Cisco GSS Command Reference (Software Version 4.1(0))
Cisco Global Site Selector CLI Commands
Download this chapter
Cisco Global Site Selector CLI CommandsCisco Global Site Selector CLI Commands
Download the complete book
gsscmdrf.pdfgsscmdrf.pdf (PDF - 6 MB)
 Feedback

Table Of Contents

Cisco Global Site Selector CLI Commands

General Commands

?

cd

clear

clear ddos-config

clock

configure

copy

ddos peacetime

ddos peacetime apply

ddos peacetime database erase

ddos peacetime save

ddos peacetime show

ddos peacetime start

ddos peacetime stop

ddos restore-defaults

del

dir

disable

dnslookup

enable

enable-passwd

end

exit

ftp

geodb database delete

geodb database load filename

geodb database lookup ipaddress

geodb database dump file format

geodb database periodic-backup now

geodb static-entry

gss

gss tech-report

gssm

help

install

license

lls

ls

lsof

no

ping

proximity database delete

proximity database dump

proximity database load

proximity database periodic-backup

proximity group-summary dump

proximity play-config

proximity probe

proximity start

proximity statistics group-summary dump

proximity stop

pwd

refresh-gssmesh-statistics

reload

rename

reset-gui-admin-password

restore-factory-defaults

rotate-logs

scp

setup

show access-group

show access-list

show arp

show boot-config

show clock

show ddos

show ddos attacks

show ddos dproxy

show ddos failed-dns

show ddos-config

show ddos rate-limit

show ddos status

show disk

show ftp

show gslb-config

show gslb-errors

show geodb

show geodb database

show interface

show inventory

show ip routes

show license

show logging

show logs

show memory

show ntp

show processes

show properties

show proximity

show proximity database

show proximity group-name

show proximity group-summary

show running-config

show services

show snmp

show ssh

show startup-config

show statistics

show statistics boomerang

show statistics dns

show statistics ddos

show statistics drpagent

show statistics gss-mesh all dns

show statistics keepalive

show statistics proximity

show statistics sticky

show statistics tacacs

show sticky

show sticky database

show sticky global

show sticky group-name

show sticky group-summary

show sticky mesh

show supportpass-status

show system-status

show tacacs

show tech-support

show telnet

show terminal-length

show uptime

show user

show users

show version

shutdown

sticky database delete

sticky database dump

sticky database load

sticky database periodic-backup

sticky start

sticky stop

supportpass

tail

tcpdump

telnet

traceroute

type

write


Cisco Global Site Selector CLI Commands

This chapter provides detailed information for the following types of Global Site Selector (GSS) CLI commands:

General commands that you can enter after you log in to the GSS in user EXEC and privileged EXEC modes.

Global configuration commands that you enter after you log in to the GSS in privileged EXEC mode.

Interface configuration commands that you enter after logging in to the GSS in privileged EXEC mode.

Global server load-balancing configuration commands that you enter after logging in to the GSS in privileged EXEC mode.

Domain and source address list commands that you enter after you access the global server load-balancing configuration mode.

Answer and answer group commands that you enter after you access the global server load-balancing configuration mode.

Domain Name System (DNS) rule configuration commands that you enter after you access the global server load-balancing configuration mode.

DNS sticky configuration commands that you enter after you access the global server load-balancing configuration mode.

Proximity configuration commands that you enter after you access the global server load-balancing configuration mode.

The documentation of each command contains the following information:

Command Syntax—Information about the correct structure and syntax for the command

Usage Guidelines—Detailed information that describes the purpose of the command and its proper application

Examples—Command syntax as it appears in a CLI session

Related Commands—Other CLI commands with a purpose that is closely related to or dependent on the current command

For more information about accessing a CLI session and using CLI commands, see Chapter 1, Using the Command-Line Interface.

General Commands

The following general commands are available to you immediately after you log in to a GSS. The commands that you can access depend on your permission level.

User EXEC permission level provides access to the following commands and any associated no forms:

cd

ls

dir

ping

dnslookup

pwd

enable

scp

exit

show

ftp

tail

help

telnet

lls

type


Privileged EXEC permission level provides access to all general commands. You can also access commands in the following modes: global configuration, interface configuration, global server load-balancing configuration, and subordinate global server load-balancing configuration modes.

?

To display a list of the available commands and syntax options, use the ? command.

?

Syntax Description

This command has no "arguments or keywords".

Command Modes

All command modes

Usage Guidelines

This command displays the commands and syntax options available to you at the point at which you enter the command. For additional background on the use of GSS help, see Chapter 1, Using the Command-Line Interface.

Examples

The following example shows how to display a list of the available commands and syntax options: 

gss1.example.com> ?

	cd 			Change directory

	dir 			Directory list

	ddos 			DDoS exec commands

	dnslookup	Resolve hostname (DNS)

	enable 			Turn on privileged commands

	exit 			Exit from the EXEC

	ftp 			Open FTP session to host

	help 			Description of the interactive help system

	lls 			list files in long info

	ls 			Directory list

	ping 			Ping a remote host

	pwd 			Show present working directory

	scp 			SecureCopy files [scp from to]

	show			Show running system information

	tail 			Display last 10 lines of a file

	telnet 			Open telnet session to host

	type 			View a file

host(config)# show ?                 

	access-group 				Configure access lists

	access-list 				Configure access lists

	arp				Display system ARP cache

	boot-config				Display bootable GSS software images

	clock 				Display system clock

	ddos				DDoS exec commands

	disk				Display disk information

	ftp				Display ftp status

	gslb-config				Show configuration for gslb objects

	gslb-errors				Show errors during most recent script-play

	interface 				Configure interface

	inventory				Show inventory information

	ip 				Display IP information

	license				Show license information

	logging 				Configure system logging

	logs				Display GSS system log

	memory				Display memory information

	ntp 				NTP service control

	processes				Display processes on system

	properties 				Display system properties

	proximity 				Display Proximity subsystem information

	running-config		 Show running configuration

	services				Display status of basic services

	snmp				Display SNMP information

	ssh 				Display SSH status

	startup-config		 Show startup configuration

	statistics				Display statistics

	sticky				Display Sticky Database information

	system-status			 	Report status of GSS

	tacacs				Display TACACS+ configuration

	tech-support				Display information useful to Cisco TAC

	telnet				Display telnet status

	terminal-length	Display terminal-length

	uptime				Display system uptime

	user				Display user information

	users				Display configured users

	version				Display system version

Related Commands

help

cd

To change the directory, use the cd command.

cd directoryname

Syntax Description

directoryname

Name of the directory.


Command Modes

User and privileged EXEC

Usage Guidelines

Use this command to maneuver between directories and for file management. The directory name becomes the default prefix for all relative paths. Relative paths do not begin with a slash (/). Absolute paths begin with a slash (/).

Enter cd .. to move to the directory that is one level higher than the one that you are in.

Examples

The following example shows the relative path: 

gss1.example.com> cd local1

The following example shows the absolute path: 

gss1.example.com> cd /local1

Related Commands

dir

lls

ls

lsof

pwd

clear

To reset GSS statistics for a specific subsystem, use the clear command.

clear statistics {boomerang | ddos [all | attacks | drops | global ] | dns | drpagent | keepalive {all | cra | http-head | icmp | kalap | ns | tcp} | proximity | sticky {mesh} | tacacs}

Syntax Description

statistics

Resets load-balancing statistics on the GSS.

boomerang

Resets statistics that relate to the boomerang server component of the GSS.

ddos

Resets statistics that relate to the Distributed Denial of Service (DDoS) detection and mitigation component of the GSS.

global

(Optional) Resets global statistics that relate to the GSS DDoS detection and mitigation component.

attacks

(Optional) Resets attack statistics that relate to the GSS DDoS detection and mitigation component.

dns

Resets statistics that relate to the Domain Name System (DNS) server component of the GSS, including proximity and sticky DNS rule statistics.

dpragent

Resets statistics that relate to the DRP agent component of the GSS.

keepalive

Resets statistics that relate to the keepalive function of the GSS software.

all

Resets statistics for all keepalive types maintained by the GSS.

cra

Resets statistics for only content routing agent (CRA)-type keepalives maintained by the GSS.

http-head

Resets statistics for only the VIP HTTP-HEAD type keepalive maintained by the GSS.

icmp

Resets statistics for only the VIP ICMP-type keepalive maintained by the GSS

kalap

Resets statistics for only the VIP KAL-AP-type keepalive maintained by the GSS.

ns

Resets statistics for the Name Server-type keepalive maintained by the GSS.

scripted-kal

Resets statistics for the Scripted-Kal-type keepalive maintained by the GSS.

tcp

Resets statistics for the IP and port TCP-type keepalive maintained by the GSS.

proximity

Resets statistics for the network proximity function.

sticky

Resets statistics for the DNS sticky function.

mesh

Resets mesh and session statistics for the local GSS node of the global sticky mesh.

tacacs

Resets TACACS+GSSM statistics.


Command Modes

Privileged EXEC

Usage Guidelines

Use the clear command to reset global server load-balancing statistics for one or more of your GSS components. Clearing the statistics for a GSS component will erase all record of routing activity and performance for that device.

Examples

The following example shows how to use the clear command: 

gss1.example.com# clear statistics boomerang

Are you sure? (yes/no) yes

gss1.example.com# clear statistics dns

Are you sure? (yes/no) yes

cra keepalive statistics cleared

gss1.example.com# clear statistics keepalive kalap

Are you sure? (yes/no) yes

kal-ap keepalive statistics cleared

gss1.example.com# clear statistics proximity 

Are you sure? (yes/no) yes 

proximity statistics cleared

clear ddos-config

To clear the configuration from the Distributed Denial of Service (DDoS) detection and mitigation subsystem, use the clear ddos-config command.

clear ddos-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to clear the configuration from the DDoS detection and mitigation subsystem: 

gss1.example.com# clear ddos-config

gss1.example.com#

clock

To perform the following actions, use the clock command:

Read the hardware calendar into the system clock

Set the current time or time zone for a GSS device

Set daylight saving time to some predefined summer time

Reset the GSS to synchronize log time stamps to a new time zone

Update the hardware calendar from the system clock

Set a user-defined daylight saving time

Specify a user-defined time zone

clock {read-calendar | set hh:mm:ss MONTH DD YYYY | summer-time timezone | timezone timezonename | update-calendar | user-summer-time summer-time name | start time | start day | start week | start month | end time | end day | end week | end month | offset | user-timezone timezone name | hour_offset | minute_offset}

Syntax Description

read-calendar

Reads the hardware calendar into the system clock. You can use this command when the system clock is reset through NTP and you want to revert back to using the hardware clock.

set

Sets the device clock to the date and time provided.

hh:mm:ss

Current time to which the GSS device clock is being reset. Specify one or two digits for the hours, minutes, and seconds.

MONTH DD YYYY

Current date to which the GSS device clock is being reset. Specify the full name of the month, one or two digits for the day, and four digits for the year. The following month names are recognized:

January

February

March

April

May

June

July

August

September

October

November

December

summer-time

Sets daylight saving time to some predefined summer times.

timezone

Name of the predefined time zone. The following time zones are recognized:

ADT (Atlantic Daylight Time)

AKDT (Alaska Standard Daylight Time)

CDT (Central Daylight Time)

EDT (Eastern Daylight Time)

MDT (Mountain Daylight Time)

PDT (Pacific Daylight Time)

timezone

Resets the GSS to synchronize log time stamps to a new time zone.

timezonename

Name of the timezone. Enter ? to list all supported time zones, countries, continents, and cities. The following options are available to set the local time zone for your GSS:

Standard time zone (for example, GMT, EST, UTC)

Country or part of a continent (for example, America, Europe, Egypt)

Specific city (for example, New York, Paris)

update-calendar

Updates the hardware calendar from the system clock. You can use this command when the system clock is reset through NTP and you want to synchronize the system time with the hardware clock.

user-summer-time

Sets a user-defined daylight saving time.

summer-time name

Name of the user-defined summer time.

start time

Start time for the user-defined summer time in hours and minutes. Values from 0-23 are recognized.

start day

Start day for the user-defined summer time.The following days are recognized:

Friday

Saturday

Sunday

Monday

Tuesday

Wednesday

Thursday

start week

Start week for the user-defined summer time. Values from 1-5 are recognized.

start month

Start month for the user-defined summer time. The following month names are recognized:

January

February

March

April

May

June

July

August

September

October

November

December

end time

End time for the user-defined summer time in hours and minutes. Values from 0-23 are recognized.

end day

End day for the user-defined summer time. The following days are recognized:

Friday

Saturday

Sunday

Monday

Tuesday

Wednesday

Thursday

end week

End week for the user-defined summer time. Values from 1-5 are recognized.

end month

End month for the user-defined summer time. The following month names are recognized:

January

February

March

April

May

June

July

August

September

October

November

December

offset

Offset (in minutes) for the user-defined time zone. Values from 0-1440 are recognized.

user-timezone

Specifies a user-defined time zone.

timezone name

Name of the user-defined time zone.

hour_offset

Hour offset for the user-defined time zone. Values from -23 to +24 are recognized.

minute_offset

Minute offset for the user-defined time zone. Values from 0-59 are recognized.


Note The clock update-calendar and read-calendar commands allow you to synchronize the hardware clock and system clock without reloading the GSS.

Command Modes

Privileged EXEC, global configuration, and interface configuration.

Usage Guidelines

If you previously enabled NTP on a GSS using the ntp enable command, the GSS prevents you from using the clock set command and displays an error message. If you want to manually set the clock for the GSS, first disable NTP using the no ntp enable command before setting the clock.

Examples

The following example shows how to set the GSS device time: 

gss1.example.com# clock set 13:01:05 sept 15 2004

gss1.example.com# clock timezone GMT

The following example shows how to set the GSS time zone: 

gss1.example.com# clock timezone europe paris

The following example shows how to set a user-defined time zone on the GSS: 

gss1.example.com# clock user-timezone EST -5 0

Please restart the GSS (reload) to sync log timestamps to new timezone.

The following example shows how to set the user-defined summer time on the GSS: 

gss1.example.com# clock user-summertime EDT 2:00 Sunday 1 April 2:00 Sunday 5 October 60

Timezone set

Please restart the GSS (reload) to sync log timestamps to new timezone.

The following example shows how to update the hardware calendar from the system clock: 

gss1.example.com# clock update-calendar

The following example shows how to read the hardware calendar into the system clock: 

gss1.example.com# clock read-calendar

configure

To enter global configuration mode, use the configure command.

configure

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To exit global configuration mode, use the end or exit commands, or by pressing the Ctrl-Z key sequence.

Examples

The following example shows how to enter global configuration mode: 

gss1.example.com# configure 

gss1.example.com(config)#

Related Commands

end

exit

copy

To copy configuration settings to or from the GSS device, use the copy command.

copy {ddos-config disk filename | disk startup-config filename | gslb-config disk filename | startup-config disk filename | running-config [disk filename | startup-config]}

Syntax Description

ddos-config disk

Copies the Distributed Denial of Service (DDoS) configuration file to a named file on disk.

filename

Name of the output file containing the GSLB-configuration, startup-configuration or running-configuration information.

disk startup-config

Loads the GSS device startup configuration settings from a named file located on the GSS.

gslb-config disk

Copies the global server load-balancing configuration to a named file on the GSS.

startup-config disk

Copies the GSS device startup configuration to a named file on the GSS.

running-config disk

Copies the GSS device current running configuration to a named file on the GSS.

running-config startup-config

Copies the GSS device current running configuration as the new startup configuration.


Command Modes

Privileged EXEC

Usage Guidelines

When supplying an output filename enter the name only. Do not include path information with the filename.

