Cisco Global Site Selector
CLI Commands
This chapter provides detailed information for the following types of Global Site Selector (GSS) CLI commands:
•
General commands that you can enter after you log in to the GSS in user EXEC and privileged EXEC modes.
•
Global configuration commands that you enter after you log in to the GSS in privileged EXEC mode.
•
Interface configuration commands that you enter after logging in to the GSS in privileged EXEC mode.
•
Global server load-balancing configuration commands that you enter after logging in to the GSS in privileged EXEC mode.
•
Domain and source address list commands that you enter after you access the global server load-balancing configuration mode.
•
Answer and answer group commands that you enter after you access the global server load-balancing configuration mode.
•
Domain Name System (DNS) rule configuration commands that you enter after you access the global server load-balancing configuration mode.
•
DNS sticky configuration commands that you enter after you access the global server load-balancing configuration mode.
•
Proximity configuration commands that you enter after you access the global server load-balancing configuration mode.
The documentation of each command contains the following information:
•
Command Syntax—Information about the correct structure and syntax for the command
•
Usage Guidelines—Detailed information that describes the purpose of the command and its proper application
•
Examples—Command syntax as it appears in a CLI session
•
Related Commands—Other CLI commands with a purpose that is closely related to or dependent on the current command
For more information about accessing a CLI session and using CLI commands, see Chapter 1, Using the Command-Line Interface.
General Commands
The following general commands are available to you immediately after you log in to a GSS. The commands that you can access depend on your permission level.
•
User EXEC permission level provides access to the following commands and any associated no forms:
– cd |
– ls |
– dir |
– ping |
– dnslookup |
– pwd |
– enable |
– scp |
– exit |
– show |
– ftp |
– tail |
– help |
– telnet |
– lls |
– type |
•
Privileged EXEC permission level provides access to all general commands. You can also access commands in the following modes: global configuration, interface configuration, global server load-balancing configuration, and subordinate global server load-balancing configuration modes.
?
To display a list of the available commands and syntax options, use the ? command.
?
Syntax Description
This command has no keywords or arguments.
Command Modes
All command modes
Usage Guidelines
This command displays the commands and syntax options available to you at the point at which you enter the command. For additional background on the use of GSS help, see Chapter 1, Using the Command-Line Interface.
Examples
The following example shows how to display a list of the available commands and syntax options:
dnslookup Resolve hostname (DNS)
enable Turn on privileged commands
ftp Open FTP session to host
help Description of the interactive help system
lls list files in long info
pwd Show present working directory
scp SecureCopy files [scp from to]
show Show running system information
tail Display last 10 lines of a file
telnet Open telnet session to host
access-group Configure access lists
access-list Configure access lists
arp Display system ARP cache
boot-config Display bootable GSS software images
clock Display system clock
disk Display disk information
gslb-config Show configuration for gslb objects
gslb-errors Show errors during most recent script-play
interface Configure interface
inventory Show inventory information
ip Display IP information
license Show license information
logging Configure system logging
logs Display GSS system log
memory Display memory information
processes Display processes on system
properties Display system properties
proximity Display Proximity subsystem information
running-config Show running configuration
services Display status of basic services
snmp Display SNMP information
startup-config Show startup configuration
statistics Display statistics
sticky Display Sticky Database information
system-status Report status of GSS
tacacs Display TACACS+ configuration
tech-support Display information useful to Cisco TAC
telnet Display telnet status
terminal-length Display terminal-length
uptime Display system uptime
user Display user information
users Display configured users
version Display system version
Related Commands
help
cd
To change the directory, use the cd command.
cd directoryname
Syntax Description
directoryname |
Name of the directory. |
Command Modes
User and privileged EXEC
Usage Guidelines
Use this command to maneuver between directories and for file management. The directory name becomes the default prefix for all relative paths. Relative paths do not begin with a slash (/). Absolute paths begin with a slash (/).
Enter cd .. to move to the directory that is one level higher than the one that you are in.
Examples
The following example shows the relative path:
gss1.example.com> cd local1
The following example shows the absolute path:
gss1.example.com> cd /local1
Related Commands
dir
lls
ls
lsof
pwd
clear
To reset GSS statistics for a specific subsystem, use the clear command.
clear statistics {boomerang | ddos [all | attacks | drops | global ] | dns | drpagent | keepalive {all | cra | http-head | icmp | kalap | ns | tcp} | proximity | sticky {mesh} | tacacs}
Syntax Description
statistics |
Resets load-balancing statistics on the GSS. |
boomerang |
Resets statistics that relate to the boomerang server component of the GSS. |
ddos |
Resets statistics that relate to the Distributed Denial of Service (DDoS) detection and mitigation component of the GSS. |
global |
(Optional) Resets global statistics that relate to the GSS DDoS detection and mitigation component. |
attacks |
(Optional) Resets attack statistics that relate to the GSS DDoS detection and mitigation component. |
dns |
Resets statistics that relate to the Domain Name System (DNS) server component of the GSS, including proximity and sticky DNS rule statistics. |
dpragent |
Resets statistics that relate to the DRP agent component of the GSS. |
keepalive |
Resets statistics that relate to the keepalive function of the GSS software. |
all |
Resets statistics for all keepalive types maintained by the GSS. |
cra |
Resets statistics for only content routing agent (CRA)-type keepalives maintained by the GSS. |
http-head |
Resets statistics for only the VIP HTTP-HEAD type keepalive maintained by the GSS. |
icmp |
Resets statistics for only the VIP ICMP-type keepalive maintained by the GSS |
kalap |
Resets statistics for only the VIP KAL-AP-type keepalive maintained by the GSS. |
ns |
Resets statistics for the Name Server-type keepalive maintained by the GSS. |
scripted-kal |
Resets statistics for the Scripted-Kal-type keepalive maintained by the GSS. |
tcp |
Resets statistics for the IP and port TCP-type keepalive maintained by the GSS. |
proximity |
Resets statistics for the network proximity function. |
sticky |
Resets statistics for the DNS sticky function. |
mesh |
Resets mesh and session statistics for the local GSS node of the global sticky mesh. |
tacacs |
Resets TACACS+GSSM statistics. |
Command Modes
Privileged EXEC
Usage Guidelines
Use the clear command to reset global server load-balancing statistics for one or more of your GSS components. Clearing the statistics for a GSS component will erase all record of routing activity and performance for that device.
Examples
The following example shows how to use the clear command:
gss1.example.com# clear statistics boomerang
Are you sure? (yes/no) yes
gss1.example.com# clear statistics dns
Are you sure? (yes/no) yes
cra keepalive statistics cleared
gss1.example.com# clear statistics keepalive kalap
Are you sure? (yes/no) yes
kal-ap keepalive statistics cleared
gss1.example.com# clear statistics proximity
Are you sure? (yes/no) yes
proximity statistics cleared
clear ddos-config
To clear the configuration from the Distributed Denial of Service (DDoS) detection and mitigation subsystem, use the clear ddos-config command.
clear ddos-config
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Examples
The following example shows how to clear the configuration from the DDoS detection and mitigation subsystem:
gss1.example.com# clear ddos-config
clock
To perform the following actions, use the clock command:
•
Read the hardware calendar into the system clock
•
Set the current time or time zone for a GSS device
•
Set daylight saving time to some predefined summer time
•
Reset the GSS to synchronize log time stamps to a new time zone
•
Update the hardware calendar from the system clock
•
Set a user-defined daylight saving time
•
Specify a user-defined time zone
clock {read-calendar | set hh:mm:ss MONTH DD YYYY | summer-time timezone | timezone timezonename | update-calendar | user-summer-time summer-time name | start time | start day |
start week | start month | end time | end day | end week | end month | offset | user-timezone timezone name | hour_offset | minute_offset}
Syntax Description
read-calendar |
Reads the hardware calendar into the system clock. You can use this command when the system clock is reset through NTP and you want to revert back to using the hardware clock. |
set |
Sets the device clock to the date and time provided. |
hh:mm:ss |
Current time to which the GSS device clock is being reset. Specify one or two digits for the hours, minutes, and seconds. |
MONTH DD YYYY |
Current date to which the GSS device clock is being reset. Specify the full name of the month, one or two digits for the day, and four digits for the year. The following month names are recognized: • January • February • March • April • May • June • July • August • September • October • November • December |
summer-time |
Sets daylight saving time to some predefined summer times. |
timezone |
Name of the predefined time zone. The following time zones are recognized: • ADT (Atlantic Daylight Time) • AKDT (Alaska Standard Daylight Time) • CDT (Central Daylight Time) • EDT (Eastern Daylight Time) • MDT (Mountain Daylight Time) • PDT (Pacific Daylight Time) |
timezone |
Resets the GSS to synchronize log time stamps to a new time zone. |
timezonename |
Name of the timezone. Enter ? to list all supported time zones, countries, continents, and cities. The following options are available to set the local time zone for your GSS: • Standard time zone (for example, GMT, EST, UTC) • Country or part of a continent (for example, America, Europe, Egypt) • Specific city (for example, New York, Paris) |
update-calendar |
Updates the hardware calendar from the system clock. You can use this command when the system clock is reset through NTP and you want to synchronize the system time with the hardware clock. |
user-summer-time |
Sets a user-defined daylight saving time. |
summer-time name |
Name of the user-defined summer time. |
start time |
Start time for the user-defined summer time in hours and minutes. Values from 0-23 are recognized. |
start day |
Start day for the user-defined summer time.The following days are recognized: • Friday • Saturday • Sunday • Monday • Tuesday • Wednesday • Thursday |
start week |
Start week for the user-defined summer time. Values from 1-5 are recognized. |
start month |
Start month for the user-defined summer time. The following month names are recognized: • January • February • March • April • May • June • July • August • September • October • November • December |
end time |
End time for the user-defined summer time in hours and minutes. Values from 0-23 are recognized. |
end day |
End day for the user-defined summer time. The following days are recognized: • Friday • Saturday • Sunday • Monday • Tuesday • Wednesday • Thursday |
end week |
End week for the user-defined summer time. Values from 1-5 are recognized. |
end month |
End month for the user-defined summer time. The following month names are recognized: • January • February • March • April • May • June • July • August • September • October • November • December |
offset |
Offset (in minutes) for the user-defined time zone. Values from 0-1440 are recognized. |
user-timezone |
Specifies a user-defined time zone. |
timezone name |
Name of the user-defined time zone. |
hour_offset |
Hour offset for the user-defined time zone. Values from -23 to +24 are recognized. |
minute_offset |
Minute offset for the user-defined time zone. Values from 0-59 are recognized. |
Note
The clock update-calendar and read-calendar commands allow you to synchronize the hardware clock and system clock without reloading the GSS.
Command Modes
Privileged EXEC, global configuration, and interface configuration.
Usage Guidelines
If you previously enabled NTP on a GSS using the ntp enable command, the GSS prevents you from using the clock set command and displays an error message. If you want to manually set the clock for the GSS, first disable NTP using the no ntp enable command before setting the clock.
Examples
The following example shows how to set the GSS device time:
gss1.example.com# clock set 13:01:05 sept 15 2004
gss1.example.com# clock timezone GMT
The following example shows how to set the GSS time zone:
gss1.example.com# clock timezone europe paris
The following example shows how to set a user-defined time zone on the GSS:
gss1.example.com# clock user-timezone EST -5 0
Please restart the GSS (reload) to sync log timestamps to new
timezone.
The following example shows how to set the user-defined summer time on the GSS:
gss1.example.com# clock user-summertime EDT 2:00 Sunday 1 April 2:00
Sunday 5 October 60
Please restart the GSS (reload) to sync log timestamps to new
timezone.
The following example shows how to update the hardware calendar from the system clock:
gss1.example.com# clock update-calendar
The following example shows how to read the hardware calendar into the system clock:
gss1.example.com# clock read-calendar
cnr
To enter the Cisco Network Registrar (CNR) command line interface (the nrcmd program), use the cnr command.
cnr
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
Note
Before entering nrcmd, you must first install and enable CNR.
Upon successful execution of this command, you are prompted for a username and password.
See the Cisco Network Registrar CLI Reference Guide v6.2 at http://www.cisco.com/en/US/docs/net_mgmt/network_registrar/6.2.1/command/reference/cnr621_cliref_book.html for instructions about using the CNR configuration mode commands.
Examples
The following example shows how to enter CNR configuration mode:
zone-edit-mode = synchronous
Related Commands
cnr enable
cnr install/uninstall
cnr security-kit
cnr shell
cnr access-mode enable
To configure the CNR GUI access mode for HTTP, HTTPS, or both protocols, use the following command in exec mode:
cnr access-mode enable {http | https | both}
Syntax Description
http |
HTTP access only is enabled. This is the default. |
https |
HTTPS access only is enabled. |
both |
HTTP and HTTPS access are enabled. |
Command Modes
Privileged EXEC
Usage Guidelines
To enable HTTPS access on port 8443, you need to create a keystore file, copy it to the GSS, and then enable the HTTPS option on the GSS.
When you enable HTTPS access using the https or both keywords, the CLI prompts you to enter the keystore filename (including the path) and password.
When you enable a different access mode setting, the GSS automatically disables the previous setting. For example, if you change the access mode from HTTP to HTTPS, the GSS disables HTTP access.
You must disable CNR before configuring the access mode and then enable CNR when you have completed the configuration process.
For information about configuring the CNR GUI access mode, see the Cisco Global Site Selector Administration Guide.
Examples
The following example shows how to configure the CNR GUI access mode for both HTTP and HTTPS:
gss.example.com(config)# no cnr enable
gss.example.com(config)# exit
gss.example.com# cnr access-mode enable both
gss.example.com(config)# cnr enable
Related Commands
show cnr access-mode
cnr backup-time edit
CNR regularly backs up its database once a day automatically. You can modify the time at which CNR performs the backup by using the following command in privileged EXEC mode:
cnr backup-time edit time
Syntax Description
time |
Specifies the time of day. Use the hh:mm format to specify the time as follows: • hh—Specifies the hour of the day. Enter a value from 0 to 23. The default is 23. • mm—Specifies the minute. Enter a value from 0 to 59. The default is 45. |
Command Modes
Privileged EXEC
Usage Guidelines
If you configure the time for 0:0, CNR backs up the database during the first minute of each day.
You must disable CNR before configuring the backup time and then enable CNR when you have completed the configuration process.
For information about configuring the CNR database backup time, see the Cisco Global Site Selector Administration Guide.
