Exec Mode (T-Z)


Exec Mode (T-Z)
 
 
This section includes the commands telnet through upgrade url-blacklisting database.
 
telnet
Connects to a remote host using the terminal-remote host protocol.
Product
All
Privilege
Security Administrator, Administrator, Operator
Syntax
telnet { host_name | host_ip_address } [ portport_num ]
host_name | host_ip_address
Identifies the remote node to attempt to connect to.
host_name: specifies the remote node using the node’s logical host name which must be resolved via DNS lookup.
host_ip_address: specifies the remote node using the node’s assigned IP address specified using the standard IPv4 dotted decimal notation.
port port_num
Specifies a specific port to connect to where port_num must be a value in the range 1025 through 10000.
Usage
Telnet to a remote node for maintenance activities and/or troubleshooting when unable to do so directly.
Important: telnet is not a secure method of connecting between two hosts. ssh should be used whenever possible for security reasons.
Example
The following connects to remote host remoteABC.
telnet remoteABC
The following connects to remote host 1.2.3.4 port 2047.
telnet 1.2.3.4 port 2047
 
terminal
Sets the number of rows or columns for output.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
terminal { lengthlines | widthcharacters }
length lines | width characters
length lines: sets the terminal length in number of lines (rows) of text from 5 to 4294967295 lines or the special value of 0 (zero). The value 0 sets the terminal length to infinity.
width characters: sets the terminal width in number of characters from 5 to 512 characters.
Usage
Set the length to 0 (infinite) when collecting the output of a command line interface session which is part of a scripted interface.
Example
The following sets the length then width in two commands.
terminal length 66
terminal width 160
The following command sets the number of rows of the terminal to infinity.
terminal length 0
 
test alarm
Tests the alarm capabilities of the chassis.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
test alarm { audible | central-office { critical | major | minor } }
audible | central-office { critical | major | minor }
audible: indicates that the internal alarm on the system management card is to be tested for 10 seconds. The alarm status is returned to its prior state, i.e., if the audible alarm was enabled prior to the test, the alarm will again be enabled following the test.
central-office { critical | major | minor }: indicates the central office alarms are to be tested for the specified CO alarm.
Usage
Test the alarm capabilities of the chassis as periodic maintenance to verify the hardware for generation of the internal audible alarms is functional.
Example
test alarm audible
test alarm central-office critical
test alarm central-office major
test alarm central-office minor
 
timestamps
Enables/disables the generation of a timestamp in response to each command entered. The timestamp does not appear in any logs as it is a CLI output only. This command affects the current CLI session only. Use the timestamps command in the Global Configuration Mode to change the behavior for all future CLI sessions.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
timestamps
no timestamps
no
Disables generation of timestamp output for each command entered. When omitted, the output of a timestamp for each entered command is enabled.
Usage
Enable timestamps when logging a CLI session on a remote terminal such that each command will have a line of text indicating the time when the command was entered.
 
