Page 1 HPE FlexFabric 12900E Switch Series Fundamentals Command Reference Software version: Release 5112 Document version: 6W100-20220610...
Page 2 © Copyright 2022 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Page 3: Table Of Contents
Contents Basic CLI commands ····················································································· 1 alias ···························································································································································· 1 display [ | [ by-linenum ] { begin | exclude | include } ]················································································ 2 display > ····················································································································································· 4 display >> ··················································································································································· 5 display alias ················································································································································ 6 display history-command ··························································································································· 6 display history-command all ·······················································································································...
Page 4 lock reauthentication ································································································································ 64 lock-key ···················································································································································· 65 parity ························································································································································ 66 protocol inbound ······································································································································· 66 screen-length ··········································································································································· 68 send ························································································································································· 69 set authentication password ····················································································································· 70 shell ·························································································································································· 71 speed ······················································································································································· 71 stopbits ····················································································································································· 72 telnet ························································································································································ 73 telnet client source ··································································································································· 74 telnet ipv6 ·················································································································································...
Page 5 open ······················································································································································· 109 passive ··················································································································································· 110 put ·························································································································································· 110 pwd ························································································································································· 111 quit ························································································································································· 112 reget ······················································································································································· 112 rename ··················································································································································· 113 reset ······················································································································································· 113 restart ····················································································································································· 114 rhelp ······················································································································································· 114 rmdir ······················································································································································· 116 rstatus ···················································································································································· 117 status ······················································································································································ 119 system ···················································································································································· 119 user ························································································································································...
Page 6 configuration commit ······························································································································ 160 configuration commit delay ···················································································································· 160 configuration encrypt ······························································································································ 161 configuration replace file ························································································································ 162 display archive configuration ·················································································································· 163 display current-configuration ·················································································································· 164 display current-configuration diff ············································································································ 165 display default-configuration ·················································································································· 167 display diff ·············································································································································· 167 display saved-configuration ····················································································································...
Page 7: Basic Cli Commands
Basic CLI commands alias to configure a command alias. alias to delete a command alias. undo alias Syntax alias alias command undo alias alias Default The device has a set of system-defined command aliases, as listed in Table Table 1 System-defined command aliases Command alias Command or command keyword access-list...
Page 8: Display [ | [ By-Linenum ] { Begin | Exclude | Include } ]
For example, if you configure the alias , you can enter shiprt display ip routing-table to execute the command. If you configure the alias shiprt display ip routing-table ship , you can use to execute all commands that start with display ip ship display ip...
Page 9 Syntax display command [ | [ by-linenum ] { begin | exclude | include } regular-expression ]&<1-128> Views Any view Predefined user roles network-admin network-operator Parameters command : Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ? [ | [ by-linenum ] { begin | exclude | include } regular-expression ]&<1-128>...
Page 10: Display
%Sep 6 16:44:18:113 2018 Sysname SHELL/5/SHELL_LOGOUT: VTY logged out from 169.254.100.171. # Display the running configuration, starting from the first line that contains user-group and numbering the output lines. <Sysname> display current-configuration | by-linenum begin user-group 114: user-group system 115- 116- return display >...
Page 11: Display
display >> to append the output from a command to the end of a file. display >> display Syntax display command >> filename Views Any view Predefined user roles network-admin network-operator Parameters command : Specifies the keywords and arguments of a display command.
Page 12: Display Alias
HundredGigE1/0/2 display alias to display command aliases. display alias Syntax display alias [ alias ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a command alias. If you do not specify this argument, the command displays all alias command aliases.
Page 13: Display History-Command All
Predefined user roles network-admin network-operator Usage guidelines The system automatically saves commands you have successfully executed to the command history buffer for the current CLI session. You can view them and execute them again. By default, the system can save up to 10 commands in the buffer. You can use the command to change the buffer size.
Page 14: Display Hotkey
03/16/2017 20:03:29 vty0 192.168.1.26 Cmd:sys Table 2 Command output Field Description Date Date when the command was executed. Time Time when the command was executed. Terminal User line used by the user. IP address of the terminal used by the user. Username used by the user if the user login authentication mode is User scheme.
Page 15: Hotkey
CTRL_W Delete the word to the left of the cursor. CTRL_X Delete all characters from the beginning of the line to the cursor. CTRL_Y Delete all characters from the cursor to the end of the line. CTRL_Z Return to the User View. CTRL_] Kill incoming connection or redirect connection.
Page 16 Hotkey Function or command move_the_cursor_one_character_to_the_right: Moves the cursor one Ctrl+F character to the right. display current-configuration : Displays the running Ctrl+G configuration. erase_the_character_to_the_left_of_the_cursor: Deletes the character to the Ctrl+H left of the cursor. Ctrl+K abort_the_connection_request: Aborts the connection request. display ip routing-table Ctrl+L : Displays the IPv4 routing table information.
Page 17: Quit
Parameters : Specifies a hotkey. To display the supported hotkeys, enter or see Table 3. hotkey hotkey ? : Specifies the command to be assigned to the hotkey. command : Specifies the function to be assigned to the hotkey. To display the function function supported functions, enter or see...
Page 18: Repeat
<Sysname> repeat to repeat commands in the command history buffer for the current CLI session. repeat Syntax repeat [ number ] [ count times ] [ delay seconds ] Views Any view Predefined user roles network-admin Parameters : Specifies the number of the most recently executed commands in the command history number buffer for the current CLI session that you want to execute.
Page 19: Return
33% in last 5 seconds 32% in last 1 minute 33% in last 5 minutes <Sysname> display clock 07:02:38.293 UTC Thu 06/19/2017 Related commands display history-command escape-key history-command max-size return to return to user view from any other view except Tcl configuration view and Python return shell.
Page 20: System-View
The following are the default settings for the command: screen-length • Pausing between screens of output. • Displaying up to 24 lines on a screen. Views User view Predefined user roles network-admin Usage guidelines If you disable pausing between screens of output, all output is displayed. The screen is refreshed continuously until the final screen is displayed.
Page 21: Rbac Commands
RBAC commands description to configure a description for a user role for easy identification. description to restore the default. undo description Syntax description text undo description Default A user role does not have a description. Views User role view Predefined user roles network-admin Parameters : Specifies a description, a case-sensitive string of 1 to 128 characters.
Page 22 Examples # Display information about user role 123. <Sysname> display role name 123 Role: 123 Description: VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope Entity ------------------------------------------------------------------- permit command ping permit command tracert deny...
Page 23 sys-2 permit command sys-3 permit command system-view ; probe ; display * sys-4 deny command display history-command all sys-5 deny command display exception * sys-6 deny command display cpu-usage configuration sys-7 deny command display kernel exception * sys-8 deny command display kernel deadloop * sys-9 deny...
Page 24 sys-2 permit command telnet * sys-3 permit command ping * sys-4 permit command ssh2 * sys-5 permit command display * sys-6 permit command super * sys-7 deny command display history-command all R:Read W:Write X:Execute Role: level-2 Description: Predefined level-2 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default)
Page 25 VPN instance policy: permit (default) Role: level-9 Description: Predefined level-9 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope Entity ------------------------------------------------------------------- sys-1 permit RWX feature sys-2 deny feature device sys-3 deny feature filesystem...
Page 26 Description: Predefined level-15 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------- Rule Perm Type Scope Entity ------------------------------------------------------------------- sys-1 permit command sys-2 permit RWX web-menu sys-3 permit RWX xml-element sys-4 deny command display security-logfile summary sys-5 deny command...
Page 27 Table 4 Command output Field Description User role name. Predefined user role names: • network-admin. Role • network-operator. • level-n (where n represents an integer in the range of 0 to 15). • security-audit. Description User role description. VLAN policy of the user role: •...