Examples

The following examples show that the copy command is used to load a new startup configuration to the device from a file and to copy the current running configuration to a file: 

gss1.example.com# copy disk startup-config configfile

gss1.example.com# copy running config disk runconfigfile

Related Commands

ftp

scp

ddos peacetime

Different Domain Name System (DNS) zones may exhibit different behavior. A high traffic rate on one D-proxy may be perfectly normal for another. A peacetime learning process is required on the GSS.

To configure peacetime learning in the GSS, use the ddos peacetime command and its related commands.

ddos peacetime [apply {increment | overwrite} | database erase | save filename | show [filename | status] | start | stop]

apply {increment | overwrite}

See the ddos peacetime apply command for a detailed syntax description.

database erase

See the ddos peacetime database erase command for a detailed syntax description.

save filename

See the ddos peacetime save command for a detailed syntax description.

show [filename | status]

See the ddos peacetime show command for a detailed syntax description.

start

See the ddos peacetime show command for a detailed syntax description.

stop

See the ddos peacetime stop command for a detailed syntax description.


ddos peacetime apply

To apply values learned during the peacetime learning process to the rate-limit database, use the ddos peacetime apply command.

ddos peacetime apply {increment | overwrite}

Syntax Description

increment

Specifies that you want to apply the peacetime learned values incrementally to the database.

overwrite

Specifies that you want to restore all the values in the rate-limit database to their defaults and then update them with the values learned during peacetime.


Command Modes

Privileged EXEC

Usage Guidelines

This command updates the rate-limit database with the peacetime learned values.

The peacetime database location is specified in the (config-ddos) peacetime database command. If you do not specify this command, the in-memory database is used instead.

Examples

The following example shows how to apply values learned during the peacetime learning process to the rate-limit database: 

gssm1.example.com# ddos peacetime apply increment

gssm1.example.com#

Related Commands

ddos peacetime database erase

ddos peacetime save

ddos peacetime show

ddos peacetime stop

ddos restore-defaults

ddos peacetime database erase

To erase peacetime learning, use the ddos peacetime database erase command.

ddos peacetime database erase

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to erase peacetime learning: 

gssm1.example.com# ddos peacetime database erase

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime save

ddos peacetime show

ddos peacetime stop

ddos restore-defaults

ddos peacetime save

To save peacetime learning to the memory or to a file on a disk, use the ddos peacetime save command in privileged EXEC mode.

ddos peacetime save filename

Syntax Description

filename

Name of the file on the disk to which you want to save peacetime learning.


Command Modes

Privileged EXEC

Examples

The following example shows how to save peacetime learning: 

gssm1.example.com# ddos peacetime save samplefile

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime database erase

ddos peacetime show

ddos peacetime stop

ddos restore-defaults

ddos peacetime show

To show values learned during the peacetime learning process or show the peacetime learning status, use the ddos peacetime show command.

ddos peacetime show [filename | status]

Syntax Description

filename

(Optional) Filename of the peacetime learning process that you want do display values.

status

(Optional) Specifies that you want to display the current peacetime learning status.


Command Modes

Privileged EXEC

Examples

The following example shows how to display the peacetime status: 

gssm1.example.com# ddos peacetime show status

DDoS Peacetime Learning is running.

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime database erase

ddos peacetime save

ddos peacetime show

ddos peacetime stop

ddos restore-defaults

ddos peacetime start

To start the peacetime learning process, use the ddos peacetime start command.

ddos peacetime start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

This command incrementally updates the values in the peacetime database.

Examples

The following example shows how to start peacetime learning: 

gssm1.example.com# ddos peacetime start

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime database erase

ddos peacetime save

ddos peacetime stop

ddos peacetime show

ddos restore-defaults

ddos peacetime stop

To stop peacetime learning, use the ddos peacetime stop command.

ddos peacetime stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to stop peacetime learning: 

gssm1.example.com# ddos peacetime stop

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime database erase

ddos peacetime save

ddos peacetime show

ddos peacetime start

ddos restore-defaults

ddos restore-defaults

To restore the default rate-limit values in the rate-limit database, use the ddos restore-defaults command.

ddos restore-defaults ipaddress

Syntax Description

ipaddress

D-proxy IP address. Indicates that you want to restore the rate limit of the designated D-proxy to the default rate and the state to Unknown.


Command Modes

Privileged EXEC

Examples

The following example shows how to restore the defaults in the rate-limit database: 

gssm1.example.com# ddos restore-defaults 1.1.1.2

gssm1.example.com#

Related Commands

ddos peacetime apply

ddos peacetime database erase

ddos peacetime save

ddos peacetime show

ddos peacetime stop

ddos peacetime start

del

To delete files from your GSS device, use the del command.

del filename

Syntax Description

filename

Name of the file to be deleted.


Command Modes

Privileged EXEC

Examples

The following example shows how to delete files from your GSS device: 

gss1.example.com> enable

gss1.example.com# del oldtechrept.tgz

gss1.example.com#

Related Commands

copy

dir

lls

ls

dir

To view a long list of files in a directory, use the dir command.

dir [directory]

Syntax Description

directory

(Optional) Name of the directory to list.


Command Modes

User and privileged EXEC

Usage Guidelines

Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is lls.

The current directory is the default directory.

Examples

The following example shows how to view a long list of files in a directory: 

gss1.example.com# dir   

total 771884

drwxrwxrwx    3 root     root         4096 Oct  8 11:09 .

drwxrwxrwx   19 root     root         4096 Oct  8 11:13 ..

drwx------    2 root     root         4096 Jan 23  2006 .ssh

-rw-r--r--    1 root     root     135137321 Jan 24  2006 ACR_new.upg

-rw-r--r--    1 root     root     135178281 Jan 24  2006 ACR_new1.upg

-rw-r--r--    1 root     root     135168041 Jan 24  2006 ACR_new2.upg

-rw-r--r--    1 root     root     129597481 Jan 25  2006 gss-1.2.2.2.0-k9.upg

-rw-r--r--    1 root     root     127088681 Jan 24  2006 gss-1.3.0.3.0-k9.upg

-rw-r--r--    1 root     root     127385641 Oct  8 10:54 gss-1.3.0.4.1-k9.upg

-rw-r--r--    1 root     root         2520 Oct  8 11:09 one

-rw-r--r--    1 root     root         3634 Oct  8 11:06 proximitySchema.xsd

-rw-r--r--    1 root     root         3523 Oct  8 11:07 stickySchema.xsd

gss1.example.com#

Related Commands

lls

ls

pwd

disable

To turn off privileged EXEC mode, use the disable command.

disable

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

The disable command places you in user EXEC mode. To turn privileged EXEC mode back on, use the enable command.

Examples

The following example shows how to turn off privileged EXEC mode: 

gss1.example.com# disable

gss1.example.com>

Related Commands

enable

exit

dnslookup

To resolve a host or domain name to an IP address, use the dnslookup command.

dnslookup {hostname | domainname}

Syntax Description

hostname

Name of the host on the network.

domainname

Domain name.


Command Modes

User and privileged EXEC

Examples

The following examples show how the dnslookup command is used to resolve the hostname example.com to a IPv4 address and IPv6 address to gss.example.com: 

gss1.example.com# dnslookup example.com

IPv4 lookup:

Server:         55.0.0.100

Address:        55.0.0.100#53

Name:   www.example.com

Address: 10.0.0.1

IPv6 lookup:

Server:         55.0.0.100

Address:        55.0.0.100#53

www.example.com has AAAA address 2001:55::11:1

gss1.example.com#

enable

To access privileged EXEC commands, use the enable command.

enable

Syntax Description

This command has no keywords or arguments.

Command Modes

User and privileged EXEC

Usage Guidelines

To access privileged EXEC mode from user EXEC mode, use the enable command. The disable command takes you from privileged EXEC mode to user EXEC mode.

If you are accessing the GSS remotely using Telnet or SSH, the CLI prompts you for the enable password. The default password is default. For more information about the enable password and configuring a new password, see the "enable-passwd" command.

Examples

The following example shows how to access privileged EXEC commands: 

gss1.example.com> enable

gss1.example.com#

Related Commands

disable

enable-passwd

exit

enable-passwd

To change the enable command password, use the enable-passwd command.

enable-passwd

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can control user access to the privileged Exec mode for users that remotely connect to the GSS using Telnet or SSH. When connecting to the GSS remotely, the CLI prompts you for a password when you enter the enable command to access the privileged Exec mode. The default password is default.

You have to be the admin user to configure the enable password.

When you enter the enable-passwd command, the CLI prompts you for an admin password and then to define and confirm the enable password. The password is alphanumeric, can contain spaces and special characters, and can contain a maximum of 32 characters. Leave the password blank to set the password to the default value, which is default.

Note The enable password is not required when you access the GSS using a console or terminal session. If you forget the enable password, use a console or terminal session to configure a new password.

Examples

The following example shows how to configure the enable password: 

localhost.localdomain# enable-passwd

Admin Password: <admin_password>

Set GSS enable Password: <enable_password>

Confirm GSS enable Password: <enable_password>

Related Commands

enable

end

To exit the EXEC or global configuration command shell, use the end command.

end

Syntax Description

This command has no keywords or arguments.

Command Modes

EXEC and global configuration

Usage Guidelines

Use the end command in any configuration mode to return to EXEC mode. This command is equivalent to pressing Ctrl-Z or using the exit command.

The end command entered in the user-level EXEC shell terminates the console or Telnet session.

Examples

The following example shows how to exit the EXEC or global configuration command shell: 

gss1.example.com(config)# end

gss1.example.com# end

gss1.example.com>

Related Commands

exit

exit

To access the EXEC command shell from the global or interface configuration command shells, use the exit command.

exit

Syntax Description

This command has no keywords or arguments.

Command Modes

All command modes

Usage Guidelines

Use the exit command in any configuration mode to return to EXEC mode. This command is equivalent to the end command or pressing Ctrl-Z.

The exit command entered in the user-level EXEC shell terminates the console or Telnet session.

Examples

The following example shows how to access the EXEC command shell from the global or interface configuration command shells: 

gss1.example.com(config)# exit

gss1.example.com# exit

gss1.example.com>

Related Commands

end

ftp

To launch an FTP session on your GSS device, use the ftp command.

ftp ip_or_host

Syntax Description

ip_or_host

IP address or hostname of the FTP server that you want to access. Enter an IPv4 address in dotted-decimal notation (for example, 192.168.11.1) or an IPv6 address in a double colon, no double colon, and a slash followed by a number (/n) notation (for example, 2001:DB8:A:B::1/24) or a mnemonic hostname (for example, myhost.mydomain.com).


Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use the ftp command in EXEC mode to launch the FTP client and transfer a file to and from remote machines.

Examples

The following example shows how to launch an FTP session on your GSS device: 

gss1.example.com# ftp 192.168.0.1

or

gss1.example.com# ftp 2001:DB8:A:B::1

Related Commands

ftp enable

show telnet

telnet

scp

geodb database delete

To remove entries from the geoDBdatabase, use the geodb database delete command.

show geodb database delete {all | ip}

Syntax Description

all

Deletes all entries from the cached geoDB database.

ip

Deletes all entries matching source IP and netmask.


Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Related Commands

show geodb

show geodb database

geodb database load filename

To dump geoDB database entries in a binary or Extensible Markup Language (XML) format, use the geodb database load filename command.

geodb database load filename

Syntax Description

load

The GSS validates the loaded database entries, checks the software version for compatibility, and then adds the database entries in memory. The GSS does not overwrite duplicate entries in the database.


Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Related Commands

show geodb database

show geodb

geodb database delete

geodb database lookup ipaddress

To look up GeoDB database entries, use the geodb database lookup ipaddress command.

geodb database lookup ipaddress ipaddress

Syntax Description

ipaddress

Specifies the IP address to lookup longitude and latitude.


Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Examples 

gssm1.example.com#geodb database lookup ip-address 192.168.1.1

Latitude        Longitude       RegionId        Contry Code : State Name

--------------- --------------- --------------- ------------------------------

-27             133             155             AU:

        (GeoIP Database Entry)

N/A             N/A             N/A             N/A

        (GeoIP Static Entry)

gssm1.example.com#

Related Commands

show geodb database

show geodb

geodb database delete

geodb database dump file format

To load from the cached geoDB database file in GSS memory, use the geodb database dump file format command.

geodb database dump {file name} format {binary| xml} override

Syntax Description

format

Saves the database entries in a binary or XML format. Choose the binary encoding as the format type if you intend to load the contents of the file into the database of another GSS. The valid entries are as follows:

binary—Saves the assigned entries in binary format. This file can be used only with the geoip load command.

xml—Saves the assigned entries inXML format. The contents of an XML file includes the data fields and the data descriptions.

override

(Optional) Overrides the entries in the database with contents of the file.


Command Modes

Privileged EXEC

Examples

The following example shows how to load the cached GeoDB database: 

gssm1.example.com# geodb database dump dumpfile format binary

  Starting geodb Database dump.

  Geodb Database dump completed. The number of dumped entries: 0.

Related Commands

show geodb database

show geodb

geodb database delete

geodb database periodic-backup now

To force an immediate backup of the database residing in GSS memory by using the geodb database periodic-backup now command. The GSS sends the database entries to the system dump file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the GeoDB statistics configured for the GSS at boot time. This command has no arguments or syntax.

geodb database periodic-backup now

Syntax Description

This command has no keywords or arguments.

Command Modes

User Exec, Privileged Exec

Examples

This example shows how to take an immediate backup of the database: 

gssm1.example.com# geodb database periodic-backup now

  Starting geodb Database dump.

  Geodb Database dump completed. The number of dumped entries: 0.

gssm1.example.com#

geodb static-entry

Use the geodb static-entry command in the global server load-balancing configuration mode to add static entries to the GeoDB database. This command also enables a graceful migration between GeoIP updates. To remove a static entry, use the no form of the command.

geodb static-entry start-ip ip_address end-ip ip_address latitude number longitude number

no geodb static-entry start-ip ip_address end-ip ip_address latitude number longitude number

Syntax Description

start-ip ip_address

Specifies the start of the IP address range.

latitude number

Specifies the latitude of the location where the IP address range is located.

longitude number

Specifies the longitude of the location where the IP address range is located.

end-ip ip_address

Specifies the end of the IP address range.


Command Modes

Privileged EXEC

Examples

The following example shows how to add and remove geodb static entry: 

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# geodb static-entry start-ip 192.168.1.1 end-ip 
10.78.18.194 latitude -180.0 longitude 0.0

gssm1.example.com(config-gslb)#

To remove a static entry, use the no form of the command. 

