System Management Commands

arp

To display the contents of the Address Resolution Protocol (ARP) table, use the arp command in boot loader mode.

arp [ip_address]

Syntax Description

ip_address

(Optional) Shows the ARP table or the mapping for a specific IP address.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The ARP table contains the IP-address-to-MAC-address mappings.

Examples

This example shows how to display the ARP table:


Device: arp 172.20.136.8
arp'ing 172.20.136.8...
172.20.136.8 is at 00:1b:78:d1:25:ae, via port 0

boot

To load and boot an executable image and display the command-line interface (CLI), use the boot command in boot loader mode.

boot [ -post | -n | -p | flag] filesystem:/file-url...

Syntax Description

-post

(Optional) Run the loaded image with an extended or comprehensive power-on self-test (POST). Using this keyword causes POST to take longer to complete.

-n

(Optional) Pause for the Cisco IOS Debugger immediately after launching.

-p

(Optional) Pause for the JTAG Debugger right after loading the image.

filesystem:

Alias for a file system. Use flash: for the system board flash device; use usbflash0: for USB memory sticks.

/file-url

Path (directory) and name of a bootable image. Separate image names with a semicolon.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

When you enter the boot command without any arguments, the device attempts to automatically boot the system by using the information in the BOOT environment variable, if any.

If you supply an image name for the file-url variable, the boot command attempts to boot the specified image.

When you specify boot loader boot command options, they are executed immediately and apply only to the current boot loader session.

These settings are not saved for the next boot operation.

Filenames and directory names are case sensitive.

Examples

This example shows how to boot the device using the new-image.bin image:


Device: set BOOT flash:/new-images/new-image.bin
Device: boot

After entering this command, you are prompted to start the setup program.

cat

To display the contents of one or more files, use the cat command in boot loader mode.

cat filesystem:/file-url...

Syntax Description

filesystem:

Specifies a file system.

/file-url

Specifies the path (directory) and name of the files to display. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

If you specify a list of files, the contents of each file appears sequentially.

Examples

This example shows how to display the contents of an image file:


Device: cat flash:image_file_name
version_suffix: universal-122-xx.SEx
version_directory: image_file_name
image_system_type_id: 0x00000002
image_name: image_file_name.bin
ios_image_file_size: 8919552
total_image_file_size: 11592192
image_feature: IP|LAYER_3|PLUS|MIN_DRAM_MEG=128
image_family: family
stacking_number: 1.34
board_ids: 0x00000068 0x00000069 0x0000006a 0x0000006b 
info_end:

copy

To copy a file from a source to a destination, use the copy command in boot loader mode.

copy filesystem:/source-file-url filesystem:/destination-file-url

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/source-file-url

Path (directory) and filename (source) to be copied.

/destination-file-url

Path (directory) and filename of the destination.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Filenames are limited to 127 characters; the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

If you are copying a file to a new directory, the directory must already exist.

Examples

This example shows how to copy a file at the root:


Device: copy usbflash0:test1.text usbflash0:test4.text
File "usbflash0:test1.text" successfully copied to "usbflash0:test4.text"

You can verify that the file was copied by entering the dir filesystem: boot loader command.

copy startup-config tftp:

To copy the configuration settings from a switch to a TFTP server, use the copy startup-config tftp: command in Privileged EXEC mode.

copy startup-config tftp: remote host {ip-address}/{name}

Syntax Description

remote host {ip-address}/{name}

Host name or IP-address of Remote host.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

To copy your current configurations from the switch, run the command copy startup-config tftp: and follow the instructions. The configurations are copied onto the TFTP server.

Then, login to another switch and run the command copy tftp: startup-config and follow the instructions. The configurations are now copied onto the other switch.

Examples

This example shows how to copy the configuration settings onto a TFTP server:


Device: copy startup-config tftp:
Address or name of remote host []?

copy tftp: startup-config

To copy the configuration settings from a TFTP server onto a new switch, use the copy tftp: startup-config command in Privileged EXEC mode on the new switch.

copy tftp: startup-config remote host {ip-address}/{name}

Syntax Description

remote host {ip-address}/{name}

Host name or IP-address of Remote host.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

After the configurations are copied, to save your configurations, use write memory command and then either reload the switch or run the copy startup-config running-config command.

Examples

This example shows how to copy the configuration settings from the TFTP server onto a switch:


Device: copy tftp: startup-config
Address or name of remote host []?

debug voice diagnostics mac-address

To enable debugging of voice diagnostics for voice clients, use the debug voice diagnostics mac-address command in privileged EXEC mode. To disable debugging, use the no form of this command.

debug voice diagnostics mac-address mac-address1 verbose mac-address mac-address2 verbose

nodebug voice diagnostics mac-address mac-address1 verbose mac-address mac-address2 verbose

Syntax Description

voice diagnostics

Configures voice debugging for voice clients.

mac-address mac-address1 mac-address mac-address2

Specifies MAC addresses of the voice clients.

verbose

Enables verbose mode for voice diagnostics.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

The following is sample output from the debug voice diagnostics mac-address command and shows how to enable debugging of voice diagnostics for voice client with MAC address of 00:1f:ca:cf:b6:60:

Device# debug voice diagnostics mac-address 00:1f:ca:cf:b6:60

debug platform condition feature multicast controlplane

To enable radioactive tracing for the Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) snooping features, use the debug platform condition feature multicast controlplane command in privileged EXEC mode. To disable radioactive tracing, use the no form of this command.

debug platform condition feature multicast controlplane {{igmp-debug | pim} group-ip {ipv4 address | ipv6 address} | {mld-snooping | igmp-snooping} mac mac-address ip {ipv4 address | ipv6 address} vlan vlan-id } level {debug | error | info | verbose | warning}

no debug platform condition feature multicast controlplane {{igmp-debug | pim} group-ip {ipv4 address | ipv6 address} | {mld-snooping | igmp-snooping} mac mac-address ip {ipv4 address | ipv6 address} vlan vlan-id } level {debug | error | info | verbose | warning}

Syntax Description

igmp-debug

Enables IGMP control radioactive tracing.

pim

Enables Protocol Independent Multicast (PIM) control radioactive tracing.

mld-snooping

Enables MLD snooping control radioactive tracing.

igmp-snooping

Enables IGMP snooping control radioactive tracing.

mac mac-address

MAC address of the receiver.

group-ip {ipv4 address | ipv6 address}

IPv4 or IPv6 address of the igmp-debug or pim group.

ip {ipv4 address | ipv6 address}

IPv4 or IPv6 address of the mld-snooping or igmp-snooping group.

vlan vlan-id

VLAN ID. The range is from 1 to 4094.

level

Enables debug severity levels.

debug

Enables debugging level.

error

Enables error debugging.

info

Enables information debugging.

verbose

Enables detailed debugging.

warning

Enables warning debugging.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to enable radioactive tracing for IGMP snooping:


Device# debug platform condition feature multicast controlplane igmp-snooping mac 000a.f330.344a ip 10.1.1.10 vlan 550 level warning

debug platform condition mac

To enable radioactive tracing for MAC learning, use the debug platform condition mac command in privileged EXEC mode. To disable radioactive tracing for MAC learning, use the no form of this command.

debug platform condition mac {mac-address {control-plane | egress | ingress} | access-list access-list name {egress | ingress}}

no debug platform condition mac {mac-address {control-plane | egress | ingress} | access-list access-list name {egress | ingress}}

Syntax Description

mac mac-address

Filters output on the basis of the specified MAC address.

access-list access-list name

Filters output on the basis of the specified access list.

control-plane

Displays messages about the control plane routines.

egress

Filters output on the basis of outgoing packets.

ingress

Filters output on the basis of incoming packets.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to filter debugging output on the basis of a MAC address:


Device# debug platform condition mac bc16.6509.3314 ingress

debug platform rep

To enable debugging of Resilient Ethernet Protocol (REP) functions, use the debug platform rep command in privileged EXEC mode. To remove the specified condition, use the no form of this command.

debug platform rep {all | error | event | packet | verbose}

no debug platform rep {all | error | event | packet | verbose}

Syntax Description

all

Enables all REP debugging functions.

error

Enables REP error debugging.

event

Enables REP event debugging.

packet

Enables REP packet debugging.

verbose

Enables REP verbose debugging.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The following example shows how to enable debugging for all functionss:


Device# debug platform rep all      

debug platform rep verbose debugging is on
debug platform rep control pkt handle debugging is on
debug platform rep error debugging is on
debug platform rep event debugging is on

debug ilpower powerman

To enable debugging of the power controller and Power over Ethernet (PoE) system, use the debug ilpower powerman command in privileged EXEC mode. Use the no form of this command to disable debugging.

Command Default

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

This example shows the output for the debug ilpower powerman command for releases prior to Cisco IOS XE Gibraltar 16.10.1:
Device# debug ilpower powerman
1.	%ILPOWER-3-CONTROLLER_PORT_ERR: Controller port error, Interface Gix/y/z: Power Controller reports power Imax error detected
Mar 8 16:35:17.801: ilpower_power_assign_handle_event: event 0, pwrassign is done by proto CDP
Port Gi1/0/48: Selected Protocol CDP
Mar 8 16:35:17.801: Ilpowerinterface (Gi1/0/48) process tlvfrom cdpINPUT: 
Mar 8 16:35:17.801: power_consumption= 2640, power_request_id= 1, power_man_id= 2, 
Mar 8 16:35:17.801: power_request_level[] = 2640 0 0 0 0
Mar 8 16:35:17.801: 
Mar 8 16:35:17.801: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) power negotiation: consumption = 2640, alloc_power= 2640 
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 2640.
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.115: ILP:: posting ilpslot 1 port 48 event 5 class 0 
Mar 8 16:35:18.115: ILP:: Gi1/0/48: State=NGWC_ILP_LINK_UP_S-6, Event=NGWC_ILP_IMAX_FAULT_EV-5
Mar 8 16:35:18.115: ilpowerdelete power from pdlinkdownGi1/0/48
Mar 8 16:35:18.115: Ilpowerinterface (Gi1/0/48), delete allocated power 2640
Mar 8 16:35:18.116: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 0.
Mar 8 16:35:18.116: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.116: ilpower_notify_lldp_power_via_mdi_tlvGi1/0/48 pwralloc0
Mar 8 16:35:18.116: Gi1/0/48 AUTO PORT PWR Alloc130 Request 130
Mar 8 16:35:18.116: Gi1/0/48: LLDP NOTIFY TLV:
(curr/prev) PSE Allocation: 13000/0
(curr/prev) PD Request : 13000/0
(curr/prev) PD Class : Class 4/
(curr/prev) PD Priority : low/unknown
(curr/prev) Power Type : Type 2 PSE/Type 2 PSE
(curr/prev) mdi_pwr_support: 7/0
(curr/prevPower Pair) : Signal/
(curr/prev) PSE PwrSource : Primary/Unknown
This example shows the output for the debug ilpower powerman command starting Cisco IOS XE Gibraltar 16.10.1. Power Unit (mW) has been added to the power_request_level, PSE Allocation and PD Request. Power_request_level has been enhanced to display only non-zero values.
Device# debug ilpower powerman
1.	%ILPOWER-3-CONTROLLER_PORT_ERR: Controller port error, Interface Gix/y/z: Power Controller reports power Imax error detected
Mar 8 16:35:17.801: ilpower_power_assign_handle_event: event 0, pwrassign is done by proto CDP
Port Gi1/0/48: Selected Protocol CDP
Mar 8 16:35:17.801: Ilpowerinterface (Gi1/0/48) process tlvfrom cdpINPUT: 
Mar 8 16:35:17.801: power_consumption= 2640, power_request_id= 1, power_man_id= 2, 
Mar 8 16:35:17.801: power_request_level(mW) = 2640              <------------------------- mW unit added, non-zero value display
Mar 8 16:35:17.801: 
Mar 8 16:35:17.801: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) power negotiation: consumption = 2640, alloc_power= 2640 
Mar 8 16:35:17.802: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 2640.
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.802: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:17.803: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.115: ILP:: posting ilpslot 1 port 48 event 5 class 0 
Mar 8 16:35:18.115: ILP:: Gi1/0/48: State=NGWC_ILP_LINK_UP_S-6, Event=NGWC_ILP_IMAX_FAULT_EV-5
Mar 8 16:35:18.115: ilpowerdelete power from pdlinkdownGi1/0/48
Mar 8 16:35:18.115: Ilpowerinterface (Gi1/0/48), delete allocated power 2640
Mar 8 16:35:18.116: Ilpowerinterface (Gi1/0/48) setting ICUT_OFF threshold to 0.
Mar 8 16:35:18.116: ILP:: Sending icutoffcurrent msgto slot:1 port:48
Mar 8 16:35:18.116: ilpower_notify_lldp_power_via_mdi_tlvGi1/0/48 pwralloc0
Mar 8 16:35:18.116: Gi1/0/48 AUTO PORT PWR Alloc130 Request 130
Mar 8 16:35:18.116: Gi1/0/48: LLDP NOTIFY TLV:
(curr/prev) PSE Allocation (mW): 13000/0                         <------------------------- mW unit added
(curr/prev) PD Request (mW) : 13000/0                            <------------------------- mW unit added
(curr/prev) PD Class : Class 4/
(curr/prev) PD Priority : low/unknown
(curr/prev) Power Type : Type 2 PSE/Type 2 PSE
(curr/prev) mdi_pwr_support: 7/0
(curr/prevPower Pair) : Signal/
(curr/prev) PSE PwrSource : Primary/Unknown

delete

To delete one or more files from the specified file system, use the delete command in boot loader mode.

delete filesystem:/file-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/file-url...

Path (directory) and filename to delete. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

The device prompts you for confirmation before deleting each file.

Examples

This example shows how to delete two files:


Device: delete usbflash0:test2.text usbflash0:test5.text
Are you sure you want to delete "usbflash0:test2.text" (y/n)?y
File "usbflash0:test2.text" deleted
Are you sure you want to delete "usbflash0:test5.text" (y/n)?y
File "usbflash0:test2.text" deleted 

You can verify that the files were deleted by entering the dir usbflash0: boot loader command.

dir

To display the list of files and directories on the specified file system, use the dir command in boot loader mode.

dir filesystem:/file-url

Syntax Description

filesystem:

Alias for a file system. Use flash: for the system board flash device; use usbflash0: for USB memory sticks.

/file-url

(Optional) Path (directory) and directory name that contain the contents you want to display. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot Loader

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Directory names are case sensitive.

Examples

This example shows how to display the files in flash memory:


Device: dir flash:
Directory of flash:/
    2  -rwx        561   Mar 01 2013 00:48:15  express_setup.debug
    3  -rwx    2160256   Mar 01 2013 04:18:48  c2960x-dmon-mz-150-2r.EX
    4  -rwx       1048   Mar 01 2013 00:01:39  multiple-fs
    6  drwx        512   Mar 01 2013 23:11:42  c2960x-universalk9-mz.150-2.EX
   645 drwx        512   Mar 01 2013 00:01:11  dc_profile_dir
   647 -rwx       4316   Mar 01 2013 01:14:05  config.text
   648 -rwx          5   Mar 01 2013 00:01:39  private-config.text

   96453632 bytes available (25732096 bytes used)
Table 1. dir Field Descriptions

Field

Description

2

Index number of the file.

-rwx

File permission, which can be any or all of the following:

  • d—directory
  • r—readable
  • w—writable
  • x—executable

1644045

Size of the file.

<date>

Last modification date.

env_vars

Filename.

emergency-install

To perform an emergency installation on your system, use the emergency-install command in boot loader mode.

emergency-install url://<url>

Syntax Description

<url>

URL and name of the file containing the emergency installation bundle image.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The boot flash is erased during the installation operation. After you perform the emergency install operation, set the BOOT variable in the ROMMON prompt by using the set BOOT flash:packages.conf command, and run the boot flash:packages.conf command manually in boot loader mode to boot the system. If the BOOT variable is not set in the ROMMON prompt, once the system has booted, set the BOOT variable in the device prompt by using the boot system flash:packages.conf command in global configuration mode.

Examples

This example shows how to perform the emergency install operation using the contents of an image file:


Device: emergency-install tftp:<url> 
The bootflash will be erased during install operation, continue (y/n)?y
Starting emergency recovery (tftp:<url> ...
Reading full image into memory......................done
Nova Bundle Image
--------------------------------------
Kernel Address    : 0x6042d5c8
Kernel Size       : 0x317ccc/3243212
Initramfs Address : 0x60745294
Initramfs Size    : 0xdc6774/14444404
Compression Format: .mzip

Bootable image at @ ram:0x6042d5c8
Bootable image segment 0 address range [0x81100000, 0x81b80000] is in range          \
[0x80180000, 0x90000000].
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
File "sda9:c3850-recovery.bin" uncompressed and installed, entry point: 0x811060f0
Loading Linux kernel with entry point 0x811060f0 ...
Bootloader: Done loading app on core_mask: 0xf

### Launching Linux Kernel (flags = 0x5)



Initiating Emergency Installation of bundle                                          \
tftp:<url> 


Downloading bundle tftp:<url>... 

Validating bundle tftp:<url>... 
Installing bundle tftp:<url>... 
Verifying bundle tftp:<url>... 
Package cat3k_caa-base.SPA.03.02.00SE.pkg is Digitally Signed
Package cat3k_caa-drivers.SPA.03.02.00.SE.pkg is Digitally Signed
Package cat3k_caa-infra.SPA.03.02.00SE.pkg is Digitally Signed
Package cat3k_caa-iosd-universalk9.SPA.150-1.EX.pkg is Digitally Signed
Package cat3k_caa-platform.SPA.03.02.00.SE.pkg is Digitally Signed
Package cat3k_caa-wcm.SPA.10.0.100.0.pkg is Digitally Signed
Preparing flash... 
Syncing device... 
Emergency Install successful... Rebooting
Restarting system.\ufffd


Booting...(use DDR clock 667 MHz)Initializing and Testing RAM                        \
+++@@@@####...++@@++@@++@@++@@++@@++@@++@@++@@done.
Memory Test Pass!

Base ethernet MAC Address: 20:37:06:ce:25:80
Initializing Flash...

flashfs[7]: 0 files, 1 directories
flashfs[7]: 0 orphaned files, 0 orphaned directories
flashfs[7]: Total bytes: 6784000
flashfs[7]: Bytes used: 1024
flashfs[7]: Bytes available: 6782976
flashfs[7]: flashfs fsck took 1 seconds....done Initializing Flash.

The system is not configured to boot automatically. The
following command will finish loading the operating system
software:

    boot

exit

To return to the previous mode or exit from the CLI EXEC mode, use the exit command.

exit

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

This example shows how to exit the configuration mode:

Device(config)# exit
Device#
                                       

factory-reset

To erase all customer-specific data and restore a device to its factory configuration, use the factory-reset command in privileged EXEC mode.


Note


The erasure is consistent with the clear method, as described in NIST SP 800-88 Rev. 1.


factory-reset {all [secure 3-pass] | boot-vars | config}

Syntax Description

all

Erases all the content from the NVRAM, all Cisco IOS images, including the current boot image, boot variables, startup and running configuration data, and user data.

secure 3-pass

Erases all the content from the device with 3-pass overwrite.

  • Pass 1: Overwrites all addressable locations with binary zeroes.

  • Pass 2: Overwrites all addressable locations with binary ones.

  • Pass 3: Overwrites all addressable locations with a random bit pattern.

boot-vars

Erases only the user-added boot variables.

config

Erases only the startup configurations.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Usage Guidelines

The factory-reset command is used in the following scenarios:

  • To return a device to Cisco for Return Material Authorization (RMA), use this command to remove all the customer-specific data before obtaining an RMA certificate for the device.

  • If the key information or credentials that are stored on a device is compromised, use this command to reset the device to factory configuration, and then reconfigure the device.

After the factory reset process is successfully completed, the device reboots and enters ROMMON mode.

Examples

The following example shows how to erase all the content from a device using the factory-reset all command:

Device> enable
Device# factory-reset all

The factory reset operation is irreversible for all operations. Are you sure? [confirm]
The following will be deleted as a part of factory reset:
1: Crash info and logs
2: User data, startup and running configuration
3: All IOS images, including the current boot image
4: OBFL logs
5: User added rommon variables
6: Data on Field Replaceable Units(USB/SSD/SATA)
The system will reload to perform factory reset.
It will take some time to complete and bring it to rommon.
You will need to load IOS image using USB/TFTP from rommon after
this operation is completed.
DO NOT UNPLUG THE POWER OR INTERRUPT THE OPERATION
Are you sure you want to continue? [confirm] 

flash_init

To initialize the flash: file system, use the flash_init command in boot loader mode.

flash_init

Syntax Description

This command has no arguments or keywords.

Command Default

The flash: file system is automatically initialized during normal system operation.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

During the normal boot process, the flash: file system is automatically initialized.

Use this command to manually initialize the flash: file system. For example, you use this command during the recovery procedure for a lost or forgotten password.

help

To display the available commands, use the help command in boot loader mode.

help

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

This example shows how to display a list of available boot loader commands:


Device:help
? -- Present list of available commands
arp -- Show arp table or arp-resolve an address
boot -- Load and boot an executable image
cat -- Concatenate (type) file(s)
copy -- Copy a file
delete -- Delete file(s)
dir -- List files in directories
emergency-install -- Initiate Disaster Recovery
...
...
...
unset -- Unset one or more environment variables
version -- Display boot loader version

install

To install Software Maintenance Upgrade (SMU) packages, use the install command in privileged EXEC mode.

install {abort | activate | file {bootflash: | flash: | harddisk: | webui:} [auto-abort-timer timer timer prompt-level {all | none}] | add file {bootflash: | flash: | ftp: | harddisk: | http: | https: | rcp: | scp: | tftp: | webui:} [activate [auto-abort-timer timer prompt-level {all | none}commit]] | commit | auto-abort-timer stop | deactivate file {bootflash: | flash: | harddisk: | webui:} | label id {description description | label-name name} | remove {file {bootflash: | flash: | harddisk: | webui:} | inactive } | | rollback to {base | committed | id {install-ID } | label {label-name}}}

Syntax Description

abort

Terminates the current install operation.

activate

Validates whether the SMU is added through the install add command.

This keyword runs a compatibility check, updates package status, and if the package can be restarted, triggers post-install scripts to restart the necessary processes, or triggers a reload for nonrestartable packages.

file

Specifies the package to be activated.

{bootflash: | flash: | harddisk: | webui:}

Specifies the location of the installed package.

auto-abort-timer timer

(Optional) Installs an auto-abort timer.

prompt-level {all | none}

(Optional) Prompts a user about installation activities.

For example, the activate keyword automatically triggers a reload for packages that require a reload. Before activating the package, a message prompts users about wanting to continue or not.

The all keyword allows you to enable prompts. The none keyword disables prompts.

add

Copies files from a remote location (through FTP or TFTP) to a device and performs SMU compatibility check for the platform and image versions.

