Table Of Contents
CLI Commands
General Commands
admin-shutdown
alias
archive
clear
cliLogMessage subsystem
clock
cls
configure
copy
copy core
copy ftp
copy log
copy profile
copy running-config
copy script
copy startup-config
copy tftp
date european-date
disable
disconnect
dns resolve
dns-boomerang client zero
echo
enable
endbranch
exit
expert
find ip address
flow statistics
function
help
history length
if
input
license
lock
login
modify
no
pause
ping
prompt
proximity
proximity assign
proximity assign flush
proximity clear
proximity commit
proximity refine
proximity reprobe
proximity retrieve
rcmd
redundancy force-master
replicate
restore
script
send-message
set
show
show acl
show aliases
show app
show app-udp
show archive
show arp
show boot-config
show bridge
show chassis
show circuits
show clock
show cmd-sched
show content
show core
show critical-services
show disk
show dns-boomerang client
show dns-peer
show dns-record
show dns-server
show domain
show dos
show dql
show dump-status
show eql
show ether-errors
show flows
show group
show header-field-group
show history
show installed-software
show interface
show ip config
show ip interfaces
show ip routes
show ip statistics
show ip summary
show keepalive
show keepalive-summary
show lines
show load
show log
show log-list
show log-state
show mibii
show nql
show ospf
show owner
show phy
show profile
show proximity
show proximity assign
show proximity cache
show proximity metric
show proximity probe rtt statistics
show proximity refine
show proximity statistics
show proximity zone
show publisher
show radius config
show radius stat
show redundancy
show redundant-interfaces
show redundant-vips
show remap
show rip
show rmon
show rmon-history
show rule
show rule-summary
show running-config
show script
show service
show sntp global
show sockets
show sshd config
show startup-config
show startup-errors
show subscriber
show summary
show system-resources
show trunk
show uptime
show urql
show user-database
show variable
show virtual-routers
show zone
socket
socket connect
socket disconnect
socket inspect
socket receive
socket send
socket waitfor
terminal
terminal idle
terminal length
terminal more
terminal netmask-format
terminal timeout
traceroute
update arp
var-shift
version
while
write memory
zero
CLI Commands
This chapter provides detailed information for the following types of CSS CLI commands:
•
General commands are commands you can enter after you log into the CSS as a User or SuperUser
•Configuration mode commands are commands you can enter after you log into the CSS as a SuperUser, and then access global configuration mode and its subset of modes
The description for each command includes:
•The syntax for the command
•Any related commands, when appropriate
Note CSS software is available in a Standard or Enhanced feature set. The Enhanced feature set includes the commands of the Standard feature set, and the commands for Network Address Translation (NAT) Peering, Domain Name Service (DNS), Demand-Based Content Replication (Dynamic Hot Content Overflow), Content Staging and Replication, and Network Proximity DNS.
Proximity Database and SSH are optional features. The commands for each of these features are functional only when you install their license keys.
General Commands
General commands are commands available to you immediately after you log into a CSS. The commands you can run depends on your permission level. If you have:
•User permissions, the CSS limits you to the following general commands and any associated no forms in User mode:
These commands, except enable, prompt, and terminal, are also available in all configuration modes.
•SuperUser permissions, all general commands and SuperUser commands are available to you. You can also access global configuration mode and its commands. For more information on global configuration mode commands, refer to "Global Configuration Mode Commands".
The descriptions of the general commands in this section indicate whether you can use the command in User or SuperUser mode or both, and if it is available in all modes.
admin-shutdown
To shutdown all interfaces simultaneously, use the admin-shutdown command. This command provides a quick way to shut down all physical devices in the CSS except the Console and Management port. Use the no form of the command to restart all interfaces.
admin-shutdown
no admin-shutdown
Caution Shutting down the physical interfaces on the CSS terminates all activity on them.
Note To shutdown an individual interface, use this command in interface mode. Refer to the (config-if) admin-shutdown command.
Command Modes
SuperUser
Related Commands
show interface
(config-if) admin-shutdown
alias
To create an alias for one or more commands, use the alias command. Assign the alias to a specific mode. If you want to assign it to all modes, use the all option. Use the no form of this command to delete the alias from a mode.
alias mode alias_name "CLI_command{;CLI_command;CLI_command...}"
no alias mode alias_name
Syntax Description
mode
|
The mode that you want to assign the alias. Enter one of the following options:
•acl, Access Control List (ACL) configuration mode
•all, all modes
•boot, Boot configuration mode
•circuit, Circuit configuration mode
•configure, Global configuration mode
•content, Content configuration mode
•dql, Domain Qualifier List (DQL) mode
•eql, Extension Qualifier List (EQL) mode
•group, Group configuration mode
•header-field-group, Header-field-group mode
•interface, Interface configuration mode
•ip, IP configuration mode
•keepalive, Keepalive configuration mode
•nql, Network Qualifier List (NQL) configuration mode
•owner, Owner configuration mode
•rmonalarm, RMON alarm configuration mode
•rmonevent, RMON event configuration mode
•rmonhistory, RMON history configuration mode
•service, Service configuration mode
•super, SuperUser mode
•user, User mode
•urql, URL Qualifier List (URQL) configuration mode
•vlan, VLAN mode
|
alias_name
|
The name for the new alias command. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
CLI_command
|
One or more CLI commands to be aliased. Enter the command, its options, and variables exactly. Enclose the command text string in quotes (""). When entering multiple CLI commands, insert a semicolon (;) character to separate each command.
|
Note You can include an alias as a session-based configuration parameter for a profile script.
Command Modes
All modes
Related Commands
show aliases
archive
To archive files, use the archive command. Archiving is useful when you update software and want to save a script, log, or startup-config file from a previous release of software. An archive directory on the CSS disk stores the archive files.
Note The archive directory resides on the CSS hard drive. If you booted your CSS from a network-mounted system and your hard drive is not working, archive- and restore-related functions are suspended.
archive [[startup-config|log log_filename|script script_filename]
{archive_filename}|running-config archive_filename]
Syntax Description
startup-config
|
Archives the startup configuration file.
|
log
|
Archives a log file.
|
script
|
Archives a script file.
|
log_filename
|
The filename of the log to archive. To see a list of log files, enter:
|
script_filename
|
The filename of the script to archive. To see a list of script files, enter:
|
running-config
|
Archives the running configuration.
|
archive_filename
|
A name you want to assign to the archive file. Enter an unquoted text string with a maximum length of 32 characters.
|
Command Modes
SuperUser
Related Commands
copy
restore
script
show
clear
To clear system information, use the clear command.
clear [archive archive_filename|arp [cache {ip_or_host}|arp file]
|log log_filename|running-config|script script_filename
|startup-config|startup-errors|statistics interface_name]]
Syntax Description
archive
|
Clears a file in the archive directory.
|
archive_filename
|
The name of the archive file to clear. To list the archive files, enter:
|
arp
|
Clears an ARP table or file.
|
cache
|
Deletes all of the dynamic entries from the ARP cache.
|
ip_or_host
|
The address for the single ARP entry you want to remove from the ARP cache. Enter the address in either dotted-decimal IP notation (for example, 192.168.11.1) or mnemonic host-name format (for example, myhost.mydomain.com).
|
file
|
Clears the file containing the host addresses that the ARP module on the CSS resolved for the ARP table at initialization or boot time.
|
log
|
Clears a log file.
|
log_filename
|
The filename for the log. To see a list of log files, enter:
|
running-config
|
Resets the running configuration to the default boot configuration.
Note If the (config) restrict user-database command is issued, only a user with administrator or technician privileges can clear the running-config.
|
script
|
Clears a script file.
|
script_filename
|
The filename for a valid script file. To see a list of script files, enter:
|
startup-config
|
Clears the startup configuration.
Note The startup-config file provides the CSS initial configuration. Without this file, the CSS will boot the default configuration.
The startup-config keyword does not clear the IP address for the management port.
|
startup-errors
|
Clears the startup configuration errors file.
Note Before each boot, the CSS automatically removes the startup-errors file.
|
statistics
|
Resets the Ethernet errors, MIB-II, and RMON statistics on a CSS Ethernet interface to zero.
|
interface_name
|
The name of the physical interface. Enter a case-sensitive unquoted text string. To see a list of interfaces, enter:
|
Command Modes
SuperUser
Related Commands
archive
show arp
show ether-errors
show mibii
show rmon
update arp
(config) arpscript
(config) logging
cliLogMessage subsystem
To define a log message for a subsystem at a logging level, use the cliLogMessage subsystem command.
cliLogMessage subsystem name "message" level level
Syntax Description
name
|
The name of a CSS subsystem. Enter one of the following subsystem names:
|
•acl, Access Control Lists
|
•all, all subsystems
|
•app, Application Peering Protocol (APP)
|
•boomerang, DNS Content Routing Agent
|
•buffer, Buffer Manager
|
•chassis, Chassis Manager
|
•circuit, Circuit Manager
|
•csdpeer, Content Server Database (CSD) Peer
|
•dql, Domain Qualifier List (DQL)
|
•fac, Flow Admission Control (FAC)
|
•flowmgr, Flow Manager
|
•hfg, Header Field Group (HFG)
|
•ipv4, Internet Protocol version 4
|
•keepalive, Keepalive
|
•netman, Network Management
|
•nql, Network Qualifier List (NQL)
|
•ospf, OSPF
|
•pcm, Proximity CAPP Messaging (PCM)
|
•portmapper, PortMapper
|
•proximity, Proximity
|
•publish, Publish
|
•radius, Remote Authentication Dial-In User Server (RADIUS)
|
•replicate, Replication
|
| |
•redundancy, CSS redundancy
|
•rip, RIP
|
•security, Security Manager
|
•sntp, Simple Network Time Protocol (SNTP)
|
•syssoft, System software
|
•urql, Uniform Resource Qualifier List
|
•vlanmgr, VLAN Manager
|
•vpm, Virtual Pipe Manager
|
•vrrp, Virtual Router Redundancy Protocol
|
•wcc, Web Conversation Control
|
To see a list of subsystems, enter:
cliLogMessage subsystem ?
|
level
|
The log level for the message. Enter one of these levels:
|
•fatal-0, Fatal errors only
|
•alert-1, Alert errors, including errors at the fatal-0 level
|
•critical-2, Critical errors, including errors at the alert-1 level
|
•error-3, Error errors, including errors at the critical-2 level
|
•warning-4, Warning errors (default), including errors at the error-3 level
|
•notice-5, Notice messages, including errors at the warning-4 level
|
•info-6, Informational messages, including errors at the notice-5 level
|
•debug-7, All errors and messages
|
Command Modes
All modes
Related Commands
show log
(config) logging disk
(config) logging host
(config) logging line
clock
To set the date, time, or timezone, use the clock command. Use the no form of the clock timezone command to reset the timezone information to 00:00:0.
clock [date|time|timezone name hour hours {before-UTC|after-UTC}
{minute minutes {before-UTC|after-UTC}]
no clock timezone
Syntax Description
date
|
Sets the date. When you enter this command, a prompt appears and shows the current date in the format you must use to enter the new date.
Enter the month, day, and year as integers with dash characters separating them. For example, enter June 15th 2000 as 06-15-2000.
If you use the date european-date command, the format for entering the date is day, month, and year. For example, enter June 15th 2000 as 15-06-2000.
|
time
|
Sets the time in military-time format. When you enter this command, a prompt appears and shows the current time in the format you must use to enter the new time.
Enter the hour, minutes, and seconds as integers with colon characters separating them. For example, enter 12:23:14.
Note If you configure a timezone, the show clock command displays the time adjusted with the timezone offset.
|
timezone
|
Sets the timezone to offset the Universal Time Coordinated (UTC) time from an SNTP server.
Note The timezone option applies only when you configure an SNTP server. Otherwise, the CSS ignores this option.
|
name
|
The name of the timezone. Enter a name with a maximum of 32 characters and no spaces.
|
hour
|
Sets the hours offset for the timezone.
|
hours
|
The offset in hours. Enter a number from 0 to 12. If the before-UTC or after-UTC option is omitted, the offset is set to a positive number.
|
before-UTC
|
Sets the offset as a negative number. For example, if the hour offset is 12, the before-UTC option sets it to -12.
|
after-UTC
|
Sets the offset as a positive number. This is the default offset.
|
minute
|
Sets the minutes offset for the timezone.
|
minutes
|
The offset in minutes. Enter a number from 0 to 59. If the before-UTC or after-UTC option is omitted, the offset is set to a positive number.
|
Command Modes
SuperUser
Usage Guidelines
You cannot use the backspace key for the clock date or time command.
Related Commands
date european-date
show clock
(config) sntp
cls
To clear the terminal screen, use the cls command.
cls
Command Modes
All modes
configure
To enter global configuration mode, use the configure command. Configuration commands apply to the system as a whole.
config{ure {terminal}}
Usage Guidelines
When you use the configure command to enter global configuration mode, the CLI prompt changes to (config).
From this mode, you can also enter these configuration modes:
•ACL
•Boot
•Circuit and IP
•DQL
•EQL
•Group
•Header-field group
•Interface
•Keepalive
•NQL
•Owner and Content
•RMON alarm, RMON event, and RMON history
•Service
•URQL
For information about the commands available in these modes, refer to "Global Configuration Mode Commands".
To exit the current configuration mode, enter:
exit
To exit any configuration mode and return to SuperUser mode, press CTRL-z.
Command Modes
SuperUser
copy
To copy files to and from File Transfer Protocol (FTP) and Trivial File Transfer Protocol (TFTP) servers, use the copy command. The options for this command are:
•copy core..., copies a core dump file
•copy ftp..., copies from an FTP server
•copy log..., copies a log file
•copy profile..., copies the running profile
•copy running-config..., copies the running configuration
•copy script..., copies a script file
•copy startup-config..., copies the startup configuration
•copy tftp..., copies from a TFTP server
For information about these options and any associated variables, refer to the following commands.
Command Modes
SuperUser
copy core
To copy a core dump file from the CSS to an FTP or TFTP server, use the copy core command.
copy core core_filename [ftp ftp_record|tftp ip_or_host] filename
Syntax Description
core_filename
|
The name of the core dump file on the CSS. Enter an unquoted text string with the appropriate capitalization, no spaces, and a maximum length of 32 characters. To see a list of core dump files, enter:
|
ftp
|
Copies a core dump file to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies a core dump file to a TFTP server.
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
Command Modes
SuperUser
Usage Guidelines
Before you copy a core dump file from the CSS to an FTP server, you must create an FTP record file containing the FTP server IP address, username, and password. See the (config) ftp-record command.