For example, to remove a static entry, enter:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# no geodb static-entry start-ip 192.168.1.4 end-ip 
192.168.1.10 latitude -180.0 longitude 0.0

gssm1.example.com(config-gslb)#

Examples

show geodb database

show geodb

geodb database delete

gss

To manage your GSS devices, use the gss command.

gss {disable | enable {gssm-primary | gssm-standby {primary_GSSM_hostname | primary_GSSM_IP_address} | gss {primary_GSSM_hostname | primary_GSSM_IP_address} | restart | start | status [verbose] | stop}

Syntax Description

disable

Disables the selected device (GSSM or GSS) and removes any existing configuration, including deleting the Global Site Selector Manager (GSSM) database from the GSS device and removing certificate attributes specified using the certificate set-attributes command. This keyword returns the GSS device to the initial, disabled state. Disabling a GSS device is only necessary when you want to switch the role of a GSS within a network (for example, change a GSS to a GSSM or if you need to move a GSS or GSSM to a different network of GSS devices.

enable

Enables the selected device to act as the type of device that you specify: either a GSSM or GSS. This keyword creates the embedded database on the primary GSSM that stores and manages the configuration information for the GSS network. It also performs all of the other initialization processes to enable the device in a network of GSS devices. Enabling a GSS device is a one-time initialization step that is required only when you first set up the device within a network of GSS devices.

gssm-primary

Configures the selected device to act as the primary GSSM for your GSS network, responsible for maintaining status information about GSS devices and load-balancing information that is distributed to devices on the network.

gssm-standby

Configures the selected device to act as a standby GSSM which will take over GSS network management should the primary GSSM go offline.

primary_GSSM_hostname

Domain Name System (DNS) hostname of the device currently serving as the primary GSSM.

primary_GSSM_IP_address

Network address of the device currently serving as the primary GSSM.

gss

Indicates that the selected device should function as a GSS on the GSS network.

restart

Stops and restarts the GSS software on the selected device.

start

Starts the GSS software on the selected device following the initial configuration or a software upgrade.

status

Displays detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the show system-status command.

Note The status of the License Manager (LM) and the Distributed Denial of Service (DDoS) prevention module do not appear in the output of the gss status command. Instead, you enter the show ddos status command to obtain DDoS information and the show processes | grep license_manager command to obtain the LM status.

verbose

(Optional) Displays the same detailed information about the current operating state of the GSS device as with the gss status command, including the CPU utilization.

Note Calculating the CPU utilization can take additional time when using the gss status verbose command. On a busy system, the gss status verbose command can take approximately 10 seconds to complete. If you do not require calculation of the CPU Utilization operating parameter, then we recommend that you use the gss status command.

stop

Stops the GSS software before a software upgrade, maintenance, or troubleshooting activities.


Command Modes

Privileged EXEC

Usage Guidelines

The gss command provides a variety of options for managing your GSSs and GSSMs, including:

Designating individual devices to act as a GSS, primary GSSM, or standby GSSM using the gss, gssm-primary, or gssm-standby keywords of the gss command.

Controlling the GSS servers on the device so that you can perform the required maintenance and software upgrades using the start, stop, and restart commands.

Examples

The following example shows how to manage your GSS devices: 

gssm1.example.com# gss status

gssm1.example.com# gss status

Cisco GSS - 4.1(0) GSSM - primary [Mon Sep 12 15:48:39 UTC 2011]

Normal Operation [runmode = 5]

 START  SERVER

 04:56  Boomerang

 04:56  Config Agent (crdirector)

 04:56  Config Server (crm)

 04:56  DNS Server

 04:56  Database

 04:56  GUI Server (tomcat)

 04:56  Keepalive Engine

 04:56  Node Manager

 04:56  Proximity

 04:56  Sticky

 04:56  Web Server (apache)

 04:56  drp

gssm1.example.com#

When the DNS server is ready to serve DNS requests, it generates the following subsystem log message and saves it in the system.log file: 

Mar 25 10:45:26 gssm1.example.com DNS-5-SELREADYINFO[2073] Selector ready to start serving 
DNS requests

Related Commands

gss tech-report

gssm

show sticky

show sticky global

gss tech-report

To generate a detailed report for use by Cisco Technical Assistance Center (TAC) representatives in troubleshooting persistent GSS problems, use the gss tech-report command.

gss tech-report filename

Syntax Description

filename

User-assigned name for the report generated by the gss tech-report command.


Command Modes

Privileged EXEC

Usage Guidelines

The file generated is a tar- format archive file with a .tgz extension.

Examples

The following example shows how to generate a detailed report for use by TAC representatives in troubleshooting persistent GSS problems: 

gss1.example.com# gss stop

gss1.example.com# gss tech-report gss_techrpt1

Creating report for Cisco TAC. This may take a few minutes...

Created debug package: /home/techrpt1.tgz

Use scp/ftp to retrieve.

gssm

To manage your primary and standby Global Site Selector Manager (GSSM) and your GSS database, use the gssm command.

gssm backup full filename | database {invalidate | maintain | purge-log-records {count number_records | days number_days} | report | status | validate}| primary-to-standby | restore filename | standby-to-primary

Syntax Description

backup

Performs a backup of GSSM data on the GSS device.

full

Performs a backup of both the database component of the GSSM and its network and device configuration information. The primary GSSM backup does not include user files that reside in the /home directory.

filename

Name of the database backup file. This file can be the target file for a database backup action or the source file for a database restore action.

database

Creates, configures, or removes the embedded database on the GSSM.

invalidate

Invalidates GSSM database records.

maintain

Cleans up the GSSM database by defragmenting and optimizing the space allocation.

purge-log-records

Purges system log messages from the GSSM database for a specified number or period of time. This keyword removes the system log messages that appear on the primary GSSM GUI, the System Log list page of the Tools navigation tab.

count

Purges a quantity of database records up to the last n records.

number_records

Number of database system log records, starting back from the last record, that will be retained when the database is purged.

days

Purges records that cover a set time period up to n days before today.

number_days

Number of days back, starting from today, for which database system log records will be retained when the database is purged.

report

Generates and displays a report that identifies invalidated database records in the GSSM database.

status

Reports the current running status of the GSSM database.

validate

Validates GSSM database records.

primary-to-standby

Changes the role of the GSSM from the primary to the standby GSSM.

restore

Restores the GSSM from a full backup file.

filename

Name of the GSSM backup image that will be used to restore the device.

standby-to-primary

Changes the role of the GSSM from standby to GSSM.


Command Modes

Privileged EXEC

Usage Guidelines

Use the gssm database command and keyword to manage the embedded GSS database. The various command options allow you to monitor the status of your database and perform standard maintenance tasks such as backing up and restoring the database, validating the database content, and purging records.

Use the gssm restore command and keyword to restore an earlier version of the GSSM from a full backup image.

Use the gssm standby-to-primary and primary-to-standby command and keywords to switch the role of the selected GSSM in your GSS network. You must make sure that your original primary GSSM is offline before attempting to enable the standby GSSM as the new primary GSSM. Having two primary GSSMs active at the same time may result in the inadvertent loss of configuration changes for your GSS network. If this dual primary GSSM configuration occurs, the two primary GSSMs revert to standby mode and you will need to reconfigure one of the GSSMs as the primary GSSM.

The standby GSSM can temporarily take over the role as the primary GSSM if the the primary GSSM is unavailable (for example, you need to move the primary GSSM or you want to take it offline for repair or maintenance). The switching of roles between the designated primary GSSM and the standby GSSM is intended to be a temporary GSS network configuration until the original primary GSSM is back online. The interim primary GSSM can be used to monitor GSS behavior and make configuration changes if necessary. Once the original primary GSSM is available, reassign the two GSSMs to their original roles in the GSS network as described in the Cisco Global Site Selector Administration Guide.

Examples

The following examples show that the gssm database command is used to check the running status of the GSSM embedded database, back up the database to a file, purge all database records except for the last 50, and delete the database: 

gss1.example.com# gssm database report 

GSSM database validation report written to validation.log

gss1.example.com# gssm database status

GSSM database is running.

gss1.example.com# gssm database validate

GSSM database passed validation.

gss1.example.com# gssm primary-to-standby

Standby GSSM enabled.

gss1.example.com# gssm standby-to-primary

Standby GSSM disabled.

Related Commands

gss

gss tech-report

gssm

help

To obtain online help for the GSS CLI, use the help command.

help

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, and global configuration

Usage Guidelines

You can get help at any point when specifying a CLI command by entering a question mark (?). If nothing matches, the help list will be empty, and you must back up until entering a ? shows the available options.

Two methods of help are provided at the CLI:

Full help is available when you are ready to enter a command argument (for example, show ?) and describes each possible argument.

Partial help is provided when you enter an abbreviated command and you want to know what arguments match the input (for example, show clock ?).

Examples

The following example shows how to obtain online help for the GSS CLI: 

gss1.example.com# help

gss1.example.com# help copy ?

install

To install a new version of the GSS software on your GSS device, use the install command.

install filename

Syntax Description

filename

Name of the software update file.


Command Modes

Privileged EXEC

Usage Guidelines

Use this command to install a new image of the GSS software on the Cisco GSS hardware. The upgrade file must be present on the Cisco GSS before you execute this command.

The install command cannot be executed while the Cisco GSS is running (for example, serving Domain Name System [DNS] requests). You must enter the gss stop command before executing the install command.

Examples

The following example shows how to install an updated version of the GSS software: 

gss1.example.com# install /gss.upg

Related Commands

show version

license

To install or uninstall a license file on your GSS device, use the license command.

license install filename | uninstall filename

Syntax Description

install

Installs a license file on the GSS.

uninstall

Uninstalls a license file on the GSS.

filename

Name of the license file.

Note A valid license file always includes the .lic extension. Otherwise, it is considered invalid and is not installed.


Command Modes

Privileged EXEC

Usage Guidelines

For information about obtaining and installing a license file, see the Cisco Global Site Selector Administration Guide.

Examples

The following example shows how to install the Distributed Denial of Service (DDoS) license on the GSS: 

gssm1.example.com# license install ddos.lic

Related Commands

show license

lls

To view a long list of files in a directory, use the lls command.

lls [directory]

Syntax Description

directory

(Optional) Name of the directory to list.


Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is dir.

The current directory is the default directory.

Examples

The following example shows how to view a long list of files in a directory: 

gss1.example.com# lls

total 771884

drwxrwxrwx    3 root     root         4096 Oct  8 11:09 .

drwxrwxrwx   19 root     root         4096 Oct  8 11:13 ..

drwx------    2 root     root         4096 Jan 23  2006 .ssh

-rw-r--r--    1 root     root     135137321 Jan 24  2006 ACR_new.upg

-rw-r--r--    1 root     root     135178281 Jan 24  2006 ACR_new1.upg

-rw-r--r--    1 root     root     135168041 Jan 24  2006 ACR_new2.upg

-rw-r--r--    1 root     root     129597481 Jan 25  2006 gss-1.2.2.2.0-k9.upg

-rw-r--r--    1 root     root     127088681 Jan 24  2006 gss-1.3.0.3.0-k9.upg

-rw-r--r--    1 root     root     127385641 Oct  8 10:54 gss-1.3.0.4.1-k9.upg

-rw-r--r--    1 root     root         2520 Oct  8 11:09 one

-rw-r--r--    1 root     root         3634 Oct  8 11:06 proximitySchema.xsd

-rw-r--r--    1 root     root         3523 Oct  8 11:07 stickySchema.xsd

gss1.example.com#

Related Commands

dir

ls

lsof

pwd

ls

To view a list of files or subdirectory names within a directory, use the ls command.

ls [directory]

Syntax Description

directory

(Optional) Name of the directory for which you want a list of files.


Command Modes

User EXEC and privileged EXEC

Usage Guidelines

To list the filenames and subdirectories within a particular directory, use the ls directory command; to list the filenames and subdirectories of the current working directory, use the ls command. To view the present working directory, use the pwd command.

The current directory is the default directory.

Examples

The following example shows how to view a list of files or subdirectory names within a directory: 

gss1.example.com# ls

gss-1.0.2.0.2-k9.upg id_rsa.pub megara.back.1_0.full rpms

gss-1.0.904.0.1-k9.upg gss_sample.full megara.back.1_1.full

Related Commands

dir

lls

lsof

pwd

lsof

To view a list of all open files on your GSS device, use the lsof command.

lsof

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To list the names, file properties, and locations of all files that are currently open on your GSS device, use the lsof command.

Examples

The following example shows how to view a list of all open files on your GSS device: 

gss1.example.com# lsof

COMMAND     PID     USER   FD   TYPE     DEVICE     SIZE      NODE NAME

init          1     root  cwd    DIR        8,7     4096         2 /

init          1     root  rtd    DIR        8,7     4096         2 /

init          1     root  txt    REG        8,7    25968       492 /sbin/init

init          1     root  mem    REG        8,7   341331        29 /lib/ld-2.1.3.so

init          1     root  mem    REG        8,7  4105868        36 /lib/libc-2.1.3.so

init          1     root    0u  unix 0xf7f86f40               5851 socket

init          1     root   10u  FIFO        8,8               4098 /rw/dev/initctl

kflushd       2     root  cwd    DIR        8,7     4096         2 /

kflushd       2     root  rtd    DIR        8,7     4096         2 /

kflushd       2     root    0u  unix 0xf7f86f40               5851 socket

kflushd       2     root   10u  FIFO        8,8               4098 /rw/dev/initctl

kupdate       3     root  cwd    DIR        8,7     4096         2 /

kupdate       3     root  rtd    DIR        8,7     4096         2 /

kupdate       3     root    0u  unix 0xf7f86f40               5851 socket

kupdate       3     root   10u  FIFO        8,8               4098 /rw/dev/initctl

kswapd        4     root  cwd    DIR        8,7     4096         2 /

kswapd        4     root  rtd    DIR        8,7     4096         2 /

kswapd        4     root    0u  unix 0xf7f86f40               5851 socket

kswapd        4     root   10u  FIFO        8,8               4098 /rw/dev/initctl

keventd       5     root  cwd    DIR        8,7     4096         2 /

keventd       5     root  rtd    DIR        8,7     4096         2 /

keventd       5     root    0u  unix 0xf7f86f40               5851 socket

keventd       5     root   10u  FIFO        8,8               4098 /rw/dev/initctl

...

Related Commands

dir

ls

lls

pwd

no

To negate a CLI command or set it to its default settings, use the no command. Some GSS CLI commands do not have a no form.

no command

Syntax Description

copy

Disables the copying of GSS configuration information or technical support information.

ftp

Disables the File Transfer Protocol (FTP) on a GSS device.

snmp

Disables Simple Network Management Protocol (SNMP) on a GSS device.

telnet

Disables Telnet operations on the GSS device.


Command Modes

Interface configuration, global, and global server load-balancing configuration

Usage Guidelines

Use the no command to disable functions or negate a command. If you need to negate a specific command, such as the default gateway IP address, you must include the specific string in your command, such as no ip default-gateway ip-address.

Examples

The following example shows how to negate a CLI command or set it to its default settings: 

gss1.example.com(config)# no ip name-server 10.11.12.14

gss1.example.com(config)# no ntp-server 172.16.22.44

ping

To send ICMP echo packets for diagnosing basic network connectivity on networks, use the ping command.

ping {hostname | ip-address}

Syntax Description

hostname

Hostname of the system to send an ICMP echo packet.

ip-address

IP address of the system to send an ICMP echo packet. Enter either an IPv4 and IPv6 address.


Command Modes

User and privileged EXEC.

Usage Guidelines

To use this command with the hostname argument, make sure that the Domain Name System (DNS) functionality is configured on your GSS. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press the Ctrl-C key sequence.

Examples

The following example shows how to send ICMP echo packets for diagnosing basic network connectivity on networks: 

gss1.example.com# ping gss.example.com

PING 172.16.0.0 (172.16.0.0) from 10.1.13.5 : 56(84) bytes of data.

