Exec Mode (T-Z)

Exec Mode (T-Z)
 
This section includes the commands telnet through upgrade url-blacklisting database.
The Exec Mode is the initial entry point into the command line interface system. Exec mode commands are useful in troubleshooting and basic system monitoring.
telnet
Connects to a remote host using the terminal-remote host protocol.
Product
All
Privilege
Security Administrator, Administrator, Operator
Syntax
telnet { host_name | host_ip_address } [ port port_num ]
host_name | host_ip_address
Identifies the remote node with which to attempt connection.
host_name: specifies the remote node using its logical host name which must be resolved via DNS lookup.
host_ip_address: specifies the remote node using its assigned IP address entered using the IPv4 dotted-decimal notation.
port port_num
Specifies a specific port for connect connection as an integer from 1025 through 10000.
Usage
Telnet to a remote node for maintenance activities and/or troubleshooting when unable to do so directly.
note_smallImportant: telnet is not a secure method of connecting between two hosts. ssh should be used whenever possible for security reasons.
Example
The following connects to remote host remoteABC.
telnet remoteABC
The following connects to remote host 10.2.3.4 port 2047.
telnet 10.2.3.4 port 2047
terminal
Sets the number of rows or columns for display output.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
terminal { length lines | width characters }
length lines | width characters
length lines: sets the terminal length in number of lines (rows) of text from 5 to 4294967295 lines or the special value of 0 (zero). The value 0 sets the terminal length to infinity.
width characters: sets the terminal width in number of characters from 5 to 512 characters.
Usage
Set the length to 0 (infinite) when collecting the output of a command line interface session which is part of a scripted interface.
Example
The following sets the length then width in two commands.
terminal length 66
terminal width 160
The following command sets the number of rows of the terminal to infinity.
terminal length 0
test alarm
Tests the alarm capabilities of the chassis.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
test alarm { audible | central-office { critical | major | minor } }
audible | central-office { critical | major | minor }
audible: Tests the internal alarm on the System Management Card (SMC) for 10 seconds. The alarm status is returned to its prior state, such as if the audible alarm was enabled prior to the test, the alarm will again be enabled following the test.
central-office { critical | major | minor }: Tests the specified central office alarm type.
Usage
Test the alarm capabilities of the chassis as periodic maintenance to verify the hardware for generation of the internal audible alarms is functional.
Caution_iconCaution: The use of test commands could adversely affect the operation of your system. It is recommended that they only be used under the guidance and supervision of qualified support representative.
Example
test alarm audible
test alarm central-office critical
test alarm central-office major
test alarm central-office minor
test ipcf bindmux
Tests the status of the IPCF BindMux Manager instance and also starts or stops the BindMux Manager instance on the chassis.
Product
IPCF
Privilege
Security Administrator, Administrator, Operator
Syntax
test ipcf bindmux [ start | stop ]
start
Starts the IPCF BindMux Manager on the chassis. If already an instance of IPCF BindMux Manager is running it prompts accordingly.
stop
Stops the IPCF BindMux Manager instance running on the chassis.
Usage
Use this command to test the status of IPCF BindMux Manager instance and also to start or stop the BindMux Manager instance on the chassis.
Caution_iconCaution: The use of test commands could adversely affect the operation of your system. It is recommended that they only be used under the guidance and supervision of qualified support representative.
Example
The following command stops the BindMux Manager instance running on the chassis:
test ipcf bindmux stop
test ipsec tunnel
Tests a specified IPSec tunnel.
Product
All
Privilege
Security Administrator, Administrator, Operator
Syntax
test ipsec tunnel { ip pool | pool_name destination-ip ip_address }
ip pool pool_name destination-ip ip_address
ip pool pool_name: Specifies the name of an existing IP pool as an alphanumeric string of 1 through 32 characters.
destination-ip ip_address: Specifies a destination IP address in IPv4 dotted-decimal or IPv6 colon-separated notation
Usage
Use this command to test a specified IPSec tunnel.