Examples
The following example show how to configure the backup time to 5:45 AM:
gss.example.com(config)# no cnr enable
gss.example.com(config)# exit
gss.example.com# cnr backup-time edit 5:45
gss.example.com(config)# cnr enable
gss.example.com(config)#
Related Commands
show cnr backup-time
cnr install/uninstall
To install Cisco Network Registrar (CNR) on your GSS, use the cnr install command. To uninstall CNR, use the cnr uninstall command.
cnr install cnr-package
cnr uninstall
Syntax Description
cnr-package |
Name of the CNR package. Note You can install CNR without first obtaining the GSS license for the CNR module. It is not mandatory to have both the license file for installing CNR on the GSS and the CNR software package itself.
The CNR software package contains the response file for silent installation, config_cnr, which configures the CNR ports that listen to the GSS. |
Command Modes
Privileged EXEC
Usage Guidelines
The cnr uninstall command also removes the CNR Security Kit if the kit is loaded on the GSS. Before you can uninstall CNR, you must disable it by using the no cnr enable command in configuration mode.
For information about installing and activating the CNR software, see the Cisco Global Site Selector Administration Guide.
Examples
The following example shows how to install the CNR package on the GSS:
gssm1.example.com# cnr install cnr_pak.tar
The following example shows how to disable CNR and then uninstall it:
gssm1.example.com# configure
gssm1.example.com(config)# no cnr enable
gssm1.example.com(config)# exit
gssm1.example.com# cnr uninstall
Related Commands
cnr enable
cnr
cnr security-kit
cnr shell
cnr security-kit
To install and manage the Cisco Network Registrar (CNR) Security Kit on your GSS, use the cnr security-kit command.
cnr security-kit {install filename mode {disable | optional | required} | mode {required | optional | disable} | uninstall}
Syntax Description
install filename |
Specifies the name of the security kit file. |
mode |
Specifies the security kit operating mode. Enter one of the following options: • disable—Specifies that CNR does not use the installed security kit to establish secure connections with other CNR components on the GSS network. • optional—Specifies that CNR uses an unsecure connection if it cannot create a secure connection. • required—Specifies that CNR must use the security kit to create secure connections with with other CNR components on the GSS network. If a secure connection cannot created, then the servers will fail. |
uninstall |
Uninstalls the CNR Security Kit software. |
Command Modes
Privileged EXEC
Usage Guidelines
You can install the optional CNR Security Kit that uses secure sockets layer (SSL) to enable secure communication channels between the various CNR components running on a GSS mesh. For example, if a GSS network consists of four GSS devices with CNR running on each of them, the CNR components communicate with each other to perform such functions a s configuration synchronization or other data synchronization. Without the CNR Security Kit installed, the CNR components communicate with each other over an unsecure channel. Installing the security kit on each of the GSS devices installs the SSL library which enables secure communication channels between the four CNR components.
You must have Cisco Network Registrar Release 6.1.4 or later installed on your GSS devices to use the CNR Security kit.
You must disable CNR before using the cnr security-kit command.
Examples
The following examples show how to install the CNR Security Kit:
gss.example.com(config)# no cnr enable
gss.example.com(config)# exit
gss.example.com# cnr security-kit install cnrsec_2_0_1-linux4.gtar.gz
mode required
Successfully installed CNR security kit
gss.example.com# cnr enable
Related Commandsgss.example.com#
cnr enable
cnr
cnr shell
show cnr security-kit
cnr shell
To enter the restricted Cisco Network Registrar (CNR) shell and execute the available CNR utilities, use the cnr shell command.
cnr shell
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
Upon successful execution of this command, you can press the Tab key to see the available utilities in the CNR shell. You can then execute any of these utilities by entering the utility name. See the Cisco CNS Network Registrar User's Guide for more information about the available utilities.
Examples
The following example shows how to enter the CNR shell, display the utilities, and then execute the cnr_tactool utility:
gssm1.example.com# cnr shell
cnr_exim cnr_tactool.orig cnrdb_load cnrdb_verify
cnr_exim.orig cnrdb_archive cnrdb_printlog cnrservagt
cnr_keygen cnrdb_checkpoint cnrdb_recover cnrsnmp
cnr_keygen.orig cnrdb_deadlock cnrdb_stat cnr_tactool
cnrdb_dump cnrdb_upgrade cnr shell > cnr shell
Related Commands
cnr enable
cnr
cnr install/uninstall
configure
To enter global configuration mode, use the configure command.
configure
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
To exit global configuration mode, use the end or exit commands, or by pressing the Ctrl-Z key sequence.
Examples
The following example shows how to enter global configuration mode:
gss1.example.com# configure
gss1.example.com(config)#
Related Commands
end
exit
copy
To copy configuration settings to or from the GSS device, use the copy command.
copy {ddos-config disk filename | disk startup-config filename | gslb-config disk filename | startup-config disk filename | running-config [disk filename | startup-config]}
Syntax Description
ddos-config disk |
Copies the Distributed Denial of Service (DDoS) configuration file to a named file on disk. |
filename |
Name of the output file containing the GSLB-configuration, startup-configuration or running-configuration information. |
disk startup-config |
Loads the GSS device startup configuration settings from a named file located on the GSS. |
gslb-config disk |
Copies the global server load-balancing configuration to a named file on the GSS. |
startup-config disk |
Copies the GSS device startup configuration to a named file on the GSS. |
running-config disk |
Copies the GSS device current running configuration to a named file on the GSS. |
running-config startup-config |
Copies the GSS device current running configuration as the new startup configuration. |
Command Modes
Privileged EXEC
Usage Guidelines
When supplying an output filename enter the name only. Do not include path information with the filename.
Examples
The following examples show that the copy command is used to load a new startup configuration to the device from a file and to copy the current running configuration to a file:
gss1.example.com# copy disk startup-config configfile
gss1.example.com# copy running config disk runconfigfile
Related Commands
ftp
scp
ddos peacetime
Different Domain Name System (DNS) zones may exhibit different behavior. A high traffic rate on one D-proxy may be perfectly normal for another. A peacetime learning process is required on the GSS.
To configure peacetime learning in the GSS, use the ddos peacetime command and its related commands.
ddos peacetime [apply {increment | overwrite} | database erase | save filename | show [filename | status] | start | stop]
ddos peacetime apply
To apply values learned during the peacetime learning process to the rate-limit database, use the ddos peacetime apply command.
ddos peacetime apply {increment | overwrite}
Syntax Description
increment |
Specifies that you want to apply the peacetime learned values incrementally to the database. |
overwrite |
Specifies that you want to restore all the values in the rate-limit database to their defaults and then update them with the values learned during peacetime. |
Command Modes
Privileged EXEC
Usage Guidelines
This command updates the rate-limit database with the peacetime learned values.
The peacetime database location is specified in the (config-ddos) peacetime database command. If you do not specify this command, the in-memory database is used instead.
Examples
The following example shows how to apply values learned during the peacetime learning process to the rate-limit database:
gssm1.example.com# ddos peacetime apply increment
Related Commands
ddos peacetime database erase
ddos peacetime save
ddos peacetime show
ddos peacetime stop
ddos restore-defaults
ddos peacetime database erase
To erase peacetime learning, use the ddos peacetime database erase command.
ddos peacetime database erase
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Examples
The following example shows how to erase peacetime learning:
gssm1.example.com# ddos peacetime database erase
Related Commands
ddos peacetime apply
ddos peacetime save
ddos peacetime show
ddos peacetime stop
ddos restore-defaults
ddos peacetime save
To save peacetime learning to the memory or to a file on a disk, use the ddos peacetime save command in privileged EXEC mode.
ddos peacetime save filename
Syntax Description
filename |
Name of the file on the disk to which you want to save peacetime learning. |
Command Modes
Privileged EXEC
Examples
The following example shows how to save peacetime learning:
gssm1.example.com# ddos peacetime save samplefile
Related Commands
ddos peacetime apply
ddos peacetime database erase
ddos peacetime show
ddos peacetime stop
ddos restore-defaults
ddos peacetime show
To show values learned during the peacetime learning process or show the peacetime learning status, use the ddos peacetime show command.
ddos peacetime show [filename | status]
Syntax Description
filename |
(Optional) Filename of the peacetime learning process that you want do display values. |
status |
(Optional) Specifies that you want to display the current peacetime learning status. |
Command Modes
Privileged EXEC
Examples
The following example shows how to display the peacetime status:
gssm1.example.com# ddos peacetime show status
DDoS Peacetime Learning is running.
Related Commands
ddos peacetime apply
ddos peacetime database erase
ddos peacetime save
ddos peacetime show
ddos peacetime stop
ddos restore-defaults
ddos peacetime start
To start the peacetime learning process, use the ddos peacetime start command.
ddos peacetime start
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
This command incrementally updates the values in the peacetime database.
Examples
The following example shows how to start peacetime learning:
gssm1.example.com# ddos peacetime start
Related Commands
ddos peacetime apply
ddos peacetime database erase
ddos peacetime save
ddos peacetime stop
ddos peacetime show
ddos restore-defaults
ddos peacetime stop
To stop peacetime learning, use the ddos peacetime stop command.
ddos peacetime stop
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Examples
The following example shows how to stop peacetime learning:
gssm1.example.com# ddos peacetime stop
Related Commands
ddos peacetime apply
ddos peacetime database erase
ddos peacetime save
ddos peacetime show
ddos peacetime start
ddos restore-defaults
ddos restore-defaults
To restore the default rate-limit values in the rate-limit database, use the ddos restore-defaults command.
ddos restore-defaults ipaddress
Syntax Description
ipaddress |
D-proxy IP address. Indicates that you want to restore the rate limit of the designated D-proxy to the default rate and the state to Unknown. |
Command Modes
Privileged EXEC
Examples
The following example shows how to restore the defaults in the rate-limit database:
gssm1.example.com# ddos restore-defaults 1.1.1.2
Related Commands
ddos peacetime apply
ddos peacetime database erase
ddos peacetime save
ddos peacetime show
ddos peacetime stop
ddos peacetime start
del
To delete files from your GSS device, use the del command.
del filename
Syntax Description
filename |
Name of the file to be deleted. |
Command Modes
Privileged EXEC
Examples
The following example shows how to delete files from your GSS device:
gss1.example.com# del oldtechrept.tgz
Related Commands
copy
dir
lls
ls
dir
To view a long list of files in a directory, use the dir command.
dir [directory]
Syntax Description
directory |
(Optional) Name of the directory to list. |
Command Modes
User and privileged EXEC
Usage Guidelines
Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is lls.
The current directory is the default directory.
Examples
The following example shows how to view a long list of files in a directory:
drwxrwxrwx 3 root root 4096 Oct 8 11:09 .
drwxrwxrwx 19 root root 4096 Oct 8 11:13 ..
drwx------ 2 root root 4096 Jan 23 2006 .ssh
-rw-r--r-- 1 root root 135137321 Jan 24 2006 ACR_new.upg
-rw-r--r-- 1 root root 135178281 Jan 24 2006 ACR_new1.upg
-rw-r--r-- 1 root root 135168041 Jan 24 2006 ACR_new2.upg
-rw-r--r-- 1 root root 129597481 Jan 25 2006
gss-1.2.2.2.0-k9.upg
-rw-r--r-- 1 root root 127088681 Jan 24 2006
gss-1.3.0.3.0-k9.upg
-rw-r--r-- 1 root root 127385641 Oct 8 10:54
gss-1.3.0.4.1-k9.upg
-rw-r--r-- 1 root root 2520 Oct 8 11:09 one
-rw-r--r-- 1 root root 3634 Oct 8 11:06
proximitySchema.xsd
-rw-r--r-- 1 root root 3523 Oct 8 11:07
stickySchema.xsd
Related Commands
lls
ls
pwd
disable
To turn off privileged EXEC mode, use the disable command.
disable
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
The disable command places you in user EXEC mode. To turn privileged EXEC mode back on, use the enable command.
Examples
The following example shows how to turn off privileged EXEC mode:
gss1.example.com# disable
Related Commands
enable
exit
dnslookup
To resolve a host or domain name to an IP address, use the dnslookup command.
dnslookup {hostname | domainname}
Syntax Description
hostname |
Name of the host on the network. |
domainname |
Domain name. |
Command Modes
User and privileged EXEC
Examples
The following examples show how the dnslookup command is used to resolve the hostname myhost.cisco.com to IP address 172.31.69.11, cisco.com to IP address 192.168.219.25, and the IP address 10.86.209.210 to gss.cisco.com:
gss1.example.com# dnslookup myhost.cisco.com
Server: mydnsserver.cisco.com
gss1.example.com# dnslookup cisco.com
Server: dns-bxb.cisco.com
gss1.example.com# dnslookup 10.86.209.210
Server: dns-bxb.cisco.com
enable
To access privileged EXEC commands, use the enable command.
enable
Syntax Description
This command has no keywords or arguments.
Command Modes
User and privileged EXEC
Usage Guidelines
To access privileged EXEC mode from user EXEC mode, use the enable command. The disable command takes you from privileged EXEC mode to user EXEC mode.
If you are accessing the GSS remotely using Telnet or SSH, the CLI prompts you for the enable password. The default password is default. For more information about the enable password and configuring a new password, see the "enable-passwd" command.
Examples
The following example shows how to access privileged EXEC commands:
Related Commands
disable
enable-passwd
exit
enable-passwd
To change the enable command password, use the enable-passwd command.
enable-passwd
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
You can control user access to the privileged Exec mode for users that remotely connect to the GSS using Telnet or SSH. When connecting to the GSS remotely, the CLI prompts you for a password when you enter the enable command to access the privileged Exec mode. The default password is default.
You have to be the admin user to configure the enable password.
When you enter the enable-passwd command, the CLI prompts you for an admin password and then to define and confirm the enable password. The password is alphanumeric, can contain spaces and special characters, and can contain a maximum of 32 characters. Leave the password blank to set the password to the default value, which is default.
Note
The enable password is not required when you access the GSS using a console or terminal session. If you forget the enable password, use a console or terminal session to configure a new password.
Examples
The following example shows how to configure the enable password:
localhost.localdomain# enable-passwd
Admin Password: <admin_password>
Set GSS enable Password: <enable_password>
Confirm GSS enable Password: <enable_password>
Related Commands
enable
end
To exit the EXEC or global configuration command shell, use the end command.
end
Syntax Description
This command has no keywords or arguments.
Command Modes
EXEC and global configuration
Usage Guidelines
Use the end command in any configuration mode to return to EXEC mode. This command is equivalent to pressing Ctrl-Z or using the exit command.
The end command entered in the user-level EXEC shell terminates the console or Telnet session.
Examples
The following example shows how to exit the EXEC or global configuration command shell:
gss1.example.com(config)# end
Related Commands
exit
exit
To access the EXEC command shell from the global or interface configuration command shells, use the exit command.
exit
Syntax Description
This command has no keywords or arguments.