This keyword runs base compatibility checks to ensure that a specified package is supported on a platform.

{ bootflash: | flash: |ftp: |harddisk: |http: |https: | rcp: | scp: | tftp: |webui:}

Specifies the package to be added.

commit

Makes SMU changes persistent over reloads.

You can perform a commit after activating a package while the system is up, or after the first reload. If a package is activated, but not committed, it remains active after the first reload, but not after the second reload.

auto-abort-timer stop

Stops the auto-abort timer.

deactivate

Deactivates an installed package.

Note

 

Deactivating a package also updates the package status and might trigger a process restart or reload.

label id

Specifies the ID of the install point to label.

description

Adds a description to the specified install point.

label-name name

Adds a label name to the specified install point.

remove

Removes the installed packages.

The remove keyword can only be used on packages that are currently inactive.

inactive

Removes all the inactive packages from the device.

rollback

Rolls back the data model interface (DMI) package SMU to the base version, the last committed version, or a known commit ID.

to base

Returns to the base image.

committed

Returns to the installation state when the last commit operation was performed.

id install-ID

Returns to the specific install point ID. Valid values are from 1 to 4294967295.

Command Default

Packages are not installed.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Cisco IOS XE Fuji 16.9.1

Hot-patching support is introduced. Sample output updated with hot SMU outputs.

Usage Guidelines

An SMU is a package that can be installed on a system to provide a patch fix or security resolution to a released image. This package contains a minimal set of files for patching the release along with metadata that describes the contents of the package.

Packages must be added before the SMU is activated.

A package must be deactivated before it is removed from Flash. A removed packaged must be added again.

Examples

The following example shows how to add an install package to a device:

Device# install add file flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin

install_add: START Mon Mar  5 21:48:51 PST 2018
install_add: Adding SMU

--- Starting initial file syncing ---
Info: Finished copying flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin to the selected switch(es)
Finished initial file syncing

Executing pre scripts....

Executing pre scripts done.
--- Starting SMU Add operation ---
Performing SMU_ADD on all members
  [1] SMU_ADD package(s) on switch 1
  [1] Finished SMU_ADD on switch 1
Checking status of SMU_ADD on [1]
SMU_ADD: Passed on [1]
Finished SMU Add operation

SUCCESS: install_add /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:49:00 PST 2018

The following example shows how to activate an install package:

Device# install activate file flash:cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin

install_activate: START Mon Mar  5 21:49:22 PST 2018
install_activate: Activating SMU
Executing pre scripts....

Executing pre sripts done.

--- Starting SMU Activate operation ---
Performing SMU_ACTIVATE on all members
  [1] SMU_ACTIVATE package(s) on switch 1
  [1] Finished SMU_ACTIVATE on switch 1
Checking status of SMU_ACTIVATE on [1]
SMU_ACTIVATE: Passed on [1]
Finished SMU Activate operation

SUCCESS: install_activate /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:49:34 PST 2018

The following example shows how to commit an installed package:

Device# install commit

install_commit: START Mon Mar  5 21:50:52 PST 2018
install_commit: Committing SMU
Executing pre scripts....

Executing pre sripts done.
--- Starting SMU Commit operation ---
Performing SMU_COMMIT on all members
  [1] SMU_COMMIT package(s) on switch 1
  [1] Finished SMU_COMMIT on switch 1
Checking status of SMU_COMMIT on [1]
SMU_COMMIT: Passed on [1]
Finished SMU Commit operation

SUCCESS: install_commit /flash/cat9k_iosxe.BLD_SMU_20180302_085005_TWIG_LATEST_20180306_013805.3.SSA.smu.bin Mon Mar  5 21:51:01 PST 2018

l2 traceroute

To enable the Layer 2 traceroute server, use the l2 traceroute command in global configuration mode. Use the no form of this command to disable the Layer 2 traceroute server.

l2 traceroute

no l2 traceroute

Syntax Description

This command has no arguments or keywords.

Command Modes

Global configuration (config#)

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

The command was introduced.

Usage Guidelines

Layer 2 traceroute is enabled by default and opens a listening socket on User Datagram Protocol (UDP) port 2228. To close the UDP port 2228 and disable Layer 2 traceroute, use the no l2 traceroute command in global configuration mode.

Examples

The following example shows how to configure Layer 2 traceroute using the l2 traceroute command.


Device# configure terminal
Device(config)# l2 traceroute

license boot level

To boot a new software license on the device, use the license boot level command in global configuration mode. Use the no form of this command to remove all software licenses from the device.

license boot level base-license-level addon addon-license-level

no license boot level

Syntax Description

base-license-level

Level at which the switch is booted, for example, network-essentials

Base licenses that are available are:

  • Network Essentials

  • Network Advantage (includes Network Essentials)

addon-license-level

Additional licenses that can be subscribed for a fixed term of three, five, or seven years.

Add-on licenses that are available are:

  • Digital Networking Architecture (DNA) Essentials

  • DNA Advantage (includes DNA Essentials)

Command Default

The switch boots the configured image.

Command Modes

Global configuration (config)

Command History

Release

Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

Use the license boot level command for these purposes:

  • Downgrade or upgrade licenses

  • Enable or disable an evaluation or extension license

  • Clear an upgrade license

This command forces the licensing infrastructure to boot the configured license level instead of the license hierarchy maintained by the licensing infrastructure for a given module:

  • When the switch reloads, the licensing infrastructure checks the configuration in the startup configuration for licenses, if any. If there is a license in the configuration, the switch boots with that license. If there is no license, the licensing infrastructure follows the image hierarchy to check for licenses.

  • If the forced boot evaluation license expires, the licensing infrastructure follows the regular hierarchy to check for licenses.

  • If the configured boot license has already expired, the licensing infrastructure follows the hierarchy to check for licenses.

Examples

The following example shows how to activate the network-essentals license on a switch at the next reload:


Device(config)# license boot level network-essentals

license smart deregister

To cancel device registration from Cisco Smart Software Manager (CSSM), use the license smart deregister command in privileged EXEC mode.

license smart deregister

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

Use the license smart deregister command for these purposes:

  • When your device is taken off the inventory

  • When your device is shipped elsewhere for redeployment

  • When your device is returned to Cisco for replacement using the return merchandise authorization (RMA) process

Examples

This example shows how to deregister a device from CSSM:
Device# license smart deregister
*Jun 25 00:20:13.291 PDT: %SMART_LIC-6-AGENT_DEREG_SUCCESS: Smart Agent for Licensing De-registration with the Cisco Smart Software Manager or satellite was successful
*Jun 25 00:20:13.291 PDT: %SMART_LIC-5-EVAL_START: Entering evaluation period
*Jun 25 00:20:13.291 PDT: %SMART_LIC-6-EXPORT_CONTROLLED: Usage of export controlled features is Not Allowed for udi PID:ISR4461/K9,SN:FDO2213A0GL

license smart register idtoken

To register a device with the token generated from Cisco Smart Software Manager (CSSM), use the license smart register idtoken command in privileged EXEC mode.

license smart register idtoken token_ID {force}

Syntax Description

token_ID

Device with the token generated from CSSM.

force

Forcefully registers your device irrespective of whether the device is registered or not.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows how to register a device on CSSM:

Device# license smart register idtoken $Tl4UytrNXBzbEs1ck8veUtWaG5abnZJOFdDa1FwbVRa%0AblRMbz0%3D%0A
Registration process is in progress. Use the 'show license status' command to check the progress and result
Device#% Generating 2048 bit RSA keys, keys will be exportable...
[OK] (elapsed time was 0 seconds)

license smart renew

To manually renew your device's ID or authorization with Cisco Smart Software Manager (CSSM), use the license smart renew command in privileged EXEC mode.

license smart renew {auth | id}

Syntax Description

auth

Renews your authorization.

id

Renews your ID.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

Authorization periods are renewed by the smart licensing system every 30 days. As long as the license is in an Authorized or Out of compliance state, the authorization period is renewed. The grace period starts when an authorization period expires. During the grace period or when the license is in the Expired state, the system continues to try and renew the authorization period. If a retry is successful, a new authorization period starts.

Examples

This example shows how to renew a device license:

Device# license smart renew auth

location

To configure location information for an endpoint, use the location command in global configuration mode. To remove the location information, use the no form of this command.

location {admin-tag string | civic-location identifier {host | id} | civic-location identifier {host | id} | elin-location { string | identifier id} | geo-location identifier {host | id} | prefer{ cdp weight priority-value| lldp-med weight priority-value| static config weight priority-value}

no location {admin-tag string | civic-location identifier {host | id} | civic-location identifier {host | id} | elin-location { string | identifier id} | geo-location identifier {host | id} | prefer{ cdp weight priority-value| lldp-med weight priority-value| static config weight priority-value}

Syntax Description

admin-tagstring

Configures administrative tag or site information. Site or location information in alphanumeric format.

civic-location

Configures civic location information.

identifier

Specifies the name of the civic location, emergency, or geographical location.

host

Defines the host civic or geo-spatial location.

id

Name of the civic, emergency, or geographical location.

Note

 

The identifier for the civic location in the LLDP-MED switch TLV is limited to 250 bytes or less. To avoid error messages about available buffer space during switch configuration, be sure that the total length of all civic-location information specified for each civic-location identifier does not exceed 250 bytes.

elin-location

Configures emergency location information (ELIN).

geo-location

Configures geo-spatial location information.

prefer

Sets location information source priority.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

After entering the location civic-location identifier global configuration command, you enter civic location configuration mode. After entering the location geo-location identifier global configuration command, you enter geo location configuration mode.

The civic-location identifier must not exceed 250 bytes.

The host identifier configures the host civic or geo-spatial location. If the identifier is not a host, the identifier only defines a civic location or geo-spatial template that can be referenced on the interface.

The host keyword defines the device location. The civic location options available for configuration using the identifier and the host keyword are the same. You can specify the following civic location options in civic location configuration mode:

  • additional-code—Sets an additional civic location code.
  • additional-location-information—Sets additional civic location information.
  • branch-road-name—Sets the branch road name.
  • building—Sets building information.
  • city—Sets the city name.
  • country—Sets the two-letter ISO 3166 country code.
  • county—Sets the county name.
  • default—Sets a command to its defaults.
  • division—Sets the city division name.
  • exit—Exits from the civic location configuration mode.
  • floor—Sets the floor number.
  • landmark—Sets landmark information.
  • leading-street-dir—Sets the leading street direction.
  • name—Sets the resident name.
  • neighborhood—Sets neighborhood information.
  • no—Negates the specified civic location data and sets the default value.
  • number—Sets the street number.
  • post-office-box—Sets the post office box.
  • postal-code—Sets the postal code.
  • postal-community-name—Sets the postal community name.
  • primary-road-name—Sets the primary road name.
  • road-section—Sets the road section.
  • room—Sets room information.
  • seat—Sets seat information.
  • state—Sets the state name.
  • street-group—Sets the street group.
  • street-name-postmodifier—Sets the street name postmodifier.
  • street-name-premodifier—Sets the street name premodifier.
  • street-number-suffix—Sets the street number suffix.
  • street-suffix—Sets the street suffix.
  • sub-branch-road-name—Sets the sub-branch road name.
  • trailing-street-suffix—Sets the trailing street suffix.
  • type-of-place—Sets the type of place.
  • unit—Sets the unit.

You can specify the following geo-spatial location information in geo-location configuration mode:

  • altitude—Sets altitude information in units of floor, meters, or feet.
  • latitude—Sets latitude information in degrees, minutes, and seconds. The range is from -90 degrees to 90 degrees. Positive numbers indicate locations north of the equator.
  • longitude—Sets longitude information in degrees, minutes, and seconds. The range is from -180 degrees to 180 degrees. Positive numbers indicate locations east of the prime meridian.
  • resolution—Sets the resolution for latitude and longitude. If the resolution value is not specified, default value of 10 meters is applied to latitude and longitude resolution parameters. For latitude and longitude, the resolution unit is measured in meters. The resolution value can also be a fraction.
  • default—Sets the geographical location to its default attribute.
  • exit—Exits from geographical location configuration mode.
  • no—Negates the specified geographical parameters and sets the default value.

Use the no lldp med-tlv-select location information interface configuration command to disable the location TLV. The location TLV is enabled by default.

Examples

This example shows how to configure civic location information on the switch:

Device(config)# location civic-location identifier 1
Device(config-civic)# number 3550
Device(config-civic)# primary-road-name “Cisco Way”
Device(config-civic)# city “San Jose”
Device(config-civic)# state CA
Device(config-civic)# building 19
Device(config-civic)# room C6
Device(config-civic)# county “Santa Clara”
Device(config-civic)# country US
Device(config-civic)# end

You can verify your settings by entering the show location civic-location privileged EXEC command.

This example shows how to configure the emergency location information on the switch:

Device(config)# location elin-location 14085553881 identifier 1

You can verify your settings by entering the show location elin privileged EXEC command.

The example shows how to configure geo-spatial location information on the switch:

Device(config)# location geo-location identifier host
Device(config-geo)# latitude 12.34
Device(config-geo)# longitude 37.23
Device(config-geo)# altitude 5 floor
Device(config-geo)# resolution 12.34

You can use the show location geo-location identifier command to display the configured geo-spatial location details.

location plm calibrating

To configure path loss measurement (CCX S60) request for calibrating clients, use the location plm calibrating command in global configuration mode.

location plm calibrating {multiband | uniband}

Syntax Description

multiband

Specifies the path loss measurement request for calibrating clients on the associated 802.11a or 802.11b/g radio.

uniband

Specifies the path loss measurement request for calibrating clients on the associated 802.11a/b/g radio.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The uniband is useful for single radio clients (even if the radio is a dual band and can operate in the 2.4-GHz and the 5-GHz bands). The multiband is useful for multiple radio clients.

Examples

This example shows how to configure the path loss measurement request for calibrating clients on the associated 802.11a/b/g radio:


Device# configure terminal
Device(config)# location plm calibrating uniband
Device(config)# end
                                             
                                             

mac address-table move update

To enable the MAC address table move update feature, use the mac address-table move update command in global configuration mode on the switch stack or on a standalone switch. To return to the default setting, use the no form of this command.

mac address-table move update {receive | transmit}

no mac address-table move update {receive | transmit}

Syntax Description

receive

Specifies that the switch processes MAC address-table move update messages.

transmit

Specifies that the switch sends MAC address-table move update messages to other switches in the network if the primary link goes down and the standby link comes up.

Command Default

By default, the MAC address-table move update feature is disabled.

Command Modes

Global configuration

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The MAC address-table move update feature allows the switch to provide rapid bidirectional convergence if a primary (forwarding) link goes down and the standby link begins forwarding traffic.

You can configure the access switch to send the MAC address-table move update messages if the primary link goes down and the standby link comes up. You can configure the uplink switches to receive and process the MAC address-table move update messages.

Examples

This example shows how to configure an access switch to send MAC address-table move update messages:


Device# configure terminal
Device(config)# mac address-table move update transmit
Device(config)# end

This example shows how to configure an uplink switch to get and process MAC address-table move update messages:


Device# configure terminal
Device(config)# mac address-table move update receive
Device(config)# end

You can verify your setting by entering the show mac address-table move update privileged EXEC command.

mgmt_init

To initialize the Ethernet management port, use the mgmt_init command in boot loader mode.

mgmt_init

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Use the mgmt_init command only during debugging of the Ethernet management port.

Examples

This example shows how to initialize the Ethernet management port:


Device: mgmt_init

mkdir

To create one or more directories on the specified file system, use the mkdir command in boot loader mode.

mkdir filesystem:/directory-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/directory-url...

Name of the directories to create. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Examples

This example shows how to make a directory called Saved_Configs:


Device: mkdir usbflash0:Saved_Configs
Directory "usbflash0:Saved_Configs" created

more

To display the contents of one or more files, use the more command in boot loader mode.

more filesystem:/file-url...

Syntax Description

filesystem:

Alias for a file system. Use flash: for the system board flash device.

/file-url...

Path (directory) and name of the files to display. Separate each filename with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

If you specify a list of files, the contents of each file appears sequentially.

Examples

This example shows how to display the contents of a file:


Device: more flash:image_file_name
version_suffix: universal-122-xx.SEx
version_directory: image_file_name
image_system_type_id: 0x00000002
image_name: image_file_name.bin
ios_image_file_size: 8919552
total_image_file_size: 11592192
image_feature: IP|LAYER_3|PLUS|MIN_DRAM_MEG=128
image_family: family
stacking_number: 1.34
board_ids: 0x00000068 0x00000069 0x0000006a 0x0000006b 
info_end:

no debug all

To disable debugging on a switch, use the no debug all command in Privileged EXEC mode.

no debug all

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Examples

This example shows how to disable debugging on a switch.


Device: no debug all
All possible debugging has been turned off.

rename

To rename a file, use the rename command in boot loader mode.

rename filesystem:/source-file-url filesystem:/destination-file-url

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/source-file-url

Original path (directory) and filename.

/destination-file-url

New path (directory) and filename.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Filenames and directory names are case sensitive.

Directory names are limited to 127 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Filenames are limited to 127 characters; the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Examples

This example shows a file named config.text being renamed to config1.text:


Device: rename usbflash0:config.text usbflash0:config1.text

You can verify that the file was renamed by entering the dir filesystem: boot loader command.

request consent-token accept-response shell-access

To submit the Consent Token response to a previously generated challenge, use the request consent-token accept-response shell-access command.

request consent-token accept-response shell-access response-string

Syntax Description

Syntax

Description

response-string

Specifies the character string representing the response.

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

You must enter the response string within 30 minutes of challenge generation. If it is not entered, the challenge expires and a new challenge must be requested.

Example

The following is sample output from the request consent-token accept-response shell-access response-string command:

Device# request consent-token accept-response shell-access lR1y2AAUKFcAAAABAAABYlVDZ2d6MnkxL3JxTTJSSC9FZE5aWnRSa1FteS9POWZqRUNlTk1LL3VoUWxTc0FsOHl5OW5vckQ4YWVOelpZZGYNCkNpWHY0b1B4Q000UGs1M2ZEMUpoazBCUkYyM3FML1A2ckVjM3paR05wdHcvck95UVduYUVuTnA5bnhIZ09CNE0NCjBmVjh4b3I4TzE3aHNMaU1JeDQ3YWtkdE9Xb0JhTmlzMVRweFBVZE93QUxvZDVEbmo4UEtiR01VVUM5b3lZWXQNCjFIRnJPbXczcmpsZTJHUnIxOWJUNkZLTWlpZ0ZmbENVRWo4K2xoaXgxS0ZtdDVPcDBYczVPSU43L0dSK1pGTnoNCmYxTUtjaW1OWDhWTTNLQ0ZWNURHU3pIenF1UFBxZVNDU0xLNkhXUTFROTlFMXJVakdlZ1NqTWxnNFlySkJYL0wNCnpaTDVVRnVFdWpRWDdDUThIdkVPM1E9PQ==
% Consent token authorization success
*Jan 18 02:51:37.807: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (authentication success: Shell access 0).

request consent-token generate-challenge shell-access

To generate a Consent Token challenge for system shell access, use the request consent-token generate-challenge shell-access command.

request consent-token generate-challenge shell-access auth-timeout time-validity-slot

Syntax Description

Syntax

Description

auth-timeout time-validity-slot

Specifies the time slot in minutes for which shell-access is requested.

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

When the requested time-slot for system shell expires, the session gets terminated automatically.

The maximum authorization timeout for system shell access is seven days.

Example

The following is sample output from the request consent-token generate-challenge shell-access auth-timeout time-validity-slot command:

Device# request consent-token generate-challenge shell-access auth-timeout 900
zSSdrAAAAQEBAAQAAAABAgAEAAAAAAMACH86csUhmDl0BAAQ0Fvd7CxqRYUeoD7B4AwW7QUABAAAAG8GAAhDVEFfREVNTwcAGENUQV9ERU1PX0NUQV9TSUdOSU5HX0tFWQgAC0M5ODAwLUNMLUs5CQALOVpQUEVESE5KRkI=
Device#
*Jan 18 02:47:06.733: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (challenge generation attempt: Shell access 0).

request consent-token terminate-auth

To terminate the Consent Token based authorization to system shell, use the request consent-token terminate-auth command.

request consent-token terminate-auth

Command Modes

Privileged EXEC mode (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.11.1

This command was introduced.

Usage Guidelines

In system shell access scenario, exiting the shell does not terminate authorization until the authorization timeout occurs.

We recommend that you force terminate system shell authorization by explicitly issuing the request consent-token terminate-auth command once the purpose of system shell access is complete.

If the current authentication is terminated using the request consent-token terminate-auth command, the user will have to repeat the authentication process to gain access to system shell.

Example

The following is sample output from the request consent-token terminate-auth command:

Device# request consent-token terminate-auth shell-access
% Consent token authorization termination success

Device#
*Mar 13 01:45:39.197: %CTOKEN-6-AUTH_UPDATE: Consent Token Update (terminate authentication: Shell access 0).
Device#

request platform software console attach switch

To start a session on a member switch, use the request platform software console attach switch command in privileged EXEC mode.


Note


On stacking switches (Catalyst 3650/3850/9200/9300 switches), this command can only be used to start a session on the standby console. On Catalyst 9500 switches, this command is supported only in a stackwise virtual setup. You cannot start a session on member switches. By default, all consoles are already active, so a request to start a session on the active console will result in an error.


request platform software console attach switch { switch-number | active | standby } { 0/0 | R0 }

Syntax Description

switch-number

Specifies the switch number. The range is from 1 to 9.

active

Specifies the active switch.

Note

 

This argument is not supported on Catalyst 9500 switches.

standby

Specifies the standby switch.

0/0

Specifies that the SPA-Inter-Processor slot is 0, and bay is 0.

Note

 

Do not use this option with stacking switches. It will result in an error.

R0

Specifies that the Route-Processor slot is 0.

Command Default

By default, all switches in the stack are active.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

To start a session on the standby switch, you must first enable it in the configuration.

Examples

This example shows how to session to the standby switch:


Device# configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
Device(config)# redundancy
Device(config-red)# main-cpu
Device(config-r-mc)# standby console enable 
Device(config-r-mc)# end
Device# request platform software console attach switch standby R0
#
# Connecting to the IOS console on the route-processor in slot 0.
# Enter Control-C to exit.
#
Device-stby> enable
Device-stby#

reset

To perform a hard reset on the system, use the reset command in boot loader mode. A hard reset is similar to power-cycling the device; it clears the processor, registers, and memory.

reset

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

This example shows how to reset the system:


Device: reset
Are you sure you want to reset the system (y/n)? y
System resetting...

rmdir

To remove one or more empty directories from the specified file system, use the rmdir command in boot loader mode.

rmdir filesystem:/directory-url...

Syntax Description

filesystem:

Alias for a file system. Use usbflash0: for USB memory sticks.

/directory-url...

