Cisco IOS XR IP Addresses and Services Command Reference, Release 3.2
Transport Stack Commands on Cisco IOS XR Software
Downloads: This chapterpdf (PDF - 437.0KB) The complete bookPDF (PDF - 3.4MB) | Feedback

Transport Stack Commands on Cisco IOS XR Software

Table Of Contents

Transport Stack Commands on Cisco IOS XR Software

clear raw statistics pcb

clear tcp pcb

clear tcp statistics

clear udp statistics

forward-protocol udp

service tcp-small-servers

service udp-small-servers

show raw brief

show raw pcb

show raw statistics pcb

show tcp brief

show tcp detail

show tcp extended-filters

show tcp statistics

show udp brief

show udp extended-filters

show udp statistics

tcp mss

tcp path-mtu-discovery

tcp selective-ack

tcp synwait-time

tcp timestamp

tcp window-size


Transport Stack Commands on Cisco IOS XR Software


This chapter describes the Cisco IOS XR software commands used to configure and monitor features related to the transport stack (TCP, User Datagram Protocol [UDP], and RAW). Any IP protocol other than TCP or UDP is known as a RAW protocol.

For detailed information about transport stack concepts, configuration tasks, and examples, refer to the Configuring TCP, UDP, and RAW Transports on Cisco IOS XR Software configuration module.

clear raw statistics pcb

To clear statistics for a single RAW connection or for all RAW connections, use the clear raw statistics pcb command in EXEC mode.

clear raw statistics pcb {all | pcb-address} location node-id

Syntax Description

all

Clears statistics for all RAW connections.

pcb-address

Clears statistics for a specific RAW connection.

location node-id

Clears statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router. The location keyword and node-id argument became required.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the all keyword to clear all RAW connections. To clear a specific RAW connection, enter the protocol control block (PCB) address of the RAW connection. Use the show raw brief command to obtain the PCB address.

Use the keyword location keyword and node-id argument to clear RAW statistics for a designated node.

Examples

The following example shows how to clear statistics for a RAW connection with PCB address 0x80553b0:

RP/0/RP0/CPU0:router# clear raw statistics pcb 0x80553b0
RP/0/RP0/CPU0:router# show raw statistics pcb 0x80553b0
 
   
Statistics for PCB 0x80553b0
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   

The following example shows how to clear statistics for all RAW connections:

RP/0/RP0/CPU0:router# clear raw statistics pcb all
RP/0/RP0/CPU0:router# show raw statistics pcb all
 
   
Statistics for PCB 0x805484c
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   
Statistics for PCB 0x8054f80
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   
Statistics for PCB 0x80553b0
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application

Related Commands

Command
Description

show raw brief

Displays information about active RAW IP sockets.

show raw statistics pcb

Displays statistics for either a single RAW connection or all RAW connections.


clear tcp pcb

To clear TCP protocol control block (PCB) connections, use the clear tcp pcb command in EXEC mode.

clear tcp pcb {pcb-address | all} location node-id

Syntax Description

pcb-address

Clears the TCP connection at the specified PCB address.

all

Clears all open TCP connections.

location node-id

Clears the TCP connection for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router. The location keyword and node-id argument became required.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The clear tcp pcb command is useful for clearing hung TCP connections. Use the show tcp brief command to find the PCB address of the connection you want to clear.

If the clear tcp pcb all command is used, the software does not clear a TCP connection that is in the listen state. If a specific PCB address is specified, then a connection in listen state is cleared.

Examples

In the following example, the TCP connection at PCB address 60B75E48 is cleared:

RP/0/RP0/CPU0:router# clear tcp pcb 60B75E48

Related Commands

Command
Description

show tcp brief

Displays the TCP summary table.


clear tcp statistics

To clear TCP statistics, use the clear tcp statistics command in EXEC mode.

clear tcp statistics [pcb { all | pcb-address} | location node-id]

Syntax Description

pcb all

(Optional) Clears statistics for all TCP connections.

pcb pcb-address

(Optional) Clears statistics for a specific TCP connection.

location node-id

(Optional) Clears TCP statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the clear tcp statistics command to clear TCP statistics. Use the show tcp statistics command to display TCP statistics. You might display TCP statistics and then clear them before you start debugging TCP.

The optional location keyword and node-id argument can be used to clear TCP statistics for a designated node.

