Exec Mode Commands
(T-Z)
This section includes
the commands telnet through upgrade url-blacklisting
database.
The Exec Mode is the
initial entry point into the command line interface system. Exec
mode commands are useful in troubleshooting and basic system monitoring.
IMPORTANT:
The commands or keywords/variables
that are available are dependent on platform type, product version,
and installed license(s).
telnet
Connects to a remote
host using the terminal-remote host protocol.
Platform:
ASR
5000
ASR
5500
Privilege:
Security Administrator,
Administrator, Operator
Syntax
telnet { host_name | host_ip_address } [ port port_num ]
host_name | host_ip_address
Identifies the remote
node with which to attempt connection.
host_name:
specifies the remote node using its logical host name which must
be resolved via DNS lookup.
host_ip_address:
specifies the remote node using its assigned IP address entered
using the IPv4 dotted-decimal notation.
port port_num
Specifies a specific
port for connect connection as an integer from 1025 through 10000.
Usage:
Telnet to a remote
node for maintenance activities and/or troubleshooting
when unable to do so directly.
IMPORTANT:
telnet is
not a secure method of connecting between two hosts. ssh should
be used whenever possible for security reasons.
Example:
The following connects
to remote host
remoteABC.
telnet remoteABC
The following connects
to remote host
10.2.3.4 port
2047.
telnet 10.2.3.4 port 2047
terminal
Sets the number of
rows or columns for display output.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
Syntax
terminal { length lines | width characters }
length lines | width characters
length lines: sets
the terminal length in number of lines (rows) of text from 5 to
4294967295 lines or the special value of 0 (zero). The value 0 sets
the terminal length to infinity.
width characters:
sets the terminal width in number of characters from 5 to 512 characters.
Usage:
Set the length to 0
(infinite) when collecting the output of a command line interface session
which is part of a scripted interface.
Example:
The following sets
the length then width in two commands.
terminal length 66
terminal width 160
The following command
sets the number of rows of the terminal to infinity.
terminal length 0
test alarm
Tests the alarm capabilities
of the chassis.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
Syntax
test alarm { audible | central-office { critical | major | minor } }
audible | central-office { critical | major | minor }
audible:
Tests the internal alarm on the ASR 5000 System Management
Card (SMC) or the ASR 5500 System Status Card (SSC) for
10 seconds. The alarm status is returned to its prior state, such
as if the audible alarm was enabled prior to the test, the alarm
will again be enabled following the test.
central-office { critical | major | minor }: Tests
the specified central office alarm type.
Usage:
Test the alarm capabilities
of the chassis as periodic maintenance to verify the hardware for
generation of the internal audible alarms is functional.
CAUTION:
The use of test commands
could adversely affect the operation of your system. It is recommended
that they only be used under the guidance and supervision of qualified
support representative.
Example:
test alarm audible
test alarm central-office critical
test alarm central-office major
test alarm central-office minor
test ipcf bindmux
Tests the status of
the IPCF BindMux Manager instance and also starts or stops the BindMux
Manager instance on the chassis.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator
Syntax
test ipcf bindmux [ start | stop ]
start
Starts the IPCF BindMux
Manager on the chassis. If already an instance of IPCF BindMux Manager
is running it prompts accordingly.
stop
Stops the IPCF BindMux
Manager instance running on the chassis.
Usage:
Use this command to
test the status of IPCF BindMux Manager instance and also to start or
stop the BindMux Manager instance on the chassis.
CAUTION:
The use of test commands
could adversely affect the operation of your system. It is recommended
that they only be used under the guidance and supervision of qualified
support representative.
Example:
The following command
stops the BindMux Manager instance running on the chassis:
test ipcf bindmux stop
test ipsec tunnel
ip-pool
Tests a specified IPSec
tunnel associated with an IP pool name.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator
Syntax
test ipsec tunnel ip
pool pool_name destination-ip ip_address }
pool_name destination-ip ip_address
ip pool pool_name:
Specifies the name of an existing IP pool as an alphanumeric string
of 1 through 32 characters.
destination-ip ip_address: Specifies
a destination IP address in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation
Usage:
Use this command to
test a specified IPSec tunnel.
CAUTION:
The use of test commands
could adversely affect the operation of your system. It is recommended
that they only be used under the guidance and supervision of qualified
support representative.
