Using Cisco IOS XE Software

This chapter provides information to prepare you to configure the Cisco Catalyst 8500 Series Edge Platforms:

Accessing the CLI Using a Router Console

The following sections describe how to access the command-line interface (CLI) using a directly-connected console or by using Telnet or a modem to obtain a remote console:

Accessing the CLI Using a Directly-Connected Console

This section describes how to connect to the console port on the router and use the console interface to access the CLI.

The console port on a Cisco Catalyst 8500 Series Edge Platforms is an EIA/TIA-232 asynchronous, serial connection with no flow control and an RJ-45 connector. The console port is located on the front panel of each Route Processor (RP).

Connecting to the Console Port

To connect to the console port, complete the following steps:

SUMMARY STEPS

  1. Configure your terminal emulation software with the following settings:
  2. Connect to the port using the RJ-45-to-RJ-45 cable and RJ-45-to-DB-25 DTE adapter or using the RJ-45-to-DB-9 DTE adapter (labeled “Terminal”).

DETAILED STEPS

Step 1

Configure your terminal emulation software with the following settings:

  • 9600 bits per second (bps)
  • 8 data bits
  • No parity
  • 1 stop bit
  • No flow control

Step 2

Connect to the port using the RJ-45-to-RJ-45 cable and RJ-45-to-DB-25 DTE adapter or using the RJ-45-to-DB-9 DTE adapter (labeled “Terminal”).

Using the Console Interface

Every RP on a Cisco Catalyst 8500 Series Edge Platforms has a console interface. Notably, a standby RP can be accessed using the console port in addition to the active RP in a dual RP configuration.

To access the CLI using the console interface, complete the following steps:

SUMMARY STEPS

  1. After you attach the terminal hardware to the console port on the router and you configure your terminal emulation software with the proper settings, the following prompt appears:
  2. Press Return to enter user EXEC mode. The following prompt appears:
  3. From user EXEC mode, enter the enable command as shown in the following example:
  4. At the password prompt, enter your system password. If an enable password has not been set on your system, this step may be skipped.The following example shows entry of the password enablepass:
  5. When your enable password is accepted, the privileged EXEC mode prompt appears:
  6. You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.
  7. To exit the console session, enter the quit command as shown in the following example:

DETAILED STEPS

Step 1

After you attach the terminal hardware to the console port on the router and you configure your terminal emulation software with the proper settings, the following prompt appears:

Example:

Press RETURN to get started.

Step 2

Press Return to enter user EXEC mode. The following prompt appears:

Example:

Router>

Step 3

From user EXEC mode, enter the enable command as shown in the following example:

Example:

Router> enable

Step 4

At the password prompt, enter your system password. If an enable password has not been set on your system, this step may be skipped.The following example shows entry of the password enablepass:

Example:

Password: enablepass

Step 5

When your enable password is accepted, the privileged EXEC mode prompt appears:

Example:

Router#

Step 6

You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.

Step 7

To exit the console session, enter the quit command as shown in the following example:

Example:

Router# quit

Accessing the CLI from a Remote Console Using Telnet

This section describes how to connect to the console interface on a router using Telnet to access the CLI.

Preparing to Connect to the Router Console Using Telnet

Before you can access the router remotely using Telnet from a TCP/IP network, you need to configure the router to support virtual terminal lines (vtys) using the line vty global configuration command. You also should configure the vtys to require login and specify a password.


Note
To prevent disabling login on the line, be careful that you specify a password with the password command when you configure the login line configuration command. If you are using authentication, authorization, and accounting (AAA), you should configure the login authentication line configuration command. To prevent disabling login on the line for AAA authentication when you configure a list with the login authentication command, you must also configure that list using the aaa authentication login global configuration command. For more information about AAA services, see the Cisco IOS XE Security Configuration Guide, and the Cisco IOS Security Command Reference Guide .

In addition, before you can make a Telnet connection to the router, you must have a valid host name for the router or have an IP address configured on the router. For more information about requirements for connecting to the router using Telnet, information about customizing your Telnet services, and using Telnet key sequences, see the Cisco IOS Configuration Fundamentals Configuration Guide.

Using Telnet to Access a Console Interface

To access a console interface using Telnet, complete the following steps:

SUMMARY STEPS

  1. From your terminal or PC, enter one of the following commands:
  2. At the password prompt, enter your login password. The following example shows entry of the password mypass:
  3. From user EXEC mode, enter the enable command as shown in the following example:
  4. At the password prompt, enter your system password. The following example shows entry of the password enablepass:
  5. When the enable password is accepted, the privileged EXEC mode prompt appears:
  6. You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.
  7. To exit the Telnet session, use the exit or logout command as shown in the following example:

DETAILED STEPS

Step 1

From your terminal or PC, enter one of the following commands:

  • connect host [port ] [keyword ]
  • telnet host [port ] [keyword ]

In this syntax, host is the router hostname or an IP address, port is a decimal port number (23 is the default), and keyword is a supported keyword. For more information, see the Cisco IOS Configuration Fundamentals Command Reference Guide .