Path (directory) and name of the empty directories to remove. Separate each directory name with a space.

Command Default

No default behavior or values.

Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Directory names are case sensitive and limited to 45 characters between the slashes (/); the name cannot contain control characters, spaces, deletes, slashes, quotes, semicolons, or colons.

Before removing a directory, you must first delete all of the files in the directory.

The device prompts you for confirmation before deleting each directory.

Examples

This example shows how to remove a directory:


Device: rmdir usbflash0:Test

You can verify that the directory was deleted by entering the dir filesystem: boot loader command.

sdm prefer

To specify the SDM template for use on the switch, use the sdm prefer command in global configuration mode.

sdm prefer { access}

Syntax Description

access

Specifies the SDM access template.

Command Default

No default behavior or values.

Command Modes

Global configuration

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

In a stack, all stack members must use the same SDM template that is stored on the active .

When a new is added to a stack, the SDM configuration that is stored on the active overrides the template configured on an individual .

Examples

This example shows how to configure the access template:


Device(config)# sdm prefer access
Device(config)# exit
Device# reload

service private-config-encryption

To enable private configuration file encryption, use the service private-config-encryption command. To disable this feature, use the no form of this command.

service private-config-encryption

no service private-config-encryption

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

Global configuration (config)

Command History

Release Modification

Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Examples

The following example shows how to enable private configuration file encryption:


Device> enable
Device# configure terminal
Device(config)# service private-config-encryption

set

To set or display environment variables, use the set command in boot loader mode. Environment variables can be used to control the boot loader or any other software running on the device.

set variable value

Syntax Description

variable value

Use one of the following keywords for variable and the appropriate value for value :

MANUAL_BOOT —Decides whether the device boots automatically or manually.

Valid values are 1/Yes and 0/No. If it is set to 0 or No, the boot loader attempts to automatically boot the system. If it is set to anything else, you must manually boot the device from the boot loader mode.

BOOT filesystem:/file-url —Identifies a semicolon-separated list of executable files to try to load and execute when automatically booting.

If the BOOT environment variable is not set, the system attempts to load and execute the first executable image it can find by using a recursive, depth-first search through the flash: file system. If the BOOT variable is set but the specified images cannot be loaded, the system attempts to boot the first bootable file that it can find in the flash: file system.

ENABLE_BREAK —Allows the automatic boot process to be interrupted when the user presses the Break key on the console.

Valid values are 1, Yes, On, 0, No, and Off. If set to 1, Yes, or On, you can interrupt the automatic boot process by pressing the Break key on the console after the flash: file system has initialized.

HELPER filesystem:/file-url —Identifies a semicolon-separated list of loadable files to dynamically load during the boot loader initialization. Helper files extend or patch the functionality of the boot loader.

PS1 prompt —Specifies a string that is used as the command-line prompt in boot loader mode.

CONFIG_FILE flash: /file-url —Specifies the filename that Cisco IOS uses to read and write a nonvolatile copy of the system configuration.

BAUD rate —Specifies the number of bits per second (b/s) that is used for the baud rate for the console. The Cisco IOS software inherits the baud rate setting from the boot loader and continues to use this value unless the configuration file specifies another setting. The range is from 0 to 128000 b/s. Valid values are 50, 75, 110, 150, 300, 600, 1200, 1800, 2000, 2400, 3600, 4800, 7200, 9600, 14400, 19200, 28800, 38400, 56000, 57600, 115200, and 128000.

The most commonly used values are 300, 1200, 2400, 9600, 19200, 57600, and 115200.

SWITCH_NUMBER stack-member-number —Changes the member number of a stack member.

SWITCH_PRIORITY priority-number —Changes the priority value of a stack member.

Command Default

The environment variables have these default values:

MANUAL_BOOT: No (0)

BOOT: Null string

ENABLE_BREAK: No (Off or 0) (the automatic boot process cannot be interrupted by pressing the Break key on the console).

HELPER: No default value (helper files are not automatically loaded).

PS1 device:

CONFIG_FILE: config.text

BAUD: 9600 b/s

SWITCH_NUMBER: 1

SWITCH_PRIORITY: 1


Note


Environment variables that have values are stored in the flash: file system in various files. Each line in the files contains an environment variable name and an equal sign followed by the value of the variable.

A variable has no value if it is not listed in these files; it has a value if it is listed even if the value is a null string. A variable that is set to a null string (for example, “ ”) is a variable with a value.

Many environment variables are predefined and have default values.


Command Modes

Boot loader

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Environment variables are case sensitive and must be entered as documented.

Environment variables that have values are stored in flash memory outside of the flash: file system.

Under typical circumstances, it is not necessary to alter the setting of the environment variables.

The MANUAL_BOOT environment variable can also be set by using the boot manual global configuration command.

The BOOT environment variable can also be set by using the boot system filesystem:/file-url global configuration command.

The ENABLE_BREAK environment variable can also be set by using the boot enable-break global configuration command.

The HELPER environment variable can also be set by using the boot helper filesystem: / file-url global configuration command.

The CONFIG_FILE environment variable can also be set by using the boot config-file flash: /file-url global configuration command.

The SWITCH_NUMBER environment variable can also be set by using the switch current-stack-member-number renumber new-stack-member-number global configuration command.

The SWITCH_PRIORITY environment variable can also be set by using the device stack-member-number priority priority-number global configuration command.

The boot loader prompt string (PS1) can be up to 120 printable characters not including the equal sign (=).

Examples

This example shows how to set the SWITCH_PRIORITY environment variable:


Device: set SWITCH_PRIORITY 2 

You can verify your setting by using the set boot loader command.

show avc client

To display information about top number of applications, use the show avc client command in privileged EXEC mode.

show avc client client-mac top n application [ aggregate | upstream | downstream]

Syntax Description

client client-mac

Specifies the client MAC address.

top n application

Specifies the number of top "N" applications for the given client.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

This command was introduced.

Examples

The following is sample output from the show avc client command:

# sh avc client 0040.96ae.65ec top 10 application aggregate

Cumulative Stats:

No.  AppName      Packet-Count    Byte-Count       AvgPkt-Size     usage%
---------------------------------------------------------------------------
1    skinny          7343           449860           61             94
2    unknown         99             13631            137            3
3    dhcp            18             8752             486            2
4    http            18             3264             181            1
5    tftp            9              534              59             0
6    dns             2              224              112            0

Last Interval(90 seconds) Stats:

No.  AppName     Packet-Count     Byte-Count       AvgPkt-Size      usage%
----------------------------------------------------------------------------
1    skinny          9              540              60              100

show cable-diagnostics tdr

To display the Time Domain Reflector (TDR) results, use the show cable-diagnostics tdr command in privileged EXEC mode.

show cable-diagnostics tdr interface interface-id

Syntax Description

interface-id

Specifies the interface on which TDR is run.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

TDR is supported only on 10/100/100 copper Ethernet ports. It is not supported on 10-Gigabit Ethernet ports and small form-factor pluggable (SFP) module ports.

Examples

This example shows the output from the show cable-diagnostics tdr interface interface-id command on a device:


Device# show cable-diagnostics tdr interface gigabitethernet1/0/23
		TDR test last run on: March 01 00:04:08 
		Interface  Speed  Local pair  Pair length         Remote pair   Pair status
		--------- ----- ---------- ------------------ ----------- --------------------
		Gi1/0/23   1000M  Pair A      1    +/- 1 meters   Pair A        Normal
		                  Pair B      1    +/- 1 meters   Pair B        Normal 
		                  Pair C      1    +/- 1 meters   Pair C        Normal 
		                  Pair D      1    +/- 1 meters   Pair D        Normal 

Table 2. Field Descriptions for the show cable-diagnostics tdr Command Output

Field

Description

Interface

The interface on which TDR is run.

Speed

The speed of connection.

Local pair

The name of the pair of wires that TDR is testing on the local interface.

Pair length

The location of the problem on the cable, with respect to your device. TDR can only find the location in one of these cases:

  • The cable is properly connected, the link is up, and the interface speed is 1000 Mb/s.
  • The cable is open.
  • The cable has a short.

Remote pair

The name of the pair of wires to which the local pair is connected. TDR can learn about the remote pair only when the cable is properly connected and the link is up.

Pair status

The status of the pair of wires on which TDR is running:

  • Normal—The pair of wires is properly connected.
  • Not completed—The test is running and is not completed.
  • Not supported—The interface does not support TDR.
  • Open—The pair of wires is open.
  • Shorted—The pair of wires is shorted.
  • ImpedanceMis—The impedance is mismatched.
  • Short/Impedance Mismatched—The impedance mismatched or the cable is short.
  • InProgress—The diagnostic test is in progress.

This example shows the output from the show interface interface-id command when TDR is running:


Device# show interface gigabitethernet1/0/2
		gigabitethernet1/0/2 is up, line protocol is up (connected: TDR in Progress)
		

This example shows the output from the show cable-diagnostics tdr interface interface-id command when TDR is not running:


# show cable-diagnostics tdr interface gigabitethernet1/0/2
		% TDR test was never issued on gigabitethernet1/0/2
		

If an interface does not support TDR, this message appears:


% TDR test is not supported on device 1

show debug

To display all the debug commands available on a switch, use the show debug command in Privileged EXEC mode.

show debug

show debug condition Condition identifier | All conditions

Syntax Description

Condition identifier

Sets the value of the condition identifier to be used. Range is between 1 and 1000.

All conditions

Shows all conditional debugging options available.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Release 16.1

This command was introduced.

Usage Guidelines

Because debugging output is assigned high priority in the CPU process, it can render the system unusable. For this reason, use debug commands only to troubleshoot specific problems or during troubleshooting sessions with Cisco technical support staff. Moreover, it is best to use debug commands during periods of lower network traffic and fewer users. Debugging during these periods decreases the likelihood that increased debug command processing overhead will affect system use.

Examples

This example shows the output of a show debug command:


Device# show debug condition all

To disable debugging, use the no debug all command.

show env

To display fan, temperature, and power information for the switch (standalone switch, stack's active switch, or stack member), use the show env command in EXEC modes.

show env { all | fan | power [ all | switch [ switch-number]] | stack [ stack-number ] | temperature [ status] }

Syntax Description

all

Displays fan, temperature and power environmental status.

fan

Displays the switch fan status.

power

Displays the power supply status.

all

(Optional) Displays the status for all power supplies.

switch switch-number

(Optional) Displays the power supply status for a specific switch.

stack switch-number

(Optional) Displays all environmental status for each switch in the stack or for a specified switch. The range is 1 to 9, depending on the switch member numbers in the stack.

temperature

Displays the switch temperature status.

status

(Optional) Displays the temperature status and threshold values.

Command Default

No default behavior or values.

Command Modes

User EXEC

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

Use the show env stack [switch-number] command to display information about any switch in the stack from any member switch.

Use the show env temperature status command to display the switch temperature states and threshold levels.

Examples

This example shows how to display information about stack member 1 from the active switch:


Device> show env stack 1
Device 1:
Device Fan 1 is OK
Device Fan 2 is OK
Device Fan 3 is OK
FAN-PS1 is OK
FAN-PS2 is NOT PRESENT
Device 1: SYSTEM TEMPERATURE is OK
Temperature Value: 32 Degree Celsius
Temperature State: GREEN
Yellow Threshold : 41 Degree Celsius
Red Threshold : 56 Degree Celsius

Device>


This example shows how to display temperature value, state, and threshold values:


Device> show env temperature status
Temperature Value: 32 Degree Celsius
Temperature State: GREEN
Yellow Threshold : 41 Degree Celsius
Red Threshold : 56 Degree Celsius

Device>

Table 3. States in the show env temperature status Command Output

State

Description

Green

The switch temperature is in the normal operating range.

Yellow

The temperature is in the warning range. You should check the external temperature around the switch.

Red

The temperature is in the critical range. The switch might not run properly if the temperature is in this range.

show env xps

To display budgeting, configuration, power, and system power information for the Cisco eXpandable Power System (XPS) 2200, use the show env xps command in privileged EXEC mode.

show env xps { budgeting | configuration | port [ all | number ] | power | system | thermal | upgrade | version }

Syntax Description

budgeting

Displays XPS power budgeting, the allocated and budgeted power of all switches in the power stack.

configuration

Displays the configuration resulting from the power xps privileged EXEC commands. The XPS configuration is stored in the XPS. Enter the show env xps configuration command to retrieve the non-default configuration.

port [ all | number ]

Displays the configuration and status of all ports or the specified XPS port. Port numbers are from 1 to 9.

power

Displays the status of the XPS power supplies.

system

Displays the XPS system status.

thermal

Displays the XPS thermal status.

upgrade

Displays the XPS upgrade status.

version

Displays the XPS version details.

Command Modes

Privileged EXEC

Command History

Release

Modification

12.2(55)SE1

This command was introduced.

Usage Guidelines

Use the show env xps privileged EXEC command to display the information for XPS 2200.

Examples

This is an example of output from the show env xps budgeting command:

Switch#
=======



XPS 0101.0100.0000 :
=========================================================
Data                  Current    Power     Power Port  Switch #  PS A  PS B  Role-State Committed  
Budget
----  --------  ----  ----  ---------- ---------  ------ 1     -        -    715  SP-PS      223    
    1543
2     -        -    -    SP-PS      223       223
3     -        -    -    -          -         -
4     -        -    -    -          -         -
5     -        -    -    -          -         -
6     -        -    -    -          -         -
7     -        -    -    -          -         -
8     -        -    -    -          -         -
9     1        1100 -    RPS-NB     223        070
XPS  -        -    1100  -          -

This is an example of output from the show env xps configuration command:

Switch# show env xps configuration
=============================================
XPS 0101.0100.0000 :
=============================================
power xps port 4 priority 5
power xps port 5 mode disable
power xps port 5 priority 6
power xps port 6 priority 7
power xps port 7 priority 8
power xps port 8 priority 9
power xps port 9 priority 4

This is an example of output from the show env xps port all command:

Switch#
XPS 010



-----------------------------------------
Port name          : -
Connected          : Yes
Mode               : Enabled (On)
Priority           : 1
Data stack switch # : - Configured role    : Auto-SP
Run mode            : SP-PS : Stack Power Power-Sharing Mode
Cable faults        : 0x0 XPS 0101.0100.0000 Port 2
-----------------------------------------
Port name          : -
Connected          : Yes
Mode               : Enabled (On)
Priority           : 2
Data stack switch # : - Configured role    : Auto-SP
Run mode            : SP-PS : Stack Power Power-Sharing Mode
Cable faults        : 0x0 XPS 0101.0100.0000 Port 3
-----------------------------------------
Port name          : -
Connected          : No
Mode               : Enabled (On)
Priority           : 3
Data stack switch # : - Configured role    : Auto-SP Run mode            : -
Cable faults
<output truncated>

This is an example of output from the show env xps power command:

=============================================================================
XPS 0101.0100.0000 :
=============================================================================
Port-Supply SW PID                 Serial#     Status         Mode Watts
----------- -- ------------------  ----------- --------------  ----  -----
XPS-A           Not present
XPS-B           NG3K-PWR-1100WAC   LIT13320NTV OK             SP   1100
1-A         -  -                   -           -
1-B         -  -                   -           -               SP    715
2-A         -  -                   -           -
2-B         -  -                   -           -
9-A                       100WAC    LIT141307RK OK              RPS  1100
9-B                   esent

This is an example of output from the show env xps system command:

Switch#
=======


XPS 0101.0100.0000 :
============================================================================
XPS                        Cfg  Cfg      RPS Switch  Current    Data Port  XPS Port Name        
Mode Role    Pri Conn    Role-State  Switch #
----  --------------------  ---- -------  --- ------  ----------  --------
1     -                    On   Auto-SP  1   Yes     SP-PS      -
2     -                    On   Auto-SP  2   Yes     SP-PS      -
3     -                    On   Auto-SP  3   No      -          -
4     none                 On   Auto-SP  5   No      -          -
5     -                    Off  Auto-SP  6   No      -          -
6     -                    On   Auto-SP  7   No      -          -
7     -                    On   Auto-SP  8   No      -          -
8     -                    On   Auto-SP  9   No      -
9     test                 On   Auto-SP  4   Yes     RPS-NB

This is an example of output from the show env xps thermal command:

Switch#
=======



XPS 0101.0100.0000 :
=============================================
Fan  Status
----  -----------
1     OK
2     OK
3     NOT PRESENT PS-1  NOT PRESENT PS-2  OK Temperature is OK

This is an example of output from the show env xps upgrade command when no upgrade is occurring:

Switch# show env xps upgrade
No XPS is connected and upgrading.

These are examples of output from the show env xps upgrade command when an upgrade is in process:

Switch# show env xps upgrade
XPS Upgrade Xfer

SW Status Prog
-- ----------- ----
1 Waiting 0%
Switch#
*Mar 22 03:12:46.723: %PLATFORM_XPS-6-UPGRADE_START: XPS 0022.bdd7.9b14 upgrade has
started through the Service Port.
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Receiving 1%
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Receiving 5%
Switch# show env xps upgrade
XPS Upgrade Xfer
SW Status Prog
-- ----------- ----
1 Reloading 100%
Switch#
*Mar 22 03:16:01.733: %PLATFORM_XPS-6-UPGRADE_DONE: XPS 0022.bdd7.9b14 upgrade has
completed and the XPS is reloading.

This is an example of output from the show env xps version command:

Switch# show env xps version
=============================================
XPS 0022.bdd7.9b14:
=============================================
Serial Number: FDO13490KUT
Hardware Version: 8
Bootloader Version: 7
Software Version: 18
Table 4. Related Commands

Command

Description

power xps(global configuration command)

Configures XPS and XPS port names.

power xps(privileged EXEC command)

Configures the XPS ports and system.

show flow monitor

To display the status and statistics for a Flexible NetFlow flow monitor, use the show flow monitor command in privileged EXEC mode.

show flow monitor [broker [detail | picture] | [name] monitor-name [cache [format {csv | record | table}]] | provisioning | statistics]

Syntax Description

broker

(Optional) Displays information about the state of the broker for the flow monitor

detail

(Optional) Displays detailed information about the flow monitor broker.

picture

(Optional) Displays a picture of the broker state.

name

(Optional) Specifies the name of a flow monitor.

monitor-name

(Optional) Name of a flow monitor that was previously configured.

cache

(Optional) Displays the contents of the cache for the flow monitor.

format

(Optional) Specifies the use of one of the format options for formatting the display output.

csv

(Optional) Displays the flow monitor cache contents in comma-separated variables (CSV) format.

record

(Optional) Displays the flow monitor cache contents in record format.

table

(Optional) Displays the flow monitor cache contents in table format.

provisioning

(Optional) Displays the flow monitor provisioning information.

statistics

(Optional) Displays the statistics for the flow monitor.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The cache keyword uses the record format by default.

The uppercase field names in the display output of the show flowmonitor monitor-name cache command are key fields that Flexible NetFlow uses to differentiate flows. The lowercase field names in the display output of the show flow monitor monitor-name cache command are nonkey fields from which Flexible NetFlow collects values as additional data for the cache.

Examples

The following example displays the status for a flow monitor:

# show flow monitor FLOW-MONITOR-1
 
Flow Monitor FLOW-MONITOR-1:
  Description:       Used for basic traffic analysis
  Flow Record:       flow-record-1
  Flow Exporter:     flow-exporter-1
                     flow-exporter-2
  Cache:
    Type:              normal
    Status:            allocated
    Size:              4096 entries / 311316 bytes
    Inactive Timeout:  15 secs
    Active Timeout:    1800 secs
    Update Timeout:    1800 secs

This table describes the significant fields shown in the display.

Table 5. show flow monitor monitor-name Field Descriptions

Field

Description

Flow Monitor

Name of the flow monitor that you configured.

Description

Description that you configured or the monitor, or the default description User defined.

Flow Record

Flow record assigned to the flow monitor.

Flow Exporter

Exporters that are assigned to the flow monitor.

Cache

Information about the cache for the flow monitor.

Type

Flow monitor cache type.

The possible values are:

  • immediate—Flows are expired immediately.

  • normal—Flows are expired normally.

  • Permanent—Flows are never expired.

Status

Status of the flow monitor cache.

The possible values are:

  • allocated—The cache is allocated.

  • being deleted—The cache is being deleted.

  • not allocated—The cache is not allocated.

Size

Current cache size.

Inactive Timeout

Current value for the inactive timeout in seconds.

Active Timeout

Current value for the active timeout in seconds.

Update Timeout

Current value for the update timeout in seconds.

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-1:

# show flow monitor FLOW-MONITOR-1 cache
  Cache type:                               Normal (Platform cache)
  Cache size:                              Unknown
  Current entries:                               1

  Flows added:                                   3
  Flows aged:                                    2
    - Active timeout      (   300 secs)          2

DATALINK MAC SOURCE ADDRESS INPUT:       0000.0000.1000
DATALINK MAC DESTINATION ADDRESS INPUT:  6400.F125.59E6
IPV6 SOURCE ADDRESS:                     2001:DB8::1
IPV6 DESTINATION ADDRESS:                2001:DB8:1::1
TRNS SOURCE PORT:                        1111
TRNS DESTINATION PORT:                   2222
IP VERSION:                              6
IP PROTOCOL:                             6
IP TOS:                                  0x05
IP TTL:                                  11
tcp flags:                               0x20
counter bytes long:                      132059538
counter packets long:                    1158417

This table describes the significant fields shown in the display.

Table 6. show flow monitor monitor-name cache Field Descriptions

Field

Description

Cache type

Flow monitor cache type. The value is always normal, as it is the only supported cache type.

Cache Size

Number of entries in the cache.

Current entries

Number of entries in the cache that are in use.

Flows added

Flows added to the cache since the cache was created.

Flows aged

Flows expired from the cache since the cache was created.

Active timeout

Current value for the active timeout in seconds.

Inactive timeout

Current value for the inactive timeout in seconds.

DATALINK MAC SOURCE ADDRESS INPUT

MAC source address of input packets.

DATALINK MAC DESTINATION ADDRESS INPUT

MAC destination address of input packets.

IPV6 SOURCE ADDRESS

IPv6 source address.

IPV6 DESTINATION ADDRESS

IPv6 destination address.

TRNS SOURCE PORT

Source port for the transport protocol.

TRNS DESTINATION PORT

Destination port for the transport protocol.

IP VERSION

IP version.

IP PROTOCOL

Protocol number.

IP TOS

IP type of service (ToS) value.

IP TTL

IP time-to-live (TTL) value.

tcp flags

Value of the TCP flags.

counter bytes

Number of bytes that have been counted.

counter packets

Number of packets that have been counted.