Related Commands
(config) ftp-record
copy ftp
To copy an ArrowPoint Distribution Image (ADI), script file, or startup configuration file from an FTP server to the CSS, use the copy ftp command.
copy ftp ftp_record filename [boot-image|script script_filename
|startup-config]
Syntax Description
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
filename
|
The name of the file on the FTP server that you want to copy to the CSS. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
If you are using the boot-image option to copy an ADI file from an FTP server to the CSS, include the full path to the file including the file extension. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
You can also copy a GZIP-compressed version of the ADI file. The CSS uncompresses the file. If there is not enough disk space available, the CSS provides a message.
|
boot-image
|
Copies an ADI file from an FTP server. The ADI file contains the CSS software including boot files and logging and archiving directories. To unpack the CSS software in the ADI file, use the (config-boot) unpack command.
Note When you use the boot-image option, the file you copy to the CSS must be an ADI file. Otherwise, the CSS rejects it.
|
script
|
Copies an FTP file to the script directory.
|
script_file
|
The name you want to assign to the script file on the CSS. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
startup-config
|
Copies the startup configuration and overwrites it.
|
Command Modes
SuperUser
Usage Guidelines
Before using this command, you must use the (config) ftp-record command to create an FTP record file containing the FTP server IP address, username, and password. For more information on these options and associated variables, refer to the following commands.
Related Commands
script
(config) boot
(config) ftp-record
(config-boot) unpack
copy log
To copy a log file from the CSS to an FTP or TFTP server, use the copy log command.
copy log log_filename [ftp ftp_record|tftp ip_or_host] filename
Syntax Description
log_filename
|
The name of the log file on the CSS. Enter an unquoted text string with no spaces and a maximum length of 32 characters. To see a list of log files, enter:
|
ftp
|
Copies a log file to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies a log file to a TFTP server.
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
Command Modes
SuperUser
Related Commands
(config) ftp-record
(config) logging
copy profile
To copy the running profile from the CSS to an FTP server, TFTP server, your user profile, or the default profile, use the copy profile command.
copy profile [default-profile|[ftp ftp_record|tftp ip_or_host]
filename|user-profile]
Syntax Description
default-profile
|
Copies the running profile to the default profile.
|
ftp
|
Copies the running profile to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies the running profile to a TFTP server.
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
user-profile
|
Proactively copies the changes on the running profile to the user profile. This command creates a file username-profile if one does not exist, where username is the current username.
Note If you exit the CSS without copying any changes in running profile to your user profile, the CSS prompts you that the profile has changed and queries whether or not you want to save your changes. If you respond with a y, the CSS copies the running profile to the user profile.
|
Command Modes
SuperUser
Related Commands
(config) ftp-record
copy running-config
To copy the running configuration to an FTP or TFTP server or to the startup configuration file on the CSS disk, use the copy running-config command.
copy running-config [[ftp ftp_record|tftp ip_or_host]
filename|startup-config]
Syntax Description
ftp
|
Copies the running configuration to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies the running configuration to a TFTP server
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
startup-config
|
Copies the running configuration to the startup configuration file on the CSS disk. In the event of the CSS rebooting, if you do not save changes in the running-config file to the startup-config file, these changes are lost.
|
Command Modes
SuperUser
Related Commands
(config) ftp-record
copy script
To copy a script file from the CSS to an FTP or TFTP server, use the copy script command. To create a script file, see the script command.
copy script script_file [ftp ftp_record|tftp ip_or_host] filename
Syntax Description
script_file
|
The name of the script file on the CSS. Enter an unquoted text string with no spaces and maximum length of 32 characters. To see a list of script files, enter:
|
ftp
|
Copies a script file to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies a script file to a TFTP server
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
Command Modes
SuperUser
Usage Guidelines
A profile file is a special script. You can use the copy profile command to copy it.
Related Commands
script
(config) ftp-record
copy startup-config
To copy the startup configuration to an FTP or TFTP server or to the running configuration, use the copy startup-config command.
copy startup-config [[ftp ftp_record|tftp ip_or_host]
filename|running-config]
Syntax DescriptionF
ftp
|
Copies the startup configuration to an FTP server.
|
ftp_record
|
The name of the FTP record file that contains the FTP server IP address, username, and password. Enter an unquoted text string with no spaces. To create an FTP record, refer to the (config) ftp-record command.
|
tftp
|
Copies the startup configuration to a TFTP server
|
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name you want to assign to the file on the server. Include the full path to the file. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
running-config
|
Copies the startup configuration and merge with the running configuration file on the CSS disk.
|
Command Modes
SuperUser
Related Commands
(config) ftp-record
copy tftp
To copy files from a TFTP server to the script directory or overwrite the startup configuration on the CSS, use the copy tftp command.
copy tftp ip_or_host filename [script script_file|startup-config]
Syntax Description
ip_or_host
|
The IP address or host name of the TFTP server to receive the file. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
filename
|
The name for the file on the TFTP server. Include the full path to the file. Enter an unquoted text string with no spaces.
|
script
|
Copies a TFTP file to the script directory.
|
script_file
|
The name you want to assign to the script file on the CSS. Enter an unquoted text string with no spaces and a maximum length of 32 characters.
|
startup-config
|
Copies a TFTP file to and overwrite the startup configuration.
|
Command Modes
SuperUser
Related Commands
script
(config) boot
date european-date
To change the behavior of the clock date command to accept date input in the format of day, month, and year, use the date european-date command. Use the no form of the command to reset the format for the clock date command to its default format of month, day, and year.
date european-date
no date european-date
Command Modes
SuperUser
Related Commands
clock
show clock
disable
To access User mode, use the disable command to leave SuperUser mode. In User mode, you can monitor and display CSS parameters but not change them.
disable
To log in as a SuperUser from User mode, use the enable command.
Command Modes
SuperUser
Related Commands
enable
exit
disconnect
To disconnect a connected session or line, use the disconnect command.
disconnect session
Syntax Description
session
|
The Telnet or console session. To see a list of sessions, enter:
|
Command Modes
SuperUser
dns resolve
To resolve a hostname by querying the configured DNS server on the CSS, use the dns resolve command.
dns resolve host_name
Syntax Description
host_name
|
The name of the host you want to resolve. Enter the host name in mnemonic host-name format (for example, myhost.mydomain.com).
|
Command Modes
All modes
dns-boomerang client zero
To clear the statistics for a configured domains displayed through the show dns-boomerang client command, use the dns-boomerang client zero command.
dns-boomerang client zero
Command Modes
SuperUser and all configuration modes
Related Commands
show dns-boomerang client
echo
To enable terminal echo and optionally echo a message with or without a line feed, use the echo command. This is useful when creating scripts and controlling output. Typical use of this command is in a script file. Use the no form of this command to disable terminal echo.
echo {-n} {"message"}
no echo
Syntax Description
-n
|
Echo the message to the terminal without a line feed.
|
message
|
Echo the message to the terminal with a line feed. Enter a quoted text string, user-defined variable, or status variable. You can include the \n characters in the message to produce line feeds.
|
Command Modes
All modes
Related Commands
input
set
show variable
enable
To log in as a SuperUser in User mode, use the enable command.
enable
Usage Guidelines
The enable command prompts you for a valid username and password.
After you log in with a username that has SuperUser privileges, you can access the full set of CLI commands, including those in User mode. SuperUser commands let you change parameters and configure the CSS. To set SuperUser usernames and passwords, refer to the (config) username command.
Command Modes
User
Related Commands
disable
exit
endbranch
To terminate a branch block initiated by an if or while command, use the endbranch command. Typical use of this command is in a script file. For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
endbranch
Command Modes
All modes
Related Commands
if
while
exit
Use the exit command to exit from:
•The current mode and return to the previous mode. If you are in User or SuperUser mode, this command ends the CLI session and disconnects the line.
•An upper branch block.
•A current script.
exit {branch|script {status}}
Syntax Description
branch
|
Exits the upper branch block.
|
script
|
Exits the current script.
|
status
|
Defines the integer value placed in the STATUS variable when a script completes execution. If you do not define the STATUS variable, with the exception of the grep command, an exit status of 0 indicates that a command was successful. A non-zero value indicates a failure. This value is set automatically by the CLI after each command completes its execution.
|
Usage Guidelines
If you are in User or SuperUser mode when you use the exit command to exit the current mode, you will exit the session. When you exit a mode, the prompt changes accordingly.
Typically you would use the exit branch and exit script commands in script files. For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
Command Modes
All modes
Related Commands
script
expert
To turn on expert mode, use the expert command. Expert mode is off by default. Use the no form of this command to reset expert mode to its default setting of off.
expert
no expert
In expert mode, the CLI does not ask for confirmation before you execute commands that could delete or radically change operating parameters.
Note Your user profile contains the expert mode setting when you log into the CSS. If you change this setting during a CSS session, you can permanently save the setting in your profile by using the copy running-config command, or when you exit a CLI session, you can respond with a y when the CSS prompts you that the profile has changed and queries whether or not you want to save the changes to the user profile.
Command Modes
SuperUser
find ip address
To search the CSS configuration for the specified IP address, use the find ip address command. You can include a netmask for subnet (wildcard) searches. This search can help you avoid IP address conflicts when you configure the CSS.
When you use this command, it checks services, source groups, content rules, ACLs, the management port, syslog, APP sessions, and local interfaces for the specified address. If the address is found, the locations of its use are displayed. If no addresses are found, you are returned to the command prompt.
find ip address ip_or_host {subnet_mask|range number}
Syntax Description
ip_or_host
|
The IP address you want to find. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
subnet_mask
|
The optional IP subnet mask. Enter the mask either:
•As a prefix length in CIDR bitcount notation (for example, /24). Do not enter a space to separate the IP address from the prefix length.
•In dotted-decimal notation (for example, 255.255.255.0).
If you enter a mask of 0.0.0.0, the CSS finds all addresses.
|
range number
|
The range option allows you to define how many IP addresses that you want to find, starting with the ip_or_host address. Enter a number from 1 to 65535. The default is 1.
For example, if you enter an IP address of 203.1.1.1 with a range of 10, the CSS tries to find the addresses from 203.1.1.1 through 203.1.1.10.
|
Command Modes
All modes
flow statistics
To display statistics on currently allocated flows, use the flow statistics command.
flow statistics
This command displays the UDP and TCP flows per second, the hits per seconds, and the flow information for each port.
Command Modes
All modes
function
To create a function and call it within a script, use the function command.
function name [begin|end|call {"value value..."}|return {"value value..."}]
Syntax Description
name
|
The name of the function. Enter a text string up to 32 characters.
|
begin
|
Starts the definition of the function.
|
end
|
Ends the definition of the function.
|
call
|
Calls the function.
|
return
|
Exits the function and optionally set the value in the RETURN variable.
|
value
|
One or more optional alphanumeric values you want to pass into the function or set a value in the RETURN variable. Enter the value(s) in a quoted string.
|
Command Modes
All modes
Usage Guidelines
The function command allows you to define the function once within the script and then call it by its name one or more times to perform its functions. You can define the function either before or after you call it within the script. For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
Related Commands
endbranch
if
input
set
show variable
help
To display CLI help on all or a specified topic, use the help command. The CLI also provides other forms of context-sensitive help. See "Getting CLI Help".
help [commands|configuration|keys|modes|variables]
Syntax Description
commands
|
Displays help on entering commands
|
configuration,
|
Displays help on configuration files
|
keys
|
Displays help on keyboard shortcuts
|
modes
|
Displays help on configuration modes
|
variables
|
Displays help on variables
|
Command Modes
All modes
history length
To modify the history buffer length, use the history length command. The command-line history buffer stores the most recent CLI commands that you enter. Use the no form of this command to restore the history buffer to the default of 20 lines.
history length buffer_length
no history length
Syntax Description
buffer_length
|
The number of lines in command-line history buffer. Enter an integer from 0 to 256. The default is 20. To disable the history function, enter 0.
|
Command Modes
SuperUser
if
To initiate conditional branch execution of a Branch Block, use the if command. This branch construct is available with an interactive session or within a script. Typically you would use this command in a script. You can nest any number of commands in a Branch Block including nested Branch Blocks.
if [constant|variable_name] {"operator(s)" "operand(s)"}
Syntax Description
constant
|
A numeric constant. Enter an integer or user-defined variable.
|
variable_name
|
A character string representing a variable. Enter a name with a maximum length of 32 characters.
|
operator
|
One or more optional operations on the operand. Enter a quoted string of one or more of the following operators. Separate multiple operators with a space.
•OR, simple OR operator
•>, greater than operator
•AND, simple AND operator
•*, multiplication operator
•MOD, modulus operator
•/, division operator
•>=, greater than or equal to operator
•<, less than operator
•<=, less than or equal to operator
•==, equality operator
•+, add to variable
•-, subtract from variable
•--, decrement variable
•++, increment variable
Numeric value operators are handled one at a time from left to right, using the list of operands form the list as needed. Operators such as -- and ++ do not require an operand.
|
operand
|
One or more optional strings or variables, as follows:
•For character operators, enter a quoted string of either a string constant or a character variable.
•For numeric operators, enter a quoted string of one or more integers or numeric variables. Separate multiple operands with a space.
|
Command Modes
All modes
Usage Guidelines
For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
Related Commands
endbranch
function
input
set
show variable
input
To create a variable for the command line or script that prompts a user for a value to assign to a variable, use the input command. Typically you would use this command in a script. When the user enters the value and enters the carriage return, the value is assigned to the variable.
input variable_name directory_level
Syntax Description
variable_name
|
A character string representing the variable. Enter a string with a maximum length of 32 characters.
|
directory_level
|
The option for setting a variable to a directory level. Enter one of these options:
•archive, default archive directory
•log, default log directory
•script, default script directory based on the boot image
•top, root level directory
|
Command Modes
All modes
license
To enter the software license key, use the license command.
license
At the prompt for a license key, enter the number.
Command Modes
SuperUser
lock
To lock the terminal and CLI session, use the lock command. Locking the terminal allows you to prevent access to your terminal while maintaining the connection to a CLI session.
lock
When you enter the lock command, the screen displays this message:
*** Session is locked. Press any key to provide unlock
authentication ***
To unlock the terminal, press any key. Enter your username and password at the appropriate prompt.
Command Modes
SuperUser
login
To log into the CSS with a different user identity, use the login command.
login
This command prompts you for a valid username and password. To set SuperUser usernames and passwords, refer to the (config) username command.
Command Modes
SuperUser
Related Commands
enable
exit
modify
To change the value of any numeric variable, use the modify command. Typically you would use this command in a script.
modify variable_name "operator(s)" {"operand(s)"}
Syntax Description
variable_name
|
A character string representing a variable. Enter a name with a maximum length of 32 characters.
|
operator
|
One or more optional operations on the operand. Enter a quoted string of one or more of the following operators. Separate multiple operators with a space.