Note

 
If you are using an access server, then you will need to specify a valid port number such as telnet 172.20.52.40 2004 , in addition to the hostname or IP address.

The following example shows the telnet command to connect to the router named router:

Example:

unix_host% telnet router
Trying 172.20.52.40...
Connected to 172.20.52.40.
Escape character is '^]'.
unix_host% connect

Step 2

At the password prompt, enter your login password. The following example shows entry of the password mypass:

Example:

User Access Verification
Password: mypass

Note

 
If no password has been configured, press Return .

Step 3

From user EXEC mode, enter the enable command as shown in the following example:

Example:

Router> enable

Step 4

At the password prompt, enter your system password. The following example shows entry of the password enablepass:

Example:

Password: enablepass

Step 5

When the enable password is accepted, the privileged EXEC mode prompt appears:

Example:

Router#

Step 6

You now have access to the CLI in privileged EXEC mode and you can enter the necessary commands to complete your desired tasks.

Step 7

To exit the Telnet session, use the exit or logout command as shown in the following example:

Example:

Router# logout

Using Keyboard Shortcuts

Commands are not case sensitive. You can abbreviate commands and parameters if the abbreviations contain enough letters to be different from any other currently available commands or parameters.

The following table lists the keyboard shortcuts for entering and editing commands.

Table 1. Keyboard Shortcuts

Keystrokes

Purpose

Ctrl-B or the Left Arrow key1

Move the cursor back one character

Ctrl-F orthe Right Arrow key1

Move the cursor forward one character

Ctrl-A

Move the cursor to the beginning of the command line

Ctrl-E

Move the cursor to the end of the command line

Esc B

Move the cursor back one word

Esc F

Move the cursor forward one word

1 The arrow keys function only on ANSI-compatible terminals such as VT100s.

Using the History Buffer to Recall Commands

The history buffer stores the last 20 commands you entered. History substitution allows you to access these commands without retyping them, by using special abbreviated commands.

The following table lists the history substitution commands.

Table 2. History Substitution Commands

Command

Purpose

Ctrl-P or the Up Arrow key2

Recall commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.

Ctrl-N or the Down Arrow key1

Return to more recent commands in the history buffer after recalling commands with Ctrl-P or the Up Arrow key.

Router# show history

While in EXEC mode, list the last several commands you have just entered.

2 The arrow keys function only on ANSI-compatible terminals such as VT100s.

Understanding the Command Mode

The command modes available in the traditional Cisco IOS CLI are exactly the same as the command modes available in Cisco IOS XE.

You use the CLI to access Cisco IOS XE software. Because the CLI is divided into many different modes, the commands available to you at any given time depend on the mode that you are currently in. Entering a question mark (? ) at the CLI prompt allows you to obtain a list of commands available for each command mode.

When you log in to the CLI, you are in user EXEC mode. User EXEC mode contains only a limited subset of commands. To have access to all commands, you must enter privileged EXEC mode, normally by using a password. From privileged EXEC mode, you can issue any EXEC command—user or privileged mode—or you can enter global configuration mode. Most EXEC commands are one-time commands. For example, show commands show important status information, and clear commands clear counters or interfaces. The EXEC commands are not saved when the software reboots.

Configuration modes allow you to make changes to the running configuration. If you later save the running configuration to the startup configuration, these changed commands are stored when the software is rebooted. To enter specific configuration modes, you must start at global configuration mode. From global configuration mode, you can enter interface configuration mode and a variety of other modes, such as protocol-specific modes.

ROM monitor mode is a separate mode used when the Cisco IOS XE software cannot load properly. If a valid software image is not found when the software boots or if the configuration file is corrupted at startup, the software might enter ROM monitor mode.

The following table describes how to access and exit various common command modes of the Cisco IOS XE software. It also shows examples of the prompts displayed for each mode.

Table 3. Accessing and Exiting Command Modes

Command Mode

Access Method

Prompt

Exit Method

User EXEC

Log in. 


Router>

Use the logout command.

Privileged EXEC

From user EXEC mode, use the enable EXEC command. 


Router#

To return to user EXEC mode, use the disable command.

Global configuration

From privileged EXEC mode, use the configure terminal privileged EXEC command. 


Router(config)#

To return to privileged EXEC mode from global configuration mode, use the exit or end command.