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-1 in a table format:

# show flow monitor FLOW-MONITOR-1 cache format table
  Cache type:                           Normal (Platform cache)
  Cache size:                          Unknown
  Current entries:                           1

  Flows added:                               3
  Flows aged:                                2
    - Active timeout      (   300 secs)      2

DATALINK MAC SRC ADDR INPUT  DATALINK MAC DST ADDR INPUT  IPV6 SRC ADDR  IPV6 DST ADDR  TRNS SRC PORT  TRNS DST PORT  IP VERSION  IP PROT  IP TOS  IP TTL  tcp flags  bytes long  pkts long
===========================  ===========================  =============  =============  =============  =============  ==========  =======  ======  ======  =========  ==========  =========
0000.0000.1000               6400.F125.59E6               2001:DB8::1    2001:DB8:1::1           1111           2222           6        6  0x05        11  0x20        132059538    1158417

The following example displays the status, statistics, and data for the flow monitor named FLOW-MONITOR-IPv6 (the cache contains IPv6 data) in record format:

# show flow monitor name FLOW-MONITOR-IPv6 cache format record
  Cache type:                               Normal (Platform cache)
  Cache size:                              Unknown
  Current entries:                               1

  Flows added:                                   3
  Flows aged:                                    2
    - Active timeout      (   300 secs)          2

DATALINK MAC SOURCE ADDRESS INPUT:       0000.0000.1000
DATALINK MAC DESTINATION ADDRESS INPUT:  6400.F125.59E6
IPV6 SOURCE ADDRESS:                     2001::2
IPV6 DESTINATION ADDRESS:                2002::2
TRNS SOURCE PORT:                        1111
TRNS DESTINATION PORT:                   2222
IP VERSION:                              6
IP PROTOCOL:                             6
IP TOS:                                  0x05
IP TTL:                                  11
tcp flags:                               0x20
counter bytes long:                      132059538
counter packets long:                    1158417

The following example displays the status and statistics for a flow monitor:

# show flow monitor FLOW-MONITOR-1 statistics
  Cache type:                               Normal (Platform cache)
  Cache size:                              Unknown
  Current entries:                               1

  Flows added:                                   3
  Flows aged:                                    2
    - Active timeout      (   300 secs)          2

show install

To display information about install packages, use the show install command in privileged EXEC mode.

show install {active | committed | inactive | log | package {bootflash: | flash: | webui:} | rollback | summary | uncommitted}

Syntax Description

active

Displays information about active packages.

committed

Displays package activations that are persistent.

inactive

Displays inactive packages.

log

Displays entries stored in the logging installation buffer.

package

Displays metadata information about the package, including description, restart information, components in the package, and so on.

{bootflash: | flash: | harddisk: |webui:}

Specifies the location of the install package.

rollback

Displays the software set associated with a saved installation.

summary

Displays information about the list of active, inactive, committed, and superseded packages.

uncommitted Displays package activations that are nonpersistent.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Everest 16.6.1

This command was introduced.

Usage Guidelines

Use the show commands to view the status of the install package.

Examples

The following is sample output from the show install package command:

Device# show install package bootflash:cat3k-universalk9.2017-01-10_13.15.1.
CSCxxx.SSA.dmp.bin
Name:  cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SS
Version:  16.6.1.0.199.1484082952..Everest
Platform:  Catalyst3k
Package Type:  dmp
Defect ID:  CSCxxx
Package State:  Added
Supersedes List:  {}
Smu ID:  1

The following is sample output from the show install summary command:

Device# show install summary 

Active Packages:
    bootflash:cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SSA.dmp.bin
Inactive Packages:
   No packages
Committed Packages:
    bootflash:cat3k-universalk9.2017-01-10_13.15.1.CSCxxx.SSA.dmp.bin
Uncommitted Packages:
   No packages
Device#

The table below lists the significant fields shown in the display.

Table 7. show install summary Field Descriptions

Field

Description

Active Packages

Name of the active install package.

Inactive Packages

List of inactive packages.

Committed Packages

Install packages that have saved or committed changes to the harddisk, so that the changes become persistent across reloads.

Uncommitted Packages

Intall package activations that are nonpersistent.

The following is sample output from the show install log command:

Device# show install log

[0|install_op_boot]: START Fri Feb 24 19:20:19 Universal 2017
[0|install_op_boot]: END SUCCESS  Fri Feb 24 19:20:23 Universal 2017
[3|install_add]: START Sun Feb 26 05:55:31 UTC 2017
[3|install_add( FATAL)]: File path (scp) is not yet supported for this command
[4|install_add]: START Sun Feb 26 05:57:04 UTC 2017
[4|install_add]: END SUCCESS /bootflash/cat3k-universalk9.2017-01-10_13.15.1.CSCvb12345.SSA.dmp.bin 
Sun Feb 26 05:57:22 UTC 2017
[5|install_activate]: START Sun Feb 26 05:58:41 UTC 2017

show license all

To display the entitlement information, use the show license all command in privileged EXEC mode.

show license all

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Usage Guidelines

The command also displays whether smart licensing is enabled, all associated licensing certificates, compliance status, and so on.

Examples

This example shows a sample output from the show license all command:

Device# show license all
Load for five secs: 0%/0%; one minute: 2%; five minutes: 1%
No time source, 09:31:16.387 EDT Fri Jul 13 2018

Smart Licensing Status
======================

Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: CISCO Systems
  Virtual Account: NPR
  Export-Controlled Functionality: Allowed
  Initial Registration: SUCCEEDED on Jul 13 09:30:40 2018 EDT
  Last Renewal Attempt: None
  Next Renewal Attempt: Jan 09 09:30:40 2019 EDT
  Registration Expires: Jul 13 09:25:31 2019 EDT

License Authorization: 
  Status: AUTHORIZED on Jul 13 09:30:45 2018 EDT
  Last Communication Attempt: SUCCEEDED on Jul 13 09:30:45 2018 EDT
  Next Communication Attempt: Aug 12 09:30:45 2018 EDT
  Communication Deadline: Oct 11 09:25:40 2018 EDT

Utility:
  Status: DISABLED

Data Privacy:
  Sending Hostname: yes
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: DISABLED
  Version privacy: DISABLED

Transport:
  Type: Callhome

License Usage
==============

C9300 DNA Advantage (C9300-24 DNA Advantage):
  Description: C9300-24P DNA Advantage
  Count: 3
  Version: 1.0
  Status: AUTHORIZED

C9300 Network Advantage (C9300-24 Network Advantage):
  Description: C9300-24P Network Advantage
  Count: 3
  Version: 1.0
  Status: AUTHORIZED

Product Information
===================
UDI: PID:C9300-24U,SN:FCW2125L046

HA UDI List:
    Active:PID:C9300-24U,SN:FCW2125L046
    Standby:PID:C9300-24U,SN:FCW2125L03U
    Member:PID:C9300-24U,SN:FCW2125G01T

Agent Version
=============
Smart Agent for Licensing: 4.4.13_rel/116
Component Versions: SA:(1_3_dev)1.0.15, SI:(dev22)1.2.1, CH:(rel5)1.0.3, PK:(dev18)1.0.3

Reservation Info
================ 
License reservation: DISABLED

show license status

To display the compliance status of a license, use the show license status command in privileged EXEC mode.

show license status

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows a sample output from the show license status command:
Device# show license status

Smart Licensing is ENABLED

Utility:
  Status: DISABLED

Data Privacy:
  Sending Hostname: yes
    Callhome hostname privacy: DISABLED
    Smart Licensing hostname privacy: DISABLED
  Version privacy: DISABLED

Transport:
  Type: Callhome

Registration:
  Status: REGISTERED
  Smart Account: Cisco Systems
  Virtual Account: NPR
  Export-Controlled Functionality: Allowed
  Initial Registration: First Attempt Pending
  Last Renewal Attempt: SUCCEEDED on Jul 19 14:49:49 2018 IST
  Next Renewal Attempt: Jan 15 14:49:47 2019 IST
  Registration Expires: Jul 19 14:43:47 2019 IST

License Authorization: 
  Status: AUTHORIZED on Jul 28 07:02:56 2018 IST
  Last Communication Attempt: SUCCEEDED on Jul 28 07:02:56 2018 IST
  Next Communication Attempt: Aug 27 07:02:56 2018 IST
  Communication Deadline: Oct 26 06:57:50 2018 IST

show license summary

To display a summary of all active licenses, use the show license summary command in privileged EXEC mode.

show license summary

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows a sample output from the show license summary command:

Device# show license summary 
Load for five secs: 1%/0%; one minute: 1%; five minutes: 1%
No time source, 09:32:13.746 EDT Fri Jul 13 2018

Smart Licensing is ENABLED

Registration:
  Status: REGISTERED
  Smart Account: CISCO Systems
  Virtual Account: NPR
  Export-Controlled Functionality: Allowed
  Last Renewal Attempt: None
  Next Renewal Attempt: Jan 09 09:30:40 2019 EDT

License Authorization: 
  Status: AUTHORIZED
  Last Communication Attempt: SUCCEEDED
  Next Communication Attempt: Aug 12 09:30:44 2018 EDT

License Usage:
  License                 Entitlement tag               Count Status
  -----------------------------------------------------------------------------
  C9300 DNA Advantage     (C9300-24 DNA Advantage)          3 AUTHORIZED
  C9300 Network Advantage (C9300-24 Network Advan...)       3 AUTHORIZED

show license udi

To display the Unique Device Identifier (UDI), use the show license udi command in privileged EXEC mode.

show license udi

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows a sample output from the show license udi command:

Device# show license udi
UDI: PID:C9300-24U,SN:FCW2125L046

HA UDI List:
    Active:PID:C9300-24U,SN:FCW2125L046
    Standby:PID:C9300-24U,SN:FCW2125L03U
    Member:PID:C9300-24U,SN:FCW2125G01T

show license usage

To display license usage information, use the show license usage command in privileged EXEC mode.

show license usage

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows a sample output from the show license usage command:

Device# show license usage
License Authorization: 
  Status: AUTHORIZED on Jul 17 09:47:28 2018 EDT

C9300 DNA Advantage (C9300-24 DNA Advantage):
  Description: C9300-24P DNA Advantage
  Count: 3
  Version: 1.0
  Status: AUTHORIZED

C9300 Network Advantage (C9300-24 Network Advantage):
  Description: C9300-24P Network Advantage
  Count: 3
  Version: 1.0
  Status: AUTHORIZED

show location

To display location information for an endpoint, use the show location command in privileged EXEC mode.

show location [admin-tag | civic-location {identifier identifier-string | interface type number | static} | custom-location {identifier identifier-string | interface type number | static} | elin-location {identifier identifier-string | interface type number | static} | geo-location {identifier identifier-string | interface type number | static} | host]

Syntax Description

admin-tag

Displays administrative tag or site information.

civic-location

Specifies civic location information.

identifier identifier-string

Information identifier of the civic location, custom location, or geo-spatial location.

interface type number

Interface type and number.

For information about the numbering syntax for your device, use the question mark (?) online help function.

static

Displays configured civic, custom, or geo-spatial location information.

custom-location

Specifies custom location information.

elin-location

Specifies emergency location information (ELIN).

geo-location

Specifies geo-spatial location information.

host

Specifies the civic, custom, or geo-spatial host location information.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

The following sample output of the show location civic-location command displays civic location information for the specified identifier (identifier 1):

Device# show location civic-location identifier 1
Civic location information
--------------------------
Identifier              : 1
County                  : Santa Clara
Street number           : 3550
Building                : 19
Room                    : C6
Primary road name       : Example
City                    : San Jose
State                   : CA
Country                 : US

show logging onboard switch uptime

To display a history of all reset reasons for all modules or switches in a system, use the show logging onboard switch uptime command.

show logging onboard switch { switch-number | active | standby } uptime [ [ [ continuous | detail] [ start hour day month [ year] [ end hour day month year] ] ] | summary]

Syntax Description

switch switch-number

Specifies a switch. Enter the switch number.

active

Specifies the active instance.

standby

Specifies the standby instance.

continuous

(Optional) Displays continuous data.

detail

(Optional) Displays detailed data.

start hour day month year

(Optional) Specifies the start time to display data.

end hour day month year

(Optional) Specifies the end time to display data.

summary

(Optional) Displays summary data.

Command Modes

Privileged EXEC(#)

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was implemented on the Cisco Catalyst 9300 Series Switches

Cisco IOS XE Gibraltar 16.10.1

The output of this command was updated to display the reload reasons for members in a stack.

Examples:

The following is a sample output from the show logging onboard switch active uptime continuous command:

Device# show logging onboard switch active uptime continuous
--------------------------------------------------------------------------------
UPTIME CONTINUOUS INFORMATION
--------------------------------------------------------------------------------
Time Stamp          | Reset                       | Uptime
MM/DD/YYYY HH:MM:SS | Reason                      | years weeks days hours minutes
--------------------------------------------------------------------------------
06/17/2018 19:42:56   Reload                        0     0     0     0     5
06/17/2018 19:56:31   Reload                        0     0     0     0     5
06/17/2018 20:10:46   Reload                        0     0     0     0     5
06/17/2018 20:23:48   Reload                        0     0     0     0     5
06/17/2018 20:37:20   Reload Command                0     0     0     0     5
06/18/2018 17:09:23   Reload Command                0     0     0     20    5
06/18/2018 17:18:39   redundancy force-switchover   0     0     0     0     5
06/18/2018 18:33:33   Reload                        0     0     0     1     5
06/18/2018 19:03:05   Reload                        0     0     0     0     5
06/18/2018 19:40:30   Reload                        0     0     0     0     5
06/18/2018 20:37:47   Reload                        0     0     0     0     5
06/18/2018 20:51:13   Reload                        0     0     0     0     5
06/18/2018 21:04:08   Reload                        0     0     0     0     5
06/18/2018 21:18:23   Reload                        0     0     0     0     5
06/18/2018 21:31:25   Reload                        0     0     0     0     5
06/18/2018 21:45:15   Reload                        0     0     0     0     5
06/18/2018 21:59:02   Reload                        0     0     0     0     5
06/18/2018 22:11:41   Reload                        0     0     0     0     5
06/18/2018 22:24:27   Reload                        0     0     0     0     5
06/18/2018 22:39:14   Reload Command                0     0     0     0     4
06/19/2018 00:01:59   Reload Command                0     0     0     1     5
06/19/2018 00:13:21   redundancy force-switchover   0     0     0     0     5
06/19/2018 01:05:42   redundancy force-switchover   0     0     0     0     5
06/20/2018 02:37:16   redundancy force-switchover   0     0     1     1     5
06/20/2018 02:50:03   redundancy force-switchover   0     0     0     0     5
06/20/2018 03:02:13   redundancy force-switchover   0     0     0     0     5
06/20/2018 03:14:26   redundancy force-switchover   0     0     0     0     5
06/20/2018 03:26:44   redundancy force-switchover   0     0     0     0     5
06/20/2018 03:38:58   redundancy force-switchover   0     0     0     0     5
06/20/2018 03:52:43   redundancy force-switchover   0     0     0     0     5
06/20/2018 04:05:16   redundancy force-switchover   0     0     0     0     5
.
.
.

The following is a sample output from the show logging onboard switch active uptime detail command:

Device# show logging onboard switch active uptime detail  

--------------------------------------------------------------------------------
UPTIME SUMMARY INFORMATION
--------------------------------------------------------------------------------
First customer power on : 06/10/2017 09:28:22
Total uptime            :  0  years  50 weeks  4  days  13 hours  38 minutes
Total downtime          :  0  years  15 weeks  4  days  11 hours  52 minutes
Number of resets        : 75
Number of slot changes  : 9
Current reset reason    : PowerOn
Current reset timestamp : 09/17/2018 10:59:57
Current slot            : 1
Chassis type            : 0
Current uptime          :  0  years  0  weeks  0  days  0  hours  0  minutes
--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
UPTIME CONTINUOUS INFORMATION
--------------------------------------------------------------------------------
Time Stamp          | Reset                       | Uptime
MM/DD/YYYY HH:MM:SS | Reason                      | years weeks days hours minutes
--------------------------------------------------------------------------------
06/10/2017 09:28:22   Reload                        0     0     0     0     0  
<snip>
09/17/2018 09:07:44   PowerOn                       0     0     3     15    5  
09/17/2018 10:16:26   Reload Command                0     0     0     1     5  
09/17/2018 10:59:57   PowerOn                       0     0     0     0     5  

The following is a sample output from the show logging onboard switch standby uptime detail command:

Device# show logging onboard switch standby uptime detail

--------------------------------------------------------------------------------
UPTIME SUMMARY INFORMATION
--------------------------------------------------------------------------------
First customer power on : 06/10/2017 11:51:26
Total uptime            :  0  years  46 weeks  0  days  11 hours  44 minutes
Total downtime          :  0  years  20 weeks  1  days  10 hours  45 minutes
Number of resets        : 79
Number of slot changes  : 13
Current reset reason    : PowerOn
Current reset timestamp : 09/17/2018 10:59:57
Current slot            : 2
Chassis type            : 0
Current uptime          :  0  years  0  weeks  0  days  0  hours  5  minutes
--------------------------------------------------------------------------------

--------------------------------------------------------------------------------
UPTIME CONTINUOUS INFORMATION
--------------------------------------------------------------------------------
Time Stamp          | Reset                       | Uptime
MM/DD/YYYY HH:MM:SS | Reason                      | years weeks days hours minutes
--------------------------------------------------------------------------------
06/10/2017 11:51:26   Reload                        0     0     0     0     0  
<snip>
08/10/2018 09:13:58   LocalSoft                     0     0     2     5     4  
08/28/2018 14:21:42   Reload Slot Command           0     0     0     3     5  
08/28/2018 14:34:29   System requested reload       0     0     0     0     0  
09/11/2018 09:08:15   Reload                        0     0     1     8     5  
09/11/2018 19:15:06   redundancy force-switchover   0     0     0     9     4  
09/13/2018 16:50:18   Reload Command                0     0     1     21    6  
09/17/2018 10:55:09   PowerOn                       0     0     0     0     5  

The following is a sample output from the show logging onboard switch active uptime summary command:

Device# show logging onboard switch active uptime summary
--------------------------------------------------------------------------------
UPTIME SUMMARY INFORMATION
--------------------------------------------------------------------------------
First customer power on : 04/26/2018 21:45:39
Total uptime            :  0  years  20 weeks  2  days  12 hours  22 minutes
Total downtime          :  0  years  2  weeks  2  days  8  hours  40 minutes
Number of resets        : 1900
Number of slot changes  : 18
Current reset reason    : Reload Command
Current reset timestamp : 09/26/2018 20:43:15
Current slot            : 1
Chassis type            : 91
Current uptime          :  0  years  0  weeks  5  days  22 hours  5  minutes
--------------------------------------------------------------------------------

show mac address-table

To display the MAC address table, use the show mac address-table command in privileged EXEC mode.

show mac address-table [ address mac-addr [ interface type/number | vlan vlan-id ] | aging-time [ routed-mac | vlan vlan-id ] | control-packet-learn | count [ summary | vlan vlan-id ] | [ dynamic | secure | static ] [ address mac-addr ] [ interface type/number | vlan vlan-id ] | interface type/number | learning [ vlan vlan-id ] | multicast [ count ] [ igmp-snooping | mld-snooping | user ] [ vlan vlan-id ] | notification { change [ interface [ type/number ] ] | mac-move | threshold } | vlan vlan-id ]

Syntax Description

address mac-addr

(Optional) Displays information about the MAC address table for a specific MAC address.

interface type/number

(Optional) Displays addresses for a specific interface.

vlan vlan-id

(Optional) Displays addresses for a specific VLAN.

aging-time [routed-mac | vlan vlan-id]

(Optional) Displays the aging time for the routed MAC or VLAN.

control-packet-learn

(Optional) Displays the controlled packet MAC learning parameters.

count

(Optional) Displays the number of entries that are currently in the MAC address table.

dynamic

(Optional) Displays only the dynamic addresses.

secure

(Optional) Displays only the secure addresses.

static

(Optional) Displays only the static addresses.

learning

(Optional) Displays learnings of a VLAN or interface.

multicast

(Optional) Displays information about the multicast MAC address table entries only.

igmp-snooping

(Optional) Displays the addresses learned by Internet Group Management Protocol (IGMP) snooping.

mld-snooping

(Optional) Displays the addresses learned by Multicast Listener Discover version 2 (MLDv2) snooping.

user

(Optional) Displays the manually entered (static) addresses.

notification change

Displays the MAC notification parameters and history table.

notification mac-move

Displays the MAC-move notification status.

notification threshold

Displays the Counter-Addressable Memory (CAM) table utilization notification status.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Cisco IOS XE Gibraltar 16.12.4

The ouput of the show mac address-table vlan vlan-id command has been updated to show the MAC addresses used for Cisco Software-Defined Access (SD-Access) solution.

Usage Guidelines

The mac-addr value is a 48-bit MAC address. The valid format is H.H.H.

The interface number argument designates the module and port number. Valid values depend on the specified interface type and the chassis and module that are used. For example, if you specify a Gigabit Ethernet interface and have a 48-port 10/100BASE-T Ethernet module that is installed in a 13-slot chassis, valid values for the module number are from 1 to 13 and valid values for the port number are from 1 to 48.

Examples

The following is sample output from the show mac address-table command:

Device# show mac address-table

          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
 All    0100.0ccc.cccc    STATIC      CPU
 All    0100.0ccc.cccd    STATIC      CPU
 All    0180.c200.0000    STATIC      CPU
 All    0180.c200.0001    STATIC      CPU
 All    0180.c200.0002    STATIC      CPU
 All    0180.c200.0003    STATIC      CPU
 All    0180.c200.0004    STATIC      CPU
 All    0180.c200.0005    STATIC      CPU
 All    0180.c200.0006    STATIC      CPU
 All    0180.c200.0007    STATIC      CPU
 All    0180.c200.0008    STATIC      CPU
 All    0180.c200.0009    STATIC      CPU
 All    0180.c200.000a    STATIC      CPU
 All    0180.c200.000b    STATIC      CPU
 All    0180.c200.000c    STATIC      CPU
 All    0180.c200.000d    STATIC      CPU
 All    0180.c200.000e    STATIC      CPU
 All    0180.c200.000f    STATIC      CPU
 All    0180.c200.0010    STATIC      CPU
 All    0180.c200.0021    STATIC      CPU
 All    ffff.ffff.ffff    STATIC      CPU
   1    780c.f0e1.1dc3    STATIC      Vl1 
  51    0000.1111.2222    STATIC      Vl51 
  51    780c.f0e1.1dc6    STATIC      Vl51 
1021    0000.0c9f.f45c    STATIC      Vl1021 
1021    0002.02cc.0002    STATIC      Gi6/0/2 
1021    0002.02cc.0003    STATIC      Gi6/0/3 
1021    0002.02cc.0004    STATIC      Gi6/0/4 
1021    0002.02cc.0005    STATIC      Gi6/0/5 
1021    0002.02cc.0006    STATIC      Gi6/0/6 
1021    0002.02cc.0007    STATIC      Gi6/0/7 
1021    0002.02cc.0008    STATIC      Gi6/0/8 
1021    0002.02cc.0009    STATIC      Gi6/0/9 
1021    0002.02cc.000a    STATIC      Gi6/0/10 

<output truncated>

The following example shows how to display MAC address table information for a specific MAC address:

Device# show mac address-table address fc58.9a02.7382

          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    fc58.9a02.7382    DYNAMIC     Te1/0/1
Total Mac Addresses for this criterion: 1

The following example shows how to display the currently configured aging time for a specific VLAN:

Device# show mac address-table aging-time vlan 1

Global Aging Time:  300
Vlan    Aging Time
----    ----------
   1     300

The following example shows how to display the information about the MAC address table for a specific interface:

Device# show mac address-table interface TenGigabitEthernet1/0/1

          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
   1    fc58.9a02.7382    DYNAMIC     Te1/0/1
Total Mac Addresses for this criterion: 1

The following example shows how to display the MAC-move notification status:

Device# show mac address-table notification mac-move

MAC Move Notification: Enabled
 

The following example shows how to display the CAM-table utilization-notification status:

Device# show mac address-table notification threshold 

    Status       limit        Interval  
-------------+-----------+-------------
   enabled         50           120     

The following example shows how to display the MAC notification parameters and history table for a specific interface:

Device# show mac address-table notification change interface tenGigabitEthernet1/0/1

MAC Notification Feature is Disabled on the switch
Interface                      MAC Added Trap MAC Removed Trap
---------                      -------------- ----------------
TenGigabitEthernet1/0/1        Disabled       Disabled 

The following example shows how to display the information about the MAC-address table for a specific VLAN:


Note


MAC addresses of the type CP_LEARN will be displayed only if Cisco SD-Access solution is used.


