Operational Commands


Note


For a list of Cisco IOS XE SD-WAN commands qualified for use in Cisco vManage CLI templates, see List of Commands Qualified in Cisco IOS XE Release 17.x. For information about specific commands, see the appropriate chapter in Cisco IOS XE SD-WAN Qualified Command Reference Guide.


Overview of Operational Commands

The operational command reference pages describe the CLI commands that you use to display the properties and operational status of vSmart controllers, vEdge routers, and vBond orchestrators in the overlay network. When you log in to the CLI on a Cisco vEdge device, you are in operational mode.

In the CLI, operational commands are organized alphabetically, and many commands are organized into functional hierarchies. The top-level operational commands and command hierarchies are:

  • clear—Zero or erase information stored on the device or collected data.

  • clock—Set the time.

  • commit—Confirm a pending commit operation.

  • complete-on-space—Enable the ability to type a space to have the CLI complete unambiguous commands.

  • config—Enter configuration mode.

  • exit—Configure basic system parameters.

  • file—Configure the properties of a VPN, including the interfaces that participate in the VPN and the routing protocols that are enabled in the VPN.

  • help—Display help information about CLI commands.

  • history—Control the CLI command history cache.

  • idle-timeout—Set how long a CLI session can be idle before the user is logged out.

  • logout—Exit from the CLI session.

  • no—Negate or cancel a command.

  • nslookup—Perform a DNS name lookup.

  • paginate—Set the number of lines of command output to display. 

  • ping—Ping a network device.

  • poweroff—Power down the device.

  • prompt1—Set the operational mode prompt.

  • prompt2—Set the configuration mode prompt.

  • pwd—Display the current path mode.

  • quit—Exit from the CLI session.

  • reboot—Reboot the device.

  • request—Install various files onto the device.

  • screen-length—Set the CLI screen length.

  • screen-width—Set the CLI screen width.

  • show—Display information about the status of the device or information stored on the device.

  • tcpdump—Perform a TCP dump operation.

  • ​timestamp—Enable timestamping.

  • traceroute—Perform a traceroute operation.

  • vshell—Exit to the shell on the device.

To filter operational command output, use the filters described in Command Filters for CLI Operational Commands.

clear app cflowd flow-all

Clear the cflowd flows in all VPNs (on vEdge routers only).

clear app cflowd flow-all

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# show cflowd flows 
                                                            TCP                                                                                         
                                 SRC    DEST         IP     CNTRL  ICMP             EGRESS      INGRESS     TOTAL  TOTAL  MIN  MAX  START   TIME TO     
VPN  SRC IP       DEST IP        PORT   PORT   DSCP  PROTO  BITS   OPCODE  NHOP IP  INTF        INTF        PKTS   BYTES  LEN  LEN  TIME    EXPIRE      
--------------------------------------------------------------------------------------------------------------------------------------------------------
1    10.20.24.15  172.16.255.15  49142  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           3745446565  
1    10.20.24.15  172.16.255.15  49143  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           4           
1    10.20.24.15  172.16.255.15  49144  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           9           
1    10.20.24.15  172.16.255.15  49145  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           14          
1    10.20.24.15  172.16.255.15  49146  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           19          
1    10.20.24.15  172.16.255.15  49147  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           24          
1    10.20.24.15  172.16.255.15  49148  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           29          
1    10.20.24.15  172.16.255.15  49149  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           34          
1    10.20.24.15  172.16.255.15  49150  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           39          
1    10.20.24.15  172.16.255.15  49151  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           44          
1    10.20.24.15  172.16.255.15  49152  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           49          
1    10.20.24.15  172.16.255.15  49153  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           54          
1    10.20.24.15  172.16.255.15  49154  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           59          

vEdge# clear app cflowd flow-all 
vEdge# show app cflow flows 
%  No entries found.
vEdge#                  

clear app cflowd flows

Clear the cflowd flows in a specific VPN (on vEdge routers only).

clear app cflowd flows vpn vpn-id [flow-property]

Syntax Description

flow-property

Specific Flow To Clear:

Narrow down the exact flow to clear. flow-property can be one of:

dest-ip prefix/length

dest-port port-number (0 through 65535)

dscp dscp-value (0 through 255)

ip-proto protocol-number (0 through 255)

src-ip prefix/length

src-port port-number (0 through 65535)

vpn vpn-id

VPN:

Specify the VPN in which to clear all cflowd flows.

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# show cflowd flows 
                                                            TCP                                                                                         
                                 SRC    DEST         IP     CNTRL  ICMP             EGRESS      INGRESS     TOTAL  TOTAL  MIN  MAX  START   TIME TO     
VPN  SRC IP       DEST IP        PORT   PORT   DSCP  PROTO  BITS   OPCODE  NHOP IP  INTF        INTF        PKTS   BYTES  LEN  LEN  TIME    EXPIRE      
--------------------------------------------------------------------------------------------------------------------------------------------------------
1    10.20.24.15  172.16.255.15  49142  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           3745446565  
1    10.20.24.15  172.16.255.15  49143  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           4           
1    10.20.24.15  172.16.255.15  49144  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           9           
1    10.20.24.15  172.16.255.15  49145  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           14          
1    10.20.24.15  172.16.255.15  49146  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           19          
1    10.20.24.15  172.16.255.15  49147  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           24          
1    10.20.24.15  172.16.255.15  49148  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           29          
1    10.20.24.15  172.16.255.15  49149  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           34          
1    10.20.24.15  172.16.255.15  49150  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           39          
1    10.20.24.15  172.16.255.15  49151  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           44          
1    10.20.24.15  172.16.255.15  49152  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           49          
1    10.20.24.15  172.16.255.15  49153  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           54          
1    10.20.24.15  172.16.255.15  49154  13322  0     6      2      0       0.0.0.0  4294967295  4294967295  1      78     78   78           59          

vEdge# clear app cflowd flows vpn 1 
vEdge# show app cflow flows  
%  No entries found.
vEdge#                

clear app cflowd statistics

Zero cflowd packet statistics (on vEdge routers only).

clear app cflowd statistics

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# show app cflowd statistics 
      data_pkts                :      539 
      template_pkts            :      15 
      total-pkts               :      0 
      flow-refresh             :      269 
      flow-ageout              :      270 
vEdge# clear app cflowd statistics 
vEdge# show app cflowd statistics 
      data_pkts                :      2 
      template_pkts            :      0 
      total-pkts               :      0 
      flow-refresh             :      1 
      flow-ageout              :      1 

clear app dpi all

Clear all DPI flows on the vEdge router (on vEdge routers only).

clear app dpi all

Command History

Release

Modification

15.2

Command introduced.

Examples

vEdge# show app dpi flows

                                   Source  Dest                                                                        
VPN  SRC IP         DST IP         Port    Port   Protocol  APPLICATION  FAMILY             ACTIVE SINCE               
-----------------------------------------------------------------------------------------------------------------------
1    10.192.42.2    74.125.20.95   20581   443    udp       unknown      Standard           2015-05-04T14:07:46+00:00  
1    10.192.42.2    74.125.25.188  55742   5228   tcp       gtalk        Instant Messaging  2015-05-03T21:06:57+00:00  
1    10.192.42.2    74.125.28.95   36597   443    tcp       google       Web                2015-05-04T14:12:43+00:00  
1    10.192.42.2    74.125.28.95   36598   443    tcp       google       Web                2015-05-04T14:12:45+00:00  
1    10.192.42.2    192.168.15.3   63665   53     udp       dns          Network Service    2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.58.192.14  40616   443    tcp       https        Web                2015-05-04T14:12:02+00:00  
1    10.192.42.2    216.58.192.36  45889   443    tcp       https        Web                2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.58.192.36  45903   443    tcp       https        Web                2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.115.20.77  10000   10000  udp       sip          Audio/Video        2015-05-03T08:22:51+00:00  
1    192.168.20.83  1.1.42.1       51586   22     tcp       ssh          Encrypted          2015-05-04T13:28:03+00:00 

vEdge# clear app dpi all
vEdge# show app dpi flows
% No entries found.
vEdge#         

clear app dpi apps

Clear specific applications in a particular VPN on the vEdge router (on vEdge routers only).

clear app dpi apps vpn vpn-id [application name] [source-prefix prefix | length]

Syntax Description

application name

Application Name:

Name of the application to clear.

source-prefix prefix|length

Source IP address:

Source IP prefix for the application or applications to clear.

vpn vpn-id

VPN:

VPN in which the application participates.

Command History

Release

Modification

15.2

Command introduced.

Examples

vEdge# show app dpi applications 

VPN  SRC IP       APPLICATION         FAMILY               
-----------------------------------------------------------
1    2.51.88.142  bittorrent          Peer to Peer         
1    10.192.42.1  syslog              Application Service  
1    10.192.42.1  tcp                 Network Service      
1    10.192.42.1  unknown             Standard             
1    10.192.42.2  addthis             Web                  
1    10.192.42.2  adobe               Web                  
1    10.192.42.2  adobe_update        Web                  
1    10.192.42.2  akamai              Web                  
1    10.192.42.2  alexa               Web                  
1    10.192.42.2  alibaba             Web                  
1    10.192.42.2  aliexpress          Web                  
1    10.192.42.2  amazon              Web                  
1    10.192.42.2  amazon_adsystem     Web                  
1    10.192.42.2  amazon_aws          Web                  
1    10.192.42.2  amazon_cloud_drive  Web                  
1    10.192.42.2  aol                 Web                  
1    10.192.42.2  apple               Web 
...

vEdge# clear app dpi apps vpn 1 application aol 
vEdge# show app dpi applications 

VPN  SRC IP       APPLICATION         FAMILY               
-----------------------------------------------------------
1    2.51.88.142  bittorrent          Peer to Peer         
1    10.192.42.1  syslog              Application Service  
1    10.192.42.1  tcp                 Network Service      
1    10.192.42.1  unknown             Standard             
1    10.192.42.2  addthis             Web                  
1    10.192.42.2  adobe               Web                  
1    10.192.42.2  adobe_update        Web                  
1    10.192.42.2  akamai              Web                  
1    10.192.42.2  alexa               Web                  
1    10.192.42.2  alibaba             Web                  
1    10.192.42.2  aliexpress          Web                  
1    10.192.42.2  amazon              Web                  
1    10.192.42.2  amazon_adsystem     Web                  
1    10.192.42.2  amazon_aws          Web                  
1    10.192.42.2  amazon_cloud_drive  Web                  
1    10.192.42.2  apple               Web 
...    

clear app dpi flows

Clear specific DPI flows in a particular VPN on the vEdge router (on vEdge routers only).

clear app dpi flows vpn vpn-id [destination-prefix prefix/length] [destination-port number] [ip-protocol protocol] [source-prefix prefix/length] [src-port number]

Syntax Description

destination-prefix prefix/length

source-prefix prefix/length

IP Prefix:

Destination or source IP prefix of the flow.

destination-port number

source-port number

Port Number:

Destination or source port number of the flow.

ip-protocol protocol

Protocol:

Destination or source port number of the flow.

vpn vpn-id

VPN:

VPN in which the flow participates.

Command History

Release

Modification

15.2

Command introduced.

Examples

vEdge# show app dpi flows

                                   Source  Dest                                                                        
VPN  SRC IP         DST IP         Port    Port   PROTOCOL  APPLICATION  FAMILY             ACTIVE SINCE               
-----------------------------------------------------------------------------------------------------------------------
1    10.192.42.2    74.125.20.95   20581   443    udp       unknown      Standard           2015-05-04T14:07:46+00:00  
1    10.192.42.2    74.125.25.188  55742   5228   tcp       gtalk        Instant Messaging  2015-05-03T21:06:57+00:00  
1    10.192.42.2    74.125.28.95   36597   443    tcp       google       Web                2015-05-04T14:12:43+00:00  
1    10.192.42.2    74.125.28.95   36598   443    tcp       google       Web                2015-05-04T14:12:45+00:00  
1    10.192.42.2    192.168.15.3   63665   53     udp       dns          Network Service    2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.58.192.14  40616   443    tcp       https        Web                2015-05-04T14:12:02+00:00  
1    10.192.42.2    216.58.192.36  45889   443    tcp       https        Web                2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.58.192.36  45903   443    tcp       https        Web                2015-05-04T14:14:40+00:00  
1    10.192.42.2    216.115.20.77  10000   10000  udp       sip          Audio/Video        2015-05-03T08:22:51+00:00  
1    192.168.20.83  1.1.42.1       51586   22     tcp       ssh          Encrypted          2015-05-04T13:28:03+00:00 

vEdge# clear app dpi flows vpn 1
vEdge# show app dpi flows
% No entries found.
vEdge#   

clear app log flows

Clear the information logged about flows (on vEdge routers only). After you issue this command, collection of information about the flow resumes immediately.

clear app log flows [dest-ip prefix] [dest-port number] [ip-proto number] [src-ip prefix] [src-port number] vpn vpn-id

Syntax Description

none

Clear information logged about all flows on the router.

dest-ip prefix

Destination IP Prefix:

Clear information logged about flows with the specified destination IP prefix.

dest-port number

Destination Port Number:

Clear information logged about flows with the specified destination port number.

ip-protocol number

IP Protocol:

Clear information logged about flows with the specified IP protocol number.

src-ip prefix

Source IP Prefix:

Clear information logged about flows with the specified source IP prefix.

src-port number

Source Port Number:

Clear information logged about flows with the specified source port number.

vpn vpn-id

Specific VPN:

Clear the logged flows in the specified VPN.

Command History

Release

Modification

16.3

Command introduced.

Examples

vEdge# show app log flows | tab 

                                                        TCP                                                                TIME    EGRESS  INGRESS                                  
                             SRC    DEST         IP     CNTRL  ICMP                TOTAL  TOTAL                            TO      INTF    INTF     POLICY     POLICY  POLICY       
VPN  SRC IP      DEST IP     PORT   PORT   DSCP  PROTO  BITS   OPCODE  NHOP IP     PKTS   BYTES  START TIME                EXPIRE  NAME    NAME     NAME       ACTION  DIRECTION    
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0    10.0.5.11   10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  102    28942  Thu Dec  8 11:42:38 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.5.11   10.1.15.15  12366  12366  48    17     0      0       10.1.15.15  10     1910   Thu Dec  8 11:42:28 2016  14      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.5.19   10.1.15.15  12446  12346  48    17     0      0       10.1.15.15  73     17458  Thu Dec  8 11:42:34 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.5.21   10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  102    28942  Thu Dec  8 11:42:38 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.5.21   10.1.15.15  12366  12366  48    17     0      0       10.1.15.15  11     2101   Thu Dec  8 11:42:28 2016  15      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.12.20  10.1.15.15  12446  12346  48    17     0      0       10.1.15.15  76     17887  Thu Dec  8 11:42:34 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.12.26  10.1.15.15  0      0      0     1      0      0       10.1.15.15  17     1666   Thu Dec  8 11:42:33 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.12.26  10.1.15.15  12346  12346  48    17     0      0       10.1.15.15  28     7167   Thu Dec  8 11:42:33 2016  28      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.14.14  10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  106    32230  Thu Dec  8 11:42:38 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.14.14  10.1.15.15  12366  12366  48    17     0      0       10.1.15.15  11     2101   Thu Dec  8 11:42:28 2016  15      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.16.16  10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  102    28942  Thu Dec  8 11:42:38 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.16.16  10.1.15.15  12366  12366  48    17     0      0       10.1.15.15  11     2101   Thu Dec  8 11:42:28 2016  15      cpu     ge0/0    BlackBird  accept  inbound-acl  

vEdge# clear app log flows
Value for 'vpn' (<0..65530>): 0 
vEdge# show app log flows | tab

                                                        TCP                                                                TIME    EGRESS  INGRESS                                  
                             SRC    DEST         IP     CNTRL  ICMP                TOTAL  TOTAL                            TO      INTF    INTF     POLICY     POLICY  POLICY       
VPN  SRC IP      DEST IP     PORT   PORT   DSCP  PROTO  BITS   OPCODE  NHOP IP     PKTS   BYTES  START TIME                EXPIRE  NAME    NAME     NAME       ACTION  DIRECTION    
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0    10.0.5.11   10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  3      573    Thu Dec  8 11:43:33 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.0.5.21   10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  3      573    Thu Dec  8 11:43:33 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.14.14  10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  3      573    Thu Dec  8 11:43:33 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  
0    10.1.16.16  10.1.15.15  12366  12346  48    17     0      0       10.1.15.15  3      573    Thu Dec  8 11:43:33 2016  59      cpu     ge0/0    BlackBird  accept  inbound-acl  

clear arp

Refresh dynamically created IPv4 entries in the Address Resolution Protocol (ARP) cache (on vEdge routers and vSmart controllers only).

To clear IPv6 entries in the ARP cache, use the clear ipv6 neighbor command.

clear arp [interface interface-name] [ip-address​] [vpn vpn-id ]

Syntax Description

none

Refresh all dynamic ARP cache entries.

interface interface-name

Interface:

Refresh the dynamic ARP cache entries associated with the specific interface.

ip-address

IP Address:

Refresh the dynamic ARP cache entries for the specified IP address.

vpn vpn-id

VPN:

Refresh the dynamic ARP cache entries for the specific VPN.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show arp
     IF                                                                     
VPN  NAME   IP           MAC                STATE    IDLE TIMER  UPTIME     
-----------------------------------------------------------------------------
0    ge0/0  10.0.11.1    00:0c:29:86:ea:83  static   0:00:00:00  0:13:02:02 
0    ge0/7  10.0.100.11  00:0c:29:86:ea:c9  static   0:00:00:00  0:13:03:58 
512  eth0   10.0.1.1     00:50:56:c0:00:01  dynamic  0:00:13:34  0:00:15:25 
512  eth0   10.0.1.11    00:50:56:00:01:01  static   0:00:00:00  0:13:04:22 
512  eth0   10.0.1.254   00:50:56:fe:2a:d4  dynamic  0:00:19:34  0:00:03:25 

vEdge# clear arp entries
vEdge# show arp
     IF                                                                    
VPN  NAME   IP           MAC                STATE   IDLE TIMER  UPTIME     
----------------------------------------------------------------------------
0    ge0/0  10.0.11.1    00:0c:29:86:ea:83  static  0:00:00:00  0:13:02:08 
0    ge0/7  10.0.100.11  00:0c:29:86:ea:c9  static  0:00:00:00  0:13:04:04 
512  eth0   10.0.1.11    00:50:56:00:01:01  static  0:00:00:00  0:13:04:29

clear bfd transitions

Clear the counters for BFD transitions (on vEdge routers only). 

clear bfd transitions

Command History

Release

Modification

15.1.1

Command introduced.