Page 28: Display Role Feature
Field Description Command string, feature name, feature group, XML element, or OID specified in the user role rule: Entity • An en dash (–) represents any feature. • An asterisk (*) represents zero or more characters. Related commands role display role feature to display features available in the system.
Page 29: Display Role Feature-Group
system-view ; domain * system-view ; header * system-view ; aaa * system-view ; interface * ; aaa * display domain * display max-user * display debugging aaa * debugging aaa * display aaa * reset aaa * Table 5 Command output (display role feature name aaa) Field Description Feature...
Page 30 Syntax display role feature-group [ name feature-group-name ] [ verbose ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies a feature group. The name feature-group-name feature-group-name argument represents the feature group name, a case-sensitive string of 1 to 31 characters. If you do not specify a feature group, the command displays information about all feature groups.
Page 31: Feature
reset lacp * debugging link-aggregation * display debugging link-aggregation * Feature: stp (STP related commands) display stp * system-view ; stp * system-view ; interface * ; stp * system-view ; snmp-agent trap enable stp * reset stp * debugging stp * # Display the feature list of the L3 feature group.
Page 32: Interface Policy Deny
Usage guidelines Repeat the command to add multiple features to a feature group. feature Examples # Add the AAA and ACL features to feature group security-features. <Sysname> system-view [Sysname] role feature-group name security-features [Sysname-featuregrp-security-features] feature aaa [Sysname-featuregrp-security-features] feature acl Related commands display role feature display role feature-group role feature-group...
Page 33: Permit Interface
Any change to a user role interface policy takes effect only on users who log in with the user role after the change. Examples # Enter user role interface policy view of role1, and deny role1 to access any interfaces. <Sysname>...
Page 34 Usage guidelines To permit a user role to access an interface after you configure the interface policy deny command, you must add the interface to the permitted interface list of the policy. With the user role, you can perform the following tasks to the interfaces in the permitted interface list: •...
Page 35: Permit Vlan
permit vlan to configure a list of VLANs accessible to a user role. permit vlan to remove the permission for a user role to access specific VLANs. undo permit vlan Syntax permit vlan vlan-id-list undo permit vlan [ vlan-id-list ] Default No permitted VLANs are configured in user role VLAN policy view.
Page 36: Permit Vpn-Instance
[Sysname-role-role1-vlanpolicy] permit vlan 1 2 4 50 to 100 [Sysname-role-role1-vlanpolicy] quit [Sysname-role-role1] quit Verify that you cannot use user role role1 to work on all VLANs except for VLANs 1, 2, 4, and 50 to 100: # Verify that you can create VLAN 100 and enter VLAN view. [Sysname] vlan 100 [Sysname-vlan100] quit # Verify that you can add HundredGigE 1/0/1 to VLAN 100 as an access port.
Page 37: Role
• Enter the VPN instance views. • Specify the VPN instances in feature commands. You can repeat the command to add multiple permitted VPN instances to permit vpn-instance a user role VPN instance policy. command removes the entire list of permitted VPN instances undo permit vpn-instance if you do not specify a VPN instance.
Page 38: Role Default-Role Enable
Default The system has the following predefined user roles: network-admin, network-operator, level-n (where n represents an integer in the range of 0 to 15), and security-audit. Views System view Predefined user roles network-admin Parameters : Specifies a username. The argument is a case-sensitive string of name role-name role-name 1 to 63 characters.
Page 39: Role Feature-Group
Views System view Predefined user roles network-admin Parameters : Specifies a user role by its name for the default user role. The user role must already role-name exist. The argument is a case-sensitive string of 1 to 63 characters. Usage guidelines The default user role feature assigns the default user role to AAA-authenticated users if the authentication server (local or remote) does not assign any user roles to the users.
Page 40: Rule
In addition to the predefined feature groups L2 and L3, you can create a maximum of 64 user role feature groups. Examples # Create feature group security-features and enter its view. <Sysname> system-view [Sysname] role feature-group name security-features [Sysname-featuregrp-security-features] Related commands display role feature display role feature-group feature...
Page 41 : Specifies the write commands, XML elements, or MIB nodes to configure the system. The write ssh server enable command is an example of write commands. : Specifies one or all features. The argument is a feature [ feature-name ] feature-name case-sensitive character string.
Page 42 • The system compares an OID with the OIDs specified in rules, and it uses the longest match principle to select a rule for the OID. For example, a user role cannot access the MIB node with OID 1.3.6.1.4.1.25506.141.3.0.1 if the user role contains rules configured by using the following commands: rule 1 permit read write oid 1.3.6 ...
Page 43: Super
Rule Guidelines To control access to a command, you must specify the command immediately behind the view to which the command is assigned. The rules that control command access for any subview do not apply to the command. To control the access to a command, you must specify the For example, the "rule 1 deny command system ;...
Page 44: Super Authentication-Mode
Syntax super [ role-name ] Views User view Predefined user roles network-admin Parameters : Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must role-name exist in the system and cannot be security-audit. If you do not specify a user role, you obtain the default target user role which is set by using the command.
Page 45: Super Default Role
Default Local password authentication applies. Views System view Predefined user roles network-admin Parameters : Enables local password authentication. local : Enables remote AAA authentication. scheme Usage guidelines For local password authentication, use the command to set a password. super password For remote AAA authentication, set the username and password on the RADIUS or HWTACACS server.
Page 46: Super Password
Default The default target user role is network-admin. Views System view Predefined user roles network-admin Parameters role-name : Specifies the name of the default target user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system and cannot be security-audit. Usage guidelines The default target user role is applied to the command when you do...
Page 47: Vlan Policy Deny
: Specifies the password. The plaintext form of the password is a case-sensitive string of 1 string to 63 characters. The hashed form of the password is a case-sensitive string of 1 to 110 characters. Usage guidelines If you do not specify any parameters, you specify a plaintext password in the interactive mode. Set a password if you configure local password authentication for temporary user role authorization.
Page 48: Vpn-Instance Policy Deny
Usage guidelines CAUTION: command denies a user role access to any VLANs if you do not specify vlan policy deny accessible VLANs by using the command. To configure a VLAN, make sure the permit vlan VLAN is permitted by the user role VLAN policy in use. To limit the scope of VLANs accessible to a user role, perform the following tasks: to enter user role VLAN policy view and deny the user role access vlan policy deny...
Page 49 Views User role view Predefined user roles network-admin Usage guidelines CAUTION: command denies a user role access to any VPN instances if vpn-instance policy deny you do not specify accessible VPN instances by using the command. To permit vpn-instance configure a VPN instance, make sure the VPN instance is permitted by the user role VPN instance policy in use.
Page 50: Login Management Commands
Login management commands Some login management commands are available in both user line view and user line class view. For these commands, the device uses the following rules to determine the settings to be activated: • A setting in user line view applies only to the user line. A setting in user line class view applies to all user lines of the class.
Page 51 Table 7 ASCII code values for combined keys that use the Ctrl key Combined key ASCII code value Ctrl+A Ctrl+B Ctrl+C Ctrl+D Ctrl+E Ctrl+F Ctrl+G Ctrl+H Ctrl+I Ctrl+J Ctrl+K Ctrl+L Ctrl+M Ctrl+N Ctrl+O Ctrl+P Ctrl+Q Ctrl+R Ctrl+S Ctrl+T Ctrl+U Ctrl+V Ctrl+W Ctrl+X Ctrl+Y...
Page 52: Authentication-Mode
[Sysname-line-aux0] activation-key s To verify the configuration: Exit the AUX session. [Sysname-line-aux0] return <Sysname> quit Log in again through the AUX line. The following message appears: Press ENTER to get started. Press Enter. Pressing Enter does not start a session. Press s.