Examples

The following example shows how to clear TCP statistics:

RP/0/RP0/CPU0:router# clear tcp statistics

Related Commands

Command
Description

show tcp statistics

Displays TCP statistics.


clear udp statistics

To clear User Datagram Protocol (UDP) statistics, use the clear udp statistics command in EXEC mode.

clear udp statistics {pcb {all | pcb-address} | summary} [location node-id]

Syntax Description

pcb all

Clears statistics for all UDP connections.

pcb pcb-address

Clears statistics for a specific UDP connection.

summary

Clears UDP summary statistics.

location node-id

Clears UDP statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the clear udp statistics command to clear UDP statistics. Use the show udp statistics command to display UDP statistics. You might display UDP statistics and then clear them before you start debugging UDP.

The optional location keyword and node-id argument can be used to clear UDP statistics for a designated node.

Examples

The following example shows how to clear UDP summary statistics:

RP/0/RP0/CPU0:router# clear udp statistics summary

Related Commands

Command
Description

show udp statistics

Displays UDP statistics.


forward-protocol udp

To configure the system to forward any User Datagram Protocol (UDP) datagrams that are received as broadcast packets to a specified helper address, use the forward-protocol udp command in global configuration mode. To restore the system to its default condition with respect to this command, use the no form of this command.

forward-protocol udp {port-number | disable | domain | nameserver | netbios-dgm |
netbios-ns
| tacacs | tftp}

no forward-protocol udp {port-number | disable | domain | nameserver | netbios-dgm | netbios-ns | tacacs | tftp}

Syntax Description

port-number

Forwards UDP broadcast packets to a specified port number. Range is 1 to 65535.

disable

Disables IP Forward Protocol UDP.

domain

Forwards UDP broadcast packets to Domain Name Service (DNS, 53).

nameserver

Forwards UDP broadcast packets to IEN116 name service (obsolete, 42).

netbios-dgm

Forwards UDP broadcast packets to NetBIOS datagram service (138).

netbios-ns

Forwards UDP broadcast packets to NetBIOS name service (137).

tacacs

Forwards UDP broadcast packets to TACACS (49).

tftp

Forwards UDP broadcast packets to TFTP (69).


Defaults

Disabled

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the forward-protocol udp command to specify that UDP broadcast packets received on the incoming interface are forwarded to a specified helper address.

When you configure the forward-protocol udp command, you must also configure the helper-address command to specify a helper address on an interface. The helper address is the IP address to which the UDP datagram is forwarded. Configure the helper-address command with IP addresses of hosts or networking devices that can handle the service. Because the helper address is configured per interface, you must configure a helper address for each incoming interface that will be receiving broadcasts that you want to forward.

You must configure one forward-protocol udp command per UDP port you want to forward. The port on the packet is either port 53 (domain), port 69 (tftp), or a port number you specify.

Examples

The following example shows how to specify that all UDP broadcast packets with port 53 or port 69 received on incoming MgmtEth interface 0/0/CPU0/0 are forwarded to 172.16.0.1. MgmtEth interface 0/0/CPU0/0 receiving the UDP broadcasts is configured with a helper address of 172.16.0.1, the destination address to which the UDP datagrams are forwarded.

RP/0/RP0/CPU0:router(config)# forward-protocol udp domain
RP/0/RP0/CPU0:router(config)# forward-protocol udp tftp
RP/0/RP0/CPU0:router(config)# interface MgmtEth 0/0/CPU0/0
RP/0/RP0/CPU0:router(config-if)# ip helper-address 172.16.0.1

Related Commands

Command
Description

helper-address

Configures an address to which UDP broadcasts are forwarded.


service tcp-small-servers

To enable small TCP servers such as the ECHO, use the service tcp-small-servers command in global configuration mode. To disable the TCP server, use the no form of this command.

service {ipv4 | ipv6} tcp-small-servers [max-servers number | no-limit] [access-list-name]

no service {ipv4 | ipv6} tcp-small-servers [max-servers number | no-limit] [access-list-name]

Syntax Description

ip4

Specifies IPv4 small servers.

ipv6

Specifies IPv6 small servers.

max-servers

(Optional) Sets the number of allowable TCP small servers.

number

(Optional) Number value. Range is 1 to 2147483647.

no-limit

(Optional) Sets no limit to the number of allowable TCP small servers.

access-list-name

(Optional) The name of an access list.


Defaults

TCP small servers are disabled.

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The TCP small servers currently consist of three services: Discard (port 9), Echo (port 7), and Chargen (port 19). These services are used to test the TCP transport functionality. The Discard server receives data and discards it. The Echo server receives data and echoes the same data to the sending host. The Chargen server generates a sequence of data and sends it to the remote host.