Examples

vEdge# show bfd sessions system-ip 1.1.1.1
                                      SOURCE TLOC      REMOTE TLOC                       DST PUBLIC       DST PUBLIC         DETECT      TX                              
SYSTEM IP        SITE ID  STATE       COLOR            COLOR            SOURCE IP        IP               PORT        ENCAP  MULTIPLIER  INTERVAL(msec)  UPTIME         TRANSITIONS 
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1          1        up          default          public-internet  192.168.1.104    69.181.135.19    34601       ipsec  3           1000           3:17:22:43      5

vEdge# clear bfd transitions
vEdge# show bfd sessions system-ip 1.1.1.1
                                      SOURCE TLOC      REMOTE TLOC                       DST PUBLIC       DST PUBLIC         DETECT      TX                              
SYSTEM IP        SITE ID  STATE       COLOR            COLOR            SOURCE IP        IP               PORT        ENCAP  MULTIPLIER  INTERVAL(msec)  UPTIME         TRANSITIONS 
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1.1.1.1          1        up          default          public-internet  192.168.1.104    69.181.135.19    34601       ipsec  3           1000           3:17:22:43      0

clear bgp all

Reset BGP peering sessions with all neighbors in a specific VPN (on vEdge routers only).

clear bgp all vpn vpn-id

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show bgp neighbor vpn 1
                      MSG   MSG   OUT                                        
VPN  PEER ADDR    AS  RCVD  SENT  Q    UPTIME      STATE        AFI          
------------------------------------------------------------------------------
1    10.20.25.16  1   4884  4892  0    0:00:18:31  established  ipv4-unicast 

vEdge# clear bgp all vpn 1
vEdge# show bgp neighbor vpn 1
                      MSG   MSG   OUT                              
VPN  PEER ADDR    AS  RCVD  SENT  Q    UPTIME  STATE  AFI          
--------------------------------------------------------------------
1    10.20.25.16  1   4895  4904  0    -       idle   ipv4-unicast

clear bgp neighbor

Reset the peering sessions with a specific BGP neighbor in a VPN (on vEdge routers only).

clear bgp neighbor ip-address vpn vpn-id [soft (in | out)]

Syntax Description

ip-addressvpn vpn-id

Neighbor Address and VPN:

Reset the connection to the specific BGP neighbor in the specified VPN.

soft (in | out)

Soft Reset:

Perform a reset when the routing policy changes so that the new policy can take effect. With a soft reset, the route table is reconfigured and reactivated, but the BGP session itself is not reset. Use the in option to generate inbound route table updates from the BGP neighbor, and use the out option to have the local router send a new set of updated to the BGP neighbor.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# clear bgp neighbor 10.20.25.16 vpn 1
vEdge# show bgp neighbor 

                      MSG   MSG   OUT                              
VPN  PEER ADDR    AS  RCVD  SENT  Q    UPTIME  STATE  AFI          
--------------------------------------------------------------------
1    10.20.25.16  1   8102  8122  0    -       idle   ipv4-unicast

vEdge# show bgp neighbor 
                      MSG   MSG   OUT                                         
VPN  PEER ADDR    AS  RCVD  SENT  Q    UPTIME      STATE        AFI           
------------------------------------------------------------------------------
1    10.20.25.16  1   7971  7988  0    0:00:48:56  established  ipv4-unicast  

vEdge# clear bgp neighbor 10.20.25.16 vpn 1 soft out
vEdge# show bgp neighbor
VPN  PEER ADDR    AS  RCVD  SENT  Q    UPTIME      STATE        AFI          
------------------------------------------------------------------------------
1    10.20.25.16  1   7986  8004  0    0:00:49:12  established  ipv4-unicast

clear bridge mac

Clear the MAC addresses that this vEdge router has learned (on vEdge routers only). The router restarts its MAC address learning process, performing flooding until all the MAC addresses are relearned.

clear bridge mac

Command History

Release

Modification

15.3

Command introduced.

Examples

vEdge# show bridge mac

                                               RX    RX      TX    TX      
BRIDGE  INTERFACE  MAC ADDR           STATE    PKTS  OCTETS  PKTS  OCTETS  
-------------------------------------------------------------------------
1       ge0/5      aa:01:05:05:00:01  dynamic  2     248     0     0       
1       ge0/5      aa:01:05:05:00:02  dynamic  2     248     0     0       
1       ge0/5      aa:01:05:05:00:03  dynamic  2     248     0     0       
1       ge0/5      aa:01:05:05:00:04  dynamic  2     248     0     0       
1       ge0/5      aa:01:05:05:00:05  dynamic  2     248     0     0       
2       ge0/5      aa:02:05:05:00:01  dynamic  2     248     0     0       
2       ge0/5      aa:02:05:05:00:02  dynamic  2     248     0     0       
2       ge0/5      aa:02:05:05:00:03  dynamic  2     248     0     0       
2       ge0/5      aa:02:05:05:00:04  dynamic  1     124     0     0       
2       ge0/5      aa:02:05:05:00:05  dynamic  1     124     0     0       

vEdge# clear bridge mac
vEdge# show bridge mac
% No entries
vEdge#

clear cellular errors

Clear errors associated with cellular interfaces (on vEdge routers only).

clear cellular errors

Command History

Release

Modification

16.1

Command introduced.

Examples

vEdge# show cellular status 
           MODEM   SIM     SIGNAL     NETWORK                           
INTERFACE  STATUS  STATUS  STRENGTH   STATUS     LAST SEEN ERROR        
------------------------------------------------------------------------
cellular0  Online  Ready   Excellent  Registered  Device has no service  

vEdge# clear cellular errors
vEdge# show cellular status 
           MODEM   SIM     SIGNAL     NETWORK                           
INTERFACE  STATUS  STATUS  STRENGTH   STATUS     LAST SEEN ERROR        
------------------------------------------------------------------------
cellular0  Online  Ready   Excellent  Registered None     

clear cellular session statistics

Clear the statistics for cellular sessions (on vEdge routers only).

clear cellular session statistics

Command History

Release

Modification

16.1

Command introduced.

Examples

vEdge# clear cellular session statistics
vEdge# show cellular session statistics
           SESSION  DATA    DORMANCY  ACTIVE   RX       RX     RX      RX         TX       TX     TX      TX         RX       TX                   IPV4                IPV4 DNS
INTERFACE  ID       BEARER  STATE     PROFILE  PACKETS  DROPS  ERRORS  OVERFLOWS  PACKETS  DROPS  ERRORS  OVERFLOWS  OCTETS   OCTETS    IPV4 ADDR  MASK   IPV4 GW      PRI         IPV4 DNS SEC
--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
cellular0  0        LTE     Active    1        0         0      0       0          0       0      0       0          0        0         10.12.15.6  30    10.12.15.5   10.12.15.1  255.255.255.255   

clear cloudexpress computations

Clear the computations performed by Cloud OnRamp for SaaS (formerly called CloudExpress service) (on vEdge routers only). Cloud OnRamp for SaaS computations include application loss, latency, and best interface.

clear cloudexpress computations [application application]

Syntax Description

(none)

Clear all computations for all applications in all VPNs configured with Cloud OnRamp for SaaS.

application

Specific Application: Clear computations for a specific application configured for Cloud OnRamp for SaaS.

Values: amazon_aws, box_net, concur, dropbox, google_apps, gotomeeting, intuit, jira, office365, oracle, salesforce, sap, sugar_crm, webex, zendesk, zoho_crm

Command History

Release

Modification

16.3

Command introduced.

17.1

Removed vpn command option.

Examples

Clear the Cloud OnRamp for SaaS computations

vEdge# show cloudexpress applications  
                                     GATEWAY
                              EXIT   SYSTEM
VPN  APPLICATION              TYPE   IP       INTERFACE  LATENCY  LOSS
------------------------------------------------------------------------
100  salesforce               local  -        ge0/2      81       1
100  office365                local  -        ge0/2      61       1
100  amazon_aws               local  -        ge0/2      105      2
100  oracle                   local  -        ge0/0      79       1
100  sap                      local  -        ge0/2      61       1
100  box_net                  local  -        ge0/0      18       1
100  dropbox                  local  -        ge0/2      30       1
100  jira                     local  -        ge0/0      83       2
100  intuit                   local  -        ge0/0      35       3
100  concur                   local  -        ge0/2      62       1
100  zoho_crm                 local  -        ge0/0      14       1
100  zendesk                  local  -        ge0/2      6        0
100  gotomeeting              local  -        ge0/0      13       1
100  webex                    local  -        ge0/0      69       2
100  google_apps              local  -        ge0/0      19       0

vEdge# clear cloudexpress computations
vEdge# show cloudexpress applications  
                                    GATEWAY
                              EXIT  SYSTEM
VPN  APPLICATION              TYPE  IP       INTERFACE  LATENCY  LOSS
-----------------------------------------------------------------------
100  salesforce               none  -        -          0        0
100  office365                none  -        -          0        0
100  amazon_aws               none  -        -          0        0
100  oracle                   none  -        -          0        0
100  sap                      none  -        -          0        0
100  box_net                  none  -        -          0        0
100  dropbox                  none  -        -          0        0
100  jira                     none  -        -          0        0
100  intuit                   none  -        -          0        0
100  concur                   none  -        -          0        0
100  zoho_crm                 none  -        -          0        0
100  zendesk                  none  -        -          0        0
100  gotomeeting              none  -        -          0        0
100  webex                    none  -        -          0        0
100  google_apps              none  -        -          0        0

clear cloudinit data

Clear bootstrap information received from cloud-init in order to attach a new cloud-init file. Cloud-init information includes a token, vBond orchestrator IP address, and organization name (on vEdge Cloud routers only).

clear cloudinit data

Command History

Release

Modification

17.1

Command introduced.

clear control connections

Reset the DTLS connections from the local device to all Cisco SD-WAN devices.

clear control connections


Note


This command will reset all the Bidirectional Forwarding Detection (BFD) tunnels on the device.


Command History

Release

Modification

14.2

Command introduced.

Examples

vSmart# show control connections
                                                                            PEER                      PEER                                                    
PEER     PEER     PEER             SITE        DOMAIN      PEER             PRIVATE  PEER             PUBLIC                                                  
TYPE     PROTOCOL SYSTEM IP        ID          ID          PRIVATE IP       PORT     PUBLIC IP        PORT    REMOTE COLOR     STATE           UPTIME         
--------------------------------------------------------------------------------------------------------------------------------------------------------------
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              up              0:14:01:50     
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              up              0:00:01:58     
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              up              0:14:01:47     
vsmart   dtls     172.16.255.20    200         1           10.0.12.20       12346    10.0.12.20       12346   default          up              0:14:01:37     
vbond    dtls     -                0           0           10.1.14.14       12346    10.1.14.14       12346   default          up              0:14:01:54     
vmanage  dtls     172.16.255.22    200         1           10.0.12.22       12346    10.0.12.22       12346   default          up              0:14:01:43     

vSmart# clear control connections  
vSmart# show control connections 
                                                                            PEER                      PEER                                                    
PEER     PEER     PEER             SITE        DOMAIN      PEER             PRIVATE  PEER             PUBLIC                                                  
TYPE     PROTOCOL SYSTEM IP        ID          ID          PRIVATE IP       PORT     PUBLIC IP        PORT    REMOTE COLOR     STATE           UPTIME         
--------------------------------------------------------------------------------------------------------------------------------------------------------------
vsmart   dtls     172.16.255.20    200         1           10.0.12.20       12346    10.0.12.20       12346   default          up              0:00:00:02     
vbond    dtls     -                0           0           10.1.14.14       12346    10.1.14.14       12346   default          up              0:00:00:03     
vmanage  dtls     172.16.255.22    200         1           10.0.12.22       12346    10.0.12.22       12346   default          up              0:00:00:02

Release Information Edit section 

clear control connections-history

Erase the connection history on the local device.

clear control connections-history

Examples

vEdge# show control connections-history 
                                                
ACSRREJ    - Challenge rejected by peer.               NOVMCFG   - No cfg in vmanage for device.
BDSGVERFL  - Board ID Signature Verify Failure.        NOZTPEN   - No/Bad chassis-number entry in ZTP.
BIDNTPR    - Board ID not Initialized.                 ORPTMO    - Server's peer timed out.
BIDNTVRFD  - Peer Board ID Cert not verified.          RMGSPR    - Remove Global saved peer.
CERTEXPRD  - Certificate Expired                       RXTRDWN   - Received Teardown.
CRTREJSER  - Challenge response rejected by peer.      RDSIGFBD  - Read Signature from Board ID failed.
CRTVERFL   - Fail to verify Peer Certificate.          SSLNFAIL  - Failure to create new SSL context.
CTORGNMMIS - Certificate Org name mismatch.            SERNTPRES - Serial Number not present.
DCONFAIL   - DTLS connection failure.                  SYSIPCHNG - System-IP changed. 
DEVALC     - Device memory Alloc failures.             TMRALC    - Memory Failure.
DHSTMO     - DTLS HandShake Timeout.                   TUNALC    - Memory Failure.
DISCVBD    - Disconnect vBond after register reply.    TXCHTOBD  - Failed to send challenge to BoardID. 
DISTLOC    - TLOC Disabled.                            UNMSGBDRG - Unknown Message type or Bad Register msg.
DUPSER     - Duplicate Serial Number.                  UNAUTHEL  - Recd Hello from Unauthenticated peer.
DUPCLHELO  - Recd a Dup Client Hello, Reset Gl Peer.   VBDEST    - vDaemon process terminated.
HAFAIL     - SSL Handshake failure.                    VECRTREV  - vEdge Certification revoked.
IP_TOS     - Socket Options failure.                   VSCRTREV  - vSmart Certificate revoked.
LISFD      - Listener Socket FD Error.                 VB_TMO    - Peer vBond Timed out.
MGRTBLCKD  - Migration blocked. Wait for local TMO.
MEMALCFL   - Memory Allocation Failure.                VM_TMO    - Peer vManage Timed out.
NOACTVB    - No Active vBond found to connect.         VP_TMO    - Peer vEdge Timed out.
NOERR      - No Error.                                 VS_TMO    - Peer vSmart Timed out.
NOSLPRCRT  - Unable to get peer's certificate.         XTVSTRDN  - Extra vSmart tear down.

                                                                            PEER                      PEER                                                                              
PEER     PEER     PEER             SITE        DOMAIN      PEER             PRIVATE  PEER             PUBLIC                             LOCAL     REMOTE     REPEAT  
TYPE     PROTOCOL SYSTEM IP        ID          ID          PRIVATE IP       PORT     PUBLIC IP        PORT    LOCAL COLOR  STATE         ERROR     ERROR      COUNT DOWNTIME 
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
vbond    dtls     -                0           0           10.1.14.14       12346    10.1.14.14       12346   lte          tear_down     DISCVBD    NOERR     0     2016-02-23T16:33:30-0800   
vbond    dtls     -                0           0           10.1.14.14       12346    10.1.14.14       12346   lte          connect       DCONFAIL   NOERR     4     2016-02-23T16:32:51-0800  

vEdge# clear control connections-history
vEdge# show control connections-history
vEdge#

Command History

Release

Modification

16.1

Command introduced.

clear control port-index

To reset port-hop back to the base port on Cisco vEdge devices, use the clear control port-index command in privileged EXEC mode.

clear control port-index

Syntax Description

This command has no keywords or arguments.

Command Default

This command has no default behavior.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco SD-WAN Release 20.6.1

This command was introduced.

Usage Guidelines

Use the clear control port-index command to reach back to 12346 base port on all the WAN interfaces.

The following example shows how to clear the port-hopping bucket index:

Device# clear control port-index

clear crash

Delete the core files on the local device. Core files are saved in the /var/crash directory on the local device.

clear crash number

Syntax Description

(none)

Clear all core and information files on the device.

number

Specific Core File: Clear the specific core file.

number is the index number listed in the show crash output.

Command History

Release

Modification

15.2

Command introduced.

Examples

vSmart# show crash 

INDEX  CORE TIME                 CORE FILENAME                    
------------------------------------------------------------------
0      Tue Sep  2 17:13:43 2014  core.ompd.866.vsmart.1409703222  

vSmart# clear crash
Are you sure you want to clear core and info files? [yes, NO]
vSmart# yes
vSmart# show crash
% No entries found.

clear dhcp server-bindings

Clear the bindings to DHCP servers (on vEdge routers only).

clear dhcp server-bindings vpn vpn-id interface interface-name [client-mac mac-address]

Syntax Description

interface interface-name

Interface to DHCP Server: Interface to use to reach the DHCP server.

client-mac client-mac

MAC Address of DHCP Server: Clear the entry for a single DHCP host based on the host's MAC address.

vpn vpn-id

VPN: Clear the DHCP bindings in a specific VPN.

Command History

Release

Modification

14.3

Command introduced.

15.1

client-mac option added.

clear dhcp state

Clear IPv4 DHCP state on the local device (on vEdge routers and vSmart controllers only).

clear dhcp state interface interface-name [vpn vpn-id]

Syntax Description

interface interface-name

Clear the DHCP state of a specific interface.

vpn vpn-id

Clear the DHCP state of an interface in the specified VPN.

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# clear dhcp state interface ge0/0
vEdge# show dhcp interface state init
                    ACQUIRED   LEASE  TIME                
VPN  IFNAME  STATE  IP         TIME   REMAINING  GATEWAY  
----------------------------------------------------------
0    ge0/0   init   0.0.0.0/0  -      -          0.0.0.0 

clear dns cache

Clear the cache of DNS entries on the local device. Use this command to clear stale entries from the DNS cache.

The DNS cache is populated when the device establishes a connection with the vBond orchestrator. For a vEdge router, this connection is transient, and the DNS cache is cleared when its connection to the vBond orchestrator is closed. For a vSmart controller, the connection to a vBond orchestrator is permanent.

clear dns cache

Command History

Release

Modification

15.3

Command introduced.