Command Modes
All command modes
Usage Guidelines
Use the exit command in any configuration mode to return to EXEC mode. This command is equivalent to the end command or pressing Ctrl-Z.
The exit command entered in the user-level EXEC shell terminates the console or Telnet session.
Examples
The following example shows how to access the EXEC command shell from the global or interface configuration command shells:
gss1.example.com(config)# exit
Related Commands
end
ftp
To launch an FTP session on your GSS device, use the ftp command.
ftp ip_or_host
Syntax Description
ip_or_host |
IP address or hostname of the FTP server that you want to access. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or a mnemonic hostname (for example, myhost.mydomain.com). |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
Use the ftp command in EXEC mode to launch the FTP client and transfer a file to and from remote machines.
Examples
The following example shows how to launch an FTP session on your GSS device:
gss1.example.com# ftp 192.168.0.1
Related Commands
ftp enable
show telnet
telnet
scp
gss
To manage your GSS devices, use the gss command.
gss {disable | enable {gssm-primary | gssm-standby {primary_GSSM_hostname | primary_GSSM_IP_address} | gss {primary_GSSM_hostname | primary_GSSM_IP_address} | restart | start | status [verbose] | stop}
Syntax Description
disable |
Disables the selected device (GSSM or GSS) and removes any existing configuration, including deleting the Global Site Selector Manager (GSSM) database from the GSS device and removing certificate attributes specified using the certificate set-attributes command. This keyword returns the GSS device to the initial, disabled state. Disabling a GSS device is only necessary when you want to switch the role of a GSS within a network (for example, change a GSS to a GSSM or if you need to move a GSS or GSSM to a different network of GSS devices. |
enable |
Enables the selected device to act as the type of device that you specify: either a GSSM or GSS. This keyword creates the embedded database on the primary GSSM that stores and manages the configuration information for the GSS network. It also performs all of the other initialization processes to enable the device in a network of GSS devices. Enabling a GSS device is a one-time initialization step that is required only when you first set up the device within a network of GSS devices. |
gssm-primary |
Configures the selected device to act as the primary GSSM for your GSS network, responsible for maintaining status information about GSS devices and load-balancing information that is distributed to devices on the network. |
gssm-standby |
Configures the selected device to act as a standby GSSM which will take over GSS network management should the primary GSSM go offline. |
primary_GSSM_hostname |
Domain Name System (DNS) hostname of the device currently serving as the primary GSSM. |
primary_GSSM_IP_address |
Network address of the device currently serving as the primary GSSM. |
gss |
Indicates that the selected device should function as a GSS on the GSS network. |
restart |
Stops and restarts the GSS software on the selected device. |
start |
Starts the GSS software on the selected device following the initial configuration or a software upgrade. |
status |
Displays detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the show system-status command. Note The status of the License Manager (LM) and the Distributed Denial of Service (DDoS) prevention module do not appear in the output of the gss status command. Instead, you enter the show ddos status command to obtain DDoS information and the show processes | grep license_manager command to obtain the LM status. |
verbose |
(Optional) Displays the same detailed information about the current operating state of the GSS device as with the gss status command, including the CPU utilization. Note Calculating the CPU utilization can take additional time when using the gss status verbose command. On a busy system, the gss status verbose command can take approximately 10 seconds to complete. If you do not require calculation of the CPU Utilization operating parameter, then we recommend that you use the gss status command. |
stop |
Stops the GSS software before a software upgrade, maintenance, or troubleshooting activities. |
Command Modes
Privileged EXEC
Usage Guidelines
The gss command provides a variety of options for managing your GSSs and GSSMs, including:
•
Designating individual devices to act as a GSS, primary GSSM, or standby GSSM using the gss, gssm-primary, or gssm-standby keywords of the gss command.
•
Controlling the GSS servers on the device so that you can perform the required maintenance and software upgrades using the start, stop, and restart commands.
Examples
The following example shows how to manage your GSS devices:
gssm1.example.com# gss status
Cisco GSS - 1.2(2) GSS [Thu Mar 31 21:09:09 UTC 2005]
Registered to primary GSSM: 10.86.209.167
Normal Operation [runmode = 5]
Nov30 Config Agent (crdirector)
Nov30 Config Server (crm)
Nov30 GUI Server (tomcat)
Nov30 Web Server (apache)
When the DNS server is ready to serve DNS requests, it generates the following subsystem log message and saves it in the system.log file:
Mar 25 10:45:26 gssm1.example.com DNS-5-SELREADYINFO[2073] Selector
ready to start serving DNS requests
Related Commands
gss tech-report
gssm
show sticky
show sticky global
gss tech-report
To generate a detailed report for use by Cisco Technical Assistance Center (TAC) representatives in troubleshooting persistent GSS problems, use the gss tech-report command.
gss tech-report filename
Syntax Description
filename |
User-assigned name for the report generated by the gss tech-report command. |
Command Modes
Privileged EXEC
Usage Guidelines
The file generated is a tar- format archive file with a .tgz extension.
Examples
The following example shows how to generate a detailed report for use by TAC representatives in troubleshooting persistent GSS problems:
gss1.example.com# gss stop
gss1.example.com# gss tech-report gss_techrpt1
Creating report for Cisco TAC. This may take a few minutes...
Created debug package: /home/techrpt1.tgz
gssm
To manage your primary and standby Global Site Selector Manager (GSSM) (GSSM) and your GSS database, use the gssm command.
gssm backup full filename | database {invalidate | maintain | purge-log-records {count number_records | days number_days} | report | status | validate}| primary-to-standby | restore filename | standby-to-primary
Syntax Description
backup |
Performs a backup of GSSM data on the GSS device. |
full |
Performs a backup of both the database component of the GSSM and its network and device configuration information. The primary GSSM backup does not include user files that reside in the /home directory. |
filename |
Name of the database backup file. This file can be the target file for a database backup action or the source file for a database restore action. |
database |
Creates, configures, or removes the embedded database on the GSSM. |
invalidate |
Invalidates GSSM database records. |
maintain |
Cleans up the GSSM database by defragmenting and optimizing the space allocation. |
purge-log-records |
Purges system log messages from the GSSM database for a specified number or period of time. This keyword removes the system log messages that appear on the primary GSSM GUI, the System Log list page of the Tools navigation tab. |
count |
Purges a quantity of database records up to the last n records. |
number_records |
Number of database system log records, starting back from the last record, that will be retained when the database is purged. |
days |
Purges records that cover a set time period up to n days before today. |
number_days |
Number of days back, starting from today, for which database system log records will be retained when the database is purged. |
report |
Generates and displays a report that identifies invalidated database records in the GSSM database. |
status |
Reports the current running status of the GSSM database. |
validate |
Validates GSSM database records. |
primary-to-standby |
Changes the role of the GSSM from the primary to the standby GSSM. |
restore |
Restores the GSSM from a full backup file. |
filename |
Name of the GSSM backup image that will be used to restore the device. |
standby-to-primary |
Changes the role of the GSSM from standby to GSSM. |
Command Modes
Privileged EXEC
Usage Guidelines
Use the gssm database command and keyword to manage the embedded GSS database. The various command options allow you to monitor the status of your database and perform standard maintenance tasks such as backing up and restoring the database, validating the database content, and purging records.
Use the gssm restore command and keyword to restore an earlier version of the GSSM from a full backup image.
Use the gssm standby-to-primary and primary-to-standby command and keywords to switch the role of the selected GSSM in your GSS network. You must make sure that your original primary GSSM is offline before attempting to enable the standby GSSM as the new primary GSSM. Having two primary GSSMs active at the same time may result in the inadvertent loss of configuration changes for your GSS network. If this dual primary GSSM configuration occurs, the two primary GSSMs revert to standby mode and you will need to reconfigure one of the GSSMs as the primary GSSM.
The standby GSSM can temporarily take over the role as the primary GSSM if the the primary GSSM is unavailable (for example, you need to move the primary GSSM or you want to take it offline for repair or maintenance). The switching of roles between the designated primary GSSM and the standby GSSM is intended to be a temporary GSS network configuration until the original primary GSSM is back online. The interim primary GSSM can be used to monitor GSS behavior and make configuration changes if necessary. Once the original primary GSSM is available, reassign the two GSSMs to their original roles in the GSS network as described in the Cisco Global Site Selector Administration Guide.
Examples
The following examples show that the gssm database command is used to check the running status of the GSSM embedded database, back up the database to a file, purge all database records except for the last 50, and delete the database:
gss1.example.com# gssm database report
GSSM database validation report written to validation.log
gss1.example.com# gssm database status
GSSM database is running.
gss1.example.com# gssm database validate
GSSM database passed validation.
gss1.example.com# gssm primary-to-standby
gss1.example.com# gssm standby-to-primary
Related Commands
gss
gss tech-report
gssm
help
To obtain online help for the GSS CLI, use the help command.
help
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, and global configuration
Usage Guidelines
You can get help at any point when specifying a CLI command by entering a question mark (?). If nothing matches, the help list will be empty, and you must back up until entering a ? shows the available options.
Two methods of help are provided at the CLI:
•
Full help is available when you are ready to enter a command argument (for example, show ?) and describes each possible argument.
•
Partial help is provided when you enter an abbreviated command and you want to know what arguments match the input (for example, show clock ?).
Examples
The following example shows how to obtain online help for the GSS CLI:
gss1.example.com# help copy ?
install
To install a new version of the GSS software on your GSS device, use the install command.
install filename
Syntax Description
filename |
Name of the software update file. |
Command Modes
Privileged EXEC
Usage Guidelines
Use this command to install a new image of the GSS software on the Cisco GSS hardware. The upgrade file must be present on the Cisco GSS before you execute this command.
The install command cannot be executed while the Cisco GSS is running (for example, serving Domain Name System [DNS] requests). You must enter the gss stop command before executing the install command.
Examples
The following example shows how to install an updated version of the GSS software:
gss1.example.com# install /gss.upg
Related Commands
show version
license
To install or uninstall a license file on your GSS device, use the license command.
license install filename | uninstall filename
Syntax Description
install |
Installs a license file on the GSS. |
uninstall |
Uninstalls a license file on the GSS. |
filename |
Name of the license file. Note A valid license file always includes the .lic extension. Otherwise, it is considered invalid and is not installed. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about obtaining and installing a license file, see the Cisco Global Site Selector Administration Guide.
Examples
The following example shows how to install the Distributed Denial of Service (DDoS) license on the GSS:
gssm1.example.com# license install ddos.lic
Related Commands
show license
lls
To view a long list of files in a directory, use the lls command.
lls [directory]
Syntax Description
directory |
(Optional) Name of the directory to list. |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
Use this command to view a detailed list of files contained within the working directory, including names, sizes, and the time created. The equivalent command is dir.
The current directory is the default directory.
Examples
The following example shows how to view a long list of files in a directory:
drwxrwxrwx 3 root root 4096 Oct 8 11:09 .
drwxrwxrwx 19 root root 4096 Oct 8 11:13 ..
drwx------ 2 root root 4096 Jan 23 2006 .ssh
-rw-r--r-- 1 root root 135137321 Jan 24 2006 ACR_new.upg
-rw-r--r-- 1 root root 135178281 Jan 24 2006 ACR_new1.upg
-rw-r--r-- 1 root root 135168041 Jan 24 2006 ACR_new2.upg
-rw-r--r-- 1 root root 129597481 Jan 25 2006
gss-1.2.2.2.0-k9.upg
-rw-r--r-- 1 root root 127088681 Jan 24 2006
gss-1.3.0.3.0-k9.upg
-rw-r--r-- 1 root root 127385641 Oct 8 10:54
gss-1.3.0.4.1-k9.upg
-rw-r--r-- 1 root root 2520 Oct 8 11:09 one
-rw-r--r-- 1 root root 3634 Oct 8 11:06
proximitySchema.xsd
-rw-r--r-- 1 root root 3523 Oct 8 11:07
stickySchema.xsd
Related Commands
dir
ls
lsof
pwd
ls
To view a list of files or subdirectory names within a directory, use the ls command.
ls [directory]
Syntax Description
directory |
(Optional) Name of the directory for which you want a list of files. |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
To list the filenames and subdirectories within a particular directory, use the ls directory command; to list the filenames and subdirectories of the current working directory, use the ls command. To view the present working directory, use the pwd command.
The current directory is the default directory.
Examples
The following example shows how to view a list of files or subdirectory names within a directory:
gss-1.0.2.0.2-k9.upg id_rsa.pub megara.back.1_0.full rpms
gss-1.0.904.0.1-k9.upg gss_sample.full megara.back.1_1.full
Related Commands
dir
lls
lsof
pwd
lsof
To view a list of all open files on your GSS device, use the lsof command.
lsof
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
To list the names, file properties, and locations of all files that are currently open on your GSS device, use the lsof command.
Examples
The following example shows how to view a list of all open files on your GSS device:
COMMAND PID USER FD TYPE DEVICE SIZE NODE
NAME
init 1 root cwd DIR 8,7 4096 2 /
init 1 root rtd DIR 8,7 4096 2 /
init 1 root txt REG 8,7 25968 492
/sbin/init
init 1 root mem REG 8,7 341331 29
/lib/ld-2.1.3.so
init 1 root mem REG 8,7 4105868 36
/lib/libc-2.1.3.so
init 1 root 0u unix 0xf7f86f40 5851
socket
init 1 root 10u FIFO 8,8 4098
/rw/dev/initctl
kflushd 2 root cwd DIR 8,7 4096 2 /
kflushd 2 root rtd DIR 8,7 4096 2 /
kflushd 2 root 0u unix 0xf7f86f40 5851
socket
kflushd 2 root 10u FIFO 8,8 4098
/rw/dev/initctl
kupdate 3 root cwd DIR 8,7 4096 2 /
kupdate 3 root rtd DIR 8,7 4096 2 /
kupdate 3 root 0u unix 0xf7f86f40 5851
socket
kupdate 3 root 10u FIFO 8,8 4098
/rw/dev/initctl
kswapd 4 root cwd DIR 8,7 4096 2 /
kswapd 4 root rtd DIR 8,7 4096 2 /
kswapd 4 root 0u unix 0xf7f86f40 5851
socket
kswapd 4 root 10u FIFO 8,8 4098
/rw/dev/initctl
keventd 5 root cwd DIR 8,7 4096 2 /
keventd 5 root rtd DIR 8,7 4096 2 /
keventd 5 root 0u unix 0xf7f86f40 5851
socket
keventd 5 root 10u FIFO 8,8 4098
/rw/dev/initctl
Related Commands
dir
ls
lls
pwd
no
To negate a CLI command or set it to its default settings, use the no command. Some GSS CLI commands do not have a no form.
no command
Syntax Description
copy |
Disables the copying of GSS configuration information or technical support information. |
ftp |
Disables the File Transfer Protocol (FTP) on a GSS device. |
snmp |
Disables Simple Network Management Protocol (SNMP) on a GSS device. |
telnet |
Disables Telnet operations on the GSS device. |
Command Modes
Interface configuration, global, and global server load-balancing configuration
Usage Guidelines
Use the no command to disable functions or negate a command. If you need to negate a specific command, such as the default gateway IP address, you must include the specific string in your command, such as no ip default-gateway ip-address.