64 bytes from gss.example.com (172.16.0.0): icmp_seq=0 ttl=35 time=57.3 ms

64 bytes from gss.example.com (172.16.0.0): icmp_seq=1 ttl=35 time=55.8 ms

64 bytes from gss.example.com (172.16.0.0): icmp_seq=2 ttl=35 time=55.5 ms

64 bytes from gss.example.com (172.16.0.0): icmp_seq=3 ttl=35 time=57.6 ms

64 bytes from gss.example.com (172.16.0.0): icmp_seq=4 ttl=35 time=55.3 ms

gss1.example.com# ping www.example.com

PING www.example.com(2001:51::1:2:61:10) 56 data bytes

64 bytes from 2001:DB8::1:2:61:10: icmp_seq=0 ttl=64 time=0.156 ms

64 bytes from 2001:DB8:::1:2:61:10: icmp_seq=1 ttl=64 time=0.150 ms

64 bytes from 2001:DB8:::1:2:61:10: icmp_seq=2 ttl=64 time=0.149 ms

64 bytes from 2001:DB8:::1:2:61:10: icmp_seq=3 ttl=64 time=0.152 ms

64 bytes from 2001 1:DB8:::1:2:61:10: icmp_seq=4 ttl=64 time=0.156 ms

proximity database delete

To remove entries from the proximity database (PDB), use the proximity database delete command.

proximity database delete {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}

Caution Use the proximity database delete all command in special instances when you want to remove all entries from the PDB in order to have an empty database. Ensure that you want to permanently delete entries from the PDB before you enter this command. You cannot retrieve PDB entries once they are deleted.

Syntax Description

all

Removes all proximity database entries from the GSS memory.

assigned

Removes all static entries from the PBD.

group name

Removes all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group.

inactive minutes

Removes all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes.

ip ip_address netmask netmask

Removes all proximity entries related to a D-proxy IP address and subnet mask. For an IPv4 address, specify the IP address and subnet mask of the requesting clients D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0). For an IPv6 address, specify the IPaddress in a colon, no colon notation and prefix-length.(for example, 2001:DB1::1:128)

no-rtt

Removes all entries from the PDB that do not have valid RTT values.

probed

Removes all dynamic entries from the PDB.


Command Modes

Privileged EXEC

Usage Guidelines

You can remove all PDB entries from the GSS memory by using the proximity database delete all CLI command. This command, however, does not delete PDB entries saved as part of an automatic dump to a backup file on a disk, which the GSS loads upon a reboot or restart to initialize the PDB. To ensure that you successfully remove all PDB entries from both the GSS memory and disk, enter the proximity database delete all command followed by the proximity database periodic-backup now command to force an immediate backup of the empty PDB residing in the GSS memory.

The prompt "Are you sure?" appears to confirm the deletion of all PDB entries. Specify y to delete all entries or n to cancel the deletion operation.

Examples

The following example shows how to remove entries from the proximity database: 

gss1.example.com# proximity database delete ip 192.168.8.0 255.255.255.0

Related Commands

proximity database delete

proximity database dump

proximity database load

proximity database periodic-backup

(config-gslb) proximity group

proximity database dump

To dump all or selected entries from the proximity database to a named file as a user-initiated backup file, use the proximity database dump command.

proximity database dump {filename} format {binary | xml} [entry-type {all | assigned | probed}] [entry-address {ip-address} netmask {netmask}]

Syntax Description

filename

Name of the output file that contains the proximity database entries on the GSS disk. This file resides in the /home directory. The GSS displays a prompt for overwrite confirmation if the filename already exists in the current working directory.

format

Dumps the proximity database entries in a binary or Extensible Markup Language (XML) format. Choose binary-encoding as the format type if you intend to load the contents of the file into the proximity database of another GSS. The allowable entries are as follows:

binary—Dumps the assigned proximity entries in a true binary format. This file can only be used with the proximity database load command.

xml—Dumps the assigned proximity entries in an XML format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command.

Note Dumping PDB entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes to complete depending on the size of the PDB and the GSS platform in use. We recommend that you do not perform a PDB dump in an XML format during the routine operation of the GSS to avoid a degradation in performance.

entry-type

(Optional) Specifies the type of entries to output from the proximity database. The allowable entries are as follows:

all—Dumps static and dynamic entries from the proximity database. (default)

assigned—Dumps statically assigned proximity entries.

probed—Dumps dynamically probed proximity entries.

entry-address ip-address

(Optional) Specifies the IP address of the proximity database entry. For an IPv4 address, specify the IP address and subnet mask of the requesting clients D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0). For an IPv6 address, specify the IPaddress in a colon, no colon notation and prefix-length.(for example, 2001:DB1::1:28).

netmask netmask

Specifies the subnet mask of the proximity database entry in dotted decimal notation (for example, 255.255.255.0).


Command Modes

Privileged EXEC

Usage Guidelines

The GSS automatically dumps proximity database entries to a backup file on a disk approximately every hour. The GSS uses this backup file to initialize the proximity database upon system restart or reboot to enable the GSS to recover the contents of the database.

You can use the proximity database dump command to dump all or selected entries from the proximity database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.

To view the entire contents of the XML proximity database output file from the GSS, use the type command.

Examples

The following example shows how to dump the dynamic proximity database entries to a file named PDB6_30_04 in binary format: 

gss1.example.com# proximity database dump file PDB6_30_04 format binary entry-type probed 
entry-address 172.23.5.7 netmask 255.255.255.255

Related Commands

proximity database delete

proximity database delete

proximity database load

proximity database periodic-backup

(config-gslb) proximity group

show statistics

proximity database load

To load and merge proximity database entries from a file into the existing proximity database in GSS memory, use the proximity database load command.

proximity database load filename format binary [override]

Syntax Description

filename

Name of the proximity database file to load and merge with the existing proximity database on the GSS device. The file must be in a binary format to be loaded into the GSS memory (see the proximity database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the proximity database file to the GSS from a remote GSS.

format binary

Loads the assigned proximity file in a true binary format. The file must be in a binary format to be loaded into the GSS memory.

override

(Optional) Specifies if the proximity database entries in the file are to override the same entries located in the current GSS proximity database. When you choose the override keyword, static database entries always take priority over dynamic database entries in the database. For the same database entries that exist in both the file and in GSS database memory, the GSS does the following:

Overwrites dynamic entries with any overlapping static entries.

Overwrites static entries with any overlapping static entries, but does not overwrite those entries with any overlapping dynamic entries.

If you do not specify the override keyword, the GSS loads all the most recent entries into the memory, which will replace the older entries of the same type (dynamic or static) in the proximity database. For example, the most recent dynamic entries replace the older dynamic entries in the proximity database.


Command Modes

Privileged EXEC

Usage Guidelines

The proximity database load function supports the migration of proximity database entries from one GSS device into the proximity database of another GSS device. The GSS validates the loaded database entries, checks the software version for compatibility, and then replaces the proximity database in the memory. The file must be in a binary format to be loaded into the GSS memory.

Proximity RTT metrics loaded from the file replace overlapping entries that exist in the database and supplement the nonoverlapping database entries.

Examples

The following example shows how to load and merge the entries from the GSS3PDB file without overriding the existing entries in the GSS proximity database: 

gss1.example.com# proximity database load GSS3PDB

Related Commands

proximity database delete

proximity database dump

proximity database periodic-backup

(config-gslb) proximity group

show statistics

proximity database periodic-backup

To force an immediate backup of the proximity database residing in the GSS memory, use the proximity database periodic-backup command.

proximity database periodic-backup now

Syntax Description

now

Instructs the GSS device to immediately initiate the periodic proximity database backup.


Command Modes

Privileged EXEC

Usage Guidelines

You may manually initiate a proximity database dump as a database recovery method to ensure that you store the latest proximity database entries before you shut down the GSS.

The GSS sends the proximity database entries to the system dump file as the proximity database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the proximity database at boot time.

Examples

The following example shows how to force an immediate backup of the proximity database residing in the GSS memory: 

gss1.example.com# proximity database periodic backup now

Related Commands

proximity database delete

proximity database dump

proximity database load

(config-gslb) proximity group

proximity group-summary dump

To dump the proximity group configuration summary to a specified text file, use the proximity group-summary dump command.

proximity group-summary dump filename

Syntax Description

filename

Name of the text file in which you want the GSS to dump the proximity group configuration summary.


Command Modes

Privileged EXEC

Usage Guidelines

You can view the text file containing the proximity group configuration summary using the type filename command.

Examples

The following example shows how to dump the group configuration summary to a sample file and the display this file using the type command: 

gss1.example.com# proximity group-summary dump prox-dump-file.txt

gss1.example.com# type prox-dump-file.txt 
Proximity Groups: 
Group1: 
Name: proxa5 
Address Block : 
11.1.1.36/30 
11.1.1.40/30 
Group2: 
Name: proxa6 
Address Block : 
11.1.1.44/30 
11.1.1.48/30

Related Commands

show proximity group-summary

(config-gslb) proximity group

proximity play-config

To play the static proximity configuration, use the proximity play-config command. This command is useful if the size of static proximity group configuration is quite large since it is more efficient than the script play-config command.

proximity play-config filename

Syntax Description

filename

Name of the file containing the static proximity configuration.


Command Modes

Privileged EXEC

Usage Guidelines

For information about using the proximity play-config command, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Examples

This example shows how to play a static proximity configuration: 

gssm1.example.com# proximity play-config prox.txt

Tue Mar 6 13:10:43 2007 waiting for postmaster to start....done 
Tue Mar 6 13:10:43 2007 postmaster successfully started 
proximity group proxa1 ip 11.1.1.4 netmask 255.255.255.252 
proximity group proxa1 ip 11.1.1.8 netmask 255.255.255.252 
. 

. 

. 
proximity group proxa50 ip 11.1.2.140 netmask 255.255.255.252 
proximity group proxa50 ip 11.1.2.144 netmask 255.255.255.252 

########################################### 
Please use the following Key required while, playing "proximity play-config" on SGSSM. 
Key: 89l25l5fa7339c1b60a20b60142493328b997b 
###########################################

Related Commands

(config-gslb) script play-config

(config-gslb) proximity group

proximity probe

To update the PDB with the results of the D-proxy probing.

proximity probe ipaddress zone

proximity probe

Initiates the probe for the D-proxy ipaddress

ipaddress

Specifies the IP address of the proximity database entry. Both IPv4 and IPv6 addresses are supported.

zone

The nearest location based on RTT. You can specify the zone index which ranges from 1 - 32 or probe all zones for information about IP or D-proxy.


Command Modes

Privileged EXEC

Examples 

gssm1.example.com# proximity probe ?

  WORD  IPv4/IPv6 address of DProxy to obtain information about.

gssm1.example.com## proximity probe 10.0.0.1 

   zone 

  <1-32>  Zone index: 1 - 32

  all     Probe all zones for information about IP or DProxy.

gssm1.example.com## proximity probe 10.0.0.1 

zone all

proximity start

To locally reenable proximity on a GSS device after locally disabling the function, use the proximity start command.

proximity start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to locally reenable proximity on a GSS device after locally disabling the function: 

gss1.example.com# proximity start

Related Commands

proximity stop

proximity statistics group-summary dump

To dump the proximity group summary statistics to a specified text file, use the proximity statistics group-summary dump command.

proximity statistics group-summary dump filename

Syntax Description

filename

Name of the text file in which you want the GSS to dump the group summary statistics.


Command Modes

Privileged EXEC

Usage Guidelines

You can view the text file containing the proximity group summary statistics using the type filename command.

Examples

The following example shows how to dump the group summary statistics to a sample text file and the display this file using the type command: 

gss1.example.com# proximity statistics group-summary dump sampletxtfile

gss1.example.com# type sampletxtfile

Proximity Group Statistics Summary: 

Group name Target IP 						Total Entries 				Total Hits  
---------			--------- 			------------- 				---------------  
proxa1			n/a 			2 				0  
proxa10 			n/a 			2 				0  
proxa11 			n/a 			2 				0  
proxa12 			n/a 			2 				0  
proxa13 			n/a 			2 				0  
proxa14 			n/a 			2 				0  
Proximity Group Statistics Summary:

Related Commands

show statistics proximity

(config-gslb) proximity group

proximity stop

To locally disable proximity on a GSS device for troubleshooting, use the proximity stop command.

proximity stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can disable proximity for a single GSS when you need to override the GUI-enabled proximity option. You may need to locally disable proximity on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file.

When you enter the proximity stop command, the GSS immediately stops the following operations:

Proximity lookups in the proximity database

Direct probing between the GSS and DRP agents

Refresh probing to obtain the most up-to-date RTT values

Periodic proximity database dumps

The proximity database entry age-out process

Use the proximity start command to locally reenable network proximity on the GSS device.

Examples

The following example shows how to locally disable proximity on a GSS device for troubleshooting: 

gss1.example.com# proximity stop

Related Commands

proximity start

pwd

To view the present working directory, use the pwd command.

pwd

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to display the present working directory of the GSS.

Examples

The following example shows how to view the present working directory: 

gss1.example.com# pwd

/admin

Related Commands

cd

dir

lls

ls

refresh-gssmesh-statistics

To force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics, use the refresh-gssmesh-statistics command from the primary GSSM.

refresh-gssmesh-statistics

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

By default, the GSS devices send the primary GSSM statistical information every five minutes. Before using the show statistics gss-mesh all dns {answer | rule} command, you can force the GSS devices in the mesh to send the primary GSSM their latest statistics by using the refresh-gssmesh-statistics command from the primary GSSM. This ensures that the primary GSSM displays the latest GSS mesh statistics.

The CLI is unavailable for use for five seconds after using refresh-gssmesh-statistics command to give the primary GSSM enough time to receive and process the information. If network traffic is busy, the primary GSSM may not receive the information within the five seconds. If you use the show statistics gss-mesh all dns {answer | rule} command before the primary GSSM receives the new information, the command output may not contain the latest statistical information.

Note Using the refresh-gssmesh-statistics command increases network traffic between the GSS devices in the mesh. For this reason, we recommend that you use this command only when an update is required.

Examples

The following example shows how to force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics: 

gss1.example.com# refresh-gssmesh-statistics

/admin

Related Commands

show statistics gss-mesh all dns

reload

To halt and perform a cold restart on your GSS device, use the reload command.

reload

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To reboot the GSS device, use the reload command. Any open connections with the GSS are dropped after you enter the reload command.

If you did not save a startup-configuration to Flash memory, the GSS prompts you to enter configuration parameters upon restart.

Examples

The following example shows how to halt and perform a cold restart on your GSS device: 

gss1.example.com# reload

Related Commands

write

rename

To rename a current GSS file, use the rename command.

rename source_filename new_filename

Syntax Description

source_filename

Alphanumeric name of the file that you want to rename.

new_filename

Alphanumeric name that you want to assign to the file.


Command Modes

Privileged EXEC

Usage Guidelines

Quotes are not required around filenames. The following special characters are not allowed in the renamed filenames: ` (apostrophe), ; (semicolon), * (asterisk), and a space.

Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.

Examples

The following example shows how to rename a current GSS file: 

gss1.example.com# rename startup-config new_startup-config

Related Commands

dir

lls

ls

reset-gui-admin-password

To restore the default administration password that is used to log in to the primary Global Site Selector Manager (GSSM) GUI, or to change the administration password, use the reset-gui-admin-password command.

reset-gui-admin-password [password text]

Syntax Description

password text

(Optional) Changes the administration password used to log in to the primary GSSM GUI. Enter an unquoted text string with no spaces and a length of 6-16 characters.


Command Modes

Privileged EXEC

Usage Guidelines

The administrative username and password used to access the primary GSSM GUI are stored in a safe partition of the hard disk to prevent data loss due to power failures. If you change the administrative password, and then either lose or forget the password, you can reset the password back to "default" by entering the reset-gui-admin-password command.

You can also change the administrative password using the reset-gui-admin-password command.

This command is available only from the primary GSSM and standby GSSM CLI.

The default administration password is "default."

Examples

The following example shows how to change the administration password: 

gss1.example.com# reset-gui-admin-password password mynewpassword

restore-factory-defaults

To reset your GSS device to its initial state, restoring all factory default settings, use the restore-factory-defaults command.

restore-factory-defaults

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

If your GSS device is improperly configured or is malfunctioning, you can use the restore-factory-defaults command to restore the device to its initial state, allowing you to properly configure it for use on your network.

