Cisco GSS Command Reference (Software Version 3.0)

show cnr security-kit

cnr shell

cnr shell

To enter the restricted Cisco Network Registrar (CNR) shell and execute the available CNR utilities, use the cnr shell command.

cnr shell

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

Upon successful execution of this command, you can press the Tab key to see the available utilities in the CNR shell. You can then execute any of these utilities by entering the utility name. See the Cisco CNS Network Registrar User's Guide for more information about the available utilities.

Examples

The following example shows how to enter the CNR shell, display the utilities, and then execute the cnr_tactool utility:

gssm1.example.com# cnr shell

cnr shell> cnr <Tab>

cnr_exim				cnr_tactool.orig				cnrdb_load 				 cnrdb_verify

cnr_exim.orig 				cnrdb_archive 				 cnrdb_printlog 	cnrservagt

cnr_keygen 				cnrdb_checkpoint cnrdb_recover							 cnrsnmp

cnr_keygen.orig	cnrdb_deadlock							 cnrdb_stat 				 cnr_tactool

cnrdb_dump				cnrdb_upgrade				 cnr shell > 				 cnr shell

cnr shell>

cnr shell> cnr_tactool

user:

password:

Related Commands

cnr enable

cnr install/uninstall

configure

To enter global configuration mode, use the configure command.

configure

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To exit global configuration mode, use the end or exit commands, or by pressing the Ctrl-Z key sequence.

Examples

The following example shows how to enter global configuration mode:

gss1.example.com# configure

gss1.example.com(config)#

Related Commands

end

copy

To copy configuration settings to or from the GSS device, use the copy command.

copy {ddos-config disk filename | disk startup-config filename | gslb-config disk filename | startup-config disk filename | running-config [disk filename | startup-config]}

Syntax Description


ddos-config disk	Copies the Distributed Denial of Service (DDoS) configuration file to a named file on disk.
filename	Name of the output file containing the GSLB-configuration, startup-configuration or running-configuration information.
disk startup-config	Loads the GSS device startup configuration settings from a named file located on the GSS.
gslb-config disk	Copies the global server load-balancing configuration to a named file on the GSS.
startup-config disk	Copies the GSS device startup configuration to a named file on the GSS.
running-config disk	Copies the GSS device current running configuration to a named file on the GSS.
running-config startup-config	Copies the GSS device current running configuration as the new startup configuration.

Command Modes

Privileged EXEC

Usage Guidelines

When supplying an output filename enter the name only. Do not include path information with the filename.

Examples

The following examples show that the copy command is used to load a new startup configuration to the device from a file and to copy the current running configuration to a file:

gss1.example.com# copy disk startup-config configfile

gss1.example.com# copy running config disk runconfigfile

Related Commands

ftp

scp

ddos peacetime

Different Domain Name System (DNS) zones may exhibit different behavior. A high traffic rate on one D-proxy may be perfectly normal for another. A peacetime learning process is required on the GSS.

To configure peacetime learning in the GSS, use the ddos peacetime command and its related commands.

ddos peacetime [apply {increment | overwrite} | database erase | save filename | show [filename | status] | start | stop]


apply {increment \| overwrite}	See the ddos peacetime apply command for a detailed syntax description.
database erase	See the ddos peacetime database erase command for a detailed syntax description.
save filename	See the ddos peacetime save command for a detailed syntax description.
show [filename \| status]	See the ddos peacetime show command for a detailed syntax description.
start	See the ddos peacetime show command for a detailed syntax description.
stop	See the ddos peacetime stop command for a detailed syntax description.

ddos peacetime apply

To apply values learned during the peacetime learning process to the rate-limit database, use the ddos peacetime apply command.

ddos peacetime apply {increment | overwrite}

Syntax Description


increment	Specifies that you want to apply the peacetime learned values incrementally to the database.
overwrite	Specifies that you want to restore all the values in the rate-limit database to their defaults and then update them with the values learned during peacetime.

Command Modes

Privileged EXEC

Usage Guidelines

This command updates the rate-limit database with the peacetime learned values.

The peacetime database location is specified in the (config-ddos) peacetime database command. If you do not specify this command, the in-memory database is used instead.

Examples

The following example shows how to apply values learned during the peacetime learning process to the rate-limit database:

gssm1.example.com# ddos peacetime apply increment

gssm1.example.com#

Related Commands

ddos peacetime database erase

To erase peacetime learning, use the ddos peacetime database erase command.

ddos peacetime database erase

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to erase peacetime learning:

gssm1.example.com# ddos peacetime database erase

gssm1.example.com#

Related Commands

ddos peacetime save

To save peacetime learning to the memory or to a file on a disk, use the ddos peacetime save command in privileged EXEC mode.

ddos peacetime save filename

Syntax Description


filename	Name of the file on the disk to which you want to save peacetime learning.

Command Modes

Privileged EXEC

Examples

The following example shows how to save peacetime learning:

gssm1.example.com# ddos peacetime save samplefile

gssm1.example.com#

Related Commands

ddos peacetime show

To show values learned during the peacetime learning process or show the peacetime learning status, use the ddos peacetime show command.

ddos peacetime show [filename | status]

Syntax Description


filename	(Optional) Filename of the peacetime learning process that you want do display values.
status	(Optional) Specifies that you want to display the current peacetime learning status.

Command Modes

Privileged EXEC

Examples

The following example shows how to display the peacetime status:

gssm1.example.com# ddos peacetime show status

DDoS Peacetime Learning is running.

gssm1.example.com#

Related Commands

ddos peacetime start

To start the peacetime learning process, use the ddos peacetime start command.

ddos peacetime start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

This command incrementally updates the values in the peacetime database.

Examples

The following example shows how to start peacetime learning:

gssm1.example.com# ddos peacetime start

gssm1.example.com#

Related Commands

ddos peacetime stop

To stop peacetime learning, use the ddos peacetime stop command.

ddos peacetime stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to stop peacetime learning:

gssm1.example.com# ddos peacetime stop

gssm1.example.com#

Related Commands

ddos peacetime start

ddos restore-defaults

To restore the default rate-limit values in the rate-limit database, use the ddos restore-defaults command.

ddos restore-defaults ipaddress

Syntax Description


ipaddress	D-proxy IP address. Indicates that you want to restore the rate limit of the designated D-proxy to the default rate and the state to Unknown.

Command Modes

Privileged EXEC

Examples

The following example shows how to restore the defaults in the rate-limit database:

gssm1.example.com# ddos restore-defaults 1.1.1.2

gssm1.example.com#

Related Commands

ddos peacetime start

del

To delete files from your GSS device, use the del command.

del filename

Syntax Description


filename	Name of the file to be deleted.

Command Modes

Privileged EXEC

Examples

The following example shows how to delete files from your GSS device:

gss1.example.com> enable

gss1.example.com# del oldtechrept.tgz

gss1.example.com#

Related Commands

copy

dir

To view a long list of files in a directory, use the dir command.

dir [directory]

Syntax Description


directory	(Optional) Name of the directory to list.

Command Modes

User and privileged EXEC

Usage Guidelines

Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is lls.

The current directory is the default directory.

Examples

The following example shows how to view a long list of files in a directory:

gss1.example.com# dir

total 771884

drwxrwxrwx    3 root     root         4096 Oct  8 11:09 .

drwxrwxrwx   19 root     root         4096 Oct  8 11:13 ..

drwx------    2 root     root         4096 Jan 23  2006 .ssh

-rw-r--r--    1 root     root     135137321 Jan 24  2006 ACR_new.upg

-rw-r--r--    1 root     root     135178281 Jan 24  2006 ACR_new1.upg

-rw-r--r--    1 root     root     135168041 Jan 24  2006 ACR_new2.upg

-rw-r--r--    1 root     root     129597481 Jan 25  2006 
gss-1.2.2.2.0-k9.upg

-rw-r--r--    1 root     root     127088681 Jan 24  2006 
gss-1.3.0.3.0-k9.upg

-rw-r--r--    1 root     root     127385641 Oct  8 10:54 
gss-1.3.0.4.1-k9.upg

-rw-r--r--    1 root     root         2520 Oct  8 11:09 one

-rw-r--r--    1 root     root         3634 Oct  8 11:06 
proximitySchema.xsd

-rw-r--r--    1 root     root         3523 Oct  8 11:07 
stickySchema.xsd

gss1.example.com#

Related Commands

pwd

disable

To turn off privileged EXEC mode, use the disable command.

disable

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

The disable command places you in user EXEC mode. To turn privileged EXEC mode back on, use the enable command.

Examples

The following example shows how to turn off privileged EXEC mode:

gss1.example.com# disable

gss1.example.com>

Related Commands

enable

dnslookup

To resolve a host or domain name to an IP address, use the dnslookup command.

dnslookup {hostname | domainname}

Syntax Description


hostname	Name of the host on the network.
domainname	Domain name.

Command Modes

User and privileged EXEC

Examples

The following examples show how the dnslookup command is used to resolve the hostname myhost.cisco.com to IP address 172.31.69.11, cisco.com to IP address 192.168.219.25, and the IP address 10.86.209.210 to gss.cisco.com:

gss1.example.com# dnslookup myhost.cisco.com

Server:  mydnsserver.cisco.com

Address:  172.16.69.12

Name:    myhost.cisco.com

Address: 172.16.69.11

gss1.example.com# dnslookup cisco.com

Server:  dns-bxb.cisco.com

Address:  161.44.124.122

Name:    www.cisco.com

Address:  198.168.219.25

gss1.example.com# dnslookup 10.86.209.210

Server:  dns-bxb.cisco.com

Address:  161.44.124.122

Name:    gss.cisco.com

Address:  10.86.209.210

enable

To access privileged EXEC commands, use the enable command.

enable

Syntax Description

This command has no keywords or arguments.

Command Modes

User and privileged EXEC

Usage Guidelines

To access privileged EXEC mode from user EXEC mode, use the enable command. The disable command takes you from privileged EXEC mode to user EXEC mode.

If you are accessing the GSS remotely using Telnet or SSH, the CLI prompts you for the enable password. The default password is default. For more information about the enable password and configuring a new password, see the "enable-passwd" command.

