Manageability Commands on Cisco IOS XR Software
This chapter describes the Cisco IOS XR software commands used to enable the HTTP server and to enable router management through Extensible Markup Language (XML) agent services.
The XML Parser Infrastructure provides parsing and generation of XML documents with Document Object Model (DOM), Simple API for XML (SAX), and Document Type Definition (DTD) validation capabilities:
•DOM allows customers to programmatically create, manipulate, and generate XML documents.
•SAX supports user-defined functions for XML tags.
•DTD allows for validation of defined document types.
For more information about setting up management services, see Cisco Craft Works Interface Quick Start Guide.
For more information about setting up the XML agent, see Cisco IOS XR XML API Guide.
http server
To enable the HTTP server on the router and enable access to the Craft Works Interface (CWI), use the http server command in global configuration mode. To disable the HTTP server, use the no form of this command.
http server [ssl] [access-group name]
no http server
Syntax Description
access-group name |
(Optional) Enables access to the CWI from IP addresses that meet the conditions of the access control list (ACL) specified for the name argument. |
ssl |
(Optional) Enables Secure Socket Layer (SSL). |
Defaults
The HTTP server is disabled.
Command History
|
|
Release 2.0 |
This command was introduced on the Cisco CRS-1. |
Release 3.0 |
No modification. |
Release 3.2 |
This command was first supported on the Cisco XR 12000 Series Router. Support for access groups was added. The access-group keyword and name argument were added to support access groups. |
Release 3.3.0 |
No modification. |
Release 3.4.0 |
No modification. |
Release 3.5.0 |
No modification. |
Release 3.6.0 |
No modification. |
Release 3.7.0 |
No modification. |
Release 3.8.0 |
No modification. |
Command Modes
Global configuration
Usage Guidelines
To use this command, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide.
Use the http server command to enable the HTTP server on your router.
To display the home page of the router, use a Web browser pointed to http://x.x.x.x, where x.x.x.x is the router IP address. If a name has been set, use http://router-name.
Use the http server ssl command to run HTTP over a secure socket. This command enables the HTTP server to run SSL when accessing web pages or files provided by the HTTP server of the router and disables access through the regular HTTP port.
Use the no form of this command to disable the HTTP server.
Enabling the HTTP server enables authentication by default. After the HTTP server has been enabled, you then are prompted to provide a username and password to access web pages on the HTTP server.
Note The http server command enables the HTTP server process on Management Ethernet interfaces by default. For information about how to enable HTTP server on other inband interfaces, refer to the Implementing Management Plane Protection on Cisco IOS XR Software module in Cisco IOS XR System Security Configuration Guide.
|
|
config-services |
read, write |
Examples
The following example shows how to enable the HTTP server on the router:
RP/0/RP0/CPU0:router(config)#
http server
The following example shows how to enable SSL to run HTTP over a secure socket:
RP/0/RP0/CPU0:router(config)#
http server ssl
The following example shows how to enable SSL to run HTTP over a secure socket and to enable access to the CWI from only IP address that meeting the conditions of the access group named test:
RP/0/RP0/CPU0:router(config)#
http server ssl access-group test
The following sample output from the show ipv4 access-lists commands displays the IPv4 access list named test:
RP/0/0/CPU0:router# show ipv4 access-lists test
10 deny ip host 171.71.163.96 any
20 permit ip host 64.102.48.34 any
xml agent
To enable Extensible Markup Language (XML) requests over a dedicated TCP connection, use the xml agent command in global configuration mode. To disable XML requests over the dedicated TCP connection, use the no form of this command.
Note This command enables a new, enhanced-performance XML agent. The xml agent tty command enables the legacy XML agent and is supported for backward compatibility.
xml agent
no xml agent
Defaults
XML requests are disabled.
Command Modes
Global configuration
Command History
|
|
Release 3.8.0 |
This command was introduced on the Cisco CRS-1 and Cisco XR 12000 Series Router. |
Usage Guidelines
To use this command, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide.
There are two XML agents: a legacy XML agent and an enhanced-performance XML agent. We recommend that you use the enhanced-performance agent. The legacy agent is supported for backward compatibility. Use the xml agent command to enable the enhanced-performance XML agent. Use the xml agent tty command to enable the legacy XML agent.
Use the no form of the xml agent command to disable the enhanced-performance XML agent.
Use the aaa authorization exec default command to configure the aaa authorization method for the XML agent.
|
|
config-services |
read, write |
Examples
The following example shows how to enable XML requests over a dedicated TCP connection:
RP/0/RP0/CPU0:router(config)#
xml agent
xml agent corba
Note Effective with Cisco IOS XR Release 3.8.0, the xml agent corba command is not available in Cisco IOS XR software.