Examples

In the example output below, the entries in the DNS cache are highlighted in bold. After the DNS cache is cleared, it takes about 30 seconds for the vSmart controller to reestablish its connection with the vBond orchestrator and to repopulate its DNS cache.
vSmart# show control local-properties 
organization-name            Cisco Inc
certificate-status           Installed
root-ca-chain-status         Installed

certificate-validity         Valid
certificate-not-valid-before Jun 29 18:00:05 2015 GMT
certificate-not-valid-after  Jun 28 18:00:05 2016 GMT

dns-name                     10.1.14.14
site-id                      100
domain-id                    1
protocol                     dtls
tls-port                     23456
system-ip                    172.16.255.19
chassis-num/unique-id        faa123ce-d281-43f1-a3f6-c95925d66869
serial-num                   12345602
register-interval            0:00:00:30
retry-interval               0:00:00:15
no-activity-exp-interval     0:00:00:12
dns-cache-ttl                0:00:30:00
port-hopped                  FALSE
time-since-last-port-hop     0:00:00:00
number-vbond-peers           1

INDEX   IP                 PORT

-------------------------------

0       10.1.14.14         12346

number-active-wan-interfaces 1

                 PUBLIC           PUBLIC  PRIVATE          PRIVATE                                                       ADMIN     OPERATION  LAST
INDEX  INTERFACE IP               PORT    IP               PORT     VSMARTS  VMANAGES  COLOR            CARRIER          STATE     STATE      CONNECTION
---------------------------------------------------------------------------------------------------------------------------------------------------------
0      eth1      10.0.5.19        12346   10.0.5.19        12346    1        1         default          default          up        up        0:00:00:08

vSmart# clear dns cache
vSmart# show control local-properties 
organization-name            Cisco Inc
certificate-status           Installed
root-ca-chain-status         Installed

certificate-validity         Valid
certificate-not-valid-before Jun 29 18:00:05 2015 GMT
certificate-not-valid-after  Jun 28 18:00:05 2016 GMT

dns-name                     10.1.14.14
site-id                      100
domain-id                    1
protocol                     dtls
tls-port                     23456
system-ip                    172.16.255.19
chassis-num/unique-id        faa123ce-d281-43f1-a3f6-c95925d66869
serial-num                   12345602
register-interval            0:00:00:30
retry-interval               0:00:00:15
no-activity-exp-interval     0:00:00:12
dns-cache-ttl                0:00:30:00
port-hopped                  FALSE
time-since-last-port-hop     0:00:00:00
number-vbond-peers           0
number-active-wan-interfaces 1

                 PUBLIC           PUBLIC  PRIVATE          PRIVATE                                                       ADMIN     OPERATION  LAST
INDEX  INTERFACE IP               PORT    IP               PORT     VSMARTS  VMANAGES  COLOR            CARRIER          STATE     STATE      CONNECTION
--------------------------------------------------------------------------------------------------------------------------------------------------------
0      eth1      10.0.5.19        12346   10.0.5.19        12346    1        1         default          default          up        up        0:00:00:16

vSmart# about 30 seconds elapse
vSmart# show control local-properties
organization-name            Cisco Inc
certificate-status           Installed
root-ca-chain-status         Installed

certificate-validity         Valid
certificate-not-valid-before Jun 29 18:00:05 2015 GMT
certificate-not-valid-after  Jun 28 18:00:05 2016 GMT

dns-name                     10.1.14.14
site-id                      100
domain-id                    1
protocol                     dtls
tls-port                     23456
system-ip                    172.16.255.19
chassis-num/unique-id        faa123ce-d281-43f1-a3f6-c95925d66869
serial-num                   12345602
register-interval            0:00:00:30
retry-interval               0:00:00:15
no-activity-exp-interval     0:00:00:12
dns-cache-ttl                0:00:30:00
port-hopped                  FALSE
time-since-last-port-hop     0:00:00:00
number-vbond-peers           1

INDEX   IP                 PORT
-------------------------------
0       10.1.14.14         12346 

number-active-wan-interfaces 1

                 PUBLIC           PUBLIC  PRIVATE          PRIVATE                                                       ADMIN     OPERATION  LAST
INDEX  INTERFACE IP               PORT    IP               PORT     VSMARTS  VMANAGES  COLOR            CARRIER          STATE     STATE      CONNECTION
--------------------------------------------------------------------------------------------------------------------------------------------------------
0      eth1      10.0.5.19        12346   10.0.5.19        12346    1        1         default          default          up        up        0:00:00:03

clear dot1x client

Deauthenticate a client connected on an 802.1X or 802.11i interface (on vEdge routers only). Reauthentication occurs automatically if the client attempts to use the interface again.

clear dot1x client mac-address interface interface-name

Syntax Description

mac-address

Client MAC Address: MAC address of the client to deauthenticate.

To determine a client's MAC address, use the show dot1x clients command.

interface interface-name

Interface Name: Interface through which the client is reachable.

To determine the interface name, use the show dot1x interfaces command.

Command History

Release

Modification

16.3

Command introduced.

clear history

Clear the history of the commands issued in operational mode.

clear history

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show history
23:20:03 -- show arp
23:20:08 -- clear arp entries
23:20:10 -- show arp
23:22:28 -- clear dhcp
23:22:34 -- clear dhcp state
23:22:43 -- show dhcp
23:22:53 -- clear dhcp inter eth0
23:23:17 -- clear dhcp state interface eth0
23:23:28 -- show dhcp
23:23:50 -- show interface
23:24:13 -- show dhcp
23:26:01 -- history
23:26:09 -- show history
vEdge# clear history
vEdge# show history
23:26:18 -- show history
vEdge#

clear igmp interface

Clear the interfaces on which IGMP is enabled on the router (on vEdge routers only).

Syntax Description

interface-name

Interface Name: Name of the interface to clear.

interface-name has the format geslot/port.

vpn vpn-id

VPN: Clear IGMP information in a specific VPN.

Command History

Release

Modification

14.3

Command introduced.

clear igmp protocol

Flush all IGMP groups and relearn them (on vEdge routers only).

clear igmp interface vpn vpn-id

Syntax Description

vpn vpn-id

VPN: Flush all IGMP groups in a specific VPN.

Command History

Release

Modification

14.3

Command introduced.

clear igmp statistics

Zero IGMP statistics (on vEdge routers only).

clear igmp statistics [vpn vpn-id]

Syntax Description

(none)

Clear IGMP statistics for all VPNs.

vpn vpn-id

VPN: Clear IGMP statistics in a specific VPN.

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# show igmp statistics

     RX       RX                                            TX       TX            
     GENERAL  GROUP  RX V1   RX V2   RX     RX       RX     GENERAL  GROUP  TX     
VPN  QUERY    QUERY  REPORT  REPORT  LEAVE  UNKNOWN  ERROR  QUERY    QUERY  ERROR  
-----------------------------------------------------------------------------------
1    0        0      0       0       0      0        0      238      0      0      

vEdge# clear igmp statistics 
vEdge# show igmp statistics 

     RX       RX                                            TX       TX            
     GENERAL  GROUP  RX V1   RX V2   RX     RX       RX     GENERAL  GROUP  TX     
VPN  QUERY    QUERY  REPORT  REPORT  LEAVE  UNKNOWN  ERROR  QUERY    QUERY  ERROR  
-----------------------------------------------------------------------------------
1    0        0      0       0       0      0        0      0        0      0  

clear installed-certificates

Clear all the certificates on the local device, including the public and private keys and the root certificate, and return the device to the factory-default state.

clear installed-certificates

Command History

Release

Modification

14.1

Command introduced.

Examples

vSmart# show control local-properties 
organization-name            Cisco Inc
certificate-status           Installed
root-ca-chain-status         Installed

certificate-validity         Valid
certificate-not-valid-before Apr 07 20:03:36 2014 GMT
certificate-not-valid-after  Apr 07 20:03:36 2015 GMT

dns-name                     10.1.14.14
site-id                      100
domain-id                    1
system-ip                    172.16.255.19
register-interval            0:00:00:30
retry-interval               0:00:00:15
dns-cache-ttl                0:00:30:00
number-vbond-peers           1

INDEX   IP                 PORT
-------------------------------
0       10.1.14.14         12346  

number-active-wan-interfaces 1

       PUBLIC           PUBLIC  PRIVATE          PRIVATE                                             ADMIN     OPERATION 
INDEX  IP               PORT    IP               PORT     VSMARTS  COLOR            CARRIER          STATE     STATE     
------------------------------------------------------------------------------------------------------------------------
0      10.0.5.19        12346   10.0.5.19        12346    2        default          default          up        up 

vSmart# clear installed-certificates 
Are you sure you want to clear installed certificates? [yes,NO] yes

vSmart# show control local-properties 
organization-name            Cisco Inc
certificate-status           Not-Installed
root-ca-chain-status         Installed

certificate-validity         Valid
certificate-not-valid-before Apr 07 20:03:36 2014 GMT
certificate-not-valid-after  Apr 07 20:03:36 2015 GMT

dns-name                     10.1.14.14
site-id                      100
domain-id                    1
system-ip                    172.16.255.19
register-interval            0:00:00:30
retry-interval               0:00:00:15
dns-cache-ttl                0:00:30:00
number-vbond-peers           1

INDEX   IP                 PORT
-------------------------------
0       10.1.14.14         12346  

number-active-wan-interfaces 1

       PUBLIC           PUBLIC  PRIVATE          PRIVATE                                             ADMIN     OPERATION 
INDEX  IP               PORT    IP               PORT     VSMARTS  COLOR            CARRIER          STATE     STATE     
------------------------------------------------------------------------------------------------------------------------
0      10.0.5.19        12346   10.0.5.19        12346    2        default          default          up        up 

clear interface statistics

Zero interface statistics.

clear interface statistics [interface interface-name] [queue queue-number] [vpn vpn-id]

Syntax Description

(none)

Zero the statistics on all interfaces and all queues.

queue queue-number

Interface Queue: Zero the statistics on the specified queue.

interface interface-name

Specific Interface: Zero the statistics on the specified interface.

vpn vpn-id

VPN: Zero the interface statistics for interfaces in a specific VPN.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show interface statistics

                RX                    RX      RX       TX                   TX      TX     RX   RX    TX   TX    
VPN  INTERFACE  PACKETS   RX OCTETS   ERRORS  DROPS    PACKETS  TX OCTETS   ERRORS  DROPS  PPS  KBPS  PPS  KBPS  
-----------------------------------------------------------------------------------------------------------------
0    ge0/0      10756769  2545508661  0       1693399  9460046  1401233512  0       1      14   15    15   16    
0    ge0/1      0         0           0       0        0        0           0       0      0    0     0    0     
0    ge0/2      0         0           0       0        0        0           0       0      0    0     0    0     
0    ge0/4      0         0           0       0        0        0           0       0      0    0     0    0     
0    ge0/5      0         0           0       0        0        0           0       0      0    0     0    0     
0    ge0/6      0         0           0       0        0        0           0       0      0    0     0    0     
0    ge0/7      0         0           0       0        0        0           0       0      0    0     0    0     
0    system     0         0           0       0        0        0           0       0      0    0     0    0     
1    ge0/3      214082    68435255    0       37160    156849   14532821    0       3      4    2     4    2     
512  mgmt0      0         0           0       0        0        0           0       0      0    0     0    0  
  
vEdge# clear interface statistics
vEdge# show interface statistics 

                RX       RX      RX      RX     TX       TX      TX      TX     RX   RX    TX   TX    
VPN  INTERFACE  PACKETS  OCTETS  ERRORS  DROPS  PACKETS  OCTETS  ERRORS  DROPS  PPS  KBPS  PPS  KBPS  
------------------------------------------------------------------------------------------------------
0    ge0/0      57       13592   0       8      51       7336    0       0      17   46    13   14    
0    ge0/1      0        0       0       0      0        0       0       0      0    0     0    0     
0    ge0/2      0        0       0       0      0        0       0       0      0    0     0    0     
0    ge0/4      0        0       0       0      0        0       0       0      0    0     0    0     
0    ge0/5      0        0       0       0      0        0       0       0      0    0     0    0     
0    ge0/6      0        0       0       0      0        0       0       0      0    0     0    0     
0    ge0/7      0        0       0       0      0        0       0       0      0    0     0    0     
0    system     0        0       0       0      0        0       0       0      0    0     0    0     
1    ge0/3      42       3744    0       0      26       2772    0       0      4    2     4    2     
512  mgmt0      0        0       0       0      0        0       0       0      0    0     0   

clear ip leak routes vpn

To clear leaked routes for a VPN, use the clear ip leak routes vpn command.

clear ip leak routes vpn vpn-id

Command History

Release Modification
Cisco SD-WAN Release 20.3.1

Command introduced.

clear ip mfib record

Clear the statistics for a particular group, source, or VPN from the Multicast Forwarding Information Base (MFIB) (on vEdge routers only).

clear ip mfib record group group-address source source-address vpn vpn-id [upstream-iif interface-name] [upstream-tunnel ip-address]

Syntax Description

group group-address

source source-address

vpn vpn-id

Clear Statistics from the MFIB: Clear the statistics for a particular group, source, or VPN from the MFIB.

upstream-iif interface-name

Upstream Interface: Clear the MFIB statistics for the specified upstream interface.

upstream-tunnel ip-address

Upstream Tunnel: Clear the MFIB statistics for the specified tunnel to a remote system.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# clear ip mfib record group 254.1.1.1 vpn 1 source 255.1.1.1
vEdge#

clear ip mfib stats

Clear all statistics from the Multicast Forwarding Information Base (MFIB) (on vEdge routers only).

clear ip mfib stats

Examples

vEdge# clear ip mfib stats
vEdge#

Command History

Release

Modification

14.2

Command introduced.

clear ip nat filter

Clear the NAT translational filters (on vEdge routers only).

clear ip nat filter [parameter]

Syntax Description

parameter

Filter Parameter: Clear NAT translation filters associated with the specified parameter.

parameter can be nat-ifname, nat-vpn-id, private-dest-address, private-dest-port, private-source-address, private-source-port, private-vpn-id, and proto. These parameters correspond to some of the column headers in the show ip nat filter command output.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# show ip nat filter nat-vpn      
                            PRIVATE     PRIVATE     PRIVATE  PRIVATE  PUBLIC      PUBLIC      PUBLIC  PUBLIC                                                                 
NAT  NAT                    SOURCE      DEST        SOURCE   DEST     SOURCE      DEST        SOURCE  DEST    FILTER       IDLE        OUTBOUND  OUTBOUND  INBOUND  INBOUND  
VPN  IFNAME  VPN  PROTOCOL  ADDRESS     ADDRESS     PORT     PORT     ADDRESS     ADDRESS     PORT    PORT    STATE        TIMEOUT     PACKETS   OCTETS    PACKETS  OCTETS   
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  4697     4697     10.1.15.15  10.1.14.14  64931   64931   established  0:00:00:41  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  14169    14169    10.1.15.15  10.1.14.14  28467   28467   established  0:00:00:44  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  21337    21337    10.1.15.15  10.1.14.14  44555   44555   established  0:00:00:47  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  28505    28505    10.1.15.15  10.1.14.14  40269   40269   established  0:00:00:50  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  39513    39513    10.1.15.15  10.1.14.14  31859   31859   established  0:00:00:53  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  46681    46681    10.1.15.15  10.1.14.14  1103    1103    established  0:00:00:56  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  57176    57176    10.1.15.15  10.1.14.14  38730   38730   established  0:00:00:35  1         98        1        98       
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  64600    64600    10.1.15.15  10.1.14.14  33274   33274   established  0:00:00:38  1         98        1        98       
0    ge0/0   0    udp       10.1.15.15  10.0.5.19   12346    12346    10.1.15.15  10.0.5.19   64236   12346   established  0:00:19:59  38        8031      23       5551     
0    ge0/0   0    udp       10.1.15.15  10.0.12.20  12346    12346    10.1.15.15  10.0.12.20  64236   12346   established  0:00:19:59  36        7470      23       5551     
0    ge0/0   0    udp       10.1.15.15  10.0.12.22  12346    12346    10.1.15.15  10.0.12.22  64236   12346   established  0:00:19:59  679       598771    434      92925    
0    ge0/0   0    udp       10.1.15.15  10.1.14.14  12346    12346    10.1.15.15  10.1.14.14  64236   12346   established  0:00:19:59  34        3825      9        3607     
0    ge0/0   0    udp       10.1.15.15  10.1.14.14  12346    12350    10.1.15.15  10.1.14.14  64236   12350   established  0:00:19:59  38        5472      23       3634     
0    ge0/0   0    udp       10.1.15.15  10.1.16.16  12346    12346    10.1.15.15  10.1.16.16  64236   12346   established  0:00:19:59  38        5472      23       3634

vEdge# clear ip nat filter proto icmp
vEdge# show ip nat filter nat-vpn
                            PRIVATE     PRIVATE     PRIVATE  PRIVATE  PUBLIC      PUBLIC      PUBLIC  PUBLIC                                                                 
NAT  NAT                    SOURCE      DEST        SOURCE   DEST     SOURCE      DEST        SOURCE  DEST    FILTER       IDLE        OUTBOUND  OUTBOUND  INBOUND  INBOUND  
VPN  IFNAME  VPN  PROTOCOL  ADDRESS     ADDRESS     PORT     PORT     ADDRESS     ADDRESS     PORT    PORT    STATE        TIMEOUT     PACKETS   OCTETS    PACKETS  OCTETS   
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------
0    ge0/0   0    icmp      10.1.15.15  10.1.14.14  59484    59484    10.1.15.15  10.1.14.14  17148   17148   established  0:00:00:58  1         98        1        98       
0    ge0/0   0    udp       10.1.15.15  10.0.5.19   12346    12346    10.1.15.15  10.0.5.19   64236   12346   established  0:00:19:59  143       25726     128      23166    
0    ge0/0   0    udp       10.1.15.15  10.0.12.20  12346    12346    10.1.15.15  10.0.12.20  64236   12346   established  0:00:19:59  141       25165     128      23166    
0    ge0/0   0    udp       10.1.15.15  10.0.12.22  12346    12346    10.1.15.15  10.0.12.22  64236   12346   established  0:00:19:59  788       617422    537      110350   
0    ge0/0   0    udp       10.1.15.15  10.1.14.14  12346    12346    10.1.15.15  10.1.14.14  64236   12346   established  0:00:19:59  129       9335      9        3607     
0    ge0/0   0    udp       10.1.15.15  10.1.14.14  12346    12350    10.1.15.15  10.1.14.14  64236   12350   established  0:00:19:59  227       32688     212      33496    
0    ge0/0   0    udp       10.1.15.15  10.1.16.16  12346    12346    10.1.15.15  10.1.16.16  64236   12346   established  0:00:19:59  227       32688     212      33496  

clear ip nat statistics

Clear the NAT translational interface statistics (on vEdge routers only).

clear ip nat statistics [interface interface-name] [vpn vpn-id]

Syntax Description

interface interface-name vpn vpn-id

Specific Interface: Clear NAT translation statistics associated with the specified interface.

vpn vpn-id

Specific VPN: Clear NAT translation statistics associated with the specified VPN.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# show ip nat interface-statistics
                                                NAT   NAT     NAT     NAT                                INBOUND                                     
             NAT       NAT      NAT     NAT     MAP   FILTER  FILTER  STATE  NAT      OUTBOUND  INBOUND  ICMP                NAT        NAT          
             OUTBOUND  INBOUND  ENCODE  DECODE  ADD   ADD     LOOKUP  CHECK  POLICER  ICMP      ICMP     ERROR    NAT        FRAGMENTS  UNSUPPORTED  
VPN  IFNAME  PACKETS   PACKETS  FAIL    FAIL    FAIL  FAIL    FAIL    FAIL   DROPS    ERROR     ERROR    DROPS    FRAGMENTS  FAIL       PROTO        
-----------------------------------------------------------------------------------------------------------------------------------------------------
0    ge0/0   3852      3360     0       0       0     0       0       0      0        0         0        0        0          0          0            

vEdge# clear ip nat statistics
vEdge# show ip nat interface-statistics
                                                NAT   NAT     NAT     NAT                                INBOUND                                     
             NAT       NAT      NAT     NAT     MAP   FILTER  FILTER  STATE  NAT      OUTBOUND  INBOUND  ICMP                NAT        NAT          
             OUTBOUND  INBOUND  ENCODE  DECODE  ADD   ADD     LOOKUP  CHECK  POLICER  ICMP      ICMP     ERROR    NAT        FRAGMENTS  UNSUPPORTED  
VPN  IFNAME  PACKETS   PACKETS  FAIL    FAIL    FAIL  FAIL    FAIL    FAIL   DROPS    ERROR     ERROR    DROPS    FRAGMENTS  FAIL       PROTO        
-----------------------------------------------------------------------------------------------------------------------------------------------------
0    ge0/0   44        41       0       0       0     0       0       0      0        0         0        0        0          0          0     

clear ipv6 dhcp state

Clear IPv6 DHCP state on the local device (on vEdge routers and vSmart controllers only).

clear ipv6 dhcp state interface interface-name [vpn vpn-id]

Syntax Description

interface interface-name

Interface: Clear the DHCP state of a specific interface.

vpn vpn-id

VPN: Clear the DHCP state of an interface in the specified VPN.