Device# show mac address-table vlan 1021

          Mac Address Table
-------------------------------------------

Vlan    Mac Address       Type        Ports
----    -----------       --------    -----
1021    0000.0c9f.f45c    STATIC      Vl1021 
1021    0002.02cc.0002    STATIC      Gi6/0/2 
1021    0002.02cc.0003    STATIC      Gi6/0/3 
1021    0002.02cc.0004    STATIC      Gi6/0/4 
1021    0002.02cc.0005    STATIC      Gi6/0/5 
1021    0002.02cc.0006    STATIC      Gi6/0/6 
1021    0002.02cc.0007    STATIC      Gi6/0/7 
1021    0002.02cc.0008    STATIC      Gi6/0/8 
1021    0002.02cc.0009    STATIC      Gi6/0/9 
1021    0002.02cc.000a    STATIC      Gi6/0/10 
1021    0002.02cc.000b    STATIC      Gi6/0/11 
1021    0002.02cc.000c    STATIC      Gi6/0/12 
1021    0002.02cc.000d    STATIC      Gi6/0/13 
1021    0002.02cc.000e    STATIC      Gi6/0/14 
1021    0002.02cc.000f    STATIC      Gi6/0/15 
1021    0002.02cc.0010    STATIC      Gi6/0/16 
1021    0002.02cc.0011    STATIC      Gi6/0/17 
1021    0002.02cc.0012    STATIC      Gi6/0/18 
1021    0002.02cc.0013    STATIC      Gi6/0/19 
1021    0002.02cc.0014    STATIC      Gi6/0/20 

.
.
.

1021    0002.0100.0001    CP_LEARN    Tu0
1021    0002.0100.0002    CP_LEARN    Tu0
1021    0002.0100.0003    CP_LEARN    Tu0
1021    0002.0100.0004    CP_LEARN    Tu0
1021    0002.0100.0005    CP_LEARN    Tu0
1021    0002.0100.0006    CP_LEARN    Tu0
1021    0002.0100.0007    CP_LEARN    Tu0
1021    0002.0100.0008    CP_LEARN    Tu0
1021    0002.0100.0009    CP_LEARN    Tu0
1021    0002.0100.000a    CP_LEARN    Tu0
Total Mac Addresses for this criterion: 114

The table below describes the significant fields shown in the show mac address-table display.

Table 8. show mac address-table Field Descriptions

Field

Description

VLAN

VLAN number.

Mac Address

MAC address of the entry.

Type

Type of address.

Ports

Port type.

Total MAC addresses

Total MAC addresses in the MAC address table.

show mac address-table move update

To display the MAC address-table move update information on the device, use the show mac address-table move update command in EXEC mode.

show mac address-table move update

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

User EXEC

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Examples

This example shows the output from the show mac address-table move update command:


Device# show mac address-table move update

Switch-ID : 010b.4630.1780
Dst mac-address : 0180.c200.0010
Vlans/Macs supported : 1023/8320
Default/Current settings: Rcv Off/On, Xmt Off/On
Max packets per min : Rcv 40, Xmt 60
Rcv packet count : 10
Rcv conforming packet count : 5
Rcv invalid packet count : 0
Rcv packet count this min : 0
Rcv threshold exceed count : 0
Rcv last sequence# this min : 0
Rcv last interface : Po2
Rcv last src-mac-address : 0003.fd6a.8701
Rcv last switch-ID : 0303.fd63.7600
Xmt packet count : 0
Xmt packet count this min : 0
Xmt threshold exceed count : 0
Xmt pak buf unavail cnt : 0
Xmt last interface : None


show parser encrypt file status

To view the private configuration encryption status, use the show parser encrypt file status command.

show parser encrypt file status

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

User EXEC

Command History

Release Modification

Cisco IOS XE Fuji 16.8.1a

This command was introduced.

Examples

The following command output indicates that the feature is available and the file is encrypted. The file is in ‘cipher text’ format.


Device> enable
Device# show parser encrypt file status
Feature:            Enabled
File Format:        Cipher text
Encryption Version: ver1 

show platform hardware fpga

To display the system field-programmable gate array (FPGA) settings, use the show platform hardware fpga command in privileged EXEC mode.

show platform hardware fpga

Syntax Description

This command has no arguments or keywords.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

The following is a sample output from the show platform hardware fpga command on a Cisco Catalyst 9300 Series switch:


Device# show platform hardware fpga
   
Register Addr            FPGA Reg Description               Value
-------------            --------------------               -----
0x00000000                         Board ID               0x00006053 
0x00000004                     FPGA Version               0x00000206 
0x00000008                       Reset Reg1               0x00010204 
0x0000000c                       Reset Reg2               0x00000000 
0x00000028                FRU LED DATA Reg1               0x00001008 
0x0000002c                FRU LED DATA Reg2               0x00001008 
0x00000030                  FRU Control Reg               0x0000c015 
0x00000034                 Doppler Misc Reg               0x00000311 
0x00000010                       SBC Enable               0x0000000f
<snip>

The following is a sample output from the show platform hardware fpga command on a Cisco Catalyst 9500 Series switch:


Device# show platform hardware fpga

Register Addr         FPGA Reg Description                  Value
-------------          --------------------                 -----
0x00000000                     FPGA Version               0x00000110 
0x00000040              FRU Power Cntrl Reg               0x00000112 
0x00000020           System Reset Cntrl Reg               0x00000000 
0x00000024             Beacon LED Cntrl Reg               0x00000000
0x00000044              1588 Sync Pulse Reg               0x00000000 
0x00000048         Mainboard Misc Cntrl Reg               0x0000000a 
0x00000038          DopplerD Misc Cntrl Reg               0x000000ff
<snip>

show platform integrity

To display checksum record for the boot stages , use the show platform integrity command in privileged EXEC mode.

show platform integrity [ sign [ nonce < nonce>]]

Syntax Description

sign (Optional) Show signature
nonce (Optional) Enter a nonce value

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

This command was introduced.

Examples

This example shows how to view the checksum record for boot stages :


Device# show platform integrity sign

PCR0: EE47F8644C2887D9BD4DE3E468DD27EB93F4A606006A0B7006E2928C50C7C9AB
PCR8: E7B61EC32AFA43DA1FF4D77F108CA266848B32924834F5E41A9F6893A9CB7A38
Signature version: 1
Signature:
816C5A29741BBAC1961C109FFC36DA5459A44DBF211025F539AFB4868EF91834C05789
5DAFBC7474F301916B7D0D08ABE5E05E66598426A73E921024C21504383228B6787B74
8526A305B17DAD3CF8705BACFD51A2D55A333415CABC73DAFDEEFD8777AA77F482EC4B
731A09826A41FB3EFFC46DC02FBA666534DBEC7DCC0C029298DB8462A70DBA26833C2A
1472D1F08D721BA941CB94A418E43803699174572A5759445B3564D8EAEE57D64AE304
EE1D2A9C53E93E05B24A92387E261199CED8D8A0CE7134596FF8D2D6E6DA773757C70C
D3BA91C43A591268C248DF32658999276FB972153ABE823F0ACFE9F3B6F0AD1A00E257
4A4CC41C954015A59FB8FE
Platform: WS-C3650-12X48UZ

show platform software audit

To display the SE Linux Audit logs, use the show platform software audit command in privileged EXEC mode.

show platform software audit { all | summary | [ switch { switch-number | active | standby}] { 0 | F0 | R0 | { FP | RP} { active}}}

Syntax Description

all

Shows the audit log from all the slots.

summary

Shows the audit log summary count from all the slots.

switch

Shows the audit logs for a slot on a specific switch.

switch-number

Selects the switch with the specified switch number.

switch active

Selects the active instance of the switch.

standby

Selects the standby instance of the switch.

0

Shows the audit log for the SPA-Inter-Processor slot 0.

F0

Shows the audit log for the Embedded-Service-Processor slot 0.

R0

Shows the audit log for the Route-Processor slot 0.

FP active

Shows the audit log for the active Embedded-Service-Processor slot.

RP active

Shows the audit log for the active Route-Processor slot.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

This command was introduced in the Cisco IOS XE Gibraltar 16.10.1 as a part of the SELinux Permissive Mode feature. The show platform software audit command displays the system logs containing the access violation events.

In Cisco IOS XE Gibraltar 16.10.1, operation in a permissive mode is available - with the intent of confining specific components (process or application) of the IOS-XE platform. In the permissive mode, access violation events are detected and system logs are generated, but the event or operation itself is not blocked. The solution operates mainly in an access violation detection mode.

Examples

The following is a sample output of the show software platform software audit summary command:

Device# show platform software audit summary

===================================
AUDIT LOG ON switch 1
-----------------------------------
AVC Denial count: 58
===================================

The following is a sample output of the show software platform software audit all command:

Device# show platform software audit all

===================================
AUDIT LOG ON switch 1
-----------------------------------
========== START ============
type=AVC msg=audit(1539222292.584:100): avc:  denied  { read } for  pid=14017 comm="mcp_trace_filte" name="crashinfo" dev="rootfs" ino=13667 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_disk_crashinfo_t:s0 tclass=lnk_file permissive=1
type=AVC msg=audit(1539222292.584:100): avc:  denied  { getattr } for  pid=14017 comm="mcp_trace_filte" path="/mnt/sd1" dev="sda1" ino=2 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_disk_crashinfo_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539222292.586:101): avc:  denied  { getattr } for  pid=14028 comm="ls" path="/tmp/ufs/crashinfo" dev="tmpfs" ino=58407 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_ncd_tmp_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539222292.586:102): avc:  denied  { read } for  pid=14028 comm="ls" name="crashinfo" dev="tmpfs" ino=58407 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_ncd_tmp_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539438600.896:119): avc:  denied  { execute } for  pid=8300 comm="sh" name="id" dev="loop0" ino=6982 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438600.897:120): avc:  denied  { execute_no_trans } for  pid=8300 comm="sh" path="/tmp/sw/mount/cat9k-rpbase.2018-10-02_00.13_mhungund.SSA.pkg/nyquist/usr/bin/id" dev="loop0" ino=6982 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:bin_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438615.535:121): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539438624.916:122): avc:  denied  { execute_no_trans } for  pid=8600 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438648.936:123): avc:  denied  { execute_no_trans } for  pid=9307 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438678.649:124): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539438696.969:125): avc:  denied  { execute_no_trans } for  pid=10057 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438732.973:126): avc:  denied  { execute_no_trans } for  pid=10858 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438778.008:127): avc:  denied  { execute_no_trans } for  pid=11579 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438800.156:128): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539438834.099:129): avc:  denied  { execute_no_trans } for  pid=12451 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539440246.697:149): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539440299.119:150): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
========== END ============
===================================

The following is a sample output of the show software platform software audit switch command:

Device# show platform software audit switch active R0

========== START ============
type=AVC msg=audit(1539222292.584:100): avc:  denied  { read } for  pid=14017 comm="mcp_trace_filte" name="crashinfo" dev="rootfs" ino=13667 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_disk_crashinfo_t:s0 tclass=lnk_file permissive=1
type=AVC msg=audit(1539222292.584:100): avc:  denied  { getattr } for  pid=14017 comm="mcp_trace_filte" path="/mnt/sd1" dev="sda1" ino=2 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_disk_crashinfo_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539222292.586:101): avc:  denied  { getattr } for  pid=14028 comm="ls" path="/tmp/ufs/crashinfo" dev="tmpfs" ino=58407 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_ncd_tmp_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539222292.586:102): avc:  denied  { read } for  pid=14028 comm="ls" name="crashinfo" dev="tmpfs" ino=58407 scontext=system_u:system_r:polaris_trace_filter_t:s0 tcontext=system_u:object_r:polaris_ncd_tmp_t:s0 tclass=dir permissive=1
type=AVC msg=audit(1539438624.916:122): avc:  denied  { execute_no_trans } for  pid=8600 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438648.936:123): avc:  denied  { execute_no_trans } for  pid=9307 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438678.649:124): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539438696.969:125): avc:  denied  { execute_no_trans } for  pid=10057 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438732.973:126): avc:  denied  { execute_no_trans } for  pid=10858 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438778.008:127): avc:  denied  { execute_no_trans } for  pid=11579 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438800.156:128): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
type=AVC msg=audit(1539438834.099:129): avc:  denied  { execute_no_trans } for  pid=12451 comm="auto_upgrade_se" path="/bin/bash" dev="rootfs" ino=7276 scontext=system_u:system_r:polaris_auto_upgrade_server_rp_t:s0 tcontext=system_u:object_r:shell_exec_t:s0 tclass=file permissive=1
type=AVC msg=audit(1539438860.907:130): avc:  denied  { name_connect } for  pid=26421 comm="nginx" dest=8098 scontext=system_u:system_r:polaris_nginx_t:s0 tcontext=system_u:object_r:polaris_caf_api_port_t:s0 tclass=tcp_socket permissive=1
========== END ============
===================================

show platform software fed switch punt cause

To display information about why the packets received on an interface are punted to the Router Processor (RP), use the show platform software fed switch punt cpuq cause command in privileged EXEC mode.

show platform software fed switch {switch-number | | active | | standby} punt {cause_id | | clear | | summary}

Syntax Description

switch {switch-number | active | standby}

Displays information about the switch. You have the following options:

  • switch-number.

  • active —Displays information relating to the active switch.

  • standby —Displays information relating to the standby switch, if available.

    Note

     

    This keyword is not supported.

cause_id

Specifies the ID of the cause for which the details have to be displayed.

clear

Clears the statistics for all the causes. Clearing the causes might result in inconsistent statistics.

summary

Displays a high-level overview of the punt reason.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

None

Examples

The following is sample output from the show platform software fed switch active punt cause summary command.

Device# show platform software fed switch active punt cause summary
Statistics for all causes

Cause  Cause Info                      Rcvd                 Dropped
------------------------------------------------------------------------------
7      ARP request or response         1                    0                   
21     RP<->QFP keepalive              22314                0                   
55     For-us control                  12                   0                   
60     IP subnet or broadcast packet   21                   0                   
96     Layer2 control protocols        133808               0                   
------------------------------------------------------------------------------

The following is sample output from the show platform software fed switch active punt cause cause-id command.

Device# show platform software fed switch active punt cause 21
Detailed Statistics

Sub Cause       Rcvd                 Dropped
--------------------------------------------
0               22363                0                   

--------------------------------------------

show platform software fed switch punt cpuq

To display information about the punt traffic on CPU queues, use the show platform software fed switch punt cpuq command in privileged EXEC mode.

show platform software fed switch {switch-number | | active | | standby} punt cpuq {cpuq_id | | all | | brief | | clear | | rates}

Syntax Description

switch {switch-number active standby}

Displays information about the switch. You have the following options:

  • switch-number.

  • active —Displays information relating to the active switch.

  • standby —Displays information relating to the standby switch, if available.

    Note

     

    This keyword is not supported.

punt

Displays the punt informtion.

cpuq

Displays information about the CPU receive queue.

cpuq_id

Specifies details specific to a particular CPU queue.

all

Displays the statistics for all the CPU queues.

brief

Displays summarized statistics for all the queues like details about punt packets received and dropped.

clear

Clears the statistics for all the CPU queues. Clearing the CPU queue might result in inconsistent statistics.

rates

Displays the rate at which the packets are punted.

Command Default

None

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

None

Examples

The following is sample output from the show platform software fed switch active punt cpuq brief command.

Device#show platform software fed switch active punt cpuq brief 

Punt CPU Q Statistics Brief
======================================================================================
 Q  |         Queue            |  Rx    |  Rx   |  Rx    |  Drop  |  Drop   |  Drop  
 no |         Name             |  prev  |  cur  |  delta |  prev  |  cur    |  delta 
======================================================================================
 0  CPU_Q_DOT1X_AUTH                0        0        0        0        0        0       
 1  CPU_Q_L2_CONTROL                0        6772     6772     0        0        0       
 2  CPU_Q_FORUS_TRAFFIC             0        0        0        0        0        0       
 3  CPU_Q_ICMP_GEN                  0        0        0        0        0        0       
 4  CPU_Q_ROUTING_CONTROL           0        12       12       0        0        0       
 5  CPU_Q_FORUS_ADDR_RESOLUTION     0        1        1        0        0        0       
 6  CPU_Q_ICMP_REDIRECT             0        0        0        0        0        0       
 7  CPU_Q_INTER_FED_TRAFFIC         0        0        0        0        0        0       
 8  CPU_Q_L2LVX_CONTROL_PKT         0        0        0        0        0        0       
 9  CPU_Q_EWLC_CONTROL              0        0        0        0        0        0       
 10 CPU_Q_EWLC_DATA                 0        0        0        0        0        0       
 11 CPU_Q_L2LVX_DATA_PKT            0        0        0        0        0        0       
 12 CPU_Q_BROADCAST                 0        21       21       0        0        0       
 13 CPU_Q_LEARNING_CACHE_OVFL       0        0        0        0        0        0       
 14 CPU_Q_SW_FORWARDING             0        0        0        0        0        0       
 15 CPU_Q_TOPOLOGY_CONTROL          0        127300   127300   0        0        0       
 16 CPU_Q_PROTO_SNOOPING            0        0        0        0        0        0       
 17 CPU_Q_BFD_LOW_LATENCY           0        0        0        0        0        0       
 18 CPU_Q_TRANSIT_TRAFFIC           0        0        0        0        0        0       
 19 CPU_Q_RPF_FAILED                0        0        0        0        0        0       
 20 CPU_Q_MCAST_END_STATION_SERVICE 0        0        0        0        0        0       
 21 CPU_Q_LOGGING                   0        0        0        0        0        0       
 22 CPU_Q_PUNT_WEBAUTH              0        0        0        0        0        0       
 23 CPU_Q_HIGH_RATE_APP             0        0        0        0        0        0       
 24 CPU_Q_EXCEPTION                 0        0        0        0        0        0       
 25 CPU_Q_SYSTEM_CRITICAL           0        0        0        0        0        0       
 26 CPU_Q_NFL_SAMPLED_DATA          0        0        0        0        0        0       
 27 CPU_Q_LOW_LATENCY               0        0        0        0        0        0       
 28 CPU_Q_EGR_EXCEPTION             0        0        0        0        0        0       
 29 CPU_Q_FSS                       0        0        0        0        0        0       
 30 CPU_Q_MCAST_DATA                0        0        0        0        0        0       
 31 CPU_Q_GOLD_PKT                  0        0        0        0        0        0       

-------------------------------------------------------------------------------------

The table below describes the significant fields shown in the display.

Table 9. show platform software fed switch active punt cpuq brief Field Descriptions

Field

Description

Q no

ID of the queue.

Queue Name

Name of the queue.

Rx

Number of packets received.

Drop

Number of packets dropped.

The following is sample output from the show platform software fed switch active punt cpuq cpuq_id command.

Device#show platform software fed switch active punt cpuq 1 

Punt CPU Q Statistics
===========================================

CPU Q Id                       : 1
CPU Q Name                     : CPU_Q_L2_CONTROL
Packets received from ASIC     : 6774
Send to IOSd total attempts    : 6774
Send to IOSd failed count      : 0
RX suspend count               : 0
RX unsuspend count             : 0
RX unsuspend send count        : 0
RX unsuspend send failed count : 0
RX consumed count              : 0
RX dropped count               : 0
RX non-active dropped count    : 0
RX conversion failure dropped  : 0
RX INTACK count                : 6761
RX packets dq'd after intack   : 0
Active RxQ event               : 6761
RX spurious interrupt          : 0

Replenish Stats for all rxq:
-------------------------------------------
Number of replenish            : 61969
Number of replenish suspend    : 0
Number of replenish un-suspend : 0
-------------------------------------------

show platform sudi certificate

To display checksum record for the specific SUDI, use the show platform sudi certificate command in privileged EXEC mode.

show platform sudi certificate [ sign [ nonce < nonce>]]

Syntax Description

sign (Optional) Show signature
nonce (Optional) Enter a nonce value

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

This command was introduced.