Page 53 Usage guidelines CAUTION: • When authentication is disabled, users can login without authentication. For security purpose, disable authentication with caution. • When you enable password authentication, you must also configure an authentication password for the line or line class. If no authentication password is configured, you cannot log in to the device through the line or line class at the next time.
Page 54: Auto-Execute Command
auto-execute command to specify the command to be automatically executed for a login auto-execute command user. to restore the default. undo auto-execute command Syntax auto-execute command command undo auto-execute command Default No command is specified to be automatically executed for a login user. Views User line view User line class view...
Page 55: Command Accounting
The device automatically Telnets to 192.168.1.41. The following output is displayed on the configuration terminal: C:\> telnet 192.168.1.40 ****************************************************************************** * Copyright (c) 2010-2022 Hewlett Packard Enterprise Development LP * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ****************************************************************************** <Sysname>...
Page 56: Command Authorization
After you configure the command in user line class view, you cannot command accounting configure the undo command accounting command in any user line views in the class. Examples # Enable command accounting for VTY line 0. <Sysname> system-view [Sysname] line vty 0 [Sysname-line-vty0] command accounting Related commands (User Access and Authentication Command Reference)
Page 57: Databits
If you use the command in user line class view, command command authorization authorization is enabled for all user lines in the class. You cannot use the undo command command in the view of a user line in the class. authorization Examples # Enable command authorization for VTY line 0.
Page 58: Display Line
display line to display user line information. display line Syntax display line [ number1 | { aux | vty } number2 ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the absolute number of a user line. The value range is 0 to 159. number1 : Specifies the AUX line.
Page 59: Display Telnet Client
<Sysname> display line summary Line type : [AUX] 0:XXXX XXXX XXXX XXXX 16:XXXX XXXX XXXX XXXX Line type : [VTY] 32:UUXX XUXX XXXX XXXX 48:XXXX XXXX XXXX XXXX 64:XXXX XXXX XXXX XXXX 80:XXXX XXXX XXXX XXXX 3 lines used. 93 lines not used. Table 9 Command output Fields Description...
Page 60 Syntax display user-interface [ number1 | { aux | vty } number2 ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the absolute number of a user line. The value range is 0 to 159. number1 : Specifies the AUX line.
Page 61: Display Users
# Display summary information about all user lines. <Sysname> display user-interface summary Line type : [AUX] 0:XXXX XXXX XXXX XXXX 16:XXXX XXXX XXXX XXXX Line type : [VTY] 32:UUXX XUXX XXXX XXXX 48:XXXX XXXX XXXX XXXX 64:XXXX XXXX XXXX XXXX 80:XXXX XXXX XXXX XXXX 3 lines used.
Page 62: Escape-Key
VTY 2 Location: 192.168.1.134 : Current operation user. : Current operation user works in async mode. Table 12 Command output Field Description Absolute number of the user line. Line Type and relative number of the user line. Idle Time elapsed after the user's most recent input, in the hh:mm:ss format. Time Login time of the user.
Page 63: Flow-Control
Usage guidelines You can press the escape key to abort a command that is being executed, for example, a ping command. Whether a command can be aborted by Ctrl+C by default depends on the tracert software implementation of the command. For more information, see the usage guidelines for the command.
Page 64: Free Line
undo flow-control Default Flow control is disabled. Views User line view Predefined user roles network-admin Parameters : Performs hardware flow control. hardware : Disables flow control. none : Performs software flow control. software Usage guidelines This command is not supported in VTY line view. The device supports flow control in both the inbound and outbound directions.
Page 65: Free User-Interface
Usage guidelines This command does not release the line you are using. Examples # Release VTY line 1. <Sysname> free line vty 1 Are you sure to free line vty1? [Y/N]:y [OK] free user-interface to release a user line. free user-interface Syntax free user-interface { number1 | { aux | vty } number2 } Views...
Page 66: Idle-Timeout
Default The command history buffer for a user line stores up to 10 history commands. Views User line view User line class view Predefined user roles network-admin Parameters : Specifies the maximum number of history commands the buffer can store, in the size-value range of 0 to 256.
Page 67: Line
: Specifies the number of seconds, in the range of 0 to 59. The default is 0 seconds. seconds Usage guidelines The system automatically terminates a user connection if no information interaction occurs on the connection within the idle-timeout interval. To disable the idle-timeout feature, execute the command.
Page 68: Line Class
[Sysname] line vty 0 63 [Sysname-line-vty0-63] Related commands line class line class to enter user line class view. line class Syntax line class { aux | vty } Views System view Predefined user roles network-admin Parameters : Specifies the AUX line class view. : Specifies the VTY line class view.
Page 69: Lock
• A setting in user line class view does not take effect on current online users. It takes effect only on new login users. Examples # Set the CLI connection idle-timeout timer to 15 minutes in VTY line class view. <Sysname>...
Page 70: Lock Reauthentication
Usage guidelines This command locks the current user line to prevent unauthorized users from using the line. You must set the password for unlocking the line as prompted. The user line is locked after you enter the password and confirm the password. To unlock the user line, press Enter and enter the password you set.
Page 71: Lock-Key
lock-key to set the user line locking key. Pressing this shortcut key locks the current user line lock-key and enables unlocking authentication. to restore the default. undo lock-key Syntax lock-key key-string undo lock-key Default No user line locking key is set. Views User line view User line class view...
Page 72: Parity
[Sysname] Related commands lock reauthentication parity to specify the parity. parity to restore the default. undo parity Syntax parity { even | mark | none | odd | space } undo parity Default The setting is . No parity is used. none Views User line view...
Page 73 Default All protocols are supported. Views VTY line view VTY line class view Predefined user roles network-admin Parameters : Supports all protocols, including SSH, PAD, and Telnet. : Supports SSH only. : Supports Telnet only. telnet Usage guidelines Only users assigned the network-admin, or level-15 user role can execute this command. Other users cannot execute this command, even if they are granted the right to execute this command.
Page 74: Screen-Length
Trying 192.168.1.241 ... Press CTRL+K to abort Connected to 192.168.1.241 ... ****************************************************************************** * Copyright (c) 2010-2022 Hewlett Packard Enterprise Development LP * Without the owner's prior written consent, * no decompiling or reverse-engineering shall be allowed. ****************************************************************************** <Server> You are logged in without authentication. Display online CLI user information.
Page 75: Send
Parameters : Specifies the maximum number of lines to send, in the range of 0 to 512. To send screen-length command output without pausing, set the number to 0 or execute the screen-length disable command. Usage guidelines The number of lines that can be displayed on the terminal screen is restricted by both this setting and the display specification of the terminal.
Page 76: Set Authentication Password
To end a message, press Enter. To abort the send operation, press Ctrl+C. Examples # Send a notification to the user on VTY 1. <Sysname> send vty 1 Input message, end with Enter; abort with CTRL+C: Your attention, please. I will reboot the system in 3 minutes. Send message? [Y/N]:y The message should appear on the user's terminal screen as follows: [Sysname]...
Page 77: Shell
A password change does not take effect on the current session. It takes effect on subsequent login sessions. Examples # Set the password to hello12345 for local password authentication on VTY line 0. <Sysname> system-view [Sysname] line vty 0 [Sysname-line-vty0] authentication-mode password [Sysname-line-vty0] set authentication password simple hello12345 Related commands authentication-mode...
Page 78: Stopbits
to restore the default. undo speed Syntax speed speed-value undo speed Default The transmission rate is 9600 bps on a user line. Views User line view Predefined user roles network-admin Parameters : Specifies the transmission rate in bps. Supported transmission rates depend on the speed-value network environment.
Page 79: Telnet
Default One stop bit is used. Views User line view Predefined user roles network-admin Parameters : Uses one stop bit. : Uses one and a half stop bits. The device does not support using one and a half stop bits. If you specify this keyword, two stop bits are used.
