Table Of Contents
Basic System Management Commands
Basic System Management Commands
This chapter describes the commands used to perform basic system management tasks in Cisco IOS Release 12.0. Basic system management tasks include naming the router, enabling or disabling basic services ("small servers"), and setting time services.
For basic system management configuration tasks and examples, refer to the chapter entitled "Performing Basic System Management" in the Cisco IOS Release 12.0 Configuration Fundamentals Configuration Guide.
alias
To create a command alias, use the alias global configuration command. Use the no form of this command to delete all aliases in a command mode or to delete a specific alias, and to revert to the original command syntax.
alias mode alias-name alias-command-line
no alias mode [alias-name]
Syntax Description
mode
Command mode of the original and alias commands. See Table 97 for a list of options for this argument.
alias-name
Command alias.
alias-command-line
Original command syntax.
Defaults
Default aliases are in EXEC mode as follows:
Command Modes
Global configuration
Command History
Usage Guidelines
You can use simple words or abbreviations as aliases. The aliases in the "Defaults" section are predefined. They can be turned off using the no alias command.
Table 97 shows the acceptable options for the mode argument in the alias global configuration command.
See the summary of command modes in the "Using the Command Line Interface" chapter in the Configuration Fundamentals Configuration Guide for more information about command modes.
When you use online help, command aliases are indicated by an asterisk (*), as follows:
Router#lo?*lo=logout lock login logoutWhen you use online help, aliases that contain spaces (for example, telnet device.cisco.com 25) are displayed as follows:
Router# configure terminalEnter configuration commands, one per line. End with CNTL/Z.Router(config)# alias exec device-mail telnet device.cisco.com 25Router(config)# endRouter# device-mail?*device-mail="telnet device.cisco.com 25"When you use online help, the alias is expanded and replaced with the original command, as shown in the following example with the td alias:
Router(config)# alias exec td trace deviceRouter(config)# ^ZRouter# t?*td="trace device" telnet terminal test tn3270traceTo list only commands and omit aliases, begin your input line with a space. In the following example, the alias td is not shown, because there is a space before the t? command line.
Router# t?telnet terminal test tn3270 traceAs with commands, you can use online help to display the arguments and keywords that can follow a command alias. In the following example, the alias td is created to represent the command telnet device. The /debug and /line switches can be added to telnet device to modify the command:
Router(config)# alias exec td telnet deviceRouter(config)# ^ZRouter# td ?/debug Enable telnet debugging mode/line Enable telnet line mode...whois Whois port<cr>Router# telnet deviceYou must enter the complete syntax for the alias command. Partial syntax for aliases are not accepted. In the following example, the parser does not recognize the command t as indicating the alias td.
Router# t% Ambiguous command: "t"Examples
The following example creates the alias fixmyrt for the IP route198.92.116.16:
alias exec fixmyrt clear ip route 198.92.116.16Related Commands
buffers
Use the buffers global configuration command to make adjustments to initial buffer pool settings and to the limits at which temporary buffers are created and destroyed. Use the no form of this command to return the buffers to their default size.
buffers {small | middle | big | verybig | large | huge | type number} {permanent | max-free
| min-free | initial} numberno buffers {small | middle | big | verybig | large | huge | type number} {permanent | max-free
| min-free | initial} numberSyntax Description
Defaults
The default number of buffers in a pool is determined by the hardware configuration and can be displayed with the EXEC show buffers command.
Command Modes
Global configuration
Command History
Usage Guidelines
Normally you need not adjust these parameters; do so only after consulting with technical support personnel. Improper settings can adversely impact system performance.
You cannot configure FDDI buffers.
Examples of Public Buffer Pool Tuning
The following example keeps at least 50 small buffers free in the system:
buffers small min-free 50The following example increases the permanent buffer pool allocation for big buffers to 200:
buffers big permanent 200Example of Interface Buffer Pool Tuning
A general guideline is to display buffers with the show buffers command, observe which buffer pool is depleted, and increase that one.