Command History

Release

Modification

16.3

Command introduced.

clear ipv6 neighbor

Refresh dynamically created IPv6 entries in the Address Resolution Protocol (ARP) cache (on vEdge routers and vSmart controllers only).

To clear IPv4 entries in the ARP cache, use the clear arp command.

clear ipv6 neighbor [interface interface-name] [ip-address​] [vpn vpn-id]

Syntax Description

(none)

Refresh all dynamic ARP cache entries.

interface interface-name

Interface: Refresh the dynamic ARP cache entries associated with the specific interface.

ip-address

IP Addresss: Refresh the dynamic ARP cache entries for the specified IP address.

vpn vpn-id

VPN: Refresh the dynamic ARP cache entries for the specific VPN.

Command History

Release

Modification

16.3

Command introduced.

Examples

Edge# show ipv6 neighbor

     IF
VPN  NAME   IP                        MAC                STATE    IDLE TIMER  UPTIME
----------------------------------------------------------------------------------------
0    ge0/0  2001::a01:f0d             00:0c:29:57:29:31  dynamic  0:00:00:00  0:00:06:07
0    ge0/0  2001::a01:f0f             00:0c:29:20:77:53  static   -           0:00:08:31
0    ge0/0  fe80::20c:29ff:fe20:7753  00:0c:29:20:77:53  static   -           0:00:26:32
0    ge0/0  fe80::20c:29ff:fe57:2931  00:0c:29:57:29:31  dynamic  0:00:00:00  0:00:08:06
0    ge0/1  2001::a01:110f            00:0c:29:20:77:5d  static   -           0:00:08:29
0    ge0/1  fe80::20c:29ff:fe20:775d  00:0c:29:20:77:5d  static   -           0:00:08:29
0    ge0/2  fe80::20c:29ff:fe20:7767  00:0c:29:20:77:67  static   -           0:00:26:36
0    ge0/3  2001::a00:140f            00:0c:29:20:77:71  static   -           0:00:08:29
0    ge0/3  fe80::20c:29ff:fe20:7771  00:0c:29:20:77:71  static   -           0:00:08:29
0    ge0/6  2001::3900:10f            00:0c:29:20:77:8f  static   -           0:00:08:28
0    ge0/6  fe80::20c:29ff:fe20:778f  00:0c:29:20:77:8f  static   -           0:00:08:28
0    ge0/7  fe80::20c:29ff:fe20:7799  00:0c:29:20:77:99  static   -           0:00:26:06

vEdge# clear ipv6 neighbor
vEdge# show ipv6 neighbor

     IF
VPN  NAME   IP                        MAC                STATE    IDLE TIMER  UPTIME
----------------------------------------------------------------------------------------
0    ge0/0  2001::a01:f0f             00:0c:29:20:77:53  static   -           0:00:08:31
0    ge0/0  fe80::20c:29ff:fe20:7753  00:0c:29:20:77:53  static   -           0:00:26:32
0    ge0/1  2001::a01:110f            00:0c:29:20:77:5d  static   -           0:00:08:29
0    ge0/1  fe80::20c:29ff:fe20:775d  00:0c:29:20:77:5d  static   -           0:00:08:29
0    ge0/2  fe80::20c:29ff:fe20:7767  00:0c:29:20:77:67  static   -           0:00:26:36
0    ge0/3  2001::a00:140f            00:0c:29:20:77:71  static   -           0:00:08:29
0    ge0/3  fe80::20c:29ff:fe20:7771  00:0c:29:20:77:71  static   -           0:00:08:29
0    ge0/6  2001::3900:10f            00:0c:29:20:77:8f  static   -           0:00:08:28
0    ge0/6  fe80::20c:29ff:fe20:778f  00:0c:29:20:77:8f  static   -           0:00:08:28
0    ge0/7  fe80::20c:29ff:fe20:7799  00:0c:29:20:77:99  static   -           0:00:26:06

clear omp all

Reset OMP peering sessions with all OMP peers (on vSmart controllers and vEdge routers only).

clear omp all

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show omp peers 
R -> routes received
I -> routes installed
S -> routes sent
Peer             Type    Domain-ID  Site-ID  State    Uptime           R/I/S  
-------------------------------------------------------------------------------
1.1.200.2        vsmart  1          3        up       7:17:00:04       65/51/15
1.1.200.3        vsmart  1          11740    up       3:00:29:33       65/0/15

vEdge# clear omp all 
vEdge# show omp peers
Peer             Type    Domain-ID  Site-ID  State    Uptime          R/I/S  
------------------------------------------------------------------------------
1.1.200.2        vsmart  1          3        idle     -               65/51/15
1.1.200.3        vsmart  1          11740    idle     -               65/0/15

clear omp peer

Reset the OMP peering sessions with a specific peer (on vSmart controllers and vEdge routers only). When you reset a peering session, the routes to that peer are removed from the OMP route table, and they are reinstalled when the peer comes back up.

clear omp peer ip-address [soft (in |out)]

Syntax Description

(none)

Reset the specific peering session.

soft in |out

Refresh the Peering Session: Re-apply the inbound or outbound policy to the specific peering session.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show omp peers
R -> routes received
I -> routes installed
S -> routes sent
                         DOMAIN    SITE                                
PEER             TYPE    ID        ID        STATE    UPTIME           R/I/S  
------------------------------------------------------------------------------
172.16.255.19    vsmart  1         100       up       0:00:08:32       11/11/0
172.16.255.20    vsmart  1         200       up       0:00:08:31       11/0/0

vEdge# show omp routes
Code:
C   -> chosen
I   -> installed
Red -> redistributed
Rej -> rejected
L   -> looped
R   -> resolved
S   -> stale
Ext -> extranet
Inv -> invalid

ADDRESS                                         PATH                                                          
FAMILY   VPN  PREFIX             FROM PEER      ID    LABEL  STATUS  TLOC IP        COLOR  ENCAP  PREFERENCE  
--------------------------------------------------------------------------------------------------------------
ipv4     1    10.2.2.0/24        172.16.255.19  133   3806   C,I,R   172.16.255.11  lte    ipsec  -           
                                 172.16.255.20  43    3806   C,R     172.16.255.11  lte    ipsec  -           
         1    10.2.3.0/24        172.16.255.19  134   16355  C,I,R   172.16.255.21  lte    ipsec  -           
                                 172.16.255.20  44    16355  C,R     172.16.255.21  lte    ipsec  -           
         1    10.20.24.0/24      172.16.255.19  127   34885  C,I,R   172.16.255.15  lte    ipsec  -           
                                 172.16.255.20  20    34885  C,R     172.16.255.15  lte    ipsec  -           
         1    10.20.25.0/24      172.16.255.19  131   61944  C,I,R   172.16.255.16  lte    ipsec  -           
                                 172.16.255.20  17    61944  C,R     172.16.255.16  lte    ipsec  -           
         1    56.0.1.0/24        172.16.255.19  126   34885  C,I,R   172.16.255.15  lte    ipsec  -           
                                 172.16.255.20  19    34885  C,R     172.16.255.15  lte    ipsec  -           
         1    60.0.1.0/24        172.16.255.19  130   61944  C,I,R   172.16.255.16  lte    ipsec  -           
                                 172.16.255.20  16    61944  C,R     172.16.255.16  lte    ipsec  -           
         1    61.0.1.0/24        172.16.255.19  129   61944  C,I,R   172.16.255.16  lte    ipsec  -           
                                 172.16.255.20  15    61944  C,R     172.16.255.16  lte    ipsec  -           
         1    172.16.255.112/32  172.16.255.19  135   3806   C,I,R   172.16.255.11  lte    ipsec  -           
                                 172.16.255.19  136   16355  C,I,R   172.16.255.21  lte    ipsec  -           
                                 172.16.255.20  45    3806   C,R     172.16.255.11  lte    ipsec  -           
                                 172.16.255.20  46    16355  C,R     172.16.255.21  lte    ipsec  -           
         1    172.16.255.117/32  172.16.255.19  128   34885  C,I,R   172.16.255.15  lte    ipsec  -           
                                 172.16.255.20  21    34885  C,R     172.16.255.15  lte    ipsec  -           
         1    172.16.255.118/32  172.16.255.19  132   61944  C,I,R   172.16.255.16  lte    ipsec  -           
                                 172.16.255.20  18    61944  C,R     172.16.255.16  lte    ipsec  -          

vEdge# clear omp peer 172.16.255.19

vm4# show omp peers 
R -> routes received
I -> routes installed
S -> routes sent

                         DOMAIN    SITE                                
PEER             TYPE    ID        ID        STATE    UPTIME           R/I/S  
------------------------------------------------------------------------------
172.16.255.19    vsmart  1         100       up       0:00:00:00       0/0/0
172.16.255.20    vsmart  1         200       up       0:00:09:01       11/11/0

vEdge# show omp routes 
Code:
C   -> chosen
I   -> installed
Red -> redistributed
Rej -> rejected
L   -> looped
R   -> resolved
S   -> stale
Ext -> extranet
Inv -> invalid

ADDRESS                                         PATH                                                          
FAMILY   VPN  PREFIX             FROM PEER      ID    LABEL  STATUS  TLOC IP        COLOR  ENCAP  PREFERENCE  
--------------------------------------------------------------------------------------------------------------
ipv4     1    10.2.2.0/24        172.16.255.20  43    3806   C,I,R   172.16.255.11  lte    ipsec  -           
         1    10.2.3.0/24        172.16.255.20  44    16355  C,I,R   172.16.255.21  lte    ipsec  -           
         1    10.20.24.0/24      172.16.255.20  20    34885  C,I,R   172.16.255.15  lte    ipsec  -           
         1    10.20.25.0/24      172.16.255.20  17    61944  C,I,R   172.16.255.16  lte    ipsec  -           
         1    56.0.1.0/24        172.16.255.20  19    34885  C,I,R   172.16.255.15  lte    ipsec  -           
         1    60.0.1.0/24        172.16.255.20  16    61944  C,I,R   172.16.255.16  lte    ipsec  -           
         1    61.0.1.0/24        172.16.255.20  15    61944  C,I,R   172.16.255.16  lte    ipsec  -           
         1    172.16.255.112/32  172.16.255.20  45    3806   C,I,R   172.16.255.11  lte    ipsec  -           
                                 172.16.255.20  46    16355  C,I,R   172.16.255.21  lte    ipsec  -           
         1    172.16.255.117/32  172.16.255.20  21    34885  C,I,R   172.16.255.15  lte    ipsec  -           
         1    172.16.255.118/32  172.16.255.20  18    61944  C,I,R   172.16.255.16  lte    ipsec  -         

clear omp routes

Recalculate the OMP routes and resend the routes to the IP route table (on vSmart controllers and vEdge routers only).

clear omp routes

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# clear omp routes
vEdge#

clear omp tlocs

Recalculate the OMP TLOCs and resend the TLOCs to the route table (on vSmart controllers and vEdge routers only).

clear omp tlocs

Command History

Release

Modification

14.1

Command introduced.

Example

vEdge# clear omp tlocs
vEdge#

clear orchestrator connections-history

Clear the history of connections and connection attempts made by the vBond orchestrator (on vBond orchestrators only).

clear orchestrator connections-history

Command History

Release

Modification

16.1

Command introduced.

Examples

Show orchestrator connections-history

vEdge# show orchestrator connections-history 
Legend for Errors
BDSGVERFL  - Board ID signature verify failure        ORPTMO    - Remote client peer timeout
BIDNTPR    - Board ID not initialized                 RMGSPR    - Remove global saved peer
BIDNTVRFD  - Peer board ID certificate not verified   RXTRDWN   - Received teardown
CRTREJSER  - Challenge response rejected by peer      RDSIGFBD  - Read signature from board ID failed
CRTVERFL   - Fail to verify peer certificate          SSLNFAIL  - Failure to create new SSL context
CTORGNMMIS - Certificate organization name mismatch   SERNTPRES - Serial number not present
DCONFAIL   - DTLS connection failure                  TMRALC    - Memory failure
DEVALC     - Device memory allocation failures        TUNALC    - Memory failure
DHSTMO     - DTLS handshake timeout                   UNMSGBDRG - Unknown message type or bad register message
DISCVBD    - Disconnect vBond after register reply    UNAUTHEL  - Recd hello from unauthenticated peer
DISTLOC    - TLOC disabled                            VBDEST    - vDaemon process terminated
DUPSER     - Duplicate serial number                  VECRTREV  - vEdge certification revoked
IP_TOS     - Socket options failure                   VSCRTREV  - vSmart certificate revoked
LISFD      - Listener socket FD error                 VB_TMO    - Peer vBond timed out
MEMALCFL   - Memory allocation failure                VM_TMO    - Peer vManage timed out
NOACTVB    - No active vBond found to connect to      VP_TMO    - Peer vEdge timed out
NOERR      - No error                                 VS_TMO    - Peer vSmart timed out
NOSLPRCRT  - Unable to get peer's certificate         XTVSTRDN  - Extra vSmart teardown

                                                                            PEER     PEER             PEER                                                                             
PEER     PEER     PEER             SITE        DOMAIN      PEER             PRIVATE  PEER             PUBLIC                   LAST                                 TIME WHEN          
TYPE     PROTOCOL SYSTEM IP        ID          ID          PRIVATE IP       PORT     PUBLIC IP        PORT    REMOTE COLOR     STATE                LOCAL/REMOTE    LAST CHANGED       
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:23:14
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:23:14
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:23:00
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:22:44
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:22:43
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              trying             RXTRDWN/DISCVBD   2014-07-21T18:22:28
vmanage  dtls     172.16.255.22    200         0           10.0.12.22       12346    10.0.12.22       12346   default          tear_down           VM_TMO/NOERR     2014-07-21T18:22:28
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:47
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:46
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:46
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:31
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:31
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:31
vsmart   dtls     172.16.255.20    100         1           10.0.12.20       12346    10.0.12.20       12346   default          up                 RXTRDWN/DISTLOC   2014-07-21T13:39:15
vedge    dtls     172.16.255.16    600         1           10.1.16.16       12346    10.1.16.16       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:10
vedge    dtls     172.16.255.14    400         1           10.1.14.14       12350    10.1.14.14       12350   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:10
vedge    dtls     172.16.255.15    500         1           10.1.15.15       12346    10.1.15.15       12346   lte              trying             RXTRDWN/DISCVBD   2014-07-21T13:39:10
vBond# clear orchestrator connections-history
vBond# show orchestrator connections-history
vBond#

clear ospf all

Reset OSPF in a VPN (on vEdge routers only).

clear ospf all vpn vpn-id

Syntax Description

vpn vpn-id

VPN: Reset OSPF in the specified VPN.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show ospf neighbor vpn 1
DBsmL -> Database Summary List
RqstL -> Link State Request List
RXmtl -> Link State Retransmission List

                  IF     IF                                DEAD                      
VPN  ADDRESS      INDEX  NAME   NEIGHBOR ID    STATE  PRI  TIME  DBsmL  RqstL  RXmtL 
--------------------------------------------------------------------------------------
1    10.20.24.17  0      ge0/4  172.16.255.17  full   1    31    0      0      0     

vEdge# clear ospf all vpn 1
vEdge# show ospf neighbor vpn 1
%  No entries found.

clear ospf database

Delete the entries in the OSPF link-state database learned from OSPF neighbors (on vEdge routers only). Use this command for troubleshooting OSPF or to reset the link-state database if you suspect that it has been corrupted.

clear ospf database vpn vpn-id

Syntax Description

vpn vpn-id

VPN: Clear the OSPF link-state database of entries from the specified VPN.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# show ospf database router 
           LSA                LINK             ADVERTISING                                               
VPN  AREA  TYPE               ID               ROUTER           AGE      CHECKSUM  SEQ#        
-----------------------------------------------------------------------------------------------
1    0     router             172.16.255.15    172.16.255.15    143      0x27ee    0x8000000f  
1    0     router             172.16.255.17    172.16.255.17    24       0x27ea    0x8000000d  

vEdge# clear ospf database vpn 1 
vEdge# show ospf database router
           LSA                LINK             ADVERTISING                                               
VPN  AREA  TYPE               ID               ROUTER           AGE      CHECKSUM  SEQ#        
-----------------------------------------------------------------------------------------------
1    0     router             172.16.255.15    172.16.255.15    164      0x27ee    0x8000000f 

clear pim interface

Clear PIM interfaces, and relearn all PIM neighbors and joins (on vEdge routers only).

clear pim interface vpnvpn-id [interface-name]

Syntax Description

interface-name vpn vpn-id

Interface Name: Release the PIM neighbors and joins on a specific interface in a specific VPN.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# clear pim interface interface ge0/0 vpn 1
vEdge#

clear pim neighbor

Clear a PIM neighbor (on vEdge routers only).

clear pim neighbor ip-address vpn vpn-id

Syntax Description

ip-address vpn vpn-id

Neighbor To Clear: Clear a specific neighbor in the specified VPN.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# clear pim neighbor 254.1.1.1 vpn 1
vEdge#

clear pim protocol

Clear all PIM protocol state (on vEdge routers only).

clear pim protocol vpn vpn-id

Syntax Description

vpn vpn-id

VPN: Clear the PIM protocol state for the specified VPN.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# clear pim protocol vpn 1
vEdge#

clear pim rp-mapping

Clear the mappings of multicast groups to RPs (on vEdge routers only).

clear pim rp-mapping [vpn vpn-id]

Syntax Description

(none)

Clear all group-to-RP mappings.

vpn vpn-id

VPN: Clear the group-to-RP mappings for a specific VPN.