Examples
The following example shows how to negate a CLI command or set it to its default settings:
gss1.example.com(config)# no ip name-server 10.11.12.14
gss1.example.com(config)# no ntp-server 172.16.22.44
ping
To send ICMP echo packets for diagnosing basic network connectivity on networks, use the ping command.
ping {hostname | ip-address}
Syntax Description
hostname |
Hostname of the system to send an ICMP echo packet. |
ip-address |
IP address of the system to send an ICMP echo packet. |
Command Modes
User and privileged EXEC
Usage Guidelines
To use this command with the hostname argument, make sure that the Domain Name System (DNS) functionality is configured on your GSS. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press the Ctrl-C key sequence.
Examples
The following example shows how to send ICMP echo packets for diagnosing basic network connectivity on networks:
gss1.example.com# ping gss.cisco.com
PING 172.16.0.0 (172.16.0.0) from 10.1.13.5 : 56(84) bytes of data.
64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=0 ttl=35 time=57.3
ms
64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=1 ttl=35 time=55.8
ms
64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=2 ttl=35 time=55.5
ms
64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=3 ttl=35 time=57.6
ms
64 bytes from gss.cisco.com (172.16.0.0): icmp_seq=4 ttl=35 time=55.3
ms
proximity database delete
To remove entries from the proximity database (PDB), use the proximity database delete command.
proximity database delete {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}
Caution
Use the
proximity database delete
all command in special instances when you want to remove all entries from the PDB in order to have an empty database. Ensure that you want to permanently delete entries from the PDB before you enter this command. You cannot retrieve PDB entries once they are deleted.
Syntax Description
all |
Removes all proximity database entries from the GSS memory. |
assigned |
Removes all static entries from the PBD. |
group name |
Removes all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group. |
inactive minutes |
Removes all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes. |
ip ip_address netmask netmask |
Removes all proximity entries related to a D-proxy IP address and subnet mask. Specify the IP address and subnet mask of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0). |
no-rtt |
Removes all entries from the PDB that do not have valid RTT values. |
probed |
Removes all dynamic entries from the PDB. |
Command Modes
Privileged EXEC
Usage Guidelines
You can remove all PDB entries from the GSS memory by using the proximity database delete all CLI command. This command, however, does not delete PDB entries saved as part of an automatic dump to a backup file on a disk, which the GSS loads upon a reboot or restart to initialize the PDB. To ensure that you successfully remove all PDB entries from both the GSS memory and disk, enter the proximity database delete all command followed by the proximity database periodic-backup now command to force an immediate backup of the empty PDB residing in the GSS memory.
The prompt "Are you sure?" appears to confirm the deletion of all PDB entries. Specify y to delete all entries or n to cancel the deletion operation.
Examples
The following example shows how to remove entries from the proximity database:
gss1.example.com# proximity database delete ip 192.168.8.0
255.255.255.0
Related Commands
proximity database delete
proximity database dump
proximity database load
proximity database periodic-backup
(config-gslb) proximity group
proximity database dump
To dump all or selected entries from the proximity database to a named file as a user-initiated backup file, use the proximity database dump command.
proximity database dump {filename} format {binary | xml} [entry-type {all | assigned | probed}] [entry-address {ip-address} netmask {netmask}]
Syntax Description
filename |
Name of the output file that contains the proximity database entries on the GSS disk. This file resides in the /home directory. The GSS displays a prompt for overwrite confirmation if the filename already exists in the current working directory. |
format |
Dumps the proximity database entries in a binary or Extensible Markup Language (XML) format. Choose binary-encoding as the format type if you intend to load the contents of the file into the proximity database of another GSS. The allowable entries are as follows: • binary—Dumps the assigned proximity entries in a true binary format. This file can only be used with the proximity database load command. • xml—Dumps the assigned proximity entries in an XML format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command. Note Dumping PDB entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes to complete depending on the size of the PDB and the GSS platform in use. We recommend that you do not perform a PDB dump in an XML format during the routine operation of the GSS to avoid a degradation in performance. |
entry-type |
(Optional) Specifies the type of entries to output from the proximity database. The allowable entries are as follows: • all—Dumps static and dynamic entries from the proximity database. (default) • assigned—Dumps statically assigned proximity entries. • probed—Dumps dynamically probed proximity entries. |
entry-address ip-address |
(Optional) Specifies the IP address of the proximity database entry. |
netmask netmask |
Specifies the subnet mask of the proximity database entry in dotted decimal notation (for example, 255.255.255.0). |
Command Modes
Privileged EXEC
Usage Guidelines
The GSS automatically dumps proximity database entries to a backup file on a disk approximately every hour. The GSS uses this backup file to initialize the proximity database upon system restart or reboot to enable the GSS to recover the contents of the database.
You can use the proximity database dump command to dump all or selected entries from the proximity database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.
To view the entire contents of the XML proximity database output file from the GSS, use the type command.
Examples
The following example shows how to dump the dynamic proximity database entries to a file named PDB6_30_04 in binary format:
gss1.example.com# proximity database dump file PDB6_30_04 format
binary entry-type probed entry-address 172.23.5.7 netmask
255.255.255.255
Related Commands
proximity database delete
proximity database delete
proximity database load
proximity database periodic-backup
(config-gslb) proximity group
show statistics
proximity database load
To load and merge proximity database entries from a file into the existing proximity database in GSS memory, use the proximity database load command.
proximity database load filename format binary [override]
Syntax Description
filename |
Name of the proximity database file to load and merge with the existing proximity database on the GSS device. The file must be in a binary format to be loaded into the GSS memory (see the proximity database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the proximity database file to the GSS from a remote GSS. |
format binary |
Loads the assigned proximity file in a true binary format. The file must be in a binary format to be loaded into the GSS memory. |
override |
(Optional) Specifies if the proximity database entries in the file are to override the same entries located in the current GSS proximity database. When you choose the override keyword, static database entries always take priority over dynamic database entries in the database. For the same database entries that exist in both the file and in GSS database memory, the GSS does the following: • Overwrites dynamic entries with any overlapping static entries. • Overwrites static entries with any overlapping static entries, but does not overwrite those entries with any overlapping dynamic entries. If you do not specify the override keyword, the GSS loads all the most recent entries into the memory, which will replace the older entries of the same type (dynamic or static) in the proximity database. For example, the most recent dynamic entries replace the older dynamic entries in the proximity database. |
Command Modes
Privileged EXEC
Usage Guidelines
The proximity database load function supports the migration of proximity database entries from one GSS device into the proximity database of another GSS device. The GSS validates the loaded database entries, checks the software version for compatibility, and then replaces the proximity database in the memory. The file must be in a binary format to be loaded into the GSS memory.
Proximity RTT metrics loaded from the file replace overlapping entries that exist in the database and supplement the nonoverlapping database entries.
Examples
The following example shows how to load and merge the entries from the GSS3PDB file without overriding the existing entries in the GSS proximity database:
gss1.example.com# proximity database load GSS3PDB
Related Commands
proximity database delete
proximity database dump
proximity database periodic-backup
(config-gslb) proximity group
show statistics
proximity database periodic-backup
To force an immediate backup of the proximity database residing in the GSS memory, use the proximity database periodic-backup command.
proximity database periodic-backup now
Syntax Description
now |
Instructs the GSS device to immediately initiate the periodic proximity database backup. |
Command Modes
Privileged EXEC
Usage Guidelines
You may manually initiate a proximity database dump as a database recovery method to ensure that you store the latest proximity database entries before you shut down the GSS.
The GSS sends the proximity database entries to the system dump file as the proximity database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the proximity database at boot time.
Examples
The following example shows how to force an immediate backup of the proximity database residing in the GSS memory:
gss1.example.com# proximity database periodic backup now
Related Commands
proximity database delete
proximity database dump
proximity database load
(config-gslb) proximity group
proximity group-summary dump
To dump the proximity group configuration summary to a specified text file, use the proximity group-summary dump command.
proximity group-summary dump filename
Syntax Description
filename |
Name of the text file in which you want the GSS to dump the proximity group configuration summary. |
Command Modes
Privileged EXEC
Usage Guidelines
You can view the text file containing the proximity group configuration summary using the type filename command.
Examples
The following example shows how to dump the group configuration summary to a sample file and the display this file using the type command:
gss1.example.com# proximity group-summary dump prox-dump-file.txt
gss1.example.com# type prox-dump-file.txt
Proximity Groups:
Group1:
Name: proxa5
Address Block :
11.1.1.36/30
11.1.1.40/30
Group2:
Name: proxa6
Address Block :
11.1.1.44/30
11.1.1.48/30
Related Commands
show proximity group-summary
(config-gslb) proximity group
proximity play-config
To play the static proximity configuration, use the proximity play-config command. This command is useful if the size of static proximity group configuration is quite large since it is more efficient than the script play-config command.
proximity play-config filename
Syntax Description
filename |
Name of the file containing the static proximity configuration. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about using the proximity play-config command, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Examples
This example shows how to play a static proximity configuration:
gssm1.example.com# proximity play-config prox.txt
Tue Mar 6 13:10:43 2007 waiting for postmaster to start....done
Tue Mar 6 13:10:43 2007 postmaster successfully started
proximity group proxa1 ip 11.1.1.4 netmask 255.255.255.252
proximity group proxa1 ip 11.1.1.8 netmask 255.255.255.252
.
.
proximity group proxa50 ip 11.1.2.140 netmask 255.255.255.252
proximity group proxa50 ip 11.1.2.144 netmask 255.255.255.252
###########################################
Please use the following Key required while, playing "proximity
play-config" on SGSSM.
Key: 89l25l5fa7339c1b60a20b60142493328b997b
###########################################
Related Commands
(config-gslb) script play-config
(config-gslb) proximity group
proximity start
To locally reenable proximity on a GSS device after locally disabling the function, use the proximity start command.
proximity start
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Examples
The following example shows how to locally reenable proximity on a GSS device after locally disabling the function:
gss1.example.com# proximity start
Related Commands
proximity stop
proximity statistics group-summary dump
To dump the proximity group summary statistics to a specified text file, use the proximity statistics group-summary dump command.
proximity statistics group-summary dump filename
Syntax Description
filename |
Name of the text file in which you want the GSS to dump the group summary statistics. |
Command Modes
Privileged EXEC
Usage Guidelines
You can view the text file containing the proximity group summary statistics using the type filename command.
Examples
The following example shows how to dump the group summary statistics to a sample text file and the display this file using the type command:
gss1.example.com# proximity statistics group-summary dump
sampletxtfile
gss1.example.com# type sampletxtfile
Proximity Group Statistics Summary:
Group name Target IP Total Entries Total Hits
--------- --------- ------------- ---------------
proxa1 n/a 2 0
proxa10 n/a 2 0
proxa11 n/a 2 0
proxa12 n/a 2 0
proxa13 n/a 2 0
proxa14 n/a 2 0
Proximity Group Statistics Summary:
Related Commands
show statistics proximity
(config-gslb) proximity group
proximity stop
To locally disable proximity on a GSS device for troubleshooting, use the proximity stop command.
proximity stop
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
You can disable proximity for a single GSS when you need to override the GUI-enabled proximity option. You may need to locally disable proximity on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file.
When you enter the proximity stop command, the GSS immediately stops the following operations:
•
Proximity lookups in the proximity database
•
Direct probing between the GSS and DRP agents
•
Refresh probing to obtain the most up-to-date RTT values
•
Periodic proximity database dumps
•
The proximity database entry age-out process
Use the proximity start command to locally reenable network proximity on the GSS device.
Examples
The following example shows how to locally disable proximity on a GSS device for troubleshooting:
gss1.example.com# proximity stop
Related Commands
proximity start
pwd
To view the present working directory, use the pwd command.
pwd
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
Use this command to display the present working directory of the GSS.
Examples
The following example shows how to view the present working directory:
Related Commands
cd
dir
lls
ls
refresh-gssmesh-statistics
To force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics, use the refresh-gssmesh-statistics command from the primary GSSM.
refresh-gssmesh-statistics
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
By default, the GSS devices send the primary GSSM statistical information every five minutes. Before using the show statistics gss-mesh all dns {answer | rule} command, you can force the GSS devices in the mesh to send the primary GSSM their latest statistics by using the refresh-gssmesh-statistics command from the primary GSSM. This ensures that the primary GSSM displays the latest GSS mesh statistics.
The CLI is unavailable for use for five seconds after using refresh-gssmesh-statistics command to give the primary GSSM enough time to receive and process the information. If network traffic is busy, the primary GSSM may not receive the information within the five seconds. If you use the show statistics gss-mesh all dns {answer | rule} command before the primary GSSM receives the new information, the command output may not contain the latest statistical information.
Note
Using the refresh-gssmesh-statistics command increases network traffic between the GSS devices in the mesh. For this reason, we recommend that you use this command only when an update is required.
Examples
The following example shows how to force the GSS devices in the mesh to send the primary GSSM their latest DNS rule and answer statistics:
gss1.example.com# refresh-gssmesh-statistics
Related Commands
show statistics gss-mesh all dns
reload
To halt and perform a cold restart on your GSS device, use the reload command.
reload
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
To reboot the GSS device, use the reload command. Any open connections with the GSS are dropped after you enter the reload command.
If you did not save a startup-configuration to Flash memory, the GSS prompts you to enter configuration parameters upon restart.
Examples
The following example shows how to halt and perform a cold restart on your GSS device:
Related Commands
write
rename
To rename a current GSS file, use the rename command.
rename source_filename new_filename
Syntax Description
source_filename |
Alphanumeric name of the file that you want to rename. |
new_filename |
Alphanumeric name that you want to assign to the file. |
Command Modes
Privileged EXEC
Usage Guidelines
Quotes are not required around filenames. The following special characters are not allowed in the renamed filenames: ` (apostrophe), ; (semicolon), * (asterisk), and a space.
Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.