Examples

The following example shows how to access privileged EXEC commands:

gss1.example.com> enable

gss1.example.com#

Related Commands

disable

enable-passwd

enable-passwd

To change the enable command password, use the enable-passwd command.

enable-passwd

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can control user access to the privileged Exec mode for users that remotely connect to the GSS using Telnet or SSH. When connecting to the GSS remotely, the CLI prompts you for a password when you enter the enable command to access the privileged Exec mode. The default password is default.

You have to be the admin user to configure the enable password.

When you enter the enable-passwd command, the CLI prompts you for an admin password and then to define and confirm the enable password. The password is alphanumeric, can contain spaces and special characters, and can contain a maximum of 32 characters. Leave the password blank to set the password to the default value, which is default.

Note The enable password is not required when you access the GSS using a console or terminal session. If you forget the enable password, use a console or terminal session to configure a new password.

Examples

The following example shows how to configure the enable password:

localhost.localdomain# enable-passwd

Admin Password: <admin_password>

Set GSS enable Password: <enable_password>

Confirm GSS enable Password: <enable_password>

Related Commands

enable

end

To exit the EXEC or global configuration command shell, use the end command.

end

Syntax Description

This command has no keywords or arguments.

Command Modes

EXEC and global configuration

Usage Guidelines

Use the end command in any configuration mode to return to EXEC mode. This command is equivalent to pressing Ctrl-Z or using the exit command.

The end command entered in the user-level EXEC shell terminates the console or Telnet session.

Examples

The following example shows how to exit the EXEC or global configuration command shell:

gss1.example.com(config)# end

gss1.example.com# end

gss1.example.com>

Related Commands

exit

To access the EXEC command shell from the global or interface configuration command shells, use the exit command.

exit

Syntax Description

This command has no keywords or arguments.

Command Modes

All command modes

Usage Guidelines

Use the exit command in any configuration mode to return to EXEC mode. This command is equivalent to the end command or pressing Ctrl-Z.

The exit command entered in the user-level EXEC shell terminates the console or Telnet session.

Examples

The following example shows how to access the EXEC command shell from the global or interface configuration command shells:

gss1.example.com(config)# exit

gss1.example.com# exit

gss1.example.com>

Related Commands

end

ftp

To launch an FTP session on your GSS device, use the ftp command.

ftp ip_or_host

Syntax Description


ip_or_host	IP address or hostname of the FTP server that you want to access. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or a mnemonic hostname (for example, myhost.mydomain.com).

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use the ftp command in EXEC mode to launch the FTP client and transfer a file to and from remote machines.

Examples

The following example shows how to launch an FTP session on your GSS device:

gss1.example.com# ftp 192.168.0.1

Related Commands

gss

To manage your GSS devices, use the gss command.

gss {disable | enable {gssm-primary | gssm-standby {primary_GSSM_hostname | primary_GSSM_IP_address} | gss {primary_GSSM_hostname | primary_GSSM_IP_address} | restart | start | status [verbose] | stop}

Syntax Description


disable	Disables the selected device (GSSM or GSS) and removes any existing configuration, including deleting the Global Site Selector Manager (GSSM) database from the GSS device and removing certificate attributes specified using the certificate set-attributes command. This keyword returns the GSS device to the initial, disabled state. Disabling a GSS device is only necessary when you want to switch the role of a GSS within a network (for example, change a GSS to a GSSM or if you need to move a GSS or GSSM to a different network of GSS devices.
enable	Enables the selected device to act as the type of device that you specify: either a GSSM or GSS. This keyword creates the embedded database on the primary GSSM that stores and manages the configuration information for the GSS network. It also performs all of the other initialization processes to enable the device in a network of GSS devices. Enabling a GSS device is a one-time initialization step that is required only when you first set up the device within a network of GSS devices.
gssm-primary	Configures the selected device to act as the primary GSSM for your GSS network, responsible for maintaining status information about GSS devices and load-balancing information that is distributed to devices on the network.
gssm-standby	Configures the selected device to act as a standby GSSM which will take over GSS network management should the primary GSSM go offline.
primary_GSSM_hostname	Domain Name System (DNS) hostname of the device currently serving as the primary GSSM.
primary_GSSM_IP_address	Network address of the device currently serving as the primary GSSM.
gss	Indicates that the selected device should function as a GSS on the GSS network.
restart	Stops and restarts the GSS software on the selected device.
start	Starts the GSS software on the selected device following the initial configuration or a software upgrade.
status	Displays detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the show system-status command. Note The status of the License Manager (LM) and the Distributed Denial of Service (DDoS) prevention module do not appear in the output of the gss status command. Instead, you enter the show ddos status command to obtain DDoS information and the show processes \| grep license_manager command to obtain the LM status.
verbose	(Optional) Displays the same detailed information about the current operating state of the GSS device as with the gss status command, including the CPU utilization. Note Calculating the CPU utilization can take additional time when using the gss status verbose command. On a busy system, the gss status verbose command can take approximately 10 seconds to complete. If you do not require calculation of the CPU Utilization operating parameter, then we recommend that you use the gss status command.
stop	Stops the GSS software before a software upgrade, maintenance, or troubleshooting activities.

Command Modes

Privileged EXEC

Usage Guidelines

The gss command provides a variety of options for managing your GSSs and GSSMs, including:

•Designating individual devices to act as a GSS, primary GSSM, or standby GSSM using the gss, gssm-primary, or gssm-standby keywords of the gss command.

•Controlling the GSS servers on the device so that you can perform the required maintenance and software upgrades using the start, stop, and restart commands.

Examples

The following example shows how to manage your GSS devices:

gssm1.example.com# gss status

Cisco GSS - 1.2(2) GSS [Thu Mar 31 21:09:09 UTC 2005]

Registered to primary GSSM: 10.86.209.167

Normal Operation [runmode = 5]

START 	 SERVER

Nov30 	 Boomerang

Nov30 	 Config Agent (crdirector)

Nov30 	 Config Server (crm)

Nov30 	 DNS Server

Nov30 	 Database

Nov30 	 GUI Server (tomcat)

Nov30 	 Keepalive Engine

Nov30 	 Node Manager

Nov30 	 Proximity

Nov30 	 Sticky

Nov30 	 Web Server (apache)

Nov30 	 DRP

When the DNS server is ready to serve DNS requests, it generates the following subsystem log message and saves it in the system.log file:

Mar 25 10:45:26 gssm1.example.com DNS-5-SELREADYINFO[2073] Selector 
ready to start serving DNS requests

Related Commands

gss tech-report

gssm

gss tech-report

To generate a detailed report for use by Cisco Technical Assistance Center (TAC) representatives in troubleshooting persistent GSS problems, use the gss tech-report command.

gss tech-report filename

Syntax Description


filename	User-assigned name for the report generated by the gss tech-report command.

Command Modes

Privileged EXEC

Usage Guidelines

The file generated is a tar- format archive file with a .tgz extension.

Examples

The following example shows how to generate a detailed report for use by TAC representatives in troubleshooting persistent GSS problems:

gss1.example.com# gss stop

gss1.example.com# gss tech-report gss_techrpt1

Creating report for Cisco TAC. This may take a few minutes...

Created debug package: /home/techrpt1.tgz

Use scp/ftp to retrieve.

gssm

To manage your primary and standby Global Site Selector Manager (GSSM) (GSSM) and your GSS database, use the gssm command.

gssm backup full filename | database {invalidate | maintain | purge-log-records {count number_records | days number_days} | report | status | validate}| primary-to-standby | restore filename | standby-to-primary

Syntax Description


backup	Performs a backup of GSSM data on the GSS device.
full	Performs a backup of both the database component of the GSSM and its network and device configuration information. The primary GSSM backup does not include user files that reside in the /home directory.
filename	Name of the database backup file. This file can be the target file for a database backup action or the source file for a database restore action.
database	Creates, configures, or removes the embedded database on the GSSM.
invalidate	Invalidates GSSM database records.
maintain	Cleans up the GSSM database by defragmenting and optimizing the space allocation.
purge-log-records	Purges system log messages from the GSSM database for a specified number or period of time. This keyword removes the system log messages that appear on the primary GSSM GUI, the System Log list page of the Tools navigation tab.
count	Purges a quantity of database records up to the last n records.
number_records	Number of database system log records, starting back from the last record, that will be retained when the database is purged.
days	Purges records that cover a set time period up to n days before today.
number_days	Number of days back, starting from today, for which database system log records will be retained when the database is purged.
report	Generates and displays a report that identifies invalidated database records in the GSSM database.
status	Reports the current running status of the GSSM database.
validate	Validates GSSM database records.
primary-to-standby	Changes the role of the GSSM from the primary to the standby GSSM.
restore	Restores the GSSM from a full backup file.
filename	Name of the GSSM backup image that will be used to restore the device.
standby-to-primary	Changes the role of the GSSM from standby to GSSM.

Command Modes

Privileged EXEC

Usage Guidelines

Use the gssm database command and keyword to manage the embedded GSS database. The various command options allow you to monitor the status of your database and perform standard maintenance tasks such as backing up and restoring the database, validating the database content, and purging records.

Use the gssm restore command and keyword to restore an earlier version of the GSSM from a full backup image.

Use the gssm standby-to-primary and primary-to-standby command and keywords to switch the role of the selected GSSM in your GSS network. You must make sure that your original primary GSSM is offline before attempting to enable the standby GSSM as the new primary GSSM. Having two primary GSSMs active at the same time may result in the inadvertent loss of configuration changes for your GSS network. If this dual primary GSSM configuration occurs, the two primary GSSMs revert to standby mode and you will need to reconfigure one of the GSSMs as the primary GSSM.

The standby GSSM can temporarily take over the role as the primary GSSM if the the primary GSSM is unavailable (for example, you need to move the primary GSSM or you want to take it offline for repair or maintenance). The switching of roles between the designated primary GSSM and the standby GSSM is intended to be a temporary GSS network configuration until the original primary GSSM is back online. The interim primary GSSM can be used to monitor GSS behavior and make configuration changes if necessary. Once the original primary GSSM is available, reassign the two GSSMs to their original roles in the GSS network as described in the Cisco Global Site Selector Administration Guide.