Command History

Release

Modification

14.3

Command introduced.

Examples

vEdge# show pim rp-mapping 
VPN TYPE     GROUP            RP ADDRESS 
---------------------------------------
1     Auto-RP 224.0.0.0/4 60.0.1.100 
2     Auto-RP 224.0.0.0/4 60.0.2.100  
vEdge# clear pim rp-mapping 
vEdge# show pim rp-mapping 
%  No entries found.   

clear pim statistics

Clear all PIM-related statistics on the router, and relearn all PIM neighbors and joins (on vEdge routers only).

clear pim statistics [vpnvpn-id]

Syntax Description

(none)

Clear all PIM statistics, neighbors, and joins, and then relearn them.

vpnvpn-id

VPN: Clear the PIM statistics, neighbors, and joins in the specified VPN, and then relearn them.

Command History

Release

Modification

14.2

Command introduced.

Examples

vEdge# show pim statistics
VPN 1 STATISTICS
-------------------------------------------
MESSAGE TYPE         RECEIVED          SENT
-------------------------------------------
Hello                    2455          2528
Join-Prune                115            82
AutoRP Announce             0             -
AutoRP Mapping              0             -
Unsupported                 0             -
Unknown                     0             -
Bad                      1440             -
vEdge# clear pim statistics   
vEdge# show pim statistics 
VPN 1 STATISTICS
-------------------------------------------
MESSAGE TYPE         RECEIVED          SENT
-------------------------------------------
Hello                       0             0
Join-Prune                  0             0
AutoRP Announce             0             -
AutoRP Mapping              0             -
Unsupported                 0             -
Unknown                     0             -
Bad                         0             -

clear policer statistics

Clear the policer out-of-specification (OOS) packet statistics (on vEdge routers only). A policed packet is out of specification when the policer does not allow it to pass. Depending on the policer configuration, these packets are either dropped or they are remarked, which sets the packet loss priority (PLP) value on the egress interface to high.

clear policer statistics

Command History

Release

Modification

16.3

Command introduced.

Examples

Clear the policer OOS packet statistics

vEdge# show policer  
                                                  OOS     OOS   
NAME       INDEX  DIRECTION  RATE          BURST  ACTION  PKTS  
----------------------------------------------------------------
ge0_0_llq  10     out        200000000000  15000  drop    2499     
ge0_3_llq  11     out        200000000000  15000  drop    3212

vEdge# clear policer statistics
vEdge# show policer  
                                                  OOS     OOS   
NAME       INDEX  DIRECTION  RATE          BURST  ACTION  PKTS  
----------------------------------------------------------------
ge0_0_llq  10     out        200000000000  15000  drop    0     
ge0_3_llq  11     out        200000000000  15000  drop    0

clear policy

Reset all counters for IPv4 access lists or data policies (on vSmart controllers and vEdge routers only).

clear policy (access-list acl-name | app-route-policy policy-name | data-policy policy-name)

Syntax Description

access-list acl-name

Access List Counters: Zero the counters associated with the specified access list.

app-route-policy policy-name

Application-Aware Routing Policy Counter: Zero the counters associated with the specified application-aware routing policy.

data-policy policy-name

Data Policy Counters: Zero the counters associated with the specified data policy.

Command History

Release

Modification

14.1

Command introduced.

clear policy zbfw filter-statistics

Clear the count of the packets that match a zone-based firewall's match criteria and the number of bytes that match the criteria (on vEdge routers only).

clear policy zbfw filter-statistics

Command History

Release

Modification

18.2

Command introduced.

Examples

Display statistics about packets that the router has processed with zone-based firewall policy

vEdge# show policy zbfw filter-staatistics  

NAME           COUNTER NAME   PACKETS  BYTES 
----------------------------------------------  
ZONE-POLICY-1  counter_seq_1  2        196
vEdge# show policy zbfw filter-staatistics
vEdge#

clear policy zbfw global-statistics

Zero the statistics about the packets processed by zone-based firewalls (on vEdge routers only).

clear policy zbfw global-statistics

Command History

Release

Modification

18.2

Command introduced.

Examples

Clear the statistics about packets that the router has processed with zone-based firewalls

vEdge# clear zbfw global-statistics
vEdge# show zbfw global-statistics  
        fragments                   : 0
        fragments fail              : 0
        state check fail            : 0
        flow add fail               : 0
        unsupported proto           : 0
        number of flow entries      : 0
        max half open exceeded      : 0
 
        Packets Implicitly Dropped  :
          During Policy Change      : 0
          No Pair for Diff Zone     : 0
          Zone to No Zone           : 0
 
        Packets Implicitly Allowed  :
          No Pair Same Zone         : 0
          No Zone to No Zone        : 0

clear policy zbfw sessions

Clear the session flow information for zone pairs configured with a zone-based firewall policy (on vEdge routers only).

show policy zbfw sessions [name pair-name]

Syntax Description

(none)

Clear the session flow entries for all zone pairs.

name pair-name

Zone Pair Name: Clear the session flow entries for the specified zone pair.

Command History

Release

Modification

18.2

Command introduced.

Examples

Clear all session flow information

vEdge# show policy zbfw sessions  

ZONE PAIR      SOURCE IP    DESTINATION  SOURCE  DESTINATION            SOURCE  DESTINATION  IDLE        OUTBOUND  OUTBOUND  INBOUND  INBOUND  FILTER      
NAME      VPN  ADDRESS      IP ADDRESS   PORT    PORT         PROTOCOL  VPN     VPN          TIMEOUT     PACKETS   OCTETS    PACKETS  OCTETS   STATE       
------------------------------------------------------------------------------------------------------------------------------------------------------------
zp1       1    10.20.24.17  10.20.25.18  44061   5001         TCP       1       1            0:00:59:59  12552     17581337  6853     463590   established 
zp1       1    10.20.24.17  10.20.25.18  44062   5001         TCP       1       1            0:01:00:00  10151     14217536  5561     375290   established 
zp1       1    10.20.24.17  10.20.25.18  44063   5001         TCP       1       1            0:00:59:59  7996      11198381  4262     285596   established 
zp1       1    10.20.24.17  10.20.25.18  44064   5001         TCP       1       1            0:00:59:59  7066      9895451   3826     257392   established 
zp1       1    10.20.24.17  10.20.25.18  44065   5001         TCP       1       1            0:00:59:59  13471     18868856  7440     504408   established 
zp1       1    10.20.24.17  10.20.25.18  44066   5001         TCP       1       1            0:00:59:59  8450      11834435  4435     295718   established 
vEdge# clear policy zbfw sessions
vEdge# show policy zbfw sessions

ZONE PAIR      SOURCE IP    DESTINATION  SOURCE  DESTINATION            SOURCE  DESTINATION  IDLE        OUTBOUND  OUTBOUND  INBOUND  INBOUND  FILTER      
NAME      VPN  ADDRESS      IP ADDRESS   PORT    PORT         PROTOCOL  VPN     VPN          TIMEOUT     PACKETS   OCTETS    PACKETS  OCTETS   STATE       
------------------------------------------------------------------------------------------------------------------------------------------------------------
zp1       1    10.20.24.17  10.20.25.18  44061   5001         TCP       1       1            0:00:59:59  0         0         0        0         established
zp1       1    10.20.24.17  10.20.25.18  44062   5001         TCP       1       1            0:01:00:00  0         0         0        0         established
zp1       1    10.20.24.17  10.20.25.18  44063   5001         TCP       1       1            0:00:59:59  0         0         0        0         established
zp1       1    10.20.24.17  10.20.25.18  44064   5001         TCP       1       1            0:00:59:59  0         0         0        0         established
zp1       1    10.20.24.17  10.20.25.18  44065   5001         TCP       1       1            0:00:59:59  0         0         0        0         established
zp1       1    10.20.24.17  10.20.25.18  44066   5001         TCP       1       1            0:00:59:59  0         0         0        0         established

clear pppoe statistics

Zero PPPoE statistics.

clear pppoe statistics

Command History

Release

Modification

15.3.3

Command introduced.

Examples

vEdge# show pppoe statistics

      pppoe_tx_pkts             :      73 
      pppoe_rx_pkts             :      39 
      pppoe_tx_session_drops    :      0 
      pppoe_rx_session_drops    :      0 
      pppoe_inv_discovery_pkts  :      0 
      pppoe_ccp_pkts            :      12 
      pppoe_ipcp_pkts           :      16 
      pppoe_lcp_pkts            :      35 
      pppoe_padi_pkts           :      4 
      pppoe_pado_pkts           :      2 
      pppoe_padr_pkts           :      2 
      pppoe_pads_pkts           :      2 
      pppoe_padt_pkts           :      2 

vEdge# clear pppoe statistics
vEdge# show pppoe statistics
 
      pppoe_tx_pkts             :      0 
      pppoe_rx_pkts             :      0 
      pppoe_tx_session_drops    :      0 
      pppoe_rx_session_drops    :      0 
      pppoe_inv_discovery_pkts  :      0 
      pppoe_ccp_pkts            :      0 
      pppoe_ipcp_pkts           :      0 
      pppoe_lcp_pkts            :      0 
      pppoe_padi_pkts           :      0 
      pppoe_pado_pkts           :      0 
      pppoe_padr_pkts           :      0 
      pppoe_pads_pkts           :      0
      pppoe_padt_pkts           :      0 

clear reverse-proxy context

Clear an installed proxy certificate and reset the control connections that are associated with the proxy (on vEdge routers only).

clear reverse-proxy context

Command History

Release

Modification

18.2

Command introduced.

Examples

Clear the installed proxy certificate on a vEdge router

vEdge# show certificate reverse-proxy

Reverse proxy certificate
------------------

Certificate:
    Data:
        Version: 1 (0x0)
        Serial Number: 2 (0x2)
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=California, O=Viptela, OU=ViptelaVmanage, CN=813fd02c-acca-4c19-857b-119da60f257f
        Validity
            Not Before: May 11 21:43:29 2018 GMT
            Not After : May  4 21:43:29 2048 GMT
        Subject: C=US, ST=California, CN=47bd1f2b-3abe-41cd-9b9f-e84db7fd2377, O=ViptelaClient
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:2e:f3:68:8b:0d:7b:3f:0d:ca:a3:74:7c:dd:
                    70:0c:25:26:ac:8b:8f:37:60:00:4b:fc:4d:3f:11:
                    d9:94:df:31:4c:f8:a5:88:8b:65:e8:d5:21:7c:47:
                    21:34:8e:93:c7:7f:24:6d:2b:4c:51:9b:a7:f8:8f:
                    0f:e2:f4:85:0e:49:dd:ed:6b:ed:40:d2:5e:a0:7c:
                    a6:7f:26:d2:ff:2b:a4:39:34:51:0f:3d:7f:85:31:
                    b4:c9:ec:06:d4:37:03:ac:41:5a:34:3d:96:4f:d9:
                    cd:be:e3:22:7a:9b:24:1b:3b:c9:5c:c5:48:97:5d:
                    7a:7a:8e:80:ab:e8:a2:8f:b3:35:45:07:b0:46:2e:
                    b9:d5:4c:8c:42:6a:1e:8a:90:a4:11:76:6f:61:07:
                    1d:2a:c9:9d:57:42:87:3f:5b:d1:91:0b:7c:8c:f2:
                    62:68:a7:e3:d5:da:c9:40:a3:c4:1a:ae:4f:d5:6c:
                    2e:ec:2e:dc:2f:06:31:a8:da:13:b0:e4:3a:16:17:
                    2d:7a:30:ee:b2:e0:d5:93:a9:53:ee:e5:b2:68:5a:
                    d9:2b:82:93:5e:65:7d:63:8f:0a:8c:39:0b:f0:64:
                    ec:4a:cb:91:c0:59:37:31:dc:31:75:40:df:2c:8f:
                    67:f1:bf:b6:5e:40:ce:a5:c6:59:d0:c4:e2:11:2b:
                    0c:c3
                Exponent: 65537 (0x10001)
    Signature Algorithm: sha256WithRSAEncryption
         0b:5e:9d:30:29:dd:4a:25:5f:44:6d:02:15:35:72:d9:44:33:
         fa:a7:b5:d5:f5:68:09:47:81:ba:22:46:1a:c5:aa:a6:69:10:
         93:40:8c:18:34:b5:1f:57:a3:2d:7d:9f:86:76:b9:51:2d:2c:
         5f:ce:74:1c:66:5e:1d:e5:8c:26:02:e4:63:fe:b1:1b:a5:e2:
         3a:03:07:23:ca:43:38:93:49:cf:3c:d0:5d:c3:33:cd:d6:26:
         8b:a9:b8:5f:63:80:99:09:d6:dd:fb:14:43:bf:17:03:6b:2d:
         59:c5:cb:41:6d:7e:9e:c8:27:13:10:d5:05:df:cc:b2:7a:81:
         b1:9f:11:60:3a:69:67:25:b4:f3:ab:36:a7:d1:88:bb:7b:72:
         b2:b4:63:df:4b:42:74:7f:99:04:4a:bb:76:0a:46:53:71:1a:
         db:8a:1c:93:8f:fa:ae:5b:8d:9e:e5:10:07:a1:5d:d9:88:a1:
         2d:04:13:9f:11:c8:8b:6b:b0:59:f9:48:14:c8:c4:9e:ff:6a:
         38:12:92:e3:20:fa:f7:f0:58:34:16:62:7c:6a:c9:32:41:7e:
         53:4e:e4:8c:af:4a:e3:14:77:b3:b7:d4:0e:17:1e:f6:13:b1:
         f0:9c:af:6e:38:3c:cc:24:79:3e:01:4b:3f:d2:12:f2:1c:f5:
         75:c6:6c:f3
vEdge# clear reverse-proxy context
vEdge# show reverse-proxy certificate
vEdge#

clear system statistics

Clear system-wide forwarding statistics.

clear system statistics

Command History

Release

Modification

14.1

Command introduced.

Examples

 vEdge# show system statistics
                         rx_pkts:         13330516
                        rx_drops:              322
                          ip_fwd:         18810968
                      ip_fwd_arp:               10
                ip_fwd_to_egress:          9597667
                ip_fwd_null_nhop:              109
                   ip_fwd_to_cpu:          2134168
                 ip_fwd_rx_ipsec:          7149794
                        rx_bcast:               29
                        rx_mcast:           118251
             rx_mcast_link_local:           118251
           rx_implicit_acl_drops:            41570
                  rx_ipsec_decap:          7148928
              rx_spi_ipsec_drops:              854
                 rx_replay_drops:               12
                 rx_non_ip_drops:          1731850
           bfd_tx_record_changed:            13924
         rx_arp_rate_limit_drops:               43
          rx_arp_non_local_drops:            17226
                     rx_arp_reqs:           176215
                  rx_arp_replies:            23142
                    arp_add_fail:              311
                         tx_pkts:         24625271
                        tx_bcast:               85
                        tx_mcast:           118187
                  ip_disabled_tx:                3
              tx_fragment_needed:             2918
               fragment_df_drops:              279
                    tx_fragments:             5278
                   tx_ipsec_pkts:          7560752
                  tx_ipsec_encap:          7560752
               tx_pre_ipsec_pkts:          7558392
              tx_pre_ipsec_encap:          7558392
                  tx_arp_replies:           176217
                     tx_arp_reqs:            23163
                  tx_no_arp_drop:                1
                     bfd_tx_pkts:          7510883
                     bfd_rx_pkts:          7119130
                    bfd_rec_down:               18
                    rx_pkt_qos_0:          2148610
                    rx_pkt_qos_1:           157403
                    rx_pkt_qos_2:         16623962
                    rx_pkt_qos_4:               10
                    rx_pkt_qos_7:          9251604
           icmp_rx.echo_requests:               15
            icmp_rx.echo_replies:           257071
            icmp_rx.host_unreach:               13
            icmp_rx.port_unreach:               58
       icmp_rx.dst_unreach_other:               11
       icmp_rx.fragment_required:               28
             icmp_rx.ttl_expired:                9
           icmp_tx.echo_requests:           257764
            icmp_tx.echo_replies:                2
         icmp_tx.network_unreach:               28
            icmp_tx.port_unreach:              137
       icmp_tx.fragment_required:              279
       
vEdge# clear system statistics 

vEdge# show system statistics  
                         rx_pkts:               67
                          ip_fwd:               90
                ip_fwd_to_egress:               44
                   ip_fwd_to_cpu:               17
                 ip_fwd_rx_ipsec:               30
                        rx_mcast:                1
             rx_mcast_link_local:                1
                  rx_ipsec_decap:               30
                 rx_non_ip_drops:                6
                  rx_arp_replies:                1
                         tx_pkts:              106
                   tx_ipsec_pkts:               31
                  tx_ipsec_encap:               31
               tx_pre_ipsec_pkts:               31
              tx_pre_ipsec_encap:               31
                     tx_arp_reqs:                1
                     bfd_tx_pkts:               31
                     bfd_rx_pkts:               30
                    rx_pkt_qos_0:               14
                    rx_pkt_qos_1:                2
                    rx_pkt_qos_2:               67
                    rx_pkt_qos_7:               46
            icmp_rx.echo_replies:                1
           icmp_tx.echo_requests:                1

clear tunnel statistics

Zero the information about the packets transmitted and received on the IPsec connections that originate on the local router (on vEdge routers only).

clear tunnel statistics

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# clear tunnel statistics 

vEdge# show tunnel statistics 
Tunnel[986]: Tunnel Type IPSec 10.0.0.8->75.21.94.46
                         rx_pkts:                2
                       rx_octets:              284
                         tx_pkts:                4
                       tx_octets:              388
Tunnel[986] BFD Record Index 1740:
                         tx_pkts:                2
                         rx_pkts:                2
                     Tx Err Code:             None
                     Rx Err Code:             None
Tunnel[1697]: Tunnel Type IPSec 10.0.0.8->25.6.101.120
                         rx_pkts:                2
                       rx_octets:              284
                         tx_pkts:                4
                       tx_octets:              388
Tunnel[1697] BFD Record Index 1717:
                         tx_pkts:                2
                         rx_pkts:                2
                     Tx Err Code:             None
                     Rx Err Code:             None
...

clear wlan radius-stats

Clear the statistics about the sessions with RADIUS servers being used for WLAN authentication (on vEdge routers only).

clear wlan radius-stats [vapnumber]

Syntax Description

vapnumber

VAP Interface: Virtual access point instance.

Range: 0 through 3.