Examples
The following example shows how to rename a current GSS file:
gss1.example.com# rename startup-config new_startup-config
Related Commands
dir
lls
ls
reset-gui-admin-password
To restore the default administration password that is used to log in to the primary Global Site Selector Manager (GSSM) GUI, or to change the administration password, use the reset-gui-admin-password command.
reset-gui-admin-password [password text]
Syntax Description
password text |
(Optional) Changes the administration password used to log in to the primary GSSM GUI. Enter an unquoted text string with no spaces and a length of 6-16 characters. |
Command Modes
Privileged EXEC
Usage Guidelines
The administrative username and password used to access the primary GSSM GUI are stored in a safe partition of the hard disk to prevent data loss due to power failures. If you change the administrative password, and then either lose or forget the password, you can reset the password back to "default" by entering the reset-gui-admin-password command.
You can also change the administrative password using the reset-gui-admin-password command.
This command is available only from the primary GSSM and standby GSSM CLI.
The default administration password is "default."
Examples
The following example shows how to change the administration password:
gss1.example.com# reset-gui-admin-password password mynewpassword
restore-factory-defaults
To reset your GSS device to its initial state, restoring all factory default settings, use the restore-factory-defaults command.
restore-factory-defaults
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
If your GSS device is improperly configured or is malfunctioning, you can use the restore-factory-defaults command to restore the device to its initial state, allowing you to properly configure it for use on your network.
The restore-factory-defaults command erases your Global Site Selector Manager (GSSM) database and all of its data and resets all network settings, returning your GSS hardware to the same state it was in when it first arrived from the factory. Before you enter the restore-factory-defaults command, ensure that you back up any vital data in the database component of the primary GSSM with its network and device configuration information. Use the gssm backup command to perform a primary GSSM backup. See the Cisco Global Site Selector Administration Guide for details on performing GSS backup.
Note
User files will also be deleted when you enter the restore-factory-defaults command. If you have any important files in the /home directory that you want to save, use either the scp or ftp commands to copy those files before you enter the restore-factory-defaults command.
You cannot enter the restore-factory-defaults command while the GSS is running (for example, serving DNS requests). You must first enter the gss stop command.
Examples
The following example shows how to reset the GSS device to its initial state:
gss1.example.com# restore-factory-defaults
Related Commands
gss
gssm
rotate-logs
To force the GSS device to restart its log files and save archive copies of all existing log files, use the rotate-logs command.
rotate-logs [delete-rotated-logs]
Syntax Description
delete-rotated-logs |
(Optional) Deletes all rotated log files from the / directory and its subdirectories on the GSS disk. The GSS does not delete active log files. |
Command Modes
Privileged EXEC
Usage Guidelines
This command forces the GSS device to save archive copies of all existing log files in the / directory and its subdirectories and replaces them with fresh log files. Existing log files are archived locally using the following naming convention:
logfile_name.log.number
where
•
logfile_name.log is the name of the archived log file (for example, gss.log or kale.log)
•
number is an incremented number representing the number of times that the logs have been rotated (for example, .3). The number of the most recent rotated log file is .1. The maximum number of log files is 25 for the gss.log file.
The delete-rotated-logs keyword clears all rotated log files in the / directory and its subdirectories except for the active log files.
Examples
The following example shows how to force the GSS device to restart its log files and save archive copies of all existing files:
gss1.example.com# rotate-logs
Related Commands
logging
scp
To securely copy files from a GSS device where you are logged in, use the scp command.
scp {source_path [source_filename] user@target_host:target_path}
To securely copy files from another device to a GSS device where you are logged in, use the scp command.
scp {user@source_host:/source_path[source_filename] target_path}
Syntax Description
source_path |
Relative directory path and filename on the source device of the file that is being transferred. |
source_filename |
(Optional) Name of the file to be copied. |
user@target_host |
Login account name and hostname for the device to which you are copying files. |
target_path |
Relative directory path on the target device to which the file is being copied. |
user@source_host |
Login account name and hostname for the device from which you are copying files. |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
The GSS supports one-way communication only in SCP. You can copy GSS files from the GSS where you are logged in to an external device. You can also copy files from an external device to the GSS. However, from an external device, you cannot execute the scp command and get files from the GSS. You can only use scp from the GSS.
After logging in to the CLI for the device that you intend to copy files to or from, enter the scp command following the syntax description provided above. You may be prompted to log in to the remote device before you are allowed to navigate to the target directory.
Examples
The following example shows how to securely copy files from a GSS device to which you are logged on:
gss1.example.com> scp /tmp/system.log myusername@192.168.2.3:/home
gss1.example.com> scp myusername@192.168.0.0:/home/mygssmfile.log
/home
Related Commands
ftp
setup
To initiate a special setup script that guides you through the basic process of configuring the GSS, use the setup command.
setup
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC and global configuration
Usage Guidelines
The setup command configures basic configuration information from the CLI. Use this command when the GSS boots without a startup-configuration file (for example, when the GSS is new and the system was not configured upon initial startup). When you enter the setup command, the GSS software displays a series of prompts. You must go though all of the prompts and make changes only to those fields that you want to modify. When completed, the software prompts you to perform one of the following:
•
Apply as the Running Configuration—Applies setup configuration changes to the running-configuration file.
•
Edit This Configuration—Returns to the beginning of setup and edits specific configuration information.
•
Discard Configuration and Quit Setup—Cancels making initial configuration changes.
Once configuration setup is complete, the GSS software prompts you to log in to the primary GSSM GUI and finish the device setup.
The setup command cannot be executed while the GSS is running. You must enter the gss stop command before executing the setup command.
Examples
The following example shows how to initiate a special setup script that guides you through the basic process of configuring the GSS:
##############################
## GSS Initial Setup Script ##
##############################
This setup utility will help guide you through the basic configuration
necessary to get a GSS up and running. The script will not make any
modifications on the running system. At the end you will be able to
review and edit the new configuration and before applying it to the
Typing CTRL-C at any prompt quits the script immediately.
The values in brackets '[]' are the defaults, and can be selected
This setup script will help with only the basic GSS and GSSM
configuration.
To configure DNS rules, it will be necessary to log into the Primary
GSSM
Do you want to continue? (y/n) [no]: y
Enter the Hostname of this device [host.cisco.com]:
* Interface eth0 (Active - IP: 192.168.1.25 Mask: 255.255.255.0)
Do you want to change this? (y/n) [n]:
* Interface eth1 (Inactive)
Do you want to change this? (y/n) [n]:
Do you want to configure a default gateway? (y/n) [y]:
Enter the default gateway [10.86.208.1]:
Enter the IP addresses for up to 8 Name Servers.
Enter a dash ('-') at a blank entry to stop entering Name Servers.
At least one Name Server is required for this setup script.
Enter Name Server 1 [172.16.124.122]:
Enter Name Server 2: 192.168.1.2
Enter Name Server 3: 172.16.10.12
Do you want to enable FTP access? (y/n) [y]:
Do you want to enable Telnet access? (y/n) [n]:
Do you want to enable SSH access? (y/n) [y]:
Do you want to configure this GSS as a Manager (gssm)? (y/n) [y]:
Do you want to configure this GSSM as the Primary? (y/n) [y]:
The following configuration command script was created:
ip address 192.168.1.25 255.255.255.0
hostname host-gss.cisco.com
ip default-gateway 10.86.208.1
ip name-server 172.16.124.122
ip name-server 192.168.1.2
ip name-server 172.16.10.12
What would you like to do?
1) Apply as the Running Configuration
2) Edit this configuration
3) Discard Configuration and Quit Setup
show access-group
To display a list of the access lists associated with your GSS interfaces Ethernet 0 and Ethernet 1, use the show access-group command.
show access-group
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show access-group command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
access-group
access-list
show access-list
show access-list
To display a list of the access lists configured on your GSS device, use the show access-list command.
show access-list
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
The show access-list command displays a list of access lists on your GSS device, regardless of whether they are being used. Access lists must be applied to a particular GSS interface before they can be used to filter GSS traffic.
For information about the fields in the show access-list command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
access-group
access-list
show access-group
show arp
To display ARP information, use the show arp command.
show arp
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
The show arp command displays the complete ARP resolution table with IP addresses, MAC addresses, and resolution type.
For information about the fields in the show arp command output, see the Cisco Global Site Selector Administration Guide.
show boot-config
To display information about the GSS software, such as the current boot image and boot device information, use the show boot-config command.
show boot-config
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
For information about the fields in the show boot-config command output, see the Cisco Global Site Selector Administration Guide.
show clock
To display the system clock, use the show clock command. This command displays date and time information, such as the day of the week, the month, the time (hh:mm:ss), and the year in Greenwich mean time (GMT).
show clock
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show clock command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
clock
show cnr access-mode
To display the current CNR access mode setting (http, https, or both), use the following command:
show cnr access-mode
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC
Usage Guidelines
For information about the fields in the show cnr access-mode command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr access-mode enable
show cnr aslb
To display the current operating state of the additional section load balancing ASLB feature (enabled or disabled), use the following command:
show cnr aslb
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
For information about the show cnr aslb command, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr aslb enable
show cnr backup-time
To display the current CNR database backup time, use the following command:
show cnr backup-time
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC,
Usage Guidelines
For more information about the show cnr backup-time command, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr backup-time edit
show cnr security-kit
To see if the CNR Security kit is installed on the GSS and display the current security kit operating mode setting (disabled, optional, or required), use the following command:
show cnr security-kit
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC
Usage Guidelines
For information about the fields in the show cnr security-kit command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr security-kit
show ddos
To display Distributed Denial of Service (DDoS) detection and mitigation statistics on a GSS, use the show ddos and its related commands.
show ddos [attacks | dproxy [ipaddress | spoofed | trusted] | failed-dns [failed-domains | global-domain-rules | gslb-rules] | rate-limit [ipaddress | global] | config | status]
attacks |
See the show ddos attacks command for a detailed syntax description. |
dproxy [ipaddress | spoofed | trusted] |
See the show ddos dproxy command for a detailed syntax description. |
failed-dns [failed-domains | global-domain-rules | gslb-rules] |
See the show ddos failed-dns command for a detailed syntax description. |
rate-limit [ipaddress | global] |
See the show ddos rate-limit command for a detailed syntax description. |
config |
See the show ddos-config command for a detailed syntax description. |
status |
See the show ddos status command for a detailed syntax description. |
show ddos attacks
To display Domain Name System (DNS) attacks detected by the GSS, use the show ddos attacks command.
show ddos attacks
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show ddos attacks command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos dproxy
show ddos failed-dns
show ddos rate-limit
show ddos-config
show ddos status
show statistics ddos
show ddos dproxy
To show spoofed and nonspoofed D-proxies on the GSS, use the show ddos dproxy command.
show ddos dproxy [ipaddress | spoofed | trusted]
Syntax Description
ipaddress |
D-proxy IP address. |
spoofed |
Specifies the spoofed D-proxies. |
trusted |
Specifies the trusted D-proxies. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show ddos dproxy command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos failed-dns
show ddos rate-limit
show ddos-config
show ddos status
show statistics ddos
show ddos failed-dns
To show the last x number of domain names that caused failed Domain Name System (DNS) queries at the GSS or the number of failed DNS queries per D-proxy, use the show ddos failed-dns command.
show ddos failed-dns [failed-domains | global-domain-rules | gslb-rules]
Syntax Description
failed-domains |
(Optional) Specifies the failed domain names due to a GSLB-rule mismatch. Note Even if Distributed Denial of Service (DDoS) is disabled, you can use this keyword to list the failed domain names due to the GSLB-rule mismatch. The list is updated even if DDoS is disabled. |
global-domain-rules |
(Optional) Specifies the number of failures due to a global domain mismatch. |
gslb-rules |
(Optional) Specifies the number of failures due to a GSLB-rule mismatch. |
Command Modes
Privileged EXEC
Usage Guidelines
Note
Failed DNS queries refer to the DNS queries for a domain that are not configured on the GSS.
For information about the fields in the show ddos failed-dns command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos dproxy
show ddos rate-limit
show ddos-config
show ddos status
show statistics ddos
show ddos rate-limit
To show the rate limits per D-proxy and the number of packets dropped per source, use the show ddos rate-limit command.
show ddos rate-limit [ipaddress | global]
Syntax Description
ipaddress |
(Optional) IP address of the D-proxy. |
global |
(Optional) Specifies the global rate limit on the GSS. |
Usage Guidelines
For information about the fields in the show ddos rate-limit command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos dproxy
show ddos failed-dns
show ddos-config
show ddos status
show statistics ddos
show ddos-config
To display the contents of the Distributed Denial of Service (DDoS) running configuration file, use the show ddos-config command.
show ddos-config
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show ddos-config command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos dproxy
show ddos failed-dns
show ddos rate-limit
show ddos status
show statistics ddos
show ddos status
To display the status of the Distributed Denial of Service (DDoS) detection and mitigation module on the GSS, use the show ddos status command.
show ddos status
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show ddos status command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos dproxy
show ddos failed-dns
show ddos rate-limit
show ddos-config
show statistics ddos
show disk
To display information about the GSS hard disk, use the show disk command. The information includes the available user space on the disk, the size of the database, and the space available.
show disk
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show disk command output, see the Cisco Global Site Selector Administration Guide.
show ftp
To display the operating status of the File Transfer Protocol (FTP) for your GSS device, use the show ftp command.
show ftp
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show access-list command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
ftp
show telnet
show snmp
show gslb-config
To display GSS global server load-balancing configuration information, use the show gslb-config command.
show gslb-config [answer-group [name] | answer [ip_address {type} | name] | dns rule [name] | domain-lists [name] | keepalive-properties | locations [name] | owners [name] | proximity-properties | region [name] | shared-keepalives [ip_address] | source-address-lists [name] | static-proximity [name] | sticky-groups [name] | sticky-properties | zones [name]]
Syntax Description
answer-group |
(Optional) Specifies the current property settings for all configured answer groups. |
name |
(Optional) Current property settings for the named answer group. |
answer |
(Optional) Specifies the current property settings for all configured answers. |
ip_address |
(Optional) Current property settings for answers that use the specified IP address. |
type |
Current property settings for answers (by type) that use the specified IP address. Answer types are: vip, cra, and ns. |
name |
Current property settings for the named answer. |
dns rule |
(Optional) Specifies the current property settings for all configured Domain Name System (DNS) rules. |
name |
(Optional) Current property settings for the named DNS rule. |
domain-lists |
(Optional) Specifies the current property settings for all configured domain lists. |
name |
(Optional) Current property settings for the named domain list. |
keepalive-properties |
(Optional) Specifies the current property settings for all configured keepalives. |
locations |
(Optional) Specifies the current property settings for all configured locations. |
name |
(Optional) Current property settings for the named location. |
owners |
(Optional) Specifies the current property settings for all configured owners. |
name |
(Optional) Current property settings for the named owner. |
regions |
(Optional) Specifies the current property settings for all configured regions. |
name |
(Optional) Current property settings for the named region. |
shared-keepalives |
(Optional) Specifies the current property settings for all configured shared keepalives. |
ip_address |
(Optional) Current property settings for shared keepalives that use the specified IP address. |
source-address-lists |
(Optional) Specifies the current property settings for all configured source address lists. |
name |
(Optional) Current property settings for the named source address list. |
static-proximity |
(Optional) Specifies the current property settings for all configured proximity groups. |
name |
(Optional) Current property settings for the named proximity group. |
sticky-groups |
(Optional) Specifies the current property settings for all configured sticky groups. |
name |
(Optional) Current property settings for the named sticky group. |
sticky-properties |
(Optional) Specifies the current sticky mesh property settings. |
zones |
(Optional) Specifies the current property settings for all configured zones. |
name |
(Optional) Current property settings for the named zone. |
Command Modes
User EXEC, privileged EXEC, global configuration, and global server load-balancing
Examples
The following example shows how to display all currently configured keepalive properties:
gssm1.example.com(config)# gslb
gssm1.example.com(config-gslb)# show gslb-config keepalive-properties
keepalive-properties scripted kal standard min-interval 40
keepalive-properties icmp standard min-interval 40
keepalive-properties tcp fast retries 1 successful-probes 1
keepalive-properties http-head standard min-interval 40 port 80
termination reset timeout 20 path /
keepalive-properties kalap fast retries 1 successful-probes 1
keepalive-properties cra timing-decay 2 min-interval 10
keepalive-properties ns query-domain . min-interval 40
Related Commands
show gslb-errors
show gslb-errors
To display any errors that occurred after executing the (config-gslb) script play-config command, use the show gslb-errors command.