Page 80: Telnet Client Source
: Specifies a source IPv4 address or source interface for outgoing Telnet packets. If you do source not specify this option, the device uses the primary IPv4 address of the output interface for the route to the server as the source address. : Specifies the source interface.
Page 81: Telnet Ipv6
Examples # Set the source IPv4 address to 1.1.1.1 for outgoing Telnet packets. <Sysname> system-view [Sysname] telnet client source ip 1.1.1.1 Related commands display telnet client configuration telnet ipv6 to Telnet to a host in an IPv6 network. telnet ipv6 Syntax telnet ipv6...
Page 82: Telnet Server Acl
<Sysname> telnet ipv6 5000::1 # Telnet to the host at 2000::1. Use 1000::1 as the source address for outgoing Telnet packets. <Sysname> telnet ipv6 2000::1 source ipv6 1000::1 telnet server acl to apply an ACL to filter Telnet logins. telnet server acl to restore the default.
Page 83: Telnet Server Enable
undo telnet server dscp Default IPv4 uses the DSCP value 48 for Telnet packets sent to a Telnet client. Views System view Predefined user roles network-admin Parameters : Specifies a DSCP value in the range of 0 to 63. dscp-value Usage guidelines The DSCP value is carried in the ToS field of an IPv4 packet to indicate the packet transmission priority.
Page 84: Telnet Server Ipv6 Dscp
Syntax telnet server ipv6 acl { ipv6 | mac } acl-number undo telnet server ipv6 acl Default No IPv6 ACL is used to filter IPv6 Telnet logins. Views System view Predefined user roles network-admin Parameters : Specifies an IPv6 ACL. ipv6 : Specifies a Layer 2 ACL.
Page 85: Telnet Server Ipv6 Port
Predefined user roles network-admin Parameters : Specifies a DSCP value in the range of 0 to 63. dscp-value Usage guidelines The DSCP value is carried in the Traffic class field of an IPv6 packet to indicate the packet transmission priority. Examples # Set the DSCP value for IPv6 to use for outgoing Telnet packets to 30 on a Telnet server.
Page 86: Terminal Type
undo telnet server port Default The IPv4 Telnet service port number is 23. Views System view Predefined user roles network-admin Parameters : Specifies a port number. The value can be 23 or in the range of 1025 to 65535. port-number Usage guidelines This command terminates all existing Telnet connections to the IPv4 Telnet server.
Page 87: User-Interface
This command is available in both user line view and user line class view. A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view. A terminal display type change does not take effect on the current session.
Page 88: User-Interface Class
<Sysname> system-view [Sysname] user-interface vty 0 4 [Sysname-line-vty0-4] Related commands user-interface class user-interface class to enter user line class view. user-interface class Syntax user-interface class { aux | vty } Views System view Predefined user roles network-admin Parameters : Specifies the AUX line class view. : Specifies the VTY line class view.
Page 89: User-Role
• A setting in user line view applies only to the user line. A setting in user line class view applies to all user lines of the class. • A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view.
Page 90 Default A console user is assigned the network-admin user role. Other users are assigned the network-operator user role. Views User line view User line class view Predefined user roles network-admin Parameters : Specifies a user role name, a case-sensitive string of 1 to 63 characters. The user role role-name can be user-defined or predefined.
Page 91: Ftp Commands
FTP commands FTP server commands display ftp-server to display FTP server configuration and status information. display ftp-server Syntax display ftp-server Views Any view Predefined user roles network-admin network-operator Examples # Display FTP server configuration and status information. <Sysname> display ftp-server FTP server is running.
Page 92: Free Ftp User
Examples # Display detailed information about online FTP users. <Sysname> display ftp-user UserName HostIP Port HomeDir root 192.168.20.184 46539 flash: A field value is wrapped if its length exceeds the limit. The segments are left justified. The following are the length limits for fields: •...
Page 93: Free Ftp User-Ip
<Sysname> free ftp user-ip to manually release the FTP connections established from a specific IPv4 free ftp user-ip address. Syntax free ftp user-ip ip-address [ port port ] Views User view Predefined user roles network-admin Parameters : Specifies the source IP address of an FTP connection. To view the source IP ip-address addresses of FTP connections, execute the command.
Page 94: Ftp Server Acl
ftp server acl to use an ACL to control FTP clients' access to the FTP server. ftp server acl to restore the default. undo ftp server acl Syntax server advanced-acl-number basic-acl-number ipv6 { advanced-acl-number | basic-acl-number } } undo ftp server acl [ ipv6 ] Default No ACL is used to control FTP clients' access to the FTP server.
Page 95: Ftp Server Enable
Default IPv4 uses the DSCP value 0 for FTP packets sent to an FTP client. Views System view Predefined user roles network-admin Parameters dscp-value : Specifies a DSCP value in the range of 0 to 63. Usage guidelines The DSCP value is carried in the ToS field of an IP packet to indicate the transmission priority of the packet.
Page 96: Ftp Server Ssl-Server-Policy
undo ftp server ipv6 dscp Default IPv6 uses the DSCP value 0 for FTP packets sent to an FTP client. Views System view Predefined user roles network-admin Parameters : Specifies a DSCP value in the range of 0 to 63. dscp-value Usage guidelines The DSCP value is carried in the Traffic class field of an IPv6 packet to indicate the transmission...
Page 97: Ftp Timeout
Related commands ftp server enable (Security Command Reference) ssl server-policy ftp timeout to set the FTP connection idle-timeout timer. ftp timeout to restore the default. undo ftp timeout Syntax ftp timeout minute undo ftp timeout Default The FTP connection idle-timeout timer is 30 minutes. Views System view Predefined user roles...
Page 98: Append
Views FTP client view Predefined user roles network-admin Parameters : Specifies a command supported by the FTP client. command-name Usage guidelines In FTP client view, entering is the same as executing the command. help Examples # Display all commands supported by the FTP client. ftp>...
Page 99: Ascii
Examples # Append the content of the local a.txt file to the b.txt file on the FTP server. ftp> append a.txt b.txt 227 Entering Passive Mode (192,168,1,84,8,145) 150 Accepted data connection 226 File successfully transferred 1657 bytes sent in 0.000736 seconds (2.15 Mbyte/s) ascii to set the file transfer mode to ASCII.
Page 100: Bye
Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. FTP transfers files in either of the following modes: • Binary mode—Transfers program file or pictures. •...
Page 101: Cdup
Views FTP client view Predefined user roles network-admin Parameters : Specifies the target directory. If the target directory does not exist, the command directory does not change the current working directory. : Specifies the upper directory. Executing the command is the same as executing the cd ..
Page 102: Close
This command does not change the working directory if the current directory is the FTP root directory. Examples # Change the working directory to the upper directory. ftp> pwd 257 "/ftp/subdir" is your current location ftp> cdup 250 OK. Current directory is /ftp ftp>...
Page 103: Delete
Views FTP client view Predefined user roles network-admin Usage guidelines When FTP client debugging is enabled, executing this command disables FTP client debugging. When FTP client debugging is disabled, executing this command enables FTP client debugging. Examples # Enable and then disable FTP client debugging. ftp>...
Page 104 Views FTP client view Predefined user roles network-admin Parameters : Specifies a file or directory on the FTP server. remotefile : Specifies the name of the local file used to save the displayed information. localfile Usage guidelines You can perform this operation only after you log in to the FTP server. To display detailed information about the files and subdirectories in the working directory on the FTP server, use the command.
Page 105: Disconnect
disconnect to terminate the connection to the FTP server without exiting FTP client view. disconnect Syntax disconnect Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Terminate the connection to the FTP server without exiting the FTP client view.