Command History

Release

Modification

17.1

Command introduced.

clock

Set the time and date on the device. If you have configured NTP on the device, the NTP time overwrites the time and date that you set with the clock command.

clock set date ccyy-mm-dd

clock set time hh:mm:ss.sss

Syntax Description

ccyy-mm-dd

Date: Set the date by specifying four-digit year, two-digit month, and two-digit day. The year can be from 2000 to 2060.

hh:mm:ss.sss

Time: Set the time by two-digit hour (using a 24-hour clock), two-digit minute, two-digit seconds, and an optional three-digit hundredths of seconds.


Note


You must set the time and date in a single command, but the order in which you specify them does not matter.


Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# clock set time 14:30:00 date 2013-11-25
vEdge# show uptime
14:30:03 up 13:51, 1 user, load average: 0.00, 0.01, 0.05

commit

Confirm or cancel a pending commit operation. You issue this commit command from operational mode. You establish a pending commit operation by using the commit confirmed configuration session management command.

commit (abort | confirm) [persist-id id]

Syntax Description

confirm

Confirm a Pending Commit Operation: Confirm a pending commit operation that was issued with the commit confirmed configuration command. You must confirm the commit operation with the time specified with the commit confirmed command; otherwise, the commit is canceled.

abort

Halt a Pending Commit Operation: Halt a pending commit operation that was issued with the commit confirmed command. This is the default operation for a pending commit operation. The commit is also canceled if the CLI session is terminated before you issue a commit confirm command.

persist-id id

Token to Identify the Pending Commit Operation: If you specified a token, id, when you initiated the pending commit operation, specify that token to either cancel or confirm the commit.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# commit confirm
Commit complete. Configuration is now permanent.

complete-on-space

Have the CLI automatically complete a command name when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.

complete-on-space (false | true)

Syntax Description

false

Do Not Perform Command Completion: Do not have the CLI perform command completion when you press the space bar. This is the default setting.

true

Perform Command Completion: Have the CLI perform command completion when you press the space bar.

Command History

Release

Modification

14.1

Command introduced.

14.2

Default changed from true to false in Release 14.2.

Examples

vEdge# complete-on-space false
vEdge# hel
----------^
syntax error: expecting
vEdge# complete-on-space true
vEdge# help

config

Enter configuration mode for vEdge devices. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.


Note


Cisco IOS XE routers such as aggregation and integrated services routers should use the command config-transaction to enter configuration mode. The config terminal command is not supported on SD-WAN routers.


config (exclusive | no-confirm | shared | terminal)

Syntax Description

(none)

Edit a private copy of the running configuration. This private copy is not locked, so another user could also edit it at the same time.

terminal

Allow Editing from This Terminal Only: Edit a private copy of the running configuration. This private copy is not locked, so another user could also edit it at the same time.

no-confirm

Do Not Allow a Commit Confirmation: Edit a private copy of the running configuration and do not allow the commit confirmed command to be used to commit the configuration.

exclusive

Exclusive Edit: Lock the running configuration and the candidate configuration, and edit the candidate configuration. No one else can edit the candidate configuration as long as it is locked.

shared

Shared Edit: Edit the candidate configuration without locking it. This option allows another person to edit the candidate configuration at the same time.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# config
Entering configuration mode terminal
vEdge(config)#

controller-mode

To switch from autonomous mode to controller and from controller mode to autonomous mode use the controller-mode command in Privileged EXEC mode.

controller-mode { enable | disable }

Syntax Description

enable

Enables controller mode.

disable

Disables controller mode.

Command Default

The device exists in the day 0 configuration mode.

Command Modes

Privileged EXEC #

Command History

Release Modification
Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

This command was introduced.

Usage Guidelines

When you switch the device mode from autonomous to controller, the startup configuration and the information in NVRAM (certificates), are erased. This action is same as the write erase. If you switch back to autonomous mode, the IOS XE configuration is not restored because the startup configuration is empty. You have to manually restore configuration from the backup. .

When you switch the device mode from controller to autonomous, all Yang-based configuration is preserved and can be reused if you switch back to controller mode. If you switch back to controller mode, the original configuration in controller mode is preserved.

If the mode change CLI is invoked from a Telnet terminal, the mode change operation is not permitted unless auto-boot variables are set in ROMmon.

Example

Use the controller-mode disable command the device to autonomous mode.

Device# controller-mode disable

Use the controller-mode enable command switches the device to Controller mode.

Device# controller-mode enable

debug

Enable and disable debugging mode for all or selected software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.

[no] debug all

[no] debug aaa login (radius | tacacs)

[no] debug bgp (all | events | fsm | ipcs | packets) vpn vpn-id

[no] debug cflowd (cli | events | ipc | misc | pkt_tx) [level (high | low)]

[no] debug chmgr all

[no] debug cloudexpress (events | ftm | omp | rtm | ttm) [level (high | low)]

[no] debug confd (developer-log [level (high | low)] | snmp)

[no] debug config-mgr (events | pppoe | ra) [level (high | low)]

[nodebug dbgd (events)

[no] debug dhcp-client (all | events | packets)

[no] debug dhcp-helper (all | events | packets)

[no] debug fpm (all | config | dpi | policy | ttm)

[no] debug ftm all

[no] debug igmp (config | events | fsm | ipc | packets) [level (high | low)]

[no] debug iked (all | confd | error | events | misc) [level (high | low)]

[no] debug netconf traces

[no] debug omp (all | events | ipcs | packets)

[no] debug ospf (all | events | ipcs | ism | lsa | nsm | nssa | packets) vpn vpn-id

[no] debug pim (auto-rp | events | fsm | ipcs | packets) [level (high | low)] vpn vpn-id

[no] debug platform software sdwan tracker

[no] debug resolver events [level (high | low)]

[no] debug rtm (events | ipc | next-hop | packets | rib) vpn vpn-id

[no] debug snmp events [level (high | low)]

[no] debug sysmgr all

[no] debug transport events [level (high | low)]

[no] debug tcpd [level (high | low)]

[no] debug ttm events

[no] debug vrrp (all | events | packets) vpn vpn-id

Syntax Description

[no] debug all

All: Control debugging for all software functions that can be debugged.

[no] debug aaa login (radius | tacacs)

AAA Login via RADIUS or TACACS: Control debugging for login attempts using RADIUS or TACACS.

[no] debug bgp (all | events | fsm | ipcs | packets) vpn vpn-id

BGP: Control debugging for BGP:

  • all—Control the debugging of all BGP events, finite-state machine transitions, interprocess communications, and packets.

  • events—Control the debugging of BGP events, including damping events, finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.

  • fsm—Control the debugging of BGP finite-state machine transitions.

  • ipcs—Control the debugging of all BGP interprocess communications.

  • packets—Control the debugging of all BGP protocol packets.

  • vpn vpn-id—Specify the VPN in which to perform debugging.

[no] debug cflowd (cli | events | ipc | misc | pkt_tx) [level (high | low)]

Cflowd Traffic Flow Monitoring:

Control debugging for cflowd:

  • cli —Control the debugging of messages that are logged as the result of a configuration change made either directly on the vEdge router or because the changes have been pushed from the vSmart controller to the router.

  • events —Control the debugging of events to which the cflowd process (daemon) responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.

  • ipc —Control the debugging of all cflowd interprocess communications.

  • level (high | low) —Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

  • misc —Control the debugging of miscellaneous cflowd events.

  • pkt_tx —Control the debugging of cflowd packet transmissions.

[no] debug chmgr all

Chassis Manager: Control debugging for the chassis manager.

[no] debug cloudexpress (events | ftm | omp | rtm | ttm) [level (high | low)]

Cloud OnRamp for SaaS: Control debugging for Cloud OnRamp for SaaS (formerly CloudExpress service).

  • events—Control the debugging of events to which the Cloud OnRamp for SaaS process (daemon) responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.

  • ftm—Control debugging of the communication between Cloud OnRamp for SaaS and the forwarding table manager.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

  • omp—Control the debugging of all Cloud OnRamp for SaaS OMP operations.

  • rtm—Control the debugging of communication between the Cloud OnRamp for SaaS and the route table manager.

  • ttm—Control the debugging of communication between the Cloud OnRamp for SaaS and the tunnel table manager.

[no] debug config-mgr (events | pppoe | ra) [level (high | low)]

Configuration Manager: Control debugging for the configuration manager.

  • events—Control the debugging of events to which the configuration manager process (daemon) responds, including when the process connects with a collector or loses connectivity with it, and when the source-interface as configured in the vSmart template is removed.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco engineering team.

  • pppoe—Control the debugging of all Cloud OnRamp for SaaS OMP operations.

  • ra—Control the debugging of route advertisements to which the configuration manager responds.

[no]debug dbgd events

Debugger Process: Control debugging for the debugger process itself.

  • events—Control the debugging of events to which the debugger process (daemon) responds.

[no] debug dhcp-client (all | events | packets)

DHCP Client: Control the debugging of Dynamic Host Configuration Protocol (DHCP) client activities.

  • all—Control the debugging of all DHCP client events and packets.

  • events—Control the debugging of DHCP client protocol events.

  • packets—Control the debugging of all DHCP client packets.

[no] debug dhcp-helper (all | events | packets)

DHCP Helper: Control the debugging of Dynamic Host Configuration Protocol (DHCP) helper activities.

  • all—Control the debugging of all DHCP helper events and packets.

  • events—Control the debugging of DHCP helper protocol events.

  • packets—Control the debugging of all DHCP helper packets.

[no] debug fpm (all | config | dpi | policy | ttm)

Forwarding Policy Manager: Control debugging for the forwarding policy manager:

  • all—Control the debugging of events related to the forwarding policy manager, including configuration changes, application-aware routing events, and communication with the tunnel table manager.

  • config—Control the debugging of messages that are logged as a result of a policy configuration change made either directly on the vEdge router or because the changes have been pushed from the vSmart controller to the router.

  • dpi—Control the debugging of all application-aware routing (deep packet inspection) events.

  • policy—Control the debugging of messages that are logged as the result of policy programming events.

  • ttm—Control the debugging of communication between the forwarding policy manager and the tunnel table manager.

[no] debug ftm all

Forwarding Table Manager: Control debugging for the forwarding table manager operations.

[no] debug igmp (config | events | fsm | ipc | packets) [level (high | low)]

IGMP: Control debugging for IGMP.

  • events—Control the debugging of IGMP events, including finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.

  • fsm—Control the debugging of IGMP finite-state machine transitions.

  • ipcs—Control the debugging of all IGMP interprocess communications.

  • packets—Control the debugging of all IGMP protocol packets.

[no] debug iked (all | confd | error | events | misc) [level (high | low)]

IKE: Control debugging for the forwarding policy manager.

  • all—Control the debugging of all events related to IKE.

  • confd—Control the debugging of Netconf activity to log all IKE-related Netconf configuration messages between the local device and the vManage NMS.

  • error—Control the debugging of IKE errors.

  • events—Control the debugging of IKE protocol events.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

  • misc—Control the debugging of miscellaneous IKE events.

[no] debug netconf traces

Netconf: Enable and disable Netconf activity to log all Netconf configuration messages between the local device and the vManage NMS.

Netconf debug messages are logged to the /var/log/confd/netconf.trace file.

[no] debug omp (all | events | ipcs | packets)

OMP: Control the debugging of OMP.

  • all—Control the debugging of all OMP events, interprocess communications, and packets.

  • events—Control the debugging of OMP events.

  • ipcs—Control the debugging of all OMP interprocess communications.

  • packets—Control the debugging of all OMP protocol packets.

[no] debug ospf (all | events | ipcs | ism | lsa | nsm | nssa | packets) vpn vpn-id

OSPF: Control the debugging of OSPF.

  • all—Control the debugging of all OSPF functions.

  • events—Control the debugging of OSPF events, including adjacencies, flooding information, designated router selection, and shortest path first (SPF) calculations.

  • ipcs—Control the debugging of all OSPF interprocess communications.

  • ism—Control the debugging of OSPF interface state machine transitions.

  • nsm—Control the debugging of OSPF network tate machine transitions.

  • lsa—Control the debugging of OSPF LSA messages.

  • nssa—Control the debugging of OSPF NSSA messages.

  • packets—Control the debugging of all OSPF protocol packets.

[no] debug pim (auto-rp | events | fsm | ipcs | packets) [level (high | low)] vpn vpn-id

PIM: Control debugging for PIM.

  • all—Control the debugging of all PIM events, finite-state machine transitions, interprocess communications, and packets.

  • events—Control the debugging of PIM events, including finite-state machine events and transitions, keepalive message events, next-hop events, and routing table update events.

  • fsm—Control the debugging of PIM finite-state machine transitions.

  • ipcs—Control the debugging of all PIM interprocess communications.

  • packets—Control the debugging of all PIMP protocol packets.

  • vpn vpn-id—Specify the VPN in which to perform debugging.

[no] debug platform software sdwan tracker

Service chaining: (Cisco IOS XE Catalyst SD-WAN devices) Display the service log for the tracker, which probes service devices periodically to test whether the devices are reachable.

[no] debug resolver events [level (high | low)]

Resolver: Control debugging for all resolver process events. The resolver process handles a plethora of tasks, including tracking ARP, MAC addresses, DNS, and connected interfaces.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

[no] debug rtm (events | ipc | next-hop | packets | rib) vpn vpn-id

Route Table Manager: Control debugging for the route table manager.

  • events—Control the debugging of route table manager events.

  • ipc—Control the debugging of all route table manager interprocess communications.

  • next-hop—Control the debugging of the route table manager handling of next hops.

  • packets—Control the debugging of the route table manager handling of route exchange packets.

  • rib—Control the debugging of route table manager communication with the route table.

  • vpn vpn-id—Specify the VPN in which to perform debugging.

[no] debug snmp events [level (high | low)]

SNMP: Control debugging for all SNMP events.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

[no] debug sysmgr all

System Manager: Control debugging for the system manager.

[no] debug tcpd [level (high | low)]

TCP Optimization Process: Control debugging for TCP optimization.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

[no] debug transport events [level (high | low)]

Transport Process: Control debugging for all vtracker transport process events. The vtracker process pings the vBond orchestrator every second.

  • level (high | low)—Set the detail of the comments logged by the debugging operation. The default level, low, provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco SD-WAN engineering team.

[no] debug ttm events

Tunnel Table Manager: Control debugging for all tunnel table manager events.

[no] debug vrrp (all | events | packets) vpn vpn-id

VRRP: Control debugging for the Virtual Router Redundancy Protocol (VRRP).

  • all—Control the debugging of all VRRP events and packets.

  • events—Control the debugging of VRRP events.

  • packets—Control the debugging of VRRP packets.

Command History

Release

Modification

14.1

Command introduced.

16.3

Starting with Release 16.3, output is placed in the /var/log/tmplog/vdebug file, not the /var/log/vdebug file.

Cisco IOS XE Catalyst SD-WAN Release 17.3.1a

Added debug platform software sdwan tracker .

debug packet-trace condition

To enable packet tracing on Cisco vEdge devices, use the debug packet-trace condition command in privileged EXEC mode.

debug packet-trace condition [ start | stop ] [bidirectional ] [circular ] [ destination-ip ip-address ] [global-stat ] [ ingress-if interface ] [logging ] [ source-ip ip-address ] [ vpn-id vpn-id ]

Syntax Description

bidirectional

(Optional) Enables bidirectional flow debug for source IP and destination IP.

circular

(Optional) Enables circular packet tracing. In this mode, the 1024 packets in the buffer are continuously over-written.

clear

(Optional) Clears all debug configurations and packet tracer memory.

destination-ip

(Optional) Specifies destination IPv4 address.

global-stat

(Optional) Specifies the match on select global statistic counter name.

ingress-if

(Optional) Specifies ingress interface name. Note: It is must to choose VPN to configure the interface.

logging

(Optional) Enables packet tracer debug logging.

source-ip

(Optional) Specifies source IP address.

start

(Optional) Starts conditional debugging.

stop

(Optional) Stops conditional debugging.

vpn-id

(Optional) Enables packet tracing for the specified VPN.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco SD-WAN Release 20.5.1

This command was introduced.

Cisco SD-WAN Release 20.8.1

A new keyword global-stat is added.

Usage Guidelines

The parameters after the keywords start and stop in the command syntax can be configured in any order.

Example

The following example shows how to configure conditions for packet tracing:

Device# debug packet-trace condition source-ip 10.1.1.1
Device# debug packet-trace condition vpn-id 0
Device# debug packet-trace condition interface ge0/1
Device# debug packet-trace condition stop

debug platform condition mpls match-inner

To match IPv4 or IPv6 traffic over an MPLS network on Cisco vEdge devices, use the debug platform condition mpls match-inner command in privileged EXEC mode.

debug platform condition [interface { interface-name | interface-number } ] mpls depth-of-mpls-label match-inner {ipv4 | ipv6} { ipv4-source-prefix | | | any | | | host | | | payload-offset | | | protocol } { ipv4-destination-prefix | | | any | | | host } { application | both | ingress | egress } [ bidirection ] [ allow-no-label ]

no debug platform condition [interface { interface-name | interface-number } ] mpls depth-of-mpls-label match-inner {ipv4 | ipv6} { ipv4-source-prefix | | | any | | | host | | | payload-offset | | | protocol } { ipv4-destination-prefix | | | any | | | host } { application | both | ingress | egress } [ bidirection ] [ allow-no-label ]

Syntax Description

debug

Debug device operations, generated or received traffic, and any error messages.

platform

Debug specific network platforms based on your requirement.

condition

Specify conditions to debug based on your requirement.

interface

(Optional) Debug a specific interface of your choice.

interface-name

Specify the the interface name.

interface-number

Specify the interface number.

mpls

Debug the MPLS network.

source prefix

Specifies IPv4 or IPv6 source prefix.

application

Debug Application conditions.

both

Debug ingress and egress debug simultaneously.

egress

Debug egress only.

ingress

Debug ingress only.

match-inner

Debug inline ACL filters for overlay packet over MPLS.

ipv4

Debug IPv4 conditions .

ipv6

Debug IPv6 conditions.

destination prefix

Specifies IPv4 or IPv6 destination prefix.

any

Specifies any source prefix.

payload-offset

Configures the ineer payload offset to locate the overlap IPv4 and IPv6 header.

host

Specifies a single destination host.

bidirection

(Optional) Allows to fileter packets in bidirection.

allow-no-label

(Optional) Allows to filter packets without MPLS labels.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Catalyst SD-WAN Release 17.11.1a

A new command debug platform condition mpls is added.

Example

The following example shows how to configure conditions for packet tracing:


Device# debug platform condition mpls match-inner ipv4
Device# debug platform condition mpls match-inner ipv4 any any
Device# debug platform condition mpls match-inner ipv4 any any both
Device# debug platform condition mpls match-inner ipv4 any any both
Device# debug platform condition mpls match-inner ipv4 any any both allow-no-label

debug-vdaemon

Enable and disable debugging mode for vdaemon software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.

debug vdaemon { all | confd | error | events | hello | misc | packets } [ high | low ]

no debug vdaemon { all | confd | error | events | hello | misc | packets } [ high | low ]

Syntax Description

{all | confd | error | events | hello | misc | packets} {high | low}

vDaemon Process: Control debugging for vDaemon, the Cisco SD-WAN software process:

  • all : Control the debugging of all vdaemon process functions.