Caution_iconCaution: The use of test commands could adversely affect the operation of your system. It is recommended that they only be used under the guidance and supervision of qualified support representative.
Example
test ipsec tunnel ip pool pool3 destination-ip 10.2.3.4
test mobile tunnel
Tests for the existence of a specified mobile tunnel.
Product
All
Privilege
Security Administrator, Administrator, Operator
Syntax
test mobile tunnel { callid call_id | imsi imsi_value | ipaddr ip_address | msid msid_num | nai nai_value }
callid call_id
Specifies the exact call instance ID which is to have trace data logged.as a 4-byte hexadecimal number.
imsi imsi_value
Specifies the International Mobile Subscriber Identity (IMSI) of the subscriber session to be monitored an integer from 1 though 15 characters.
ipaddr ip_address
Specifies the IP address of the subscriber session to be monitored in IPv4 dotted-decimal or IPv6 colon-separated notation.
msid msid_num
Specifies the mobile subscriber identification number to be monitored as 7 to 16 digits of an IMSI, MIN, or RMI.
nai nai_value
Specifies the mobile session Network Access Identifier as an alphanumeric string of 1 through 256 characters. The NAI is the user identity submitted by the client during network access authentication.
Usage
Use this command to test a specified mobile tunnel.
Caution_iconCaution: The use of test commands could adversely affect the operation of your system. It is recommended that they only be used under the guidance and supervision of qualified support representative.
Example
test mobile tunnel ipaddr 192.64.66.9
timestamps
Enables or disables the generation of a timestamp in response to each command entered. The timestamp does not appear in any logs as it is a CLI output only. This command affects the current CLI session only. Use the timestamps command in the Global Configuration Mode to change the behavior for all future CLI sessions.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
[ no ] timestamps
no
Disables generation of timestamp output for each command entered. When omitted, the output of a timestamp for each entered command is enabled.
Usage
Enable timestamps when logging a CLI session on a remote terminal such that each command will have a line of text indicating the time when the command was entered.
traceroute
Collects information on the route data will take to a specified host.
Product
All
Privilege
Security Administrator, Administrator, Operator, Inspector
note_smallImportant: Inspector privileges are granted for all variables except count and port. To initiate a traceroute count or to target a specific port for a traceroute, you must have a minimum privilege level of Operator.
Syntax
traceroute { host_name | host_ip_address } [ count packets ] [ df ] [ maxttl max_ttl ] [ minttl min_ttl ] [ port port_num ] [ size octet_count ] [ src { src_host_name | src_host_ip_address } ] [ timeout seconds ] [ | { grep grep_options | more } ]
host_name | host_ip_address
Identifies the remote node to trace the route to.
host_name: specifies the remote node using its logical host name which must be resolved via DNS lookup.
host_ip_address: specifies the remote node using its assigned IP address entered using the IPv4 dotted-decimal notation.
count packets
Specifies the number of UDP probe packets to send. Default: 3
df
Indicates the packets for the tracing of the route should not be fragmented. If a packet requires fragmenting, it is dropped and the result is the ICMP response “Unreachable, Needs Fragmentation” is received.
maxttl max_ttl
Specifies the maximum time to live for the route tracing packets as an integer from 1 through 255. max_ttl must be greater than min_ttl whether min_ttl is specified or defaulted. Default: 30
The time to live (TTL) is the number of hops through the network; it is not a measure of time.
minttl min_ttl
Specifies the minimum time to live for the route tracing packets as an integer from 1 through 255. min_ttl must be less than max_ttl whether max_ttl is specified or defaulted. Default: 1
The time to live (TTL) is the number of hops through the network; it is not a measure of time.