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and global server load-balancing.
Related Commands
show gslb-config
(config-gslb) script play-config
show interface
To display GSS hardware interface information, use the show interface command.
show interface {eth0 | eth1}
Syntax Description
eth0 |
Specifies the first Ethernet interface (eth0) on your GSS device. |
eth1 |
Specifies the second Ethernet interface (eth1) on your GSS device. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show interface command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
show gslb-config
show running-config
show inventory
To display GSS Unique Device Identifier (UDI) data, use the show inventory command.
show inventory
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show inventory command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show tech-support
show ip routes
To display the IP routing table for the GSS, use the show ip routes command.
show ip routes
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show ip routes command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
lls
show license
To display system license data, use the show license command.
show license active | file-name [list | filename] | installed | gss-all
Syntax Description
active |
Specifies the currently enabled license modules. |
file-name [list | filename] |
Specifies a complete listing of the license files or the details of a specific license file. |
installed |
Specifies a list of the currently-installed license modules. |
gss-all |
Specifies a complete listing of the licenses installed in the GSS network. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about the show license command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
license
show logging
To display the system message log configuration, use the show logging command.
show logging
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show logging command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
logging
show logs
To send the log activity to your current session, use the show log command.
show logs {follow | tail}
Syntax Description
follow |
Displays the log file as data that is appended to it. |
tail |
Displays only the last 10 lines of the log file. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Use the show logs command to send the log activity to your current session. The show logs command displays the contents of the gss.log file, which contains information about the GSS activity that is most useful to GSS administrators.
For information about the fields in the show logs command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
logging
show license
show memory
To display memory blocks and statistics, use the show memory command.
show memory
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show memory command output, see the Cisco Global Site Selector Administration Guide.
show ntp
To display the Network Time Protocol (NTP) configuration, use the show ntp command.
show ntp
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show ntp command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
ntp enable
ping
show processes
To display a list of internal GSS device processes, use the show processes command.
show processes
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show processes command output, see the Cisco Global Site Selector Administration Guide.
show properties
To display a list of configuration property settings for the GSS device, use the show properties command.
show properties
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Examples
The following example shows how to display the configuration property settings for the GSS:
gss1.example.com# show properties
ServerConfig.dnsserver.returnError: 0
...
Related Commands
proximity database delete
show proximity
To display general status information about the proximity subsystem, use the show proximity command.
show proximity
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show proximity group-name
show proximity group-summary
show statistics
show sticky global
show proximity database
To display the proximity database (PDB) entries by specifying one or more entry matching criteria, use the show proximity database command.
show proximity database {all | assigned | group {name} | inactive minutes | ip {ip-address} netmask {netmask} | no-rtt | probed}
Syntax Description
all |
Displays all entries in the proximity database. |
assigned |
Displays all static entries in the proximity database. |
group name |
Displays all entries that belong to a named proximity group. Specify the exact name of a previously created proximity group. |
inactive minutes |
Displays all dynamic entries that have been inactive for a specified time. Valid values are 0-43200 minutes. |
ip ip-address netmask netmask |
Displays all proximity entries related to a D-proxy IP address and subnet mask. Specify the IP address and subnet mask of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0 255.255.255.0). |
no-rtt |
Displays all entries in the PDB that do not have valid round-trip time (RTT) values. |
probed |
Displays all dynamic entries in the PDB. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show proximity database command, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Examples
The following example shows how to display entries related to the D-proxy IP address 192.168.8.0 and subnet mask 255.255.255.0:
gss1.example.com# show proximity database ip 192.168.8.0 255.255.255.0
Related Commands
show proximity
show proximity group-summary
show proximity group-name
To display statistics for a specific proximity group, use the show proximity group-name command.
show proximity group-name groupname
Syntax Description
groupname |
Name of a proximity group. Enter the exact name to display all proximity database entries related to that group. |
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show proximity group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
show proximity
show proximity group-summary
show proximity group-summary
To display a summary of statistics for all configured proximity groups, use the show proximity group-summary command.
show proximity group-summary
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
This command displays the configuration output to the console only if the number of proximity elements, or IP blocks, is less than 1000. (This value is not configurable). If the number of proximity elements is more than 1000, an error message displays asking you to execute the proximity group-summary dump filename command.
For information about the fields in the show proximity group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
show proximity
show proximity group-name
proximity group-summary dump
show running-config
To display the current running configuration of the GSS device, use the show running-config command.
show running-config
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, interface, and global server load-balancing
Usage Guidelines
Use this command with the show startup-config command to compare the information in the running memory to the startup-configuration file used during the bootup process.
For information about the show running-config command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr
copy
show startup-config
show services
To display the current state of the GSS services, such as the File Transfer Protocol (FTP), Network Time Protocol (NTP), Secure Shell (SSH), Terminal Access Controller Access Control System Plus (TACACS+), Telnet, and Simple Network Management Protocol (SNMP), use the show services command.
show services
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show services command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show sticky global
show snmp
To display the Simple Network Management Protocol (SNMP) operating status, use the show snmp command.
show snmp
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show snmp command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
snmp
show ssh
To display Secure Shell (SSH) status and configuration information, use the show ssh command.
show ssh
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show ssh command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
ssh enable
show startup-config
To display the startup configuration, use the show startup-config command.
show startup-config
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Use this command to display the configuration used during an initial bootup that is stored in a safe partition of the hard disk to prevent the loss of data due to power failures.
For information about the show startup-config command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
cnr
copy
show services
show statistics
To display GSS load-balancing statistics, use the show statistics command. The options for this command are as follows:
•
show statistics boomerang—Displays statistics related to the boomerang server component of the GSS
•
show statistics ddos—Displays statistics related to the Distributed Denial of Service (DDoS) prevention module of the GSS
•
show statistics dns—Displays statistics from the Domain Name System (DNS) component of the GSS
•
show statistics drpagent—Displays statistics for the Director Response Protocol (DRP) agent
•
show statistics gss-mesh all dns—Displays statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh
•
show statistics keepalive—Displays statistics for the keepalive component of the GSS software
•
show statistics proximity—Displays statistics about the network proximity operation of your GSS device
•
show statistics sticky—Displays general statistics about the sticky database
•
show statistics tacacs—Displays the current TACACS+ statistics
Each GSS device includes a comprehensive set of show statistics CLI commands to display content routing and load-balancing statistics for each major component involved in the GSS global server load-balancing operation. The GSS global server load-balancing components include boomerang (CRAs), DNS, and VIP keepalives. You can also monitor advanced traffic management functions, such as Domain Name System (DNS) sticky and network proximity, for the GSS device.
For example, you can use the show statistics dns command to view the traffic handled by a particular DNS rule, which matches a D-proxy to an answer, or to analyze the traffic to a particular hosted domain that is managed by a GSS.
Note
If you specify the show statistics command after entering either the gss start command or the reload command, the GSS device can take approximately 1 minute before the command takes effect and displays the requested statistics.
For more information about these keywords and associated arguments, see the following commands.
show statistics boomerang
To display statistics related to the boomerang server component of the GSS, use the show statistics boomerang command.
show statistics boomerang {domain domain_name | global}
Syntax Description
domain |
Displays statistics related to the named domain that is being served by the GSS. |
domain_name |
Name of the domain. |
global |
Displays statistics across the entire GSS network for the boomerang server. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show statistics boomerang command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show statistics
show statistics dns
To display statistics from the Domain Name System (DNS) component of the GSS, use the show statistics dns command.
show statistics dns {answer [list | verbose | answer_name] | answer-group [list | group_name [verbose]] | domain [list | domain_name] | domain-list [list | domain_list_name [verbose]] | global | proximity rule | rule [list | rule_name [verbose]] | source-address [list | sa_name] | source-address-list [list | sa_list_name [verbose]] | sticky rule}
Syntax Description
answer |
Displays the accumulated hit count for each configured answer. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval. |
list |
(Optional) Lists the names of all answers configured for the GSS. |
verbose |
(Optional) Allows you to display detailed statistics for each answer. In addition to the information that displays when you do not use an optional keyword, the DNS name also displays. |
answer_name |
(Optional) Name of an answer for which statistics are displayed. |
answer-group |
Displays the total hit count for each configured answer group. |
list |
(Optional) Lists the names of all answer groups configured for the GSS. |
group_name |
(Optional) Name of an answer group for which statistics are displayed. |
verbose |
(Optional) Allows you to view detailed statistics for each answer that makes up an answer group. |
domain |
Displays the accumulated hit count for each configured host domain. The statistics also include the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval. |
list |
(Optional) Lists the names of all domains configured for the GSS. |
domain_name |
(Optional) Name of a domain for which statistics are displayed. |
domain-list |
Displays the total accumulated hit count for each configured domain list. |
list |
(Optional) Lists the names of all domains configured for the GSS. |
domain_list_name |
(Optional) Name of a domain list for which statistics will be displayed. |
verbose |
(Optional) Allows you to view detailed statistics for each domain that makes up a domain list. |
global |
Displays general DNS statistics for the GSS device in use. |
proximity rule |
Displays all proximity lookups and failures by the DNS rule name. |
rule |
Displays the total hit count and success count for each configured DNS rule. |
list |
(Optional) Lists the names of all DNS rules configured for the GSS. |
rule_name |
(Optional) Name of a DNS rule for which statistics are displayed. |
verbose |
(Optional) Allows you to view detailed statistics for the specified rule. |
source-address |
Displays the accumulated hit count for each configured source address. The statistics also includes the per-second average hit count calculated during a last-minute interval, a 5-minute interval, a 30-minute interval, and a 4-hour interval. |
list |
(Optional) Lists the names of all source addresses configured for the GSS. |
sa_name |
(Optional) Name of a source address for which statistics are displayed. |
source-address-list |
Displays the total hit count for each configured source address list. The statistics also include the last minute average, 5-minute average, 30-minute average, and 4-hour average of the hit counts. |
list |
(Optional) Lists the names of all source addresses. |
sa_list_name |
(Optional) Name of a source address list for which statistics are displayed. |
verbose |
(Optional) Allows you to view detailed statistics for each name in the source address list. |
sticky rule |
Displays all DNS sticky lookups and failures by the DNS rule name. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show statistics dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show statistics
show statistics ddos
To display Distributed Denial of Service (DDoS) global or attack statistics, use the show statistics ddos command.
show statistics ddos [attacks | global]
Syntax Description
attacks |
(Optional) Displays DDoS attack statistics. |
global |
(Optional) Displays DDoS global statistics. |
Command Modes
Privileged EXEC
Usage Guidelines
For information about the fields in the show statistics ddos command output, see the Cisco Global Site Selector CLI-Based Global Server Load Balancing Configuration Guide.
Related Commands
show ddos attacks
show ddos dproxy
show ddos failed-dns
show ddos rate-limit
show ddos-config
show ddos status
show statistics drpagent
To display statistics on the Director Response Protocol (DRP) agent, use the show statistics drpagent command.
show statistics drpagent
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and drp
Usage Guidelines
For information about the fields in the show statistics drpagent command output, see the Cisco Global Site Selector CLI-Based Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show statistics
show statistics gss-mesh all dns
To display statistics from the Domain Name System (DNS) component of each GSS in the GSS mesh, use the show statistics gss-mesh all dsn command from the primary GSSM
show statistics gss-mesh all dns {answer [type {cra | ns | vip}] [ip_address] | rule [rule_name]}
Syntax Description
answer |
Displays the accumulated hit count for each configured answer. |
type |
(Optional) Specifies statistics for one of the following answer types: • cra—Content routing agent answer type • ns—DNS name server answer type • vip—Virtual IP answer type |
ip_address |
(Optional) IP address of a specific GSS in the GSS mesh. |
rule |
Displays the total hit count and success count for each configured DNS rule. |
rule_name |
(Optional) Name of a DNS rule for which statistics are displayed. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show statistics gss-mesh all dns command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
refresh-gssmesh-statistics
show logs
show statistics
show statistics keepalive
To display statistics about the keepalive component of the GSS software, use the show statistics keepalive command.
show statistics keepalive {cra {ip_address | all | list} | global | http-head {ip_address | all | list} | icmp {IP_address | all | list} | kalap {ip_address | all | list} | scripted-kal {name | all | list} | ns {ip_address | all | list} | tcp {ip_address | all | list}}
Syntax Description
cra |
Displays statistics for configured content routing agent (CRA) keepalive types managed by the keepalive component and used with Boomerang-type answers. |
ip_address |
IP address for which statistics are displayed. |
all |
Displays all configured CRA-type keepalives. |
list |
Lists all available IP addresses. |
global |
Displays keepalive statistics across the entire GSS device. |
http-head |
Displays statistics for configured HTTP HEAD keepalive types managed by the GSS and used with VIP-type answers. |
all |
Displays all configured HTTP HEAD-type keepalives. |
icmp |
Displays statistics for configured ICMP keepalive types managed by the GSS and used with VIP-type answers. |
all |
Displays all configured ICMP-type keepalives. |
kalap |
Displays statistics for configured KAL-AP keepalive types managed by the GSS and used with VIP-type answers. |
all |
Displays all configured KAL-AP-type keepalives. |
scripted-kal |
Displays statistics for configured Scripted keepalive types managed by the GSS and used with VIP-type answers. |
name |
KAL name for which you want to display keepalive statistics. |
all |
Displays all configured Scripted keepalives. |
ns |
Displays statistics for configured name server (NS) keepalive types managed by the GSS and used with name server type answers. |
all |
Displays all configured name server-type keepalives. |
tcp |
Displays statistics for configured TCP keepalive types managed by the GSS and used with IP-type answers. |
all |
Displays all configured TCP-type keepalives. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the fields in the show statistics keepalive command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show statistics
show statistics proximity
To display statistics about the network proximity operation of your GSS device, use the show statistics proximity command.
show statistics proximity {database | group-name {name} | group-summary | lookup | probes {detailed}}
Syntax Description
database |
Displays the overall statistics on the proximity database, such as the number of entries currently in the proximity database, the number of entries dropped, and the rate of lookups. |
group-name name |
Display statistics for the specified proximity group. |
group-summary |
Displays a summary of statistics for all configured proximity groups. Note This command displays the proximity statistics to the console only if the number of proximity groups is less than 1000. If the number of proximity groups is more than 1000, an error message displays asking you to execute the proximity statistics group-summary dump filename command. |
lookup |
Displays statistics about the proximity lookups that have occurred on this GSS. |
probes |
Display general probe success and failure counts. |
detailed |
Detailed statistics for the ICMP and TCP probes that relate to all configured zones. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Network proximity statistics include information about the proximity database on the GSS device, individual zones, probing requests, and round-trip time (RTT) coverage.