Examples

This example shows how to view the checksum record for a specific SUDI :


# show platform sudi certificate

-----BEGIN CERTIFICATE-----
MIIDQzCCAiugAwIBAgIQX/h7KCtU3I1CoxW1aMmt/zANBgkqhkiG9w0BAQUFADA1
MRYwFAYDVQQKEw1DaXNjbyBTeXN0ZW1zMRswGQYDVQQDExJDaXNjbyBSb290IENB
IDIwNDgwHhcNMDQwNTE0MjAxNzEyWhcNMjkwNTE0MjAyNTQyWjA1MRYwFAYDVQQK
Ew1DaXNjbyBTeXN0ZW1zMRswGQYDVQQDExJDaXNjbyBSb290IENBIDIwNDgwggEg
MA0GCSqGSIb3DQEBAQUAA4IBDQAwggEIAoIBAQCwmrmrp68Kd6ficba0ZmKUeIhH
xmJVhEAyv8CrLqUccda8bnuoqrpu0hWISEWdovyD0My5jOAmaHBKeN8hF570YQXJ
FcjPFto1YYmUQ6iEqDGYeJu5Tm8sUxJszR2tKyS7McQr/4NEb7Y9JHcJ6r8qqB9q
VvYgDxFUl4F1pyXOWWqCZe+36ufijXWLbvLdT6ZeYpzPEApk0E5tzivMW/VgpSdH
jWn0f84bcN5wGyDWbs2mAag8EtKpP6BrXruOIIt6keO1aO6g58QBdKhTCytKmg9l
Eg6CTY5j/e/rmxrbU6YTYK/CfdfHbBcl1HP7R2RQgYCUTOG/rksc35LtLgXfAgED
o1EwTzALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUJ/PI
FR5umgIJFq0roIlgX9p7L6owEAYJKwYBBAGCNxUBBAMCAQAwDQYJKoZIhvcNAQEF
BQADggEBAJ2dhISjQal8dwy3U8pORFBi71R803UXHOjgxkhLtv5MOhmBVrBW7hmW
Yqpao2TB9k5UM8Z3/sUcuuVdJcr18JOagxEu5sv4dEX+5wW4q+ffy0vhN4TauYuX
cB7w4ovXsNgOnbFp1iqRe6lJT37mjpXYgyc81WhJDtSd9i7rp77rMKSsH0T8lasz
Bvt9YAretIpjsJyp8qS5UwGH0GikJ3+r/+n6yUA4iGe0OcaEb1fJU9u6ju7AQ7L4
CYNu/2bPPu8Xs1gYJQk0XuPL1hS27PKSb3TkL4Eq1ZKR4OCXPDJoBYVL0fdX4lId
kxpUnwVwwEpxYB5DC2Ae/qPOgRnhCzU=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEPDCCAySgAwIBAgIKYQlufQAAAAAADDANBgkqhkiG9w0BAQUFADA1MRYwFAYD
VQQKEw1DaXNjbyBTeXN0ZW1zMRswGQYDVQQDExJDaXNjbyBSb290IENBIDIwNDgw
HhcNMTEwNjMwMTc1NjU3WhcNMjkwNTE0MjAyNTQyWjAnMQ4wDAYDVQQKEwVDaXNj
bzEVMBMGA1UEAxMMQUNUMiBTVURJIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEA0m5l3THIxA9tN/hS5qR/6UZRpdd+9aE2JbFkNjht6gfHKd477AkS
5XAtUs5oxDYVt/zEbslZq3+LR6qrqKKQVu6JYvH05UYLBqCj38s76NLk53905Wzp
9pRcmRCPuX+a6tHF/qRuOiJ44mdeDYZo3qPCpxzprWJDPclM4iYKHumMQMqmgmg+
xghHIooWS80BOcdiynEbeP5rZ7qRuewKMpl1TiI3WdBNjZjnpfjg66F+P4SaDkGb
BXdGj13oVeF+EyFWLrFjj97fL2+8oauV43Qrvnf3d/GfqXj7ew+z/sXlXtEOjSXJ
URsyMEj53Rdd9tJwHky8neapszS+r+kdVQIDAQABo4IBWjCCAVYwCwYDVR0PBAQD
AgHGMB0GA1UdDgQWBBRI2PHxwnDVW7t8cwmTr7i4MAP4fzAfBgNVHSMEGDAWgBQn
88gVHm6aAgkWrSugiWBf2nsvqjBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vd3d3
LmNpc2NvLmNvbS9zZWN1cml0eS9wa2kvY3JsL2NyY2EyMDQ4LmNybDBQBggrBgEF
BQcBAQREMEIwQAYIKwYBBQUHMAKGNGh0dHA6Ly93d3cuY2lzY28uY29tL3NlY3Vy
aXR5L3BraS9jZXJ0cy9jcmNhMjA0OC5jZXIwXAYDVR0gBFUwUzBRBgorBgEEAQkV
AQwAMEMwQQYIKwYBBQUHAgEWNWh0dHA6Ly93d3cuY2lzY28uY29tL3NlY3VyaXR5
L3BraS9wb2xpY2llcy9pbmRleC5odG1sMBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJ
KoZIhvcNAQEFBQADggEBAGh1qclr9tx4hzWgDERm371yeuEmqcIfi9b9+GbMSJbi
ZHc/CcCl0lJu0a9zTXA9w47H9/t6leduGxb4WeLxcwCiUgvFtCa51Iklt8nNbcKY
/4dw1ex+7amATUQO4QggIE67wVIPu6bgAE3Ja/nRS3xKYSnj8H5TehimBSv6TECi
i5jUhOWryAK4dVo8hCjkjEkzu3ufBTJapnv89g9OE+H3VKM4L+/KdkUO+52djFKn
hyl47d7cZR4DY4LIuFM2P1As8YyjzoNpK/urSRI14WdIlplR1nH7KNDl5618yfVP
0IFJZBGrooCRBjOSwFv8cpWCbmWdPaCQT2nwIjTfY8c=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIDhjCCAm6gAwIBAgIDctWkMA0GCSqGSIb3DQEBCwUAMCcxDjAMBgNVBAoTBUNp
c2NvMRUwEwYDVQQDEwxBQ1QyIFNVREkgQ0EwHhcNMTUwODA2MDgwODI5WhcNMjUw
ODA2MDgwODI5WjBzMSwwKgYDVQQFEyNQSUQ6V1MtQzM2NTAtMTJYNDhVWiBTTjpG
RE8xOTMyWDAwQzEOMAwGA1UEChMFQ2lzY28xGDAWBgNVBAsTD0FDVC0yIExpdGUg
U1VESTEZMBcGA1UEAxMQV1MtQzM2NTAtMTJYNDhVWjCCASIwDQYJKoZIhvcNAQEB
BQADggEPADCCAQoCggEBANZxOGYI0eUl4HcSwjL4HO75qTjl9C2BHG3ufce9ikkN
xwGXi8qg8vKxuB9tRYRaJC5bP1WMoq7+ZJtQA079xE4X14soNbkq5NaUhh7RB1wD
iRUJvTfCOzVICbNfbzvtB30I75tCarFNmpd0K6AFrIa41U988QGqaCj7R1JrYNaj
nC73UXXM/hC0HtNR5mhyqer5Y2qjjzo6tHZYqrrx2eS1XOa262ZSQriAxmaH/KLC
K97ywyRBdJlxBRX3hGtKlog8nASB8WpXqB9NVCERzUajwU3L/kg2BsCqw9Y2m7HW
U1cerTxgthuyUkdNI+Jg6iGApm2+s8E9hsHPBPMCdIsCAwEAAaNvMG0wDgYDVR0P
AQH/BAQDAgXgMAwGA1UdEwEB/wQCMAAwTQYDVR0RBEYwRKBCBgkrBgEEAQkVAgOg
NRMzQ2hpcElEPVVZSk5ORmRRRlFvN1ZIVmxJRTlqZENBeU9DQXhPRG93TlRveE1T
QVg5eWc9MA0GCSqGSIb3DQEBCwUAA4IBAQBKicTRZbVCRjVIR5MQcWXUT086v6Ej
HahDHTts3YpQoyAVfioNg2x8J6EXcEau4voyVu+eMUuoNL4szPhmmDcULfiCGBcA
/R3EFuoVMIzNT0geziytsCf728KGw1oGuosgVjNGOOahUELu4+F/My7bIJNbH+PD
KjIFmhJpJg0F3q17yClAeXvd13g3W393i35d00Lm5L1WbBfQtyBaOLAbxsHvutrX
u1VZ5sdqSTwTkkO9vKMaQjh7a8J/AmJi93jvzM69pe5711P1zqZfYfpiJ3cyJ0xf
I4brQ1smdczloFD4asF7A+1vor5e4VDBP0ppmeFAJvCQ52JTpj0M0o1D
-----END CERTIFICATE-----

show romvar

To view all ROMMON environment variables, use the show romvar command. To view environmental variable for a specific resource, use the show romvar | i resource_name .

show romvar

Command Default

This command has no arguments or keywords.

Command Modes

Privileged EXEC

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

This example shows the output from the show romvar command:
Device# show romvar
ROMMON variables:
 PS1="switch: "
 TERMLINES="0"
 MOTHERBOARD_ASSEMBLY_NUM="73-18506-02"
 MOTHERBOARD_REVISION_NUM="05"
 MODEL_REVISION_NUM="P2B"
 POE1_ASSEMBLY_NUM="73-16123-03"
 POE1_REVISION_NUM="A0"
 POE1_SERIAL_NUM="FOC21387NKP"
 POE2_ASSEMBLY_NUM="73-16123-03"
 POE2_REVISION_NUM="A0"
 POE2_SERIAL_NUM="FOC21387NKT"
 IMAGE_UPGRADE="no"
 BOARDID="24666"
 MAC_ADDR="F8:B7:E2:4F:37:80"
 MODEL_NUM="C9300-48UN"
 MOTHERBOARD_SERIAL_NUM="FOC213901T4"
 SYSTEM_SERIAL_NUM="FCW2144L00V"
 USB_SERIAL_NUM="FOC21416472"
 STKPWR_SERIAL_NUM="FOC21432WPT"
 STKPWR_ASSEMBLY_NUM="73-11956-08"
 STKPWR_REVISION_NUM="B0"
 USB_ASSEMBLY_NUM="73-16167-02"
 USB_REVISION_NUM="A0"
 TAN_NUM="68-101202-01"
 TAN_REVISION_NUMBER="25"
 VERSION_ID="P2B"
 CLEI_CODE_NUMBER="ABCDEFGHIJ"
 ECI_CODE_NUMBER="123456"
 TAG_ID="E2003412012AFC00062B095E"
 TFTP_SERVER="10.8.0.6"
 TFTP_BLKSIZE="8192"
 TEMPLATE="access"
 LICENSE_BOOT_LEVEL="network-essentials,all:C9300_48P;"
 DC_COPY="yes"
 ENABLE_BREAK="yes"
 IP_ADDRESS="172.21.227.57"
 IP_SUBNET_MASK="255.255.254.0"
 DEFAULT_GATEWAY="172.21.226.1"
 BAUD="115200"
 AUTOREBOOT_RESTORE="0"
 SWITCH_NUMBER="5"
 CRASHINFO="crashinfo:crashinfo_RP_00_00_20180704-001833-UTC"
 BOOT="flash:packages.conf;"
 ABNORMAL_RESET_COUNT="0"
 RET_2_RTS="15:25:49 IST Fri Jul 13 2018"
 ROMMON_AUTOBOOT_ATTEMPT="3"
 BSI="0"
 RET_2_RCALTS=""
 RANDOM_NUM="1931842665"
 MANUAL_BOOT="yes"

show running-config

To display the contents of the current running configuration file or the configuration for a specific module, Layer 2 VLAN, class map, interface, map class, policy map, or virtual circuit (VC) class, use the show running-config command in privileged EXEC mode.

show running-config [options]

Syntax Description

options

(Optional) Keywords used to customize output. You can enter more than one keyword.

  • aaa [accounting | attribute | authentication | authorization | diameter | group | ldap | miscellaneous | radius-server | server | tacacs-server | user-name | username] : Displays AAA configurations.

  • all : Expands the output to include the commands that are configured with default parameters. If the all keyword is not used, the output does not display commands configured with default parameters.

  • bridge-domain {id | parameterized vlan} : Displays the running configuration for bridge domains.

  • brief : Displays the configuration without certification data and encrypted filter details.

  • class-map [name] [linenum] : Displays class map information.

  • cts [interface | policy-server | rbm-rbac | server | sxp] : Displays Cisco TrustSec configurations.

  • deprecated : Displays deprecated configuration along with the running configuration.

  • eap {method | profiles} : Displays EAP method configurations and profiles.

  • flow {exporter | monitor | record} : Displays global flow configuration commands.

  • full : Displays the full configuration.

  • identity {policy | profile} : Displays identity profile or policy information.

  • interface type number : Displays interface-specific configuration information. If you use the interface keyword, you must specify the interface type and the interface number (for example, interface GigabitEthernet 1/0/1 ). Use the show run interface ? command to determine the interfaces available on your system.

  • ip dhcp pool [name] : Displays IPv4 DHCP pool configuration.

  • ipv6 dhcp pool [name] : Displays IPv6 DHCP pool configuration.

  • linenum [brief | full | partition] : Displays line numbers in the output.

  • map-class [atm | dialer | frame-relay] [name] : Displays map class information.

  • mdns-sd [gateway | location-group | service-definition | service-list | service-peer | service-policy] : Displays Multicast DNS Service Discovery (mDNS-SD) configurations.

  • partition {access-list | class-map | common | global-cdp | interface | ip-as-path | ip-community | ip-prefix-list | ip-static-routes | line | policy-map | route-map | router | snmp | tacacs} : Displays the configuration corresponding to a partition.

  • policy-map [name ] [linenum ]: Displays policy map information.

  • switch number : Displays configuration for the specified switch.

  • view [full] : Enables the display of a full running configuration. This is for view-based users who typically can only view the configuration commands that they are entitled to access for that particular view.

  • vlan [vlan-id] : Displays the specific VLAN information; valid values are from 1 to 4094.

  • vrf [vrf-name] : Displays the Virtual routing and forwarding (VRF)-aware configuration module number .

Command Default

The default syntax, show running-config , displays the contents of the running configuration file, except commands configured using the default parameters.

Command Modes

Privileged EXEC (#)

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

The show running-config command is technically a command alias (substitute or replacement syntax) of the more system:running-config command. Although the use of more commands is recommended (because of their uniform structure across platforms and their expandable syntax), the show running-config command remains enabled to accommodate its widespread use, and to allow typing shortcuts such as show run .

The show running-config interface command is useful when there are multiple interfaces and you want to look at the configuration of a specific interface.

The linenum keyword causes line numbers to be displayed in the output. This option is useful for identifying a particular portion of a very large configuration.

You can enter additional output modifiers in the command syntax by including a pipe character (|) after the optional keyword. For example, show running-config interface GigabitEthernet 1/0/1 linenum | begin 3 . To display the output modifiers that are available for a keyword, enter | ? after the keyword. Depending on the platform you are using, the keywords and the arguments for the options argument may vary.

The show running-config all command displays complete configuration information, including the default settings and values. For example, if the Cisco Discovery Protocol (abbreviated as CDP in the output) hold-time value is set to its default of 180:

  • The show running-config command does not display this value.

  • The show running-config all displays the following output: cdp holdtime 180.

If the Cisco Discovery Protocol holdtime is changed to a nondefault value (for example, 100), the output of the show running-config and show running-config all commands is the same; that is, the configured parameter is displayed.

The show running-config command displays ACL information. To exclude ACL information from the output, use the show running | section exclude ip access | access list command.

Examples

The following example shows the configuration for GigabitEthernet0/0 interface. The fields are self-explanatory.

Device# show running-config interface gigabitEthernet0/0

Building configuration...

Current configuration : 130 bytes
!
interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 ip address 10.5.20.10 255.255.0.0
 negotiation auto
 ntp broadcast
end

The following example shows how to set line numbers in the command output and then use the output modifier to start the display at line 10. The fields are self-explanatory.

Device# show running-config linenum | begin 10

   10 : boot-start-marker
   11 : boot-end-marker
   12 : !
   13 : no logging buffered
   14 : enable password #####
   15 : !
   16 : spe 1/0 1/7
   17 :  firmware location bootflash:mica-modem-pw.10.16.0.0.bin
   18 : !
   19 : !
   20 : resource-pool disable
   21 : !
   22 : no aaa new-model
   23 : ip subnet-zero
   24 : ip domain name cisco.com
   25 : ip name-server 172.16.11.48
   26 : ip name-server 172.16.2.133
   27 : !
   28 : !
   29 : isdn switch-type primary-5ess
   30 : !
   .
   .
   .
   126 : end 

In the following sample output from the show running-config command, the shape average command indicates that the traffic shaping overhead accounting for ATM is enabled. The BRAS-DSLAM encapsulation type is qinq and the subscriber line encapsulation type is snap-rbe based on the ATM adaptation layer 5 (AAL5) service. The fields are self-explanatory.

Device# show running-config
.
.
.
subscriber policy recording rules limit 64
no mpls traffic-eng auto-bw timers frequency 0
call rsvp-sync
!
controller T1 2/0
framing sf
linecode ami
!
controller T1 2/1
framing sf
linecode ami
!
!
policy-map unit-test
class class-default
shape average percent 10 account qinq aal5 snap-rbe 
!

The following is sample output from the show running-config class-map command. The fields in the display are self-explanatory.

Device# show running-config class-map

Building configuration...

Current configuration : 2157 bytes
!
class-map match-any system-cpp-police-ewlc-control
  description EWLC Control 
class-map match-any system-cpp-police-topology-control
  description Topology control
class-map match-any system-cpp-police-sw-forward
  description Sw forwarding, L2 LVX data packets, LOGGING, Transit Traffic
class-map match-any system-cpp-default
  description EWLC Data, Inter FED Traffic 
class-map match-any system-cpp-police-sys-data
  description Openflow, Exception, EGR Exception, NFL Sampled Data, RPF Failed
class-map match-any system-cpp-police-punt-webauth
  description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
  description L2 LVX control packets
class-map match-any system-cpp-police-forus
  description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
  description MCAST END STATION
class-map match-any system-cpp-police-high-rate-app
  description High Rate Applications 
class-map match-any system-cpp-police-multicast
  description MCAST Data
class-map match-any system-cpp-police-l2-control
  description L2 control
class-map match-any system-cpp-police-dot1x-auth
  description DOT1X Auth
class-map match-any system-cpp-police-data
  description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
  description Stackwise Virtual OOB
...

The following example shows that the teletype (tty) line 2 is reserved for communicating with the second core:

Device# show running 

Building configuration...

Current configuration:
!
version 12.0
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname device
!
enable password lab
!
no ip subnet-zero
!
!
!
interface Ethernet0
 ip address 10.25.213.150 255.255.255.128
 no ip directed-broadcast
 no logging event link-status
!
interface Serial0
 no ip address
 no ip directed-broadcast
 no ip mroute-cache
 shutdown
 no fair-queue
!
interface Serial1
 no ip address
 no ip directed-broadcast
 shutdown
!
ip default-gateway 10.25.213.129
ip classless
ip route 0.0.0.0 0.0.0.0 10.25.213.129
!
!
line con 0
 transport input none
line 1 6
 no exec
 transport input all
line 7
 no exec
 exec-timeout 300 0
 transport input all
line 8 9
 no exec
 transport input all
line 10
 no exec
 transport input all
 stopbits 1
line 11 12
 no exec
 transport input all
line 13
 no exec
 transport input all
 speed 115200
line 14 16
 no exec
 transport input all
line aux 0
line vty 0 4
 password cisco
 login
!
end

show sdm prefer

To display information about the templates that can be used to maximize system resources for a particular feature, use the show sdm prefer command in privileged EXEC mode. To display the current template, use the command without a keyword.

show sdm prefer [ access ]

Syntax Description

access

(Optional) Displays information on the access template.

Command Default

No default behavior or values.

Command Modes

Privileged EXEC

Command History

Release

Modification

Cisco IOS XE Everest 16.5.1a

This command was introduced.

Usage Guidelines

If you did not reload the device after entering the sdm prefer global configuration command, the show sdm prefer privileged EXEC command displays the template currently in use and not the newly configured template.

The numbers displayed for each template represent an approximate maximum number for each feature resource. The actual number might vary, depending on the actual number of other features configured. For example, in the default template if your device had more than 16 routed interfaces (subnet VLANs), the number of possible unicast MAC addresses might be less than 6000.

Examples

The following is sample output from the show sdm prefer command:


Device# show sdm prefer

Showing SDM Template Info

This is the Access template.
  Number of VLANs:                                     4094
  Unicast MAC addresses:                               32768
  Overflow Unicast MAC addresses:                      1024
  L2 Multicast entries:                                8192
  Overflow L2 Multicast entries:                       512
  L3 Multicast entries:                                8192
  Overflow L3 Multicast entries:                       512
  Directly connected routes:                           24576
  Indirect routes:                                     8192
  STP Instances:                                       1024
  Security Access Control Entries:                     5120
  QoS Access Control Entries:                          5120
  Policy Based Routing ACEs:                           1024
  Netflow Input ACEs:                                  256
  Netflow Output ACEs:                                 768
  Ingress Netflow ACEs:                                256
  Egress Netflow ACEs:                                 768
  Flow SPAN ACEs:                                      1024
  Tunnels:                                             512
  LISP Instance Mapping Entries:                       512
  Control Plane Entries:                               512
  Input Netflow flows:                                 32768
  Output Netflow flows:                                32768
  SGT/DGT (or) MPLS VPN entries:                       8192
  SGT/DGT (or) MPLS VPN Overflow entries:              512
  Wired clients:                                       2048
  MACSec SPD Entries:                                  256
  MPLS L3 VPN VRF:                                     255
  MPLS Labels:                                         2048
  MPLS L3 VPN Routes VRF Mode:                         7168
  MPLS L3 VPN Routes Prefix Mode:                      3072
  MVPN MDT Tunnels:                                    256
  L2 VPN EOMPLS Attachment Circuit:                    256
  MAX VPLS Bridge Domains :                            128
  MAX VPLS Peers Per Bridge Domain:                    32
  MAX VPLS/VPWS Pseudowires :                          1024
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.

show tech-support license

To display the debug output, use the show license tech support command in privileged EXEC mode.

show tech-support license

Syntax Description

This command has no arguments or keywords.

Command Default

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Fuji 16.9.1

This command was introduced.

Examples

This example shows a sample output from the show tech-support license command:

Device# show tech-support license

------------------ show clock ------------------


*12:35:48.561 EDT Tue Jul 17 2018


------------------ show version ------------------

Cisco IOS XE Software, Version 16.09.01prd7
Cisco IOS Software [Fuji], Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.9.1prd7, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2018 by Cisco Systems, Inc.
Compiled Tue 10-Jul-18 08:47 by mcpre


Cisco IOS-XE software, Copyright (c) 2005-2018 by cisco Systems, Inc.
All rights reserved.  Certain components of Cisco IOS-XE software are
licensed under the GNU General Public License ("GPL") Version 2.0.  The
software code licensed under GPL Version 2.0 is free software that comes
with ABSOLUTELY NO WARRANTY.  You can redistribute and/or modify such
GPL code under the terms of GPL Version 2.0.  For more details, see the
documentation or "License Notice" file accompanying the IOS-XE software,
or the applicable URL provided on the flyer accompanying the IOS-XE
software.
!
!
!

show tech-support platform

To display detailed information about a platform for use by technical support, use the show tech-support platform command in privileged EXEC mode.

show tech-support platform

Syntax Description

This command has no arguments or keywords.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

This command is used for platform-specific debugging. The output provides detailed information about a platform, such as CPU usage, Ternary Content Addressable Memory (TCAM) usage, capacity, and memory usage.

The output of the show tech-support platform command is very long. To better manage this output, you can redirect the output to an external file (for example, show tech-support platform | redirect flash:filename ) in the local writable storage file system or remote file system.

The output of the show tech-support platform command displays a list commands and their output. These commands may differ based on the platform.