Page 106 Views User view Predefined user roles network-admin Parameters : Specifies the IPv4 address or host name of an FTP server. A host name can be a ftp-server case-insensitive string of 1 to 253 characters. Valid characters for a host name include letters, digits, hyphens (-), underscores (_), and dots (.).
Page 107: Ftp Client Ipv6 Source
Press CTRL+C to abort. Connected to 192.168.0.211 (192.168.0.211). 220 FTP service ready. User (192.168.0.211:(none)): abc *Apr 10 09:02:24:139 2017 Sysname FTPC/7/EVENT: PAM initialization result: 0. *Apr 10 09:02:24:150 2017 Sysname FTPC/7/EVENT: PAM: Sent a start-accounting request. Result: 0. *Apr 10 09:02:24:860 2017 Sysname FTPC/7/COMMAND: USER abc 331 Password required for abc.
Page 108: Ftp Client Source
The source address specified with the command applies to all FTP ftp client ipv6 source connections. The source address specified with the ftp ipv6 command applies only to the FTP connection that is being established. Examples # Specify the source IPv6 address of 2000::1 for FTP packets sent to an IPv6 FTP server. <Sysname>...
Page 109: Ftp Ipv6
Related commands ftp ipv6 to log in to an IPv6 FTP server and enter FTP client view. ftp ipv6 Syntax ftp ipv6 [ ftp-server [ service-port ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { ipv6 source-ipv6-address | interface interface-type interface-number interface-type...
Page 110: Get
Examples # Log in to FTP server 2000::154. <Sysname>ftp ipv6 2000::154 Press CTRL+C to abort. Connected to 2000::154 (2000::154). 220 FTP service ready. User (2000::154): root 331 Password required for root. Password: 230 User logged in Remote system type is HPE # Log in to FTP server 2000::154 and enable FTP client debugging.
Page 111: Help
Usage guidelines You can perform this operation only after you log in to the FTP server. To save the downloaded file to the working directory accessed by the command, perform one of the following tasks: • Execute the command without specifying the argument.
Page 112: Lcd
Parameters : Specifies a command supported by the FTP client. command-name Usage guidelines In FTP client view, executing the command is the same as entering help Examples # Display all commands supported by the FTP client. ftp> help append delete quit rmdir ascii...
Page 113 ftp> lcd /flash:/logfile Local directory now /flash:/logfile to display or save detailed information about files and directories on the FTP server. Syntax ls [ remotefile [ localfile ] ] Views FTP client view Predefined user roles network-admin Parameters : Specifies a file or directory on the FTP server. remotefile : Specifies the name of the local file used to save the displayed information.
Page 114: Mkdir
# Display the content of the file s.txt. ftp> bye 221-Goodbye. You uploaded 0 and downloaded 2 kbytes. 221 Logout. <Sysname> more s.txt -rwxr-xr-x 1481 Jul 7 12:34 a.txt Related commands mkdir to create a subdirectory in the current directory on the FTP server. mkdir Syntax mkdir directory...
Page 115: Open
Usage guidelines You can perform this operation only after you log in to the FTP server. If the local file does not exist, this command downloads the file from the FTP server and saves it locally. If the file on the FTP server is not newer than the local file, this command does not update the local file.
Page 116: Passive
passive to change the FTP operation mode. passive Syntax passive Default The FTP operation mode is passive. Views FTP client view Predefined user roles network-admin Usage guidelines FTP can operate in either of the following modes: • Active mode—The FTP server initiates the TCP connection. •...
Page 117: Pwd
To upload a file in the current working directory, specify a file name without the path for the argument, for example, a.cfg. localfile To upload a file in some other directory, specify a fully qualified file name for the localfile argument, for example, flash:/subdirectory/a.cfg.
Page 118: Quit
257 "/subdir" is your current location quit to terminate the connection to the FTP server and return to user view. quit Syntax quit Views FTP client view Predefined user roles network-admin Examples # Terminate the connection to the FTP server and return to user view. ftp>...
Page 119: Rename
150-Connecting to port 47429 150 38143.3 kbytes to download 226 File successfully transferred 39058742 bytes received in 66.2 seconds (576.1 kbyte/s) rename to rename a file. rename Syntax rename [ oldfilename [ newfilename ] ] Views FTP client view Predefined user roles network-admin Parameters : Specifies the original file name.
Page 120: Restart
Views FTP client view Predefined user roles network-admin Examples # Clear the reply information received from the FTP server. ftp> reset restart restart to specify the file retransmission offset. Syntax restart marker Views FTP client view Predefined user roles network-admin Parameters : Specifies the retransmission offset, in bytes.
Page 121 Syntax rhelp [ protocol command ] Views FTP client view Predefined user roles network-admin Parameters protocol command : Specifies an FTP command. Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Display the FTP-related commands supported by the FTP server. ftp>...
Page 122: Rmdir
Field Description PASV Passive mode (IPv4). EPSV Passive mode (IPv6). REST Restarts. RETR Downloads files. STOR Uploads files. APPE Appends uploading. DELE Deletes files. Creates folders. XMKD Extended command with the meaning of MKD. Deletes folders. XRMD Extended command with the meaning of RMD. ABOR Aborts the transmission.
Page 123: Rstatus
Examples # Delete empty directory subdir1. ftp>rmdir subdir1 250 The directory was successfully removed Related commands delete rstatus to display FTP server status information. rstatus to display detailed information about a directory or file on the FTP rstatus remotefile server. Syntax rstatus [ remotefile ] Views...
Page 124 Filed Description Logged in as root Login username root. TYPE: ASCII File transfer mode ASCII. Session timeout in seconds is 300 FTP connection idle-timeout interval is 300 seconds. Control connection is plain text Control connection type is plain text. Data connections will be plain text Data connection type is plain text.
Page 125: Status
status to display FTP status information. status Syntax status Views FTP client view Predefined user roles network-admin Examples # Display FTP status information. ftp> status Connected to 192.168.1.56. No proxy connection. Not using any security mechanism. Mode: stream; Type: ascii; Form: non-print; Structure: file Verbose: on;...
Page 126: User
Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Display the system information of the FTP server. ftp> system 215 UNIX Type: L8 user to initiate an FTP authentication on the current FTP connection.
Page 127: Verbose
verbose to enable or disable the device to display detailed information about FTP operations. verbose Syntax verbose Default The device displays detailed information about FTP operations. Views FTP client view Predefined user roles network-admin Usage guidelines This command affects only the current FTP session. Examples # Disable the device from displaying detailed information about FTP operations.
Page 128: Tftp Commands
TFTP commands tftp to download a file from a TFTP server or upload a file to a TFTP server in an IPv4 network. tftp Syntax tftp tftp-server sget source-filename [ destination-filename ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type interface-number | ip source-ip-address } ] * [ -d ] Views User view...
Page 129 • : Specifies an IPv4 address. For successful TFTP packet ip source-ip-address transmission, make sure this address is the IPv4 address of an interface in up state on the device. : Enables TFTP client debugging. By default, TFTP client debugging is disabled. Usage guidelines The source address specified with the command takes precedence over the source address...
Page 130: Tftp Client Ipv6 Source
Field Description STATE: DO => The system was performing a transfer operation. got option=(parameter) The received packet contained the parameter option. The value of value=(value) the parameter option was value. TFTP_STATE_RX The TFTP service was receiving data. TFTP_STATE_TX The TFTP service was sending data. Received unexpected DATA packet The TFTP service received an unexpected data packet block (%d block %d, expecting block %d...
Page 131: Tftp Client Source
Examples # Specify the source IPv6 address of 2000::1 for TFTP packets sent to an IPv6 TFTP server. <Sysname> system–view [Sysname] tftp client ipv6 source ipv6 2000::1 Related commands tftp ipv6 tftp client source to specify the source IPv4 address for TFTP packets sent to an IPv4 tftp client source TFTP server.