•OR, simple OR operator
•>, greater than operator
•AND, simple AND operator
•*, multiplication operator
•MOD, modulus operator
•/, division operator
•>=, greater than or equal to operator
•<, less than operator
•<=, less than or equal to operator
•==, equality operator
•+, add to variable
•-, subtract from variable
•--, decrement variable
•++, increment variable
Numeric value operators are handled one at a time from left to right, using the list of operands form the list as needed. Operators such as -- and ++ do not require an operand.
|
operand
|
One or more optional integers or numeric variables. Enter a quoted string. Separate multiple operands with a space.
|
Command Modes
All modes
Usage Guidelines
For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
Related Commands
function
input
set
show variable
no
To negate a command or set it to its default, use the no command. Not all commands have a no form.
Syntax Description
no admin-shutdown
|
Restarts all interfaces on the CSS (available in SuperUser mode only)
|
no alias mode alias_name
|
Deletes an alias, alias_name, that you have created for a command in a specific mode, mode
|
no clock timezone
|
Resets the timezone information to 00:00:0 and the clock time without the timezone offset (available in SuperUser mode only)
|
no date european-date
|
Resets the format for the clock date command to its default of month, day and year (available in SuperUser mode only)
|
no echo
|
Disables terminal echo (available in all modes)
|
no expert
|
Turns off expert mode
|
no history length
|
Resets the history buffer to the default of 20 lines (available in all modes)
|
no profile
|
Deletes profile settings (available in all modes)
|
no prompt
|
Resets the prompt to the default prompt (available in User and SuperUser modes)
|
no proximity refine
|
Stops the metric refinement process in the Proximity Database (available in SuperUser mode only)
|
no set variable_name
|
Deletes the user-defined variable, variable_name (available in all modes)
|
no terminal idle
|
Resets the idle time for this terminal session to the default of 0, disabling the session idle timer (available in User and SuperUser modes)
|
no terminal length
|
Resets the number of lines to the default 25 lines (available in User and SuperUser modes)
|
no terminal more
|
Disables support for more functions (available in User and SuperUser modes)
|
no terminal netmask-format
|
Displays subnet masks in the default dotted-decimal format in the show commands (available in User and SuperUser modes)
|
no terminal timeout
|
Resets the timeout for a terminal session to the default of 0, disabling the session timeout (available in User and SuperUser modes)
|
Note For information on the no commands for the configuration modes, refer to the "Global Configuration Mode Commands" section.
pause
To pause for a specified number of seconds after issuing a command, use the pause command.
pause seconds
Syntax Description
seconds
|
An integer for the number of seconds to pause
|
Usage Guidelines
You can use the pause command with an interactive session or within a script. Typically you would use this command in a script. When you enter this command, a message similar to the following appears:
Pausing for 20 seconds. Ctrl^C to abort...
To interrupt the pause, press CTRL-c.
Command Modes
All modes
ping
To send Internet Control Message Protocol (ICMP) echo requests to test network connectivity, use the ping command.
ping ip_or_host {number} {delay}
Syntax Description
ip_or_host
|
The IP address for the host you want to test. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or in mnemonic host-name format (for example, myhost.mydomain.com).
|
number
|
An optional number of ping messages to send. Enter an integer from 0 to 65535. The default is 1. If you enter 0, the CSS sends an infinite number of ping messages.
|
delay
|
An optional delay time between ping messages, in milliseconds. Enter an integer from 1 to 65535. The default is 100.
|
Command Modes
All modes
prompt
To set or change the CLI prompt, use the prompt command. The new prompt persists until you change it or until you reboot the system. Use the no form of this command to restore the prompt to the default.
prompt prompt
no prompt
Syntax Description
prompt
|
The new prompt. Enter an unquoted text string with no spaces and a maximum length of 12 characters.
|
To save the new prompt as the default, use the copy running-config command.
Note You can include a prompt as a session-based configuration parameter in a profile script.
Command Modes
User and SuperUser
proximity
To administer and control the operation of the Proximity Database (PDB), use the proximity command and its options. The options for this SuperUser command include:
•proximity assign..., overrides the default metric determination processes to provide a local metric or metrics for all zones
•proximity assign flush, flushes all or a portion of the previously assigned proximity assignments
•proximity clear..., removes the entries from the Proximity Database
•proximity commit..., writes either a portion or all the Proximity Database to the CSS disk or an FTP daemon
•proximity refine, begins periodic refinement of metric entries within the Proximity Database
•proximity reprobe..., forces a reprobe of existing IP addresses
•proximity retrieve..., loads a database file from the CSS disk or an FTP daemon
For more information, refer to the following commands.
proximity assign
To override the default metric determination processes and provides a metric or metrics for all zones, use the proximity assign command. All CSSs in the Proximity Database mesh share assigned information. When you use this command, Network Proximity does not perform active probing of the assigned block.
Note This command is not added to the running-config.
proximity assign ip_address prefix_length ["local_metric"|"metric_list"]
Syntax Description
ip_address
|
The IP address you want to associate with the metric information. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
prefix_length
|
The IP prefix length used in conjunction with the IP address. This prefix allows you to assign metrics over a range of IP addresses. Enter the prefix as either:
•A prefix length in CIDR bitcount notation (for example, /24).
•A subnet mask in dotted-decimal notation (for example, 255.255.255.0).
|
local_metric
|
A single metric to represent the zone where this command is issued. Enter the metric as a quoted number.
|
metric_list
|
A list of metrics, in ascending zone order, that represent all zones. Enter the metric list as a string of numbers enclosed in quotes.
|
Command Modes
SuperUser
Usage Guidelines
The proximity assign command is functional on a Proximity Database CSS.
Examples
For example, to assign the metric "200" to a zone for all IP addresses within the range 203.0.0.0 to 203.255.255.255, enter:
# proximity assign 203.0.0.0/8 "200"
To perform the metric assignment for all IP addresses within the range 192.167.0.0 to 192.167.255.255, enter:
# proximity assign 192.167.0.0/16 "30 20 40 100 10 5"
To view the metric assignments for all IP addresses within the range of 192.167.0.0 to 192.167.255.255, enter:
# show proximity assign 192.167.0.0/16
IP/Prefix Hits Zone Metrics
---------- ----- -------------
192.167.0.0/16 10, 123 30, 20, 40, 100, 10, 5
Related Commands
proximity assign flush
show proximity assign
proximity assign flush
To remove all or specific existing proximity assignments configured with the proximity assign command, use the proximity assign flush command.
proximity assign flush {ip_address ip_prefix}
Syntax Description
ip_address
|
The IP address for the assignments you want to remove. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
ip_prefix
|
The IP prefix length used in conjunction with the IP address. Enter the prefix as either:
•A prefix length in CIDR bitcount notation (for example, /24).
•A subnet mask in dotted-decimal notation (for example, 255.255.255.0).
|
Command Modes
SuperUser
Usage Guidelines
The proximity assign flush command is functional on a Proximity Database CSS.
proximity clear
To remove all or specified entries from the proximity database, use the proximity clear command.
proximity clear {ip_address ip_prefix}
Syntax Description
ip_address
|
The IP address for the entries you want to remove. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
ip_prefix
|
The IP prefix length used in conjunction with the IP address. Enter the prefix as either:
•A prefix length in CIDR bitcount notation (for example, /24).
•A subnet mask in dotted-decimal notation (for example, 255.255.255.0).
|
Command Modes
SuperUser
Usage Guidelines
The proximity clear command is functional on a Proximity Database CSS.
proximity commit
To write either a portion or all of the Proximity Database to a file in the log directory on the CSS disk or a file on an FTP server, use the proximity commit command. The database output contains metrics for all zones, the current advertisement state, and hit counts. You can retrieve this database by using the proximity retrieve command.
proximity commit {ip_address ip_prefix|entire-db
{ftp ftp_record ftp_filename {bin}|log filename {bin}}}
Syntax Description
ip_address ip_prefix
|
The optional IP address and its prefix length in the database that you want to write to the CSS disk or FTP server. Enter the IP address in dotted-decimal format (for example, 192.168.11.1).
Enter the prefix as either:
•A prefix length in CIDR bitcount notation (for example, /24).
•A subnet mask in dotted-decimal notation (for example, 255.255.255.0).
|
entire-db
|
The optional keyword to commit the entire Proximity Database when you want to use additional options to:
•Assign a specific name to the database file written to the disk other than the default filename, proximity.db.
•Write the database file to an FTP server. By default, the file is written to the CSS disk.
•Save the database in binary format. By default, the file is in XML-format.
|
ftp ftp_record
|
The optional keyword and variable to write a specified file to an FTP server. Enter the name of an existing FTP record for an FTP server. The FTP record file contains the FTP server IP address, username, and password. To create an FTP record, use the (config) ftp-record command.
|
ftp_filename
|
The filename to use when storing the Proximity Database to an FTP server.
|
log filename
|
The optional keyword and variable to write a specified file to the log directory on the CSS disk. Enter a filename with a maximum of 32 characters. By default, the filename is proximity.db.
|
bin
|
The optional keyword to store the database file in compact binary format to disk or an FTP server.
|
Command Modes
SuperUser
Usage Guidelines
By default, when you enter the proximity commit command without any of its options, it writes the entire database to an XML-formatted file named proximity.db in the log directory on the CSS disk. You can optionally have the database encoded using compact binary encoding. You can also have the database written to a file on an FTP server.
Note A binary-encoded database occupies approximately one-third less space than an XML-formatted database.
The proximity commit command is functional on a Proximity Database CSS.
Related Commands
proximity retrieve
proximity refine
To initiate the automatic or manual refinement of metric entries in the Proximity Database, use the proximity refine command. Refinement updates the metric entries for all clients in the database. To view the automatic probe rates on the CSS, use the show proximity refine command. Use the no form of this command to stop the automatic refinement process.
proximity refine {once}
no proximity refine
Syntax Description
once
|
You initiate the refinement process of metric entries manually. The refinement process occurs only once.
|
Command Modes
SuperUser
Usage Guidelines
The proximity refine command is functional on a Proximity Database CSS.
Related Commands
show proximity refine
proximity reprobe
To perform a reprobing of existing IP addresses, use the proximity reprobe command. You can use this command to perform an immediate refresh of information contained within the database.
Note IP addresses configured with the proximity assign command are not eligible for reprobing.
proximity reprobe ip_address {ip_prefix}
Syntax Description
ip_address
|
The IP address to reprobe. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
ip_prefix
|
The optional IP prefix to associate with ip_address to perform probing for a block of addresses. Enter the prefix as either:
•A prefix length in CIDR bitcount notation (for example, /24).
•A subnet mask in dotted-decimal notation (for example, 255.255.255.0).
|
Command Modes
SuperUser
Usage Guidelines
The proximity reprobe command is functional on a Proximity Database CSS.
proximity retrieve
To load a Proximity Database file from the CSS disk or an FTP server, use the proximity retrieve command. The proximity metrics from the database file replace any overlapping existing entries and supplements any non-overlapping entries.
proximity retrieve {ftp ftp_recordname ftp_filename|log filename}
Syntax Description
ftp
|
The optional keyword to retrieve a specified file from an FTP server.
|
ftp_record
|
The name of an existing FTP record for an FTP server. The FTP record file contains the FTP server IP address, username, and password. To create an FTP record, use the (config) ftp-record command.
|
ftp_filename
|
The Proximity Database filename located on the FTP server.
|
log
|
The optional keyword to retrieve a specified file other than the proximity.db file from the log directory on the CSS disk.
|
filename
|
The Proximity Database filename located in the log directory on the CSS disk.
|
Command Modes
SuperUser
Usage Guidelines
By default, when you enter the proximity retrieve command without any of its options, it loads the proximity.db database file from the CSS disk. Optionally, you can load a specific database file from the disk or from an FTP server. This command can automatically distinguish between XML and binary database formats.
The proximity retrieve command is functional on a Proximity Database CSS.
rcmd
To issue remote CLI commands to a CSS peer, use the rcmd command.
rcmd ip_or_host "CLI_command {;CLI_command...}" {timeout_response}
{script_filename}
Syntax Description
ip_or_host
|
The IP address for the peer. Enter the address in dotted-decimal format (for example, 192.168.11.1) or mnemonic host-name format (for example, myname.mydomain.com).
|
CLI_command
|
One or more CLI commands you want to issue to the peer. Enter the command, its options, and variables exactly. Enclose the command text string in quotes (""). When entering multiple CLI commands, insert a semicolon (;) character to separate each command.
Note You cannot issue grep, grep within a script command, or redirect commands.
|
timeout_reponse
|
The optional amount of time, in seconds, to wait for the output command response from the peer. Enter an integer from 3 to 300 (5 minutes). The default is 3 seconds.
|
script_filename
|
An optional script filename where you want the output to go when you issue the rcmd command. Enter an unquoted text string with no spaces and a maximum of 32 characters. The CSS saves the script in the /scripts directory on the CSS.
If you do not include a filename, the output goes to the screen where you issued the rcmd command.
|
Command Modes
SuperUser
Usage Guidelines
By default, the APP session is configured to allow the CSS to send remote commands to a CSS peer. If this function is disabled, use the (config) app session command to enable it.
Related Commands
(config) app
redundancy force-master
To force the backup CSS to be the master CSS, use the redundancy force-master command.
redundancy force-master
Command Modes
SuperUser
Usage Guidelines
You can issue the redundancy force-master command on the backup CSS if you did not explicitly designate the master CSS by using the (config) ip redundancy master command. If you did, you must unassign the master CSS by using the (config) no ip redundancy master command before you can issue the redundancy force-master command.
The forced master CSS remains the master until it goes down and comes back up as the backup, or you manually make the other CSS the master.
The redundancy force-master configuration information is not saved to the running configuration.
If you want to make the other CSS the master, issue either of the following commands on the current backup:
•Issue the redundancy force-master command if you want the current backup to be a negotiated master. If a negotiated master CSS goes down, the backup CSS automatically becomes master. When the former master CSS comes up again, it becomes the backup CSS.
•Issue the ip redundancy master command if you want the current backup to be the designated master. If the designated master CSS goes down and then comes up again, it regains its master status. For example, when the designated master CSS goes down, the backup CSS becomes master. When the designated master CSS comes up again, it becomes the master again.
Related Commands
show redundancy
(config) ip redundancy
replicate
To start replicating between a publisher and all associated subscribers, use the replicate command.
replicate publisher_name {subscriber_name {force}}
Syntax Description
publisher_name
|
The name of an existing publisher service. Resynchronizes any changes to content between the specified publisher and its subscriber services. If the content has not changed, no resynchronization occurs.
|
subscriber_name
|
The name of the subscriber service associated with the publisher service. Resynchronizes any changes to content between the specified publisher and the specified subscriber service. If the content has not changed, no resynchronization occurs.
|
force
|
Resynchronizes all content between the specified publisher and the specified subscriber service; whether or not content changes have occurred.
|
Command Modes
SuperUser
Usage Guidelines
You can use the replicate command to replicate content to new subscribers or force resynchronization immediately.