Examples

In the following example, small IPv4 TCP servers are enabled:

RP/0/RP0/CPU0:router(config)# service ipv4 tcp-small-servers max-servers 5 acl100

Related Commands

Command
Description

service udp-small-servers

Enables small UDP servers such as the ECHO.

show cinetd services

Displays the services whose processes are spawned by cinetd.


service udp-small-servers

To enable small User Datagram Protocol (UDP) servers such as the ECHO, use the service udp-small-servers command in global configuration mode. To disable the UDP server, use the no form of this command.

service {ipv4 | ipv6} udp-small-servers [max-servers number | no-limit] [access-list-name]

no service {ipv4 | ipv6} udp-small-servers [max-servers number | no-limit] [access-list-name]

Syntax Description

ip4

Specifies IPv4 small servers.

ipv6

Specifies IPv6 small servers.

max-servers

(Optional) Sets the number of allowable UDP small servers.

number

(Optional) Number value. Range is 1 to 2147483647.

no-limit

(Optional) Sets no limit to the number of allowable UDP small servers.

access-list-name

(Optional) Name of an access list.


Defaults

UDP small servers are disabled.

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The UDP small servers currently consist of three services: Discard (port 9), Echo (port 7), and Chargen (port 19). These services are used to test the UDP transport functionality. The discard server receives data and discards it. The echo server receives data and echoes the same data to the sending host. The chargen server generates a sequence of data and sends it to the remote host.

Examples

The following example shows how to enable small IPv6 UDP servers and set the maximum number of allowable small servers to 10:

RP/0/RP0/CPU0:router(config)# service ipv6 udp-small-servers max-servers 10

Related Commands

Command
Description

service tcp-small-servers

Enables small TCP servers such as the ECHO.


show raw brief

To display information about active RAW IP sockets, use the show raw brief command in EXEC mode.

show raw brief [location node-id]

Syntax Description

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router. The location keyword and node-id argument became required.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Protocols such as Open Shortest Path First (OSPF) and Protocol Independent Multicast (PIM) use long-lived RAW IP sockets. The ping and traceroute commands use short-lived RAW IP sockets. Use the show raw brief command if you suspect a problem with one of these protocols.

Examples

The following is sample output from the show raw brief command:

RP/0/RP0/CPU0:router# show raw brief
 
   
PCB      Recv-Q Send-Q Local Address         Foreign Address Protocol
0x805188c        0      0 0.0.0.0               0.0.0.0            2
0x8051dc8        0      0 0.0.0.0               0.0.0.0           103
0x8052250        0      0 0.0.0.0               0.0.0.0           255
 
   

Table 60 describes the significant fields shown in the display.

Table 60 show raw brief Field Descriptions 

Field
Description

PCB

Protocol control block address. This is the address to a structure that contains connection information such as local address, foreign address, local port, foreign port, and so on.

Recv-Q

Number of bytes in the receive queue.

Send-Q

Number of bytes in the send queue.

Local Address

Local address and local port.

Foreign Address

Foreign address and foreign port.

Protocol

Protocol that is using the RAW IP socket. For example, the number 2 is IGMP, 103 is PIM, and 89 is OSPF.


show raw pcb

To display information about active RAW IP sockets, use the show raw pcb command in EXEC mode.

show raw pcb {interface-filter location node-id | location node-id | paktype-filter location node-id}

Syntax Description

interface-filter

Displays the protocol control blocks (PCBs) with configured interface filters.

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.

paktype-filter

Displays the PCBs with configured packet type filters.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

The show raw pcb command displays detailed information for all connections that use the RAW transport. Information that is displayed includes family type (for example, 2 for AF_INET also known as IPv4), PCB address, Layer 4 (also known as transport) protocol, local address, foreign address, and any filter that is being used.

Examples

The following is sample output from the show raw pcb command:

RP/0/RP0/CPU0:router# show raw pcb location 0/0/CPU0
 
   
Total Number of matching PCB's in database: 1
JID: 0/0
Family: 2
PCB: 0x0803dd38
L4-proto: 1
Laddr: 0.0.0.0
Faddr: 0.0.0.0
ICMP error filter mask: 0x3ff
LPTS socket options: 0x0020
Packet Type Filters: 
	0
	[220 pkts in]
	3
	[0 pkts in]
	4
	[0 pkts in]
 
   

Table 61 describes the significant fields shown in the display.