For information about the fields in the show statistics proximity command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show proximity
show proximity group-name
show proximity group-summary
show statistics
show statistics sticky
To display general statistics about the sticky database, use the show sticky statistics command.
show statistics sticky {global | group-name {name} | group-summary | mesh}
Syntax Description
global |
Displays a summary of global sticky statistics. |
group-name name |
Displays statistics for the specified sticky group. |
group-summary |
Displays a summary of statistics for all configured sticky groups. |
mesh |
Displays detailed statistics for each GSS device in the global sticky mesh. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Sticky statistics include the total number of hits and misses in the sticky database, number of entries in the sticky database, and total number of lookups.
For information about the fields in the show statistics sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
logging
show logs
show statistics
show sticky
show sticky database
show sticky global
show sticky group-name
show sticky group-summary
show sticky mesh
show statistics tacacs
To display the current Terminal Access Controller Access Control System Plus (TACACS+) statistics, use the show statistics tacacs command.
show statistics tacacs
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Each server is identified by the IP address and port. There is a Pass, Fail, and Error counter for each authentication, authorization, and accounting service.
For information about the fields in the show statistics tacacs command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
clear
logging
show logs
show statistics
show tacacs
show sticky
To display general status information about the sticky subsystem, use the show sticky command.
show sticky
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky database
show sticky global
show sticky group-name
show sticky group-summary
show sticky mesh
show sticky database
To display sticky database entries by specifying one or more entry matching criteria, use the show sticky database command.
show sticky database {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} netmask {netmask} | rule {rule_name}}
Syntax Description
all |
Displays all entries in the sticky database. |
answer name/ip_address |
Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0). |
domain name |
Displays all sticky entries related to a domain. Specify the exact name for a previously created domain. |
domain-list name |
Displays all sticky entries related to a domain list. Specify the exact name for a previously created domain list. |
group name |
Displays all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group. |
inactive minimum minutes maximum minutes |
Displays all sticky entries that have not received a client hit in the time interval between the specified minimum and maximum values, entered in minutes. Enter a value from 0-10100 minutes as the specified minimum value and maximum value. |
ip ip_address netmask netmask |
Displays all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0). |
rule rulename |
Displays all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule. |
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky database command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky
show sticky global
show sticky group-name
show sticky group-summary
show sticky mesh
show sticky global
To display the global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky global command.
show sticky global [verbose]
Syntax Description
verbose |
(Optional) Displays detailed global sticky status and statistics information for each GSS peer. |
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky global command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky global
show sticky group-name
show sticky group-summary
show sticky mesh
show sticky group-name
To display statistics for a specific sticky group, use the show sticky group-name command.
show sticky group-name groupname
Syntax Description
groupname |
Name of a sticky group. Enter the exact name to display all sticky database entries related to that group. |
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky group-name command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky database
show sticky global
show sticky group-summary
show sticky mesh
show sticky group-summary
To display a summary of statistics for all configured sticky groups, use the show sticky group-summary command.
show sticky group-summary
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky group-summary command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky database
show sticky global
show sticky group-name
show sticky mesh
show sticky mesh
To display global sticky operating status and statistics about each GSS peer in the mesh, use the show sticky mesh command.
show sticky mesh {session {session_id} [verbose]} | [verbose]
Syntax Description
session session_id |
Displays operating status information for a specific session ID, which is the point-to-point connection between the local GSS node and a sticky mesh peer. To locate the session ID for a specific GSS peer in the mesh, use the show sticky mesh command. |
verbose |
(Optional) Displays detailed operating status information for the entire sticky mesh and for all GSS peers in the mesh. |
Command Modes
Privileged EXEC, global configuration, and global server load-balancing configuration modes
Usage Guidelines
For information about the fields in the show sticky mesh command output, see the Cisco Global Site Selector Global Server Load-Balancing Configuration Guide.
Related Commands
clear
show statistics
show sticky database
show sticky global
show sticky group-name
show sticky group-summary
show supportpass-status
To see if the GSS support password has been set, use the show supportpass-status command.
show supportpass-status
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC mode
Usage Guidelines
For information about using the show supportpass-status command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
supportpass
show system-status
To display a report on the current operating status of your GSS device, including the online status, current software version, and start date or time for the various components, use the show system-status command.
show system-status
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
Use this command to display detailed information about the current operating state of the GSS device including the online status, the software version, and the start date or time for the various components. The equivalent command is the gss status command.
For information about the fields in the show system-status command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show services
show tacacs
To display the Terminal Access Controller Access Control System (TACACS) configuration on your GSS device, use the show tacacs command.
show tacacs
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show tacacs command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show statistics
tail
tacacs-server timeout
show tech-support
To display a report on the current operating configuration of your GSS device that can be used by Cisco technical support representatives to help troubleshoot problems on your GSS network, use the show tech-support command.
show tech-support [config | core-files]
Syntax Description
config |
(Optional) Exports the output of all configured fields from the primary Global Site Selector Manager (GSSM) GUI (intended for use by a Cisco technical support representative) |
core-files |
(Optional) Displays a listing of all core files. |
Command Modes
Privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show tech-support command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
tcpdump
show telnet
To display the status of the Telnet option on your GSS device, use the show telnet command.
show telnet
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
This command only displays the operating status of Telnet and cannot be used to connect to remote devices.
For information about the show telnet command output, see the Cisco Global Site Selector Getting Started Guide.
Related Commands
show disk
show snmp
telnet
show terminal-length
To display the terminal length setting for your GSS device, use the show terminal-length command.
show terminal-length
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
This command displays the maximum number of rows of data that are output at once during a terminal session.
For information about the show terminal-length command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
terminal-length
show uptime
To find out how long the GSS device has been operational, use the show uptime command.
show uptime
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show uptime command output, see the Cisco Global Site Selector Administration Guide.
show user
To display user information for a particular user, use the show user command.
show user username
Syntax Description
username |
Name of the user that you want to display information. |
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show user command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show users
show users
To display users, use the show users command.
show users
Syntax Description
This command has no keywords or arguments.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show users command output, see the Cisco Global Site Selector Administration Guide.
Related Commands
show user
show version
To display version information about the GSS software, use the show version command.
show version [verbose]
Syntax Description
verbose |
(Optional) Allows you to view detailed GSS software version information. |
.
Command Modes
User EXEC, privileged EXEC, global configuration, and interface
Usage Guidelines
For information about the show version command output, see the Cisco Global Site Selector Administration Guide.
shutdown
To shut down the operating system on the GSS device, use the shutdown command. To shut down a particular Ethernet interface on the GSS device, use the shutdown command in interface configuration mode.
shutdown
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC, interface configuration
Usage Guidelines
The shutdown command performs a shutdown of the GSS operating system or interface. In some cases, the GSS device will also be powered down following a shutdown.
Examples
The following example shows how to shut down the operating system on the GSS device:
gss1.example.com# shutdown
gss1.example.com(config)# interface eth0
gss1.example.com(config-eth0)# shutdown
sticky database delete
To remove entries from the sticky database, use the sticky database delete command.
sticky database delete {all | answer {name/ip_address} | domain {name} | domain-list {name} | group {name} | inactive minimum {minutes} maximum {minutes} | ip {ip_address} netmask {netmask} | rule {rule_name}}
Caution
Use the
sticky database delete
all command in special instances when you want to remove all entries from the sticky database in order to have an empty database. Ensure that you want to permanently delete entries from the sticky database before you enter this command. You cannot retrieve sticky database entries once you delete them.
Syntax Description
all |
Removes all entries in the sticky database. The prompt "Are you sure?" appears to confirm the deletion of all sticky database entries. Specify y to delete all entries or n to cancel the deletion operation. |
answer name/ip_address |
Displays all sticky entries related to a particular answer. Specify the name of the answer. If there is no name for the answer, specify the IP address of the sticky answer in dotted-decimal notation (for example, 192.168.9.0). |
domain name |
Removes all sticky entries related to a domain. Specify the exact name for a previously created domain. |
domain-list name |
Removes all sticky entries related to a domain list. Specify the exact name for a previously created domain list. |
group name |
Removes all sticky entries related to a sticky group. Specify the exact name for a previously created sticky group. |
inactive minimum minutes maximum minutes |
Removes all sticky entries that have not received a lookup request by a client D-proxy in the specified minimum and maximum time interval. Valid entries are 0 to 10100 minutes. If you do not specify a maximum value, the GSS deletes all entries that have been inactive for the specified minimum value or longer. The GSS returns an error if one of the following situations occur: • The maximum value is set to a value that is less than the minimum value • The minimum and maximum values are not within the allowable range of values for the sticky inactivity timeout. |
ip ip_address netmask netmask |
Removes all sticky entries related to a D-proxy IP address and subnet mask. Specify the IP address of the requesting client's D-proxy in dotted-decimal notation (for example, 192.168.9.0) and specify the subnet mask in dotted-decimal notation (for example, 255.255.255.0). |
rule rulename |
Removes all sticky entries related to a DNS rule. Specify the exact name for a previously created DNS rule. |
Command Modes
Privileged EXEC
Usage Guidelines
When operating in a GSS global DNS sticky configuration, the result of the sticky database delete command propagates throughout the GSS mesh to maintain synchronization between the peers in the GSS network.
To view the entries in the sticky database to identify the sticky entries that you want to delete, use the show sticky database command.
Examples
The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask of 255.255.255.0:
gss1.example.com# sticky database delete ip 192.168.8.0 netmask
255.255.255.0
The following example shows how to remove the D-proxy IP address 192.168.8.0 and subnet mask 255.255.255.0:
gss1.example.com# sticky database delete ip 192.168.8.0 netmask
255.255.255.0
Related Commands
sticky database dump
sticky database load
show sticky
sticky start
sticky database dump
To dump all or selected entries from the sticky database to a named file as a user-initiated backup file, use the sticky database dump command.
sticky database dump {filename} format {binary | xml} entry-type {all | group | ip}
Syntax Description
filename |
Name of the output file that contains the sticky database entries on the GSS disk. This file resides in the /home directory. |
format |
Dumps the sticky database entries in a binary or XML format. Choose binary-encoding as the format type if you intend to load the contents of the file into the sticky database of another GSS. The allowable entries are as follows: • binary—Dumps the assigned sticky entries in true binary format. This file can be used only with the sticky database load command. • xml—Dumps the assigned sticky entries in an Extensible Markup Language (XML) format. The contents of an XML file includes the data fields and the data descriptions. The contents of this file can be viewed using the type command. Note Dumping sticky database entries in an XML format can be a resource-intensive operation and may take from 2-4 minutes depending on the size of the sticky database and the GSS platform in use. We recommend that you do not perform a sticky database dump in an XML format during the routine operation of the GSS. |
entry-type |
Specifies the type of entries to dump from the sticky database. The available choices are as follows: • all—Dumps all entries from the sticky database (default). • group—Dumps all entries that have sticky group IDs from the database. • ip—Dumps all entries that have source IP addresses from the database. |
Command Modes
Privileged EXEC
Usage Guidelines
The GSS automatically dumps sticky database entries to a backup file on a disk in a binary file format approximately every 20 minutes. The GSS uses this backup file to initialize the sticky database upon system restart or reboot to enable the GSS to recover the contents of the database. When global sticky is enabled, the GSS uses the database dump file at reboot if there is no peer in the mesh that can provide a full sticky database.
You can dump all or selected entries from the sticky database to a named file as a user-initiated backup file. You can then use the ftp command in privileged EXEC mode to launch the FTP client and transfer the file to and from remote machines.
To view the entire contents of the XML sticky database output file from the GSS, use the type command.
Examples
The following example shows how to dump the D-proxy source IP addresses from the sticky database to the sdb2004_06_30 file in an XML format:
gss1.example.com# sticky database dump sdb2004_06_30 format xml type
Related Commands
show statistics
show sticky
show sticky global
sticky database delete
sticky database load
sticky database periodic-backup
sticky start
sticky database load
To load and merge a sticky database from a disk into the existing sticky database in GSS memory, use the sticky database load command.
sticky database load filename
Syntax Description
filename |
Name of the sticky database file to load and merge with the existing sticky database on the GSS device. The file must be in a binary format for loading into the GSS memory (see the sticky database dump command). Use the ftp command in privileged EXEC mode to launch the FTP client and transfer the sticky database file to the GSS from a remote GSS. |
Command Modes
Privileged EXEC
Usage Guidelines
The GSS allows you to load and merge sticky database entries from a file into the existing sticky database in the GSS memory. The sticky database merge capability supports the addition of entries from one GSS into another GSS. The file must be in a binary format for loading into the GSS memory.
The GSS validates the database loaded, checks the software version for compatibility, and then adds the sticky database entries in the memory. The GSS does not overwrite duplicate entries in the sticky database.