Examples

The following examples show that the gssm database command is used to check the running status of the GSSM embedded database, back up the database to a file, purge all database records except for the last 50, and delete the database:

gss1.example.com# gssm database report

GSSM database validation report written to validation.log

gss1.example.com# gssm database status

GSSM database is running.

gss1.example.com# gssm database validate

GSSM database passed validation.

gss1.example.com# gssm primary-to-standby

Standby GSSM enabled.

gss1.example.com# gssm standby-to-primary

Standby GSSM disabled.

Related Commands

gss

gss tech-report

gssm

help

To obtain online help for the GSS CLI, use the help command.

help

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, and global configuration

Usage Guidelines

You can get help at any point when specifying a CLI command by entering a question mark (?). If nothing matches, the help list will be empty, and you must back up until entering a ? shows the available options.

Two methods of help are provided at the CLI:

•Full help is available when you are ready to enter a command argument (for example, show ?) and describes each possible argument.

•Partial help is provided when you enter an abbreviated command and you want to know what arguments match the input (for example, show clock ?).

Examples

The following example shows how to obtain online help for the GSS CLI:

gss1.example.com# help

gss1.example.com# help copy ?

install

To install a new version of the GSS software on your GSS device, use the install command.

install filename

Syntax Description


filename	Name of the software update file.

Command Modes

Privileged EXEC

Usage Guidelines

Use this command to install a new image of the GSS software on the Cisco GSS hardware. The upgrade file must be present on the Cisco GSS before you execute this command.

The install command cannot be executed while the Cisco GSS is running (for example, serving Domain Name System [DNS] requests). You must enter the gss stop command before executing the install command.

Examples

The following example shows how to install an updated version of the GSS software:

gss1.example.com# install /gss.upg

Related Commands

show version

license

To install or uninstall a license file on your GSS device, use the license command.

license install filename | uninstall filename

Syntax Description


install	Installs a license file on the GSS.
uninstall	Uninstalls a license file on the GSS.
filename	Name of the license file. Note A valid license file always includes the .lic extension. Otherwise, it is considered invalid and is not installed.

Command Modes

Privileged EXEC

Usage Guidelines

For information about obtaining and installing a license file, see the Cisco Global Site Selector Administration Guide.

Examples

The following example shows how to install the Distributed Denial of Service (DDoS) license on the GSS:

gssm1.example.com# license install ddos.lic

Related Commands

show license

lls

To view a long list of files in a directory, use the lls command.

lls [directory]

Syntax Description


directory	(Optional) Name of the directory to list.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is dir.

The current directory is the default directory.

Examples

The following example shows how to view a long list of files in a directory:

gss1.example.com# lls

total 771884

drwxrwxrwx    3 root     root         4096 Oct  8 11:09 .

drwxrwxrwx   19 root     root         4096 Oct  8 11:13 ..

drwx------    2 root     root         4096 Jan 23  2006 .ssh

-rw-r--r--    1 root     root     135137321 Jan 24  2006 ACR_new.upg

-rw-r--r--    1 root     root     135178281 Jan 24  2006 ACR_new1.upg

-rw-r--r--    1 root     root     135168041 Jan 24  2006 ACR_new2.upg

-rw-r--r--    1 root     root     129597481 Jan 25  2006 
gss-1.2.2.2.0-k9.upg

-rw-r--r--    1 root     root     127088681 Jan 24  2006 
gss-1.3.0.3.0-k9.upg

-rw-r--r--    1 root     root     127385641 Oct  8 10:54 
gss-1.3.0.4.1-k9.upg

-rw-r--r--    1 root     root         2520 Oct  8 11:09 one

-rw-r--r--    1 root     root         3634 Oct  8 11:06 
proximitySchema.xsd

-rw-r--r--    1 root     root         3523 Oct  8 11:07 
stickySchema.xsd

gss1.example.com#

Related Commands

lsof

pwd

ls

To view a list of files or subdirectory names within a directory, use the ls command.

ls [directory]

Syntax Description


directory	(Optional) Name of the directory for which you want a list of files.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

To list the filenames and subdirectories within a particular directory, use the ls directory command; to list the filenames and subdirectories of the current working directory, use the ls command. To view the present working directory, use the pwd command.

The current directory is the default directory.

Examples

The following example shows how to view a list of files or subdirectory names within a directory:

gss1.example.com# ls

gss-1.0.2.0.2-k9.upg id_rsa.pub megara.back.1_0.full rpms

gss-1.0.904.0.1-k9.upg gss_sample.full megara.back.1_1.full

Related Commands

lsof

To view a list of all open files on your GSS device, use the lsof command.

lsof

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To list the names, file properties, and locations of all files that are currently open on your GSS device, use the lsof command.

Examples

The following example shows how to view a list of all open files on your GSS device:

gss1.example.com# lsof

COMMAND     PID     USER   FD   TYPE     DEVICE     SIZE      NODE 
NAME

init          1     root  cwd    DIR        8,7     4096         2 /

init          1     root  rtd    DIR        8,7     4096         2 /

init          1     root  txt    REG        8,7    25968       492 
/sbin/init

init          1     root  mem    REG        8,7   341331        29 
/lib/ld-2.1.3.so

init          1     root  mem    REG        8,7  4105868        36 
/lib/libc-2.1.3.so

init          1     root    0u  unix 0xf7f86f40               5851 
socket

init          1     root   10u  FIFO        8,8               4098 
/rw/dev/initctl

kflushd       2     root  cwd    DIR        8,7     4096         2 /

kflushd       2     root  rtd    DIR        8,7     4096         2 /

kflushd       2     root    0u  unix 0xf7f86f40               5851 
socket

kflushd       2     root   10u  FIFO        8,8               4098 
/rw/dev/initctl

kupdate       3     root  cwd    DIR        8,7     4096         2 /

kupdate       3     root  rtd    DIR        8,7     4096         2 /

kupdate       3     root    0u  unix 0xf7f86f40               5851 
socket

kupdate       3     root   10u  FIFO        8,8               4098 
/rw/dev/initctl

kswapd        4     root  cwd    DIR        8,7     4096         2 /

kswapd        4     root  rtd    DIR        8,7     4096         2 /

kswapd        4     root    0u  unix 0xf7f86f40               5851 
socket

kswapd        4     root   10u  FIFO        8,8               4098 
/rw/dev/initctl

keventd       5     root  cwd    DIR        8,7     4096         2 /

keventd       5     root  rtd    DIR        8,7     4096         2 /

keventd       5     root    0u  unix 0xf7f86f40               5851 
socket

keventd       5     root   10u  FIFO        8,8               4098 
/rw/dev/initctl

...

Related Commands

pwd

no

To negate a CLI command or set it to its default settings, use the no command. Some GSS CLI commands do not have a no form.

no command

Syntax Description


copy	Disables the copying of GSS configuration information or technical support information.
ftp	Disables the File Transfer Protocol (FTP) on a GSS device.
snmp	Disables Simple Network Management Protocol (SNMP) on a GSS device.
telnet	Disables Telnet operations on the GSS device.

Command Modes

Interface configuration, global, and global server load-balancing configuration

Usage Guidelines

Use the no command to disable functions or negate a command. If you need to negate a specific command, such as the default gateway IP address, you must include the specific string in your command, such as no ip default-gateway ip-address.

Examples

The following example shows how to negate a CLI command or set it to its default settings:

gss1.example.com(config)# no ip name-server 10.11.12.14

gss1.example.com(config)# no ntp-server 172.16.22.44

ping

To send ICMP echo packets for diagnosing basic network connectivity on networks, use the ping command.

ping {hostname | ip-address}

Syntax Description


hostname	Hostname of the system to send an ICMP echo packet.
ip-address	IP address of the system to send an ICMP echo packet.

Command Modes

User and privileged EXEC

Usage Guidelines

To use this command with the hostname argument, make sure that the Domain Name System (DNS) functionality is configured on your GSS. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press the Ctrl-C key sequence.

Examples

The following example shows how to send ICMP echo packets for diagnosing basic network connectivity on networks:

gss1.example.com# ping gss.cisco.com

PING 172.16.0.0 (172.16.0.0) from 10.1.13.5 : 56(84) bytes of data.

64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=0 ttl=35 time=57.3 
ms

64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=1 ttl=35 time=55.8 
ms

64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=2 ttl=35 time=55.5 
ms

64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=3 ttl=35 time=57.6 
ms

64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=4 ttl=35 time=55.3 
ms

proximity database delete

To remove entries from the proximity database (PDB), use the proximity database delete command.

proximity database delete {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}

Caution

Use the proximity database delete all command in special instances when you want to remove all entries from the PDB in order to have an empty database. Ensure that you want to permanently delete entries from the PDB before you enter this command. You cannot retrieve PDB entries once they are deleted.

Syntax Description


all	Removes all proximity database entries from the GSS memory.
assigned	Removes all static entries from the PBD.
group name	Removes all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group.
inactive minutes	Removes all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes.
ip ip_address netmask netmask	Removes all proximity entries related to a D-proxy IP address and subnet mask. Specify the IP address and subnet mask of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0).
no-rtt	Removes all entries from the PDB that do not have valid RTT values.
probed	Removes all dynamic entries from the PDB.

Command Modes

Privileged EXEC

Usage Guidelines

You can remove all PDB entries from the GSS memory by using the proximity database delete all CLI command. This command, however, does not delete PDB entries saved as part of an automatic dump to a backup file on a disk, which the GSS loads upon a reboot or restart to initialize the PDB. To ensure that you successfully remove all PDB entries from both the GSS memory and disk, enter the proximity database delete all command followed by the proximity database periodic-backup now command to force an immediate backup of the empty PDB residing in the GSS memory.

The prompt "Are you sure?" appears to confirm the deletion of all PDB entries. Specify y to delete all entries or n to cancel the deletion operation.