traceroute
Collects information on the route data will take to a specified host.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Important: Inspector privileges are granted for all variables except count and port. To initiate a traceroute count or to target a specific port for a traceroute, you must have a minimum privilege level of Operator.
Syntax
traceroute { host_name | host_ip_address } [ countpackets ] [ df ] [ maxttlmax_ttl ] [ minttlmin_ttl ] [ portport_num ] [ sizeoctet_count ] [ src { src_host_name | src_host_ip_address } ] [ timeoutseconds ] [ | { grepgrep_options | more } ]
host_name | host_ip_address
Identifies the remote node to trace the route to.
host_name: specifies the remote node using the node’s logical host name which must be resolved via DNS lookup.
host_ip_address: specifies the remote node using the node’s assigned IP address specified using the standard IPv4 dotted decimal notation.
count packets
Default: 3
Specifies the number of UDP probe packets to send.
df
Indicates the packets for the tracing of the route should not be fragmented. If a packet would require fragmenting then it is dropped and the result is the ICMP response “Unreachable, Needs Fragmentation” is received.
maxttl max_ttl
Default: 30
Specifies the maximum time to live, in seconds, for the route tracing packets. max_ttl must be specified as a value in the range of 1 through 255. It is an error if max_ttl is less than min_ttl whether min_ttl is specified or defaulted.
The time to live (TTL) is the number of hops through the network, i.e., it is not a measure of time.
minttl min_ttl
Default: 1
Specifies the minimum time to live, in seconds, for the route tracing packets. min_ttl must be specified as a value in the range of 1 through 255. It is an error if min_ttl is greater than max_ttl whether max_ttl is specified or defaulted.
The time to live (TTL) is the number of hops through the network, i.e., it is not a measure of time.
port port_num
Default: 33434
Specifies a specific port to connect to where port_num must be a value in the range 1 through 65535.
size octet_count
Default: 40
Specifies the number of bytes each packet. octet_count must be a value in the range 40 through 32768.
src { src_host_name | src_host_ip_address }
Default: originating system’s IP address
Specifies an IP address to use in the packets as the source node.
src_host_name: specifies the remote node using the node’s logical host name which must be resolved via DNS lookup.
src_host_ip_address: specifies the remote node using the node’s assigned IP address specified using the standard IPv4 dotted decimal notation.
timeout seconds
Default: 5
Specifies the maximum time to wait for a response from each route tracing packet. seconds must be a value in the range 2 through 100.
grep grep_options | more
Indicates the output of the command is to be piped (sent) to the command specified. A command to send output to must be specified.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in the Cisco ASR 500 Series-series Command Line Interface Reference.
Usage
Trace an IP route when troubleshooting network problems where certain nodes are having significant packet delays or packet loss. This can also be used to identify bottlenecks in the routing of data within the network.
Example
The following traces the route to remote host remoteABC and sends the output to the more command.
traceroute remoteABC | more
The following command traces the route to remote host 1.2.3.4’s port 2047 waiting a maximum of 2 seconds for responses.
traceroute 1.2.3.4 port 2047 timeout 2
 
update active-charging
This command updates specified active charging option(s) for the matching sessions.
Product
ACS, FW, NAT
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
update active-charging { switch-to-fw-and-nat-policy fw_nat_policy | switch-to-rulebase rulebase } { all | callid call_id| fw-and-nat-policy fw_nat_policy| imsi imsi | ip-address ipv4_address | msid msid | rulebase rulebase | username user_name } [ -noconfirm ] [ | { grep grep_options | more } ]
switch-to-fw-and-nat-policy
Switch to the specified Firewall-and-NAT policy.
fw_nat_policy must be a string of 1 through 63 characters in length.
switch-to-rulebase
Switch to the specified rulebase.
rulebase must be a string from 1 through 63 characters in length.
all
Updates rulebase for all subscribers.
callid call_id
Specific Call identification number.
call_id must be an eight-digit HEX number.
fw-and-nat-policy fw_nat_policy
Specific Firewall-and-NAT policy.
fw_nat_policy must be a string from 1 through 63 characters in length.
imsi imsi
Specific International Mobile Subscriber Identification (IMSI).
imsi must be 3 digits of MCC (Mobile Country Code), 2 or 3 digits of MNC (Mobile Network Code), and the rest with MSIN (Mobile Subscriber Identification Number). The total should not exceed 15 digits. For example, 123-45-678910234 can be entered as 12345678910234.
ip-address ipv4_address
Specific IPv4 IP address.
ipv4_address must be IPv4 address in dotted decimal notation.
msid msid
Updates rulebase for a specific MSID.
msid must be a string of 1 through 24 characters in length.
rulebase rulebase
Updates rulebase for sessions matching the specified rulebase.
rulebase must be a string from 1 through 63 characters in length.
username user_name
Updates rulebase for a specific user.
user_name must be a sequence of characters and/or wildcard characters ('$' and '*')> - string of 1 through 127 characters in length.
-noconfirm
Specifies that the command is to execute without any additional prompt and confirmation from the user.
| { grep grep_options | more }
Specifies that output of this command is to be piped (sent) to the command specified. A command to send the output to must be specified.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in the Command Line Interface Reference.
Usage
Use this command to change specified active charging option(s) for the matching sessions.
Example
The following command changes the rulebase for sessions using the rulebase named standard to use the rulebase named super:
update active-charging switch-to-rulebase super rulebase standard
 