Page 132: Tftp Ipv6
tftp ipv6 to download a file from a TFTP server or upload a file to a TFTP server in an IPv6 tftp ipv6 network. Syntax tftp ipv6 tftp-server [ -i interface-type interface-number ] { get | put | sget source-filename destination-filename vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type...
Page 133: Tftp-Server Acl
• : Specifies an IPv6 address. For successful TFTP packet ipv6 source-ipv6-address transmission, make sure this address is the IPv6 address of an interface in up state on the device. : Enables TFTP client debugging. By default, TFTP client debugging is disabled. Usage guidelines The source address specified with the command takes precedence over the source...
Page 134: Tftp-Server Ipv6 Acl
[Sysname-acl-ipv4-basic-2000] quit [Sysname] tftp-server acl 2000 tftp-server ipv6 acl tftp-server ipv6 acl to use an ACL to control the device's access to TFTP servers in an IPv6 network. to restore the default. undo tftp-server ipv6 acl Syntax tftp-server ipv6 acl ipv6-acl-number undo tftp-server ipv6 acl Default No ACL is used to control the device's access to TFTP servers.
Page 135: File System Management Commands
File system management commands IMPORTANT: • Before managing storage media, file systems, directories, and files, make sure you know the possible impact. • A file or directory whose name starts with a dot character (.) is a hidden file or directory. To prevent the system from hiding a file or directory, make sure the file or directory name does not start with a dot character.
Page 136: Copy
<Sysname> cd test # Change to the parent directory. <Sysname> cd .. copy to copy a file. copy Syntax copy source-file dest-file dest-directory vpn-instance vpn-instance-name ] [ source interface interface-type interface-number ] Views User view Predefined user roles network-admin Parameters : Specifies the name or URL of the file to be copied.
Page 137 Location Name format Remarks The username and password must be the same as the username and password configured on the FTP server. If the server authenticates users only by the Enter the URL in the format of username, you are not required to enter the ftp://FTP On an FTP password.
Page 138 <Sysname> copy test.cfg ftp://user:private@1.1.1.1/testbackup.cfg Copy flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg? [Y/N]:y Copying file flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg... Done. # Copy test.cfg from the working directory on TFTP server 1.1.1.1. Save the copy to the local current directory as testbackup.cfg. <Sysname> copy tftp://1.1.1.1/test.cfg testbackup.cfg Copy tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg? [Y/N]:y Copying file tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg...
Page 139: Delete
Copying file http://user:private@[2001::1]/test.cfg to flash:/testbackup.cfg... Done. delete to delete a file. delete Syntax delete [ /unreserved ] file Views User view Predefined user roles network-admin Parameters : Permanently deletes the specified file. If you do not specify this keyword, the /unreserved command moves the file to the recycle bin.
Page 140: Dir
to display files or directories. Syntax dir [ /all ] [ file | directory | /all-filesystems ] Views User view Predefined user roles network-admin Parameters : Displays all files and directories in the current directory, visible or hidden. If you do not specify /all this option, only visible files and directories are displayed.
Page 141: Execute
Field Description File or directory information: • 0—File or directory number, which is automatically allocated by the system. • -rwh—Attributes of the file or directory. The first character is the directory indicator (d for directory and – for file). The second character indicates whether the file or directory is readable (r for readable).
Page 142 Views User view Predefined user roles network-admin Parameters Specifies the name of the storage medium to be partitioned. medium: Specifies the number of partitions, in the range of 1 to 4. If you specify this partition-number: argument, the storage medium is divided evenly into the specified number of partitions. To customize the sizes of partitions, do not provide this argument.
Page 143: File Prompt
Partitioning usba:...Done. # Divide the USB disk on the device into three partitions and specify the size for each partition. <Sysname> fdisk usba: The capacity of usba: : 256M bytes Partition 1 (32MB~224MB, 256MB, Press CTRL+C to quit or Enter to use all available space):128 // Enter to set the size of the first partition to 128 MB.
Page 144: Fixdisk
Parameters : Prompts for confirmation when a destructive file or directory operation is being performed. alert : Gives no confirmation prompt for file or directory operations except the recycle bin emptying quiet operation. Usage guidelines In quiet mode, the system does not prompt for confirmation when a user performs a file or directory operation except the recycle bin emptying operation.
Page 145: Gunzip
Parameters : Specifies the name of a file system. filesystem Usage guidelines CAUTION: Formatting a file system permanently deletes all files and directories in the file system. You cannot restore the deleted files or directories. If a startup configuration file exists in the file system, back up the file if necessary.
Page 146: Gzip
3710740 KB total (2744508 KB free) Decompress the file system.bin.gz. <Sysname> gunzip system.bin.gz Decompressing file flash:/system.bin.gz..Done. Verify the decompress operation. <Sysname> dir system.* Directory of flash: 1 -rw- 0 May 30 2012 11:42:25 system.bin 3710740 KB total (2744500 KB free) gzip to compress a file.
Page 147: Md5Sum
3710740 KB total (2744512 KB free) md5sum to use the MD5 algorithm to calculate the digest of a file. md5sum Syntax md5sum file Views User view Predefined user roles network-admin network-operator Parameters : Specifies the name of a file. file Usage guidelines You can use file digests to verify file integrity.
Page 148: More
# Create the test/subtest directory in the current directory. <Sysname> mkdir test/subtest Creating directory flash:/test/subtest... Done. more to display the contents of a text file. more Syntax more file Views User view Predefined user roles network-admin Parameters : Specifies the name of a file. file Examples # Display the contents of the test.txt file.
Page 149: Move
Usage guidelines Generally, file systems on a hot-swappable storage medium are automatically mounted when the storage medium is connected to the device. If the system cannot recognize a file system, however, you must mount the file system before you can access it. To avoid file system corruption, do not perform the following tasks while the system is mounting a file system: •...
Page 150: Pwd
Moving file flash:/b.cfg to flash:/test2/b.cfg... Done. to display the working directory. Syntax Views User view Predefined user roles network-admin Examples # Display the working directory. <Sysname> pwd flash: rename to rename a file or directory. rename Syntax rename { source-file | source-directory } { dest-file | dest-directory } Views User view Predefined user roles...
Page 151: Rmdir
Syntax reset recycle-bin [ /force ] Views User view Predefined user roles network-admin Parameters : Deletes all files in the recycle bin without prompting for confirmation. If you do not specify /force this option, the command prompts you to confirm the deletion operation for each file. Usage guidelines CAUTION: The files in a recycle bin can be restored by using the...
Page 152: Sha256Sum
Parameters : Specifies a directory. directory Usage guidelines CAUTION: To delete a directory, you must first delete all files and subdirectories in the directory permanently or move them to the recycle bin. If you move them to the recycle bin, executing the command to rmdir delete the directory will delete them permanently.
Page 153: Tar Extract
Predefined user roles network-admin Parameters : Uses gzip to compress the files and directories before archiving them. If you do not specify this keyword, the command archives the files and directories without compressing them. : Specifies the archive file name. If you specified the keyword, the archive-file dest-file extension of the archive file name must be .tar.gz.
Page 154 Parameters : Specifies the archive file name. The extension can be .tar or .tar.gz. archive-file file : Displays the names of the successfully extracted files and directories. verbose : Displays the content of the extracted files and directories on the screen. The extracted files screen are not saved.
Page 155: Tar List
tar list to display the names of archived files and directories. tar list Syntax tar list archive-file file Views User view Predefined user roles network-admin Parameters : Specifies the archive file name. The extension can be .tar or .tar.gz. archive-file file Examples # Display the names of archived files and directories.
Page 156: Undelete
To avoid file system corruption, do not perform the following tasks while the system is unmounting a file system: • Reboot, power cycle, or power off the device. • Install, remove, or access storage media. • Install or remove MPUs. •...