Examples

The following example shows how to remove entries from the proximity database:

gss1.example.com# proximity database delete ip 192.168.8.0 
255.255.255.0

Related Commands

proximity database dump

proximity database load

proximity database periodic-backup

proximity database dump

To dump all or selected entries from the proximity database to a named file as a user-initiated backup file, use the proximity database dump command.

proximity database dump {filename} format {binary | xml} [entry-type {all | assigned | probed}] [entry-address {ip-address} netmask {netmask}]

Syntax Description


filename	Name of the output file that contains the proximity database entries on the GSS disk. This file resides in the /home directory. The GSS displays a prompt for overwrite confirmation if the filename already exists in the current working directory.
format	Dumps the proximity database entries in a binary or Extensible Markup Language (XML) format. Choose binary-encoding as the format type if you intend to load the contents of the file into the proximity database of another GSS. The allowable entries are as follows: •binary—Dumps the assigned proximity entries in a true binary format. This file can only be used with the proximity database load command. •xml—Dumps the assigned proximity entries in an XML format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command. Note Dumping PDB entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes to complete depending on the size of the PDB and the GSS platform in use. We recommend that you do not perform a PDB dump in an XML format during the routine operation of the GSS to avoid a degradation in performance.
entry-type	(Optional) Specifies the type of entries to output from the proximity database. The allowable entries are as follows: •all—Dumps static and dynamic entries from the proximity database. (default) •assigned—Dumps statically assigned proximity entries. •probed—Dumps dynamically probed proximity entries.
entry-address ip-address	(Optional) Specifies the IP address of the proximity database entry.
netmask netmask	Specifies the subnet mask of the proximity database entry in dotted decimal notation (for example, 255.255.255.0).

Command Modes

Privileged EXEC

Usage Guidelines

The GSS automatically dumps proximity database entries to a backup file on a disk approximately every hour. The GSS uses this backup file to initialize the proximity database upon system restart or reboot to enable the GSS to recover the contents of the database.

You can use the proximity database dump command to dump all or selected entries from the proximity database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.

To view the entire contents of the XML proximity database output file from the GSS, use the type command.

Examples

The following example shows how to dump the dynamic proximity database entries to a file named PDB6_30_04 in binary format:

gss1.example.com# proximity database dump file PDB6_30_04 format 
binary entry-type probed entry-address 172.23.5.7 netmask 
255.255.255.255

Related Commands

proximity database load

proximity database periodic-backup

proximity database load

To load and merge proximity database entries from a file into the existing proximity database in GSS memory, use the proximity database load command.

proximity database load filename format binary [override]

Syntax Description


filename	Name of the proximity database file to load and merge with the existing proximity database on the GSS device. The file must be in a binary format to be loaded into the GSS memory (see the proximity database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the proximity database file to the GSS from a remote GSS.
format binary	Loads the assigned proximity file in a true binary format. The file must be in a binary format to be loaded into the GSS memory.
override	(Optional) Specifies if the proximity database entries in the file are to override the same entries located in the current GSS proximity database. When you choose the override keyword, static database entries always take priority over dynamic database entries in the database. For the same database entries that exist in both the file and in GSS database memory, the GSS does the following: •Overwrites dynamic entries with any overlapping static entries. •Overwrites static entries with any overlapping static entries, but does not overwrite those entries with any overlapping dynamic entries. If you do not specify the override keyword, the GSS loads all the most recent entries into the memory, which will replace the older entries of the same type (dynamic or static) in the proximity database. For example, the most recent dynamic entries replace the older dynamic entries in the proximity database.

Command Modes

Privileged EXEC

Usage Guidelines

The proximity database load function supports the migration of proximity database entries from one GSS device into the proximity database of another GSS device. The GSS validates the loaded database entries, checks the software version for compatibility, and then replaces the proximity database in the memory. The file must be in a binary format to be loaded into the GSS memory.

Proximity RTT metrics loaded from the file replace overlapping entries that exist in the database and supplement the nonoverlapping database entries.

Examples

The following example shows how to load and merge the entries from the GSS3PDB file without overriding the existing entries in the GSS proximity database:

gss1.example.com# proximity database load GSS3PDB

Related Commands

proximity database dump

proximity database periodic-backup

proximity database periodic-backup

To force an immediate backup of the proximity database residing in the GSS memory, use the proximity database periodic-backup command.

proximity database periodic-backup now

Syntax Description


now	Instructs the GSS device to immediately initiate the periodic proximity database backup.

Command Modes

Privileged EXEC

Usage Guidelines

You may manually initiate a proximity database dump as a database recovery method to ensure that you store the latest proximity database entries before you shut down the GSS.

The GSS sends the proximity database entries to the system dump file as the proximity database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the proximity database at boot time.

Examples

The following example shows how to force an immediate backup of the proximity database residing in the GSS memory:

gss1.example.com# proximity database periodic backup now

Related Commands

proximity database dump

proximity database load

proximity group-summary dump

To dump the proximity group configuration summary to a specified text file, use the proximity group-summary dump command.

proximity group-summary dump filename

Syntax Description


filename	Name of the text file in which you want the GSS to dump the proximity group configuration summary.

Command Modes

Privileged EXEC

Usage Guidelines

You can view the text file containing the proximity group configuration summary using the type filename command.

Examples

The following example shows how to dump the group configuration summary to a sample file and the display this file using the type command:

gss1.example.com# proximity group-summary dump prox-dump-file.txt

gss1.example.com# type prox-dump-file.txt 
Proximity Groups: 
Group1: 
Name: proxa5 
Address Block : 
11.1.1.36/30 
11.1.1.40/30 
Group2: 
Name: proxa6 
Address Block : 
11.1.1.44/30 
11.1.1.48/30

Related Commands

(config-gslb) script play-config

proximity play-config

To play the static proximity configuration, use the proximity play-config command. This command is useful if the size of static proximity group configuration is quite large since it is more efficient than the script play-config command.

proximity play-config filename

Syntax Description


filename	Name of the file containing the static proximity configuration.

Command Modes

Privileged EXEC

Usage Guidelines

For information about using the proximity play-config command, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Examples

This example shows how to play a static proximity configuration:

gssm1.example.com# proximity play-config prox.txt

Tue Mar 6 13:10:43 2007 waiting for postmaster to start....done 
Tue Mar 6 13:10:43 2007 postmaster successfully started 
proximity group proxa1 ip 11.1.1.4 netmask 255.255.255.252 
proximity group proxa1 ip 11.1.1.8 netmask 255.255.255.252 
.

. 
proximity group proxa50 ip 11.1.2.140 netmask 255.255.255.252 
proximity group proxa50 ip 11.1.2.144 netmask 255.255.255.252

########################################### 
Please use the following Key required while, playing "proximity 
play-config" on SGSSM. 
Key: 89l25l5fa7339c1b60a20b60142493328b997b 
###########################################

Related Commands

show statistics proximity

proximity start

To locally reenable proximity on a GSS device after locally disabling the function, use the proximity start command.

proximity start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Examples

The following example shows how to locally reenable proximity on a GSS device after locally disabling the function:

gss1.example.com# proximity start

Related Commands

proximity stop

proximity statistics group-summary dump

To dump the proximity group summary statistics to a specified text file, use the proximity statistics group-summary dump command.

proximity statistics group-summary dump filename

Syntax Description


filename	Name of the text file in which you want the GSS to dump the group summary statistics.

Command Modes

Privileged EXEC

Usage Guidelines

You can view the text file containing the proximity group summary statistics using the type filename command.

Examples

The following example shows how to dump the group summary statistics to a sample text file and the display this file using the type command:

gss1.example.com# proximity statistics group-summary dump 
sampletxtfile

gss1.example.com# type sampletxtfile

Proximity Group Statistics Summary:

Group name Target IP 						Total Entries 				Total Hits  
---------			--------- 			------------- 				---------------  
proxa1			n/a 			2 				0  
proxa10 			n/a 			2 				0  
proxa11 			n/a 			2 				0  
proxa12 			n/a 			2 				0  
proxa13 			n/a 			2 				0  
proxa14 			n/a 			2 				0  
Proximity Group Statistics Summary:

Related Commands

proximity stop

To locally disable proximity on a GSS device for troubleshooting, use the proximity stop command.

proximity stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can disable proximity for a single GSS when you need to override the GUI-enabled proximity option. You may need to locally disable proximity on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file.

When you enter the proximity stop command, the GSS immediately stops the following operations:

•Proximity lookups in the proximity database

•Direct probing between the GSS and DRP agents

•Refresh probing to obtain the most up-to-date RTT values

•Periodic proximity database dumps

•The proximity database entry age-out process

Use the proximity start command to locally reenable network proximity on the GSS device.

Examples

The following example shows how to locally disable proximity on a GSS device for troubleshooting:

gss1.example.com# proximity stop

Related Commands

proximity start

pwd

To view the present working directory, use the pwd command.

pwd

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

Use this command to display the present working directory of the GSS.

Examples

The following example shows how to view the present working directory:

gss1.example.com# pwd

/admin

Related Commands

show statistics gss-mesh all dns

refresh-gssmesh-statistics

To force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics, use the refresh-gssmesh-statistics command from the primary GSSM.

refresh-gssmesh-statistics

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

By default, the GSS devices send the primary GSSM statistical information every five minutes. Before using the show statistics gss-mesh all dns {answer | rule} command, you can force the GSS devices in the mesh to send the primary GSSM their latest statistics by using the refresh-gssmesh-statistics command from the primary GSSM. This ensures that the primary GSSM displays the latest GSS mesh statistics.

The CLI is unavailable for use for five seconds after using refresh-gssmesh-statistics command to give the primary GSSM enough time to receive and process the information. If network traffic is busy, the primary GSSM may not receive the information within the five seconds. If you use the show statistics gss-mesh all dns {answer | rule} command before the primary GSSM receives the new information, the command output may not contain the latest statistical information.

Note Using the refresh-gssmesh-statistics command increases network traffic between the GSS devices in the mesh. For this reason, we recommend that you use this command only when an update is required.

Examples

The following example shows how to force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics:

gss1.example.com# refresh-gssmesh-statistics

/admin

Related Commands

reload

To halt and perform a cold restart on your GSS device, use the reload command.

reload

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

To reboot the GSS device, use the reload command. Any open connections with the GSS are dropped after you enter the reload command.

If you did not save a startup-configuration to Flash memory, the GSS prompts you to enter configuration parameters upon restart.