Table 61 show raw pcb Field Descriptions 

Field
Description

JID

Job ID of the process that created the socket.

Family

Network protocol. IPv4 is 2; IPv6 is 26.

PCB

Protocol control block address.

L4-proto

Layer 4 (also known as transport) protocol.

Laddr

Local address.

Faddr

Foreign address.

ICMP error filter mask

If an ICMP filter is being set, output in this field has a nonzero value.

LPTS socket options

If an LPTS option is being set, output in this field has a nonzero value.

Packet Type Filters

Packet filters that are being set for a particular RAW socket, including the number of packets for that filter type. Multiple filters can be set.


show raw statistics pcb

To display statistics for a single RAW connection or for all RAW connections, use the show raw statistics pcb command in EXEC mode.

show raw statistics pcb {all | pcb-address} location node-id

Syntax Description

all

Displays statistics for all RAW connections.

pcb-address

Displays statistics for a specified RAW connection.

location node-id

Displays RAW statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router. The location keyword and node-id argument became required.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the all keyword to display all RAW connections. If a specific RAW connection is desired, then enter the protocol control block (PCB) address of that RAW connection. Use the show raw brief command to obtain the PCB address.

Use the keyword location and node-id argument to display RAW statistics for a designated node.

Examples

In the following example, statistics for a RAW connection with PCB address 0x80553b0 are displayed:

RP/0/RP0/CPU0:router# show raw statistics pcb 0x80553b0
 
   
Statistics for PCB 0x80553b0
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application	
		0 packets failed queued to application
 
   

In this example, statistics for all RAW connections are displayed:

RP/0/RP0/CPU0:router# show raw statistics pcb all
 
   
Statistics for PCB 0x805484c
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   
 Statistics for PCB 0x8054f80
Send: 	0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   
 Statistics for PCB 0x80553b0
Send: 		0 packets received from application
		0 xipc pulse received from application
		0 packets sent to network
		0 packets failed getting queued to network
Rcvd: 		0 packets received from network
		0 packets queued to application
		0 packets failed queued to application
 
   

Table 62 describes the significant fields shown in the display.

Table 62 show raw statistics pcb Field Descriptions 

Field
Description

Send:

Statistics in this section refer to packets sent from an application to RAW.

  xipc pulse received from application

Number of notifications sent from applications to RAW.

  packets sent to network

Number of packets sent to the network.

  packets failed getting queued to network

Number of packets that failed to get queued to the network.

Rcvd:

Statistics in this section refer to packets received from the network.

  packets queued to application

Number of packets queued to an application.

  packets failed queued to application

Number of packets that failed to get queued to an application.


Related Commands

Command
Description

clear raw statistics pcb

Clears statistics for either a single RAW connection or for all RAW connections.

show raw brief

Displays information about active RAW IP sockets.


show tcp brief

To display a summary of the TCP connection table, use the show tcp brief command in EXEC mode.

show tcp brief location node-id

Syntax Description

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show tcp brief command:

RP/0/RP0/CPU0:router# show tcp brief
 
   
TCPCB     Recv-Q Send-Q  Local Address          Foreign Address        State
0x80572a8      0      0  0.0.0.0:513            0.0.0.0:0              LISTEN
0x8056948      0      0  0.0.0.0:23             0.0.0.0:0              LISTEN
0x8057b60      0      3  10.8.8.2:23            10.8.8.1:1025          ESTAB

Table 63 describes the significant fields shown in the display.

Table 63 show tcp brief Field Descriptions 

Field
Description

TCPCB

Memory address of the TCP control block.

Recv-Q

Number of bytes waiting to be read.

Send-Q

Number of bytes waiting to be sent.

Local Address

Source address and port number of the packet.

Foreign Address

Destination address and port number of the packet.

State

State of the TCP connection.