The following example increases the permanent Ethernet 0 interface buffer pool on a Cisco 4000 is 96 because the Ethernet 0 buffer pool is depleted:
buffers ethernet 0 permanent 96Related Commands
Changes the length of time for which data is used to compute load statistics.
Displays statistics for the buffer pools on the network server.
buffers huge size
Use the buffers huge size global configuration command to dynamically resize all huge buffers to the value you specify. Use the no form of this command to restore the default buffer values.
buffers huge size number
no buffers huge size number
Syntax Description
Defaults
18024 bytes
Command Modes
Global configuration
Command History
Usage Guidelines
Use only after consulting with technical support personnel. The buffer size cannot be lowered below the default.
Examples
The following example resizes huge buffers to 20000 bytes:
buffers huge size 20000Related Commands
calendar set
To set the system calendar, use one of the formats of the calendar set EXEC command.
calendar set hh:mm:ss day month year
calendar set hh:mm:ss month day year
Syntax Description
hh:mm:ss
Current time in hours (military format), minutes, and seconds.
day
Current day (by date) in the month.
month
Current month (by name).
year
Current year (no abbreviation).
Command Modes
EXEC
Command History
Usage Guidelines
Some platforms have a calendar which is separate from the system clock. This calendar runs continuously, even if the router is powered off or rebooted. After you set the calendar, the system clock will be automatically set from the calendar when the system is restarted or when the clock read-calendar EXEC command is issued. The time specified in this command is relative to the configured time zone.
Examples
The following example manually sets the system calendar to 1:32 p.m. on July 23, 1997:
calendar set 13:32:00 23 July 1997Related Commands
clock calendar-valid
To configure a router as a time source for a network based on its calendar, use the clock calendar-valid global configuration command. Use the no form of this command to specify that the calendar is not an authoritative time source.
clock calendar-valid
no clock calendar-valid
Syntax Description
This command has no arguments or keywords.
Defaults
The router is not configured as a time source.
Command Modes
Global configuration
Command History
Usage Guidelines
Some platforms have a calendar which is separate from the system clock. This calendar runs continuously, even if the router is powered off or rebooted. If you have no outside time source available on your network, use this command to make the calendar an authoritative time source.
Examples
The following example configures a router as the time source for a network based on its calendar:
clock calendar-validRelated Commands
clock read-calendar
To manually read the calendar into the system clock, use the clock read-calendar EXEC command.
clock read-calendar
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
Some platforms have a calendar which is separate from the system clock. This calendar runs continuously, even if the router is powered off or rebooted. When the router is rebooted, the calendar is automatically read into the system clock. However, you may use this command to manually read the calendar setting into the system clock. This command is useful if the calendar set command has been used to change the setting of the calendar.
Examples
The following example configures the system clock to set its date and time by the calendar setting:
clock read-calendarRelated Commands
Sets the system calendar.
Manually set the system clock.
Sets the calendar from the system clock.
Periodically updates the calendar from Network Time Protocol (NTP).
clock set
To manually set the system clock, use one of the formats of the clock set privileged EXEC mode command.
clock set hh:mm:ss day month year
clock set hh:mm:ss month day year
Syntax Description
hh:mm:ss
Current time in hours (military format), minutes, and seconds.
day
Current day (by date) in the month.
month
Current month (by name).
year
Current year (no abbreviation).
Command Modes
Privileged EXEC mode
Command History
Usage Guidelines
Generally, if the system is synchronized by a valid outside timing mechanism, such as an NTP or VINES clock source, or if you have a router with calendar capability, you do not need to set the system clock. Use this command if no other time sources are available. The time specified in this command is relative to the configured time zone.