port port_num
Specifies a specific port for connection as an integer from 1 through 65535. Default: 33434
size octet_count
Specifies the number of bytes for each packet as an integer from 40 through 32768. Default: 40
src { src_host_name | src_host_ip_address }
Specifies an IP address to use in the packets as the source node. Default: originating system’s IP address
src_host_name: specifies the remote node using its logical host name which must be resolved via a DNS lookup.
src_host_ip_address: specifies the remote node using its assigned IP address specified entered using IPv4 dotted-decimal notation.
timeout seconds
Specifies the maximum time (in seconds) to wait for a response from each route tracing packet as an integer from 2 through 100. Default: 5
grep grep_options | more
Pipes (sends) the output of this command to the specified command. You must specify a command to which the output of this command will be sent.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in this guide.
Usage
Trace an IP route when troubleshooting network problems where certain nodes are having significant packet delays or packet loss. This can also be used to identify bottlenecks in the routing of data within the network.
Example
The following command traces the route to remote host remoteABC and sends the output to the more command.
traceroute remoteABC | more
The following command traces the route to remote host 10.2.3.4’s port 2047 waiting a maximum of 2 seconds for responses.
traceroute 10.2.3.4 port 2047 timeout 2
update active-charging
Updates specified active charging option(s) for the matching sessions.
Product
ACS, FW, NAT, TPO
Privilege
Security Administrator, Administrator, Operator, Inspector
Syntax
update active-charging { switch-to-fw-and-nat-policy fw_nat_policy_name | switch-to-rulebase rulebase_name | switch-to-tpo-policy tpo_policy_name } { all | callid call_id | fw-and-nat-policy fw_nat_policy_name | imsi imsi | ip-address ip_address | msid msid | rulebase rulebase_name | tpo-policy tpo_policy_name | username user_name } [ -noconfirm ] [ | { grep grep_options | more } ]
switch-to-fw-and-nat-policy fw_nat_policy_name
Specifies an existing Firewall-and-NAT policy to switch to as an alphanumeric string of 1 through 63 characters.
switch-to-rulebase rulebase_name
Specifies an existing rulebase to switch to as an alphanumeric string of 1 through 63 characters.
switch-to-tpo-policy tpo_policy_name
Specifies an existing TPO policy to switch to as an alphanumeric string of 1 through 63 characters.
all
Updates rulebase/policy for all subscribers.
callid call_id
Updates rulebase/policy for the Call Identification number specified as an eight-digit hexadecimal number.
fw-and-nat-policy fw_nat_policy_name
Updates the rulebase/policy for sessions matching an existing Firewall-and-NAT policy specified as an alphanumeric string of 1 through 63 characters.
imsi imsi
Updates rulebase/policy for International Mobile Subscriber Identification (IMSI) specified here.
imsi must be 3 digits of MCC (Mobile Country Code), 2 or 3 digits of MNC (Mobile Network Code), and the rest with MSIN (Mobile Subscriber Identification Number). The total should not exceed 15 digits. For example, 123-45-678910234 can be entered as 12345678910234.
ip-address iP_address
Updates rulebase/policy for the IP address specified in IPv4 dotted-decimal or IPv6 colon-separated notation.
msid msid
Updates rulebase/policy for an MSID specified as a string of 1 through 24 characters.
rulebase rulebase_name
Updates rulebase/policy for sessions matching an existing rulebase specified as an alphanumeric string of 1 through 63 characters.
tpo-policy tpo_policy_name
Updates rulebase/policy for sessions matching an existing TPO policy specified as an alphanumeric string of 1 through 63 characters.
username user_name
Updates rulebase/policy for user specified as a an alphanumeric of characters and/or wildcard characters ('$' and '*') of 1 through 127 characters.
-noconfirm
Executes the command without any additional prompt and confirmation from the user.
| { grep grep_options | more }
Pipes (sends) the output of this command to the specified command. You must specify a command to which the output of this command will be sent.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in the Command Line Interface Reference.
Usage
Use this command to change specified active charging option(s) for the matching sessions.
