Syntax info-center security-logfile size-quota size undo info-center security-logfile size-quota Default The maximum size for the security log file is 10 MB.
  • Page 509 Default Table 95 lists the default log output rules. Table 95 Default output rules Source Common Diagnostic Destination Security log Hidden log modules All supported Console debugging Disabled Disabled Disabled modules Monitor All supported debugging Disabled Disabled Disabled terminal modules All supported Log host informational...

  • Page 510: Info-Center Synchronous

    level severity: Specifies a severity level in the range of 0 to 7. The smaller the severity value, the Table 90 higher the severity level. See for more information. Logs at the specified severity level and higher levels are allowed or denied to be output. Usage guidelines If you do not set an output rule for a module, the module uses the output rule set by using the default keyword.

  • Page 511: Info-Center Syslog Min-Age

    provides a command prompt in command editing mode, or a [Y/N] string in interaction mode so you can continue your operation from where you were stopped. Examples # Enable synchronous information output, and then execute the display current-configuration command to view the current configuration of the device. <Sysname>...

  • Page 512: Info-Center Syslog Trap Buffersize

    Views System view Predefined user roles network-admin Parameters min-age: Sets the minimum storage period in hours. The value range is 1 to 8760. Examples # Set the minimum storage period to 168 hours for log files and logs in the log buffer. <Sysname>...

  • Page 513: Info-Center Timestamp

    <Sysname> system-view [Sysname] info-center syslog trap buffersize 2048 Related commands snmp-agent trap enable syslog info-center timestamp Use info-center timestamp to set the timestamp format for logs sent to the console, monitor terminal, log buffer, and log file. Use undo info-center timestamp to restore the default. Syntax info-center timestamp { boot | date | none } undo info-center timestamp...

  • Page 514: Info-Center Timestamp Loghost

    Related commands info-center timestamp loghost info-center timestamp loghost Use info-center timestamp loghost to set the timestamp format for logs sent to log hosts. Use undo info-center timestamp loghost to restore the default. Syntax info-center timestamp loghost { date | iso | no-year-date | none } undo info-center timestamp loghost Default The timestamp format for logs sent to log hosts is date.

  • Page 515: Logfile Save

    undo info-center trace-logfile quota Default The maximum size for the trace log file is 1 MB. Views System view Predefined user roles network-admin Parameters size: Sets the maximum size for the trace log file, in MB. The value range is 1 to 10. Examples # Set the maximum size to 6 MB for the trace log file.

  • Page 516: Reset Logbuffer

    info-center logfile directory reset logbuffer Use reset logbuffer to clear the log buffer. Syntax reset logbuffer Views User view Predefined user roles network-admin Examples # Clear the log buffer. <Sysname> reset logbuffer Related commands display logbuffer security-logfile save Use security-logfile save to manually save security logs from the security log file buffer to the security log file.

  • Page 517: Snmp-Agent Trap Enable Syslog

    Examples # Manually save the security logs in the security log file buffer to the security log file. <Sysname> security-logfile save The contents in the security log file buffer have been saved to the file flash:/seclog/seclog.log. Related commands info-center security-logfile directory authorization-attribute (Security Command Reference) snmp-agent trap enable syslog Use snmp-agent trap enable syslog to enable SNMP notifications for log messages.

  • Page 518: Terminal Debugging

    terminal debugging Use terminal debugging to enable the display of debug information on the current terminal. Use undo terminal debugging to disable the display of debug information on the current terminal. Syntax terminal debugging undo terminal debugging Default The display of debug information is disabled on the current terminal. Views User view Predefined user roles...

  • Page 519: Terminal Logging Level

    Examples # Enable the display of debug information on the current terminal. <Sysname> terminal debugging The current terminal is enabled to display debugging information. Related commands terminal logging level terminal monitor terminal logging level Use terminal logging level to set the lowest level of logs that can be output to the current terminal. Use undo terminal logging level to restore the default.

  • Page 520: Terminal Monitor

    terminal monitor Use terminal monitor to enable the monitoring of logs on the current terminal. Use undo terminal monitor to disable the monitoring of logs on the current terminal. Syntax terminal monitor undo terminal monitor Default Monitoring of logs is enabled on the console and disabled on the monitor terminal. Views User view Predefined user roles...

  • Page 521: Flow Log Commands

    Flow log commands display userlog export Use display userlog export to display flow log configuration and statistics. Syntax display userlog export Views Any view Predefined user roles network-admin network-operator Examples # Display flow log configuration and statistics. <Sysname> display userlog export Flow: Export flow log as UDP Packet.