Example:
test ipsec tunnel ip
pool pool3 destination-ip 10.2.3.4
test mobile tunnel
Tests for the existence
of a specified mobile tunnel.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator
Syntax
test mobile tunnel { callid call_id | imsi imsi_value | ipaddr ip_address | msid msid_num | nai nai_value }
callid call_id
Specifies the exact
call instance ID which is to have trace data logged.as a 4-byte hexadecimal
number.
imsi imsi_value
Specifies the International
Mobile Subscriber Identity (IMSI) of the subscriber session to be monitored
an integer from 1 though 15 characters.
ipaddr ip_address
Specifies the IP address
of the subscriber session to be monitored in IPv4 dotted-decimal
or IPv6 colon-separated-hexadecimal notation.
msid msid_num
Specifies the mobile
subscriber identification number to be monitored as 7 to 16 digits
of an IMSI, MIN, or RMI.
nai nai_value
Specifies the mobile
session Network Access Identifier as an alphanumeric string of 1 through
256 characters. The NAI is the user identity submitted by the client
during network access authentication.
Usage:
Use this command to
test a specified mobile tunnel.
CAUTION:
The use of test commands
could adversely affect the operation of your system. It is recommended
that they only be used under the guidance and supervision of qualified
support representative.
Example:
test mobile tunnel
ipaddr 192.64.66.9
timestamps
Enables or disables
the generation of a timestamp in response to each command entered.
The timestamp does not appear in any logs as it is a CLI output
only. This command affects the current CLI session only. Use the timestamps command
in the Global Configuration Mode to change the behavior for all
future CLI sessions.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
no
Disables generation
of timestamp output for each command entered. When omitted, the output
of a timestamp for each entered command is enabled.
Usage:
Enable timestamps when
logging a CLI session on a remote terminal such that each command
will have a line of text indicating the time when the command was entered.
traceroute
Collects information
on the route data will take to a specified IPv4 host.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
IMPORTANT:
Inspector privileges
are granted for all variables except count and port.
To initiate a traceroute count or to target a specific port for
a traceroute, you must have a minimum privilege level of Operator.
Syntax
traceroute { host_name | host_ip_address } [ count packets ] [ df ] [ maxttl max_ttl ] [ minttl min_ttl ] [ port port_num ] [ size octet_count ] [ src { src_host_name | src_host_ip_address } ] [ timeout seconds ] [ vrf vrf_name ] [ | { grep grep_options | more } ]
host_name | host_ip_address
Identifies the remote
node to trace the route to.
host_name:
specifies the remote node using its logical host name which must
be resolved via DNS lookup.
host_ip_address:
specifies the remote node using its assigned IP address entered
using the IPv4 dotted-decimal notation.
count packets
Specifies the number
of UDP probe packets to send. Default: 3
df
Indicates the packets
for the tracing of the route should not be fragmented. If a packet requires
fragmenting, it is dropped and the result is the ICMP response “Unreachable,
Needs Fragmentation” is received.
maxttl max_ttl
Specifies the maximum
time to live for the route tracing packets as an integer from 1 through
255. max_ttl must
be greater than min_ttl whether min_ttl is
specified or defaulted. Default: 30
The time to live (TTL)
is the number of hops through the network; it is not a measure of time.
minttl min_ttl
Specifies the minimum
time to live for the route tracing packets as an integer from 1
through 255. min_ttl must
be less than max_ttl whether max_ttl is
specified or defaulted. Default: 1
The time to live (TTL)
is the number of hops through the network; it is not a measure of time.
port port_num
Specifies a specific
port for connection as an integer from 1 through 65535. Default: 33434
size octet_count
Specifies the number
of bytes for each packet as an integer from 40 through 32768. Default: 40
src { src_host_name | src_host_ip_address }
Specifies an IP address
to use in the packets as the source node. Default: originating system’s
IP address
src_host_name:
specifies the remote node using its logical host name which must
be resolved via a DNS lookup.
src_host_ip_address:
specifies the remote node using its assigned IP address specified
entered using IPv4 dotted-decimal notation.
timeout seconds
Specifies the maximum
time (in seconds) to wait for a response from each route tracing packet
as an integer from 2 through 100. Default: 5
vrf vrf_name
Specifies the name
of an existing virtual routing and forwarding (VRF) context associated with
this route as an alphanumeric string of 1 through 63 characters.