When you configure content replication and staging, you must configure an URL or URQL in a content rule to define which files you want replicated:
•Use an URL to specify files.
•Use an URQL to define a static list of files.
Then add the subscriber services to the content rule.
Note If you want all files in all directories replicated, you do not need to create a content rule. Create a content rule to specify only those files you want replicated.
Related Commands
(config) urql
(config-owner-content) url
(config-service) publisher
(config-service) subscriber
restore
To restore log, script, or startup configuration files previously archived on the CSS, use the restore command. The archive directory on the CSS disk stores the archive files.
restore archive_filename [log {log_filename}
|script {script_filename}|startup-config]
Syntax Description
archive_filename
|
The name of the archived file. Enter an unquoted text string. To see a list of archived files, enter:
|
log
|
Restores an archived file to the log directory.
|
log_filename
|
An optional name you want to assign to the restored log file. Enter an unquoted text string with a maximum length of 32 characters.
|
script
|
Restores an archived file to the script directory.
|
script_filename
|
An optional name you want to assign to the script file. Enter an unquoted text string with a maximum length of 32 characters.
|
startup-config
|
Restores an archived file to the startup configuration.
Note The restored file overwrites the startup configuration.
|
Command Modes
SuperUser
Usage Guidelines
The archive directory resides on the CSS hard drive. If you booted your CSS from a network-mounted system and your hard drive is not working, archive- and restore-related functions are suspended.
Related Commands
archive
copy
script
(config) logging
script
To play or record a script, use the script command. For more information on scripts, refer to the Cisco Content Services Advanced Configuration Guide.
script [play script_name {"argument"}|record script_name]
Syntax Description
play
|
Runs a script.
|
record
|
Records a script and saves it to disk.
|
script_name
|
The name of the script file. Enter an unquoted text string with no spaces and a maximum of 32 characters. To see a list of script files in the script directory, enter:
|
argument
|
An optional argument, such as a variable, text string, or integer, that is used when you play the script. Enter a quoted string with a maximum length of 32 characters.
|
Command Modes
SuperUser
Related Commands
clear
show script
send-message
To send a message to a connected session, use the send-message command.
send-message session "message"
Syntax Description
session
|
The connected session or line where you want to send the message. To see a list of connected sessions, enter:
An asterisk precedes your name in the list.
|
message
|
The message you want to send. Enter a quoted text string with a maximum length of 255 characters.
|
Command Modes
SuperUser
set
To create user-defined variables, use the set command. Typically you would use this command in a script. Use the no form of this command to delete a user-defined variable.
set variable_name "variable_value" {session}
no set variable_name
Syntax Description
variable_name
|
A character string representing the variable. Enter a string with a maximum length of 32 characters.
|
variable_value
|
•A value assigned to the value. There are two types of variables, character and numeric: To set a numeric variable, enter a quoted string of integers with no spaces.
•To set a character variable, enter a quoted string of text characters, integers, and spaces with a maximum length of 128 characters.
|
session
|
The optional session keyword specifies that this is a session variable. When you save a session variable in a profile script, this variable is created each time a user creates a session.
|
Command Modes
All modes
Related Commands
modify
show
show variable
show
To display current system information, use the show command. The options for this command are:
For more information on these options and any associated variables, refer to the following commands.
show acl
To display the Access Control Lists (ACLs) and clauses on the CSS, use the show acl command. This command also displays whether all ACLs and ACL logging are enabled, and all circuits with their associated ACLs.
show acl {index|config}
Syntax Description
index
|
The index number associated with the ACL. Displays the clauses for the specified ACL index number
|
config
|
Displays whether all ACLs and ACL logging are enabled, and all circuits with their associated ACLs.
|
Command Modes
All modes
Examples
To list all ACLs and their clauses configured on the CSS, enter:
To display the clauses for a specific ACL, enter the show acl command with the index number. For example:
Table 2-1 describes the fields in the show acl output.
Table 2-1 Field Descriptions for the show acl Command
Field
|
Description
|
Acl
|
The number assigned to the ACL (a number from 1 to 99)
|
Clause
|
The number assigned to the clause (a number from 1 to 254)
|
Action
|
The method that incoming traffic is controlled by the clause (permit, deny or bypass) and the protocol for the type of traffic
|
Source
|
The configured source of the traffic
|
Destination
|
The configured destination for the traffic
|
Log
|
Whether or not ACL logging is enabled or disabled on the specified clause
|
Content Hits
|
The number of times that the content aware code on the CSS matched on the ACL clause
|
Router Hits
|
The number of times that the router code on the CSS matched on the ACL clause
|
DNS Hits
|
The number of times that the DNS resolver code on the CSS matched on the ACL clause
|
To display the global configuration for all ACLs, enter:
Table 2-2 describes the fields in the show acl config output.
Table 2-2 Field Descriptions for the show acl config Command
Field
|
Description
|
Global ACLs
|
Whether or not the firewall engine for the entire CSS is enabled or disabled. When enabled, the firewall uses configured ACL clauses to evaluate incoming packets. When disabled, the firewall does not examine incoming packets.
|
ACL Logging
|
Whether or not ACL logging is enabled or disabled.
|
Circuit VLAN#
|
The circuit and its applied ACL.
|
Related Commands
(config) acl
(config-acl) apply
(config-acl) clause
(config-acl) zero counts
show aliases
To display alias commands and associated CLI commands for the current mode or all modes, use the show aliases command.
show aliases {all}
Syntax Description
all
|
Displays all alias commands for all modes
|
Command Modes
All modes
Examples
To display the alias commands and associated CLI commands for the current mode, enter:
save_config copy running-config startup-config;archive
upgrade script play upgrade
monitor script play monitor
save_profile copy profile user-profile;archive script
reboot @configure;boot;rebo
shutdown @configure;boot;shutd
logon @configure;logging line ${LINE};exit
logoff @configure;no logging line ${LINE};exit
aca-load @script play service-load
dnslookup @script play dnslookup
Related Commands
alias
show app
To display the Application Peering Protocol (APP) configuration or session information, use the show app command. APP is the method in which private communications links are configured between CSSs in the same content domain. A content domain consists of a group of CSSs configured to exchange content information.
show app {session|ip_address} {verbose}
Syntax Description
session
|
The optional keyword to display the IP session information including the session ID, IP address, and state.
|
ip_address
|
The IP address for a specified peer CSS to display its session information. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
verbose
|
The optional keyword to display detailed information about the IP configuration parameters for the session including the local address, keepalive frequency, authorization and encryption type, frame size, packet activity, and FSM events.
|
Command Modes
All modes
Examples
To display whether APP is enabled, its port number, and frame size setting, enter:
Table 2-3 describes the fields in the show app output.
Table 2-3 Field Descriptions for the show app Command
Field
|
Description
|
Enabled or Disabled
|
Whether or not all APP sessions are enabled or disabled.
|
PortNumber
|
The TCP port number that listens for APP connections. The port can be a number from 1 to 65535. The default is 5001.
|
MaxFrameSize
|
The maximum frame size allowed on an APP channel between CSSs. The frame size is a number from 10240 to 65535. The default is 10240.
|
To display all IP session information including the session ID, IP address, and state, enter:
To display IP session information for a specific CSS peer including the session ID, IP address, and state, use the show app session command with the IP address for the peer. For example:
# show app session 192.168.10.10
To display detailed information about the IP configuration parameters, enter:
# show app session verbose
Table 2-4 describes the fields in the show app session output.
Table 2-4 Field Descriptions for the show app session Command
Field
|
Description
|
App Session Information
|
DNS-resolved hostname as defined through the host command.
|
Session ID
|
The unique identifier for the session.
|
IP Address
|
The IP address for the peer CSS.
|
State
|
The current state of the session. The possible states include:
•APP_SESSION_STOP, indicating that the session is about to be deleted
•APP_SESSION_INIT, indicating that the session is initializing
•APP_SESSION_OPEN indicating that the connection to the peer has been made
•APP_SESSION_AUTH indicating that the authentication is occurring
•APP_SESSION_UP indicating that the session is up
•APP_SESSION_DOWN indicating that the session is down
|
Local Address
|
The local interface address. If the session is down, no address is displayed.
|
rcmdEnable
|
The setting for sending remote CLI commands to the peer through the rcmd command. The Enabled setting allows the CLI commands to be sent. The Disabled setting does not allow CLI commands to be sent. The default setting is enabled.
|
KalFreq
|
The time in seconds between sending keepalive messages to the peer CSS. The time can be from 14 to 900 seconds (15 minutes). The default is 14.
|
Auth Type
|
The authentication method for the session. The method is either authChallenge for Challenge Handshake Authentication Protocol (CHAP) method or none for no authentication method. The default is no authentication.
|
Encrypt Type
|
The encryption method for the packets. The method is either encryptMd5hash for MD5 base hashing method or none for no encryption method. The default is no encryption.
|
MaxFrameSz
|
The maximum frame size allowed on an APP channel between CSSs. The frame size is a number from 10240 to 65535. The default is 10240.
|
Pkts Tx
|
The number of packets sent during the session.
|
Pkts Rx
|
The number of packets received during the session.
|
Pkts Rej
|
The number of packets rejected during the session.
|
Last UP event
|
The day and time of the most recent UP event.
|
Last DOWN event
|
The day and time of the most recent DOWN event.
|
FSM Events
|
Finite State Machine events as related to the state field.
|
STOP
|
The number of APP_SESSION_STOP events. This field will always be at 0.
|
INIT
|
The number of APP_SESSION_INIT events.
|
OPEN
|
The number of APP_SESSION_OPEN events.
|
AUTH
|
The number of APP_SESSION_AUTH events.
|
UP
|
The number of APP_SESSION_UP events.
|
DOWN
|
The number of APP_SESSION_DOWN events.
|
Attached Apl
|
The application identifier.
|
Related Commands
(config) app
show app-udp
To display the Application Peering Protocol-User Datagram Protocol (APP-UDP) global statistical information and security configuration settings, use the show app-udp command.
show app-udp [global|secure]
Syntax Description
global
|
Displays global statistical information about the operation of APP-UDP
|
secure
|
Displays the current security configuration settings for APP-UDP
|
Command Modes
All modes
Usage Guidelines
The show app-udp command is functional on Proximity Database and DNS CSSs.
Examples
To display statistical information about the operation of APP-UDP, enter:
Table 2-5 describes the fields in the show app-udp global output.
.
Table 2-5 Field Descriptions for the show app-udp global Command
Field
|
Description
|
Transmit Frames
|
The number of frames transmitted through APP-UDP
|
Transmit Bytes
|
The number of bytes transmitted through APP-UDP
|
Transmit Errors
|
The number of frames dropped because of transmits resource errors
|
Receive Frames
|
The number of frames received through APP-UDP
|
Receive Bytes
|
The number of bytes received through APP-UDP
|
Receive Errors
|
The number of frames dropped because of security mismatches
|
To display the current security configuration settings for APP-UDP, enter:
Table 2-6 describes the fields in the show app-udp secure output.
Table 2-6 Field Descriptions for the show app-up secure Command
Field
|
Description
|
Allow non-secure
|
The setting for whether or not encryption is a requirement for all inbound APP datagrams. The settings are:
•Yes, the CSS will accept all datagrams (default).
•No, encryption is required.
|
IP Address
|
The IP address associated with this group of APP-UDP options.
|
Type
|
The encryption method. Currently, the only method is MD5 hashing.
|
Secret
|
The string used in encryption and decryption of the MD5 hashing method.
|
Related Commands
(config) app-udp
show archive
To display the files in the archive directory or the contents of an archive file, use the show archive command. Archive files include running- and startup-config files, scripts, and user profiles.
show archive {filename}
Syntax Description
filename
|
The name of the archive file you want to display. Enter the filename as an unquoted string. To see a list of archive files, enter:
|
Command Modes
SuperUser and all configuration modes
Related Commands
archive
show arp
To display ARP information, use the show arp command.
show arp {config|file|ip_or_host}
Syntax Description
config
|
Displays ARP global configuration parameters. The screen displays the response timeout in seconds, and the flush timeout in seconds.
|
file
|
Displays the host IP addresses entered at initialization or boot time through ARP.
|
ip_or_host
|
The IP address for the system to display its resolution. Enter the address in dotted-decimal format (for example, 192.168.11.1) or mnemonic host-name format (for example, myname.mydomain.com).
|
Command Modes
All modes
Usage Guidelines
Use the show arp command with no options to display the complete ARP resolution table with IP addresses, MAC addresses, and resolution type.
Examples
To display the complete ARP resolution table, enter:
Table 2-7 describes the fields in the show arp output.
Table 2-7 Field Descriptions for the show arp Command
Field
|
Description
|
IP Address
|
The IP address of the system for static mapping.
|
MAC Address
|
The MAC address of the system mapped to the IP address.
|
Type
|
The resolution type for the entry. Dynamic indicates that the entry was discovered through the ARP protocol. Static indicates that the resolution is from a static configuration.
|
Port
|
The CSS interface configured as the egress logical port.
|
To display the global ARP configuration, enter:
Table 2-8 describes the fields in the show arp config output.
Table 2-8 Field Descriptions for the show arp config Command
Field
|
Description
|
ARP Response Timeout
|
The time in seconds to wait for an ARP resolution response before discarding the packet waiting to be forwarded to an address. The time can be from 5 to 30 seconds. The default is 5 seconds.
|
ARP Flush Timeout
|
The time in seconds to hold an ARP resolution result in the ARP cache. The timeout period can be from 60 to 86400 (24 hours). The default is 14400 (4 hours). An entry of none or 86401 indicates that the ARP entries will not timeout.
|
To display the host IP addresses entered at initialization or boot time through ARP, enter:
To display the resolution for a host IP address, enter:
Related Commands
clear
update arp
show boot-config
To display the system boot configuration, use the show boot-config command.
show boot-config
Command Modes
All modes
Examples
To display the system boot configuration, enter:
!************************ BOOT CONFIG ************************
secondary config-path h:/ap3-0/ap/sandbox/altConfig/
secondary boot-type boot-via-network Secondary-Boot
primary boot-file ap0203002
primary boot-type boot-via-disk
Related Commands
(config-boot) primary
(config-boot) subnet mask
(config-boot) ip address
show bridge
To display the bridging information, use the show bridge command.
show bridge [forwarding|status] {vlan_number}
Syntax Description
forwarding
|
Displays the bridge forwarding table including the VLAN number, the MAC addresses, and port numbers.
|
status
|
Displays the bridge spanning-tree status including the STP state, designated root, bridge ID, and root maximum age, hello time and forward delay, and port information including state, VLAN, root and port cost, and designated root and port number.
|
vlan_number
|
Displays the forwarding table or spanning tree status for the specified VLAN number. To see a list of VLAN numbers, enter:
# show bridge [forwarding|status] ?
|
Command Modes
All modes
Examples
To display the bridge forwarding table, enter:
Table 2-9 describes the fields in the show bridge forwarding output.