  • confd : Control the debugging of vdaemon process CLI functions.

  • error : Control the debugging error of vdaemon actions.

  • events : Control the debugging of vdaemon process events.

  • hello : Control the debugging of vdaemon hello packets.

  • misc : Control the debugging of miscellaneous vdaemon process events.

  • packets : Control the debugging of all vdaemon process packets.

  • high : Displays verbose logging.

  • low : Displays minimal logging.

Command History

Release Modification

14.1

Command introduced.

16.3

Starting with Release 16.3, output is placed in the /var/log/tmplog/vdebug file, not the /var/log/vdebug file.

Cisco SD-WAN Release 20.5.1

Added hello keyword for debug vdaemon command.

debug vdaemon peer

Enable and disable debugging mode for vdaemon software function. Debug output is placed in the /var/log/tmplog/vdebug file on the local device.

debug vdaemon peer public-ip ip-address public-port port-address facility { all | confd | error | events | hello | misc | packet } level { high | low }

no debug vdaemon peer public-ip ip-address public-port port-address facility { all | confd | error | events | hello | misc | packet } level { high | low }

Syntax Description

public-ip ip-address

Speicifes peer public ip address.

public-port port-address

Specifies peer public port address.

Range: 0 to 65535

facility{all | confd | error | events | hello | misc | packet}

Facility: Control debugging of miscellaneous vdaemon actions:

  • all : Control the debugging of all vdaemon process functions.

  • confd : Control the debugging of vdaemon process CLI functions.

  • error : Control the debugging error of vdaemon actions.

  • events : Control the debugging of vdaemon process events.

  • hello : Control the debugging of vdaemon hello packets.

  • misc : Control the debugging of miscellaneous vdaemon process events.

  • packet : Control the debugging of all vdaemon process packets.

level{high | low}

Set the detail of the comments logged by the debugging operation. The default level, low , provides comments sufficient to help you understand the actions that are occurring. The level high provides greater detail for the live debugging that might typically be performed by the Cisco engineering team.

Command History

Release

Modification

Cisco SD-WAN Release 20.5.1

This command was introduced.

The following is a sample output for debug vdaemon peer command. Verbose logs for a particular peer can be enabled, and hello log is displayed:

Device# debug vdaemon peer public-ip 10.0.12.22 public-port 23456 facility all level high  
IP addr: 10.0.12.22 | Port: 23456 | Peer exist: true |  misc:high  events:high  confd:high  pkt:high  hello:high  error:high 

Mar 10 11:32:56 vm6 VDAEMON[1592]: vbond_proc_msg[4957]: %VDAEMON_DBG_HELLO-3: peer publoc: 10.0.12.22:23456 
Received a Hello from .. 10.0.12.22:23456 on loopback2 (my count 2 hello_vsmart_count 0) (my count 1 hello_vmanage_count 1) 
Mar 10 11:32:56 vm6 VDAEMON[1592]: vdaemon_vm_rebalance_needed[805]: %VDAEMON_DBG_ERROR-3: peer publoc: 10.0.12.22:23456 
Peer vmanage sys-ip 172.16.255.22 is the chosen one

exit

Exit from the CLI session. The exit and quit commands do the same thing.

exit

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# exit
My-MacBook-Pro:~ me$

file list

List the files in a directory on the Cisco SD-WAN device.

file list directory

Syntax Description

directory

Name of a Directory: List the files in the specified directory on the Cisco SD-WAN device.

Examples

vEdge# file list /var
backups
confd
crash
lib
local
lock
log
run
spool
tmp
volatile

Command History

Release

Modification

14.1

Command introduced.

file show

Display the contents of a file on the Cisco SD-WAN device.

file show filename

Syntax Description

filename

Name of a Directory: Name of a file on the Cisco SD-WAN device.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# file list              
x.csr
vEdge# file show x.csr
-----BEGIN CERTIFICATE REQUEST-----
MIIDOzCCAiMCAQAwgboxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MREwDwYDVQQHEwhTYW4gSm9zZTEOMAwGA1UECxMFYXZpdmExFDASBgNVBAoTC3ZJ
UHRlbGEgSW5jMTkwNwYDVQQDFDBWU21hcnRfMDdfMDFfMjAxNF8yM18yM181Ml80
MDc2Mzg1NzcudmlwdGVsYS5jb20xIjAgBgkqhkiG9w0BCQEWE3N1cHBvcnRAdmlw
dGVsYS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2ebu1o5FJ
419xtFhQOf0E7OjDzRvDvC9IUcOPayMMnJgN54EXi3ReVNjsQCn3+P8nPa9hQFjD
3wI03vMVqw4DCVsNmv/lhVsK0PpiV2ALThu4sWtLUPhOJcBOjW8sRcgYP6FKeWaH
Bolx4e+V5vIP52pbTzyIIF/ISdQqKaoMTDcugvKUkrP/xTKpQvvNrOz7eyJUbc8B
IrHyAirm32gFZc8kPeOM6QZTRtVWn4u0cjU9i/DYzByu5HpJqRucrFG5YiM/Ev9p
f8nalbT1Nrmh7RTkTyE276g+nLl8IyTIIrQlbG58bxX0x2inoJP12zV828Fm2AuA
KEEKXzN/bBTfAgMBAAGgOzA5BgkqhkiG9w0BCQ4xLDAqMAkGA1UdEwQCMAAwHQYD
VR0OBBYEFNcvAamf8WANRkKbFjBo3Hwi83BxMA0GCSqGSIb3DQEBBQUAA4IBAQA9
/0fCrER0il0JSqjeOVUppILAmApkWbUaEegdR2s8wzCJDNrV8P6ZPpu98xv3LblY
9tiI8ShZPGHPU0ypnLnvGvzhMUmOaL5VRQeXSwvRSVaxN2fBaFKHXclTZbCIF/p8
fPasc7n84/uOsQU/+PaIFwFDUv4GKMiPNLT5HKpHIQM1j4PwYcNgKL+gU6lfe1y2
Wi80ZrwqYRZ5jxVZSTc6qnEA6i1DvxgdDirF5o5Hgt8pHB5JWcBBNrT+/jiBiiyT
rjN2VSOzx5WiIDvdfZcfO8ajXItvhcuuNxBTQEHTfd7p8G1fDGKdtrKybvxKxv/u
fVZLIZN2tDkqsdbZMT9+
-----END CERTIFICATE REQUEST-----

help

Display help information about a CLI command.

help

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# help ping
Help for command: ping
    Verify IP (ICMP) connectivity to a host

history

Set the number of history items that the CLI tracks in operational mode.

show history number

Syntax Description

show history number

Number of History Items: Set the number of commands tracked by the CLI history.

number can be a value from 0 through 1000. The default is 100 commands. To disable the history feature, set the number to 0.

no history

Return to Default Number of History Items: Restore the default history queue length of 100 commands.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# history 100
vEdge#

idle-timeout

Set how long the CLI is inactive on a device before the user is logged out. If a user is connected to the device via an SSH connection, the SSH connection is closed after this time expires.

idle-timeout seconds

Syntax Description

idle-timeout seconds

Timeout Value: Number of seconds that the CLI is idle before the user is logged out of the CLI. A value of 0 (zero) sets the time to infinity, so the user is never logged out.

Range: 0 through 8192 seconds.

Default: 1800 seconds (30 minutes).

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# idle-timeout 3600

job stop

Stop a job that is monitoring a file on the local device. This command is the same as the UNIX kill command.

job stop job-number

Syntax Description

job-number

Job Number: Number of the job to stop.

This number is in the JOBS column in the show jobs command output.

Command History

Release

Modification

15.4

Command introduced.

Examples

Stop the job that is monitoring a file

vEdge# show jobs
JOB COMMAND
1   monitor start /var/log/vsyslog
vEdge# log:local7.notice: Dec 16 14:55:26 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:26 2015  (timezone 'America/Los_Angeles') 
log:local7.notice: Dec 16 14:55:27 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:27 2015  (timezone 'America/Los_Angeles') 

vEdge# job stop 1
vEdge# show jobs
JOB COMMAND
vEdge#

logout

Terminate the current CLI session, a specific CLI session, or the session of a specific user.

logout [session session-number] [user username]

Syntax Description

(none)

Terminate the current CLI session.

session session-number

Specific Session: Terminate a specific CLI session.

user username

Specific User: Terminate the CLI session of a specific user.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# logout session 16
vEdge#
Message from admin@vEdge at 2013-11-27 15:00:10...
Your session has been terminated by admin
EOF

monitor event-trace sdwan

To monitor and control the event trace function for a Cisco SD-WAN subsystem, use the monitor event-trace command in the privileged EXEC mode. Event trace provides the functionality to capture the SD-WAN traces between the viptela daemons and SD-WAN subsystems.

monitor event-trace sdwan { clear | continuous | disable | dump | | enable | one-shot }

Syntax Description

sdwan

Name of the Cisco SD-WAN subsystem that is the subject of the event trace. To get a list of components that support event tracing, use the monitor event-trace ? command.

clear

Clears existing trace messages for the specified component from memory on the networking device.

continuous

Displays the latest event trace entries.

disable

Turns off event tracing for the specified component.

dump

The trace messages are saved in binary format.

enable

Enables event tracing for the specified component.

one-shot

Clears any existing trace information from memory, starts event tracing again, and disables the trace when the trace reaches the size specified.

Command Default

The event trace function is disabled by default.

Command Modes

Privileged EXEC

Global Configuration Mode

Command History

Release

Modification

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

This command was introduced.

Usage Guidelines

The amount of data collected from the trace depends on the trace message size configured using the monitor event-trace command in global configuration mode for each instance of a trace.

Use the show monitor event-trace command to display trace messages.

Use the monitor event-trace sdwan dump command to save trace message information for a single event. By default, trace information is saved in binary format.

The following example shows the privileged EXEC commands to stop event tracing, clear the current contents of memory, and reenable the trace function for the component. This example assumes that the tracing function is configured and enabled on the networking device.


Router# monitor event-trace sdwan disable
 
Router# monitor event-trace sdwan clear
 
Router# monitor event-trace sdwan enable

The following example shows how the monitor event-trace one-shot command accomplishes the same function as the previous example except in one command. In this example, once the size of the trace message file has been exceeded, the trace is terminated.


Router# monitor event-trace sdwan one-shot

The following example shows the command for writing trace messages for an event in binary format. In this example, the trace messages for the SD-WAN component are written to a file.


Router# monitor event-trace sdwan dump

monitor start

Begin monitoring a file on the local device. When a file is monitored, any logging information is displayed on the console as it is added to the file.

monitor start filename

Syntax Description

filename

Filename To Monitor: Name of the file to monitor.

Command History

Release

Modification

15.4

Command introduced.

Examples

Start and stop monitoring a file, and view the files that are being monitored

vEdge# monitor start /var/log/vsyslog
vEdge# show jobs
JOB COMMAND
1   monitor start /var/log/vsyslog
vEdge# log:local7.notice: Dec 16 14:55:26 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:26 2015  (timezone 'America/Los_Angeles') 
log:local7.notice: Dec 16 14:55:27 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:27 2015  (timezone 'America/Los_Angeles') 

vEdge# monitor stop /var/log/vsyslog
vEdge#

monitor stop

Stop monitoring a file on the local device. When a file is monitored, any logging information is displayed on the console as it is added to the file.

monitor stop filename

Syntax Description

filename

File to Monitor: Name of the file to monitor.

Command History

Release

Modification

15.4

Command introduced.

Examples

Start and stop monitoring a file, and view the files that are being monitored

vEdge# monitor start /var/log/vsyslog
vEdge# show jobs
JOB COMMAND
1   monitor start /var/log/vsyslog
vEdge# log:local7.notice: Dec 16 14:55:26 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:26 2015  (timezone 'America/Los_Angeles') 
log:local7.notice: Dec 16 14:55:27 vsmart SYSMGR[219]: %Viptela-vsmart-SYSMGR-5-NTCE-200025: System clock set to Wed Dec 16 14:55:27 2015  (timezone 'America/Los_Angeles') 

vEdge# monitor stop /var/log/vsyslog
vEdge#

nslookup

Perform a DNS lookup.

nslookup [vpn-id vpn-id] dns-name

Syntax Description

dns-name

DNS Name: Perform a DNS lookup to map a fully qualified domain name to one or more IP addresses.

dns-name can be a hostname string, or an IPv4 or IPv6 address.

vpn-id vpn-id

VPN: Specify the VPN into which to send the ping packets. If you omit the VPN identifier, the default is VPN 0, which is the transport VPN.

Command History

Release

Modification

14.1

Command introduced.

16.3

In Release 16.3, added support for IPv6 addresses in VPN 0.

Examples

vEdge# nslookup vedge.dns.com
nslookup in vpn 0:
Server: 172.16.255.100
Address 1: 172.16.255.100 vedge.dns.com

Name:      vedge
Address 1: 172.16.255.100 vedge.dns.com

vEdge# nslookup vpn 0 fe80::20c:29ff:fe9b:a9bb
nslookup in VPN 0:
Server:    127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name:      fe80::20c:29ff:fe9b:a9bb
Address1:  fe80::20c:29ff:fe9b:a9bb

paginate

Control the pagination of command output.

paginate (false | true)

Syntax Description

false

Display Command Output Continuously: Display all command output continuously, regardless of the CLI screen height.

true

Paginate Command Output:Display all command output one screen at a time. To display the next screen of output, press the space bar. Pagination is the default setting.

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# show running-config system
system
host-name vedge-1
system-ip 172.16.255.1
domain-id 1
site-id   1
clock timezone America/Los_Angeles
vbond 10.0.14.4
aaa
  auth-order local radius
  usergroup basic
   task system read write
   task interface read write
  !
  usergroup netadmin
  !
  usergroup operator
   task system read
   task interface read
   task policy read
   task routing read
   task security read
  !
  user admin
--More--
vEdge# paginate false
vEdge# show running-config system
usergroup basic
   task system read write
   task interface read write
  !
  usergroup netadmin
  !
  usergroup operator
   task system read
   task interface read
   task policy read
   task routing read
   task security read
  !
  user admin
   password $1$zvOh58pk$QLX7/RS/F0c6ar94.xl2k.
  !
!
logging
  disk
   enable
  !
 !
!
vEdge#

ping

Verify that a network device is reachable on the network, by sending ICMP ECHO_REQUEST packets to them. This command is effectively identical to the standard UNIX ping command.

ping (hostname | ip-address)

ping vpn vpn-id (hostname | ip-address)

ping [count number] [rapid] [size bytes] [source (interface-name | ip-address)] [wait seconds] vpn vpn-id (hostname | ip-address)

Syntax Description

(hostname | ip-address)

Device to Ping: Name or IPv4 or IPv6 address of the host to ping. For an IPv4 address in a service VPN, you can ping the primary and the secondary addresses.

count number

Number of Ping Requests to Send: Number of ping requests to send. If you do not specify a count, the command operates until you interrupt it by typing Control-C.

rapid

Rapid Pinging: Send five ping requests in rapid succession and display abbreviated statistics, only for packets transmitted and received, and percentage of packets lost.

size bytes

Size of Ping Request Packets: Size of the packet to send.

Default: 64 bytes (56 bytes of data plus 8 bytes of ICMP header).

source (interface-name | ip-address)

Source of Ping Packets: Interface or IP address from which to send to ping packets. You cannot specify the loopback0 interface in this option.

wait seconds

Time to Wait between Each Ping Packet: Time to wait for a response to a ping packet.

Default: 1 second.

vpn vpn-id

VPN in which to Ping: Specify the VPN into which to send the ping packets.

Command History

Release

Modification

14.1

Command introduced.

16.3

Added support for IPv6 host addresses in VPN 0.

17.2.2

Added support for pinging secondary IPv4 addresses.