Examples
The following example manually sets the system clock to 1:32 p.m. on July 23, 1997:
clock set 13:32:00 23 July 1997Related Commands
clock summer-time
To configure the system to automatically switch to summer time (daylight savings time), use one of the formats of the clock summer-time global configuration command. Use the no form of this command to configure the Cisco IOS software not to automatically switch to summer time.
clock summer-time zone recurring [week day month hh:mm week day month hh:mm [offset]]
clock summer-time zone date date month year hh:mm date month year hh:mm [offset]
clock summer-time zone date month date year hh:mm month date year hh:mm [offset]
no clock summer-time
Syntax Description
Defaults
Summer time is disabled. If clock summer-time zone recurring is specified without parameters, the summer time rules default to United States rules. Default of offset is 60.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command if you want to automatically switch to summer time (for display purposes only). Use the recurring form of the command if the local summer time rules are of this form. Use the date form to specify a start and end date for summer time if you cannot use the first form.
In both forms of the command, the first part of the command specifies when summer time begins, and the second part specifies when it ends. All times are relative to the local time zone. The start time is relative to standard time. The end time is relative to summer time. If the starting month is after the ending month, the system assumes that you are in the Southern Hemisphere.
Examples
The following example specifies that summer time starts on the first Sunday in April at 02:00 and ends on the last Sunday in October at 02:00:
clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday October 2:00If you live in a place where summer time does not follow the pattern in the first example, you could set it to start on October 12, 1997 at 02:00, and end on April 26, 1998 at 02:00, with the following example:
clock summer-time date 12 October 1997 2:00 26 April 1998 2:00Related Commands
clock timezone
To set the time zone for display purposes, use the clock timezone global configuration command. To set the time to Coordinated Universal Time (UTC), use the no form of this command.
clock timezone zone hours [minutes]
no clock timezone
Syntax Description
zone
Name of the time zone to be displayed when standard time is in effect.
hours
Hours offset from UTC.
minutes
(Optional) Minutes offset from UTC.
Defaults
UTC
Command Modes
Global configuration
Command History
Usage Guidelines
The system internally keeps time in UTC, so this command is used only for display purposes and when the time is manually set.
Examples
The following example sets the timezone to Pacific Standard Time and offsets 8 hours behind UTC:
clock timezone PST -8Related Commands
Sets the system calendar.
Manually set the system clock.
Configures the system to automatically switch to summer time (daylight savings time).
Displays the system clock.
clock update-calendar
To set the calendar from the system clock, use the clock update-calendar EXEC command.
clock update-calendar
Syntax Description
This command has no arguments or keywords.
Command Modes
EXEC
Command History
Usage Guidelines
Some platforms have a calendar which is separate from the system clock. This calendar runs continuously, even if the router is powered off or rebooted.
If the system clock and calendar are not synchronized, and the system clock is more accurate, use this command to update the calendar to the correct date and time.
Examples
The following example copies the current time from the system clock to the calendar:
clock update-calendarRelated Commands
Manually reads the calendar into the system clock.
Periodically updates the calendar from Network Time Protocol (NTP).
downward-compatible-config
To generate a configuration that is compatible with an earlier Cisco IOS release, use the downward-compatible-config global configuration command. To remove this feature, use the no form of this command.
downward-compatible-config version
no downward-compatible-config
Syntax Description
Defaults
Disabled
Command Modes
Global configuration
Command History
Usage Guidelines
In Cisco IOS Release 10.3, IP access lists changed format. Use this command to regenerate a configuration in a format prior to Release 10.3 if you are going to downgrade from a Release 10.3 or later to an earlier release. The earliest release this command accepts is 10.2.
When this command is configured, the router attempts to generate a configuration that is compatible with the specified version. Currently, this command affects only IP access lists.
Under some circumstances, the software might not be able to generate a fully backward-compatible configuration. In such a case, the software issues a warning message.
Examples
The following example generates a configuration file compatible with Cisco IOS Release 10.2:
downward-compatible-config 10.2Related Commands
access-list (extended)
Provides extended access lists that allow more detailed access lists.
access-list (standard)
Defines a standard XNS access list.
hostname
To specify or modify the host name for the network server, use the hostname global configuration command. The host name is used in prompts and default configuration filenames. The setup command facility also prompts for a host name at startup.
hostname name
Syntax Description
Defaults
The factory-assigned default host name is router.