Examples

The following example shows how to halt and perform a cold restart on your GSS device:

gss1.example.com# reload

Related Commands

write

rename

To rename a current GSS file, use the rename command.

rename source_filename new_filename

Syntax Description


source_filename	Alphanumeric name of the file that you want to rename.
new_filename	Alphanumeric name that you want to assign to the file.

Command Modes

Privileged EXEC

Usage Guidelines

Quotes are not required around filenames. The following special characters are not allowed in the renamed filenames: ` (apostrophe), ; (semicolon), * (asterisk), and a space.

Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.

Examples

The following example shows how to rename a current GSS file:

gss1.example.com# rename startup-config new_startup-config

Related Commands

reset-gui-admin-password

To restore the default administration password that is used to log in to the primary Global Site Selector Manager (GSSM) GUI, or to change the administration password, use the reset-gui-admin-password command.

reset-gui-admin-password [password text]

Syntax Description


password text	(Optional) Changes the administration password used to log in to the primary GSSM GUI. Enter an unquoted text string with no spaces and a length of 6-16 characters.

Command Modes

Privileged EXEC

Usage Guidelines

The administrative username and password used to access the primary GSSM GUI are stored in a safe partition of the hard disk to prevent data loss due to power failures. If you change the administrative password, and then either lose or forget the password, you can reset the password back to "default" by entering the reset-gui-admin-password command.

You can also change the administrative password using the reset-gui-admin-password command.

This command is available only from the primary GSSM and standby GSSM CLI.

The default administration password is "default."

Examples

The following example shows how to change the administration password:

gss1.example.com# reset-gui-admin-password password mynewpassword

restore-factory-defaults

To reset your GSS device to its initial state, restoring all factory default settings, use the restore-factory-defaults command.

restore-factory-defaults

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

If your GSS device is improperly configured or is malfunctioning, you can use the restore-factory-defaults command to restore the device to its initial state, allowing you to properly configure it for use on your network.

The restore-factory-defaults command erases your Global Site Selector Manager (GSSM) database and all of its data and resets all network settings, returning your GSS hardware to the same state it was in when it first arrived from the factory. Before you enter the restore-factory-defaults command, ensure that you back up any vital data in the database component of the primary GSSM with its network and device configuration information. Use the gssm backup command to perform a primary GSSM backup. See the Cisco Global Site Selector Administration Guide for details on performing GSS backup.

Note User files will also be deleted when you enter the restore-factory-defaults command. If you have any important files in the /home directory that you want to save, use either the scp or ftp commands to copy those files before you enter the restore-factory-defaults command.

You cannot enter the restore-factory-defaults command while the GSS is running (for example, serving DNS requests). You must first enter the gss stop command.

Examples

The following example shows how to reset the GSS device to its initial state:

gss1.example.com# restore-factory-defaults

Related Commands

gss

gssm

rotate-logs

To force the GSS device to restart its log files and save archive copies of all existing log files, use the rotate-logs command.

rotate-logs [delete-rotated-logs]

Syntax Description


delete-rotated-logs	(Optional) Deletes all rotated log files from the / directory and its subdirectories on the GSS disk. The GSS does not delete active log files.

Command Modes

Privileged EXEC

Usage Guidelines

This command forces the GSS device to save archive copies of all existing log files in the / directory and its subdirectories and replaces them with fresh log files. Existing log files are archived locally using the following naming convention:

logfile_name.log.number

where

•logfile_name.log is the name of the archived log file (for example, gss.log or kale.log)

•number is an incremented number representing the number of times that the logs have been rotated (for example, .3). The number of the most recent rotated log file is .1. The maximum number of log files is 25 for the gss.log file.

The delete-rotated-logs keyword clears all rotated log files in the / directory and its subdirectories except for the active log files.

Examples

The following example shows how to force the GSS device to restart its log files and save archive copies of all existing files:

gss1.example.com# rotate-logs

Related Commands

scp

To securely copy files from a GSS device where you are logged in, use the scp command.

scp {source_path [source_filename] user@target_host:target_path}

To securely copy files from another device to a GSS device where you are logged in, use the scp command.

scp {user@source_host:/source_path[source_filename] target_path}

Syntax Description


source_path	Relative directory path and filename on the source device of the file that is being transferred.
source_filename	(Optional) Name of the file to be copied.
user@target_host	Login account name and hostname for the device to which you are copying files.
target_path	Relative directory path on the target device to which the file is being copied.
user@source_host	Login account name and hostname for the device from which you are copying files.

Command Modes

User EXEC and privileged EXEC

Usage Guidelines

The GSS supports one-way communication only in SCP. You can copy GSS files from the GSS where you are logged in to an external device. You can also copy files from an external device to the GSS. However, from an external device, you cannot execute the scp command and get files from the GSS. You can only use scp from the GSS.

After logging in to the CLI for the device that you intend to copy files to or from, enter the scp command following the syntax description provided above. You may be prompted to log in to the remote device before you are allowed to navigate to the target directory.

Examples

The following example shows how to securely copy files from a GSS device to which you are logged on:

gss1.example.com> scp /tmp/system.log myusername@192.168.2.3:/home

gss1.example.com> scp myusername@192.168.0.0:/home/mygssmfile.log 
/home

Related Commands

ftp

setup

To initiate a special setup script that guides you through the basic process of configuring the GSS, use the setup command.

setup

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC and global configuration

Usage Guidelines

The setup command configures basic configuration information from the CLI. Use this command when the GSS boots without a startup-configuration file (for example, when the GSS is new and the system was not configured upon initial startup). When you enter the setup command, the GSS software displays a series of prompts. You must go though all of the prompts and make changes only to those fields that you want to modify. When completed, the software prompts you to perform one of the following:

•Apply as the Running Configuration—Applies setup configuration changes to the running-configuration file.

•Edit This Configuration—Returns to the beginning of setup and edits specific configuration information.

•Discard Configuration and Quit Setup—Cancels making initial configuration changes.

Once configuration setup is complete, the GSS software prompts you to log in to the primary GSSM GUI and finish the device setup.

The setup command cannot be executed while the GSS is running. You must enter the gss stop command before executing the setup command.

Examples

The following example shows how to initiate a special setup script that guides you through the basic process of configuring the GSS:

gss1.example.com# setup

##############################

## GSS Initial Setup Script ##

##############################

This setup utility will help guide you through the basic configuration

necessary to get a GSS up and running. The script will not make any

modifications on the running system. At the end you will be able to

review and edit the new configuration and before applying it to the

running system.

Typing CTRL-C at any prompt quits the script immediately.

The values in brackets '[]' are the defaults, and can be selected

by simply hitting <CR>.

This setup script will help with only the basic GSS and GSSM 
configuration.

To configure DNS rules, it will be necessary to log into the Primary 
GSSM

Admin Webpage.

Do you want to continue? (y/n) [no]: y

Enter the Hostname of this device [host.cisco.com]:

* Interface eth0 (Active - IP: 192.168.1.25 Mask: 255.255.255.0)

Do you want to change this? (y/n) [n]:

* Interface eth1 (Inactive)

Do you want to change this? (y/n) [n]:

Do you want to configure a default gateway? (y/n) [y]:

Enter the default gateway [10.86.208.1]:

Enter the IP addresses for up to 8 Name Servers.

Enter a dash ('-') at a blank entry to stop entering Name Servers.

At least one Name Server is required for this setup script.

Enter Name Server 1 [172.16.124.122]:

Enter Name Server 2: 192.168.1.2

Enter Name Server 3: 172.16.10.12

Enter Name Server 4: -

* Remote Access

Do you want to enable FTP access? (y/n) [y]:

Do you want to enable Telnet access? (y/n) [n]:

Do you want to enable SSH access? (y/n) [y]:

Do you want to configure this GSS as a Manager (gssm)? (y/n) [y]:

Do you want to configure this GSSM as the Primary? (y/n) [y]:

The following configuration command script was created:

interface ethernet 0

   ip address 192.168.1.25 255.255.255.0

hostname host-gss.cisco.com

ip default-gateway 10.86.208.1

ip name-server 172.16.124.122

ip name-server 192.168.1.2

ip name-server 172.16.10.12

ssh enable

ftp enable

gss enable gssm-primary

What would you like to do?

1) Apply as the Running Configuration

2) Edit this configuration

3) Discard Configuration and Quit Setup

Choice: 1

show access-group

To display a list of the access lists associated with your GSS interfaces Ethernet 0 and Ethernet 1, use the show access-group command.

show access-group

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show access-group command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

access-group

access-list

show access-list

show access-list

To display a list of the access lists configured on your GSS device, use the show access-list command.

show access-list

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

The show access-list command displays a list of access lists on your GSS device, regardless of whether they are being used. Access lists must be applied to a particular GSS interface before they can be used to filter GSS traffic.

For information about the fields in the show access-list command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

access-group

access-list

show access-group

show arp

To display ARP information, use the show arp command.

show arp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

The show arp command displays the complete ARP resolution table with IP addresses, MAC addresses, and resolution type.

For information about the fields in the show arp command output, see the Cisco Global Site Selector Administration Guide.

show boot-config

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC

Usage Guidelines

For information about the fields in the show cnr security-kit command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

cnr security-kit

show ddos

To display Distributed Denial of Service (DDoS) detection and mitigation statistics on a GSS, use the show ddos and its related commands.


attacks	See the show ddos attacks command for a detailed syntax description.
dproxy [ipaddress \| spoofed \| trusted]	See the show ddos dproxy command for a detailed syntax description.
failed-dns [failed-domains \| global-domain-rules \| gslb-rules]	See the show ddos failed-dns command for a detailed syntax description.
rate-limit [ipaddress \| global]	See the show ddos rate-limit command for a detailed syntax description.
config	See the show ddos-config command for a detailed syntax description.
status	See the show ddos status command for a detailed syntax description.

show ddos attacks

To display Domain Name System (DNS) attacks detected by the GSS, use the show ddos attacks command.

show ddos attacks

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos attacks command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos dproxy

To show spoofed and nonspoofed D-proxies on the GSS, use the show ddos dproxy command.

show ddos dproxy [ipaddress | spoofed | trusted]

Syntax Description


ipaddress	D-proxy IP address.
spoofed	Specifies the spoofed D-proxies.
trusted	Specifies the trusted D-proxies.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos dproxy command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos failed-dns

To show the last x number of domain names that caused failed Domain Name System (DNS) queries at the GSS or the number of failed DNS queries per D-proxy, use the show ddos failed-dns command.

show ddos failed-dns [failed-domains | global-domain-rules | gslb-rules]

Syntax Description


failed-domains	(Optional) Specifies the failed domain names due to a GSLB-rule mismatch. Note Even if Distributed Denial of Service (DDoS) is disabled, you can use this keyword to list the failed domain names due to the GSLB-rule mismatch. The list is updated even if DDoS is disabled.
global-domain-rules	(Optional) Specifies the number of failures due to a global domain mismatch.
gslb-rules	(Optional) Specifies the number of failures due to a GSLB-rule mismatch.