Example
The following command changes the rulebase for sessions using the rulebase named standard to use the rulebase named super:
update active-charging switch-to-rulebase super rulebase standard
update cscf
Causes a NOTIFY to be triggered from CSCF based on registration state and event and indicating the expiry timer value for each contact as “reauthentication-time” provided from the CLI. The subscriber is supposed to send a fresh REGISTER message within “reauthentication-time”, which will be challenged by CSCF as part of reauthentication. If reauthentication fails, the subscriber will be cleared after “reauthentication-time”.
Product
SCM (P-CSCF, S-CSCF)
Privilege
Administrator
Syntax
update cscf subscriber { all | username user_name } cscf-service service_name { { [ contact contact_address ] reg-state { active event { refreshed | shortened } time sec } | terminated event { deactivated | expired | rejected | unregistered } } | reauthentication-time sec } [ verbose ]
subscriber { all | username user_name }
Updates CSCF subscriber data.
all: Updates data for all subscribers within a specified CSCF service.
username user_name: Specifies the name of a user within the current context as an alphanumeric string of 1 through 127 characters that is case sensitive.
cscf-service service_name
Specifies a configured CSCF service as an alphanumeric string of 1 and 63 characters that is case sensitive.
contact contact_address
Specifies the contact address of the subscriber as an alphanumeric string of 1 through 255 characters.
reg-state
Specifies the registration state of the subscriber.
active event { refreshed | shortened } time sec }
Specifies the registration state active event type.
refreshed: Specifies registration state active event as refreshed.
shortened: Specifies registration state active event as shortened.
time sec: Specifies the time (in seconds) within which subscriber is expected to re-authenticate as an integer from 1 to 86400.
terminated event { deactivated | expired | rejected | unregistered }
Specifies the registration state terminated event type.
deactivated: Specifies registration state terminated event as deactivated.
expired: Specifies registration state terminated event as expired.
rejected: Specifies registration state terminated event as rejected.
unregistered: Specifies registration state terminated event as unregistered.
reauthentication-time sec
Specifies the time (in seconds) within which the subscriber is expected to re-authenticate as an integer from 1 to 86400.
verbose
Show detailed information.
Usage
This command is only applicable for a P-CSCF and S-CSCF service. When optional contact ID is not specified, all the contact IDs associated with specified user or all users will be updated and trigger NOTIFY.
note_smallImportant: reauthentication-time should be greater than the current expiry time of the contact so that CSCF will initiate the NOTIFY message.
Example
The following command sets the reauthentication time for all CSCF subscribers in the scscf1 S-CSCF service to 500 seconds:
update cscf subscriber all cscf-service scscf1 reauthentication-time 500
update firewall policy
This command is obsolete.
update ip
When you update an IP Access list, this command forces the new version of the access list to be applied to any subscriber sessions that are currently using that list.
Product
PDSN, GGSN, ASN-GW
Privilege
Security Administrator, Administrator
Syntax
update ip access-list list_name subscribers [ command_keyword ] [ filter_keywords ] [ | { grep grep_options | more } ]
list_name
Specifies the name of an existing IP Access list that you want to apply to the subscriber as an alphanumeric string of 1 through 47 characters.
[ command_keyword ] [ filter_keywords ]
These are the same command keywords and filter keywords available for the show subscribers command.
grep grep_options | more
Pipes (sends) the output of this command to the specified command. You must specify a command to which the output of this command will be sent.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in this guide.
Usage
Use this command to force existing subscriber sessions that are already using a specific IP Access list to have that IP Access list reapplied. This is useful when you edit an IP Access list and want to make sure that even existing subscriber sessions have the new changes applied.
Example
To apply the IP Access list named ACLlist1 to all existing subscribers that are already using that IP Access list, enter the following command:
update ip access-list ACLlist1 subscribers all
update qos policy map
Updates QoS profile information based on specific subscriber policy maps.