Examples

The following is sample output from the show tech-support platform command:

Device# show tech-support platform

.
.
.
------------------ show platform hardware capacity ------------------


Load Average
 Slot  Status  1-Min  5-Min 15-Min
1-RP0 Healthy   0.25   0.17   0.12

Memory (kB)
 Slot  Status    Total     Used (Pct)     Free (Pct) Committed (Pct)
1-RP0 Healthy  3964428  2212476 (56%)  1751952 (44%)   3420472 (86%)

CPU Utilization
 Slot  CPU   User System   Nice   Idle    IRQ   SIRQ IOwait
1-RP0    0   1.40   0.90   0.00  97.60   0.00   0.10   0.00
         1   2.00   0.20   0.00  97.79   0.00   0.00   0.00
         2   0.20   0.00   0.00  99.80   0.00   0.00   0.00
         3   0.79   0.19   0.00  99.00   0.00   0.00   0.00
         4   5.61   0.50   0.00  93.88   0.00   0.00   0.00
         5   2.90   0.40   0.00  96.70   0.00   0.00   0.00



 *: interface is up
 IHQ: pkts in input hold queue     IQD: pkts dropped from input queue
 OHQ: pkts in output hold queue    OQD: pkts dropped from output queue
 RXBS: rx rate (bits/sec)          RXPS: rx rate (pkts/sec)
 TXBS: tx rate (bits/sec)          TXPS: tx rate (pkts/sec)
 TRTL: throttle count

  Interface                   IHQ       IQD       OHQ       OQD      RXBS      RXPS      TXBS      TXPS      TRTL
-----------------------------------------------------------------------------------------------------------------
  Vlan1                         0         0         0         0         0         0         0         0         0
* GigabitEthernet0/0            0     10179         0         0      2000         4         0         0         0
  GigabitEthernet1/0/1          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/2          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/3          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/4          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/5          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/6          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/7          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/8          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/9          0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/10         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/11         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/12         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/13         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/14         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/15         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/16         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/17         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/18         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/19         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/20         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/21         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/22         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/23         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/24         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/25         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/26         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/27         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/28         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/29         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/30         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/31         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/32         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/33         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/34         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/35         0         0         0         0         0         0         0         0         0
  GigabitEthernet1/0/36         0         0         0         0         0         0         0         0         0
  Te1/0/37                      0         0         0         0         0         0         0         0         0
  Te1/0/38                      0         0         0         0         0         0         0         0         0
  Te1/0/39                      0         0         0         0         0         0         0         0         0
  Te1/0/40                      0         0         0         0         0         0         0         0         0
  Te1/0/41                      0         0         0         0         0         0         0         0         0
  Te1/0/42                      0         0         0         0         0         0         0         0         0
  Te1/0/43                      0         0         0         0         0         0         0         0         0
  Te1/0/44                      0         0         0         0         0         0         0         0         0
  Te1/0/45                      0         0         0         0         0         0         0         0         0
  Te1/0/46                      0         0         0         0         0         0         0         0         0
  Te1/0/47                      0         0         0         0         0         0         0         0         0
  Te1/0/48                      0         0         0         0         0         0         0         0         0
  Te1/1/1                       0         0         0         0         0         0         0         0         0
  Te1/1/2                       0         0         0         0         0         0         0         0         0
  Te1/1/3                       0         0         0         0         0         0         0         0         0
  Te1/1/4                       0         0         0         0         0         0         0         0         0
ASIC 0 Info
------------
ASIC 0 HASH Table 0 Software info: 	FSE 0
	MAB 0: Unicast MAC addresses srip 0 1 
	MAB 1: Unicast MAC addresses srip 0 1 
	MAB 2: Unicast MAC addresses srip 0 1 
	MAB 3: Unicast MAC addresses srip 0 1 
	MAB 4: Unicast MAC addresses srip 0 1 
	MAB 5: Unicast MAC addresses srip 0 1 
	MAB 6: Unicast MAC addresses srip 0 1 
	MAB 7: Unicast MAC addresses srip 0 1 
ASIC 0 HASH Table 1 Software info: 	FSE 0
	MAB 0: Unicast MAC addresses srip 0 1 
	MAB 1: Unicast MAC addresses srip 0 1 
	MAB 2: Unicast MAC addresses srip 0 1 
	MAB 3: Unicast MAC addresses srip 0 1 
	MAB 4: Unicast MAC addresses srip 0 1 
	MAB 5: Unicast MAC addresses srip 0 1 
	MAB 6: Unicast MAC addresses srip 0 1 
	MAB 7: Unicast MAC addresses srip 0 1 
ASIC 0 HASH Table 2 Software info: 	FSE 1
	MAB 0: L3 Multicast entries srip 2 3 
	MAB 1: L3 Multicast entries srip 2 3 
	MAB 2: SGT_DGT         srip 0 1 
	MAB 3: SGT_DGT         srip 0 1 
	MAB 4: (null)          srip 
	MAB 5: (null)          srip 
	MAB 6: (null)          srip 
	MAB 7: (null)          srip 
.
.
.

Output fields are self-explanatory.

show tech-support platform evpn_vxlan

To display Ethernet VPN (EVPN)-Virtual eXtensible LAN (VXLAN)-related platform information for use by technical support, use the show tech-support platform evpn_vxlan command in privileged EXEC mode.

show tech-support platform evpn_vxlan switch switch-number

Syntax Description

switch switch-number

Displays information for the specified switch. Valid values are from 1 to 9.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

The output of this command is very long. To better manage this output, you can redirect the output to an external file (for example, show tech-support platform evpn_vxlan switch 1 | redirect flash:filename ) in the local writable storage file system or remote file system.

Examples

The following is sample output from the show tech-support platform evpn_vxlan command:

Device# show tech-support platform evpn_vxlan switch 1 
.
.
.
    "show clock"
    "show version"
    "show running-config"switch no: 1


----- sh sdm prefer -----

Showing SDM Template Info

This is the Advanced template.
  Number of VLANs:                                     4094
  Unicast MAC addresses:                               32768
  Overflow Unicast MAC addresses:                      512
  L2 Multicast entries:                                4096
  Overflow L2 Multicast entries:                       512
  L3 Multicast entries:                                4096
  Overflow L3 Multicast entries:                       512
  Directly connected routes:                           16384
  Indirect routes:                                     7168
  STP Instances:                                       4096
  Security Access Control Entries:                     3072
  QoS Access Control Entries:                          2560
  Policy Based Routing ACEs:                           1024
  Netflow ACEs:                                        768
  Flow SPAN ACEs:                                      512
  Tunnels:                                             256
  LISP Instance Mapping Entries:                       256
  Control Plane Entries:                               512
  Input Netflow flows:                                 8192
  Output Netflow flows:                                16384
  SGT/DGT (or) MPLS VPN entries:                       4096
  SGT/DGT (or) MPLS VPN Overflow entries:              512
  Wired clients:                                       2048
  MACSec SPD Entries:                                  256
  MPLS L3 VPN VRF:                                     127
  MPLS Labels:                                         2048
  MPLS L3 VPN Routes VRF Mode:                         7168
  MPLS L3 VPN Routes Prefix Mode:                      3072
  MVPN MDT Tunnels:                                    256
  L2 VPN EOMPLS Attachment Circuit:                    256
  MAX VPLS Bridge Domains :                            64
  MAX VPLS Peers Per Bridge Domain:                    8
  MAX VPLS/VPWS Pseudowires :                          256
These numbers are typical for L2 and IPv4 features.
Some features such as IPv6, use up double the entry size;
so only half as many entries can be created.
* values can be modified by sdm cli.



----- show platform software fed switch 1 ifm interfaces nve -----




----- show platform software fed switch 1 ifm interfaces efp -----




----- show platform software fed switch 1 matm macTable -----


Total Mac number of addresses:: 0
*a_time=aging_time(secs)  *e_time=total_elapsed_time(secs)
Type:
MAT_DYNAMIC_ADDR           0x1  MAT_STATIC_ADDR            0x2  MAT_CPU_ADDR               0x4  MAT_DISCARD_ADDR           0x8
MAT_ALL_VLANS             0x10  MAT_NO_FORWARD            0x20  MAT_IPMULT_ADDR           0x40  MAT_RESYNC                0x80
MAT_DO_NOT_AGE           0x100  MAT_SECURE_ADDR          0x200  MAT_NO_PORT              0x400  MAT_DROP_ADDR            0x800
MAT_DUP_ADDR            0x1000  MAT_NULL_DESTINATION    0x2000  MAT_DOT1X_ADDR          0x4000  MAT_ROUTER_ADDR         0x8000
MAT_WIRELESS_ADDR      0x10000  MAT_SECURE_CFG_ADDR    0x20000  MAT_OPQ_DATA_PRESENT   0x40000  MAT_WIRED_TUNNEL_ADDR  0x80000
MAT_DLR_ADDR          0x100000  MAT_MRP_ADDR          0x200000  MAT_MSRP_ADDR         0x400000  MAT_LISP_LOCAL_ADDR   0x800000
MAT_LISP_REMOTE_ADDR 0x1000000  MAT_VPLS_ADDR        0x2000000
Device#

Output fields are self-explanatory.

show tech-support platform fabric

To display information about the switch fabric, use the show tech-support platform fabric command in privileged EXEC mode.

show tech-support platform fabric [display-cli | vrf vrf-name {ipv4 display-cli | ipv6 display-cli | source instance-id instance-id {ipv4 ip-address/ip-prefix | ipv6 ipv6-address/ipv6-prefix | mac mac-address} {dest instance-id instance-id} {ipv4 ip-address/ip-prefix | ipv6 ipv6-address/ipv6-prefix | mac mac-address} [display-cli]}]

Syntax Description

display-cli

(Optional) Displays the list of show commands available in the output of this command.

vrf vrf-name

(Optional) Displays fabric-related information for the specified virtual routing and forwarding (VRF) instance.

ipv4 ip-address/ip-prefix

(Optional) Displays fabric-related information for the source or destination IP VRF.

ipv6 ipv6-address/ipv6-prefix

(Optional) Displays fabric-related information for the source or destination IPv6 VRF.

source

(Optional) Displays fabric-related information for the source VRF.

instance-id instance-id

(Optional) Displays information about the endpoint identifier (EID) of the source.

mac mac-address

(Optional) Displays fabric-related information for the source and destination MAC VRF for Layer 2 extension deployments.

Command Modes

Privileged EXEC (#)

Command History

Release Modification

Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

The output of this command is very long. To better manage this output, you can redirect the output to an external file (for example, show tech-support platform fabric | redirect flash:filename ) in the local writable storage file system or remote file system.

The output of this command displays a list commands and their output. These commands may differ based on the platform.

Examples

The following is sample output from the show tech-support platform fabric vrf source instance-id ipv4 dest instance-id ipv4 command:

Device# show tech-support platform fabric vrf DEFAULT_VN source instance-id 
4098 ipv4 10.1.1.1/32 dest instance-id 4098 ipv4 10.12.12.12/32 

.
.
.
-----show ip lisp eid-table vrf DEFAULT_VN forwarding  eid remote 10.12.12.12-----
 
 
Prefix                 Fwd action  Locator status bits   encap_iid
10.12.12.12/32         encap       0x00000001            N/A
  packets/bytes       1/576
  path list 7F44EEC2C188, 4 locks, per-destination, flags 0x49 [shble, rif, hwcn]
    ifnums:
      LISP0.4098(78): 192.0.2.2
    1 path
      path 7F44F8B5AFF0, share 10/10, type attached nexthop, for IPv4
        nexthop 192.0.2.2 LISP0.4098, IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
    1 output chain
      chain[0]: IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
                IP adj out of GigabitEthernet1/0/1, addr 10.0.2.1 7F44F8E87378
 
 
-----show lisp instance-id 4098 ipv4 map-cache-----
 
 
LISP IPv4 Mapping Cache for EID-table vrf DEFAULT_VN (IID 4098), 3 entries
 
0.0.0.0/0, uptime: 02:46:01, expires: never, via static-send-map-request
  Encapsulating to proxy ETR
10.1.1.0/24, uptime: 02:46:01, expires: never, via dynamic-EID, send-map-request
  Encapsulating to proxy ETR
10.12.12.12/32, uptime: 02:45:54, expires: 21:14:06, via map-reply, complete
  Locator  Uptime    State      Pri/Wgt     Encap-IID
  192.0.2.2  02:45:54  up          10/10        -
 
 
-----show lisp instance-id 4098 ipv4  map-cache detail-----
 
 
LISP IPv4 Mapping Cache for EID-table vrf DEFAULT_VN (IID 4098), 3 entries
 
0.0.0.0/0, uptime: 02:46:01, expires: never, via static-send-map-request
  Sources: static-send-map-request
  State: send-map-request, last modified: 02:46:01, map-source: local
  Exempt, Packets out: 2(676 bytes) (~ 02:45:38 ago)
  Configured as EID address space
  Encapsulating to proxy ETR
101.1.0/24, uptime: 02:46:01, expires: never, via dynamic-EID, send-map-request
  Sources: NONE
  State: send-map-request, last modified: 02:46:01, map-source: local
  Exempt, Packets out: 0(0 bytes)
  Configured as EID address space
  Configured as dynamic-EID address space
  Encapsulating dynamic-EID traffic
  Encapsulating to proxy ETR
10.12.12.12/32, uptime: 02:45:54, expires: 21:14:06, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 02:45:54, map-source: 10.0.1.2
  Idle, Packets out: 1(576 bytes) (~ 02:45:38 ago)
  Locator  Uptime    State      Pri/Wgt     Encap-IID
  192.0.2.2  02:45:54  up          10/10        -
    Last up-down state change:         02:45:54, state change count: 1
    Last route reachability change:    02:45:54, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            02:45:54 (rtt 1ms)
 
 
-----show lisp instance-id 4098 ipv4 map-cache  10.12.12.12/32-----
 
 
LISP IPv4 Mapping Cache for EID-table vrf DEFAULT_VN (IID 4098), 3 entries
 
10.12.12.12/32, uptime: 02:45:54, expires: 21:14:06, via map-reply, complete
  Sources: map-reply
  State: complete, last modified: 02:45:54, map-source: 10.0.1.2
  Idle, Packets out: 1(576 bytes) (~ 02:45:38 ago)
  Locator  Uptime    State      Pri/Wgt     Encap-IID
  192.0.2.2  02:45:54  up          10/10        -
    Last up-down state change:         02:45:54, state change count: 1
    Last route reachability change:    02:45:54, state change count: 1
    Last priority / weight change:     never/never
    RLOC-probing loc-status algorithm:
      Last RLOC-probe sent:            02:45:54 (rtt 1ms)
 
 
-----show ip cef vrf DEFAULT_VN 10.12.12.12/32 internal-----
 
 
10.12.12.12/32, epoch 1, flags [sc, lisp elig], refcnt 6, per-destination sharing
  sources: LISP, IPL
  feature space:
    Broker: linked, distributed at 1st priority
  subblocks:
    SC owned,sourced: LISP remote EID - locator status bits 0x00000001
    LISP remote EID: 1 packets 576 bytes fwd action encap, cfg as EID space
    LISP source path list
      path list 7F44EEC2C188, 4 locks, per-destination, flags 0x49 [shble, rif, hwcn]
        ifnums:
          LISP0.4098(78): 192.0.2.2
        1 path
          path 7F44F8B5AFF0, share 10/10, type attached nexthop, for IPv4
            nexthop 192.0.2.2 LISP0.4098, IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
        1 output chain
          chain[0]: IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
                    IP adj out of GigabitEthernet1/0/1, addr 10.0.2.1 7F44F8E87378
      Dependent covered prefix type LISP, cover 0.0.0.0/0
    2 IPL sources [no flags]
  ifnums:
    LISP0.4098(78): 192.0.2.2
  path list 7F44EEC2C188, 3 locks, per-destination, flags 0x49 [shble, rif, hwcn]
    path 7F44F8B5AFF0, share 10/10, type attached nexthop, for IPv4
      nexthop 192.0.2.2 LISP0.4098, IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
  output chain:
    PushCounter(LISP:10.12.12.12/32) 7F44F3C8B8D8
    IP midchain out of LISP0.4098, addr 192.0.2.2 7F44F8E86CE8
    IP adj out of GigabitEthernet1/0/1, addr 10.0.2.1 7F44F8E87378
switch no: 1
.
.
. 

Device# show tech-support platform fabric vrf Campus_VN source instance-id 8189 
mac 00b7.7128.00a1 dest instance-id 8189 mac 00b7.7128.00a0   | i show

------------------ show clock ------------------
------------------ show version ------------------
------------------ show running-config ------------------
------------------ show device-tracking database ------------------
------------------ show lisp site ------------------
––––––––––––––------ show mac address-table address 00B7.7128.00A0-----
–––––––––––––------- show ip arp vrf Campus_VN-----
Device#

Output fields are self-explanatory.

show tech-support platform igmp_snooping

To display Internet Group Management Protocol (IGMP) snooping information about a group, use the show tech-support platform igmp_snooping command in privileged EXEC mode.

show tech-support platform igmp_snooping [Group_ipAddr | ipv4-address | [vlan | vlan-ID]]

Syntax Description

Group_ipAddr

(Optional) Displays snooping information about the specified group address.

ipv4-address

(Optional) IPv4 address of the group.

vlan vlan-ID

(Optional) Displays IGMP snooping VLAN information. Valid values are from 1 to 4094.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Examples

The output of this command is very long. To better manage this output, you can redirect the output to a file (for example, show tech-support platform igmp_snooping | redirect flash:filename ) in the local writable storage file system or remote file system.

Examples

The following is sample output from the show tech-support platform igmp_snooping command:

Device# show tech-support platform igmp_snooping GroupIPAddr 226.6.6.6 vlan  

.
.
.   
----- show ip igmp snooping groups | i 226.6.6.6 -----

5         226.6.6.6                user                    Gi1/0/8, Gi1/0/27, Gi1/0/28, 



----- show ip igmp snooping groups count -----

Total number of groups:   2



----- show ip igmp snooping mrouter -----


Vlan    ports
----    -----
  23    Router
  24    Router
  25    Router



----- show ip igmp snooping querier -----


Vlan      IP Address              IGMP Version   Port             
-------------------------------------------------------------
23        10.1.1.1                v2            Router                   
24        10.1.2.1                v2            Router                   
25        10.1.3.1                v2            Router                   



----- show ip igmp snooping vlan 5 -----


Global IGMP Snooping configuration:
-------------------------------------------
IGMP snooping                : Enabled
Global PIM Snooping          : Disabled
IGMPv3 snooping              : Enabled
Report suppression           : Enabled
TCN solicit query            : Disabled
TCN flood query count        : 2
Robustness variable          : 2
Last member query count      : 2
Last member query interval   : 1000

Vlan 5:
--------
IGMP snooping                       : Enabled
Pim Snooping                        : Disabled
IGMPv2 immediate leave              : Disabled
Explicit host tracking              : Enabled
Multicast router learning mode      : pim-dvmrp
CGMP interoperability mode          : IGMP_ONLY
Robustness variable                 : 2
Last member query count             : 2
Last member query interval          : 1000


----- show ip igmp snooping groups vlan 5 -----

Vlan      Group                    Type        Version     Port List
-----------------------------------------------------------------------
5         226.6.6.6                user                    Gi1/0/8, Gi1/0/27, Gi1/0/28, 
                                                           Gi2/0/7, Gi2/0/8, Gi2/0/27, 
                                                           Gi2/0/28
5         238.192.0.1              user                    Gi2/0/28



----- show platform software fed active ip igmp snooping vlan 5 -----


Vlan 5
---------
	IGMPSN Enabled  : On
	PIMSN Enabled   : Off
	Flood Mode      : On
	I-Mrouter       : Off
	Oper State      : Up
	STP TCN Flood   : Off
	Routing Enabled : Off
	PIM Enabled     : Off
	PVLAN           : No
	In Retry        : 0x0
	L3mcast Adj      : 
	Mrouter PortQ   : 
	Flood PortQ     : 


----- show platform software fed active ip igmp snooping groups | begin 226.6.6.6 -----

Vlan:5	Group:226.6.6.6
---------------------------------
Member ports   :
CAPWAP ports   :
Host Type Flags: 0
Failure Flags  : 0
DI handle      : 0x7f11151cbad8
REP RI handle  : 0x7f11151cc018
SI handle      : 0x7f11151cd198
HTM handle     : 0x7f11151cd518

si hdl : 0x7f11151cd198 rep ri hdl : 0x7f11151cc018 di hdl :  0x7f11151cbad8 htm hdl : 0x7f11151cd518
.
.
.
Device#

Output fields are self-explanatory.

show tech-support platform layer3

To display Layer 3 platform forwarding information, use the show tech-support platform layer3 command in privileged EXEC mode.

show tech-support platform layer3 {multicast Group_ipAddr ipv4-address switch switch-number srcIP ipv4-address | unicast {dstIP ipv4-address srcIP ipv4-address | vrf vrf-name destIP ipv4-address srcIP ipv4-address}}

Syntax Description

multicast

Displays multicast information.

Group_ipv6Addr ipv4-address

Displays information about the specified multicast group address.

switch switch-number

Displays information about the specified switch. Valid values are from 1 to 9.

srcIP ipv4-address

Displays information about the specified source address.

unicast

Displays unicast-related information.

dstIP ipv4-address

Displays information about the specified destination address.

vrf vrf-name

Displays unicast-related virtual routing and forwarding (VRF) information.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

The output of this command is very long. To better manage this output, you can redirect the output to an external file (for example, show tech-support platform layer3 multicast group 224.1.1.1 switch 1 srcIP 10.10.0.2 | redirect flash:filename ) in the local writable storage file system or remote file system.