Command Modes
Global configuration
Command History
Usage Guidelines
The order of display at startup is banner message-of-the-day (MOTD), then login and password prompts, then EXEC banner.
Do not expect case to be preserved. Upper- and lowercase characters look the same to many internet software applications (often under the assumption that the application is doing you a favor). It may seem appropriate to capitalize a name the same way you might do in English, but conventions dictate that computer names appear all lowercase. For more information, refer to RFC 1178, Choosing a Name for Your Computer.
The name must also follow the rules for ARPANET host names. They must start with a letter, end with a letter or digit, and have as interior characters only letters, digits, and hyphens. Names must be 63 characters or fewer. For more information, refer to RFC 1035, Domain Names—Implementation and Specification.
Examples
The following example changes the host name to sandbox:
hostname sandboxRelated Commands
ip bootp server
To access the BOOTP service available from hosts on the network, use the ip bootp server global configuration command. Use the no form of the command to disable these services.
ip bootp server
no ip bootp server
Syntax Description
This command has no arguments or keywords.
Defaults
Enabled
Command Modes
Global configuration
Command History
Usage Guidelines
By default, the BOOTP server is enabled.
When you disable the BOOTP server, access to the BOOTP ports cause the Cisco IOS software to send an "ICMP port unreachable" message to the sender and discard the original incoming packet.
Examples
The following example disables the BOOTP service on the router:
no ip bootp serverip finger
To configure a system to accept Finger protocol requests (defined in RFC 742), use the ip finger global configuration command. To disable this service, use the no form of this command.
ip finger
no ip finger
Syntax Description
The command has no arguements or keywords.
Defaults
Enabled
Command Modes
Global configuration
Command History
Usage Guidelines
The Finger service allows remote users to view the output equivalent to the show users [wide] command.
When ip finger is configured, the router will respond to a telnet a.b.c.d finger command from a remote host by immediately displaying the output of the show users command and then closing the connection.
Note
As with all minor services, the Finger service should be disabled on your system if you do not have a need for it in your network.
Any network device that has UDP, TCP, BOOTP, or Finger services should be protected by a firewall or have the services disabled to protect against Denial of Service attacks.Examples
The following example disables the Finger protocol:
Router(config)# no ip fingerip telnet source-interface
Use the ip telnet source-interface global configuration command to allow a user to select an address of an interface as the source address for Telnet connections. Use the no form of this command to reset the source address to the default for each connection.
ip telnet source-interface interface
no ip telnet source-interface
Syntax Description
Defaults
The address of the closest interface to the destination as the source address. If the selected interface is not "up," the Cisco IOS software selects the address of the closest interface to the destination as the source address.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to set an interface's IP address as the source for all Telnet connections.
Examples
The following example makes the IP address for Ethernet interface 1 as the source address for Telnet connections:
ip telnet source-interface e 1Related Commands
ip radius source-interface
Forces RADIUS to use the IP address of a specified interface for all outgoing RADIUS packets.
ip tftp source-interface
Use the ip tftp source-interface global configuration command to allow a user to select the interface whose address will be used as the source address for TFTP connections.
ip tftp source-interface interface
no ip tftp source-interface
Syntax Description
Defaults
The address of the closest interface to the destination as the source address. If the selected interface is not "up," the Cisco IOS software selects the address of the closest interface to the destination as the source address.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to set an interface's IP address as the source for all TFTP connections.
Examples
The following example makes the IP address for Ethernet interface 1 as the source address for TFTP connections:
ip tftp source-interface e 1Related Commands
ip radius source-interface
Forces RADIUS to use the IP address of a specified interface for all outgoing RADIUS packets.
load-interval
To change the length of time for which data is used to compute load statistics, use the load-interval interface configuration command. Use the no form of this command to revert to the default setting.
load-interval seconds
no load-interval seconds
Syntax Description
seconds
Length of time for which data is used to compute load statistics. A value that is a multiple of 30, from 30 to 600 (30, 60, 90, 120, and so forth).