Product
All
Privilege
Security Administrator, Administrator
Syntax
update qos policy-map map_name use-granted-profile-id id1 [ id2 ] [ id3 ] subscribers [ command_keyword ] [ filter_keywords ] [ -noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grep grep_options | more } ]
map_name
Specifies the name of an existing policy map as an alphanumeric string of 1 through 15 characters.
use-granted-profile-id id1 [ id2 ] [ id3 ]
Specifies the profile IDs to update. Up to three different profile IDs can be specified.
Each profile ID is specified as a hexadecimal value from 0x0 and 0xFFFF.
subscribers [ command_keyword ] [ filter_keywords ]
These are the same command keywords and filter keywords available for the show subscribers command.
[ -noconfirm ]
Updates matching subscribers without prompting for confirmation.
[ verbose ]
Displays details for the profile updates.
[ match-requested-profile-id ]
Sends session-updates only to profile-ids matching the profile-ids in the requested list.
grep grep_options | more
Pipes (sends) the output of this command to the specified command. You must specify a command to which the output of this command will be sent.
For details on the usage of grep and more, refer to the Regulating a Command’s Output section of the Command Line Interface Overview chapter in this guide.
Usage
Use this command to update subscriber session profile IDs based on the specified criteria.
Example
The following command updates profile IDs 0x3E and 0x4C for all subscriber sessions and sends session-updates with the IDs:
update qos policy-map test use-granted-profile-id 0x3E 0x4C subscribers all match-requested-profile-id
update qos tft
Updates the subscriber traffic flow template (TFT) associated with the flow ID and direction.
Product
All
Privilege
Security Administrator, Administrator
Syntax
update qos tft flow-id flow-id flow-dir { forward | reverse } use-granted-profile-id id1 [ id2 ] [ id3 ] subscribers [ command_keyword ] [ filter_keywords ] [-noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grep grep_options | more }
flow-id flow-id
Sends session updates only when the flow ID matches the flow-id and flow-direction. flow-id must be specified as an integer from 1 through 255.
flow-dir { forward | reverse }
Specifies the direction of the TFT flow.
subscribers [ command_keyword ] [ filter_keywords ]]
These are the same command keywords and filter keywords available for the show subscribers command.
Usage
Supports QoS updates based on subscriber TFTs.
Example
update qos tft flow-id 0 flow-dir reverse use-granted-profile-id 0x0 subscribers all -noconfirm
upgrade
Installs major software releases to the system.
Product
All
Privilege
Security Administrator, Administrator
Syntax
upgrade { online | patch } image_url config cfg_url [ -noconfirm ]
online
Perform a software upgrade from one release version to another. The online upgrade is only available for software release 3.5 and higher.
patch
Install an interim, or patch, software release.
note_smallImportant: Software Patch Upgrades are not supported in this release.
image_url
Specifies the location of a image file to use for system startup. The URL may refer to a local or a remote file. The URL must be formatted as follows:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /directory ]/file_name
[ http: | tftp: ]//{ host[ :port# ] }[ /directory ]/file_name
note_smallImportant: Do not use the following characters when entering a string for the field names below: “/” (forward slash), “:” (colon) or “@” (at sign).
directory is the directory name.
filename is the actual file of interest.
host is the IP address or host name of the server.
port# is the logical port number that the communication protocol is to use.
note_smallImportant: A file intended for use on an ASR 5000 uses the convention xxxxx.ASR5000.bin, where xxxxx is the software build information.
note_smallImportant: When using the TFTP, you should use a server that supports large blocks, per RFC 2348. This can be implemented by using the “block size option” to ensure that the TFTP service does not restrict the file size of the transfer to 32MB.
config config_path
Specifies the location of a configuration file to use for system startup. This must be formatted as follows:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /path ]/filename
Where path is the directory structure to the file of interest, and filename is the name of the configuration file. This file typically has a .cfg extension.