Associates a Virtual Routing and Forwarding (VRF) context with this
static ARP entry.
grep grep_options | more
Pipes (sends) the output
of this command to the specified command. You must specify a command
to which the output of this command will be sent.
For details on the
usage of grep and more, refer
to the Regulating a
Command’s Output section of the Command Line Interface
Overview chapter in this guide.
Usage:
Trace an IPv4 route
when troubleshooting network problems where certain nodes are having
significant packet delays or packet loss. This can also be used
to identify bottlenecks in the routing of data within the network.
Example:
The following command
traces the route to remote host
remoteABC and
sends the output to the more command.
traceroute remoteABC | more
The following command
traces the route to remote host
10.2.3.4’s
port
2047 waiting
a maximum of
2 seconds
for responses.
traceroute 10.2.3.4
port 2047 timeout 2
traceroute6
Collects information
on the route data will take to a specified IPv6 host.
Platform:
ASR
5000
ASR
5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
IMPORTANT:
Inspector privileges
are granted for all variables except count and port.
To initiate a traceroute count or to target a specific port for
a traceroute, you must have a minimum privilege level of Operator.
Syntax
traceroute6 { host_name | host_ipv6_address } [ count packets ] [ maxttl max_ttl ] [ port port_num ] [ size octet_count ] [ src { src_host_name | src_host_ipv6_address } ] [ timeout seconds ] [ vrf vrf_name ] [ | { grep grep_options | more } ]
host_name | host_ipv6_address
Identifies the remote
node to trace the route to.
host_name:
specifies the remote node using its logical host name which must
be resolved via DNS lookup.
host_ipv6_address:
specifies the remote node using its assigned IP address entered
using the IPv6 colon-separated-hexadecimal notation.
count packets
Specifies the number
of UDP probe packets to send. Default: 3
maxttl max_ttl
Specifies the maximum
time to live for the route tracing packets as an integer from 1 through
255. max_ttl must
be greater than min_ttl whether min_ttl is
specified or defaulted. Default: 30
The time to live (TTL)
is the number of hops through the network; it is not a measure of time.
port port_num
Specifies a specific
port for connection as an integer from 1 through 65535. Default: 33434
size octet_count
Specifies the number
of bytes for each packet as an integer from 40 through 32768. Default: 40
src { src_host_name | src_host_ipv6_address }
Specifies an IP address
to use in the packets as the source node. Default: originating system’s
IP address
src_host_name:
specifies the remote node using its logical host name which must
be resolved via a DNS lookup.
src_host_ipv6_address:
specifies the remote node using its assigned IP address specified
entered using IIPv6 colon-separated-hexadecimal notation.
timeout seconds
Specifies the maximum
time (in seconds) to wait for a response from each route tracing packet
as an integer from 2 through 100. Default: 5
vrf vrf_name
Specifies the name
of an existing virtual routing and forwarding (VRF) context associated with
this route as an alphanumeric string of 1 through 63 characters.
grep grep_options | more
Pipes (sends) the output
of this command to the specified command. You must specify a command
to which the output of this command will be sent.
For details on the
usage of grep and more, refer
to the Regulating a
Command’s Output section of the Command Line Interface
Overview chapter in this guide.
Usage:
Trace an IPv6 route
when troubleshooting network problems where certain nodes are having
significant packet delays or packet loss. This can also be used
to identify bottlenecks in the routing of data within the network.
Example:
The following command
traces the route to remote host
remoteABC and
sends the output to the more command.
traceroute6 remoteABC | more
The following command
traces the route to remote host
2000:4A2B::1f3F’s
port
2047 waiting
a maximum of
2 seconds
for responses.
traceroute6 2000:4A2B::1f3F
port 2047 timeout 2
update active-charging
Updates specified active
charging option(s) for the matching sessions.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator, Operator, Inspector
Syntax
update active-charging { switch-to-fw-and-nat-policy fw_nat_policy_name | switch-to-rulebase rulebase_name | switch-to-tpo-policy tpo_policy_name } { all | callid call_id | fw-and-nat-policy fw_nat_policy_name | imsi imsi | ip-address ip_address | msid msid | rulebase rulebase_name | tpo-policy tpo_policy_name | username user_name } [ -noconfirm ] [ | { grep grep_options | more } ]
switch-to-fw-and-nat-policy fw_nat_policy_name
Specifies an existing
Firewall-and-NAT policy to switch to as an alphanumeric string of
1 through 63 characters.