Interface configuration

From global configuration mode, specify an interface using an interface command. 


Router(config-if)#

To return to global configuration mode, use the exit command.

To return to privileged EXEC mode, use the end command.

Diagnostic

The router boots up or accesses diagnostic mode in the following scenarios:

In some cases, diagnostic mode will be reached when the IOS process or processes fail. In most scenarios, however, the router will.

A user-configured access policy was configured using the transport-map command that directed the user into diagnostic mode. See the Chapter 4, “Console Port, Telnet, and SSH Handling” of this book for information on configuring access policies.

The router was accessed using a Route Processor auxiliary port.

A break signal (Ctrl-C , Ctrl-Shift-6 , or the send break command ) was entered and the router was configured to go into diagnostic mode when the break signal was received. 


Router(diag)#

If the IOS process failing is the reason for entering diagnostic mode, the IOS problem must be resolved and the router rebooted to get out of diagnostic mode.

If the router is in diagnostic mode because of a transport-map configuration, access the router through another port or using a method that is configured to connect to the Cisco IOS CLI.

If the router is accessed through the Route Processor auxiliary port, access the router through another port. Accessing the router through the auxiliary port is not useful for customer purposes anyway.

ROM monitor

From privileged EXEC mode, use the reload EXEC command. Press the Break key during the first 60 seconds while the system is booting. 


>

To exit ROM monitor mode, use the continue command.

Saving Configuration Changes

Use the copy running-config startup-config command to save your configuration changes to the startup configuration so that the changes will not be lost if the software reloads or a power outage occurs. For example: 


Router# copy running-config startup-config
Building configuration...

It might take a minute or two to save the configuration. After the configuration has been saved, the following output appears: 


[OK]
Router#

This task saves the configuration to NVRAM.

Managing Configuration Files

On the Cisco Catalyst 8500 Series Edge Platforms, the startup configuration file is stored in the nvram: file system and the running-configuration files are stored in the system: file system. This configuration file storage setup is not unique to the Cisco Catalyst 8500 Series Edge Platforms and is used on several Cisco router platforms.

As a matter of routine maintenance on any Cisco router, users should backup the startup configuration file by copying the startup configuration file from NVRAM onto one of the router’s other file systems and, additionally, onto a network server. Backing up the startup configuration file provides an easy method of recovering the startup configuration file in the event the startup configuration file in NVRAM becomes unusable for any reason.

The copy command can be used to backup startup configuration files. The following examples show the startup configuration file in NVRAM being backed up:

Example 1: Copying a Startup Configuration File to Bootflash


Router# dir bootflash:
Directory of bootflash:/
  11 drwx 16384 Sep 18 2020 15:16:35 +00:00 lost+found
1648321 drwx 4096 Oct 22 2020 12:08:47 +00:00 .installer
97921 drwx 4096 Sep 18 2020 15:18:00 +00:00 .rollback_timer
12 -rw- 1910 Oct 22 2020 12:09:09 +00:00 mode_event_log
1566721 drwx 4096 Sep 18 2020 15:33:23 +00:00 core
1215841 drwx 4096 Oct 22 2020 12:09:48 +00:00 .prst_sync
1289281 drwx 4096 Sep 18 2020 15:18:18 +00:00 bootlog_history
13 -rw- 133219 Oct 22 2020 12:09:34 +00:00 memleak.tcl
14 -rw- 20109 Sep 18 2020 15:18:39 +00:00 ios_core.p7b
15 -rwx 1314 Sep 18 2020 15:18:39 +00:00 trustidrootx3_ca.ca
391681 drwx 4096 Oct 6 2020 15:08:54 +00:00 .dbpersist
522241 drwx 4096 Sep 18 2020 15:32:59 +00:00 .inv
783361 drwx 49152 Oct 27 2020 08:36:44 +00:00 tracelogs
832321 drwx 4096 Sep 18 2020 15:19:17 +00:00 pnp-info
1207681 drwx 4096 Sep 18 2020 15:19:20 +00:00 onep
750721 drwx 4096 Oct 22 2020 12:09:57 +00:00 license_evlog
946561 drwx 4096 Sep 18 2020 15:19:24 +00:00 guest-share
383521 drwx 4096 Sep 18 2020 15:34:13 +00:00 pnp-tech
1583041 drwx 4096 Oct 22 2020 11:27:38 +00:00 EFI
16 -rw- 34 Oct 6 2020 13:56:03 +00:00 pnp-tech-time
17 -rw- 82790 Oct 6 2020 13:56:14 +00:00 pnp-tech-discovery-summary
18 -rw- 8425 Oct 6 2020 15:09:18 +00:00 1g_snake
19 -rw- 6858 Oct 7 2020 10:53:21 +00:00 100g_snake
20 -rw- 4705 Oct 22 2020 13:01:54 +00:00 startup-config