Command Modes

Privileged EXEC

Usage Guidelines

Note Failed DNS queries refer to the DNS queries for a domain that are not configured on the GSS.

For information about the fields in the show ddos failed-dns command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos rate-limit

To show the rate limits per D-proxy and the number of packets dropped per source, use the show ddos rate-limit command.

show ddos rate-limit [ipaddress | global]

Syntax Description


ipaddress	(Optional) IP address of the D-proxy.
global	(Optional) Specifies the global rate limit on the GSS.

Usage Guidelines

For information about the fields in the show ddos rate-limit command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos-config

To display the contents of the Distributed Denial of Service (DDoS) running configuration file, use the show ddos-config command.

show ddos-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos-config command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show ddos status

To display the status of the Distributed Denial of Service (DDoS) detection and mitigation module on the GSS, use the show ddos status command.

show ddos status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show ddos status command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

(config-gslb) script play-config

show disk

To display information about the GSS hard disk, use the show disk command. The information includes the available user space on the disk, the size of the database, and the space available.

show disk

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show disk command output, see the Cisco Global Site Selector Administration Guide.

show ftp

To display the operating status of the File Transfer Protocol (FTP) for your GSS device, use the show ftp command.

show ftp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show access-list command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

ftp

show telnet

show snmp

show gslb-config

To display GSS global server load-balancing configuration information, use the show gslb-config command.

show gslb-config [answer-group [name] | answer [ip_address {type} | name] | dns rule [name] | domain-lists [name] | keepalive-properties | locations [name] | owners [name] | proximity-properties | region [name] | shared-keepalives [ip_address] | source-address-lists [name] | static-proximity [name] | sticky-groups [name] | sticky-properties | zones [name]]

Syntax Description


answer-group	(Optional) Specifies the current property settings for all configured answer groups.
name	(Optional) Current property settings for the named answer group.
answer	(Optional) Specifies the current property settings for all configured answers.
ip_address	(Optional) Current property settings for answers that use the specified IP address.
type	Current property settings for answers (by type) that use the specified IP address. Answer types are: vip, cra, and ns.
name	Current property settings for the named answer.
dns rule	(Optional) Specifies the current property settings for all configured Domain Name System (DNS) rules.
name	(Optional) Current property settings for the named DNS rule.
domain-lists	(Optional) Specifies the current property settings for all configured domain lists.
name	(Optional) Current property settings for the named domain list.
keepalive-properties	(Optional) Specifies the current property settings for all configured keepalives.
locations	(Optional) Specifies the current property settings for all configured locations.
name	(Optional) Current property settings for the named location.
owners	(Optional) Specifies the current property settings for all configured owners.
name	(Optional) Current property settings for the named owner.
regions	(Optional) Specifies the current property settings for all configured regions.
name	(Optional) Current property settings for the named region.
shared-keepalives	(Optional) Specifies the current property settings for all configured shared keepalives.
ip_address	(Optional) Current property settings for shared keepalives that use the specified IP address.
source-address-lists	(Optional) Specifies the current property settings for all configured source address lists.
name	(Optional) Current property settings for the named source address list.
static-proximity	(Optional) Specifies the current property settings for all configured proximity groups.
name	(Optional) Current property settings for the named proximity group.
sticky-groups	(Optional) Specifies the current property settings for all configured sticky groups.
name	(Optional) Current property settings for the named sticky group.
sticky-properties	(Optional) Specifies the current sticky mesh property settings.
zones	(Optional) Specifies the current property settings for all configured zones.
name	(Optional) Current property settings for the named zone.

Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing

Examples

The following example shows how to display all currently configured keepalive properties:

gssm1.example.com(config)# gslb

gssm1.example.com(config-gslb)# show gslb-config keepalive-properties

keepalive-properties scripted kal standard min-interval 40

keepalive-properties icmp standard min-interval 40

keepalive-properties tcp fast retries 1 successful-probes 1

keepalive-properties http-head standard min-interval 40 port 80 
termination reset timeout 20 path /

keepalive-properties kalap fast retries 1 successful-probes 1

keepalive-properties cra timing-decay 2 min-interval 10

keepalive-properties ns query-domain . min-interval 40

Related Commands

show gslb-errors

To display any errors that occurred after executing the (config-gslb) script play-config command, use the show gslb-errors command.

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and global server load-balancing.

Related Commands

show gslb-config

show interface

To display GSS hardware interface information, use the show interface command.

show interface {eth0 | eth1}

Syntax Description


eth0	Specifies the first Ethernet interface (eth0) on your GSS device.
eth1	Specifies the second Ethernet interface (eth1) on your GSS device.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show interface command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

show gslb-config

show logs

To send the log activity to your current session, use the show log command.

show logs {follow | tail}

Syntax Description


follow	Displays the log file as data that is appended to it.
tail	Displays only the last 10 lines of the log file.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Use the show logs command to send the log activity to your current session. The show logs command displays the contents of the gss.log file, which contains information about the GSS activity that is most useful to GSS administrators.

For information about the fields in the show logs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show license

show memory

To display memory blocks and statistics, use the show memory command.

show memory

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show memory command output, see the Cisco Global Site Selector Administration Guide.

show ntp

To display the Network Time Protocol (NTP) configuration, use the show ntp command.

show ntp

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show ntp command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

ntp enable

ping

show processes

To display a list of internal GSS device processes, use the show processes command.

show processes

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show processes command output, see the Cisco Global Site Selector Administration Guide.

show properties

To display a list of configuration property settings for the GSS device, use the show properties command.

show properties

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Examples

The following example shows how to display the configuration property settings for the GSS:

gss1.example.com# show properties

...

ServerConfig.dnsserver.returnError: 0

...

Related Commands

show proximity

To display general status information about the proximity subsystem, use the show proximity command.

show proximity

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show proximity group-name

show logs

show proximity database

To display the proximity database (PDB) entries by specifying one or more entry matching criteria, use the show proximity database command.

show proximity database {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}

Syntax Description


all	Displays all entries in the proximity database.
assigned	Displays all static entries in the proximity database.
group name	Displays all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group.
inactive minutes	Displays all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes.
ip ip-address netmask netmask	Displays all proximity entries related to a D-proxy IP address and subnet mask. Specify the IP address and subnet mask of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0).
no-rtt	Displays all entries in the PDB that do not have valid round-trip time (RTT) values.
probed	Displays all dynamic entries in the PDB.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show proximity database command, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Examples

The following example shows how to display entries related to the D-proxy IP address 192.168.8.0 and subnet mask 255.255.255.0:

gss1.example.com# show proximity database ip 192.168.8.0 255.255.255.0

Related Commands

show proximity

show proximity group-name

To display statistics for a specific proximity group, use the show proximity group-name command.

show proximity group-name groupname

Syntax Description


groupname	Name of a proximity group. Enter the exact name to display all proximity database entries related to that group.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show proximity group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show proximity

show proximity group-name

show proximity group-summary

To display a summary of statistics for all configured proximity groups, use the show proximity group-summary command.

show proximity group-summary

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

This command displays the configuration output to the console only if the number of proximity elements, or IP blocks, is less than 1000. (This value is not configurable). If the number of proximity elements is more than 1000, an error message displays asking you to execute the proximity group-summary dump filename command.

For information about the fields in the show proximity group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show proximity

proximity group-summary dump

show running-config

To display the current running configuration of the GSS device, use the show running-config command.

show running-config

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, interface, and global server load-balancing

Usage Guidelines

Use this command with the show startup-config command to compare the information in the running memory to the startup-configuration file used during the bootup process.

For information about the show running-config command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

copy

show startup-config

show services

To display the current state of the GSS services, such as the File Transfer Protocol (FTP), Network Time Protocol (NTP), Secure Shell (SSH), Terminal Access Controller Access Control System Plus (TACACS+), Telnet, and Simple Network Management Protocol (SNMP), use the show services command.

show services

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show services command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show snmp

To display the Simple Network Management Protocol (SNMP) operating status, use the show snmp command.

show snmp

Syntax Description

This command has no keywords or arguments.

Related Commands

copy

show services

show statistics

To display GSS load-balancing statistics, use the show statistics command. The options for this command are as follows:

•show statistics boomerang—Displays statistics related to the boomerang server component of the GSS

•show statistics ddos—Displays statistics related to the Distributed Denial of Service (DDoS) prevention module of the GSS

•show statistics dns—Displays statistics from the Domain Name System (DNS) component of the GSS

•show statistics drpagent—Displays statistics for the Director Response Protocol (DRP) agent

•show statistics gss-mesh all dns—Displays statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh

•show statistics keepalive—Displays statistics for the keepalive component of the GSS software

•show statistics proximity—Displays statistics about the network proximity operation of your GSS device

•show statistics sticky—Displays general statistics about the sticky database

•show statistics tacacs—Displays the current TACACS+ statistics

Each GSS device includes a comprehensive set of show statistics CLI commands to display content routing and load-balancing statistics for each major component involved in the GSS global server load-balancing operation. The GSS global server load-balancing components include boomerang (CRAs), DNS, and VIP keepalives. You can also monitor advanced traffic management functions, such as Domain Name System (DNS) sticky and network proximity, for the GSS device.

For example, you can use the show statistics dns command to view the traffic handled by a particular DNS rule, which matches a D-proxy to an answer, or to analyze the traffic to a particular hosted domain that is managed by a GSS.