To enable Extensible Markup Language (XML) Common Object Request Broker Architecture (CORBA) agent services so that you can manage and configure the router using an XML interface, use the xml agent corba command in global configuration mode. To disable XML agent services, use the no form of this command.
xml agent corba [ssl] [access-group name]
no xml agent corba
Syntax Description
access-group name |
(Optional) Enables access to the XML CORBA services from IP addresses that meet the conditions of the access control list (ACL) specified for the name argument. |
ssl |
(Optional) Enables Secure Socket Layer (SSL) CORBA services. |
Defaults
The XML agent is disabled.
Command Modes
Global configuration
Command History
|
|
Release 2.0 |
This command was introduced on the Cisco CRS-1. |
Release 3.0 |
No modification. |
Release 3.2 |
This command was first supported on the Cisco XR 12000 Series Router. Support for access groups was added. The access-group keyword and name argument were added to support access groups. |
Release 3.3.0 |
No modification. |
Release 3.4.0 |
No modification. |
Release 3.5.0 |
No modification. |
Release 3.6.0 |
No modification. |
Release 3.7.0 |
No modification. |
Release 3.8.0 |
This command was removed. |
Usage Guidelines
To use this command, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide.
For the xml agent corba command to work, at least one interface on the router must be up and running. (Interfaces can be verified by pinging the host.)
SSL-enabled CORBA services can be activated using the xml agent corba ssl command. These same services can be deactivated using the no xml agent corba command.
|
|
config-services |
read, write |
Examples
The following example shows how to enable XML CORBA agent services:
RP/0/RP0/CPU0:router#
config
RP/0/RP0/CPU0:router(config)#
xml agent corba
Related Commands
|
|
ping |
Checks host reachability and network connectivity on IP networks. |
xml agent corba hostname |
Enables the use of a static hostname for XML CORBA agent services. |
xml agent tty |
Enables XML requests over Secure Shell (SSH) and Telnet. |
xml agent corba hostname
Note Effective with Cisco IOS XR Release 3.8.0, the xml agent corba hostname command is not available in Cisco IOS XR software.
To enable the use of static hostname for XML over CORBA, use the xml agent corba hostname command in global configuration mode. To disable the static hostname and use the router hostname, use the no form of this command.
xml agent corba hostname string
no xml agent corba hostname
Syntax Description
string |
Name of the static hostname for XML over CORBA. |
Defaults
The router hostname is used.
Command Modes
Global configuration
Command History
|
|
Release 3.4.0 |
This command was introduced on the Cisco CRS-1 and Cisco XR 12000 Series Router. |
Release 3.5.0 |
No modification. |
Release 3.6.0 |
No modification. |
Release 3.7.0 |
No modification. |
Release 3.8.0 |
This command was removed. |
Usage Guidelines
To use this command, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide.
By default, the router hostname is used. To enable the use of static hostname (regardless of configured hostname), use the xml agent corba hostname string command. The XML agent is restarted only if the effective hostname is changed.
|
|
config-services |
read, write |
Examples
The following example shows how to enable a static hostname for XML CORBA agent services. Use the xml agent corba hostname string command to enable a static hostname, and use the xml agent corba command to enable XML CORBA agent services:
RP/0/RP0/CPU0:router#
config
RP/0/RP0/CPU0:router(config)#
xml agent corba hostname router
RP/0/RP0/CPU0:router(config)#
xml agent corba
Related Commands
xml agent tty
To enable Extensible Markup Language (XML) requests over Secure Shell (SSH) and Telnet, use the xml agent tty command in global configuration mode. To disable XML requests over SSH and Telnet, use the no form of this command.
Note This command enables a legacy XML agent that has been superceded by an enhanced-performance XML agent and is only supported for backward compatibility. To enable the enhanced-performance XML agent, use the xml agent command.
xml agent tty
no xml agent tty
Defaults
XML requests over SSH and Telnet are disabled.
Command Modes
Global configuration
Command History
|
|
Release 3.2 |
This command was introduced on the Cisco CRS-1 and Cisco XR 12000 Series Router. |
Release 3.3.0 |
No modification. |
Release 3.4.0 |
No modification. |
Release 3.5.0 |
No modification. |
Release 3.6.0 |
No modification. |
Release 3.7.0 |
No modification. |
Release 3.8.0 |
No modification. |
Usage Guidelines
To use this command, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. If you need assistance with your task group assignment, contact your system administrator. For detailed information about user groups and task IDs, see the Configuring AAA Services on Cisco IOS XR Software module of Cisco IOS XR System Security Configuration Guide.
There are two XML agents: a legacy XML agent and an enhanced-performance XML agent. We recommend that you use the enhanced-performance agent. The legacy agent is supported for backward compatibility. The xml agent tty command enables the legacy XML agent. Use the xml agent command to enable the enhanced-performance XML agent.
Use the no form of the xml agent tty command to disable the legacy XML agent.
|
|
config-services |
read, write |
Examples
The following example shows how to enable XML requests over Secure Shell (SSH) and Telnet,:
RP/0/RP0/CPU0:router(config)# xml agent tty