The restore-factory-defaults command erases your Global Site Selector Manager (GSSM) database and all of its data and resets all network settings, returning your GSS hardware to the same state it was in when it first arrived from the factory. Before you enter the restore-factory-defaults command, ensure that you back up any vital data in the database component of the primary GSSM with its network and device configuration information. Use the gssm backup command to perform a primary GSSM backup. See the Cisco Global Site Selector Administration Guide for details on performing GSS backup.

Note User files will also be deleted when you enter the restore-factory-defaults command. If you have any important files in the /home directory that you want to save, use either the scp or ftp commands to copy those files before you enter the restore-factory-defaults command.

You cannot enter the restore-factory-defaults command while the GSS is running (for example, serving DNS requests). You must first enter the gss stop command.

Examples

The following example shows how to reset the GSS device to its initial state: 

gss1.example.com# restore-factory-defaults

Related Commands

gss

gssm

rotate-logs

To force the GSS device to restart its log files and save archive copies of all existing log files, use the rotate-logs command.

rotate-logs [delete-rotated-logs]

Syntax Description

delete-rotated-logs

(Optional) Deletes all rotated log files from the / directory and its subdirectories on the GSS disk. The GSS does not delete active log files.


Command Modes

Privileged EXEC

Usage Guidelines

This command forces the GSS device to save archive copies of all existing log files in the / directory and its subdirectories and replaces them with fresh log files. Existing log files are archived locally using the following naming convention:

logfile_name.log.number

where

logfile_name.log is the name of the archived log file (for example, gss.log or kale.log)

number is an incremented number representing the number of times that the logs have been rotated (for example, .3). The number of the most recent rotated log file is .1. The maximum number of log files is 25 for the gss.log file.

The delete-rotated-logs keyword clears all rotated log files in the / directory and its subdirectories except for the active log files.

Examples

The following example shows how to force the GSS device to restart its log files and save archive copies of all existing files: 

gss1.example.com# rotate-logs

Related Commands

logging

scp

To securely copy files from a GSS device where you are logged in, use the scp command.

scp {source_path [source_filename] user@target_host:target_path}

To securely copy files from another device to a GSS device where you are logged in, use the scp command.

scp {user@source_host:/source_path[source_filename] target_path}

Syntax Description

source_path

Relative directory path and filename on the source device of the file that is being transferred.

source_filename

(Optional) Name of the file to be copied.

user@target_host

Login account name and hostname for the device to which you are copying files.

target_path

Relative directory path on the target device to which the file is being copied.

user@source_host

Login account name and hostname for the device from which you are copying files.


Command Modes

User EXEC and privileged EXEC.

Usage Guidelines

The GSS supports one-way communication only in SCP. You can copy GSS files from the GSS where you are logged in to an external device. You can also copy files from an external device to the GSS. However, from an external device, you cannot execute the scp command and get files from the GSS. You can only use scp from the GSS.

After logging in to the CLI for the device that you intend to copy files to or from, enter the scp command following the syntax description provided above. You may be prompted to log in to the remote device before you are allowed to navigate to the target directory.

You can use either an IPv4 or an IPv6 address for the hostname.

Examples

The following example shows how to securely copy files from a GSS device to which you are logged on: 

gss1.example.com# scp /tmp/system.log myusername@192.168.2.3:/home

gss1.example.com# scp myusername@192.168.0.0:/home/mygssmfile.log /home

Related Commands

ftp

setup

To initiate a special setup script that guides you through the basic process of configuring the GSS, use the setup command.

setup

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC and global configuration

Usage Guidelines

The setup command configures basic configuration information from the CLI. Use this command when the GSS boots without a startup-configuration file (for example, when the GSS is new and the system was not configured upon initial startup). When you enter the setup command, the GSS software displays a series of prompts. You must go though all of the prompts and make changes only to those fields that you want to modify. When completed, the software prompts you to perform one of the following:

Apply as the Running Configuration—Applies setup configuration changes to the running-configuration file.

Edit This Configuration—Returns to the beginning of setup and edits specific configuration information.

Discard Configuration and Quit Setup—Cancels making initial configuration changes.

Once configuration setup is complete, the GSS software prompts you to log in to the primary GSSM GUI and finish the device setup.

The setup command cannot be executed while the GSS is running. You must enter the gss stop command before executing the setup command.

Examples

The following example shows how to initiate a special setup script that guides you through the basic process of configuring the GSS: 

gss1.example.com# setup

##############################

## GSS Initial Setup Script ##

##############################

This setup utility will help guide you through the basic configuration

necessary to get a GSS up and running.  The script will not make any

modifications on the running system.  At the end you will be able to

review and edit the new configuration and before applying it to the

running system.

Typing CTRL-C at any prompt quits the script immediately.

The values in brackets '[]' are the defaults, and can be selected

by simply hitting <CR>.

This setup script will help with only the basic GSS and GSSM configuration.

To configure DNS rules, it will be necessary to log into the Primary GSSM

Admin Webpage.

Do you want to continue? (y/n) [no]: y

Enter the Hostname of this device [gss1.example.com]:

* Interface eth0 (Active - IP: 51.0.0.123 Mask: 255.255.0.0)

Do you want to change this? (y/n) [n]: y

Do you want to activate this interface? (y/n) [y]:

Do you want to configure IPv4 address for eth0? (y/n) [n]:

Do you want to configure IPv6 global unicast address for eth0? (y/n) [n]: y

Enter the IPv6 global unicast address: 2001:DB1:1::1:128

Enter the Prefix Length: 64

Do you want to configure IPv6 unique local address for eth0? (y/n) [n]:

Do you want to configure IPv6 link local address for eth0? (y/n) [n]:

* Interface eth1 (Active - IP: 192.169.1.225 Mask: 255.255.255.128)

Do you want to change this? (y/n) [n]:

(Active IPv4 Gateway: 192.168.2.1

Do you want to configure a default IPv4 gateway? (y/n) [y]:

Enter the IPv4 gateway [192.168.2.1]:

Do you want to configure a default IPv6 gateway? (y/n) [n]: y

Enter the IPv6 gateway: 2001:DB1:1::1:128

Enter the IP addresses for up to 8 Name Servers.

Enter a dash ('-') at a blank entry to stop entering Name Servers.

At least one Name Server is required for this setup script.

Enter Name Server 1 [192.168.2.10]:

Enter Name Server 2 [192.168.2s.13]:

Enter Name Server 3 [192.168.2.230]:

Enter Name Server 4: -

* Remote Access

Do you want to enable FTP access? (y/n) [y]:

Do you want to enable SSH access? (y/n) [y]:

Do you want to enable Telnet access? (y/n) [y]:

Do you want to configure this GSS as a Manager (gssm)? (y/n): y

Do you want to configure this GSSM as the Primary? (y/n): y

The following configuration command script was created:

-

interface ethernet 0

   ip address 192.168.2.1 255.255.0.0

interface ethernet 1

   ip address 10.78.18.225 255.255.255.128

-

hostname gss1.example.com

ip default-gateway 192.168.2.129

ip default-gateway 2001:DB1:1::128

ip name-server 192.168.2.10

ip name-server 192.168.2.13

ip name-server 192.168.2..230

-

-

-

ssh enable

no ssh keys

no ssh protocol version 1

telnet enable

ftp enable

snmp-server trap-source ethernet 0

-

no cnr enable

drp

    no enable

-

gss enable gssm-primary

-

What would you like to do?

1) Apply as the Running Configuration

2) Edit this configuration

3) Discard Configuration and Quit Setup

Choice: 1

show access-group

To display a list of the access lists associated with your GSS interfaces Ethernet 0 and Ethernet 1, use the show access-group command.

show access-group

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show access-group command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

access-group

access-list

show access-list

show access-list

To display a list of the access lists configured on your GSS device, use the show access-list command.

show access-list

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

The show access-list command displays a list of access lists on your GSS device, regardless of whether they are being used. Access lists must be applied to a particular GSS interface before they can be used to filter GSS traffic.

For information about the fields in the show access-list command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

access-group

access-list

show access-group

show arp

To display ARP information, use the show arp command.

show arp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

The show arp command displays the complete ARP resolution table with IP addresses, MAC addresses, and resolution type.

For information about the fields in the show arp command output, see the Cisco Global Site Selector Administration Guide.

Examples

The following is a sample output from the show arp command:

gss1.example.com# show arp 

Address                  HWtype  HWaddress           Flags Mask            Iface

10.78.18.230             ether   00:25:64:3B:2E:CF   C                     eth1

10.78.18.129             ether   00:00:0C:07:AC:28   C                     eth1

51.0.0.10                ether   00:1C:23:E2:47:7B   C                     eth0

51.0.0.13                ether   00:19:B9:F8:72:FE   C                     eth0

51.0.0.1                 ether   00:1E:7A:F6:1F:44   C                     eth0

Entries: 5      Skipped: 0      Found: 5

show boot-config

To display information about the GSS software, such as the current boot image and boot device information, use the show boot-config command.

show boot-config

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

For information about the fields in the show boot-config command output, see the Cisco Global Site Selector Administration Guide.

Examples

The following is a sample output from the show boot-config command:

gss1.example.com# show boot-config 

Boot Device = /dev/sda

Timeout = 5 seconds

Current Boot Image:

  Label = GSS-4.1.0

  GSS Software Version = 4.1.0

  Root Partition = /dev/sda7

  Linux Kernel = 2.6.9-100.ELsmp

  Default Boot Image

show clock

To display the system clock, use the show clock command. This command displays date and time information, such as the day of the week, the month, the time (hh:mm:ss), and the year in Greenwich mean time (GMT).

show clock

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show clock command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

clock

Examples

The following is a sample output from the show clock command:

gss1.example.com# show clock 

System time: Mon Sep 19 01:53:19 UTC 2011

show ddos

To display Distributed Denial of Service (DDoS) detection and mitigation statistics on a GSS, use the show ddos and its related commands.

show ddos [attacks | dproxy [ipaddress | spoofed | trusted] | failed-dns [failed-domains | global-domain-rules | gslb-rules] | rate-limit [ipaddress | global] | config | status]

attacks

See the show ddos attacks command for a detailed syntax description.

dproxy [ipaddress | spoofed | trusted]

See the show ddos dproxy command for a detailed syntax description.

failed-dns [failed-domains | global-domain-rules | gslb-rules]

See the show ddos failed-dns command for a detailed syntax description.

rate-limit [ipaddress | global]

See the show ddos rate-limit command for a detailed syntax description.

config

See the show ddos-config command for a detailed syntax description.

status

See the show ddos status command for a detailed syntax description.


show ddos attacks

To display Domain Name System (DNS) attacks detected by the GSS, use the show ddos attacks command.

show ddos attacks

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos attacks command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos dproxy

show ddos failed-dns

show ddos rate-limit

show ddos-config

show ddos status

show statistics ddos

show ddos dproxy

To show spoofed and nonspoofed D-proxies on the GSS, use the show ddos dproxy command.

show ddos dproxy [ipaddress | spoofed | trusted]

Syntax Description

ipaddress

D-proxy IP address.

spoofed

Specifies the spoofed D-proxies.

trusted

Specifies the trusted D-proxies.


Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos dproxy command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos failed-dns

show ddos rate-limit

show ddos-config

show ddos status

show statistics ddos

show ddos failed-dns

To show the last x number of domain names that caused failed Domain Name System (DNS) queries at the GSS or the number of failed DNS queries per D-proxy, use the show ddos failed-dns command.

show ddos failed-dns [failed-domains | global-domain-rules | gslb-rules]

Syntax Description

failed-domains

(Optional) Specifies the failed domain names due to a GSLB-rule mismatch.

Note Even if Distributed Denial of Service (DDoS) is disabled, you can use this keyword to list the failed domain names due to the GSLB-rule mismatch. The list is updated even if DDoS is disabled.

global-domain-rules

(Optional) Specifies the number of failures due to a global domain mismatch.

gslb-rules

(Optional) Specifies the number of failures due to a GSLB-rule mismatch.


Command Modes

Privileged EXEC

Usage Guidelines

Note Failed DNS queries refer to the DNS queries for a domain that are not configured on the GSS.

For information about the fields in the show ddos failed-dns command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos dproxy

show ddos rate-limit

show ddos-config

show ddos status

show statistics ddos

show ddos-config

To display the contents of the Distributed Denial of Service (DDoS) running configuration file, use the show ddos-config command.

show ddos-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos-config command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos dproxy

show ddos failed-dns

show ddos rate-limit

show ddos status

show statistics ddos

show ddos rate-limit

To show the rate limits per D-proxy and the number of packets dropped per source, use the show ddos rate-limit command.

show ddos rate-limit [ipaddress | global]

Syntax Description

ipaddress

(Optional) IP address of the D-proxy.

global

(Optional) Specifies the global rate limit on the GSS.


Usage Guidelines

For information about the fields in the show ddos rate-limit command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos dproxy

show ddos failed-dns

show ddos-config

show ddos status

show statistics ddos

show ddos status

To display the status of the Distributed Denial of Service (DDoS) detection and mitigation module on the GSS, use the show ddos status command.

show ddos status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos status command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos dproxy

show ddos failed-dns

show ddos rate-limit

show ddos-config

show statistics ddos

show disk

To display information about the GSS hard disk, use the show disk command. The information includes the available user space on the disk, the size of the database, and the space available.

show disk

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show disk command output, see the Cisco Global Site Selector Administration Guide.

show ftp

To display the operating status of the File Transfer Protocol (FTP) for your GSS device, use the show ftp command.

show ftp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show access-list command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

ftp

show telnet

show snmp

show gslb-config

To display GSS global server load-balancing configuration information, use the show gslb-config command.

show gslb-config [answer-group [name] | answer [ip_address {type} | name] | dns rule [name] | domain-lists [name] | keepalive-properties | locations [name] | owners [name] | proximity-properties | region [name] | shared-keepalives [ip_address] | source-address-lists [name] | static-proximity [name] | sticky-groups [name] | sticky-properties | zones [name]]

Syntax Description

answer-group

(Optional) Specifies the current property settings for all configured answer groups.

name

(Optional) Current property settings for the named answer group.

answer

(Optional) Specifies the current property settings for all configured answers.

ip_address

(Optional) Current property settings for answers that use the specified IP address. You can use either an IPv4 or an IPv6 address.

type

Current property settings for answers (by type) that use the specified IP address. Answer types are: vip, cra, and ns.

name

Current property settings for the named answer.

dns rule

(Optional) Specifies the current property settings for all configured Domain Name System (DNS) rules.

name

(Optional) Current property settings for the named DNS rule.

domain-lists

(Optional) Specifies the current property settings for all configured domain lists.

name

(Optional) Current property settings for the named domain list.

keepalive-properties

(Optional) Specifies the current property settings for all configured keepalives.

locations

(Optional) Specifies the current property settings for all configured locations.

name

(Optional) Current property settings for the named location.

owners

(Optional) Specifies the current property settings for all configured owners.

name

(Optional) Current property settings for the named owner.

regions

(Optional) Specifies the current property settings for all configured regions.

name

(Optional) Current property settings for the named region.

shared-keepalives

(Optional) Specifies the current property settings for all configured shared keepalives.

ip_address

(Optional) Current property settings for shared keepalives that use the specified IP address. You can specify either an IPv4 or an IPv6 address.

source-address-lists

(Optional) Specifies the current property settings for all configured source address lists.

name

(Optional) Current property settings for the named source address list.

static-proximity

(Optional) Specifies the current property settings for all configured proximity groups.

name

(Optional) Current property settings for the named proximity group.

sticky-groups

(Optional) Specifies the current property settings for all configured sticky groups.

name

(Optional) Current property settings for the named sticky group.

sticky-properties

(Optional) Specifies the current sticky mesh property settings.

zones

(Optional) Specifies the current property settings for all configured zones.

name

(Optional) Current property settings for the named zone.


Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing

Examples

The following example shows how to display all currently configured keepalive properties: 

gss1.example.com#sh gslb-config keepalive-properties

/cisco/merlot/bin/spen cfg_gslb_show_config --kal-prop=

keepalive-properties scripted-kal standard min-interval 40

keepalive-properties icmp standard min-interval 40

keepalive-properties tcp standard min-interval 40 port 80 termination reset timeout 20

keepalive-properties http-head standard min-interval 40 port 80 termination reset timeout 
20 path /

keepalive-properties https-head standard min-interval 40 port 443 SSL-Version TLSV1  
timeout 20 path /

keepalive-properties kalap standard min-interval 40 capp-key hash-not-set 
circuit-retry-count 1

keepalive-properties cra timing-decay 2 min-interval 10

keepalive-properties ns query-domain . min-interval 40

keepalive-properties global vip-keepalive enable

keepalive-properties global cra-keepalive enable

keepalive-properties global ns-keepalive enable

Related Commands

show gslb-errors

show gslb-errors

To display any errors that occurred after executing the (config-gslb) script play-config command, use the show gslb-errors command.

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Related Commands

show gslb-config

(config-gslb) script play-config

show geodb

To display GSS GeoDB manager status, use the show geodb command.

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Examples

The following example shows the display of the GeoDB database configuration in the GSS: 

gss1.example.com# show geodb 

  Geodb Manager status: Ready

  Database entry count: 0

  Dump interval:        60 minutes

  Timeout interval:     15 minutes

  Import Status:        Completed

  DataBase Version:     v001(2011-08-16)

gss1.example.com#

Related Commands

show geodb database

show geodb database

To display GSS global GeoIP database (GeoDB) proximity configuration information, use the show geodb command.

show geodb database {all | inactive | ip | no-dist}

Syntax Description

all

Displays all entries in the geoDB database.

inactive

Displays all entries that have been inactive for specified amount of time.

ip

Displays all entries that matches the source IP and netmask.

no-dist

Displays the no distance entries in the geoDB database.


Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Related Commands

show geodb

show interface

To display GSS hardware interface information, use the show interface command.

show interface {eth0 | eth1}

Syntax Description

eth0

Specifies the first Ethernet interface (eth0) on your GSS device.

eth1

Specifies the second Ethernet interface (eth1) on your GSS device.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show interface command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

show gslb-config

show running-config

show inventory

To display GSS Unique Device Identifier (UDI) data, use the show inventory command.

show inventory

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show inventory command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show tech-support

show ip routes

To display the IP routing table for the GSS, use the show ip routes command.

show ip routes

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show ip routes command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

lls

show license

To display system license data, use the show license command.

show license active | file-name [list | filename] | installed | gss-all

Syntax Description

active

Specifies the currently enabled license modules.

file-name
[list | filename]

Specifies a complete listing of the license files or the details of a specific license file.

installed

Specifies a list of the currently-installed license modules.

gss-all

Specifies a complete listing of the licenses installed in the GSS network.


Command Modes

Privileged EXEC

Usage Guidelines

For information about the show license command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

license

show logging

To display the system message log configuration, use the show logging command.

show logging

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show logging command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

logging

show logs

To send the log activity to your current session, use the show log command.

show logs {follow | tail}

Syntax Description

follow

Displays the log file as data that is appended to it.

tail

Displays only the last 10 lines of the log file.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Use the show logs command to send the log activity to your current session. The show logs command displays the contents of the gss.log file, which contains information about the GSS activity that is most useful to GSS administrators.

For information about the fields in the show logs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

logging

show license

show memory

To display memory blocks and statistics, use the show memory command.

show memory

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show memory command output, see the Cisco Global Site Selector Administration Guide.

show ntp

To display the Network Time Protocol (NTP) configuration, use the show ntp command.

show ntp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show ntp command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

ntp enable

ping

show processes

To display a list of internal GSS device processes, use the show processes command.

show processes

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show processes command output, see the Cisco Global Site Selector Administration Guide.

show properties

To display a list of configuration property settings for the GSS device, use the show properties command.

show properties

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Examples

The following example shows how to display the configuration property settings for the GSS: 

gss1.example.com# show properties

...

ServerConfig.dnsserver.returnError: 0

...

Related Commands

proximity database delete

show proximity

To display general status information about the proximity subsystem, use the show proximity command.

show proximity

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show proximity group-name

show proximity group-summary

show statistics

show sticky global

show proximity database

To display the proximity database (PDB) entries by specifying one or more entry matching criteria, use the show proximity database command.

show proximity database {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}

Syntax Description

all

Displays all entries in the proximity database.

assigned

Displays all static entries in the proximity database.

group name

Displays all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group.

inactive minutes

Displays all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes.

ip ip-address

netmask netmask

Displays all proximity entries related to a D-proxy IP address and subnet mask. For an IPv4 address, specify the IP address and subnet mask of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0). For an IPv6 address, specify the IP address in a colon, no colon notation and prefix-length (for example, 2001:DB1::1:28).

no-rtt

Displays all entries in the PDB that do not have valid round-trip time (RTT) values.

probed

Displays all dynamic entries in the PDB.


Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show proximity database command, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

The range of prefix-length is 1 to 128.

Examples

The following example shows how to display entries related to the proximity database which are configured in the GSS: 

gss1.example.com# show proximity database all

Key/ID         Type      Probe Target    Method   RTTs  Hits

--------------------------------------- --------  --------------------

1             Static      2001:DB8::1.1   ICMP      0     0

192.168.1.1      Dynamic     192.168.1.1          ICMP      1     1

2001:DB8::1.1 Dynamic      2001:DB8::1.1  ICMP      1     1

Total 3 database entries displayed.

gss1.example.com# 

gss1.example.com# show proximity database assigned

Key/ID Type      Probe Target     Method   RTTs  Hits

--------------------------------------- -------------

1      Static 2001:DB8::1.1     ICMP      0     0

 Total 1 database entries displayed.

gss1.example.com#

gss1.example.com# show proximity database group 

  WORD  Name of the group

gss1.example.com# show proximity database group g1

Key/ID Type      Probe Target    Method   RTTs  Hits

--------------------------------------- --------  ---------------------------

1      Static 2001:DB8::1.1    ICMP      0     0

 Total 1 database entries displayed.

gss1.example.com#

gss1.example.com# show proximity database inactive 

  <0-43200>  Minimum time in minutes

gss1.example.com# show proximity database inactive 200

Key/ID Type      Probe Target    Method   RTTs  Hits

--------------------------------------- --------  ------------------

1 Static          2001:DB8::1.1   ICMP      0     0

 Total 1 database entries displayed.

gss1.example.com#

gss1.example.com# show proximity database ip 

  WORD  Source IPv4/IPv6 address

gss1.example.com# show proximity database ip 2001:DB8::1:1 netmask 128

Key/ID Type      Probe Target Method   RTTs  Hits

--------------------------------------- --------  --

 Total 0 database entries displayed.

gss1.example.com# show proximity database ip 2001:DB8::1:1 netmask 64

Key/ID Type      Probe Target Method   RTTs  Hits

--------------------------------------- --------

 Total 0 database entries displayed.

gss1.example.com# show proximity database no-rtt

Key/ID Type      Probe Target Method   RTTs  Hits

--------------------------------------- --------  -

1 Static    2001::55:19:1 ICMP      0     0

 Total 1 database entries displayed.

gss1.example.com#

gss1.example.com# show proximity database probed

Key/ID     Type      Probe Target Method   RTTs  Hits

--------------------------------------- -------- ----

192.168.1.1      Dynamic   192.168.1.1      ICMP      1     1

2001:DB8::1.1 Dynamic 2001:DB8::1.1 ICMP      1     1

 Total 2 database entries displayed.

gss1.example.com# show proximity database no-rtt

Key/ID Type      Probe Target Method   RTTs  Hits

--------------------------------------- -------- 

1 Static         2001:DB8::1.1 ICMP      0     0

 Total 1 database entries displayed.

gss1.example.com#

Related Commands

show proximity

show proximity group-summary

show proximity group-name

To display statistics for a specific proximity group, use the show proximity group-name command.

show proximity group-name groupname

Syntax Description

groupname

Name of a proximity group. Enter the exact name to display all proximity database entries related to that group.


Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show proximity group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show proximity

show proximity group-summary

show proximity group-summary

To display a summary of statistics for all configured proximity groups, use the show proximity group-summary command.

show proximity group-summary

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

This command displays the configuration output to the console only if the number of proximity elements, or IP blocks, is less than 1000. (This value is not configurable). If the number of proximity elements is more than 1000, an error message displays asking you to execute the proximity group-summary dump filename command.

For information about the fields in the show proximity group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show proximity

show proximity group-name

proximity group-summary dump

show running-config

To display the current running configuration of the GSS device, use the show running-config command.

show running-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, interface, and global server load-balancing

Usage Guidelines

Use this command with the show startup-config command to compare the information in the running memory to the startup-configuration file used during the bootup process.

For information about the show running-config command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

configure

copy

show startup-config

show services

To display the current state of the GSS services, such as the File Transfer Protocol (FTP), Network Time Protocol (NTP), Secure Shell (SSH), Terminal Access Controller Access Control System Plus (TACACS+), Telnet, and Simple Network Management Protocol (SNMP), use the show services command.

show services

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show services command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show sticky global

show snmp

To display the Simple Network Management Protocol (SNMP) operating status, use the show snmp command.

show snmp

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show snmp command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

snmp

show ssh

To display Secure Shell (SSH) status and configuration information, use the show ssh command.

show ssh

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show ssh command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

ssh enable

show startup-config

To display the startup configuration, use the show startup-config command.

show startup-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Use this command to display the configuration used during an initial bootup that is stored in a safe partition of the hard disk to prevent the loss of data due to power failures.

For information about the show startup-config command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

configure

copy

show services

show statistics

To display GSS load-balancing statistics, use the show statistics command. The options for this command are as follows:

show statistics boomerang—Displays statistics related to the boomerang server component of the GSS

show statistics ddos—Displays statistics related to the Distributed Denial of Service (DDoS) prevention module of the GSS

show statistics dns—Displays statistics from the Domain Name System (DNS) component of the GSS

show statistics drpagent—Displays statistics for the Director Response Protocol (DRP) agent

show statistics gss-mesh all dns—Displays statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh

show statistics keepalive—Displays statistics for the keepalive component of the GSS software

show statistics proximity—Displays statistics about the network proximity operation of your GSS device

show statistics sticky—Displays general statistics about the sticky database

show statistics tacacs—Displays the current TACACS+ statistics

Each GSS device includes a comprehensive set of show statistics CLI commands to display content routing and load-balancing statistics for each major component involved in the GSS global server load-balancing operation. The GSS global server load-balancing components include boomerang (CRAs), DNS, and VIP keepalives. You can also monitor advanced traffic management functions, such as Domain Name System (DNS) sticky and network proximity, for the GSS device.

For example, you can use the show statistics dns command to view the traffic handled by a particular DNS rule, which matches a D-proxy to an answer, or to analyze the traffic to a particular hosted domain that is managed by a GSS.

Note If you specify the show statistics command after entering either the gss start command or the reload command, the GSS device can take approximately 1 minute before the command takes effect and displays the requested statistics.

For more information about these keywords and associated arguments, see the following commands.

show statistics boomerang

To display statistics related to the boomerang server component of the GSS, use the show statistics boomerang command.

show statistics boomerang {domain domain_name | global}

Syntax Description

domain

Displays statistics related to the named domain that is being served by the GSS.

domain_name

Name of the domain.

global

Displays statistics across the entire GSS network for the boomerang server.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics boomerang command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show statistics

show statistics dns

To display statistics from the Domain Name System (DNS) component of the GSS, use the show statistics dns command.

show statistics dns {answer [list | verbose | answer_name] | answer-group [list | group_name [verbose]] | domain [list | domain_name] | domain-list [list | domain_list_name [verbose]] | geo-region list | geodb [rule rule_name] global | proximity rule | rule [list | rule_name [verbose]] | source-address [list | sa_name] | source-address-list [list | sa_list_name [verbose]] | sticky rule}

Syntax Description

answer

Displays the accumulated hit count for each configured answer. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.

list

(Optional) Lists the names of all answers configured for the GSS.

verbose

(Optional) Allows you to display detailed statistics for each answer. In addition to the information that displays when you do not use an optional keyword, the DNS name also displays.

answer_name

(Optional) Name of an answer for which statistics are displayed.

answer-group

Displays the total hit count for each configured answer group.

list

(Optional) Lists the names of all answer groups configured for the GSS.

group_name

(Optional) Name of an answer group for which statistics are displayed.

verbose

(Optional) Allows you to view detailed statistics for each answer that makes up an answer group.

domain

Displays the accumulated hit count for each configured host domain. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.

list

(Optional) Lists the names of all domains configured for the GSS.

domain_name

(Optional) Name of a domain for which statistics are displayed.

domain-list

Displays the total accumulated hit count for each configured domain list.

list

(Optional) Lists the names of all domains configured for the GSS.

domain_list_name

(Optional) Name of a domain list for which statistics will be displayed.

verbose

(Optional) Allows you to view detailed statistics for each domain that makes up a domain list.

geo-region

Displays statistics for regions defined in GeoDb.

list

Lists all geo-region names.

geodb

GeoDB DNS Statistics.

rule rule_name

Displays all GeoDB lookups and failures by rule name.

global

Displays general DNS statistics for the GSS device in use.

proximity rule

Displays all proximity lookups and failures by the DNS rule name.

rule

Displays the total hit count and success count for each configured DNS rule.

list

(Optional) Lists the names of all DNS rules configured for the GSS.

rule_name

(Optional) Name of a DNS rule for which statistics are displayed.

verbose

(Optional) Allows you to view detailed statistics for the specified rule.

source-address

Displays the accumulated hit count for each configured source address. The statistics also includes the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.

list

(Optional) Lists the names of all source addresses configured for the GSS.

sa_name

(Optional) Name of a source address for which statistics are displayed.

source-address-list

Displays the total hit count for each configured source address list. The statistics also include the last minute average, 5-minute average, 30-minute average, and 4-hour average of the hit counts.

list

(Optional) Lists the names of all source addresses.

sa_list_name

(Optional) Name of a source address list for which statistics are displayed.

verbose

(Optional) Allows you to view detailed statistics for each name in the source address list.

sticky rule

Displays all DNS sticky lookups and failures by the DNS rule name.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show statistics

show statistics ddos

To display Distributed Denial of Service (DDoS) global or attack statistics, use the show statistics ddos command.

show statistics ddos [attacks | global]

Syntax Description

attacks

(Optional) Displays DDoS attack statistics.

global

(Optional) Displays DDoS global statistics.


Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show statistics ddos command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos attacks

show ddos dproxy

show ddos failed-dns

show ddos rate-limit

show ddos-config

show ddos status

show statistics drpagent

To display statistics on the Director Response Protocol (DRP) agent, use the show statistics drpagent command.

show statistics drpagent

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and drp

Usage Guidelines

For information about the fields in the show statistics drpagent command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show statistics

show statistics gss-mesh all dns

To display statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh, use the show statistics gss-mesh all dsn command from the primary GSSM

show statistics gss-mesh all dns {answer [type {cra | ns | vip}] [ip_address] | rule [rule_name]}

Syntax Description

answer

Displays the accumulated hit count for each configured answer.

type

(Optional) Specifies statistics for one of the following answer types:

cra—Content routing agent answer type

ns—DNS name server answer type

vip—Virtual IP answer type

ip_address

(Optional) IP address of a specific GSS in the GSS mesh.

rule

Displays the total hit count and success count for each configured DNS rule.

rule_name

(Optional) Name of a DNS rule for which statistics are displayed.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics gss-mesh all dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

refresh-gssmesh-statistics

show logs

show statistics

show statistics keepalive

To display statistics about the keepalive component of the GSS software, use the show statistics keepalive command.

show statistics keepalive {cra {ip_address | all | list} | global | http-head {ip_address | all | list}| https-head {ip_address | all | list} | icmp {ip_address | all | list} | kalap {ip_address | all | list} | scripted-kal {name | all | list} | ns {ip_address | all | list} | tcp {ip_address | all | list}}

Syntax Description

cra

Displays statistics for configured content routing agent (CRA) keepalive types managed by the keepalive component and used with Boomerang-type answers. Supports only IPv4 address.

ip_address

Specify either an IPv4 or an IPv6 address for which statistics are displayed.

all

Displays all configured CRA-type keepalives.

list

Lists all available IP addresses.

global

Displays keepalive statistics across the entire GSS device.

http-head

Displays statistics for configured HTTP HEAD keepalive types managed by the GSS and used with VIP-type answers.

all

Displays all configured HTTP HEAD-type keepalives.

https-head

Displays statistics for configured HTTPS HEAD keepalive types managed by the GSS and used with VIP-type answers.

all

Displays all configured HTTPS HEAD-type keepalives.

icmp

Displays statistics for configured ICMP keepalive types managed by the GSS and used with VIP-type answers.

all

Displays all configured ICMP-type keepalives.

kalap

Displays statistics for configured KAL-AP keepalive types managed by the GSS and used with VIP-type answers. Supports only IPv4 address.

all

Displays all configured KAL-AP-type keepalives.

scripted-kal

Displays statistics for configured Scripted keepalive types managed by the GSS and used with VIP-type answers.

name

KAL name for which you want to display keepalive statistics.

all

Displays all configured Scripted keepalives.

ns

Displays statistics for configured name server (NS) keepalive types managed by the GSS and used with name server type answers. Supports only IPv4 address.

all

Displays all configured name server-type keepalives.

tcp

Displays statistics for configured TCP keepalive types managed by the GSS and used with IP-type answers.

all

Displays all configured TCP-type keepalives.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics keepalive command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Examples 

gss1.example.com# show statistics keepalive answer type vip all

IP: 192.1.1.10

Name: vip-1

Status: ONLINE

No of Keepalives Configured: 1

Keepalive => 10.0.0.2

Status: ONLINE

Keepalive Type: icmp, Standard

Packets Sent:                    4

Packets Received:                4

Positive Probe:                  4

Negative Probe:                  0

Transitions:                     1

VIP GID: 42301 LID: 1

Keepalive GID:               42302

IP: 2000:db8::1428:57ab

Name: vip-2

Status: ONLINE

No of Keepalives Configured: 1

Keepalive => fe80::21c:23ff:fee2:515f

Status: ONLINE

Keepalive Type: icmp, Standard

Packets Sent:                    1

Packets Received:                1

Positive Probe:                  1

Negative Probe:                  0

Transitions:                     1

VIP GID: 42305 LID: 2

Keepalive GID:               42306

gss1.example.com# sh statistics keepalive answer type vip list

        IP/Name                   State

  192.1.1.10                      ONLINE

  2000:db8::1428:57ab             ONLINE

Related Commands

clear

logging

show logs

show statistics

show statistics proximity

To display statistics about the network proximity operation of your GSS device, use the show statistics proximity command.

show statistics proximity {database | group-name {name} | group-summary | lookup | probes {detailed}}

Syntax Description

database

Displays the overall statistics on the proximity database, such as the number of entries currently in the proximity database, the number of entries dropped, and the rate of lookups.

group-name name

Display statistics for the specified proximity group.

group-summary

Displays a summary of statistics for all configured proximity groups.

Note This command displays the proximity statistics to the console only if the number of proximity groups is less than 1000. If the number of proximity groups is more than 1000, an error message displays asking you to execute the proximity statistics group-summary dump filename command.

lookup

Displays statistics about the proximity lookups that have occurred on this GSS.

probes

Display general probe success and failure counts.

detailed

Detailed statistics for the ICMP and TCP probes that relate to all configured zones.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Network proximity statistics include information about the proximity database on the GSS device, individual zones, probing requests, and round-trip time (RTT) coverage.

For information about the fields in the show statistics proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show proximity

show proximity group-name

show proximity group-summary

show statistics

show statistics sticky

To display general statistics about the sticky database, use the show sticky statistics command.

show statistics sticky {global | group-name {name} | group-summary | mesh}

Syntax Description

global

Displays a summary of global sticky statistics.

group-name name

Displays statistics for the specified sticky group.

group-summary

Displays a summary of statistics for all configured sticky groups.

mesh

Displays detailed statistics for each GSS device in the global sticky mesh.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Sticky statistics include the total number of hits and misses in the sticky database, number of entries in the sticky database, and total number of lookups.

For information about the fields in the show statistics sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

logging

show logs

show statistics

show sticky

show sticky database

show sticky global

show sticky group-name

show sticky group-summary

show sticky mesh

show statistics tacacs

To display the current Terminal Access Controller Access Control System Plus (TACACS+) statistics, use the show statistics tacacs command.

show statistics tacacs

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Each server is identified by the IP address and port. There is a Pass, Fail, and Error counter for each authentication, authorization, and accounting service.

For information about the fields in the show statistics tacacs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

clear

logging

show logs

show statistics

show tacacs

show sticky

To display general status information about the sticky subsystem, use the show sticky command.

show sticky

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky database

show sticky global

show sticky group-name

show sticky group-summary

show sticky mesh

show sticky database

To display sticky database entries by specifying one or more entry matching criteria, use the show sticky database command.

show sticky database {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} region regionid netmask {netmask} | rule {rule_name}}

Syntax Descriptionr

all

Displays all entries in the sticky database.

answer name/ip_address

Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0).

domain name

Displays all sticky entries related to a domain. Specify the exact name for a previously created domain.

domain-list name

Displays all sticky entries related to a domain list. Specify the exact name for a previously created domain list.

group name

Displays all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group.

inactive minimum minutes maximum minutes

Displays all sticky entries that have not received a client hit in the time interval between the specified minimum and maximum values, entered in minutes. Enter a value from 0-10100 minutes as the specified minimum value and maximum value.

ip ip_address netmask netmask

Displays all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0).

region region id

Displays the sticky entries based upon the region id. The range of region id is from 1 - 4700.

rule rulename

Displays all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule.


Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky database command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky

show sticky global

show sticky group-name

show sticky group-summary

show sticky mesh

show sticky global

To display the global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky global command.

show sticky global [verbose]

Syntax Description

verbose

(Optional) Displays detailed global sticky status and statistics information for each GSS peer.


Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky global command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky global

show sticky group-name

show sticky group-summary

show sticky mesh

show sticky group-name

To display statistics for a specific sticky group, use the show sticky group-name command.

show sticky group-name groupname

Syntax Description

groupname

Name of a sticky group. Enter the exact name to display all sticky database entries related to that group.


Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky database

show sticky global

show sticky group-summary

show sticky mesh

show sticky group-summary

To display a summary of statistics for all configured sticky groups, use the show sticky group-summary command.

show sticky group-summary

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky database

show sticky global

show sticky group-name

show sticky mesh

show sticky mesh

To display global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky mesh command.

show sticky mesh {session {session_id} [verbose]} | [verbose]

Syntax Description

session session_id

Displays operating status information for a specific session ID, which is the point-to-point connection between the local GSS node and a sticky mesh peer. To locate the session ID for a specific GSS peer in the mesh, use the show sticky mesh command.

verbose

(Optional) Displays detailed operating status information for the entire sticky mesh and for all GSS peers in the mesh.


Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky mesh command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

clear

show statistics

show sticky database

show sticky global

show sticky group-name

show sticky group-summary

show supportpass-status

To see if the GSS support password has been set, use the show supportpass-status command.

show supportpass-status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC mode

Usage Guidelines

For information about using the show supportpass-status command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

supportpass

show system-status

To display a report on the current operating status of your GSS device, including the online status, current software version, and start date or time for the various components, use the show system-status command.

show system-status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Use this command to display detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the gss status command.

For information about the fields in the show system-status command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show services

show tacacs

To display the Terminal Access Controller Access Control System (TACACS) configuration on your GSS device, use the show tacacs command.

show tacacs

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show tacacs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show statistics

tail

tacacs-server timeout

show tech-support

To display a report on the current operating configuration of your GSS device that can be used by Cisco technical support representatives to help troubleshoot problems on your GSS network, use the show tech-support command.

show tech-support [config | core-files]

Syntax Description

config

(Optional) Exports the output of all configured fields from the primary Global Site Selector Manager (GSSM) GUI (intended for use by a Cisco technical support representative)

core-files

(Optional) Displays a listing of all core files.


Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show tech-support command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

tcpdump

show telnet

To display the status of the Telnet option on your GSS device, use the show telnet command.

show telnet

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

This command only displays the operating status of Telnet and cannot be used to connect to remote devices.

For information about the show telnet command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

show disk

show snmp

telnet

show terminal-length

To display the terminal length setting for your GSS device, use the show terminal-length command.

show terminal-length

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

This command displays the maximum number of rows of data that are output at once during a terminal session.

For information about the show terminal-length command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

terminal-length

show uptime

To find out how long the GSS device has been operational, use the show uptime command.

show uptime

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show uptime command output, see the Cisco Global Site Selector Administration Guide.

show user

To display user information for a particular user, use the show user command.

show user username

Syntax Description

username

Name of the user that you want to display information.


Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show user command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show users

show users

To display users, use the show users command.

show users

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show users command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show user

show version

To display version information about the GSS software, use the show version command.

show version [verbose]

Syntax Description

verbose

(Optional) Allows you to view detailed GSS software version information.


.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show version command output, see the Cisco Global Site Selector Administration Guide.

shutdown

To shut down the operating system on the GSS device, use the shutdown command. To shut down a particular Ethernet interface on the GSS device, use the shutdown command in interface configuration mode.

shutdown

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, interface configuration

Usage Guidelines

The shutdown command performs a shutdown of the GSS operating system or interface. In some cases, the GSS device will also be powered down following a shutdown.

Examples

The following example shows how to shut down the operating system on the GSS device: 

gss1.example.com# shutdown

gss1.example.com(config)# interface eth0

gss1.example.com(config-eth0)# shutdown

sticky database delete

To remove entries from the sticky database, use the sticky database delete command.

sticky database delete {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} netmask {netmask} | rule {rule_name}}

Caution Use the sticky database delete all command in special instances when you want to remove all entries from the sticky database in order to have an empty database. Ensure that you want to permanently delete entries from the sticky database before you enter this command. You cannot retrieve sticky database entries once you delete them.

Syntax Description

all

Removes all entries in the sticky database. The prompt "Are you sure?" appears to confirm the deletion of all sticky database entries. Specify y to delete all entries or n to cancel the deletion operation.

answer name/ip_address

Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0).

domain name

Removes all sticky entries related to a domain. Specify the exact name for a previously created domain.

domain-list name

Removes all sticky entries related to a domain list. Specify the exact name for a previously created domain list.

group name

Removes all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group.

inactive minimum minutes maximum minutes

Removes all sticky entries that have not received a lookup request by a client D-proxy in the specified minimum and maximum time interval. Valid entries are 0 to 10100 minutes. If you do not specify a maximum value, the GSS deletes all entries that have been inactive for the specified minimum value or longer. The GSS returns an error if one of the following situations occur:

The maximum value is set to a value that is less than the minimum value

The minimum and maximum values are not within the allowable range of values for the sticky inactivity timeout.

ip ip_address netmask netmask

Removes all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0).

rule rulename

Removes all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule.


Command Modes

Privileged EXEC

Usage Guidelines

When operating in a GSS global DNS sticky configuration, the result of the sticky database delete command propagates throughout the GSS mesh to maintain synchronization between the peers in the GSS network.

To view the entries in the sticky database to identify the sticky entries that you want to delete, use the show sticky database command.

Examples

The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask of 255.255.255.0: 

gss1.example.com# sticky database delete ip 192.168.8.0 netmask 255.255.255.0

The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask 255.255.255.0: 

gss1.example.com# sticky database delete ip 192.168.8.0 netmask 255.255.255.0

Related Commands

sticky database dump

sticky database load

show sticky

sticky start

sticky database dump

To dump all or selected entries from the sticky database to a named file as a user-initiated backup file, use the sticky database dump command.

sticky database dump {filename} format {binary | xml} entry-type {all | group | ip}

Syntax Description

filename

Name of the output file that contains the sticky database entries on the GSS disk. This file resides in the /home directory.

format

Dumps the sticky database entries in a binary or XML format. Choose binary-encoding as the format type if you intend to load the contents of the file into the sticky database of another GSS. The allowable entries are as follows:

binary—Dumps the assigned sticky entries in true binary format. This file can be used only with the sticky database load command.

xml—Dumps the assigned sticky entries in an Extensible Markup Language (XML) format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command.

Note Dumping sticky database entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes depending on the size of the sticky database and the GSS platform in use. We recommend that you do not perform a sticky database dump in an XML format during the routine operation of the GSS.

entry-type

Specifies the type of entries to dump from the sticky database. The available choices are as follows:

all—Dumps all entries from the sticky database (default).

group—Dumps all entries that have sticky group IDs from the database.

ip—Dumps all entries that have source IP addresses from the database.


Command Modes

Privileged EXEC

Usage Guidelines

The GSS automatically dumps sticky database entries to a backup file on a disk in a binary file format approximately every 20 minutes. The GSS uses this backup file to initialize the sticky database upon system restart or reboot to enable the GSS to recover the contents of the database. When global sticky is enabled, the GSS uses the database dump file at reboot if there is no peer in the mesh that can provide a full sticky database.

You can dump all or selected entries from the sticky database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.

To view the entire contents of the XML sticky database output file from the GSS, use the type command.

Examples

The following example shows how to dump the D-proxy source IP addresses from the sticky database to the sdb2004_06_30 file in an XML format: 

gss1.example.com# sticky database dump sdb2004_06_30 format xml type

source

Related Commands

show statistics

show sticky

show sticky global

sticky database delete

sticky database load

sticky database periodic-backup

sticky start

sticky database load

To load and merge a sticky database from a disk into the existing sticky database in GSS memory, use the sticky database load command.

sticky database load filename

Syntax Description

filename

Name of the sticky database file to load and merge with the existing sticky database on the GSS device. The file must be in a binary format for loading into the GSS memory (see the sticky database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the sticky database file to the GSS from a remote GSS.


Command Modes

Privileged EXEC

Usage Guidelines

The GSS allows you to load and merge sticky database entries from a file into the existing sticky database in the GSS memory. The sticky database merge capability supports the addition of entries from one GSS into another GSS. The file must be in a binary format for loading into the GSS memory.

The GSS validates the database loaded, checks the software version for compatibility, and then adds the sticky database entries in the memory. The GSS does not overwrite duplicate entries in the sticky database.

If you prefer to load and replace all sticky database entries from a GSS instead of merging the entries with the existing sticky database, enter the sticky database delete all command to remove all entries from the sticky database memory before you enter the sticky database load command.