Examples

vEdge# ping vpn 0 10.0.14.4
PING 10.0.14.4 (10.0.14.4): 56 data bytes
64 bytes from 10.0.14.4: seq=0 ttl=63 time=0.642 ms
64 bytes from 10.0.14.4: seq=1 ttl=63 time=0.788 ms
64 bytes from 10.0.14.4: seq=2 ttl=63 time=0.685 ms
64 bytes from 10.0.14.4: seq=3 ttl=63 time=0.666 ms
64 bytes from 10.0.14.4: seq=4 ttl=63 time=0.713 ms
64 bytes from 10.0.14.4: seq=5 ttl=63 time=0.846 ms
^C
--- 10.0.14.4 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 0.642/0.723/0.846 ms
vEdge# ping vpn 0 rapid 10.0.12.2
Defaulting count to 5
!!!!! 
--- 10.0.12.2 statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
vEdge# ping vpn 0 10.0.12.3
PING 10.0.12.3 (10.0.12.3): 56 data bytes
64 bytes from 10.0.12.3: seq=0 ttl=64 time=8.127 ms
64 bytes from 10.0.12.3: seq=1 ttl=64 time=0.475 ms
64 bytes from 10.0.12.3: seq=2 ttl=64 time=0.336 ms
64 bytes from 10.0.12.3: seq=3 ttl=64 time=0.576 ms
64 bytes from 10.0.12.3: seq=4 ttl=64 time=0.578 ms
^C
--- 10.0.12.3 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.336/2.018/8.127 ms
vEdge# show interface
                                  IF      IF                                                                TCP
                                  ADMIN   OPER    ENCAP                                      SPEED          MSS                 RX       TX
VPN  INTERFACE  IP ADDRESS        STATUS  STATUS  TYPE   PORT TYPE  MTU   HWADDR             MBPS   DUPLEX  ADJUST  UPTIME      PACKETS  PACKETS
--------------------------------------------------------------------------------------------------------------------------------------------------
0    gre4       172.0.101.15/24   Up      Up      null   service    1500  0a:01:0f:0f:00:00  0      full    1420    0:00:06:09  0        0
0    ge0/0      10.1.15.15/24     Up      Up      null   transport  1500  00:0c:29:9c:a2:be  10     full    1420    0:00:26:44  9986     10696
0    ge0/1      10.1.17.15/24     Up      Up      null   service    1500  00:0c:29:9c:a2:c8  10     full    1420    0:00:17:13  3        8
0    ge0/2      -                 Down    Up      null   service    1500  00:0c:29:9c:a2:d2  10     full    1420    0:00:26:47  3        0
0    ge0/3      10.0.20.15/24     Up      Up      null   service    1500  00:0c:29:9c:a2:dc  10     full    1420    0:00:17:13  11       9
0    ge0/6      57.0.1.15/24      Up      Up      null   service    1500  00:0c:29:9c:a2:fa  10     full    1420    0:00:17:13  3        9
0    ge0/7      10.0.100.15/24    Up      Up      null   service    1500  00:0c:29:9c:a2:04  10     full    1420    0:00:26:21  753      641
0    system     172.16.255.15/32  Up      Up      null   loopback   1500  00:00:00:00:00:00  10     full    1420    0:00:15:52  0        0
1    gre1       -                 Up      Down    null   service    1500  38:00:01:0f:00:00  -      -       1420    -           0        0
1    ge0/4      10.20.24.15/24    Up      Up      null   service    1500  00:0c:29:9c:a2:e6  10     full    1420    0:00:17:10  714      717
1    ge0/5      56.0.1.15/24      Up      Up      null   service    1500  00:0c:29:9c:a2:f0  10     full    1420    0:00:17:10  1        47
1    loopback0  10.20.30.15/24    Up      Up      null   service    1500  00:00:00:00:00:00  10     full    1420    0:00:00:20  0        0
512  eth0       10.0.1.15/24      Up      Up      null   service    1500  00:50:56:00:01:0f  1000   full    0       0:00:26:39  8156     5313

vEdge# ping vpn 1 10.20.25.16 source 10.20.30.15
Ping in VPN 1
PING 10.20.25.16 (10.20.25.16) from 10.20.30.15 : 56(84) bytes of data.
64 bytes from 10.20.25.16: icmp_seq=1 ttl=64 time=1.45 ms
64 bytes from 10.20.25.16: icmp_seq=2 ttl=64 time=1.61 ms
^C
--- 10.20.25.16 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.458/1.534/1.611/0.085 ms
vEdge# ping vpn 1 10.20.25.16 source loopback0
Ping in VPN 1
PING 10.20.25.16 (10.20.25.16) from 10.20.30.15 : 56(84) bytes of data.
64 bytes from 10.20.25.16: icmp_seq=1 ttl=64 time=1.05 ms
^C
--- 10.20.25.16 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.054/1.054/1.054/0.000 ms
vm5# ping vpn 1 10.20.25.16 source ge0/4
Ping in VPN 1
PING 10.20.25.16 (10.20.25.16) from 10.20.24.15 : 56(84) bytes of data.
64 bytes from 10.20.25.16: icmp_seq=1 ttl=64 time=1.35 ms
64 bytes from 10.20.25.16: icmp_seq=2 ttl=64 time=1.44 ms
^C
--- 10.20.25.16 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 1.350/1.397/1.444/0.047 ms
vEdge#

poweroff

Shut down the Cisco SD-WAN device. Issue this command when you need to power down a router. Do not simply unplug the router.

poweroff

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# poweroff
Are you sure you want to power off the system? [yes NO] yes
Starting cleanup
Stopping vedge daemon: sysmgr.
Shutting down

Broadcast message from root@vm4 (pts/1) (Mon Feb 17 09:52:33 2014):

The system is going down for system halt NOW!
My-MacBook-Pro:~ me$

prompt1

Set the operational prompt.

prompt1 string

Syntax Description

string

Operational Prompt: Set the operational prompt.

The prompt can contain regular ASCII characters and the following special characters. Enclose the entire string in quotation marks:

  • \d—Current date in the format yyyy-mm-dd (for example, 2013-12-02).

  • \h—Hostname up to the first period (.). You configure the hostname with the system hostname command.

  • \H—Full hostname. You configure the hostname with the system hostname command.

  • \s—Source IP address of the local device.

  • \t—Current time in 24-hour hh:mm:ss format.

  • \A—Current time in 24-hour ​ format.

  • \T—Current time in 12-hour hh:mm:ss​ format.

  • \@—Current time in 12-hour hh:mm​ format.

  • \u—Login username of the current user.

  • \m—Mode name.

  • \m{n}—Mode name, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis (...).

  • \M—Mode name in parentheses.

  • \M{n}—Mode name in parentheses, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis (...).

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# prompt1 "\u-\d # "
admin-2013-12-02 #

prompt2

Set the configuration mode prompt.

prompt2 string

Syntax Description

string

Operational Prompt:

"string" Set the operational prompt. The prompt can contain regular ASCII characters and the following special characters. Enclose the entire string in quotation marks:

  • \d—Current date in the format yyyy-mm-dd (for example, 2013-12-02).

  • \h—Hostname up to the first period (.). You configure the hostname with the system hostname command.

  • \H—Full hostname. You configure the hostname with the system hostname command.

  • \s—Source IP address of the local device.

  • \t—Current time in 24-hour hh:mm:ss format.

  • \A—Current time in 24-hou hh:mm​ format.

  • \T—Current time in 12-hour hh:mm:ss​ format.

  • \@—Current time in 12-hour hh:mm​ format.

  • \u—Login username of the current user.

  • \m—Mode name.

  • \m{n}—Mode name, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis (...).

  • \M—Mode name in parentheses.

  • \M{n}—Mode name in parentheses, but the number of trailing components in the displayed path is limited to be a maximum of n, which is an integer. Characters removed are replaced with an ellipsis (...).

Command History

Release

Modification

14.1

Command introduced.

Examples

vEdge# prompt2 "\A on \h# "
vEdge# config
Entering configuration mode terminal
15:09 on vEdge#

quit

Exit from the CLI session. The exit and quit commands do the same thing.

quit

Examples

vEdge# quit
My-MacBook-Pro:~ me$

Command History

Release

Modification

14.1

Command introduced.

reboot

Reboot the Cisco SD-WAN device.

Any user can issue the reboot command, but the underlying logging mechanism does not log the user name. If you subsequently issue a show reboot history command, it shows that the reboot request was issued by an unnamed user.


Note


You cannot issue the reboot command while a software upgrade is in progress.


reboot [now] reboot other-boot-partition [no-sync]

Syntax Description

(none)

Reboot the device. The software prompts you to confirm that you really want to reboot.

now

Reboot Immediately: Reboot the device immediately, with no prompt asking you to confirm that you want to reboot.

other-boot-partition

Reboot and Use the Software Image on the Other Disk Partition: (Available in releases 15.3 and earlier.)

When rebooting the device, start the software image that is installed on the other disk partition. The software prompts you to confirm that you really want to reboot. If the other partition cannot be mounted or if the directory on the other partition is unreadable, an error message is displayed and the reboot operation is canceled.

other-boot-partition no-sync

Switch to the Other Software Image without Rebooting: (Available in releases 15.3 and earlier.)

Switch to the software image that is installed on the other disk partition without rebooting the device. If the other partition cannot be mounted or if the directory on the other partition is unreadable, an error message is displayed and the switch operation is canceled.

Command History

Release

Modification

14.1

Command introduced.

14.2

Starting with the 14.2 release, you cannot issue the reboot command when a software upgrade is in progress.

15.3

Starting with the 15.3 release, the reboot other-boot-partition command prompts for confirmation.

15.4

Starting with 15.4 release, the reboot other-boot-partition command is replaced with the request software activate command.

Examples

Reboot

vEdge# reboot
Are you sure you want to reboot? [yes,NO] yes
Starting cleanup
Stopping viptela daemon: sysmgr.
Rebooting now

Broadcast message from root@vm4 (pts/1) (Wed Nov 27 13:36:07 2013):

The system is going down for reboot NOW!
user$ ssh vEdge
vEdge# show system status | display xml | include reboot_type
    <reboot_type>Unknown</reboot_type>
vEdge#

show boot-partition

vEdge# show boot-partition (available in Releases 15.3 and earlier)

PARTITION  ACTIVE  VERSION            
--------------------------------------
1          X       14.2.4  
2          -       -

vEdge# reboot other-boot-partition (available in Releases 15.3 and earlier)
No firmware present.
vEdge#  

reboot other-boot-partition

vEdge# reboot other-boot-partition (available in Releases 15.3 and earlier)
Are you sure you want to boot using image in other boot partition? [yes,NO] <CR>
Aborted: by user

vEdge# reboot other-boot-partition no-sync (available in Releases 15.3 and earlier)
Are you sure you want to boot using image in other boot partition? [yes,NO] <CR>
Aborted: by user

vEdge# reboot other-boot-partition no-sync (available in Releases 15.3 and earlier)
Are you sure you want to boot using image in other boot partition? [yes,NO] yes
Stopping processes and rebooting

request aaa unlock-user

Reset the account of a user whose account is locked. An account becomes locked when the user can no longer log in to a Cisco SD-WAN device.

request aaa unlock-user username

Syntax Description

username

Account To Reset: Name of the user account.

Note

 

Your account gets locked even if no password is entered multiple times. When you do not enter anything in the password field, it is considered as invalid or wrong password.

Command History

Release

Modification

15.4

Command introduced.

Examples

vEdge# request aaa unlock-user admin
vEdge# 

request admin-tech

vManage Equivalent

Collect system status information in a compressed tar file, to aid in troubleshooting and diagnostics. This tar file, which is saved in the user's home directory, contains the output of various commands and the contents of various files on the local device, including syslog files, files for each process (daemon) running on the device, core files, and configuration rollback files. For aid in troubleshooting, send the file to Cisco SD-WAN customer support.

If your Cisco SD-WAN device contains a large number of crash log files, it might take a few minutes for the request admin-tech command to complete.

On a single device, you can run only one request admin-tech command at a time. If a command is in progress, the device does not let a second one start.

When a process (daemon) on a Cisco SD-WAN device fails and that failure results in the device rebooting, the device automatically runs a request admin-tech exclude-cores exclude-logs file before the the device is rebooted.

To retrieve the admin-tech file from the Cisco SD-WAN device, use SCP. To do this, you must have login access to the device. To copy the file from the Cisco SD-WAN device, enter the shell from the Cisco SD-WAN CLI and issue a command in the following format:

vEdge# vshell
vEdge:~$ scp filename .tar.gz  username@host-name:path-name

request admin-tech [delete-filename filename] [exclude-cores] [exclude-logs] [exclude-tech]

Tools ► Operational Commands ► Select device ► More Actions icon ► Admin Tech

Syntax Description

(none)

Collect all system status information, including core files, log files, and the process (daemon) and operational-related files that are stored in the /var/tech directory on the local device.

exclude-cores

Do Not Include Core Files: Do not include any core files in the compressed tar file. Core files are stored in the /var/crash directory on the local device.

exclude-logs

Do Not Include Log Files: Do not include any log files in the compressed tar file. Log files are stored in the /var/log directory on the local device.

exclude-logs

Do Not Include Process-Related Files: Do not include any process (daemon) and operational-related files in the compressed tar file. These files are stored in the /var/tech directory on the local device.

Command History

Release

Modification

14.1

Command introduced.

16.1

Added support for running only one request admin-tech command at a time.

16.3

Added delete-file-name, exclude-cores, exclude-logs, and exclude-tech options.

17.1

Added automatic collection of admin-tech information after a process fails.

Examples

Create an admin tech file and copy it to a user's home directory on a host in the network. For the SCP command, you must specify the full pathname of where to place the copied file.

vEdge# request admin-tech 
Requested admin-tech initiated.
Created admin-tech file '/home/admin/20170712-123416-admin-tech.tar.gz'
vEdge# vshell
vEdge:~$ ls
20170712-123416-admin-tech.tar.gz archive_id_rsa.pub cacert.pem vEdge-signed-cert.pem vEdge.csr vEdge_blank_config
vEdge:~$ tar -xvf 20170712-123416-admin-tech.tar.gz 
var/log/auth.log
var/log/cloud-init.log
var/log/confd/
var/log/confd/devel.log
var/log/confd/error.log.siz
var/log/confd/snmp.log
var/log/confd/error.log.1
var/log/confd/error.log.idx
var/log/kern.log
var/log/lastlog
var/log/messages
var/log/messages.1
var/log/messages.2
var/log/messages.3
var/log/messages.4
var/log/pdb/
var/log/quagga/
var/log/tallylog
var/log/tmplog/
var/log/tmplog/vdebug
var/log/vconfd
var/log/vdebug
var/log/vdebug_2017-07-10_18_16_36.tar.gz
var/log/vdebug_2017-07-10_18_55_14.tar.gz
var/log/vmware-vmsvc.log
var/log/vsyslog
var/log/wtmp
var/tech/
var/tech/uboot_env
var/tech/confd
var/tech/system
var/tech/transport
var/tech/cxp
var/tech/dot1x
var/tech/cflowd
var/tech/dpi
var/tech/app_route
var/tech/config
var/tech/fpmd
var/tech/igmp
var/tech/hardware
var/tech/ompd
var/tech/ftmd
var/tech/dhcpd
var/tech/vdaemon
var/tech/snmp
var/tech/pimd
var/tech/vrrpd
var/tech/sysmgrd
var/tech/ttmd
var/tech/host_details
var/crash/
var/crash/core.cfgmgr.vm5
var/crash/info.core.cfgmgr.vm5.529.1499738114
var/confd/rollback/
var/confd/rollback/rollback22
var/confd/rollback/rollback13
var/confd/rollback/rollback8
var/confd/rollback/rollback9
var/confd/rollback/rollback2
var/confd/rollback/rollback27
var/confd/rollback/rollback5
var/confd/rollback/rollback20
var/confd/rollback/rollback0
var/confd/rollback/rollback1
var/confd/rollback/rollback3
var/confd/rollback/rollback21
var/confd/rollback/rollback25
var/confd/rollback/rollback19
var/confd/rollback/rollback4
var/confd/rollback/rollback23
var/confd/rollback/rollback28
var/confd/rollback/rollback7
var/confd/rollback/rollback18
var/confd/rollback/rollback10
var/confd/rollback/rollback24
var/confd/rollback/rollback12
var/confd/rollback/rollback15
var/confd/rollback/rollback11
var/confd/rollback/rollback6
var/confd/rollback/rollback16
var/confd/rollback/rollback26
var/confd/rollback/rollback14
var/confd/rollback/rollback17
vEdge~$ scp 20170712-123416-admin-tech.tar.gz eve@eve-host:~/.
vEdge-%

eve@eve-host:~$ ls 20170712-123416-admin-tech-tar.gz
20170712-123416-admin-tech-tar.gz
eve@eve-host:~$

request certificate

Install a certificate on the Cisco SD-WAN device (on vSmart controllers and vBond orchestrators only).

request certificate install file-path [vpn vpn-id]

Syntax Description

file-path

Path to Certificate File: Install the certificate in specified filename.

The file can be in a your home directory on the local device, or it can be on a remote device reachable through VPN 0 and using FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided.

file-path can be one of the following:

  • filename—Path to a file in your home directory on the local Cisco SD-WAN device.

  • ftp: file-path—Path to a file on an FTP server.

  • http:// url/file-path—Path to a file on a webserver.

  • scp: user@host:file-path

  • tftp: file-path—Path to a file on a TFTP server.

vpn vpn-id

Specific VPN: VPN in which the certificate file is located.

When you include this option, one of the interfaces in the specified VPN is used to retrieve the file. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrieved from VPN 0.

Command History

Release

Modification

14.1

Command introduced.

request container image install

Install a vSmart software image on a vSmart controller container host (on vSmart controller container hosts only).

request container image install filename [vpn vpn-id]

Syntax Description

filename

Name of vSmart Software Image: Install the vSmart controller software image in the specified filename. The file can be in your home directory on the local device, or it can be on a remote device reachable through FTP, HTTP, SCP, or TFTP. If you are using SCP, you are prompted for the directory name and filename. No file path name is provided. filename has the format viptela-release-number-x86_64.tar.gz.

vpn vpn-id

When you include this option, one of the interfaces in the specified VPN is used to retrieve the software image. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrived from VPN 0.

When you include this option, one of the interfaces in the specified VPN is used to retrieve the software image. The interfaces on a vSmart controller are only in VPN 0, the VPN reserved for the control plane, so you can omit this option because vSmart images are always retrived from VPN 0.

Command History

Release

Modification

16.2

Command introduced.

request container image remove

Install a vSmart software image on a vSmart controller container host (on vSmart controller container hosts only).

request container image remove filename

Syntax Description

filename

Name of vSmart Software Image: Name of image that is installed on the vSmart controller container.

Command History

Release

Modification

16.2

Command introduced.

request control-tunnel add

Create a temporary tunnel to use when debugging a failed control connection (on vEdge routers only). One case when you might want to create a temporary tunnel is when a control connection fails to come up because of firewall rules or NAT issues. The Cisco SD-WAN software's forwarding process drops failed connections, so creating a temporary one allows you to triage the problem.

request control-tunnel add local-private-ip ip-address local-private-port port-number remote-public-ip ip-address remote-public-port port-number

Syntax Description

local-private-port ip-address port-number

Local Private IP Address and Port Number: Private IP address and port number for the local side of the tunnel connection.

port-number can be a value from 0 through 65535.

remote-public-ip ip-address remote-public-port port-number

Remote Public IP Address and Port Number: Public IP address and port number for the remote side of the tunnel connection. can be a value from 0 through 65535.

port-number

Command History

Release

Modification

16.1

Command introduced.

Examples

vEdge# request control-tunnel add local-private-ip 10.1.14.14 
Value for 'local-private-port' (<0..65535>): 22234                                                                           
Value for 'remote-public-ip' (<IP address>): 10.0.12.20
Value for 'remote-public-port' (<0..65535>): 23456
vEdge#

request control-tunnel delete

Delete a temporary tunnel that you created to debug a failed control connection (on vEdge routers only). One case when you might want to create a temporary tunnel is when a control connection fails to come up because of firewall rules or NAT issues. The Cisco SD-WAN software's forwarding process drops failed connections, so creating a temporary one allows you to triage the problem.

request control-tunnel delete local-private-ip ip-address local-private-port port-number remote-public-ip ip-address remote-public-port port-number

Syntax Description

local-private-ip ip-address local-private-port port-number

Local Private IP Address and Port Number: Private IP address and port number for the local side of the tunnel connection.

port-number can be a value from 0 through 65535.

remote-public-ip ip-address remote-public-port port-number

Remote Public IP Address and Port Number: Public IP address and port number for the remote side of the tunnel connection.

port-number can be a value from 0 through 65535.

Command History

Release

Modification

16.1

Command introduced.

request controller add serial-num

Send the certificate serial number of a vManage NMS or a vSmart controller to the vBond orchestrator (on vManage NMSs only).

request controller add serial-num number

Syntax Description

number

Serial Number: Certificate serial number to send to the vManage or vSmart controller.

Command History

Release

Modification

15.4

Command introduced to replace the request vsmart add serial-num command.

Usage Guidelines


Note


The request controller add serial-num command to add serial numbers is not supported on Cisco SD-WAN 20.x releases as changes are not persistent across reboots. You can add serial numbers through Cisco vManage. For more details on controller serial numbers, see Controller Serial Numbers to Cisco vBond Orchestrator.