switch-to-rulebase rulebase_name
Specifies an existing
rulebase to switch to as an alphanumeric string of 1 through 63 characters.
switch-to-tpo-policy tpo_policy_name
Specifies an existing
TPO policy to switch to as an alphanumeric string of 1 through 63 characters.
all
Updates rulebase/policy
for all subscribers.
callid call_id
Updates rulebase/policy
for the Call Identification number specified as an eight-digit hexadecimal
number.
fw-and-nat-policy fw_nat_policy_name
Updates the rulebase/policy
for sessions matching an existing Firewall-and-NAT policy specified
as an alphanumeric string of 1 through 63 characters.
imsi imsi
Updates rulebase/policy
for International Mobile Subscriber Identification (IMSI) specified here.
imsi must
be 3 digits of MCC (Mobile Country Code), 2 or 3 digits of MNC (Mobile
Network Code), and the rest with MSIN (Mobile Subscriber Identification Number).
The total should not exceed 15 digits. For example, 123-45-678910234
can be entered as 12345678910234.
ip-address iP_address
Updates rulebase/policy
for the IP address specified in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal
notation.
msid msid
Updates rulebase/policy
for an MSID specified as a string of 1 through 24 characters.
rulebase rulebase_name
Updates rulebase/policy
for sessions matching an existing rulebase specified as an alphanumeric
string of 1 through 63 characters.
tpo-policy tpo_policy_name
Updates rulebase/policy
for sessions matching an existing TPO policy specified as an alphanumeric
string of 1 through 63 characters.
username user_name
Updates rulebase/policy
for user specified as a an alphanumeric of characters and/or wildcard
characters ('$' and '*') of 1 through 127 characters.
-noconfirm
Executes the command
without any additional prompt and confirmation from the user.
| { grep grep_options | more }
Pipes (sends) the output
of this command to the specified command. You must specify a command
to which the output of this command will be sent.
For details on the
usage of grep and more, refer
to the Regulating a Command’s Output section of the Command
Line Interface Overview chapter in the Command Line Interface Reference.
Usage:
Use this command to
change specified active charging option(s) for the matching sessions.
Example:
The following command
changes the rulebase for sessions using the rulebase named
standard to
use the rulebase named
super:
update active-charging
switch-to-rulebase super rulebase standard
update cscf
Causes a NOTIFY to
be triggered from CSCF based on registration state and event and
indicating the expiry timer value for each contact as “reauthentication-time” provided from
the CLI. The subscriber is supposed to send a fresh REGISTER message
within “reauthentication-time”, which will be
challenged by CSCF as part of reauthentication. If reauthentication
fails, the subscriber will be cleared after “reauthentication-time”.
Product:
SCM (P-CSCF, S-CSCF)
Syntax
update cscf subscriber { all | username user_name } cscf-service service_name { { [ contact contact_address ] reg-state { active event { refreshed | shortened } time sec } | terminated
event { deactivated | expired | rejected | unregistered } } | reauthentication-time sec } [ verbose ]
subscriber { all | username user_name }
Updates CSCF subscriber
data.
all: Updates
data for all subscribers within a specified CSCF service.
username user_name:
Specifies the name of a user within the current context as an alphanumeric
string of 1 through 127 characters that is case sensitive.
cscf-service service_name
Specifies a configured
CSCF service as an alphanumeric string of 1 and 63 characters that
is case sensitive.
contact contact_address
Specifies the contact
address of the subscriber as an alphanumeric string of 1 through
255 characters.
reg-state
Specifies the registration
state of the subscriber.
active event { refreshed | shortened } time sec }
Specifies the registration
state active event type.
- refreshed:
Specifies registration state active event as refreshed.
- shortened:
Specifies registration state active event as shortened.
time sec: Specifies
the time (in seconds) within which subscriber is expected to re-authenticate
as an integer from 1 to 86400.
terminated event { deactivated | expired | rejected | unregistered }
Specifies the registration
state terminated event type.
deactivated:
Specifies registration state terminated event as deactivated.
expired:
Specifies registration state terminated event as expired.
rejected:
Specifies registration state terminated event as rejected.
unregistered:
Specifies registration state terminated event as unregistered.
reauthentication-time sec
Specifies the time
(in seconds) within which the subscriber is expected to re-authenticate
as an integer from 1 to 86400.
verbose
Show detailed information.