Page 158: Configuration File Management Commands
Configuration file management commands archive configuration to manually archive the running configuration to the configuration archive configuration archive directory. Syntax archive configuration Views User view Predefined user roles network-admin Usage guidelines This command saves the running configuration to the specified configuration archive directory with file names generated from the specified name prefix.
Page 159: Archive Configuration Interval
archive configuration interval to enable automatic running-configuration archiving archive configuration interval and set the archiving interval. to disable automatic running-configuration undo archive configuration interval archiving. Syntax archive configuration interval interval undo archive configuration interval Default The automatic running-configuration archiving feature is disabled. Views System view Predefined user roles...
Page 160: Archive Configuration Location
archive configuration server password archive configuration server user display archive configuration archive configuration location to specify a local directory and file name prefix for archive configuration location archiving the running configuration. undo archive configuration location to restore the default. Syntax archive configuration location directory filename-prefix filename-prefix undo archive configuration location Default...
Page 161: Archive Configuration Max
• Restores the default settings of the archive configuration interval archive commands. configuration max • Clears the configuration archive information displayed by using the display archive command. configuration Examples # Set the configuration archive directory as flash:/archive and the archive file name prefix as my_archive.
Page 162: Archive Configuration Server
configuration archives have been saved before the archive limit is set to four. When saving a new configuration archive, the system first deletes the oldest four (7 – 4 + 1) archives. If you execute the command, the default archive undo archive configuration location limit is restored.
Page 163: Archive Configuration Server Password
: Specifies a file name prefix for configuration archives, a filename-prefix filename-prefix case-insensitive string of 1 to 30 characters. Valid characters are letters, digits, underscores (_), and hyphens (-). Usage guidelines Before archiving the running configuration to a remote SCP server, you must perform the following tasks: •...
Page 164: Archive Configuration Server User
to restore the default. undo archive configuration server password Syntax archive configuration server password { cipher | simple } string undo archive configuration server password Default No password is configured for accessing the SCP server that saves configuration archives. Views System view Predefined user roles network-admin...
Page 165: Backup Startup-Configuration
Parameters : Specifies the username, a case-sensitive string of 1 to 63 characters. user-name Examples # Set the username to admin for accessing the SCP server that saves configuration archives. <Sysname> system-view [Sysname] archive configuration server user admin Related commands archive configuration server archive configuration server password display archive configuration...
Page 166: Configuration Commit
Backing up the main startup configuration file to 2.2.2.2 in VPN VPN1... Done. # Back up the main next-startup configuration file to the IPv6 TFTP server at 2001::2 in the public network, and set the target file name to 192-168-1-26.cfg. <Sysname>...
Page 167: Configuration Encrypt
Views System view Predefined user roles network-admin Parameters : Sets the configuration commit delay interval. The value range is 1 to 65535 minutes. delay-time Usage guidelines The system creates a rollback point to record the configuration status when you execute this command to start the configuration commit delay timer.
Page 168: Configuration Replace File
Predefined user roles network-admin Parameters : Encrypts configuration with a private key. All devices running Comware 9 software private-key use the same private key. : Encrypts configuration with a public key. All devices running Comware 9 software public-key use the same public key. Usage guidelines Configuration encryption enables the device to automatically encrypt a configuration file when saving the running configuration to the file.
Page 169: Display Archive Configuration
• Make sure the replacement configuration file is not encrypted. Examples # Replace the running configuration with the configuration in the my_archive_1.cfg configuration file. <Sysname> system-view [Sysname] configuration replace file my_archive_1.cfg Current configuration will be lost, save current configuration? [Y/N]:n Now replacing the current configuration.
Page 170: Display Current-Configuration
The exclamation mark (!) indicates that the remote archiving attempt failed. The pound sign (#) indicates the most recent archive file. Table 22 Command output Field Description Username for accessing the SCP server that saves Username configuration archives. Absolute path of the directory for saving running-configuration Location archives.
Page 171: Display Current-Configuration Diff
: Excludes preprovisioned settings from the running configuration. exclude-provision : Displays interface configuration, interface [ interface-type [ interface-number ] ] where argument represents interface type interface-type argument represents the interface number. If you do not specify the interface-number arguments, the command displays the running interface-type interface-number configuration for all interfaces.
Page 172 Views Any view Predefined user roles network-admin network-operator Usage guidelines This command searches for the next-startup configuration in the following order: The .cfg main next-startup configuration file. The .cfg backup next-startup configuration file if the .cfg main next-startup configuration file is unavailable.
Page 173: Display Default-Configuration
Field Description Displays command differences. • cmd1 and cmd4—Command lines are contained in both source and target configurations if they are not prefixed with a minus (-) or plus (+) sign. They provide a context for locating command line differences. cmd1 •...
Page 174 display diff current-configuration configfile file-name-d startup-configuration } display diff startup-configuration configfile file-name-d current-configuration } Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the source configuration file for comparison. configfile file-name-s : Specifies the target configuration file for comparison. configfile file-name-d : Specifies the running configuration.
Page 175: Display Saved-Configuration
+++ Startup configuration @@ -5,7 +5,7 @@ sysname Sysname -alias dhc display history-command +alias dh display hotkey <Sysname> The output shows that the command is contained only alias dhc display history-command in the running configuration, and the command is contained only in alias dh display hotkey the next-startup configuration.
Page 176: Display Startup
sysname Sysname ftp server enable telnet server enable domain default enable system vlan 1 domain system ---- More ---- Related commands reset saved-configuration save save binary-only display startup to display the names of all startup configuration files, including the file that display startup the device started up with and the files for next startup.
Page 177: Display This
Table 24 Command output Field Description MainBoard Displays the startup configuration files on the active MPU. Configuration file that the device has started up with. Current startup saved-configuration file If the field is suffixed with an asterisk (*), the startup configuration file is a binary file.
Page 178: Reset Saved-Configuration
reset saved-configuration to delete a next-startup configuration file. reset saved-configuration Syntax reset saved-configuration [ backup | main ] Views User view Predefined user roles network-admin Parameters : Specifies the backup next-startup configuration file. backup : Specifies the main next-startup configuration file. main Usage guidelines CAUTION:...
Page 179 Views User view Predefined user roles network-admin Parameters : Specifies a TFTP server by its IPv4 address or host name. The host name is a ipv4-server case-insensitive string of 1 to 253 characters. Valid characters include letters, digits, hyphens (-), underscores (_), and dots (.).
Page 180: Save
save to save the running configuration to a save file-url [ all | slot slot-number ] configuration file, without specifying the file as a next-startup configuration file. to save the running save [ safely ] [ backup | main ] [ force ] [ changed ] configuration as a next-startup configuration file in the root directory of the storage medium.
Page 181 If the file specified for this command does not exist, the system creates the file before saving the configuration. If the file already exists, the system prompts you to confirm whether to overwrite the file. If you choose to not overwrite the file, the system cancels the save operation. This command saves the running configuration to an .mdb binary file as well as a .cfg text file.
Page 182: Standby Auto-Update Config
standby auto-update config to enable automatic system-wide next-startup standby auto-update config configuration file operations. to disable automatic system-wide next-startup undo standby auto-update config configuration file operations. Syntax standby auto-update config undo standby auto-update config Default Next-startup configuration file operations are automatically synchronized across the entire system. Views System view Predefined user roles...
Page 183 to configure the system to start up with the factory undo startup saved-configuration defaults at the next startup. Syntax startup saved-configuration cfgfile [ backup | main ] undo startup saved-configuration Default No next-startup configuration files are specified. Views User view Predefined user roles network-admin Parameters...