If you prefer to load and replace all sticky database entries from a GSS instead of merging the entries with the existing sticky database, enter the sticky database delete all command to remove all entries from the sticky database memory before you enter the sticky database load command.
Examples
The following example shows how to load and merge the entries from the GSS3SDB file with the existing entries in the GSS sticky database:
gss1.example.com# sticky database load GSS3SDB
Related Commands
show statistics
show sticky
show sticky global
sticky database delete
sticky database dump
sticky start
sticky database periodic-backup
To force an immediate backup of the sticky database residing in the GSS memory, use the sticky database periodic-backup command.
sticky database periodic-backup now
Syntax Description
now |
Instructs the GSS device to immediately initiate the periodic sticky database backup. |
Command Modes
Privileged EXEC
Usage Guidelines
You may manually initiate a sticky database dump as a database recovery method to ensure that you store the latest sticky database entries before shutting down the GSS.
The GSS sends the sticky database entries to the system dump file as the sticky database file. Upon a reboot or restart, the GSS reads this file and loads the contents to initialize the sticky database at boot time.
Examples
The following example shows how to force an immediate backup of the sticky database residing in the GSS memory:
gss1.example.com# sticky database periodic-backup now
Related Commands
sticky database dump
sticky start
sticky start
To locally reenable Domain Name System (DNS) sticky on a GSS device after locally disabling the function, use the sticky start command.
sticky start
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
When you restart the GSS, and sticky has been globally enabled at the primary GSSM GUI, the GSS reenables the local DNS sticky function.
Examples
The following example shows how to locally reenable DNS sticky on a GSS device after locally disabling the function:
gss1.example.com# sticky start
Related Commands
sticky stop
sticky stop
To locally disable Domain Name System (DNS) sticky on a GSS device for troubleshooting, use the sticky stop command.
sticky stop
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
You can disable DNS sticky for a single GSS when you need to override the GUI-enabled sticky option. You may need to locally disable sticky on a GSS when you need to troubleshoot or debug the device. The GSS does not store the local-disable setting in its running-config file. When you restart the device, and sticky has been globally enabled, the GSS reenables DNS sticky.
When you enter the sticky stop command, the GSS immediately stops the following operations:
•
Sticky lookups in the sticky database
•
Accessing the sticky database for new requests
•
Periodic sticky database dumps
•
Sticky database entry age-out process
The GSS continues to answer DNS requests according to the DNS rules and keepalive status.
When you disable DNS sticky, the GSS remains locally disabled until you perform one of the following actions:
•
Enter the sticky start CLI command.
•
Enter the gss restart CLI command to restart the GSS software.
•
Enter the gss reload CLI command to perform a cold restart of the GSS device.
If you are using global DNS sticky in your network, upon reentry of the GSS device into the peer mesh, the GSS attempts to synchronize the database entries with the other peers in the mesh. The GSS queries each peer to find the closest up-to-date sticky database. If no update is available from a peer, the GSS initializes the sticky database entries from the previously saved database on the disk if a file is present and valid. Otherwise, the GSS starts with an empty sticky database.
Examples
The following example shows how to locally disable DNS sticky on a GSS device for troubleshooting:
gss1.example.com# sticky stop
Related Commands
sticky start
supportpass
For debugging purposes, a Cisco Technical Assistance Center (TAC) representative may ask you to set the GSS support password using supportpass command and then communicate that password to the support engineer. The support engineer can then access the engineering mode using the support password that you provide.
supportpass
Syntax Description
This command has no keywords or arguments.
Command Modes
Privileged EXEC
Usage Guidelines
After you enter the command, the CLI prompts you for the Admin password, which is required to set the support password. The CLI then prompts you for the support password. Enter an alphanumeric string that can contain spaces and special characters. Though the password can be an unlimited number of characters, we recommend that you limit the number of characters to 10 or less.
To delete the support password, enter a null value for the password by pressing Enter without entering a support password.
To change the support password, enter the command again and define the new password.
Examples
The following example shows how set the support password:
gss1.example.com# supportpass
Related Commands
show supportpass-status
tail
To display the last 10 lines of a file, use the tail command.
tail filename
Syntax Description
filename |
Name of a file in the GSS file directory. |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
Use this command to display the end of a file within any GSS file directory. This command may be used to monitor features such as transaction logging or system logging (syslog).
Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.
Examples
The following example shows how to display the last 10 lines of a file:
gss1.example.com# tail system.log
Sep 15 07:11:40 host-css2 rc: Stopping keytable succeeded
Sep 15 07:11:42 host-css2 inet: inetd shutdown succeeded
Sep 15 07:11:45 host-css2 crond: crond shutdown succeeded
Sep 15 07:11:46 host-css2 dd: 1+0 records in
Sep 15 07:11:46 host-css2 dd: 1+0 records out
Sep 15 07:11:46 host-css2 random: Saving random seed succeeded
Sep 15 07:11:48 host-css2 kernel: Kernel logging (proc) stopped.
Sep 15 07:11:48 host-css2 kernel: Kernel log daemon terminating.
Sep 15 07:11:50 host-css2 syslog: klogd shutdown succeeded
Sep 15 07:11:51 host-css2 exiting on signal 15
Related Commands
dir
lls
ls
lsof
type
tcpdump
To output all traffic to and from either the default configured Ethernet interface or a specific Ethernet interface, use the tcpdump command.
tcpdump interface {any | eth0 | eth1} | protocol {any | icmp | tcp | udp} | host {any | ip_or_host} | port {any | port} | network {any | ip-address ip-subnet} | file {filename}
Syntax Description
interface |
Outputs all traffic to and from the specified Ethernet interface. |
any |
Instructs the GSS software to accept all selections for an associated option. For example, if you enter tcpdump interface any any, the GSS filters the ICMP, TCP, and UDP IP protocols on Ethernet 0 and 1. |
eth0 |
Outputs all traffic to and from interface Ethernet 0 on the GSS. |
eth1 |
Outputs all traffic to and from interface Ethernet 1 on the GSS. |
protocol |
Filters the protocol for the traffic type. Recognized IP protocols are as follows: • icmp—Internet Control Message Protocol • tcp—Transmission Control Protocol • udp—User Datagram Protocol |
host ip_or_host |
Filters the host machine that is the source or destination of the packet. The software uses the IP address or hostname of the device that is the source or destination of the packet. |
port port |
Filters the source or destination port of the packet. |
network ip-address ip-subnet |
Filters the network IP address from which the packet originated. The software uses the ip-address and ip-subnet arguments to match the incoming packet to a source network. |
file filename |
Enables you to capture raw data to a file. You can open the captured raw data in a Sniffer tool. When capturing data to a file, the entire packet is captured. A maximum of 20,000 filtered packets can be captured to disk. This packet limit prevents you from accidentally filling up the GSS disk when capturing data using the tcpdump command. If you do not specify a file, the GSS dumps the captured data to a terminal screen. In this case, the GSS displays only header data and there is no limit to the number of captured packets. |
Command Modes
Privileged EXEC
Usage Guidelines
The tcpdump interface command displays a record of all TCP traffic to and from an Ethernet interface to the screen. The command also displays all traffic to and from interface Ethernet 0, the first network interface on the GSS. If Ethernet 0 is not active, the GSS listens to traffic on Ethernet 1.
If you enter the tcpdump command without any specified options, no filtering is performed. If you want to use the defaults for the remaining tcpdump command parameters, press Enter at each option. No further filtering is performed by the GSS, other than what has been specified. For example, if you enter tcpdump interface eth0 protocol tcp, the GSS performs only IP protocol filtering and does not perform host, port, or network filtering.
This command continuously displays output until you cancel the operation by pressing Ctrl-C.
Examples
The following example shows the tcpdump interface command and its output:
gss1.example.com# tcpdump interface eth0
Kernel filter, protocol ALL, datagram packet socket
tcpdump: listening on eth0
19:20:45.678641 > gssm.cisco.com.ssh > 10.1.2.3.1178: P
2126255246:2126255346(100) ack 4828790 win 32680 (DF) [tos 0x10]
19:20:45.680534 > gssm.cisco.com.49165 > gss.cisco.com.domain: 9217+
PTR? 187.0.1.2.in-addr.arpa. (43)
19:20:45.681090 < gss.cisco.com.domain > gssm.cisco.com.49165: 9217
NXDomain* 0/1/0 (111)
19:20:45.681421 > gssm.cisco.com.49165 > gss.cisco.com.domain: 9218+
PTR? 172.13.89.10.in-addr.arpa. (42)
19:20:45.681984 < gss.cisco.com.domain > gssm.cisco.com.49165: 9218*
1/2/2 PTR gssm.cisco.com. (145)
19:20:45.682396 > gssm.cisco.com.49165 > gss.cisco.com.domain: 9219+
PTR? 172.5.89.10.in-addr.arpa. (41)
19:20:45.682950 < gss.cisco.com.domain > gssm.cisco.com.49165: 9219*
1/2/2 PTR gss.cisco.com. (142)
19:20:45.683218 > gssm.cisco.com.ssh > 10.1.2.3.1178: P 100:376(276)
ack 1 win 32680 (DF) [tos 0x10]
19:20:45.683568 > gssm.cisco.com.ssh > 10.1.2.3.1178: P 376:748(372)
ack 1 win 32680 (DF) [tos 0x10]
19:20:45.683902 > gssm.cisco.com.ssh > 10.1.2.3.1178: P 748:1120(372)
ack 1 win 32680 (DF) [tos 0x10]
19:20:45.688517 > gssm.cisco.com.ssh > 10.1.2.3.1178: P 1120:1372(252)
ack 1 win 32680 (DF) [tos 0x10]
19:20:45.696298 B arp who-has 192.168.1.1 tell 192.168.1.2
19:20:45.696506 > gssm.cisco.com.49165 > gss.cisco.com.domain: 9220+
PTR? 10.128.1.2.in-addr.arpa. (44)
19:20:45.697003 < gss.cisco.com.domain > gssm.cisco.com.49165: 9220
NXDomain 0/1/0 (109)
19:20:45.697173 > gssm.cisco.com.49165 > gss.cisco.com.domain: 9221+
PTR? 22.128.168.192.in-addr.arpa. (45)
19:20:45.697471 < 10.1.2.3.1178 > gssm.cisco.com.ssh: . 1:1(0) ack 0
win 8600 (DF)
19:20:45.697649 < gss.cisco.com.domain > gssm.cisco.com.49165: 9221
NXDomain 0/1/0 (110)
19:20:45.697922 > gssm.cisco.com.ssh > 10.1.2.3.1178: P 1372:1696(324)
ack 1 win 32680 (DF) [tos 0x10]
telnet
To enable Telnet on the selected GSS device or establish a Telnet connection, use the telnet command. To disable Telnet on your GSS device, use the no form of this command.
telnet {enable | {ip_or_host} | [port]
no telnet enable
Syntax Description
enable |
Enables Telnet on the selected GSS device. This keyword is available in global configuration mode only. |
ip_or_host |
IP address or hostname of the device with which you want to establish a Telnet connection. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or a mnemonic hostname (for example, myhost.mydomain.com). |
port |
(Optional) Port number. Allows you to change the port number for the Telnet session to a port other than 23 (the Telnet port). Enter a number from 1-65535. The default is 23. |
Command Modes
User EXEC, privileged EXEC, and global configuration.
Usage Guidelines
Use the telnet enable command in global configuration mode to enable Telnet on the selected device. Use the telnet command in EXEC or global configuration mode to establish a Telnet connection. SSH and Telnet can run concurrently.
Examples
The following example shows how to enable Telnet on the selected GSS device or establish a Telnet connection:
gss1.example.com(config)# telnet enable
gss1.example.com# telnet 10.1.2.3
Related Commands
ftp
ntp enable
snmp
ssh enable
traceroute
To display the route a packet took to reach the host destination, use the traceroute command.
traceroute {ip_or_host}
Syntax Description
ip_or_host |
IP address or hostname of device to which you want to trace the packet route. Enter an IP address in dotted-decimal notation (for example, 192.168.11.1) or a mnemonic hostname (for example, myhost.mydomain.com). |
Command Modes
Privileged EXEC
Examples
The following example shows how to display the route a packet took to reach the host destination:
gss1.example.com> traceroute www.cisco.com
traceroute to www.cisco.com (198.133.219.25), 30 hops max, 38 byte
packets
1 bxb11-bb-gw1 (161.44.33.22) 1.112 ms 0.377 ms 0.353 ms
2 bxb11-man-gw2 (10.1.2.3) 0.586 ms 0.342 ms 0.314 ms
3 ch2-man-gw2 (10.3.4.5) 4.462 ms 4.135 ms 4.558 ms
4 sjck-rbb-gw2 (161.2.3.4) 75.958 ms 75.953 ms 75.891 ms
5 sj-wall-1 (161.5.6.7) 76.292 ms 76.336 ms 75.971 ms
6 sjce-dirty-gw1 (128.107.240.197) 77.098 ms 76.664 ms 76.286 ms
7 sjck-sdf-ciod-gw2 (128.107.239.102) 77.437 ms 77.845 ms 76.462 ms
9 * www (198.133.219.25) 78.627 ms *
type
To display the contents of a file within any GSS file directory, use the type command.
type filename
Syntax Description
filename |
Name of the file. |
Command Modes
User EXEC and privileged EXEC
Usage Guidelines
Use this command to display the contents of a file within any GSS file directory. This command may be used to monitor features such as transaction logging or system logging (syslog).
Use the dir, lls, or ls commands to view the files available in the current directory or subdirectory.
Examples
The following example shows how to display the contents of a file within any GSS file directory:
gss1.example.com# type /audit.log
atcr1.cisco.com>type audit.log
# Start logging at Thu July 1 23:59:30 GMT 2004
#=== WHEN WHAT_TABLE WHAT_ID HOW
===
# Start logging at Fri July 2 00:01:25 GMT 2004
#=== WHEN WHAT_TABLE WHAT_ID HOW
===
# Start logging at Sat July 3 14:42:40 GMT 2004
#=== WHEN WHAT_TABLE WHAT_ID HOW
===
Related Commands
dir
lls
ls
lsof
tail
write
To save the current running configuration of the GSS as its startup configuration, use the write command.
write memory
Syntax Description
memory |
Saves recent configuration changes to the GSS that are stored in the memory as the startup configuration. |
Command Modes
Privileged EXEC and global configuration
Usage Guidelines
Use the write command to save changes to the running configuration of the GSS device as the new startup configuration for the device.
Examples
The following example shows how to save the current running configuration of the GSS as its startup configuration:
gss1.example.com# write memory
Related Commands
copy