Defaults
300 seconds (or 5 minutes)
Command Modes
Interface configuration
Command History
Usage Guidelines
If you want load computations to be more reactive to short bursts of traffic, rather than averaged over 5-minute periods, you can shorten the length of time over which load averages are computed.
If the load interval is set to 30 seconds, new data is used for load calculations over a 30-second period. This data is used to compute load statistics, including input rate in bits and packets per second, output rate in bits and packets per second, load, and reliability.
Load data is gathered every 5 seconds. This data is used for a weighted average calculation in which more-recent load data has more weight in the computation than older load data. If the load interval is set to 30 seconds, the average is computed for the last 30 seconds of load data.
The load-interval command allows you to change the default interval of 5 minutes to a shorter or longer period of time. If you change it to a shorter period of time, the input and output statistics that are displayed when you use the show interface command will be more current, and based on more instantaneous data, rather than reflecting a more average load over a longer period of time.
This command is often used for dial backup purposes, to increase or decrease the likelihood of a backup interface being implemented, but it can be used on any interface.
Examples
In the following example, the default 5-minute average is set it to a 30-second average. A burst in traffic that would not trigger a dial backup for an interface configured with the default 5-minute interval might trigger a dial backup for this interface that is set for a shorter, 30-second interval.
interface serial 0load-interval 30Related Commands
show interfaces
Use the show interfaces EXEC command to display ALC information.
ntp access-group
To control access to the system's Network Time Protocol (NTP) services, use the ntp access-group global configuration command. To remove access control to the system's NTP services, use the no form of this command.
ntp access-group {query-only | serve-only | serve | peer} access-list-number
no ntp access-group {query-only | serve-only | serve | peer}
Syntax Description
Defaults
No access control (full access granted to all systems)
Command Modes
Global configuration
Command History
Usage Guidelines
The access group options are scanned in the following order from least restrictive to most restrictive:
1.
2.
3.
4.
Access is granted for the first match that is found. If no access groups are specified, all access is granted to all sources. If any access groups are specified, only the specified access is granted. This facility provides minimal security for the time services of the system. However, it can be circumvented by a determined programmer. If tighter security is desired, use the NTP authentication facility.
Examples
The following example configures the system to allow itself to be synchronized by a peer from access list 99. However, the system restricts access to allow only time requests from access list 42.
ntp access-group peer 99ntp access-group serve-only 42Related Commands
access-list
Configures the access list mechanism for filtering frames by protocol type or vendor code.
ntp authenticate
To enable Network Time Protocol (NTP) authentication, use the ntp authenticate global configuration command. Use the no form of this command to disable the feature.
ntp authenticate
no ntp authenticate
Syntax Description
This command has no arguments or keywords.
Defaults
No authentication
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command if you want authentication. If this command is specified, the system will not synchronize to a system unless it carries one of the authentication keys specified in the ntp trusted-key command.
Examples
The following example configures the system to synchronize only to systems providing authentication key 42 in its NTP packets:
ntp authenticatentp authentication-key 42 md5 aNiceKeyntp trusted-key 42Related Commands
Defines an authentication key for Network Time Protocol (NTP).
Authenticates the identity of a system to which Network Time Protocol (NTP) will synchronize.
ntp authentication-key
To define an authentication key for Network Time Protocol (NTP), use the ntp authentication-key global configuration command. Use the no form of this command to remove the authentication key for NTP.
ntp authentication-key number md5 value
no ntp authentication-key number
Syntax Description
Defaults
No authentication key is defined for NTP.
Command Modes
Global configuration
Command History
Usage Guidelines
Use this command to define authentication keys for use with other NTP commands in order to provide a higher degree of security.
Note