Usage:
This command is only
applicable for a P-CSCF and S-CSCF service. When optional contact
ID is not specified, all the contact IDs associated with specified
user or all users will be updated and trigger NOTIFY.
IMPORTANT:
reauthentication-time
should be greater than the current expiry time of the contact so
that CSCF will initiate the NOTIFY message.
Example:
The following command
sets the re authentication time for all CSCF subscribers in the
scscf1 S-CSCF
service to
500 seconds:
update cscf subscriber
all cscf-service scscf1 reauthentication-time 500
update firewall
policy
This command is obsolete.
update ip access-list
When you update an
IP Access list, this command forces the new version of the access
list to be applied to any subscriber sessions that are currently
using that list.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator
Syntax
update ipv6 access-list list_name subscribers [ command_keyword ] [ filter_keywords ] [-noconfirm] [verbose] ]
list_name
Specifies the name of
an existing IP Access list that you want to apply to the subscriber
as an alphanumeric string of 1 through 47 characters.
[ command_keyword ] [ filter_keywords ]
These are the same command
keywords and filter keywords available for the show subscribers command.
-noconfirm
Executes the command
without any additional prompt and confirmation from the user.
verbose
Show detailed information.
Usage:
Use this command to
force existing subscriber sessions that are already using a specific
IP Access list to have that IP Access list reapplied. This is useful
when you edit an IP Access list and want to make sure that even
existing subscriber sessions have the new changes applied.
Example:
To apply the IP Access
list named
ACLlist11 to
all existing subscribers that are already using that IP Access list,
enter the following command:
update ip access-list
ACLlist11 subscribers all
update ipv6 access-list
When you update an
IP Access list, this command forces the new version of the access
list to be applied to any subscriber sessions that are currently
using that list.
Platform:
ASR
5000
ASR
5500
Privilege:
Security Administrator,
Administrator
Syntax
update ipv6 access-list list_name subscribers [ command_keyword ] [ filter_keywords ] [-noconfirm] [verbose] ]
list_name
Specifies the name of
an existing IPv6 Access list that you want to apply to the subscriber
as an alphanumeric string of 1 through 47 characters.
[ command_keyword ] [ filter_keywords ]
These are the same command
keywords and filter keywords available for the show subscribers command.
-noconfirm
Executes the command
without any additional prompt and confirmation from the user.
verbose
Show detailed information.
Usage:
Use this command to
force existing subscriber sessions that are already using a specific IPv6
Access list to have that IPv6 Access list reapplied. This is useful
when you edit an IPv6 Access list and want to make sure that even
existing subscriber sessions have the new changes applied.
Example:
To apply the IPv6 Access
list named
ACLv6List1 to
all existing subscribers that are already using that IP Access list,
enter the following command:
update ipv6 access-list
ACLv6List1 subscribers all
update module
Loads a specified plugin
module from the Module Priority List with the lowest priority number.
This will also copy the Module priority list onto the Version priority
list. This function is associated with the patch process for accommodating
dynamic software upgrades.
Platform:
ASR
5000
ASR
5500
Privilege:
Security Administrator,
Administrator
Syntax
update module plugin_name
plugin_name
Specifies the name of
an existing plugin module that you want to update as an alphanumeric string
of 1 through 16 characters. If the named module is not known to
the system, an error message is displayed.
Usage:
Use this command to
initiate an update of a new software plugin module. If it fails
to load, the module with next highest priority will be loaded. If
none of the modules are installed, the default patch which comes
along with the ASR 5000 build is automatically loaded. The specified
module must have been previously unpacked/verified and
configured via the install
plugin and plugin commands
respectively.
For additional information,
refer to the Plugin Configuration
Mode Commands chapter.
Example:
The following command
updates the plugin module named
p2p:
update module p2p
update local-user
database
Updates the local user
(administrative) database with current user information. Run this
command immediately after creating, removing or editing administrative users.
Platform:
ASR
5000
ASR
5500
Privilege:
Security Administrator,
Administrator
Syntax
update local-user database
Usage:
Use this command to
update the local-user database with current information.