26975526912 bytes total (25538875392 bytes free) 
Router# copy nvram:startup-config bootflash:
Destination filename [startup-config]? 
3517 bytes copied in 0.647 secs (5436 bytes/sec)

Example 2: Copying a Startup Configuration File to USB Flash Disk


Router# dir usb0:
Directory of usb0:/
43261 -rwx 208904396 Oct 27 2020 14:10:20 -07:00
c8000aep-universalk9.17.02.01.SPA.bin
255497216 bytes total (40190464 bytes free)
Router# copy nvram:startup-config usb0:
Destination filename [startup-config]?
3172 bytes copied in 0.214 secs (14822 bytes/sec)
Router# dir usb0:
Directory of usb0:/
43261 -rwx 208904396 Oct 27 2020 14:10:20 -07:00
c8000aep-universalk9.17.02.01.SPA.bin
15:40:45 -07:00 startup-config255497216 bytes total (40186880 bytes free)

Example 3: Copying a Startup Configuration File to a TFTP Server


Router# copy bootflash:startup-config tftp:
Address or name of remote host []? 172.17.16.81
Destination filename [pe24_asr-1002-confg]? /auto/tftp-users/user/startup-config
!!
3517 bytes copied in 0.122 secs (28828 bytes/sec)

For more detailed information on managing configuration files, see the Managing Configuration Files section in the Cisco IOS XE Configuration Fundamentals Configuration Guide

Dynamic Allocation of Cores

Dynamic core allocations on the Cisco Catalyst 8500L Series platform provide flexibility for users to leverage the CPU cores for different services and/or CEF/IPSec performances. The Cisco Catalyst 8500L Series platform are equipped with 1a number of CPU cores and have the flexibility to allocate cores into the service plane from the data plane. The core allocation is based on the customer configuration of the different services available on these platforms.


Important

If C8500-12X4QC and C8500-12X are running in controller mode, then dynamic CPU allocation is not supported.

From Cisco IOS XE Release 17.4 onwards, you can use the platform resource { service-plane-heavy | data-plane-heavy } command to adjust the cores across service plane and data plane. However, you have to reboot the device for the configured profile to take effect. 

Router(config)# platform resource { service-plane-heavy | data-plane-heavy }

Note

By default, when a device boots up, the mode is data-plane-heavy.

The following sample command output shows the CPU cores allocation for the data plane for a C8500L device: 

Router# show platform software cpu allocation
CPU alloc information:
 
  Control plane cpu alloc: 0-1,12-13
 
  Data plane cpu alloc: 2-11
 
  Service plane cpu alloc: 0
 
  Template used: CLI-data_plane_heavy

The following show command output shows the CPU cores allocation for the service plane:

Router# show platform software cpu allocation

CPU alloc information:
  Control plane cpu alloc: 0-1,12-13
 
  Data plane cpu alloc: 6-11
 
  Service plane cpu alloc: 2-5,14-17
 
  Template used: CLI-service_plane_heavy

Disabling Front-Panel USB Ports

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. platform usb disable
  4. end
  5. write memory

DETAILED STEPS

  Command or Action Purpose

Step 1

enable

Example:

Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:

Device# configure terminal

Enters global configurationmode.

Step 3

platform usb disable

Example:

Device # platform usb disable

Disables USB ports.

Note

 

For re-enabling of front-panel usb ports, use the no form of command (no platform usb disable).

Step 4

end

Example:

Device(config-router-af)# end

Exits address family configuration mode and returns to privileged EXEC mode.

Step 5

write memory

Save to configuration.

Configuration Examples for Disabling of Front-Panel USB Ports

Example: Disabling Front-Panel USB Ports On Autonomous, Controller and vManage Mode

The following example shows the configuration of disabling front-panel USB ports on autonomous, controller and vManage mode:

13RU#sh run | inc usb
platform usb disable
13RU#

Verifying Disabling of Front Panel USB Ports

To verify the disabling of USB ports on your device, use the following show command:

show platform usb status 

Router#show platform usb status
USB enabled
Router#

Powering Off a Router

Before you turn off a power supply, make certain the chassis is grounded and you perform a soft shutdown on the power supply. Not performing a soft shutdown will often not harm the router, but may cause problems in certain scenarios.

To perform a soft shutdown before powering off the router, enter the reload command to halt the system and then wait for ROM Monitor to execute before proceeding to the next step.

The following screenshot shows an example of this process: 


Router# reload
Proceed with reload? [confirm]
...(Some messages are omitted here)
Initializing Hardware...

Place the power supply switch in the Off position after seeing this message.