Examples

The following is sample output from the show tech-support platform layer3 multicast group command:

Device# show tech-support platform layer3 multicast group_ipAddr 224.1.1.1 
switch 1 srcIp 10.10.0.2

.
.
.
destination IP: 224.1.1.1
source IP: 10.10.0.2
switch no: 1


----- show ip mroute 224.1.1.1 10.10.0.2 -----


IP Multicast Routing Table
Flags: D - Dense, S - Sparse, B - Bidir Group, s - SSM Group, C - Connected,
       L - Local, P - Pruned, R - RP-bit set, F - Register flag,
       T - SPT-bit set, J - Join SPT, M - MSDP created entry, E - Extranet,
       X - Proxy Join Timer Running, A - Candidate for MSDP Advertisement,
       U - URD, I - Received Source Specific Host Report, 
       Z - Multicast Tunnel, z - MDT-data group sender, 
       Y - Joined MDT-data group, y - Sending to MDT-data group, 
       G - Received BGP C-Mroute, g - Sent BGP C-Mroute, 
       N - Received BGP Shared-Tree Prune, n - BGP C-Mroute suppressed, 
       Q - Received BGP S-A Route, q - Sent BGP S-A Route, 
       V - RD & Vector, v - Vector, p - PIM Joins on route, 
       x - VxLAN group, c - PFP-SA cache created entry
Outgoing interface flags: H - Hardware switched, A - Assert winner, p - PIM Join
 Timers: Uptime/Expires
 Interface state: Interface, Next-Hop or VCD, State/Mode

(10.10.0.2, 224.1.1.1), 00:00:22/00:02:37, flags: LFT
  Incoming interface: GigabitEthernet1/0/10, RPF nbr 0.0.0.0, Registering
  Outgoing interface list:
    Vlan20, Forward/Sparse, 00:00:22/00:02:37, A



----- show ip mfib 224.1.1.1 10.10.0.2 -----


Entry Flags:    C - Directly Connected, S - Signal, IA - Inherit A flag,
                ET - Data Rate Exceeds Threshold, K - Keepalive
                DDE - Data Driven Event, HW - Hardware Installed
                ME - MoFRR ECMP entry, MNE - MoFRR Non-ECMP entry, MP - MFIB 
                MoFRR Primary, RP - MRIB MoFRR Primary, P - MoFRR Primary
                MS  - MoFRR  Entry in Sync, MC - MoFRR entry in MoFRR Client.
I/O Item Flags: IC - Internal Copy, NP - Not platform switched,
                NS - Negate Signalling, SP - Signal Present,
                A - Accept, F - Forward, RA - MRIB Accept, RF - MRIB Forward,
                MA - MFIB Accept, A2 - Accept backup,
                RA2 - MRIB Accept backup, MA2 - MFIB Accept backup

Forwarding Counts: Pkt Count/Pkts per second/Avg Pkt Size/Kbits per second
Other counts:      Total/RPF failed/Other drops
I/O Item Counts:   FS Pkt Count/PS Pkt Count
Default
 (10.10.0.2,224.1.1.1) Flags: HW
   SW Forwarding: 0/0/0/0, Other: 1/1/0
   HW Forwarding:   NA/NA/NA/NA, Other: NA/NA/NA
   GigabitEthernet1/0/10 Flags: A
   Vlan20 Flags: F IC
     Pkts: 0/0
   Tunnel0 Flags: F
     Pkts: 0/0



----- show platform software fed switch 1 ip multicast interface summary -----

Multicast Interface database

VRF  Interface                 IF ID               PIM Status  State               RI Handle           SVI         
------------------------------------------------------------------------------------------------------------
0    GigabitEthernet1/0/10     0x000000000000005f  enabled     0x0000000000000010  0x00007fb414b1f108  false       
0    Vlan20                    0x0000000000000060  enabled     0x0000000000000010  0x00007fb414b31a98  true        



----- show platform software fed switch 1 ip multicast groups summary -----

Multicast Groups database

Mvrf_id: 0  Mroute: (*, 224.0.1.40/32)  Flags:  C IC
  Htm: 0x00007fb414b23ce8  Si: 0x00007fb414b23a08  Di: 0x00007fb414b240e8  Rep_ri: 
  0x00007fb414b245f8

Mvrf_id: 0  Mroute: (*, 224.0.0.0/4)  Flags:  C
  Htm: 0x00007fb4143549e8  Si: 0x00007fb414b20a48  Di: 0x00007fb414b1fe78  Rep_ri: 
  0x00007fb414b20428

Mvrf_id: 0  Mroute: (*, 224.1.1.1/32)  Flags:  C IC
  Htm: 0x00007fb414b2cc98  Si: 0x00007fb414b2b678  Di: 0x00007fb414b2ab98  Rep_ri: 
  0x00007fb414b2b0c8

Mvrf_id: 0  Mroute: (10.10.0.2, 224.1.1.1/32)  Flags:  IC
  Htm: 0x00007fb414b2f348  Si: 0x00007fb414b321d8  Di: 0x00007fb414b2dba8  Rep_ri: 
  0x00007fb414b30ed8




----- show platform software fed switch 1 ip multicast groups count -----


Total Number of entries:4



----- show platform software fed switch 1 ip multicast groups 224.1.1.1/32  
source 10.10.0.2 detail -----


MROUTE ENTRY vrf 0 (10.10.0.2, 224.1.1.1/32)
  HW Handle: 140411418055080 Flags:  IC
RPF interface: GigabitEthernet1/0/10(95)): 
  HW Handle:140411418055080 Flags:A
Number of OIF: 3
Flags: 0x4   Pkts : 0
OIF Details:
     Tunnel0      Adj: 0xf8000636    F
     Vlan20      Adj: 0xf8000601  F IC
     GigabitEthernet1/0/10        A
Htm: 0x7fb414b2f348  Si: 0x7fb414b321d8  Di: 0x7fb414b2dba8  Rep_ri: 0x7fb414b30ed8


DI details
----------
Handle:0x7fb414b2dba8 Res-Type:ASIC_RSC_DI Res-Switch-Num:255 Asic-Num:255 Feature-ID:AL_FID_L3_
MULTICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1
priv_ri/priv_si Handle:(nil) Hardware Indices/Handles: index0:0x538e  
mtu_index/l3u_ri_index0:0x0  index1:0x538e  mtu_index/l3u_ri_index1:0x0 
Cookie length: 56
00 00 00 00 00 00 00 00 00 00 00 00 02 00 0a 0a 01 01 01 e0 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
Detailed Resource Information (ASIC# 0)
----------------------------------------

Destination Index (DI) [0x538e]
portMap = 0x00000000                0
cmi1 = 0x385
rcpPortMap = 0

al_rsc_cmi
CPU Map Index (CMI) [0x385]
ctiLo0 = 0x9
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0x9e
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
strip_seg = 0x0
copy_seg = 0x0
Detailed Resource Information (ASIC# 1)
----------------------------------------

Destination Index (DI) [0x538e]
portMap = 0x00000000                0
cmi1 = 0x385
rcpPortMap = 0

al_rsc_cmi
CPU Map Index (CMI) [0x385]
ctiLo0 = 0x9
ctiLo1 = 0
ctiLo2 = 0
cpuQNum0 = 0x9e
cpuQNum1 = 0
cpuQNum2 = 0
npuIndex = 0
strip_seg = 0x0
copy_seg = 0x0

==============================================================

RI details
----------
Handle:0x7fb414b30ed8 Res-Type:ASIC_RSC_RI_REP Res-Switch-Num:255 Asic-Num:255 Feature-ID:
AL_FID_L3_MULTICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1
priv_ri/priv_si Handle:(nil) Hardware Indices/Handles: index0:0x5  mtu_index/l3u_ri_index0:0x0  
index1:0x5  mtu_index/l3u_ri_index1:0x0 
Cookie length: 56
00 00 00 00 00 00 00 00 00 00 00 00 02 00 0a 0a 01 01 01 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
Detailed Resource Information (ASIC# 0)
----------------------------------------

Detailed Resource Information (ASIC# 1)
----------------------------------------


==============================================================

SI details
----------
Handle:0x7fb414b321d8 Res-Type:ASIC_RSC_SI_STATS Res-Switch-Num:255 Asic-Num:255 Feature-ID:
AL_FID_L3_MULTICAST_IPV4 Lkp-ftr-id:LKP_FEAT_INVALID ref_count:1
priv_ri/priv_si Handle:(nil) Hardware Indices/Handles: index0:0x4004  mtu_index/l3u_ri_index0:
0x0  sm handle 0:0x7fb414b2df98  index1:0x4004  mtu_index/l3u_ri_index1:0x0 
Cookie length: 56
00 00 00 00 00 00 00 00 00 00 00 00 02 00 0a 0a 01 01 01 e0 00 00 00 00 00 00 00 00 00 00 00 
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
Detailed Resource Information (ASIC# 0)
----------------------------------------
Detailed Resource Information (ASIC# 1)
----------------------------------------

==============================================================

HTM details
-----------
Handle:0x7fb414b2f348 Res-Type:ASIC_RSC_HASH_TCAM Res-Switch-Num:0 Asic-Num:255 Feature-ID:
AL_FID_L3_MULTICAST_IPV4 Lkp-ftr-id:LKP_FEAT_IPV4_MCAST_SG ref_count:1
priv_ri/priv_si Handle:(nil) Hardware Indices/Handles: handle0:0x7fb414b2f558 
Detailed Resource Information (ASIC# 0)
----------------------------------------
Number of HTM Entries: 1

Entry #0: (handle 0x7fb414b2f558)

KEY - src_addr:10.10.0.2 starg_station_index: 16387
MASK - src_addr:0.0.0.0 starg_station_index: 0
AD: use_starg_match: 0 mcast_bridge_frame: 0 mcast_rep_frame: 0 rpf_valid: 1 rpf_le_ptr: 0 
afd_client_flag: 0 dest_mod_bridge: 0 dest_mod_route: 1 cpp_type: 0 dest_mod_index: 0 rp_index: 
0 priority: 5 rpf_le: 36 station_index: 16388 capwap_mgid_present: 0 mgid 0 

==============================================================

The following is sample output from the show tech-support platform layer3 unicast vrf command:

Device# show tech-support platform layer3 unicast vrf vr1 dstIP 10.0.0.20 
srcIP 10.0.0.10

.
.
.
destination IP: 10.0.0.20
source IP: 10.0.0.10
vrf name :
          
Switch/Stack Mac Address : 5006.ab89.0280 - Local Mac Address
Mac persistency wait time: Indefinite
                                             H/W   Current
Switch#   Role    Mac Address     Priority Version  State 
-------------------------------------------------------------------------------------
*1       Active   5006.ab89.0280     1      V02     Ready                
          
          
          
          
          
----- show switch -------
          
          
          
10.0.0.10 -> 10.0.0.20 =>IP adj out of GigabitEthernet1/0/7, addr 10.0.0.20
          
          
----- show ip cef    exact-route platform  10.0.0.10 10.0.0.20 -----
          
          
          
nexthop is 10.0.0.20
          
          
Protocol Interface                 Address
IP       GigabitEthernet1/0/7      10.0.0.20(8)
                                   0 packets, 0 bytes
                                   epoch 0
                                   sourced in sev-epoch 0
                                   Encap length 14
                                   00211BFDE6495006AB8902C00800
                                   L2 destination address byte offset 0
                                   L2 destination address byte length 6
                                   Link-type after encap: ip
                                   ARP
          
          
----- show adjacency 10.0.0.20 detail -----
          
          
          
Routing entry for 10.0.0.0/24
  Known via "connected", distance 0, metric 0 (connected, via interface)
  Routing Descriptor Blocks:
  * directly connected, via GigabitEthernet1/0/7
      Route metric is 0, traffic share count is 1
          
          
----- show ip route   10.0.0.20 -----
          
          
          
10.0.0.20/32, epoch 3, flags [attached]
  Adj source: IP adj out of GigabitEthernet1/0/7, addr 10.0.0.20 FF90E67820
    Dependent covered prefix type adjfib, cover 10.0.0.0/24
  attached to GigabitEthernet1/0/7
          
          
----- show ip cef   10.0.0.20 detail -----
          
          
          
ip prefix: 10.0.0.20/32
          
          
Forwarding Table
          
10.0.0.20/32 -> OBJ_ADJACENCY (29), urpf: 30
Connected Interface: 31
Prefix Flags: Directly L2 attached
OM handle: 0x10205416d8 
          
          
          
----- show platform software ip switch 1 R0 cef prefix  10.0.0.20/32 detail -----
          
          
          
OBJ_ADJACENCY found: 29
          
          
Number of adjacency objects: 5
          
Adjacency id: 0x1d (29)
  Interface: GigabitEthernet1/0/7, IF index: 31, Link Type: MCP_LINK_IP
  Encap: 0:21:1b:fd:e6:49:50:6:ab:89:2:c0:8:0
  Encap Length: 14, Encap Type: MCP_ET_ARPA, MTU: 1500
  Flags: no-l3-inject
  Incomplete behavior type: None
  Fixup: unknown
  Fixup_Flags_2: unknown
  Nexthop addr: 10.0.0.20
  IP FRR MCP_ADJ_IPFRR_NONE 0
  OM handle: 0x1020541348 
          
          
          
          
----- show platform software adjacency switch 1 R0 index 29 -----
          
          
          
Forwarding Table
          
10.0.0.20/32 -> OBJ_ADJACENCY (29), urpf: 30
Connected Interface: 31
Prefix Flags: Directly L2 attached
aom id: 393, HW handle: (nil) (created)
          
          
          
----- show platform software ip switch 1 F0 cef prefix  10.0.0.20/32 detail -----
          
          
          
OBJ_ADJACENCY found: 29
          
          
Number of adjacency objects: 5
          
Adjacency id: 0x1d (29)
  Interface: GigabitEthernet1/0/7, IF index: 31, Link Type: MCP_LINK_IP
  Encap: 0:21:1b:fd:e6:49:50:6:ab:89:2:c0:8:0
  Encap Length: 14, Encap Type: MCP_ET_ARPA, MTU: 1500
  Flags: no-l3-inject
  Incomplete behavior type: None
  Fixup: unknown
  Fixup_Flags_2: unknown
  Nexthop addr: 10.0.0.20
  IP FRR MCP_ADJ_IPFRR_NONE 0
  aom id: 391, HW handle: (nil) (created)
          
          
          
          
----- show platform software adjacency switch 1 F0 index 29 -----
          
          
          
found aom id: 391
          
Object identifier: 391
  Description: adj 0x1d, Flags None 
  Status: Done, Epoch: 0, Client data: 0xc6a747a8
          
          
          
----- show platform software object-manager switch 1 F0 object 391 -----
          
          
Object identifier: 66
  Description: intf GigabitEthernet1/0/7, handle 31, hw handle 31, HW dirty: NONE AOM dirty NONE
  Status: Done
          
          
          
----- show platform software object-manager switch 1 F0 object 391  parents -----
          
          
Object identifier: 393
  Description: PREFIX 10.0.0.20/32 (Table id 0)
  Status: Done
.
.
.         

Output fields are self-explanatory.

show tech-support platform mld_snooping

To display Multicast Listener Discovery (MLD) snooping information about a group, use the show tech-support platform mld_snooping command in privileged EXEC mode.

show tech-support platform mld_snooping [Group_ipv6Addr ipv6-address ] [vlan | vlan-ID]

Syntax Description

Group_ipv6Addr

(Optional) Displays snooping information about the specified group address.

ipv6-address

(Optional) IPv6 address of the group.

vlan vlan-ID

(Optional) Displays MLD snooping VLAN information. Valid values are from 1 to 4094.

Command Modes

Privileged EXEC (#)

Command History

Release Modification
Cisco IOS XE Gibraltar 16.10.1

This command was introduced.

Usage Guidelines

The output of this command is very long. To better manage this output, you can redirect the output to an external file (for example, show tech-support platform mld_snooping | redirect flash:filename ) in the local writable storage file system or remote file system.

Examples

The following is sample output from the show tech-support platform mld_snooping command:

Device# show tech-support platform mld_snooping GroupIPv6Addr FF02::5:1  

.
.
.   
------------------ show running-config ------------------


Building configuration...

Current configuration : 11419 bytes
!
! Last configuration change at 09:17:04 UTC Thu Sep 6 2018
!
version 16.10
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service call-home
no platform punt-keepalive disable-kernel-core
!
hostname Switch
!
!
vrf definition Mgmt-vrf
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family
!
!
no aaa new-model
switch 1 provision ws-c3650-12x48uq
!
!
!
!
call-home
 ! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
 ! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
 contact-email-addr sch-smart-licensing@cisco.com
 profile "profile-1"
  active
  destination transport-method http
  no destination transport-method email
!
!
!
!
!
ip admission watch-list expiry-time 0
!
!
!
login on-success log
!
!
!
!
!
no device-tracking logging theft
!
crypto pki trustpoint TP-self-signed-559433368
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-559433368
 revocation-check none
 rsakeypair TP-self-signed-559433368
!
crypto pki trustpoint SLA-TrustPoint
 enrollment pkcs12
 revocation-check crl
!
!
crypto pki certificate chain TP-self-signed-559433368
 certificate self-signed 01
  30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 
  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 
  69666963 6174652D 35353934 33333336 38301E17 0D313531 32303331 32353432 
  325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3535 39343333 
  33363830 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 
  AD8C9C3B FEE7FFC8 986837D2 4C126172 446C3C53 E040F798 4BA61C97 7506FDCE 
  46365D0A E47E3F4F C774CA5B 73E2A8DD B72A2E98 C66DB196 94E8150F 0B669CF6 
  AA5BC4CD FC2E02F6 FE08B17F 0164FC19 7DC84ABB C99D91D6 398233FF 814EF6DA 
  6DC8FC20 CA12C0D6 1CB28EDA 6ADD6DFA 7E3E8281 4A189A9A AA44FCC0 BA9BD8A5 
  02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 
  23041830 16801448 668D668E C92914BB 69E9BA64 F61228DE 132E2030 1D060355 
  1D0E0416 04144866 8D668EC9 2914BB69 E9BA64F6 1228DE13 2E20300D 06092A86 
  4886F70D 01010505 00038181 0000F1D3 3DD1E5F1 EB714A95 D5819933 CAD0C943 
  59927D55 9D70CAD0 D64830EB D54380AD D2B5B613 F8AF7A5B 1F801134 246F760D 
  5E5515DB D098304F 5086F6CE 88E8B576 F6B93A88 F458FDCF 91A42D7E FA741908 
  5C892D78 600FB655 E6C5A4D0 6C1F1B9A 3AECA550 E3DC0881 01C4D004 7AB65BC3 
  88CF24DE DAA19474 51B535A5 0C
  	quit
crypto pki certificate chain SLA-TrustPoint
 certificate ca 01
  30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030 
  32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363 
  6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934 
  3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305 
  43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720 
  526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030 
  82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D 
  CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520 
  1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE 
  4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC 
  7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188 
  68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7 
  C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191 
  C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44 
  DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201 
  06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85 
  4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500 
  03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905 
  604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B 
  D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8 
  467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C 
  7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B 
  5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678 
  80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB 
  418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0 
  D697DF7F 28
  	quit
!
!
!
diagnostic bootup level minimal
diagnostic monitor syslog
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
!
redundancy
 mode sso
!
!
!
!
!
!
class-map match-any system-cpp-police-topology-control
  description Topology control
class-map match-any system-cpp-police-sw-forward
  description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
  description EWLC control, EWLC data, Inter FED 
class-map match-any system-cpp-police-sys-data
  description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any AutoQos-4.0-RT1-Class
 match dscp ef 
 match dscp cs6 
class-map match-any system-cpp-police-punt-webauth
  description Punt Webauth
class-map match-any AutoQos-4.0-RT2-Class
 match dscp cs4 
 match dscp cs3 
 match dscp af41 
class-map match-any system-cpp-police-l2lvx-control
  description L2 LVX control packets
class-map match-any system-cpp-police-forus
  description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
  description MCAST END STATION
class-map match-any system-cpp-police-multicast
  description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
  description L2 control
class-map match-any system-cpp-police-dot1x-auth
  description DOT1X Auth
class-map match-any system-cpp-police-data
  description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
  description Stackwise Virtual
class-map match-any system-cpp-police-control-low-priority
  description ICMP redirect and general punt
class-map match-any system-cpp-police-wireless-priority1
  description Wireless priority 1
class-map match-any system-cpp-police-wireless-priority2
  description Wireless priority 2
class-map match-any system-cpp-police-wireless-priority3-4-5
  description Wireless priority 3,4 and 5
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
  description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
  description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
  description DHCP snooping
class-map match-any system-cpp-police-system-critical
  description System Critical and Gold Pkt
!
policy-map system-cpp-policy
 class system-cpp-police-data
  police rate 200 pps
 class system-cpp-police-routing-control
  police rate 500 pps
 class system-cpp-police-control-low-priority
 class system-cpp-police-wireless-priority1
 class system-cpp-police-wireless-priority2
 class system-cpp-police-wireless-priority3-4-5
policy-map port_child_policy
 class non-client-nrt-class
  bandwidth remaining ratio 10
!
! 
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
 vrf forwarding Mgmt-vrf
 no ip address
 speed 1000
 negotiation auto
!
interface GigabitEthernet1/0/1
 switchport mode access
 macsec network-link
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
interface TenGigabitEthernet1/1/3
!
interface TenGigabitEthernet1/1/4
!
interface Vlan1
 no ip address
 shutdown
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip access-list extended AutoQos-4.0-wlan-Acl-Bulk-Data
 permit tcp any any eq 22
 permit tcp any any eq 465
 permit tcp any any eq 143
 permit tcp any any eq 993
 permit tcp any any eq 995
 permit tcp any any eq 1914
 permit tcp any any eq ftp
 permit tcp any any eq ftp-data
 permit tcp any any eq smtp
 permit tcp any any eq pop3
ip access-list extended AutoQos-4.0-wlan-Acl-MultiEnhanced-Conf
 permit udp any any range 16384 32767
 permit tcp any any range 50000 59999
ip access-list extended AutoQos-4.0-wlan-Acl-Scavanger
 permit tcp any any range 2300 2400
 permit udp any any range 2300 2400
 permit tcp any any range 6881 6999
 permit tcp any any range 28800 29100
 permit tcp any any eq 1214
 permit udp any any eq 1214
 permit tcp any any eq 3689
 permit udp any any eq 3689
 permit tcp any any eq 11999
ip access-list extended AutoQos-4.0-wlan-Acl-Signaling
 permit tcp any any range 2000 2002
 permit tcp any any range 5060 5061
 permit udp any any range 5060 5061
ip access-list extended AutoQos-4.0-wlan-Acl-Transactional-Data
 permit tcp any any eq 443
 permit tcp any any eq 1521
 permit udp any any eq 1521
 permit tcp any any eq 1526
 permit udp any any eq 1526
 permit tcp any any eq 1575
 permit udp any any eq 1575
 permit tcp any any eq 1630
 permit udp any any eq 1630
 permit tcp any any eq 1527
 permit tcp any any eq 6200
 permit tcp any any eq 3389
 permit tcp any any eq 5985
 permit tcp any any eq 8080
!
!
!
ipv6 access-list preauth_ipv6_acl
 permit udp any any eq domain
 permit tcp any any eq domain
 permit icmp any any nd-ns
 permit icmp any any nd-na
 permit icmp any any router-solicitation
 permit icmp any any router-advertisement
 permit icmp any any redirect
 permit udp any eq 547 any eq 546
 permit udp any eq 546 any eq 547
 deny ipv6 any any
!
control-plane
 service-policy input system-cpp-policy
!
!
line con 0
 stopbits 1
line aux 0
 stopbits 1
line vty 0 4
 login
line vty 5 15
 login
!
!
mac address-table notification mac-move
!
!
!
!
!
end


-----show switch | Include Ready-----

*1       Active   188b.9dfc.eb00     1      V00     Ready                


----- show ipv6 mld snooping address | i FF02::5:1 -----

Vlan      Group                    Type        Version     Port List
-----------------------------------------------------------------------
123       FF02::5:1                mld         v2          Gi2/0/1

Device#

Output fields are self-explanatory.