Example:
The following command
updates the local-user database:
update local-user database
update qos policy
map
Updates QoS profile
information based on specific subscriber policy maps.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator
Syntax
update qos policy-map map_name use-granted-profile-id id1 [ id2 ] [ id3 ] subscribers [ command_keyword ] [ filter_keywords ] [ -noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grep grep_options | more } ]
map_name
Specifies the name of
an existing policy map as an alphanumeric string of 1 through 15 characters.
use-granted-profile-id id1 [ id2 ] [ id3 ]
Specifies the profile
IDs to update. Up to three different profile IDs can be specified.
Each profile ID is specified
as a hexadecimal value from 0x0 and 0xFFFF.
subscribers [ command_keyword ] [ filter_keywords ]
These are the same command
keywords and filter keywords available for the show subscribers command.
[ -noconfirm ]
Updates matching subscribers
without prompting for confirmation.
[ verbose ]
Displays details for
the profile updates.
[ match-requested-profile-id ]
Sends session-updates
only to profile-ids matching the profile-ids in the requested list.
grep grep_options | more
Pipes (sends) the output
of this command to the specified command. You must specify a command
to which the output of this command will be sent.
For details on the usage
of grep and more, refer
to the Regulating a
Command’s Output section of the Command Line Interface
Overview chapter in this guide.
Usage:
Use this command to
update subscriber session profile IDs based on the specified criteria.
Example:
The following command
updates profile IDs
0x3E and
0x4C for all
subscriber sessions and sends session-updates with the IDs:
update qos policy-map
test use-granted-profile-id 0x3E 0x4C subscribers all match-requested-profile-id
update qos tft
Updates the subscriber
traffic flow template (TFT) associated with the flow ID and direction.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator
Syntax
update qos tft flow-id flow-id flow-dir { forward | reverse } use-granted-profile-id id1 [ id2 ] [ id3 ] subscribers [ command_keyword ] [ filter_keywords ] [-noconfirm ] [ verbose ] [ match-requested-profile-id ] [ | { grep grep_options | more }
flow-id flow-id
Sends session updates
only when the flow ID matches the flow-id and flow-direction. flow-id must
be specified as an integer from 1 through 255.
flow-dir { forward | reverse }
Specifies the direction
of the TFT flow.
subscribers [ command_keyword ] [ filter_keywords ]]
These are the same command
keywords and filter keywords available for the show subscribers command.
Usage:
Supports QoS updates
based on subscriber TFTs.
Example:
update qos tft flow-id
0 flow-dir reverse use-granted-profile-id 0x0 subscribers all -noconfirm
upgrade
Installs major software
releases to the system.
Platform:
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator
Syntax
upgrade { online | patch } image_url config cfg_url [ -noconfirm ]
online
Perform a software upgrade
from one release version to another.
The online upgrade is
only available for software release 3.5 and higher.
patch
Install an interim,
or patch, software release.
IMPORTANT:
Software Patch Upgrades
are not supported in this release.
image_url
Specifies the location
of a image file to use for system startup. The URL may refer to
a local or a remote file. The URL must be formatted as follows:
For the ASR 5000:
[ file: ] { /flash | /pcmcia1 | /hd } [ /directory ]/file_name
[ http: | tftp: ]//{ host[ :port# ] } [ /directory ]/file_name
For the ASR 5500:
[ file: ] { /flash | /usb1 | /hd } [ /directory ]/file_name
[ http: | tftp: ]//{ host [ :port# ] } [ /directory ]/file_name
IMPORTANT:
Do not use the following
characters when entering a string for the field names below: “/” (forward
slash), “:” (colon) or “@” (at
sign).
directory is
the directory name.
filename is
the actual file of interest.
host is the
IP address or host name of the server.
port# is
the logical port number that the communication protocol is to use.
IMPORTANT:
A file intended for
use on an ASR 5000 uses the convention xxxxx.ASR5000.bin, where xxxxx
is the software build information.
IMPORTANT:
When using the TFTP,
you should use a server that supports large blocks, per RFC 2348. This
can be implemented by using the “block size option” to
ensure that the TFTP service does not restrict the file size of
the transfer to 32MB.
config config_path
Specifies the location
of a configuration file to use for system startup. This must be formatted
as follows:
For the ASR 5000:
[ file: ]{ /flash | /pcmcia1 | /hd }[ /path ]/filename
For
the ASR 5500:
[ file: ]{ /flash | /usb1 | /hd }[ /path ]/filename
Where path is the
directory structure to the file of interest, and filename is
the name of the configuration file. This file typically has a .cfg extension.