Related Commands

Command
Description

clear tcp pcb

Clears the TCP connection.

clear tcp pcb

Displays details of TCP connections.


show tcp detail

To display the details of the TCP connection table, use the show tcp detail command in EXEC mode.

show tcp detail pcb [value | all ]

Syntax Description

pcb

Displays TCP connection information.

value

Displays a specific connection information. Range si from 0 to ffffffff.

all

Displays all connections information.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show tcp detail pcb all command:

RP/0/RP0/CPU0:router# show tcp detail pcb all
 
   
Connection state is LISTEN, I/O status: 0, socket status: 0
Local host: 0.0.0.0, Local port: 23
Foreign host: 0.0.0.0, Foreign port: 0
 
   
Current send queue size: 0 (max 16384)
Current receive queue size: 0 (max 16384)  mis-ordered: 0 bytes
 
   
Timer          Starts    Wakeups         Next(msec)
Retrans             0          0                0
SendWnd             0          0                0
TimeWait            0          0                0
AckHold             0          0                0
KeepAlive           0          0                0
PmtuAger            0          0                0
GiveUp              0          0                0
Throttle            0          0                0
iss: 0           snduna: 0           sndnxt: 0
sndmax: 0           sndwnd: 0           sndcwnd: 1073725440
   irs: 0           rcvnxt: 0           rcvwnd: 16384   rcvadv: 0

show tcp extended-filters

To display the details of the TCP extended-filters, use the show tcp extended-filters command in EXEC mode.

show tcp extended-filters [ location node-id ] | peer-filter [ location node-id ]

Syntax Description

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.

peer-filter

Displays connections with peer filter configured.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show tcp extended-filters command for a specific location (0/RP1/CPU0):

RP/0/RP0/CPU0:router# show tcp extended-filters location 0/RP1/CPU0
 
   
Total Number of matching PCB's in database: 3
-----------------------------------
JID: 135
Family: 2
PCB: 0x4826c5dc
L4-proto: 6
Lport: 23
Fport: 0
Laddr: 0.0.0.0
Faddr: 0.0.0.0
ICMP error filter mask: 0x12
LPTS options: 0x00000000
-----------------------------------
 
   
-----------------------------------
JID: 135
Family: 2
 
   
PCB: 0x4826dd8c
L4-proto: 6
Lport: 23
Fport: 59162
Laddr: 12.31.22.10
Faddr: 223.255.254.254
ICMP error filter mask: 0x12
LPTS options: 0x00000000
-----------------------------------
 
   
-----------------------------------
JID: 135
Family: 2
PCB: 0x4826cac0
L4-proto: 6
Lport: 23
Fport: 59307
Laddr: 12.31.22.10
Faddr: 223.255.254.254
ICMP error filter mask: 0x12
LPTS options: 0x00000000
-----------------------------------

show tcp statistics

To display TCP statistics, use the show tcp statistics command in EXEC mode.

show tcp statistics [pcb {pcb-address | all}] [location node-id]

Syntax Description

pcb pcb-address

(Optional) Displays detailed statistics for a specified connection.

pcb all

(Optional) Displays detailed statistics for all connections.

location node-id

(Optional) Displays statistics for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show tcp statistics command:

RP/0/RP0/CPU0:router# show tcp statistics
 
   
TCP statistics:
Rcvd:41 Total, 0 drop, 0 no port
      0 checksum error, 0 too short
      25 packets (1768 bytes) in sequence
      0 dup packets (0 bytes)
      0 partially dup packets (0 bytes)
      0 out-of-order packets (0 bytes)
      0 packets (0 bytes) with data after window
      0 packets after close
      0 window probe packets, 17 window update packets
      0 dup ack packets, 0 ack packets with unsend data
      23 ack packets (93 bytes)
      0 packets dropped due to PAWS, 0 due to trylock
Sent:43 Total, 0 error, 0 urgent packets
      11 control packets (including 0 RST)
      41 data packets (87 bytes)
      2 data packets (0 bytes) retransmitted
      15 ack only packets (9 delayed)
      0 window probe packets, 0 window update packets
6 Connections initiated, 0 connections accepted, 3 connections established
6 Connections closed (2 dropped, 0 embryonic dropped)
2 Total rxmt timeout, 0 connections dropped in rxmt timeout
0 Keepalive timeout, 0 keepalive probe, 0 Connections dropped in keepalive
0 Connections dropped in window probe, 0 connections rate-limited
0 SYN cache entries
0 SYN cache added, 0 completed
0 SYN cache timedout, 0 reset, 0 aborted
0 SYN cache unreachable, 0 dups, 0 dropped
0 SYN cache bucket overflow, 0 cache overflow, 0 rate-limit
0 Send pulse errors
2 Open sockets
0 Packets owned by the socket layer
0 Packets owned by TCP reassembly
0 Packets freed after starvation
0 Packet allocation errors
0 increase MSS, 0 decrease MSS
0 no throttle, 0 lw throttle, 0 hw throttle
0 Truncated write I/O vectors

Table 64 describes the significant fields shown in the display.