update cscf
This command will cause a NOTIFY to be triggered from S-CSCF with contact event as “shortened” and indicating the expiry timer value for each contact as “reauthentication-time” provided from CLI. The subscriber is supposed to send a fresh REGISTER message within “reauthentication-time”, which will be challenged by S-CSCF in order to accomplish reauthentication. If reauthentication does not occur/fails, the subscriber will be cleared after “reauthentication-time”.
Product
SCM (S-CSCF)
Privilege
Administrator
Syntax
update cscf subscriber { all | username user_name } cscf-service service_name reauthentication-time seconds [ verbose ]
subscriber { all | username user_name }
Updates cscf subscriber data.
all: Updates data for all subscribers within a specified S-CSCF service.
username user_name: Name of specific user within current context. can be between 1 and 127 alpha and/or numeric characters and is case sensitive.
cscf-service service_name
Specific configured S-CSCF service. service_name can be between 1 and 63 alpha and/or numeric characters and is case sensitive.
reauthentication-time seconds
Specify the time within which subscriber is expected to reauthenticate. seconds must be an integer from 1 to 86400 seconds.
verbose
Show detailed information.
Usage
This command is only applicable for an S-CSCF service.
Important: reauthentication-time should be greater than the current expiry time of the contact so that S-CSCF will initiate the NOTIFY message.
Example
The following command sets the reauthentication time for all CSCF subscribers in the scscf1 S-CSCF service to 500 seconds:
update cscf subscriber all cscf-service scscf1 reauthentication-time 500
 
update firewall policy
This command is obsolete.
 
update ip
When you update an IP Access list, this command forces the new version of the access list to be applied to any subscriber sessions that are currently using that list.
Product
PDSN, GGSN, ASN-GW
Privilege
Security Administrator, Administrator
Syntax
update ip access-list list_name subscribers [ command_keyword ] [ filter_keywords ] [ | { grep grep_options | more } ]
list_name
This is the name of the IP Access list that you want to apply to the subscriber.
[ command_keyword ] [ filter_keywords ]
These are the same command keywords and filter keywords available for the show subscribers command.
grep grep_options | more
Indicates the output of the command is to be piped (sent) to the command specified. A command to send output to must be specified.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in the Cisco ASR 500 Series Command Line Interface Reference.
Usage
Use this command to force existing subscriber sessions that are already using a specific IP Access list to have that IP Access list reapplied. This is useful when you edit an IP Access list and want to make sure that even existing subscriber sessions have the new changes applied.
Example
To apply the IP Access list named ACLlist1 to all existing subscribers that are already using that IP Access list, enter the following command:
update ip access-list ACLlist1 subscribers all
 
update qos policy map
Updates QoS profile information based on specific subscriber policy maps.
Product
All
Privilege
Security Administrator, Administrator
Syntax
update qos policy-map map_name use-granted-profile-id id1 [ id2 ] [ id3 ] subscribers [ command_keyword ] [ filter_keywords ] [ -noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grep grep_options | more } ]
map_name
Specifies the name of the policy map. map_name can be from 1 to 15 alpha and/or numeric characters in length.
use-granted-profile-id id1 [ id2 ] [ id3 ]
Specifies the profile IDs to update. Up to 3 different profile IDs can be specified.
Each profile ID is specified as a hexadecimal value from 0x0 and 0xFFFF.
subscribers [ command_keyword ] [ filter_keywords ]
These are the same command keywords and filter keywords available for the show subscribers command.
[ -noconfirm ]
Updates matching subscribers without prompting for confirmation.
[ verbose ]
Displays details for the profile updates.
[ match-requested-profile-id ]
Causes the system to send session-updates only with profile-ids matching the profile-ids in the requested list.
grep grep_options | more
Indicates the output of the command is to be piped (sent) to the command specified. A command to send output to must be specified.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in the Cisco ASR 500 Series Command Line Interface Reference.
Usage
Use this command to update subscriber session profile IDs based on the specified criteria.
Example
The following command updates profile IDs 0x3E and 0x4C for all subscriber sessions and sends session-updates with the IDs:
update qos policy-map test use-granted-profile-id 0x3E 0x4C subscribers all match-requested-profile-id
 