  • Page 522: Reset Userlog Flow Export

    Field Description Load balancing status for flow log entries: • Enabled—Flow log entries are distributed Log load balancing function among available log hosts. • Disabled—Every flow log entry is copied and sent to all available log hosts. Whether the use of the local time in the timestamp of Local time stamp flow logs is enabled or disabled..

  • Page 523: Userlog Flow Export Load-Balancing

    Syntax userlog flow export [ vpn-instance vpn-instance-name ] host { hostname | ipv4-address | ipv6 ipv6-address } port udp-port undo userlog flow export [ vpn-instance vpn-instance-name ] host { hostname | ipv4-address | ipv6 ipv6-address } Default No log hosts are specified. Views System view Predefined user roles...

  • Page 524: Userlog Flow Export Source-Ip

    undo userlog flow export load-balancing Default Load balancing is disabled. The device sends a copy of each flow log entry to all available log hosts. Views System view Predefined user roles network-admin Usage guidelines In load balancing mode, flow log entries are distributed among log hosts based on the source IP addresses (before NAT) that are recorded in the entries.

  • Page 525: Userlog Flow Export Timestamp Localtime

    Examples # Specify 1.2.1.2 as the source IP address for flow log packets. <Sysname> system-view [Sysname] userlog flow export source-ip 1.2.1.2 Related commands userlog flow export host userlog flow export timestamp localtime Use userlog flow export timestamp localtime to configure the device to use the local time in the timestamp of flow logs.

  • Page 526: Userlog Flow Syslog

    Syntax userlog flow export version version-number undo userlog flow export version Default The flow log version is 1.0. Views System view Predefined user roles network-admin Parameters version-number: Specifies a flow log version. Available options are 1 and 3. Usage guidelines If you execute this command multiple times, the most recent configuration takes effect.
  • Page 527 Usage guidelines You can export flow log entries to log hosts or the information center, but not both. If both methods are configured, the system exports flow log entries to the information center. Flow log entries are converted to the syslog format when they are exported to the information center. Their severity level is informational.

  • Page 528: Packet Capture Commands

    Packet capture commands The term "AP" in this document refers to MSR routers that support WLAN. WLAN is supported only on the MSR954(JH297A/JH298A/JH299A). display packet-capture status Use display packet-capture status to display packet capture status information. Syntax display packet-capture status Views User view Predefined user roles...

  • Page 529: Packet-Capture (On Wired Devices)

    Related commands packet-capture local interface packet-capture remote interface packet-capture (on wired devices) IMPORTANT: To use the packet capture feature, you must install the feature image by using the boot-loader or install command. For more information about the commands, see Fundamentals Command Reference.
  • Page 530 range is 0 to 2147483647, and the default value is 10. If you set the limit to 0, the maximum number of captured packets is unlimited. limit-frame-size bytes: Sets the maximum number of bytes to capture for a packet. The value range is 64 to 8000 bytes, and the default value is 8000 bytes.
  • Page 531 brief: Displays brief information about captured packets. Usage guidelines The device displays captured packet data in real time. • If you specify the write filepath parameters without specifying the raw, brief, or verbose keyword, this command displays the number of captured packets. •...

  • Page 532: Packet-Capture Local Interface (On Wired Devices/Fat Aps)

    packet-capture local interface (on wired devices/fat APs) Use packet-capture local interface to capture incoming packets on an interface and save the captured packets to a local file or to a remote file on an FTP server. Syntax packet-capture local interface interface-type interface-number [ capture-filter capt-expression | limit-frame-size bytes | autostop filesize kilobytes | autostop duration seconds ] * write { filepath | url url [ username username [ password { cipher | simple } string ] ] } Views...
  • Page 533 password: Specifies a password for logging in to the FTP server. cipher: Specifies a password in encrypted form. simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form. string: Specifies the password.

  • Page 534: Packet-Capture Read (On Wired Devices)

    packet-capture read (on wired devices) IMPORTANT: To use the packet capture feature, you must install the feature image by using the boot-loader or install command. For more information about the commands, see Fundamentals Command Reference. Use packet-capture read to display the contents in a packet file. Syntax packet-capture read filepath [ display-filter disp-expression ] [ raw | { brief | verbose } ] * Views...