-noconfirm
Executes the command without any additional prompt and confirmation from the user.
Usage
Use the upgrade online command to perform a software upgrade when upgrading from one software release version to another, providing that both versions support this feature. For example, you can use this method to upgrade from release version 3.5 (any build number) to version 4.0 (any build number), but you cannot use this method to upgrade from release version 3.0 to version 3.5 since version 3.0 does not support the feature.
note_smallImportant: Software Patch Upgrades are not supported in this release.
note_smallImportant: This command is not supported on all platforms.
Example
The following command performs a major software release upgrade from an older version to a newer version. In this example the new software image file is in a subdirectory on a tftp server, and the configuration file is in a subdirectory on the local flash at tftp://host[/path]/filename.
upgrade online tftp://imageserver/images/image.bin config /flash/configurations/localconfig.cfg
upgrade content-filtering
Upgrades the Static Rating Database (SRDB) for Category-based Content Filtering application.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
upgrade content-filtering category { database | rater-pkg }
upgrade content-filtering category database
Triggers the upgrade of the Category-based Content Filtering Static Rating Database (SRDB).
upgrade content-filtering category rater-pkg
Triggers manual upgrade of the Dynamic Content-Filtering Rater Package (rater.pkg file).
The rater.pkg file contains the models and feature counters that are used to return the dynamic content rating. The upgrade will trigger distribution of the rater.pkg to all the SRDBs.
note_smallImportant: This command is customer specific. For more information, please contact your local sales representative.
Usage
Use this command to load the Static Rating Database (SRDB) in to memory for Category-based Content Filtering application, and/or to load the rater.pkg file.
If the default directory of /cf does not exist on the flash, it will create the same. It also locates the recent full database and loads it into memory. This command also clears the old and excess incremental databases.
note_smallImportant: This command is not supported on all platforms.
Example
The following command upgrades the SRDB for the Category-based Content Filtering application:
upgrade content-filtering category database
upgrade tethering-detection
Upgrades the Tethering Detection feature’s database(s).
Product
ACS
Privilege
Security Administrator, Administrator
Syntax
upgrade tethering-detection database { all | os-signature | tac | ua-signature } [ -noconfirm ]
all
Upgrades all Tethering Detection databases—OS, TAC and UA.
os-signature
Upgrades only the OS database.
tac
Upgrades only the TAC database.
ua-signature
Upgrades only the UA database.
- noconfirm
Executes the command without any prompts and confirmation from the user.
Usage
Use this command to upgrade the database(s) used by the Tethering Detection feature.
This command upgrades the database(s) from file(s) kept in designated path. The name of the existing source file is prefixed with the word “new-”. For example for OS DB, if the existing file name is “os-db”, the upgrade file name is “new-os-db”.
If there is a file named “new-xxx-db”, it is verified that it is a valid Tethering Detection database and then loaded it into memory. If successful, the files is renamed “xxx-db” to “xxx-db-<number>” and then renamed “new-xxx-db” to “new-xxx-db”.
For example, the command upgrade tethering-database ua-signature -noconfirm results in loading the file by name “new-ua-db” if it is present in the designated directory. In case of a successful upgrade, the previous version of the database is stored as backup in a file named “ua-db-1”. Also, the newly uploaded database file is renamed as “ua-db”.
Also see the tethering-database command in the ACS Configuration Mode Commands chapter.
Example
The following command upgrades all Tethering Detection databases:
upgrade tethering-detection database all -noconfirm
upgrade url-blacklisting database
Upgrades the URL blacklisting database.
Product
CF
Privilege
Security Administrator, Administrator
Syntax
upgrade url-blacklisting database [ -noconfirm ]
-noconfirm
Executes the command without any additional prompt and confirmation from the user.
Usage
Use this command to upgrade and load a URL blacklisting database whenever required.
Example
upgrade url-blacklisting database
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883