Table 2-9 Field Descriptions for the show bridge forwarding Command
Field
|
Description
|
VLAN
|
The bridge interface virtual LAN number
|
MAC Address
|
The MAC address for the entries
|
Port Number
|
The port number for the forwarding
|
To display bridge status information, enter:
Table 2-10 describes the fields in the show bridge status output.
Table 2-10 Field Descriptions for the show bridge status Command
Field
|
Description
|
STP State
|
The state of the spanning-tree protocol, enabled or disabled.
|
Root Max Age
|
The timeout period in seconds of the host for timing out root information.
|
Root Hello Time
|
The interval in seconds that the root broadcasts its hello message to other switches.
|
Root Fwd Delay
|
The delay time in seconds that the root uses for forward delay.
|
Designated Root
|
The bridge ID for the designated root.
|
Bridge ID
|
The bridge ID of this bridge.
|
Port
|
The port ID.
|
State
|
The state of the port. The possible states are:
•Block, the blocking state. A port enters the blocking state after switch initialization. The port does not participate in frame forwarding.
•Listen, the listening state. This state is the first transitional state a port enters after the blocking state. The port enters this state when STP determines that the port should participate in frame forwarding.
•Learn, the learning state. The port enters the learning state from the listening state. The port in the learning state prepares to participate in frame forwarding.
•Forward, the forwarding state. The port enters the forwarding state from the learning state. A port in the forwarding state forwards frames.
•Disabled, the disabled state. A port in the disabled state does not participate in frame forwarding or STP. A port in the disabled state is non operational.
|
Designated Bridge
|
The bridge ID for the designated bridge.
|
Designated Root
|
The bridge ID for the designated root.
|
Root Cost
|
The cost of the root.
|
Port Cost
|
The cost of the port.
|
Desg Port
|
Designated port.
|
show chassis
To display the chassis configuration, use the show chassis command.
show chassis {flash|inventory|slot number|verbose}
Syntax Description
flash
|
Displays the operational and locked flash version for the Cisco CSS 11050 or 11150, and the Cisco CSS 11800 System Control Module (SCM) and Switch Fabric Module (SFM). A "*" character before a flash version and build number indicates it is the active flash.
|
inventory
|
Displays the physical configuration of the CSS including its part and serial numbers for each component.
|
slot number
|
Displays the operational parameters for a slot in a Cisco CSS 11800. Enter an integer value. To see a list of slots, enter:
|
verbose
|
Displays detailed information about the chassis configuration.
|
Command Modes
All modes
Usage Guidelines
Use the show chassis command with no options to display a summary of the chassis configuration.
Examples
To view a summary of the chassis configuration, enter:
To view the chassis flash, enter:
To display the physical configuration of the CSS, enter:
Table 2-11 describes the fields in the show chassis output.
Table 2-11 Field Descriptions for the show chassis Command
Field
|
Description
|
Name
|
The model number of the CSS.
|
SW Version
|
The currently running software version on the CSS.
|
HW Major Version
|
The major version of the hardware.
|
HW Minor Version
|
The minor version associated with the hardware major version.
|
Serial Number
|
The serial number of the chassis flash.
|
Base MAC Address
|
The MAC address for the chassis.
|
Module Number
|
The slot number for the module.
|
Module Name
|
The name of the module.
|
Status
|
The status of the module. The possible states are:
•primary
•backup
•powered-off
•powered-on
•bad
•unknown
|
Port Number
|
The number of the Ethernet port.
|
Port Name
|
The name of the port.
|
Status
|
The status of the port. The possible states are:
•online
•offline-ok
•offline-bad
•bad
•going-online
•going-offline
•inserted
•post
•post-ok
•post-fail
•post-bad-comm
•any
•unknown-state
|
Operational
|
Active flash on the CSS.
|
Locked
|
The inactive flash version available on the CSS.
|
Chassis/Board
|
The hardware part comprising the CSS.
|
PN
|
The part number of the hardware.
|
Rev
|
The revision of the part.
|
show circuits
To display circuit information, use the show circuits command. A circuit on the CSS is a logical entity that maps IP interfaces to a logical port or group of logical ports.
show circuits {all|name circuit}
Syntax Description
all
|
Lists all circuits, their states, and their interfaces, regardless of their state
|
name circuit
|
Displays the state and interface information for the specified circuit
|
Command Modes
All modes
Usage Guidelines
Use the show circuits command to list all circuits, their states, and any of their interfaces in the Up state.
Use the show circuits all command to list all circuits, their states, and their interfaces, regardless of their state.
Examples
To list all circuits and their interfaces in the Up state, enter:
To list all circuits and their interfaces regardless of their state, enter:
To list an individual circuit, enter:
# show circuits name VLAN5
Table 2-12 describes the fields in the show circuits output.
Table 2-12 Field Descriptions for the show circuits Command
Field
|
Description
|
Circuit Name
|
The circuit name.
|
Circuit State
|
The state of the circuit. The possible states are:
•active-ipEnabled
•down-ipEnabled
•active-ipDisabled
•down-ipDisabled
|
IP Address
|
IP interface address.
|
Interface(s)
|
The interface associated with the circuit.
|
Operational Status
|
The operational status of the interface. The possible states are:
•Up
•Down
|
show clock
To display the current time and date on the CSS, use the show clock command.
show clock
Command Modes
All modes
Examples
To display the current time and date, enter:
Table 2-13 describes the fields in the show clock output.
Table 2-13 Field Descriptions for the show clock Command
Field
|
Description
|
Date
|
The configured date in the format of month, day, and year. For example, 06-15-2000 is June 15th 2000.
If you use the date european-date command, the format is day, month, and year. For example, the date June 15th 2000 is displayed as 15-06-2000.
|
Time
|
The configured time in the format of hour, minute, and second (for example, 16:23:45).
Note If you configure an SNTP server, the show clock command displays the UTC time from the SNTP server.
If you configure a timezone, the show clock command displays the time adjusted with the timezone offset. For example, if the UTC time from the server is 16:30:43 and you configure a timezone negative offset of 5 hours and 30 minutes (-05:-30:+00), the displayed time becomes 11:00:43.
|
Timezone
|
The configured timezone offset. All zeros (00:00:00) indicates that no offset was configured for the timezone. A negative symbol (-) indicates a negative offset to the UTC (for example, -05:-23:+00). A positive symbol (+) indicates a positive offset to the UTC (for example, +12:+00:+00).
|
Related Commands
clock
date european-date
show cmd-sched
To display the state of the command scheduler and information about the records for the scheduled CLI commands, use the show cmd-sched command.
show cmd-sched {name record_name}
Syntax Description
name record_name
|
Lists information about the specified scheduled CLI command record
|
Command Modes
All modes
Examples
To view the command scheduler state and all scheduled CLI command records, enter:
Table 2-14 describes the fields in the show cmd-sched output.
Table 2-14 Field Descriptions for the show cmd-sched Command
Field
|
Description
|
Cmd Scheduler
|
State of the command scheduler (enabled or disabled) and the number of configured records.
|
Sched Rec
|
The name of the configuration record.
|
id
|
The ID for the record.
|
next exec
|
The day and time when the record will be executed.
|
executions
|
How many times the record has executed.
|
minList
|
The configured minute of the hour to execute the command.
|
hourList
|
The configured hour of the day to execute the command.
|
dayList
|
The configured day of the month to execute the command.
|
monthList
|
The configured month of the year to execute the command.
|
weekdayList
|
The configured day of the week to execute the command. Sunday is 1.
|
cmd
|
The commands you want to execute. Separate multiple commands with a ; character.
|
Related Commands
(config) cmd-sched
show content
To display all content entries in the Content Service Database (CSD), use the show content command. For a Cisco CSS 11800, you can display the content in a specific Switch Fabric Processor (SFP) on a Switch Fabric Module (SFM). Note that each SFM has two SFPs. A Cisco CSS 11800 can contain two active SFMs for a total of four SFPs.
show content {all|sfp_number}
Syntax Description
all
|
For the Cisco CSS 11800 only. Show all content entries in all SFPs.
|
sfp_number
|
For the Cisco CSS 11800 only. Show the content entries in a specific SFP. The sfp_number is a number from 1 to 4. If the Cisco CSS 11800 contains one SFM, enter 1 or 2.
|
Command Modes
All modes
Usage Guidelines
Use the show content command with no options to show all content entries in the CSD for a Cisco CSS 11050 or 11150. For a Cisco CSS 11800, this command displays the entries in SFP 1.
Examples
To display content information, enter:
Table 2-15 describes the fields in the show content output.
Table 2-15 Field Descriptions for the show content Command
Field
|
Description
|
Index
|
CSD unique index for a known piece of content.
|
<address>
|
The IP address of this known piece of content.
|
Protocol
|
The IP Protocol of this known piece of content.
|
Port
|
Protocol port of this known piece of content.
|
Best Effort
|
The QOS class of this known piece of content. This field is not used by the CSS at this time.
|
Related Commands
(config-owner) content
show core
To display the core dump files stored in the Core directory of the volume root (for example, c:\core) on the hard disk or flash disk, use the show core command.
show core
Command Modes
SuperUser and all configuration modes
Examples
To display the core dump files in the Core directory, enter:
cs150_3.50_6.1 JUN 30 10:45:24 130024448
cs150_3.50_6.0 JUN 30 17:14:00 130024448
Note Core dump information is for Customer Support use only.
Related Commands
copy core
(config) dump
show critical-services
To display a list of all critical services configured on the CSS, use the show critical-services command. You can provide an interface IP address option to display only the critical services present on a particular interface. You can also include a VRID to display only the critical service information for a particular virtual router.
show critical-services {ip_address {vrid}}
Syntax Description
ip_address
|
The address for the redundant interface. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1).
|
vrid
|
The ID for an existing virtual router.
|
Command Modes
All modes
Examples
To view all critical services on the CSS, enter:
Table 2-16 describes the fields in the show critical-services output.
Table 2-16 Field Descriptions for the show critical-services Command
Field
|
Description
|
Interface Address
|
The IP interface address associated with the virtual router.
|
VRID
|
The assigned identifier associated with the virtual router.
|
Service Name
|
The name of the critical service.
|
Service Type
|
The type of critical service. Possible services are:
•Normal, every type of service except a script service or an uplink service. Typically, this is a web server service.
•Script, a service whose state depends upon a running script.
•Uplink, a service whose state depends upon the state of a physical uplink.
|
Related Commands
(config-circuit-ip) ip critical-service
show disk
To display information about the CSS hard disk, use the show disk command. The information includes the size of the disk, the space available, and the number of files, directories, and bad clusters on it.
show disk
Command Modes
All modes
Examples
To display CSS disk information, enter:
Table 2-17 describes the fields in the show disk output.
Table 2-17 Field Descriptions for the show disk Command
Field
|
Description
|
Disk Size
|
The total size of the disk in megabytes.
Note The CSS flash disk has a disk size of 350 MB, however 130 MB is reserved for the generation of dump files. This dump partition is not available to the CSS file system, and is not included in the Disk Size field. The CSS hard disk is allocated a similar but larger dump partition.
|
Disk Free
|
The available disk space in megabytes.
|
Bad Cluster Count
|
The number of bad clusters on the disk.
|
File Count
|
The number of files on the disk.
|
Directory Count
|
The number of directories on the disk.
|
show dns-boomerang client
To display domain information mapped to a record on the CSS serving as a Content Routing Agent (CRA) for a Cisco Content Router 4430B, use the show dns-boomerang client command.
show dns-boomerang client {all|domain {name}|global}
Syntax Description
client
|
Shows all statistic information for all domains mapped to a client record including global statistics.
|
all
|
Shows all statistic information for all domains mapped to a client record including global statistics.
|
domain
|
Shows the statistic information for all domains mapped to a client record. It does not display the global statistic information.
|
domain_name
|
Optionally shows the statistic information for a specified domain mapped to a client record. It does not display the global statistic information. To view a list of domain names, enter:
# show dns-boomerang client domain ?
|
global
|
Shows the global statistics for the CSS client.
|
Command Modes
All modes
Usage Guidelines
Entering the show dns-boomerang client command displays the same information as entering the show dns-boomerang client all command.
Use the show dns-boomerang client global command to display the following global statistics:
•Total DNS A-record requests.
•Total packets dropped and its subfields. For a list of subfields, refer to
Table 2-18.
Examples
To display domain information mapped to the CSS client record, enter:
# show dns-boomerang client
Table 2-18 describes the fields in the show dns-boomerang client output.
Table 2-18 Field Descriptions for the show dns-boomerang client
Command
Field
|
Description
|
Total DNS A-record requests
|
The total number of valid address record requests from the Content Server.
|
Total packets dropped
|
Unknown domain
|
The number of DNS packets domains not configured on this CSS for content routing.
|
Invalid source address
|
The number of packets with invalid source addresses.
|
Excess length
|
The number of packets that had lengths longer than what the Content Router could send.
|
CPU threshold exceeded
|
The number of packets dropped because the CPU threshold was exceeded. This only applies to local VIP addresses.
|
Configured CPU threshold
|
The configured threshold value above which the CSS drops requests from the Content Router. This only applies to local VIP addresses.
|
Rule load threshold exceeded
|
The number of requests from the Content Router that were dropped because the load on a local rule exceeded the configured threshold. This only applies to local VIP addresses.
|
Keepalive state Down
|
The number of packets dropped because the keepalive failed.
|
Security failure
|
The number of packets with security failures because the RC4 encryption failed between the Content Router and the CSS CRA.
|
Domain
|
The DNS name mapped to the client record.
|
Content server
|
The address of the content server or local VIP address bound to the domain.
|
Origin server
|
The address for the most recently used origin server that was passed from the Content Router and not used on the CSS.
|
DNS A-record requests
|
The number of DNS address record requests for this domain from the Content Router.
|
Dropped (server down)
|
The number of requests for this domain that were dropped because the server was down. The Keepalive state Down field includes this number.
|
Dropped (CPU busy)
|
The number of requests for this domain that were dropped because the CSS threshold was exceeded. The CPU threshold exceeded field includes this number.
|
Dropped (rule load exceeded)
|
The number of requests from the Content Router that were dropped because the load on a local rule exceeded the configured threshold. The Rule load threshold exceeded field includes this number.
|
Configured threshold
|
The load threshold value you configured with the dns-boomerang client domain command to test the keepalive state of a local VIP.
|
Security failures
|
The number of requests for this domain that were dropped due to security errors. The Security failure field includes this number.
|
Alias
|
An alias that maps to the configured domain name. The domain name can have more than one alias.
|
DNS A-record requests
|
The number of DNS address record requests for this alias from the Content Router.
|
Related Commands
dns-boomerang client zero
(config) dns-boomerang client
show dns-peer
To display DNS peer configuration information, use the show dns-peer command. This command displays the time between sending load reports to CSS DNS peers, and the maximum number of DNS names sent to (send slots) and received from (receive slots) CSS DNS peers.
show dns-peer
Command Modes
All modes
Examples
To display DNS peer configuration information, enter:
Table 2-19 describes the fields in the show dns-peer output.