  • Page 535: Packet-Capture Remote Interface (On Wired Devices/Fat Aps)

    packet-capture remote interface (on wired devices/fat APs) Use packet-capture remote interface to capture incoming packets on an interface. Syntax packet-capture remote interface interface-type interface-number [ port port ] Views User view Predefined user roles network-admin Parameters interface interface-type interface-number: Specifies an Ethernet interface by its type and number. port port: Specifies the RPCAP service port by its number.
  • Page 536 Views User view Predefined user roles network-admin Examples # Stop the packet capture. <Sysname> packet-capture stop Related commands packet-capture local interface packet-capture remote interface...

  • Page 537: Document Conventions And Icons

    Document conventions and icons Conventions This section describes the conventions used in the documentation. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown.

  • Page 538: Network Topology Icons

    Convention Description An alert that provides helpful information. TIP: Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.

  • Page 539: Support And Other Resources

    Support and other resources Accessing Hewlett Packard Enterprise Support • For live assistance, go to the Contact Hewlett Packard Enterprise Worldwide website: www.hpe.com/assistance • To access documentation and support services, go to the Hewlett Packard Enterprise Support Center website: www.hpe.com/support/hpesc Information to collect •...

  • Page 540: Websites

    Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements. Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking...

  • Page 541: Documentation Feedback

    Hewlett Packard Enterprise is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (docsfeedback@hpe.com). When submitting your feedback, include the document title, part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.

  • Page 542: Index

    Index A C D E F H I L M N O P R S T U V W X action,244 data-fill,15 action reboot,313 data-size,16 action switchover,315 debugging,1 action syslog,316 delta falling,247 advantage-factor,14 delta rising,248 apply poe-profile,137 description,18 apply poe-profile interface,138 description (event view),249...
  • Page 543 display logbuffer summary,475 display security-logfile summary,477 display logfile summary,476 display sflow,461 display mirroring-group,404 display snmp mib event,251 display nqa history,20 display snmp mib event event,252 display nqa reaction counters,22 display snmp mib event object list,254 display nqa result,24 display snmp mib event summary,255 display nqa server,87...
  • Page 544 exception filepath,374 info-center timestamp loghost,500 info-center trace-logfile quota,500 init-ttl,44 falling,261 netstream,423 filename,40 ip netstream aggregation,425 frequency,41 ip netstream export host,427 frequency,262 ip netstream export rate,428 ip netstream export source,429 history-record enable,42 ip netstream export v9-template refresh-rate history-record keep-time,42 packet,430 ip netstream export v9-template refresh-rate history-record number,43 time,431...
  • Page 545 max-failure,45 ntp-service dscp,109 mirroring-group,405 ntp-service enable,110 mirroring-group mirroring-port (interface view),406 ntp-service inboundenable,110 mirroring-group mirroring-port (system view),407 ntp-service ipv6 acl,111 mirroring-group monitor-port (interface view),408 ntp-service ipv6 dscp,112 mirroring-group monitor-port (system view),408 ntp-service ipv6 inbound enable,113 mirror-to,410 ntp-service ipv6 multicast-client,114 mode,46 ntp-service ipv6 multicast-server,115 monitor kernel deadloop enable,375...
  • Page 546 packet-capture stop,521 reset ip netstream statistics,436 password,54 reset ipv6 netstream statistics,460 ping,2 reset kernel deadloop,395 ping ipv6,6 reset kernel exception,395 disconnect,158 reset kernel reboot,396 enable,159 reset kernel starvation,397 poe enable pse,160 reset logbuffer,502 poe legacy enable,160 reset userlog flow export,508 max-power,161 rising,269 poe max-power (system...
  • Page 547 snmp mib event trigger,275 startup (trigger-existence view),276 snmp-agent,190 startup (trigger-threshold view),277 snmp-agent { inform | trap } source,205 startup enable,278 snmp-agent calculate-password,191 statistics hold-time,79 snmp-agent community,192 statistics interval,80 snmp-agent community-map,195 statistics max-group,80 snmp-agent context,196 snmp-agent group,197 target-only,81 snmp-agent local-engineid,199 terminal debugging,504 snmp-agent log,200...
  • Page 548 Websites,526 wildcard context (action-set view),283 xml,292 wildcard context (trigger view),284 wildcard oid (action-set view),285 wildcard oid (trigger view),286...

This manual is also suitable for:

Flexnetwork msr1002-4Flexnetwork msr958Flexnetwork msr2004-24Flexnetwork msr2004-48Flexnetwork msr3024Flexnetwork msr3012 ... Show all

Table of Contents

Save PDF