-noconfirm
Executes the command
without any additional prompt and confirmation from the user.
Usage:
Use the upgrade online command
to perform a software upgrade when upgrading from one software release
version to another, providing that both versions support this feature.
For example, you can use this method to upgrade from release version
3.5 (any build number) to version 4.0 (any build number), but you
cannot use this method to upgrade from release version 3.0 to version
3.5 since version 3.0 does not support the feature.
IMPORTANT:
Software Patch Upgrades
are not supported in this release.
IMPORTANT:
This command is not
supported on all platforms.
Example:
The following command
performs a major software release upgrade from an older version
to a newer version. In this example the new software image file
is in a subdirectory on a tftp server, and the configuration file
is in a subdirectory on the local flash at tftp://host[/path]/filename.
upgrade online tftp://imageserver/images/image.bin
config /flash/configurations/localconfig.cfg
upgrade content-filtering
Upgrades the Static
Rating Database (SRDB) for Category-based Content Filtering application.
Privilege:
Security Administrator,
Administrator
Syntax
upgrade content-filtering
category { database | rater-pkg }
upgrade content-filtering
category database
Triggers
the upgrade of the Category-based Content Filtering Static Rating
Database (SRDB).
upgrade content-filtering
category rater-pkg
Triggers manual upgrade
of the Dynamic Content-Filtering Rater Package (rater.pkg file).
The rater.pkg file contains
the models and feature counters that are used to return the dynamic
content rating. The upgrade will trigger distribution of the rater.pkg to all the
SRDBs.
IMPORTANT:
This command is customer
specific. For more information, please contact your local sales representative.
Usage:
Use this command to
load the Static Rating Database (SRDB) in to memory for Category-based
Content Filtering application,
and/or to load the rater.pkg file.
If the default directory
of /cf does not exist on the flash, it will create the
same. It also locates the recent full database and loads it into
memory. This command also clears the old and excess incremental
databases.
IMPORTANT:
This command is not
supported on all platforms.
Example:
The following command
upgrades the SRDB for the Category-based Content Filtering application:
upgrade content-filtering
category database
upgrade tethering-detection
Upgrades the Tethering
Detection feature’s database(s).
Platform:
IMPORTANT:
The
Tethering Detection feature has limitations that restrict its optimal
use and is not supported in this release. It is available only for
lab / testing purposes.
IMPORTANT:
This
command is available only if the Smartphone Tethering Detection license
is enabled. For more information please contact your Cisco account
representative.
ASR 5000
ASR 5500
Privilege:
Security Administrator,
Administrator
Syntax
upgrade tethering-detection
database { all | os-signature | tac | ua-signature } [ -noconfirm ]
all
Upgrades all Tethering
Detection databases—OS, TAC and UA.
os-signature
Upgrades only the OS
database.
tac
Upgrades only the TAC
database.
ua-signature
Upgrades only the UA
database.
- noconfirm
Executes the command
without any prompts and confirmation from the user.
Usage:
Use this command to
upgrade the database(s) used by the Tethering Detection feature.
This command upgrades
the database(s) from file(s) kept in designated path. The name of the
existing source file is prefixed with the word “new-”.
For example for OS DB, if the existing file name is “os-db”,
the upgrade file name is “new-os-db”.
If there is a file
named “new-xxx-db”, it is verified that it is
a valid Tethering Detection database and then loaded it into memory.
If successful, the files is renamed “xxx-db” to “xxx-db-<number>” and
then renamed “new-xxx-db” to “new-xxx-db”.
For example, the command upgrade tethering-database
ua-signature -noconfirm results in loading the file by
name “new-ua-db” if it is present in the designated
directory. In case of a successful upgrade, the previous version
of the database is stored as backup in a file named “ua-db-1”.
Also, the newly uploaded database file is renamed as “ua-db”.
Also see the tethering-database command
in the ACS Configuration
Mode Commands chapter.
Example:
The following command
upgrades all Tethering Detection databases:
upgrade tethering-detection
database all -noconfirm
upgrade url-blacklisting
database
Upgrades the URL blacklisting
database.
Privilege:
Security Administrator,
Administrator
Syntax
upgrade url-blacklisting
database [ -noconfirm ]
-noconfirm
Executes the command
without any additional prompt and confirmation from the user.
Usage:
Use this command to
upgrade and load a URL blacklisting database whenever required.
Example:
upgrade url-blacklisting database