Page 184: Software Upgrade Commands
Software upgrade commands As a best practice, store the startup images in a fixed storage medium. If you store the startup images in a hot swappable storage medium, do not remove the hot swappable storage medium during the startup process. boot-loader file to specify startup image files.
Page 185 the file system. If the destination root directory already contains a startup image with the same name as an upgrade image, you must choose whether to overwrite the image. NOTE: The system will verify the digital signature of the specified images before it updates the startup image list with the specified images.
Page 186: Boot-Loader Update
What type of overwrite operation do you want to perform? Y: Overwrite without prompt. N: Not overwrite or display prompt. Q: Return to the previous step. Please make a choice. [Y/N/Q]:y An existing file will be overwritten without prompt if it has the same name as any upgrade file.
Page 187: Bootrom Backup
This command will update the specified standby MPU. Continue? [Y/N]:y Updating. Please wait... Verifying the file flash:/boot.bin on slot 1...Done. Verifying the file flash:/system.bin on slot 1..Done. Copying main startup software images to slot 2. Please wait... Done. Setting copied images as main startup software images for slot 2... The images that have passed all examinations will be used as the main startup software images at the next reboot on slot 2.
Page 188: Bootrom Restore
bootrom restore to replace the BootWare image in the Normal area with the BootWare bootrom restore image in the Backup area for image restoration or version rollback. Syntax bootrom restore slot slot-number-list Views User view Predefined user roles network-admin Parameters : Specifies a space-separated list of up to seven slot number items.
Page 189: Bootrom-Update Security-Check Enable
Comware images. If you do not upgrade BootWares before upgrading Comware images, the system automatically upgrades BootWares as necessary when loading Comware images. The new BootWare images take effect after you reboot the card. NOTE: The system verifies a BootWare image before it loads that image to the Normal area of BootWare. If the digital signature verification fails, the system will not load the image and you will receive a digital signature verification failure message.
Page 190: Display Install Active
Syntax display boot-loader [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters : Specifies the slot number of an MPU. If you do not specify an MPU, this slot slot-number command displays the software images on each MPU. Examples # Display the current software images and startup software images.
Page 191 Parameters : Specifies a card by its slot number. If you do not specify a card, this slot slot-number command displays information about active software images on all cards. : Displays detailed information about active software images, including their software verbose names, basic information, and contained components.
Page 192: Display Install Committed
[Component] Component: test Description: test package Table 26 Command output Field Description Active packages on slot n Active software images on a slot. Directory path of the software image on the slot. In this sample output, the flash:/boot.bin software image name is boot.bin and it is stored in the root directory of the flash drive of the card in the slot.
Page 193 : Displays detailed information about each image, including their software names, basic verbose information, and contained components. If you do not specify this keyword, the command displays only image names. Usage guidelines Some commands modify the current software image list, but they do not modify the main install startup image list.
Page 194: Display Version
Service name: feature1 Platform version: 9.1.021 Product version: Test 0001015 Supported board: mpu [Component] Component: feature1 Description: feature1 package For information about the command output, see Table display version to display system version information. display version Syntax display version Views Any view Predefined user roles network-admin...
Page 195: Display Version-Update-Record
Table 27 Command output Field Description Reason for the last reboot: • User reboot—The reboot was manually initiated from a user interface, such as the CLI or SNMP. • Cold reboot—The reboot was caused by a power cycle. • Kernel abnormality reboot—The reboot was caused by kernel exceptions. •...
Page 196: Install Activate
Table 28 Command output Field Description Number of the startup software image upgrade record. Record 1 is the most Record n recent record. Name Software image file name. The software image version changed during the upgrade. Related commands reset version-update-record install activate to activate feature or patch images.
Page 197 Images run in memory immediately after they are activated. However, only patch images activated by using the install activate patch filename all command still run in memory after a reboot. To have the following types of activated images take effect after a reboot, you must commit the software change by using the command: install commit...
Page 198: Install Commit
Running Version New Version None Test 0001016 Slot Upgrade Way Service Upgrade Upgrading software images to compatible versions. Continue? [Y/N]:y This operation might take several minutes, please wait...Done. Table 29 Command output Field Description Copying file A to B..Done. The system is copying the file from one location to another. Verifying the file The system is verifying the validity of the file.
Page 199: Install Deactivate
Predefined user roles network-admin Usage guidelines This command adds the patch image file to the startup software image list that the device used at startup. • If the device used the main startup software image list at startup, this command adds the patch image file to the main startup software image list.
Page 200: Reset Version-Update-Record
Images stop running in memory immediately after they are deactivated. However, only patch images deactivated by using the install deactivate patch filename all command do not run after a reboot. To prevent other deactivated images from running after a reboot, you must commit the software change by using the command.
Page 201: Version Check Ignore
Predefined user roles network-admin Usage guidelines To make sure the standby MPU always runs the same software images as the active MPU, configure both the command and the version auto-update enable undo version check ignore command. The startup software version check feature examines the standby MPU's startup software images for version inconsistency with the active MPU's current software images at startup.
Page 202 Examples # Enable startup software version check for the standby MPU. <Sysname> system-view [Sysname] undo version check ignore Related commands version auto-update enable...
Page 203: Preprovisioning Commands
Preprovisioning commands display provision failed-config to display preprovisioned-commands application display provision failed-config failure records. Syntax display provision failed-config Views Any view Predefined user roles network-admin network-operator Usage guidelines A preprovisioned command cannot be applied if it conflicts with the running configuration. Use this command to verify the application result of preprovisioned commands except for the following commands: •...
Page 204: Reset Provision Failed-Config
Syntax provision [ subslot subslot-number ] model model undo provision [ subslot subslot-number ] model Default Preprovisioning is disabled. Views Slot view Predefined user roles network-admin Parameters : Specifies a subslot by its subslot number. If you do not specify a subslot subslot-number subslot, preprovisioning is enabled on the slot.
Page 205: Slot
Views User view Predefined user roles network-admin Usage guidelines Preprovisioned interface cards or subcards that repeatedly come online and go offline might leave in memory a large number of commands that were not applied. To release the occupied memory space, execute the command.
Page 206: Document Conventions And Icons
Document conventions and icons Conventions This section describes the conventions used in the documentation. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional.
Page 207: Network Topology Icons
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 208: Support And Other Resources
Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements.
Page 209: Websites
Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty General websites Hewlett Packard Enterprise Information Library www.hpe.com/info/enterprise/docs Hewlett Packard Enterprise Support Center...
Page 210 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Page 211: Index
Index A B C D E F G H I L M N O P Q R S T U V W description,15 dir,134 activation-key,44 dir,97 alias,1 disconnect,99 append,92 display [ | [ by-linenum ] { begin | exclude | archive configuration,152 include }...
Page 212 fixdisk,138 flow-control,57 newer,108 format,138 free ftp user,86 open,109 free ftp user-ip,87 free ftp user-ip ipv6,87 free line,58 parity,66 free user-interface,59 passive,110 ftp,99 permit interface,27 ftp client ipv6 source,101 permit vlan,29 ftp client source,102 permit vpn-instance,30 ipv6,103 protocol inbound,66 ftp server acl,88 provision,197 ftp server...
Page 213 shell,71 telnet server ipv6 port,79 slot,199 telnet server port,79 speed,71 terminal type,80 standby auto-update config,176 tftp,122 startup saved-configuration,176 tftp client ipv6 source,124 status,119 tftp client source,125 stopbits,72 tftp ipv6,126 super,37 tftp-server acl,127 tftp-server ipv6 acl,128 super authentication-mode,38 super default role,39 super password,40 umount,149...

HP Enterprise FlexFabric 12900E Series Command Reference Manual

Quick Links

Related Manuals for HP Enterprise FlexFabric 12900E Series

Summary of Contents for HP Enterprise FlexFabric 12900E Series