Table 2-19 Field Descriptions for the show dns-peer Command
Field
|
Description
|
CSD Peer Rcv Slots
|
The configured maximum number of DNS names that the CSS can receive from each CSS DNS peer over an APP connection. The default is 128. The range is from 128 to 1024.
|
CSD Peer Snd Slots
|
The configured maximum DNS names that the CSS can send to each CSS DNS peer. The default is 128. The range is from 128 to 1024.
|
Peer Report Interval
|
The configured time in seconds between sending load reports to CSS DNS peers over an APP connection. The default is 5. The range is from 5 to 120.
|
Related Commands
(config) app
(config) dns-peer
show dns-record
To view information about the address/name server (A/NS) records configured locally and learned by the CSS, locally configured acceleration domain records and the DNS record keepalive information, use the show dns-record command.
show dns-record [accel|keepalives|proximity|statistics] {domain_name}
Syntax Description
accel
|
Displays statistics associated with acceleration domain records.
|
keepalives
|
Displays information about keepalives associated with DNS records.
|
proximity
|
Displays the DNS record PDB hit and miss count information.
|
statistics
|
Displays the DNS record statistics.
|
domain_name
|
The specific domain name associated with the DNS record you wish to view. If omitted, the CSS displays all domains. To see a list of domains, enter:
show dns-record
[accel|keepalives|proximity|statistics] ?
|
Command Modes
All modes
Usage Guidelines
The show dns-record command is functional on a CSS with the Enhanced feature set.
Examples
To display statistics for domain acceleration records, enter:
Table 2-20 describes the fields in the show dns-record accel output.
Table 2-20 Field Descriptions for the show dns-record accel Command
Field
|
Description
|
<Name>
|
The domain name for the acceleration record.
|
State
|
The state of the acceleration record, either ACCEL or NOT ACCEL.
•ACCEL indicates that the record is currently accelerated
•NOT ACCEL indicates the record is currently not accelerated
|
Vip Address
|
The VIP IP address of the local content rule that handles the content requests for the domain name during content acceleration.
|
Secs til Ageout
|
The number of seconds remaining until the CSA decelerates the record.
|
Interval Hits
|
The number of content hits that occurred during the interval set through the dns-server domain-cache command.
|
Total Hits
|
The total number of DNS hits for this record.
|
AccelCount
|
The number of times that content was accelerated.
|
To display the DNS record keepalive information, enter:
# show dns-record keepalive
Table 2-21 describes the fields in the show dns-record keepalive output.
Table 2-21 Field Descriptions for the show dns-record keepalive Command
Field
|
Description
|
Name
|
The domain name for the record.
|
Type
|
The keepalive message type for this record, Accel, AP, ICMP, or none.
|
IP
|
The destination IP address of the keepalive message.
|
State
|
The state of the record, either UP or DOWN.
|
Transitions
|
The number of state transitions.
|
Load
|
The load for the record. This field is used with Threshold and only applies to an AP record type. Other types always have loads of 2.
If the load value exceeds the threshold value, the PDNS removes the DNS record from eligibility.
|
Threshold
|
The configured load threshold for the record. This threshold only applies to an AP record type. ICMP and none types do not use the threshold value.
|
To display the DNS record proximity information, enter:
# show dns-record proximity
Table 2-22 describes the fields in the show dns-record proximity output.
Table 2-22 Field Descriptions for the show dns-record proximity Command
Field
|
Description
|
<Domain name>
|
The domain name for the record.
|
Zone
|
The index number for the zone. A "*" character prepending the zone number indicates that the zone is a local entry. A value of 255 indicates that the record never came up.
|
Description
|
The zone description.
|
Hits Optimal
|
Optimal hits. This field increments when the DNS server returns the index that the PDB indicates was most proximate.
|
Hits SubOptimal
|
Suboptimal hits. This field increments when the DNS server returns an index that is different from the first one that the PDB indicated was most proximate.
|
Misses Optimal
|
Optimal misses. This field increments when the PDNS must send a client to a zone that is not indicated by the first zone index returned by the PDB.
|
Misses SubOptimal
|
Suboptimal misses. This field increments when the PDNS must send a client to a zone that is not indicated by either the first or second zone index returned by the PDB..
|
To display statistics information about the A or NS records, enter:
# show dns-record statistics
Table 2-23 describes the fields in the show dns-record statistics output.
Table 2-23 Field Descriptions for the show dns-record statistics Command
Field
|
Description
|
<Domain name>
|
The domain name for the record.
|
Local
|
The state of local entry for the record. Up indicates that the entry is configure. A "-" character indicates that the entry is learned and not configured. Down indicates that the keepalive failed.
|
Zone Count
|
The number of zones where this record is configured.
|
Zone
|
The index number for the zone. A "*" character prepending the zone number indicates that the zone is a local entry.
|
Description
|
The zone description.
|
Type
|
The DNS record type:
•A indicates an address record
•NS indicates a name-server record
|
IP Address
|
The configured IP address for the zone.
|
TTL
|
Time to Live, which indicates how long the receiver of a DNS reply for the given domain should cache the address information. By default, the TTL value is 0, indicating that the name server receiving the response should not cache the information.
|
Hits
|
The total number of DNS hits.
|
Related Commands
(config) dns-record
show dns-server
To display DNS server configuration and database information, use the show dns-server command. You can configure a CSS to send DNS requests to a DNS server on the network.
show dns-server {accelerate domains|dbase|domain-cache
{summary}|forwarder|stats}
Syntax Description
accelerate domains
|
Displays the configuration information for the Client Side Accelerator (CSA) on the CSS
|
dbase
|
Displays the entries in the DNS database as a result of local configuration of DNS names for content rules or learned DNS names from peer members of the content domain
|
domain-cache
|
Displays the domain-cache counters and entries
|
summary
|
Displays the domain-cache counters only
|
forwarder
|
Displays the statistics on the CSS for the DNS server forwarders
|
stats
|
Displays the DNS database statistics
|
Command Modes
All modes
Usage Guidelines
Use the show dns-server command without options to display the current DNS server configuration on the CSS, and statistics about requests and responses.
Note If the NS Buffers Free or Minimum fields drop below two, increase the responder tasks and buffer counts, and observe the effects on these fields. Refer to the (config) dns-server command.
Examples
To display current DNS server configuration, enter:
Table 2-24 describes the fields in the show dns-server output.
Table 2-24 Field Descriptions for the show dns-server Command
Field
|
Description
|
DNS Server Configuration
|
The enable or disable state of the DNS server function on the CSS. When enabled, the CSS acts as the authoritative name server for the content domain.
|
ACL Index
|
The ACL index number applied to the DNS server. If this field is 0, no ACL has been applied.
|
Responder Task Count
|
The configured DNS server responder task count. These tasks handle responses to incoming DNS query requests. The default is 2. The range is from 1 to 250.
|
Name Server Buffers
|
Total Count
|
The configured DNS server buffer count. The responder tasks share the buffers to handle incoming queries. The default is 50.
|
Current Free Count
|
The number of buffers available (not queried).
|
Minimum Free Count
|
The smallest number of buffers that will be available.
|
Reclaimed Count
|
The number of buffers forcibly reclaimed by the DNS server software.
|
Requests Accepted
|
The number of DNS queries accepted.
|
Responses Sent
|
The number of DNS responses sent.
|
No Error
|
The number of queries that the DNS server successfully answered.
|
Format Error
|
The number of queries received that had a packet format error.
|
Server Failure
|
The number of times that a referenced name server did not reply to a query.
|
Name Error
|
The number of queries received that the DNS server was not able to answer.
|
Not Implemented
|
The number of queries received requesting an operation that has not been implemented in the DNS server.
|
Operation Refused
|
The number of queries the DNS server received that it refused to answer.
|
Internal Resolver
|
Requests Sent
|
The number of queries sent to another name server for resolution.
|
Responses Accepted
|
The number of replies received from another name server.
|
Proximity Lookups
|
Requests Sent
|
The number of proximity lookups sent to the PDB.
|
Responses Accepted
|
The number of proximity lookups received from the PDB.
|
To display the CSA configuration on the CSS defined through the (config) dns-server accelerate domains command, enter:
# show dns-server accelerate domains
Table 2-25 describes the fields in the show dns-server accelerate domains output.
Table 2-25 Field Descriptions for the show dns-server accelerate domains Command
Field
|
Description
|
Current CSA Config
|
The state of the CSA configuration, Disabled or Enabled.
|
Threshold
|
The configured hits threshold used to determine whether or not a domain is accelerated. When the hits on the domain are greater than or equal to the threshold, the CSA accelerates the domain. The default is 0, indicating that the candidate domains are always accelerated. The range is from 0 to 65535.
|
Interval
|
The configured interval, in minutes, over which the CSS samples the hits on the domain and compares it with the threshold. The default is 5 minutes. The range is from 1 to 3600.
|
Expirations
|
The number of times that the interval has expired.
|
Max. to Accel
|
The maximum number of domains that can be accelerated. The default is 1024. The range is 0 to 4096.
|
Location
|
Indicates whether single or multiple CSA maintain the same content.
•Single-location, the default setting, allows the acceleration of a domain at one cache farm (POP) at a time.
•Multi-location allows multiple CSAs to accelerate the same domain resulting in multiple cache farms maintaining the same content.
|
Candidates Total
|
The total number of configured candidates on the CSS.
|
Candidates Accelerated
|
The total number of currently accelerated candidates on the CSS.
|
To display the DNS database entries, enter:
Table 2-26 describes the fields in the show dns-server dbase output.
Table 2-26 Field Descriptions for the show dns-server dbase Command
Field
|
Description
|
DN
|
The domain name of the entry.
|
DNSCB
|
The address of the DNS control block structure to return a DNS query response for the entry. This address is the location best suited to handle the request.
|
PROX
|
The address for the proximity record.
|
To display the entries and counters in the domain cache, enter:
# show dns-server domain-cache
Table 2-27 describes the fields in the show dns-server domain-cache output.
Table 2-27 Field Descriptions for the show dns-server domain-cache Command
Field
|
Description
|
Domain
|
The domain name of the entry
|
Counter
|
The number of DNS requests
|
To display the statistics on the CSS for the DNS server forwarders, enter:
# show dns-server forwarder
Table 2-28 describes the fields in the show dns-server forwarder output.
Table 2-28 Field Descriptions for the show dns-server forwarder Command
Field
|
Description
|
DNS Server Forwarder Primary
|
The state of the primary forwarder. The states are:
•Not Configured
•Up
•Down
|
DNS Server Forwarder Secondary
|
The state of the secondary forwarder. The states are:
•Not Configured
•Up
•Down
|
State Changes
|
The number of times that the state of the forwarder changed.
|
Requests Sent
|
The total number of requests sent to a particular forwarder.
|
Responses Accepted
|
The total number of responses received from a particular forwarder.
|
Totals:
|
Request Sent
|
The total number of requests sent to forwarders (primary and secondary).
|
Responses Accepted
|
The total number of responses received from forwarders (primary and secondary).
|
To display the DNS database statistics, enter:
Table 2-29 describes the fields in the show dns-server stats output.
Table 2-29 Field Descriptions for the show dns-server stats Command
Field
|
Description
|
DNS Name
|
The domain name entry
|
Content Name
|
Where the domain entry is mapped (A Record, NS Record, or host table), or a content rule name
|
Location
|
The IP address associated with the entry
|
Resolve Local
|
The number of local resolutions performed for the entry
|
Remote
|
The number of remote resolutions performed for the entry
|
Related Commands
(config) dns-server
(config) dns-server accelerate domains
(config) dns-server domain-cache
(config) dns-server zero
show domain
To display content domain summary information or specified domain information, use the show domain command. A content domain is a group of CSSs sharing the same content rules, load, and DNS information with each other.
show domain {ip_address {send|receive}|hotlist|owners
{ip_address}|rules {ip_address}}
Syntax Description
ip_address
|
The IP address for the peer. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
send
|
Displays only the send load reports and transmit message statistics.
|
receive
|
Displays only the receive load reports and receive message statistics.
|
hotlist
|
Displays the domain hot list configuration and hit information for domains.
|
owners
|
Displays shared owner names.
|
rules
|
Displays locally created or negotiated content rule names.
|
Command Modes
All modes
Usage Guidelines
Use the show domain command with no options to display content domain summary information including the number of domain peers and information about each peer.
Examples
To display content domain summary information, enter:
If you include the peer IP address with the show domain command, content domain summary information about the peer similar to the previous example appears along with CCC message statistics similar to the following:
For example, to display content domain send information for a specific domain peer, enter:
# show domain 192.168.10.1 send
For example, to display content domain receive information for a specific domain peer, enter:
# show domain 192.168.10.1 receive
For example, to display content domain send information for a specific domain peer, enter:
# show domain 192.168.10.1 send
Table 2-30 describes the fields in the show domain output.
Table 2-30 Field Descriptions for the show domain Command
Field
|
Description
|
Content Domain Summary
|
The number of domain peers.
|
Peer
|
The address for the peer.
|
CCC State
|
The state of the master FSM (finite state machine) that negotiates the APP (CCC) link.
|
OWN State
|
The state of the owner policy negotiation FSM that determines the owners about whom the peers will share domain name and rule information.
|
Rule State
|
The state of the rule policy negotiation FSM that exchanges individual domain name and rule matching criteria and load report information.
|
SendSlots
|
The number of individual domain name rules on which the CSS will send load reports to the peer.
|
ReceiveSlots
|
The number of individual domain name rules on which the CSS will receive load reports from the peer.
|
Interval
|
The time interval in seconds that load reports are sent to the peer.
|
MinRespTime
|
The minimum local flow response time. This number is shared with the peer to be used in conjunction with load numbers to normalize the load numbers shared between peers.
|
MaxRespTime
|
The maximum local flow response time. This number is shared with the peer to be used in conjunction with load numbers to normalize the load numbers shared between peers.
|
Policy
|
The negotiated load report send and receive policies.
|
Sending Load Reports for
|
The list of domain names for which the CSS is sending load reports to the peer.
|
Receiving Load Reports for
|
The list of domain names for which the CSS is receiving load reports from the peer.
|
CCC Msg stats
|
The number of times each of the message types used in the CCC/OWN/Rule FSM negotiations with the peer has been sent or received.
|
To display the domain hotlist and its configuration, enter:
Table 2-31 describes the fields in the show domain hotlist output.