Table 64 show tcp statistics Field Descriptions 

Field
Description

Rcvd:

Statistics in this section refer to packets received by the router.

Total

Total number of packets received.

no port

Number of packets received with no port.

checksum error

Number of packets received with checksum error.

too short

Number of packets received that were too short.

packets in sequence

Number of data packets received in sequence.

dup packets

Number of duplicate packets received.

partially dup packets

Number of packets received with partially duplicated data.

out-of-order packets

Number of packets received out of order.

packets with data after window

Number of packets received with data that exceeded the window size of the receiver.

packets after close

Number of packets received after the connection has been closed.

window probe packets

Number of window probe packets received.

window update packets

Number of window update packets received.

dup ack packets

Number of duplicate acknowledgment packets received.

ack packets with unsend data

Number of acknowledgment packets with unsend data received.

ack packets

Number of acknowledgment packets received.

packets dropped due to PAWS

Number of packets dropped due to Protection Against Wrapped Sequence.

due to trylock

Number of packets dropped due to inability to lock a socket.

Sent:

Statistics in this section refer to packets sent by the router.

Total

Total number of packets sent.

urgent packets

Number of urgent packets sent.

control packets

Number of control packets (SYN, FIN, or RST) sent.

data packets

Number of data packets sent.

data packets retransmitted

Number of data packets re-sent.

ack only packets

Number of packets sent that are acknowledgments only.

window probe packets

Number of window probe packets sent.

window update packets

Number of window update packets sent.

Connections initiated

Number of connections initiated.

connections accepted

Number of connections accepted.

connections established

Number of connections established.

Connections closed

Number of connections closed.

Total rxmt timeout

Number of times the router tried to resend, but timed out.

connections dropped in rxmt timeout

Number of connections dropped in the resend timeout.

Keepalive timeout

Number of keepalive packets in the timeout.

keepalive probe

Number of keepalive probes.

Connections dropped in keepalive

Number of connections dropped in the keepalive.

Connections dropped in window probe

Number of connections dropped while TCP performing window probe.

connections rate-limited

Number of connections being rate limited.

SYN cache entries

Number of entries in the SYN cache.

SYN cache added

Number of entries added.

completed

Number of connections completed.

SYN cache timedout

Number of entries timed out.

reset

Number dropped due to RST.

aborted

Number of entries aborted.

SYN cache unreachable

Number of entries dropped due to Internet Control Message Protocol (ICMP) unreachable.

dups

Number of duplicate SYNs received.

dropped

Number of SYNs dropped (no route or memory).

SYN cache bucket overflow

Number of entries dropped due to bucket overflow.

cache overflow

Number of entries dropped due to cache overflow.

Send pulse errors

Number of times that TCP failed to send a packet to the IP layer.

Open sockets

Number of sockets opened—seen by using the show tcp brief command.

Note One open socket is reserved for sending TCP RST and is not visible in the output of the show tcp brief command.

Packets owned by the socket layer

Number of received packets held in the sockets waiting for applications to be read.

Packets owned by TCP reassembly

Number of received packets stored in the TCP reassembly queue waiting for missing packets to arrive before they can form a contiguous stream to be delivered to the application.

Packets freed after starvation

Number of packets in the TCP reassembly queue. Packets are flushed if the system is in memory starvation and TCP cannot get more packet buffers.

Packet allocation errors

Number of times TCP fails to get a packet buffer to send a datagram.

increase MSS,
decrease MSS

Number of times the TCP Maximum Segment Size (MSS) is increased or decreased based on path Maximum Transmission Unit (MTU) discovery.

no throttle

Number of reads that were not throttled.

lw throttle

Number of reads that were in low-water mark throttle.

hw throttle

Number of reads that were in high-water mark throttle.

Truncated write I/O vectors

Number of writes that are truncated due to I/O vector limit.


Related Commands

Command
Description

clear tcp statistics

Clears TCP statistics.


show udp brief

To display a summary of the User Datagram Protocol (UDP) connection table, use the show udp brief command in EXEC mode.

show udp brief location node-id

Syntax Description

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show udp brief command:

RP/0/RP0/CPU0:router# show udp brief
 
   
PCB        Recv-Q Send-Q  Local Address          Foreign Address
0x8040c4c      0      0  0.0.0.0:7              0.0.0.0:0             
0x805a120      0      0  0.0.0.0:9              0.0.0.0:0             
0x805a430      0      0  0.0.0.0:19             0.0.0.0:0             
0x805a740      0      0  0.0.0.0:67             0.0.0.0:0             
0x804fcb0      0      0  0.0.0.0:123            0.0.0.0:0 

Table 65 describes the significant fields shown in the display.