Note If you specify the show statistics command after entering either the gss start command or the reload command, the GSS device can take approximately 1 minute before the command takes effect and displays the requested statistics.

For more information about these keywords and associated arguments, see the following commands.

show statistics boomerang

To display statistics related to the boomerang server component of the GSS, use the show statistics boomerang command.

show statistics boomerang {domain domain_name | global}

Syntax Description


domain	Displays statistics related to the named domain that is being served by the GSS.
domain_name	Name of the domain.
global	Displays statistics across the entire GSS network for the boomerang server.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics boomerang command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics dns

To display statistics from the Domain Name System (DNS) component of the GSS, use the show statistics dns command.

show statistics dns {answer [list | verbose | answer_name] | answer-group [list | group_name [verbose]] | domain [list | domain_name] | domain-list [list | domain_list_name [verbose]] | global | proximity rule | rule [list | rule_name [verbose]] | source-address [list | sa_name] | source-address-list [list | sa_list_name [verbose]] | sticky rule}

Syntax Description


answer	Displays the accumulated hit count for each configured answer. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.
list	(Optional) Lists the names of all answers configured for the GSS.
verbose	(Optional) Allows you to display detailed statistics for each answer. In addition to the information that displays when you do not use an optional keyword, the DNS name also displays.
answer_name	(Optional) Name of an answer for which statistics are displayed.
answer-group	Displays the total hit count for each configured answer group.
list	(Optional) Lists the names of all answer groups configured for the GSS.
group_name	(Optional) Name of an answer group for which statistics are displayed.
verbose	(Optional) Allows you to view detailed statistics for each answer that makes up an answer group.
domain	Displays the accumulated hit count for each configured host domain. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.
list	(Optional) Lists the names of all domains configured for the GSS.
domain_name	(Optional) Name of a domain for which statistics are displayed.
domain-list	Displays the total accumulated hit count for each configured domain list.
list	(Optional) Lists the names of all domains configured for the GSS.
domain_list_name	(Optional) Name of a domain list for which statistics will be displayed.
verbose	(Optional) Allows you to view detailed statistics for each domain that makes up a domain list.
global	Displays general DNS statistics for the GSS device in use.
proximity rule	Displays all proximity lookups and failures by the DNS rule name.
rule	Displays the total hit count and success count for each configured DNS rule.
list	(Optional) Lists the names of all DNS rules configured for the GSS.
rule_name	(Optional) Name of a DNS rule for which statistics are displayed.
verbose	(Optional) Allows you to view detailed statistics for the specified rule.
source-address	Displays the accumulated hit count for each configured source address. The statistics also includes the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval.
list	(Optional) Lists the names of all source addresses configured for the GSS.
sa_name	(Optional) Name of a source address for which statistics are displayed.
source-address-list	Displays the total hit count for each configured source address list. The statistics also include the last minute average, 5-minute average, 30-minute average, and 4-hour average of the hit counts.
list	(Optional) Lists the names of all source addresses.
sa_list_name	(Optional) Name of a source address list for which statistics are displayed.
verbose	(Optional) Allows you to view detailed statistics for each name in the source address list.
sticky rule	Displays all DNS sticky lookups and failures by the DNS rule name.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics ddos

To display Distributed Denial of Service (DDoS) global or attack statistics, use the show statistics ddos command.

show statistics ddos [attacks | global]

Syntax Description


attacks	(Optional) Displays DDoS attack statistics.
global	(Optional) Displays DDoS global statistics.

Command Modes

Privileged EXEC

Usage Guidelines

For information about the fields in the show statistics ddos command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.

Related Commands

show statistics drpagent

To display statistics on the Director Response Protocol (DRP) agent, use the show statistics drpagent command.

show statistics drpagent

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and drp

Usage Guidelines

For information about the fields in the show statistics drpagent command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics gss-mesh all dns

To display statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh, use the show statistics gss-mesh all dsn command from the primary GSSM

show statistics gss-mesh all dns {answer [type {cra | ns | vip}] [ip_address] | rule [rule_name]}

Syntax Description


answer	Displays the accumulated hit count for each configured answer.
type	(Optional) Specifies statistics for one of the following answer types: •cra—Content routing agent answer type •ns—DNS name server answer type •vip—Virtual IP answer type
ip_address	(Optional) IP address of a specific GSS in the GSS mesh.
rule	Displays the total hit count and success count for each configured DNS rule.
rule_name	(Optional) Name of a DNS rule for which statistics are displayed.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics gss-mesh all dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

refresh-gssmesh-statistics

show logs

show proximity group-name

show statistics keepalive

To display statistics about the keepalive component of the GSS software, use the show statistics keepalive command.

show statistics keepalive {cra {ip_address | all | list} | global | http-head {ip_address | all | list} | icmp {IP_address | all | list} | kalap {ip_address | all | list} | scripted-kal {name | all | list} | ns {ip_address | all | list} | tcp {ip_address | all | list}}

Syntax Description


cra	Displays statistics for configured content routing agent (CRA) keepalive types managed by the keepalive component and used with Boomerang-type answers.
ip_address	IP address for which statistics are displayed.
all	Displays all configured CRA-type keepalives.
list	Lists all available IP addresses.
global	Displays keepalive statistics across the entire GSS device.
http-head	Displays statistics for configured HTTP HEAD keepalive types managed by the GSS and used with VIP-type answers.
all	Displays all configured HTTP HEAD-type keepalives.
icmp	Displays statistics for configured ICMP keepalive types managed by the GSS and used with VIP-type answers.
all	Displays all configured ICMP-type keepalives.
kalap	Displays statistics for configured KAL-AP keepalive types managed by the GSS and used with VIP-type answers.
all	Displays all configured KAL-AP-type keepalives.
scripted-kal	Displays statistics for configured Scripted keepalive types managed by the GSS and used with VIP-type answers.
name	KAL name for which you want to display keepalive statistics.
all	Displays all configured Scripted keepalives.
ns	Displays statistics for configured name server (NS) keepalive types managed by the GSS and used with name server type answers.
all	Displays all configured name server-type keepalives.
tcp	Displays statistics for configured TCP keepalive types managed by the GSS and used with IP-type answers.
all	Displays all configured TCP-type keepalives.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the fields in the show statistics keepalive command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics proximity

To display statistics about the network proximity operation of your GSS device, use the show statistics proximity command.

show statistics proximity {database | group-name {name} | group-summary | lookup | probes {detailed}}

Syntax Description


database	Displays the overall statistics on the proximity database, such as the number of entries currently in the proximity database, the number of entries dropped, and the rate of lookups.
group-name name	Display statistics for the specified proximity group.
group-summary	Displays a summary of statistics for all configured proximity groups. Note This command displays the proximity statistics to the console only if the number of proximity groups is less than 1000. If the number of proximity groups is more than 1000, an error message displays asking you to execute the proximity statistics group-summary dump filename command.
lookup	Displays statistics about the proximity lookups that have occurred on this GSS.
probes	Display general probe success and failure counts.
detailed	Detailed statistics for the ICMP and TCP probes that relate to all configured zones.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Network proximity statistics include information about the proximity database on the GSS device, individual zones, probing requests, and round-trip time (RTT) coverage.

For information about the fields in the show statistics proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics sticky

To display general statistics about the sticky database, use the show sticky statistics command.

show statistics sticky {global | group-name {name} | group-summary | mesh}

Syntax Description


global	Displays a summary of global sticky statistics.
group-name name	Displays statistics for the specified sticky group.
group-summary	Displays a summary of statistics for all configured sticky groups.
mesh	Displays detailed statistics for each GSS device in the global sticky mesh.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Sticky statistics include the total number of hits and misses in the sticky database, number of entries in the sticky database, and total number of lookups.

For information about the fields in the show statistics sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show statistics tacacs

To display the current Terminal Access Controller Access Control System Plus (TACACS+) statistics, use the show statistics tacacs command.

show statistics tacacs

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Each server is identified by the IP address and port. There is a Pass, Fail, and Error counter for each authentication, authorization, and accounting service.

For information about the fields in the show statistics tacacs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show sticky

To display general status information about the sticky subsystem, use the show sticky command.

show sticky

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show sticky database

To display sticky database entries by specifying one or more entry matching criteria, use the show sticky database command.

show sticky database {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} netmask {netmask} | rule {rule_name}}

Syntax Description


all	Displays all entries in the sticky database.
answer name/ip_address	Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0).
domain name	Displays all sticky entries related to a domain. Specify the exact name for a previously created domain.
domain-list name	Displays all sticky entries related to a domain list. Specify the exact name for a previously created domain list.
group name	Displays all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group.
inactive minimum minutes maximum minutes	Displays all sticky entries that have not received a client hit in the time interval between the specified minimum and maximum values, entered in minutes. Enter a value from 0-10100 minutes as the specified minimum value and maximum value.
ip ip_address netmask netmask	Displays all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0).
rule rulename	Displays all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky database command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show sticky global

To display the global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky global command.

show sticky global [verbose]

Syntax Description


verbose	(Optional) Displays detailed global sticky status and statistics information for each GSS peer.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky global command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show sticky group-name

To display statistics for a specific sticky group, use the show sticky group-name command.

show sticky group-name groupname

Syntax Description


groupname	Name of a sticky group. Enter the exact name to display all sticky database entries related to that group.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show sticky group-summary

To display a summary of statistics for all configured sticky groups, use the show sticky group-summary command.

show sticky group-summary

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show sticky mesh

To display global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky mesh command.

show sticky mesh {session {session_id} [verbose]} | [verbose]

Syntax Description


session session_id	Displays operating status information for a specific session ID, which is the point-to-point connection between the local GSS node and a sticky mesh peer. To locate the session ID for a specific GSS peer in the mesh, use the show sticky mesh command.
verbose	(Optional) Displays detailed operating status information for the entire sticky mesh and for all GSS peers in the mesh.

Command Modes

Privileged EXEC, global configuration, and global server load-balancing configuration modes

Usage Guidelines

For information about the fields in the show sticky mesh command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.