update qos tft
Updates the subscribers TFT associated with the flow ID and direction.
Product
All
Privilege
Security Administrator, Administrator
Syntax
update qos tft flow-id flow-id flow-dir {forward | reverse} use-granted-profile-id id1[id2] [id3] subscribers [ command_keyword ] [ filter_keywords ][-noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grepgrep_options | more }
flow-id flow-id
When flow-id is specified, the session update will be sent only when the flow ID matches the flow-id and flow-direction.
The flow-id must be specified as a value in the range of 1 through 255.
flow-dir {forward | reverse}
The direction of the tft flow.
subscribers [ command_keyword ] [ filter_keywords ]
These are the same command keywords and filter keywords available for the show subscribers command.
Usage
Supports QoS updates based on subscriber TFTs.
Example
update qos tft flow-id 0 flow-dir reverse use-granted-profile-id 0x0 subscribers all -noconfirm
 
upgrade
This command installs major software releases to the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
upgrade { online | patch } image_urlconfigcfg_url [ -noconfirm ]
online
Perform a software upgrade from one release version to another. The online upgrade is only available for software release 3.5 and higher.
patch
Install an interim, or patch, software release.
Important: Software Patch Upgrades are not supported in this release.
image_url
Specifies the location of a image file to use for system startup. The URL may refer to a local or a remote file. The URL must be formatted according to one of the following formats:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /directory ]/file_name
[ http: | tftp: ]//{ host[ :port# ] }[ /directory ]/file_name
directory is the directory name.
filename is the actual file of interest.
host is the IP address or host name of the server.
port# is the logical port number that the communication protocol is to use.
Important: A file intended for use on an ASR 5000 uses the convention xxxxx.ASR5000.bin, where xxxxx is the software build information.
Important: When using the TFTP, it is advisable to use a server that supports large blocks, per RFC 2348. This can be implemented by using the “block size option” to ensure that the TFTP service does not restrict the file size of the transfer to 32MB.
config config_path
Specifies the location of a configuration file to use for system startup. This must be formatted according to the following format:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /path ]/filename
Where path is the directory structure to the file of interest, and filename is the name of the configuration file. This file typically has a .cfg extension.
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use the upgrade online command to perform a software upgrade when upgrading from one software release version to another, providing that both versions support this feature. For example, you can use this method to upgrade from release version 3.5 (any build number) to version 4.0 (any build number), but you cannot use this method to upgrade from release version 3.0 to version 3.5 since version 3.0 does not support the feature.
Important: Software Patch Upgrades are not supported in this release.
Important: This command is not supported on all platforms.
Example
The following command performs a major software release upgrade from an older version to a newer version. In this example the new software image file is in a subdirectory on a tftp server, and the configuration file is in a subdirectory on the local flash.tftp://host[/path]/filename
upgrade online tftp://imageserver/images/image.bin config /flash/configurations/localconfig.cfg
 
upgrade content-filtering
This command upgrades the Static Rating Database (SRDB) for Category-based Content Filtering application.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
upgrade content-filtering category { database | rater-pkg }
upgrade content-filtering category database
This command triggers upgrade of the Category-based Content Filtering Static Rating Database (SRDB).
upgrade content-filtering category rater-pkg
This command triggers manual upgrade of the Dynamic Content-Filtering Rater Package (rater.pkg file).
The rater.pkg file contains the models and feature counters that are used to return the dynamic content rating. The upgrade will trigger distribution of the rater.pkg to all the SRDBs.
Usage
Use this command to load the Static Rating Database (SRDB) in to memory for Category-based Content Filtering application, and/or to load the rater.pkg file.
If the default directory of /cf does not exist on the flash, it will create the same. It also locates the recent full database and loads it into memory. This command also clears the old and excess incremental databases.
Important: This command is not supported on all platforms.
Example
The following command upgrades the SRDB for the Category-based Content Filtering application:
upgrade content-filtering category database
 
upgrade url-blacklisting database
This command upgrade the URL Blacklisting database.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
upgrade url-blacklisting database [ -noconfirm ]
-noconfirm
Indicates that the command is to execute without any additional prompt and confirmation from the user.
Usage
Use this command to upgrade and load URL Blacklisting database whenever required.
Example
upgrade url-blacklisting database
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883