Table 65 show udp brief Field Descriptions

Field
Description

PCB

Protocol control block address. This is the address to a structure that contains connection information such as local address, foreign address, local port, foreign port, and so on.

Recv-Q

Number of bytes in the receive queue.

Send-Q

Number of bytes in the send queue.

Local Address

Local address and local port.

Foreign Address

Foreign address and foreign port.


Related Commands

Command
Description

show tcp brief

Displays details of TCP connections.


show udp extended-filters

To display the details of the TCP extended-filters, use the show udp extended-filters command in EXEC mode.

show udp extended-filters [ location node-id ] | peer-filter [ location node-id ]

Syntax Description

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.

peer-filter

Displays connections with peer filter configured.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following is sample output from the show udp extended-filters command for a specific location (0/RP1/CPU0):

RP/0/RP0/CPU0:router# show udp extended-filters location 0/RP1/CPU0
 
   
Total Number of matching PCB's in database: 1
-----------------------------------
JID: 248
Family: 2
PCB: 0x48247e94
L4-proto: 17
Lport: 646
Fport: 0
Laddr: 0.0.0.0
Faddr: 0.0.0.0
ICMP error filter mask: 0x0
LPTS options: 0x00000000
-----------------------------------

show udp statistics

To display User Datagram Protocol (UDP) statistics, use the show udp statistics command in EXEC mode.

show udp statistics {summary | pcb {pcb-address | all}} location node-id

Syntax Description

summary

Displays summary statistics.

pcb pcb-address

Displays detailed statistics for each connection.

pcb all

Displays detailed statistics for all connections.

location node-id

Displays information for the designated node. The node-id argument is entered in the rack/slot/module notation.


Defaults

No default behavior or values.

Command Modes

EXEC

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router. The location keyword and node-id argument became required.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

UDP clones the received packets if there are multiple multicast applications that are interested in receiving those packets.

Examples

The following is sample output from the show udp statistics summary command:

RP/0/RP0/CPU0:router# show udp statistics summary
 
   
UDP statistics:
Rcvd:0 Total, 0 drop, 0 no port
      0 checksum error, 0 too short
Sent:0 Total, 4 error
0 Total forwarding broadcast packets
0 Cloned packets, 0 failed cloning
 
   

Table 66 show udp Field Descriptions 

Field
Description

Rcvd: Total

Total number of packets received.

Rcvd: drop

Total number of packets received that were dropped.

Rcvd: no port

Total number of packets received that have no port.

Rcvd: checksum error

Total number of packets received that have a checksum error.

Rcvd: too short

Total number of packets received that are too short for UDP packets.

Sent: Total

Total number of packets sent successfully.

Sent: error

Total number of packets that cannot be sent due to errors.

Total forwarding broadcast packets

Total number of packets forwarded to the helper address.

Cloned packets

Total number of packets cloned successfully.

failed cloning

Total number of packets that failed cloning.


Related Commands

Command
Description

clear udp statistics

Clears UDP statistics.


tcp mss

To configure the TCP maximum segment size that determines the size of the packet that TCP uses for sending data, use the tcp mss command in global configuration mode.

tcp mss segment-size

Syntax Description

segment-size

Size, in bytes, of the packet that TCP uses to send data. Range is 68 to 10000 bytes.


Defaults

If this configuration does not exist, TCP determines the maximum segment size based on the settings specified by the application process, interface maximum transfer unit (MTU), or MTU received from Path MTU Discovery.

Command Modes

Global configuration

Command History

Release
Modification

Release 3.2

This command was supported on the Cisco CRS-1 and the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

This example shows how to configure the TCP maximum segment size:

RP/0/0/CPU0:(config)#tcp mss 1460
RP/0/0/CPU0:(config)#exit
 
   
Uncommitted changes found, commit them? [yes]:
RP/0/0/CPU0:Sep  8 18:29:51.084 : config[65700]: %LIBTARCFG-6-COMMIT : 
Configuration committed by user 'lab'.   Use 'show commit changes 1000000596' to view the 
changes.
RP/0/0/CPU0:Sep  8 18:29:51.209 : config[65700]: %SYS-5-CONFIG_I : Configured from console 
by lab
 
   

tcp path-mtu-discovery

To allow TCP to automatically detect the highest common maximum transfer unit (MTU) for a connection, use the tcp path-mtu-discovery in global configuration mode. To reset the default, use the no form of this command.

tcp path-mtu-discovery [age-timer minutes | infinite]

no tcp path-mtu-discovery

Syntax Description

age-timer minutes

(Optional) Specifies a value in minutes. Range is 10 to 30. Default is 10.

infinite

(Optional) Turns off the age timer.