Examples

The following example shows how to load and merge the entries from the GSS3SDB file with the existing entries in the GSS sticky database: 

gss1.example.com# sticky database load GSS3SDB

Related Commands

show statistics

show sticky

show sticky global

sticky database delete

sticky database dump

sticky start

sticky database periodic-backup

To force an immediate backup of the sticky database residing in the GSS memory, use the sticky database periodic-backup command.

sticky database periodic-backup now

Syntax Description

now

Instructs the GSS device to immediately initiate the periodic sticky database backup.


Command Modes

Privileged EXEC

Usage Guidelines

You may manually initiate a sticky database dump as a database recovery method to ensure that you store the latest sticky database entries before shutting down the GSS.

The GSS sends the sticky database entries to the system dump file as the sticky database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the sticky database at boot time.

Examples

The following example shows how to force an immediate backup of the sticky database residing in the GSS memory: 

gss1.example.com# sticky database periodic-backup now

Related Commands

sticky database dump

sticky start

sticky start

To locally reenable Domain Name System (DNS) sticky on a GSS device after locally disabling the function, use the sticky start command.

sticky start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

When you restart the GSS, and sticky has been globally enabled at the primary GSSM GUI, the GSS reenables the local DNS sticky function.

Examples

The following example shows how to locally reenable DNS sticky on a GSS device after locally disabling the function: 

gss1.example.com# sticky start

Related Commands

sticky stop

sticky stop

To locally disable Domain Name System (DNS) sticky on a GSS device for troubleshooting, use the sticky stop command.

sticky stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can disable DNS sticky for a single GSS when you need to override the GUI-enabled sticky option. You may need to locally disable sticky on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file. When you restart the device, and sticky has been globally enabled, the GSS reenables DNS sticky.

When you enter the sticky stop command, the GSS immediately stops the following operations:

Sticky lookups in the sticky database

Accessing the sticky database for new requests

Periodic sticky database dumps

Sticky database entry age-out process

The GSS continues to answer DNS requests according to the DNS rules and keepalive status.

When you disable DNS sticky, the GSS remains locally disabled until you perform one of the following actions:

Enter the sticky start CLI command.

Enter the gss restart CLI command to restart the GSS software.

Enter the gss reload CLI command to perform a cold restart of the GSS device.

If you are using global DNS sticky in your network, upon reentry of the GSS device into the peer mesh, the GSS attempts to synchronize the database entries with the other peers in the mesh. The GSS queries each peer to find the closest up-to-date sticky database. If no update is available from a peer, the GSS initializes the sticky database entries from the previously saved database on the disk if a file is present and valid. Otherwise, the GSS starts with an empty sticky database.

Examples

The following example shows how to locally disable DNS sticky on a GSS device for troubleshooting: 

gss1.example.com# sticky stop

Related Commands

sticky start

supportpass

For debugging purposes, a Cisco Technical Assistance Center (TAC) representative may ask you to set the GSS support password using supportpass command and then communicate that password to the support engineer. The support engineer can then access the engineering mode using the support password that you provide.

supportpass

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

After you enter the command, the CLI prompts you for the Admin password, which is required to set the support password. The CLI then prompts you for the support password. Enter an alphanumeric string that can contain spaces and special characters. Though the password can be an unlimited number of characters, we recommend that you limit the number of characters to 10 or less.

To delete the support password, enter a null value for the password by pressing Enter without entering a support password.

To change the support password, enter the command again and define the new password.

Examples

The following example shows how set the support password: 

gss1.example.com# supportpass

Admin Password:

Related Commands

show supportpass-status

tail

To display the last 10 lines of a file, use the tail command.

tail filename

Syntax Description

filename

Name of a file in the GSS file directory.


Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to display the end of a file within any GSS file directory. This command may be used to monitor features such as transaction logging or system logging (syslog).

Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.

Examples

The following example shows how to display the last 10 lines of a file: 

gss1.example.com# tail system.log

Showing file system.log

Sep 15 07:11:40 host-css2 rc: Stopping keytable succeeded

Sep 15 07:11:42 host-css2 inet: inetd shutdown succeeded

Sep 15 07:11:45 host-css2 crond: crond shutdown succeeded

Sep 15 07:11:46 host-css2 dd: 1+0 records in

Sep 15 07:11:46 host-css2 dd: 1+0 records out

Sep 15 07:11:46 host-css2 random: Saving random seed succeeded

Sep 15 07:11:48 host-css2 kernel: Kernel logging (proc) stopped.

Sep 15 07:11:48 host-css2 kernel: Kernel log daemon terminating.

Sep 15 07:11:50 host-css2 syslog: klogd shutdown succeeded

Sep 15 07:11:51 host-css2 exiting on signal 15

End of file system.log

...

Related Commands

dir

lls

ls

lsof

type

tcpdump

To output all traffic to and from either the default configured Ethernet interface or a specific Ethernet interface, use the tcpdump command.

tcpdump interface {any | eth0 | eth1} ipproto {any | ipv4 | ipv6 } protocol {any | icmp | tcp | udp} | host {any | ip_or_host} | port {any | port} | network {any | ip-address ip-subnet} | file {filename}

Syntax Description

interface

Outputs all traffic to and from the specified Ethernet interface.

any

Instructs the GSS software to accept all selections for an associated option. For example, if you enter tcpdump interface any any, the GSS filters the ICMP, TCP, and UDP IP protocols on Ethernet 0 and 1.

eth0

Outputs all traffic to and from interface Ethernet 0 on the GSS.

eth1

Outputs all traffic to and from interface Ethernet 1 on the GSS.

ipproto

Specifies if the tcpdump interface is to be executed over an IPv4 or IPv6 address or both.

protocol

Filters the protocol for the traffic type. Recognized IP protocols are as follows:

icmp—Internet Control Message Protocol

tcp—Transmission Control Protocol

udp—User Datagram Protocol

host ip_or_host

Filters the host machine that is the source or destination of the packet. The software uses the IP address or hostname of the device that is the source or destination of the packet.

port port

Filters the source or destination port of the packet.

network ip-address ip-subnet

Filters the network IP address from which the packet originated. The software uses the ip-address and ip-subnet arguments to match the incoming packet to a source network.

file filename

Enables you to capture raw data to a file. You can open the captured raw data in a Sniffer tool. When capturing data to a file, the entire packet is captured. A maximum of 20,000 filtered packets can be captured to disk. This packet limit prevents you from accidentally filling up the GSS disk when capturing data using the tcpdump command.

If you do not specify a file, the GSS dumps the captured data to a terminal screen. In this case, the GSS displays only header data and there is no limit to the number of captured packets.


Command Modes

Privileged EXEC

Usage Guidelines

The tcpdump interface command displays a record of all TCP traffic to and from an Ethernet interface to the screen. The command also displays all traffic to and from interface Ethernet 0, the first network interface on the GSS. If Ethernet 0 is not active, the GSS listens to traffic on Ethernet 1.

If you enter the tcpdump command without any specified options, no filtering is performed. If you want to use the defaults for the remaining tcpdump command parameters, press Enter at each option. No further filtering is performed by the GSS, other than what has been specified. For example, if you enter tcpdump interface eth0 protocol tcp, the GSS performs only IP protocol filtering and does not perform host, port, or network filtering.

This command continuously displays output until you cancel the operation by pressing Ctrl-C.

Examples

The following example shows the tcpdump interface command and its output: 

gss1.example.com# tcpdump interface eth0

Kernel filter, protocol ALL, datagram packet socket

tcpdump: listening on eth0

19:20:45.678641 > gssm.example.com.ssh > 10.1.2.3.1178: P 2126255246:2126255346(100) ack 
4828790 win 32680 (DF) [tos 0x10] 

19:20:45.680534 > gssm.example.com.49165 > gss.example.com.domain: 9217+ PTR? 
187.0.1.2.in-addr.arpa. (43)

19:20:45.681090 < gss.example.com.domain > gssm.example.com.49165: 9217 NXDomain* 0/1/0 
(111)

19:20:45.681421 > gssm.example.com.49165 > gss.example.com.domain: 9218+ PTR? 
172.13.89.10.in-addr.arpa. (42)

19:20:45.681984 < gss.example.com.domain > gssm.example.com.49165: 9218* 1/2/2 PTR 
gssm.example.com. (145)

19:20:45.682396 > gssm.example.com.49165 > gss.example.com.domain: 9219+ PTR? 
172.5.89.10.in-addr.arpa. (41)

19:20:45.682950 < gss.example.com.domain > gssm.example.com.49165: 9219* 1/2/2 PTR 
gss.example.com. (142)

19:20:45.683218 > gssm.example.com.ssh > 10.1.2.3.1178: P 100:376(276) ack 1 win 32680 
(DF) [tos 0x10] 

19:20:45.683568 > gssm.example.com.ssh > 10.1.2.3.1178: P 376:748(372) ack 1 win 32680 
(DF) [tos 0x10] 

19:20:45.683902 > gssm.example.com.ssh > 10.1.2.3.1178: P 748:1120(372) ack 1 win 32680 
(DF) [tos 0x10] 

19:20:45.688517 > gssm.example.com.ssh > 10.1.2.3.1178: P 1120:1372(252) ack 1 win 32680 
(DF) [tos 0x10] 

19:20:45.696298 B arp who-has 192.168.1.1 tell 192.168.1.2

19:20:45.696506 > gssm.example.com.49165 > gss.example.com.domain: 9220+ PTR? 
10.128.1.2.in-addr.arpa. (44)

19:20:45.697003 < gss.example.com.domain > gssm.example.com.49165: 9220 NXDomain 0/1/0 
(109)

19:20:45.697173 > gssm.example.com.49165 > gss.example.com.domain: 9221+ PTR? 
22.128.168.192.in-addr.arpa. (45)

19:20:45.697471 < 10.1.2.3.1178 > gssm.example.com.ssh: . 1:1(0) ack 0 win 8600 (DF)

19:20:45.697649 < gss.example.com.domain > gssm.example.com.49165: 9221 NXDomain 0/1/0 
(110)

19:20:45.697922 > gssm.example.com.ssh > 10.1.2.3.1178: P 1372:1696(324) ack 1 win 32680 
(DF) [tos 0x10]

The following example shows the tcpdump interface command for capturingIPv6 packets: 

gss1.example.com# tcpdump interface eth1 ipproto ipv6 protocol any

tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 512 bytes

23:30:28.979140 2001:55::11:2 > 2001:55::6:113: [icmp6 sum ok] icmp6: echo request seq 0 
(len 64, hlim 64)

23:30:28.979671 2001:55::6:113 > 2001:55::11:2: [icmp6 sum ok] icmp6: echo reply seq 0 
(len 64, hlim 64)

23:30:29.998849 2001:55::11:2 > 2001:55::6:113: [icmp6 sum ok] icmp6: echo request seq 1 
(len 64, hlim 64)

23:30:29.998873 2001:55::6:113 > 2001:55::11:2: [icmp6 sum ok] icmp6: echo reply seq 1 
(len 64, hlim 64)

23:30:31.019160 2001:55::11:2 > 2001:55::6:113: [icmp6 sum ok] icmp6: echo request seq 2 
(len 64, hlim 64)

23:30:31.019172 2001:55::6:113 > 2001:55::11:2: [icmp6 sum ok] icmp6: echo reply seq 2 
(len 64, hlim 64)

6 packets captured

6 packets received by filter

0 packets dropped by kernel

gss1.example.com#

telnet

To enable Telnet on the selected GSS device or establish a Telnet connection, use the telnet command. To disable Telnet on your GSS device, use the no form of this command.

telnet {enable | {ip_or_host} | [port]

no telnet enable

Syntax Description

enable

Enables Telnet on the selected GSS device. This keyword is available in global configuration mode only.

ip_or_host

IP address or hostname of the device with which you want to establish a Telnet connection. Enter either an IPv4 address in dotted-decimal notation (for example, 192.168.11.1) or an IPv6 address in a double colon, no double colon, and a slash followed by a number (/n) notation (for example, 2001:DB8:A:B::1/24) or a mnemonic hostname (for example, myhost.mydomain.com).

port

(Optional) Port number. Allows you to change the port number for the Telnet session to a port other than 23 (the Telnet port). Enter a number from 1-65535. The default is 23.


Command Modes

User EXEC, privileged EXEC, and global configuration.

Usage Guidelines

Use the telnet enable command in global configuration mode to enable Telnet on the selected device. Use the telnet command in EXEC or global configuration mode to establish a Telnet connection. SSH and Telnet can run concurrently.

Examples

The following example shows how to enable Telnet on the selected GSS device or establish a Telnet connection: 

gss1.example.com(config)#

gss1.example.com(config)#telnet 2001:55::11:2

Trying 2001:55::11:2...

Connected to 2001:55::11:2.

Escape character is '^]'.

Red Hat Enterprise Linux Server release 5.4 (Tikanga)

Kernel 2.6.18-164.el5 on an i686

login:

gss1.example.com(config)#

Related Commands

ftp

ntp enable

snmp

ssh enable

traceroute

To display the route a packet took to reach the host destination, use the traceroute command.

traceroute {ip_or_host}

Syntax Description

ip_or_host

IP address or hostname of device to which you want to trace the packet route. Enter either an IPv4 address in dotted-decimal notation (for example, 192.168.11.1) or an IPv6 address in a double colon, no double colon, and a slash followed by a number (/n) notation (for example, 2001:DB8:A:B::1/24) or a mnemonic hostname (for example, myhost.mydomain.com).


Command Modes

Privileged EXEC

Examples

The following example shows how to display the route a packet took to reach the host destination: 

gss1.example.com> traceroute www.example.com

traceroute to 55.11.1.2 (55.11.1.2), 30 hops max, 38 byte packets

 1  55.11.1.2 (55.11.1.2)  0.656 ms  0.375 ms  0.236 ms

gss1.example(config)#

gss1.example#(config)

gss1.example#traceroute 2001:55::11:2

traceroute to 2001:55::11:2 (2001:55::11:2) from fd93:155b:3328:ca32:223:8bff:fe03:6f59, 
30 hops max, 16 byte packets

 1  2001:55::11:2 (2001:55::11:2)  1.672 ms  0.405 ms  0.253 ms

gss1.example(config)#

type

To display the contents of a file within any GSS file directory, use the type command.

type filename

Syntax Description

filename

Name of the file.


Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to display the contents of a file within any GSS file directory. This command may be used to monitor features such as transaction logging or system logging (syslog).

Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.

Examples

The following example shows how to display the contents of a file within any GSS file directory: 

gss1.example.com# type /audit.log

atcr1.example.com>type audit.log

# Start logging at Thu July 1 23:59:30 GMT 2004

#=== WHEN                        WHAT_TABLE     WHAT_ID          HOW ===

# Start logging at Fri July 2 00:01:25 GMT 2004

#=== WHEN                        WHAT_TABLE     WHAT_ID          HOW ===

# Start logging at Sat July 3 14:42:40 GMT 2004

#=== WHEN                        WHAT_TABLE     WHAT_ID          HOW ===

...

Related Commands

dir

lls

ls

lsof

tail

write

To save the current running configuration of the GSS as its startup configuration, use the write command.

write memory

Syntax Description

memory

Saves recent configuration changes to the GSS that are stored in the memory as the startup configuration.


Command Modes

Privileged EXEC and global configuration

Usage Guidelines

Use the write command to save changes to the running configuration of the GSS device as the new startup configuration for the device.

Examples

The following example shows how to save the current running configuration of the GSS as its startup configuration: 

gss1.example.com# write memory

Related Commands

copy