Related Commands

show supportpass-status

To see if the GSS support password has been set, use the show supportpass-status command.

show supportpass-status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC mode

Usage Guidelines

For information about using the show supportpass-status command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

supportpass

show system-status

To display a report on the current operating status of your GSS device, including the online status, current software version, and start date or time for the various components, use the show system-status command.

show system-status

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

Use this command to display detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the gss status command.

For information about the fields in the show system-status command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

show services

show tacacs

To display the Terminal Access Controller Access Control System (TACACS) configuration on your GSS device, use the show tacacs command.

show tacacs

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show tacacs command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

tail

tacacs-server timeout

show tech-support

To display a report on the current operating configuration of your GSS device that can be used by Cisco technical support representatives to help troubleshoot problems on your GSS network, use the show tech-support command.

show tech-support [config | core-files]

Syntax Description


config	(Optional) Exports the output of all configured fields from the primary Global Site Selector Manager (GSSM) GUI (intended for use by a Cisco technical support representative)
core-files	(Optional) Displays a listing of all core files.

Command Modes

Privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show tech-support command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

tcpdump

show telnet

To display the status of the Telnet option on your GSS device, use the show telnet command.

show telnet

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

This command only displays the operating status of Telnet and cannot be used to connect to remote devices.

For information about the show telnet command output, see the Cisco Global Site Selector Getting Started Guide.

Related Commands

show disk

show snmp

telnet

show terminal-length

To display the terminal length setting for your GSS device, use the show terminal-length command.

show terminal-length

Syntax Description

This command has no keywords or arguments.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

This command displays the maximum number of rows of data that are output at once during a terminal session.

For information about the show terminal-length command output, see the Cisco Global Site Selector Administration Guide.

Related Commands

terminal-length

show uptime

To find out how long the GSS device has been operational, use the show uptime command.


verbose	(Optional) Allows you to view detailed GSS software version information.

.

Command Modes

User EXEC, privileged EXEC, global configuration, and interface

Usage Guidelines

For information about the show version command output, see the Cisco Global Site Selector Administration Guide.

shutdown

To shut down the operating system on the GSS device, use the shutdown command. To shut down a particular Ethernet interface on the GSS device, use the shutdown command in interface configuration mode.

shutdown

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC, interface configuration

Usage Guidelines

The shutdown command performs a shutdown of the GSS operating system or interface. In some cases, the GSS device will also be powered down following a shutdown.

Examples

The following example shows how to shut down the operating system on the GSS device:

gss1.example.com# shutdown

gss1.example.com(config)# interface eth0

gss1.example.com(config-eth0)# shutdown

sticky database delete

To remove entries from the sticky database, use the sticky database delete command.

sticky database delete {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} netmask {netmask} | rule {rule_name}}

Caution

Use the sticky database delete all command in special instances when you want to remove all entries from the sticky database in order to have an empty database. Ensure that you want to permanently delete entries from the sticky database before you enter this command. You cannot retrieve sticky database entries once you delete them.

Syntax Description


all	Removes all entries in the sticky database. The prompt "Are you sure?" appears to confirm the deletion of all sticky database entries. Specify y to delete all entries or n to cancel the deletion operation.
answer name/ip_address	Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0).
domain name	Removes all sticky entries related to a domain. Specify the exact name for a previously created domain.
domain-list name	Removes all sticky entries related to a domain list. Specify the exact name for a previously created domain list.
group name	Removes all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group.
inactive minimum minutes maximum minutes	Removes all sticky entries that have not received a lookup request by a client D-proxy in the specified minimum and maximum time interval. Valid entries are 0 to 10100 minutes. If you do not specify a maximum value, the GSS deletes all entries that have been inactive for the specified minimum value or longer. The GSS returns an error if one of the following situations occur: •The maximum value is set to a value that is less than the minimum value •The minimum and maximum values are not within the allowable range of values for the sticky inactivity timeout.
ip ip_address netmask netmask	Removes all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0).
rule rulename	Removes all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule.

Command Modes

Privileged EXEC

Usage Guidelines

When operating in a GSS global DNS sticky configuration, the result of the sticky database delete command propagates throughout the GSS mesh to maintain synchronization between the peers in the GSS network.

To view the entries in the sticky database to identify the sticky entries that you want to delete, use the show sticky database command.

Examples

The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask of 255.255.255.0:

gss1.example.com# sticky database delete ip 192.168.8.0 netmask 
255.255.255.0

The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask 255.255.255.0:

gss1.example.com# sticky database delete ip 192.168.8.0 netmask 
255.255.255.0

Related Commands

sticky database dump

sticky database load

sticky database dump

To dump all or selected entries from the sticky database to a named file as a user-initiated backup file, use the sticky database dump command.

sticky database dump {filename} format {binary | xml} entry-type {all | group | ip}

Syntax Description


filename	Name of the output file that contains the sticky database entries on the GSS disk. This file resides in the /home directory.
format	Dumps the sticky database entries in a binary or XML format. Choose binary-encoding as the format type if you intend to load the contents of the file into the sticky database of another GSS. The allowable entries are as follows: •binary—Dumps the assigned sticky entries in true binary format. This file can be used only with the sticky database load command. •xml—Dumps the assigned sticky entries in an Extensible Markup Language (XML) format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command. Note Dumping sticky database entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes depending on the size of the sticky database and the GSS platform in use. We recommend that you do not perform a sticky database dump in an XML format during the routine operation of the GSS.
entry-type	Specifies the type of entries to dump from the sticky database. The available choices are as follows: •all—Dumps all entries from the sticky database (default). •group—Dumps all entries that have sticky group IDs from the database. •ip—Dumps all entries that have source IP addresses from the database.

Command Modes

Privileged EXEC

Usage Guidelines

The GSS automatically dumps sticky database entries to a backup file on a disk in a binary file format approximately every 20 minutes. The GSS uses this backup file to initialize the sticky database upon system restart or reboot to enable the GSS to recover the contents of the database. When global sticky is enabled, the GSS uses the database dump file at reboot if there is no peer in the mesh that can provide a full sticky database.

You can dump all or selected entries from the sticky database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.

To view the entire contents of the XML sticky database output file from the GSS, use the type command.

Examples

The following example shows how to dump the D-proxy source IP addresses from the sticky database to the sdb2004_06_30 file in an XML format:

gss1.example.com# sticky database dump sdb2004_06_30 format xml type

source

Related Commands

sticky database delete

sticky database load

sticky database periodic-backup

sticky database load

To load and merge a sticky database from a disk into the existing sticky database in GSS memory, use the sticky database load command.

sticky database load filename

Syntax Description


filename	Name of the sticky database file to load and merge with the existing sticky database on the GSS device. The file must be in a binary format for loading into the GSS memory (see the sticky database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the sticky database file to the GSS from a remote GSS.

Command Modes

Privileged EXEC

Usage Guidelines

The GSS allows you to load and merge sticky database entries from a file into the existing sticky database in the GSS memory. The sticky database merge capability supports the addition of entries from one GSS into another GSS. The file must be in a binary format for loading into the GSS memory.

The GSS validates the database loaded, checks the software version for compatibility, and then adds the sticky database entries in the memory. The GSS does not overwrite duplicate entries in the sticky database.

If you prefer to load and replace all sticky database entries from a GSS instead of merging the entries with the existing sticky database, enter the sticky database delete all command to remove all entries from the sticky database memory before you enter the sticky database load command.

Examples

The following example shows how to load and merge the entries from the GSS3SDB file with the existing entries in the GSS sticky database:

gss1.example.com# sticky database load GSS3SDB

Related Commands

sticky database delete

sticky database dump

sticky database periodic-backup

To force an immediate backup of the sticky database residing in the GSS memory, use the sticky database periodic-backup command.

sticky database periodic-backup now

Syntax Description


now	Instructs the GSS device to immediately initiate the periodic sticky database backup.

Command Modes

Privileged EXEC

Usage Guidelines

You may manually initiate a sticky database dump as a database recovery method to ensure that you store the latest sticky database entries before shutting down the GSS.

The GSS sends the sticky database entries to the system dump file as the sticky database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the sticky database at boot time.

Examples

The following example shows how to force an immediate backup of the sticky database residing in the GSS memory:

gss1.example.com# sticky database periodic-backup now

Related Commands

sticky database dump

sticky start

To locally reenable Domain Name System (DNS) sticky on a GSS device after locally disabling the function, use the sticky start command.

sticky start

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

When you restart the GSS, and sticky has been globally enabled at the primary GSSM GUI, the GSS reenables the local DNS sticky function.

Examples

The following example shows how to locally reenable DNS sticky on a GSS device after locally disabling the function:

gss1.example.com# sticky start

Related Commands

sticky stop

sticky stop

To locally disable Domain Name System (DNS) sticky on a GSS device for troubleshooting, use the sticky stop command.

sticky stop

Syntax Description

This command has no keywords or arguments.

Command Modes

Privileged EXEC

Usage Guidelines

You can disable DNS sticky for a single GSS when you need to override the GUI-enabled sticky option. You may need to locally disable sticky on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file. When you restart the device, and sticky has been globally enabled, the GSS reenables DNS sticky.

When you enter the sticky stop command, the GSS immediately stops the following operations:

•Sticky lookups in the sticky database

•Accessing the sticky database for new requests

•Periodic sticky database dumps

•Sticky database entry age-out process

The GSS continues to answer DNS requests according to the DNS rules and keepalive status.

When you disable DNS sticky, the GSS remains locally disabled until you perform one of the following actions:

•Enter the sticky start CLI command.

•Enter the gss restart CLI command to restart the GSS software.

•Enter the gss reload CLI command to perform a cold restart of the GSS device.

If you are using global DNS sticky in your network, upon reentry of the GSS device into the peer mesh, the GSS attempts to synchronize the database entries with the other peers in the mesh. The GSS queries each peer to find the closest up-to-date sticky database. If no update is available from a peer, the GSS initializes the sticky database entries from the previously saved database on the disk if a file is present and valid. Otherwise, the GSS starts with an empty sticky database.

Examples

The following example shows how to locally disable DNS sticky on a GSS device for troubleshooting:

gss1.example.com# sticky stop

Related Commands