Defaults

Disabled

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the tcp path-mtu-discovery command to allow TCP to automatically detect the highest common MTU for a connection, such that when a packet traverses between the originating host and the destination host the packet is not fragmented and then reassembled.

The age timer value is in minutes, with a default value of 10 minutes. The age timer is used by TCP to automatically detect if there is an increase in MTU for a particular connection. If the infinite keyword is specified, the age timer is turned off.

Examples

The following example shows how to set the age timer to 20 minutes:

RP/0/RP0/CPU0:router(config)# tcp path-mtu-discovery age-timer 20

tcp selective-ack

To enable TCP selective acknowledgment (ACK) and identify which segments in a TCP packet have been received by the remote TCP, use the tcp selective-ack command in global configuration mode. To reset the default, use the no form of this command.

tcp selective-ack

no tcp selective-ack

Syntax Description

This command has no arguments or keywords.

Defaults

TCP Selective ACK is disabled.

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

If TCP Selective ACK is enabled, each packet contains information about which segments have been received by the remote TCP. The sender can then resend only those segments that are lost. If selective ACK is disabled, the sender receives no information about missing segments and automatically sends the first packet that is not acknowledged and then waits for the other TCP to respond with what is missing from the data stream. This method is inefficient because in Long Fat Network (LFN), the bandwidth delay is large and valuable bandwidth is wasted.

Examples

In the following example, the selective ACK is enabled:

RP/0/RP0/CPU0:router(config)# tcp selective-ack

Related Commands

Command
Description

tcp timestamp

Measures the round-trip time of a packet.


tcp synwait-time

To set a period of time the software waits while attempting to establish a TCP connection before it times out, use the tcp synwait-time command in global configuration mode. To restore the default time, use the no form of this command.

tcp synwait-time seconds

no tcp synwait-time seconds

Syntax Description

seconds

Time, in seconds, the software waits while attempting to establish a TCP connection. Range is 5 to 300 seconds. Default is 30.


Defaults

seconds: 30 seconds

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Examples

The following example shows how to configure the software to continue attempting to establish a TCP connection for 180 seconds:

RP/0/RP0/CPU0:router(config)# tcp synwait-time 180

tcp timestamp

To more accurately measure the round-trip time of a packet, use the tcp timestamp command in global configuration mode. To reset the default, use the no form of this command.

tcp timestamp

no tcp timestamp

Syntax Description

This command has no arguments or keywords.

Defaults

A TCP time stamp is not used.

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.

Use the tcp timestamp command to more accurately measure the round-trip time of a packet. If a time stamp is not used, a TCP sender deduces the round-trip time when an acknowledgment of its packet is received, which is not a very accurate method because the acknowledgment can be delayed, duplicated, or lost. If a time stamp is used, each packet contains a time stamp to identify packets when acknowledgments are received and the round-trip time of that packet.

This feature is most useful in Long Fat Network (LFN) where the bandwidth * delay product is long.

Examples

The following example shows how to enable the timestamp option:

RP/0/RP0/CPU0:router(config)# tcp timestamp

Related Commands

Command
Description

tcp selective-ack

Enables the TCP selective acknowledgment feature.


tcp window-size

To alter the TCP window size, use the tcp window-size command in global configuration mode. To restore the default value, use the no form of this command.

tcp window-size bytes

no tcp window-size

Syntax Description

bytes

Window size in bytes. Maximum is 65535 bytes. Default value is 16384 bytes.


Defaults

bytes: 16384

Command Modes

Global configuration

Command History

Release
Modification

Release 2.0

This command was introduced on the Cisco CRS-1.

Release 3.0

No modifications.

Release 3.2

This command was supported on the Cisco XR 12000 Series Router.


Usage Guidelines

To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of the Cisco IOS XR System Security Configuration Guide.


Note Do not use this command unless you clearly understand why you want to change the default value.


Examples

The following example shows how to set the TCP window size to 1000 bytes:

RP/0/RP0/CPU0:router(config)# tcp window-size 1000