Table 2-31 Field Descriptions for the show domain hotlist Command
Field
|
Description
|
Hotlist Enabled/Disabled
|
Enable the domain hotlist. The domain hotlist is disabled by default.
|
Size
|
The configured maximum number of domain entries contained in the hotlist. The default is 10. The number can be from 1 to 100.
|
Interval
|
The configured interval, in minutes, to refresh the domain hotlist and start a new list. The default is 1. The interval can be from 1 to 60.
|
Threshold
|
The configured number of domain hits per interval, which must be exceeded for a domain to be considered hot and added to the list. The default is 0 which indicates that the threshold is disabled. The threshold can be from 0 to 65535.
|
# Hot Domains
|
The total number of hot domains.
|
Hits
|
The number of hits for a hot domain.
|
Domain
|
The name of the hot domain associated with the Hits field.
|
To display shared owner names with CSS peers, enter:
To display locally created or negotiated content rule names, enter:
Related Commands
(config) (config) app session
(config) domain hotlist
show dos
To display detailed information about Denial of Service (DOS) attacks on each CSS Switch Fabric Processor (SFP), use the show dos command.
show dos {summary}
Syntax Description
summary
|
Displays a summary of DOS attacks. The summary includes the total number of attacks, the attack types with their maximum occurrences per second, and the first and last occurrence of an attack.
|
Command Modes
All modes
Usage Guidelines
Use the show dos command to display the following information:
•The total number of attacks since the CSS was booted.
•The types of attacks and the maximum number of these attacks per second.
•The first and last occurrence of an attack.
A Cisco CSS 11050 or 11150 can display detailed information about the 50 most recent attack events including the first and last attack, source and destination IP addresses, and the event type and total occurrences. A CSS 11800 can display up to 200 recent events. If multiple attacks occur with same DOS type, and source and destination address, an attempt is made to merge them as one event. This reduces the number of displayed events.
Examples
To display a summary of DOS attacks, enter:
To display detailed information about DOS attacks, enter:
Table 2-32 describes the fields in the show dos output.
Table 2-32 Field Descriptions for the show dos Command
Field
|
Description
|
Total Attacks
|
The total number of DOS attacks detected since the box was booted. The type of attacks that are listed along with their number of occurrences are:
•SYN Attacks, the TCP connections that are initiated by a source but are not followed with an ACK frame to complete the three way TCP handshake
•LAND Attacks, packets that have identical source and destination addresses
•Zero Port Attacks, frames that contain source or destination TCP or UDP ports equal to zero
Note Older SmartBits software may send frames containing source or destination ports equal to zero. The CSS logs them as DOS attacks and drops these frames.
•Illegal Src Attacks, illegal source addresses
•Illegal Dst Attacks, illegal destination addresses
•Smurf Attacks, pings with a broadcast destination address
|
Maximum per second
|
The maximum number of events per second. Use the maximum events per second information to set SNMP trap threshold values. Note that the maximum number of events per second is the maximum per SFP. For a CSS 11800, which may have up to 4 SFPs, the maximum rate per second may be as high as four times that which is displayed.
|
First Attack Detected
|
The first time an attack was detected.
|
Last Attack Detected
|
The last time an attack was detected.
|
DOS Attack Event
|
Details for each detected attack event, up to a maximum of 50 events per SFP.
|
First Attack
|
The first time that the attack event occurred.
|
Last Attack
|
The last time that the attack event occurred.
|
Source/
Destination Address
|
The source and destination addresses for the attack event.
|
Event Type
|
The type of event.
|
Total Attacks
|
The total number of attack occurrences for the event.
|
Related Commands
zero ip statistics
(config) snmp trap-type enterprise
show dql
To display the attributes for the Domain Qualifier Lists (DQLs) or a specified DQL, use the show dql command. A DQL is a collection of domain names which you can assign to a content rule, instead of creating a rule for each address.
show dql {dql_name}
Syntax Description
dql_name
|
The name of a specific DQL. To see a list of DQLs, enter:
|
Command Modes
All modes
Examples
To display all DQLs, enter:
Table 2-33 describes the fields in the show dql output.
Table 2-33 Field Descriptions for the show dql Command
Field
|
Description
|
Name
|
The name of the DQL
|
Index
|
The CSS unique index which identifies the DQL
|
Description
|
The description for the DQL
|
Index
|
The DQL unique index number for this domain
|
Domain
|
The name of the domain associated with the index number
|
Description
|
The description for the domain
|
Related Commands
(config) dql
show dump-status
To display whether core dumps are enabled or disabled, use the show dump-status command.
show dump-status
Command Modes
All modes
Examples
To display the dump mode status, enter:
Related Commands
(config) dump
show eql
To display the attributes for the Extension Qualifier Lists (EQLs) or a specified EQL, use the show eql command. An EQL is a collection of file extensions for content requests joined together through content rules. The CSS uses this list to identify which requests to send to a service.
show eql {eql_name}
Syntax Description
eql_name
|
The name of a specific EQL. To see a list of EQLs, enter:
|
Command Modes
All modes
Examples
To display all EQLs and their extensions, enter:
Table 2-34 describes the fields in the show eql output.
Table 2-34 Field Descriptions for the show eql Command
Field
|
Description
|
EQL
|
The name of the EQL and its description, if configured
|
Extensions
|
The extensions of content requests associated with the EQL and their descriptions, if configured
|
Related Commands
(config) eql
show ether-errors
To list the extended 64-bit statistics for errors on Ethernet interfaces in the CSS, use the show ether-errors command. The Enterprise ap64Stats MIB defines these statistics. To display the RFC1398 32-bit statistics, include the -32 suffix.
show ether-errors{-32} {interface_name}
Syntax Description
-32
|
Displays the RFC1398 32-bit statistics
|
interface_name
|
The name of the physical Ethernet interface on the CSS. Enter a case-sensitive unquoted text string. To see a list of interfaces, enter:
|
Command Modes
All modes
Examples
To display the errors on an Ethernet interface in the CSS, enter:
Table 2-35 describes the fields in the show ether-errors output.
Table 2-35 Field Descriptions for the show ether-errors Command
Field
|
Description
|
Alignment
|
The number of frames with alignment errors (frames that do not end with a whole number of octets and have a bad CRC) received on the interface.
|
FCS
|
The number of frames received on the interface that are an integral number of octets in length but do not pass the FCS check.
|
Single Collision
|
The number of successfully transmitted frames on the interface for which transmission is inhibited by exactly one collision.
|
Multiple Collisions
|
The number of successfully transmitted frames on the interface for which transmission is inhibited by more than one collision.
|
SQE Test
|
The number of times that the SQE TEST ERROR message is generated.
|
Deferred Tx
|
The number of frames for which the first transmission attempt on the interface is delayed because the medium is busy.
The count represented by an instance of this object does not include frames involved in collisions.
|
Internal RX Errors
|
The number of frames for which reception on the interface fails due to an internal MAC sublayer receive error.
|
Frame too Long
|
The number of frames received on the interface that exceed the maximum permitted frame size.
|
Carrier Sense Errors
|
The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame on the interface.
|
Internal Tx Errors
|
The number of frames for which transmission on the interface fails due to an internal MAC sublayer transmit error.
|
Excessive Collisions
|
The number of frames for which transmission on the interface fails due to excessive collisions.
|
Late Collisions
|
The number of times that a collision is detected on the interface later than 512 bit-times into the transmission of a packet.
|
Related Commands
clear
show flows
To display the flow summary for a source IP address, or for a specific source address and its destination IP address on an SFP, use the show flows command. You can display up to 200 flows per SFPs. On a Cisco CSS 11800 with its four SFPs, you can display up to 800 flows. This information allows you to view flows to ensure the proper operation of firewall load balancing.
show flows source_address {destination_address}
Syntax Description
source_address
|
The source IP address for the flows. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
destination_address
|
The optional destination IP address. Enter the address in dotted-decimal format (for example, 192.168.11.1).
|
Command Modes
All modes
Examples
To display the flows for a specific source IP address, enter:
# show flows 192.165.22.1
To display the flows for specific source and destination IP addresses, enter:
# show flows 192.165.22.1 192.163.2.3
Table 2-36 describes the fields in the show flows output.
Table 2-36 Field Descriptions for the show flow Command
Field
|
Description
|
Src Address
|
The source address for the flow
|
SPort
|
The source port for the flow
|
Dst Address
|
The destination address for the flow
|
DPort
|
The destination port for the flow
|
NAT Dst Address
|
The NAT destination address
|
Prot
|
The protocol of the flow (TCP or UDP)
|
InPort
|
The interface port for the in flow
|
OutPort
|
The interface port for the out flow
|
Related Commands
(config) ip firewall
(config) ip route
show group
To display a collection of groups or the attributes for a specified group, use the show group command. A group is a collection of local servers that initiate flows from within the local web farm.
show group {group_name {portmap}}
Syntax Description
group_name
|
Displays the attributes for a specified group
|
portmap
|
Displays the portmapping for the group
|
Command Modes
All modes
Usage Guidelines
If you are in group mode, the show group command displays the attributes for the current group.
Examples
To display a collection of groups and their attributes, enter:
Table 2-37 describes the fields in the show group output.
Table 2-37 Field Descriptions for the show group Command
Field
|
Description
|
Index
|
The index number of the group, whether the group is activated (Active) or suspended (Suspend), and the source IP address for the group.
|
Associated ACLs
|
Any ACLs associated with the group.
|
Source/Destination Service Services
|
The source or destination services of the source group.
|
Name
|
The name of the service.
|
Hits
|
The number of content hits on the service.
|
State
|
The state of the service. The possible states are Alive, Dying, or Dead.
|
DNS Load
|
The DNS load for the service. A load of 255 indicates that the service is down. An eligible load range is from 2 to 254.
|
Trans
|
The number of times that the state of the service has transitioned.
|
Keepalive
|
The keepalive type of the service. The possible types are FTP, HTTP, ICMP, NAMED, SCRIPT, or TCP.
|
Conn
|
The number of connection currently on the service.
|
Group Cumulative Counters
|
The counters for the group.
|
Hits/Frames/Bytes
|
The number of group hits, frames and bytes.
|
Connection Total/Current
|
The total number of connections and the current number of connections for the group.
|
FTP Control Total/Current
|
The total number of FTP control channels that were mapped and monitored by the CSS, and the current number of those connections that are mapped.
|
Group SFP Port Map Info
|
The port map information for each SFP in a Cisco CSS 11800.
|
SFP
|
The slot and port number of the SFP.
|
Base Port
|
The starting SFP port number in the chassis.
|
Configured Base Port
|
The configured starting port number for each SFP.
|
Configured Ports per SPF
|
The configured number of ports allowed on each SFP.
|
Current Mapped Ports
|
The current number of mapped ports.
|
Last Mapped Port
|
The most recently mapped port number for each SFP.
|
No Portmap Errors
|
The number of times no port could be allocated by the portmapper.
|
High Water Mark
|
The highest number of ports that this source group has had concurrently mapped since the last group was activated.
|
Related Commands
(config) group
show header-field-group
To display the configuration for all header-field groups or a specific group, use the show header-field-group command.
show header-field-group {all|name}
Syntax Description
all
|
Displays detailed information about all configured header-field groups
|
name
|
Displays detailed information about a specified header-field group
|
Command Modes
All modes
Examples
To show a summary of all configured header-field groups, enter:
# show header-field-group
To show the details of all configured header-field groups, enter:
# show header-field-group all
To show each defined header field in a specific header-field group, enter:
# show header-field-group test
Table 2-38 describes the fields in the show header-field-group output.
Table 2-38 Field Descriptions for the show header-field-group Command
Field
|
Description
|
header field group
|
The name of the header-field group
|
Description
|
The configured description for the header-field group
|
Related Commands
(config) header-field-group
(config-header-field-group) description
(config-header-field-group) header-field
show history
To display the session command history, use the show history command. The command-line history buffer stores CLI commands that you previously entered.
show history
Command Modes
All modes
Examples
To display a history of commands during this session, enter:
show domain owners 192.32.1.10
show domain rules 192.32.1.10
show ether-errors zero e1
Related Commands
history length
show installed-software
To display a list of currently installed CSS software on the CSS disk or the maximum number of software versions you can install on the disk, use the show installed-software command.
show installed-software {version-limit}
Syntax Description
version-limit
|
Displays the maximum number of software versions you can install on the disk
|
Command Modes
All modes
Examples
To display a list of currently installed software on the CSS disk, enter:
# show installed-software
To display the maximum number of software versions you can install on the CSS disk, enter:
# show installed-software version-limit
No more than 4 installed versions permitted
Related Commands
version
show interface
To display information for all interfaces or a specific interface, use the show interface command. The interfaces include Ethernet, circuit, and console interfaces.
show interface {interface_name}
Syntax Description
interface_name
|
The specific interface in the CSS. To see a list of interfaces in the CSS, enter:
|
Command Modes
All modes
Examples
To display information about all interfaces in the CSS, enter:
To only display information for a specific interface, enter the show interface command and the interface name. For example:
Table 2-39 describes the fields in the show interface output.
Table 2-39 Field Descriptions for the show interface Command
Field
|
Description
|
Name
|
The name of the interface.
|
ifIndex
|
The ifIndex for the interface.
|
Type
|
The type of interface. The possible types include:
•fe, fast Ethernet interface
•ge, gigabit Ethernet interface
•console, console interface
|
Oper
|
Operational state, up or down.
|
Admin
|
Administration state, up or down.
|
Last Change
|
The date of the last state change.
|
show ip config
To display IP global configuration parameters, use the show ip config command. The parameters shows the state (enabled or disabled) of the source route option, forward IP broadcasts, record route option, and IP route change logging. It also shows the value for the orphaned route timer and the type of Multiple Equal Cost Path algorithm.
show ip config
Command Modes
All modes
Examples
To display IP global configuration parameters, enter:
Table 2-40 describes the fields in the show ip config output.
Table 2-40 Field Descriptions for the show ip config Command
Field
|
Description
|
Source Route Option
|
Whether the processing of source-routed frames is enabled or disabled.
|
Forward IP Broadcasts
|
Whether the forwarding of IP broadcasts is enabled or disabled.
|
Orphaned Route Timer
|
The setting for the orphaned route timer.
|
Record Route Option
|
Whether the processing with a record-route option is enabled or disabled.
|
Multiple Equal Cost Path Algorithm
|
The setting for the equal-cost multipath selection algorithm. The possible settings are:
•Address, choose among alternate paths based on IP addresses
•Round-robin, alternate between equal paths in roundrobin fashion
|
IP Route Change Logging
|
Whether the logging of IP route changes is enabled or disabled.
|
Related Commands
(config) ip
show ip interfaces
To display configured IP interfaces, use the show ip interfaces command. The display includes the circuit name and state, IP address, network mask, broadcast address, redundancy, Internet Control Message Protocol (ICMP) settings, and RIP settings.
show ip interfaces
Command Modes
All modes
Examples
To display configured IP interfaces, enter:
Table 2-41 describes the fields in the show ip interfaces output.
Table 2-41 Field Descriptions for the show ip interfaces Command
Field
|
Description
|
Circuit Name
|
The name of the circuit associated with the IP interface.
|
State
|
The state of the IP interface. The possible states are:
•active (1), the interface is up
•disabled (2), the interface is disabled
•noCircuit (3), the interface is waiting for an underlying circuit
|
IP Address
|
The IP address assigned to the circuit.
|
Network Mask
|
The network mask of the circuit.
|
Broadcast Address
|
The broadcast IP address associated with the IP interface. If left at zero, the all-ones host is used for numbered interfaces. 255.255.255.255 is always used for unnumbered interfaces.
|
Redundancy
|
Indicates whether the redundancy protocol is running on the interface. The default state is disable.
|
ICMP Redirect
|
Whether the transmission of Internet Control Message Protocol (ICMP) redirect messages is enabled or disabled. The default state is Enabled.
|
ICMP Unreachable
|
Whether the transmission of ICMP "destination unreachable" messages is enabled or disabled. The default state is Enabled.
|
RIP
|
Whether the RIP is enabled or disabled.
|
Related Commands
(config) ip
show ip routes
To display all or specified IP routing information, use the show ip routes command.
show ip routes {local|firewall|ospf|rip|static|ip_or_host
{to ip_or_host|mask_or_prefix}
Syntax Description
local
|
Displays all local routes.
|
firewall
|
Displays all firewall routes.
|
ospf
|
Displays all OSPF routes.
|
rip
|
Displays all RIP routes.
|
static
|
Displays all static routes.
|
to
|
Displays information about a route to a destination, a specific route, or routes in a range.
|
ip_or_host
|
The IP address of the host or network prefix. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1). The IP address after the to keyword is the last IP address in a range.
|
mask_or_prefix
|
Subnet address of the specific network. Enter the subnet address in mask or prefix notation (for example, /24).
|
Command Modes
All modes
Examples
To display all routes on the CSS, enter:
To display OSPF routes on the CSS, enter:
Table 2-42 describes the fields in the show ip routes output.
Table 2-42 Field Descriptions for the show ip routes Command
Field
|
Description
|
prefix/length
|
The IP address and prefix length for the route.
|
next hop
|
The IP address for the next hop.
|
if
|
The ifIndex value that identifies the local interface through which the next hop of this route should be reached.
|
type
|
The type of the route entry. The possible types are:
•local, local interface
•remote, remote destination
•mgmt, management interface
|
proto
|
The protocol for the route.
|
age
|
The maximum age for the route.
|
metric
|
The metric cost for the route.
|
Related Commands
(config) ip
show ip statistics
To display the aggregate TCP statistics for the CSS, use the show ip statistics command. These statistics include UDP, TCP, ICMP, and ARP statistics.
show ip statistics
Command Modes
All modes
Examples
To display aggregate TCP statistics for the CSS, enter:
Table 2-43 describes the fields in the show ip statistics output.
Table 2-43 Field Descriptions for the show ip statistics Command
Field
|
Description
|
UDP Statistics
|
Input Datagrams
|
The total number of UDP datagrams delivered to UDP users.
|
No Port Errors
|
The total number of received UDP datagrams for which there was no application at the destination port.
|
Output Datagrams
|
The total number of UDP datagrams sent from the CSS.
|
Input Errors
|
The number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the destination port.
|
TCP Statistics
|
Retransmit Algorithm
|
The algorithm used to determine the timeout value for retransmitting unacknowledged octets.
|
Max Retransmit Time
|
The maximum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds.
|
Active Opens
|
The number of times TCP connections have made a direct transition to the SYN-SENT state from the CLOSED state.
|
Failed Attempts
|
The number of times TCP connections have made a direct transition to the CLOSED state from either the SYN-SENT state or the SYN-RCVD state, plus the number of times TCP connections have made a direct transition to the LISTEN state from the SYN-RCVD state.
|
Established Conns
|
The number of TCP connections for which the current state is either ESTABLISHED or CLOSE-WAIT.
|
Output Segments
|
The total number of segments sent, including those on current connections but excluding those containing only retransmitted octets.
|
Input Errors
|
The total number of segments received in error (for example, bad TCP checksums).
|
Min Retransmit Time
|
The minimum value permitted by a TCP implementation for the retransmission timeout, measured in milliseconds.
|
Max TCP Connections
|
The limit on the total number of TCP connections the CSS can support.
|
Passive Opens
|
The number of times TCP connections have made a direct transition to the SYN-RCVD state from the LISTEN state.
|
Resets
|
The number of times TCP connections have made a direct transition to the CLOSED state from either the ESTABLISHED state or the CLOSE-WAIT state.
|
Input Segments
|
The total number of segments received, including those received in error. This count includes segments received on currently established connections.
|
Retransmit Segments
|
The total number of segments retransmitted; the number of TCP segments transmitted containing one or more previously transmitted octets.
|
Output Resets
|
The number of TCP segments sent containing the RST flag.
|
ICMP Statistics
|
Echo Requests In
|
The number of received ICMP Echo (request) messages.
|
VIP Echo Requests
|
The sending Echo request count for the VIP.
|
Unreachable
|
The number of received ICMP Destination Unreachable messages.
|
Redirect
|
The number of received ICMP Redirect messages.
|
Router Solicit
|
The number of received ICMP router solicitation packets.
|
Param Problem
|
The number of received ICMP Parameter Problem messages.
|
Timestamp Reply
|
The number of sent ICMP Timestamp Reply messages.
|
Information Reply
|
The number of received ICMP reply packets.
|
Mask Reply
|
The number of received ICMP Address Mask Reply messages.
|
Echo Replies In
|
The number of received ICMP Echo reply messages.
|
VIP Echo Replies
|
The sending Echo replies in response to echoes for the VIP.
|
Source Quench
|
The number of received ICMP Source Quench messages.
|
Router Adv
|
The number of received ICMP router advertisement packets.
|
Time Exceeded
|
The number of received ICMP Time Exceeded messages.
|
Timestamp
|
The number of sent ICMP Timestamp (request) messages.
|
Information Request
|
The number of received ICMP information request packets.
|
Mask Request
|
The number of sent ICMP Address Mask Request messages.
|
Invalid
|
The number of received bad ICMP type packets.
|
ARP Statistics
|
Requests In
|
The number of received ARP request packets.
|
Requests Out
|
The sending ARP request packet count.
|
Duplicate Addr
|
The number of received ARP packets with duplicate IP address detected count. This can be the local IP address, VIP, or virtual interface
|
Invalid
|
The number of invalid or bad ARP packets.
|
Replies In
|
The number of received ARP reply packets.
|
Replies Out
|
The sending ARP reply packet count.
|
In Off Subnet
|
The number of received ARP packets with sender or target addresses outside of the subnet range of the receiving interface.
|
Unresolved
|
The number of processed IP frames with unresolved next hop MAC addresses.
|
Related Commands
(config) ip
show ip summary
To display a summary of IP global statistics, use the show ip summary command. The statistics include data on reachable and total routes, reachable and total hosts, memory in use for each, and total IP routing memory in use.
show ip summary
Command Modes
All modes
Examples
To display aggregate TCP statistics for the CSS, enter:
Table 2-44 describes the fields in the show ip summary output.
Table 2-44 Field Descriptions for the show ip summary Command
Field
|
Description
|
Reachable Routes
|
The current number of reachable routes and the amount of memory in bytes used.
|
Total Routes
|
The current number of routes maintained, both reachable and unreachable and the amount of memory in bytes used.
|
Reachable Hosts
|
The current number of reachable host entries and the amount of memory in bytes used.
|
Total Hosts
|
The current number of host entries, both reachable and unreachable and the amount of memory in bytes used.
|
Total Memory in use - IP Routing Memory Pool
|
The total amount of memory in bytes allocated for the IP routing table. When there are no more free entries in the memory pool, more memory is allocated to the pool.
|
Related Commands
(config) ip
show keepalive
To display keepalive status and configuration information for all keepalives or a specified keepalive, use the show keepalive command.
show keepalive {name}
Syntax Description
name
|
The name of the specified keepalive
|
Command Modes
All modes
Examples
To display information for all keepalives, enter:
Table 2-45 describes the fields in the show keepalive output.
Table 2-45 Field Descriptions for the show keepalive Command
Field
|
Description
|
Name
|
The name of the keepalive.
|
Index
|
The CSS assigned unique index value for each keepalive.
|
State
|
The state of the keepalive. The possible states are down, alive, and dying.
|
Description
|
The description for this keepalive.
|
Address
|
The IP address where the keepalive messages are sent.
|
Port
|
The port number for the keepalive.
|
Type
|
The type of keepalive message assigned to this keepalive. The possible types are FTP, HTTP, ICMP, script, TCP, or named.
|
Frequency
|
The time in seconds between sending keepalive messages to the IP address. The default is 5. The range is from 2 to 255.
|
Max Failures
|
The configured number of times the IP address can fail to respond to a keepalive message before being considered offline. The default is 3. The range is from 1 to 10.
|
Retry Frequency
|
The retry period in seconds to send messages to the keepalive IP address. The default is 5. The range is from 2 to 255.
|
Dependent Services
|
Services currently configured to use the keepalive. This mainly used for named keepalive types.
|
Related Commands
(config) keepalive
show keepalive-summary
To display summary information for all keepalives, use the show keepalive-summary. This information includes the name, status, and IP address.
show keepalive-summary
Command Modes
All modes
Examples
To display a summary of information for all keepalives, enter:
Related Commands
(config) keepalive
show lines
To display currently connected lines or sessions, use the show lines command. A connected line is a console or Telnet session.
show lines
Command Modes
All modes
Examples
To display currently connected lines or sessions, enter:
Table 2-46 describes the fields in the show lines output.
Table 2-46 Field Descriptions for the show lines Command
Field
|
Description
|
Line
|
The type of session. The * indicates your current session.
|
User
|
The login name of the user.
|
Login
|
The amount of time that the user has been logged on the CSS.
|
Idle
|
The amount of time that the session has been idle.
|
Location
|
The location where the session is occurring.
|
show load
To display the global load configuration on the CSS and the load information for services, use the show load command.
show load
Command Modes
SuperUser
Examples
To display the global load configuration and service load information, enter:
Table 2-47 describes the fields in the show load output.
Table 2-47 Field Descriptions for the show load Command
Field
|
Description
|
Global load information
|
The configured state of load reporting (enabled or disabled). Reporting is disabled by default.
|
Step Size
|
The configured method in which the load step size is calculated:
•Dynamic indicates that the CSS calculates the step size.
•Static indicates that the configured step size is used.
|
Configured
|
The configured load step. The value is the difference in milliseconds between load numbers. If the step size method is dynamic, this is the initial load step. The CSS modifies the value after it collects sufficient response time information from the services.
|
Actual
|
The actual load step. The value is the difference in milliseconds between load numbers. If the step size method is configured, the actual value will be the same as the Configured field.
|
Threshold
|
The configured global load number which the CSS uses to determine if a service is eligible to receive flows. The default is 254 with a range of 2 to 254.
|
Ageout-Timer
|
The configured time interval in seconds in which stale load information for a service is aged out. When the ageout timer interval expires, the CSS erases the information and resets the service load to 2. The default is 60 with a range of an integer from 0 to 1000000000. The value of 0 disables the timer.
|
Teardown-timer
|
The maximum time between teardown reports. The default is 20 with a range from 0 to 1000000000. The value of 0 disables the timer.
|
Configured
|
The configured maximum time between teardown reports. The default is 20 with a range from 0 to 1000000000. The value of 0 disables the timer.
|
Actual
|
The actual time between teardown reports.
|
Service Name
|
The name of the service.
|
Average Load Number
|
The average load number for the service.
|
Related Commands
(config) load
show log
To send the log activity to your current session, or display the contents in a log or trap log file, use the show log command.
show log {log_filename {tail lines} {line-numbers}}
Syntax Description
log_filename
|
The name of the log file. Enter an unquoted text string with no spaces. To see a list of log files with their dates, enter:
Enter traplog to displays all SNMP traps that have occurred. A trap log file is an ASCII file in the log directory containing generic and enterprise SNMP traps. By default, the following events generate level critical-2 messages:
•Link Down
•Cold Start
•Warm Start
•Service Down
•Service Suspended
All other SNMP traps generate level notice-5 messages.
Note Even though traps are disabled, the CSS still produces a log message for any event that would normally generate a trap.
|
tail
|
Displays the bottom and most recent portion of the log file.
|
lines
|
The number of lines to display starting at the end of the log file. Enter a number from 1 to 1000.
|
line-numbers
|
Includes the line numbers when displaying the contents of the log file.
|
Command Modes
SuperUser and all configuration modes
Usage Guidelines
When you use the show log command to send the log activity to your current session. Press any key to stop the sending of this log activity. This command performs the same function as (config) logging line. Note that you cannot run these commands at the same time.
Examples
To send the log activity to your current session, enter:
Press any key to abort...
APR 14 16:28:09 5/1 2398 NETMAN-7: HTTPC:HTTPC_Open:
ERROR->connect <-1,0> <192.20.1.7> <80>
APR 14 16:28:15 5/1 2399 NETMAN-7: HTTPC:HTTPC_Open:
ERROR->connect <-1,0> <192.20.1.7> <80>
APR 14 16:28:21 5/1 2400 NETMAN-7: HTTPC:HTTPC_Open:
ERROR->connect <-1,0> <192.20.1.7> <80>
APR 14 16:28:27 5/1 2401 NETMAN-7: HTTPC:HTTPC_Open:
ERROR->connect <-1,0> <192.20.1.7> <80>
To display information in a specific log file, enter the show log command with a valid log filename. For example:
SEP 22 09:59:18 5/1 918 NETMAN-7: SNMP:SET RSP (3803)
SEP 22 09:59:53 5/1 919 NETMAN-7: SNMP:SET (3804)
SEP 22 09:59:53 5/1 920 NETMAN-7: SNMP: 1
apLogHostIpAddress.[1.2.3.4] VT_IPADDRESS <1.2.3.4>
SEP 22 09:59:53 5/1 921 NETMAN-7: SNMP: 2
apLogHostIpAddress.[1.2.3.4] VT_IPADDRESS <1.2.3.4>
Related Commands
clear
copy log
snmp trap-type generic
show log-list
To display a list of all log files, use the show log-list command.
