Go to page of
Similar user manuals
-
Switch
Enterasys Networks Matrix E7
231 pages 2.14 mb -
Switch
Enterasys Networks Mid-Span Power Hub
28 pages 0.98 mb -
Network Hardware
Enterasys Networks 4H4202-72
90 pages 2.41 mb -
Switch
Enterasys Networks TRPZ-MP-372-CN
28 pages 0.48 mb -
Switch
Enterasys Networks N Standalone (NSA) Series
1372 pages 7.2 mb -
Network Card
Enterasys Networks Wireless Ethernet Adapter I
88 pages 0.86 mb -
Network Router
Enterasys Networks XSR-3250
25 pages 0.57 mb -
Network Router
Enterasys Networks RBT-1002C
56 pages 0.53 mb
A good user manual
The rules should oblige the seller to give the purchaser an operating instrucion of Enterasys Networks XSR CLI, along with an item. The lack of an instruction or false information given to customer shall constitute grounds to apply for a complaint because of nonconformity of goods with the contract. In accordance with the law, a customer can receive an instruction in non-paper form; lately graphic and electronic forms of the manuals, as well as instructional videos have been majorly used. A necessary precondition for this is the unmistakable, legible character of an instruction.
What is an instruction?
The term originates from the Latin word „instructio”, which means organizing. Therefore, in an instruction of Enterasys Networks XSR CLI one could find a process description. An instruction's purpose is to teach, to ease the start-up and an item's use or performance of certain activities. An instruction is a compilation of information about an item/a service, it is a clue.
Unfortunately, only a few customers devote their time to read an instruction of Enterasys Networks XSR CLI. A good user manual introduces us to a number of additional functionalities of the purchased item, and also helps us to avoid the formation of most of the defects.
What should a perfect user manual contain?
First and foremost, an user manual of Enterasys Networks XSR CLI should contain:
- informations concerning technical data of Enterasys Networks XSR CLI
- name of the manufacturer and a year of construction of the Enterasys Networks XSR CLI item
- rules of operation, control and maintenance of the Enterasys Networks XSR CLI item
- safety signs and mark certificates which confirm compatibility with appropriate standards
Why don't we read the manuals?
Usually it results from the lack of time and certainty about functionalities of purchased items. Unfortunately, networking and start-up of Enterasys Networks XSR CLI alone are not enough. An instruction contains a number of clues concerning respective functionalities, safety rules, maintenance methods (what means should be used), eventual defects of Enterasys Networks XSR CLI, and methods of problem resolution. Eventually, when one still can't find the answer to his problems, he will be directed to the Enterasys Networks service. Lately animated manuals and instructional videos are quite popular among customers. These kinds of user manuals are effective; they assure that a customer will familiarize himself with the whole material, and won't skip complicated, technical information of Enterasys Networks XSR CLI.
Why one should read the manuals?
It is mostly in the manuals where we will find the details concerning construction and possibility of the Enterasys Networks XSR CLI item, and its use of respective accessory, as well as information concerning all the functions and facilities.
After a successful purchase of an item one should find a moment and get to know with every part of an instruction. Currently the manuals are carefully prearranged and translated, so they could be fully understood by its users. The manuals will serve as an informational aid.
Table of contents for the manual
-
Page 1
X-Pedition ™ Security Router XSR CLI Reference Guide Ve r s i o n 7 . 6 P/N 9033842-07[...]
-
Page 2
[...]
-
Page 3
-i Notice Enterasys Networks reserves the right to ma ke changes in specificatio ns and other informat ion contained in this document and its W eb site without prior notice. The read er should in all cases cons ult Enterasys Networks to determi ne whether any such changes have been made. The hardwar e, firmwar e, or software described in th is docu[...]
-
Page 4
0 Enterasys Networks, Inc. FIRMW ARE LICENSE AGREEMENT BEFORE OPENING OR UTILIZIN G THE ENCL OSED PRODUCT , CAREFULL Y READ THIS LICENSE AGREEMENT . This document is an agreemen t (“ Agreemen t”) between the end user (“Y ou”) and Enterasys Networks, [...]
-
Page 5
i 4) EXPOR T RESTRICTIONS. Yo u unders tand that Enterasys and its Affiliates are subject to re gulation by agencies of the U.S. Gov ernment, including the U.S. Departme nt of Commerce, which prohibit export or diversion of certai[...]
-
Page 6
ii 9) OWNERSHIP . This is a license agreement and not an agreement for sale. Yo u acknowledge and agree that the Program constitutes trade secrets and/or copyrighted mat erial of Enterasys and/or it s suppliers. Yo u agree to [...]
-
Page 7
v Contents Preface Chapter 1: Network Management Observing Syntax and Conv entions ................ ................ ................... ................ ................. .......... ............ ..... 1-1 Network Management Commands ............... ................ ................... ................ ................ ................. ...... ....[...]
-
Page 8
vi ARP Commands . ................ ................ ................ ................ .................... ................ ............. ......... .............. 5-149 Other IP Commands . ................ ................ ................ .................... ................ ................ ........ ............... ....... 5-151 IP Clear and Sho[...]
-
Page 9
vii QoS Show Commands ................ ................. ................ ................ ................ ................... ......... ................ 12-105 Chapter 13: Configuring ADSL Observing Syntax and Conv entions ................ ................ ................... ................ ................. .......... ............ . 13-83 ADSL[...]
-
Page 10
viii[...]
-
Page 11
XSR User’s Guid e ix Preface This guide describes the Command Line Interface (CLI) commands needed to mount, connect, power ‐ up, and maintain an XSR from Enterasys Netw orks. This guide is written for administrators who wan t to [...]
-
Page 12
x Conventions Used in This Guide The following conventions are used in this guide: Getting Help For additional support related to the XSR, contact Enterasys Netw orks using one of the following methods: Caution: Contains information essential to avoid damage to [...]
-
Page 13
XSR User’s Guid e xi Before contacting Ente rasys Networks for technical support, have the fol lowing information ready: •Y o u r Enterasys Networks service contract number •A description of the failure •A description of any action(s) already[...]
-
Page 14
xii[...]
-
Page 15
XSR CLI Reference Guide 1-1 1 Network Management Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. Network Management C ommands This chapter includes the following subsets of network management comm[...]
-
Page 16
General Network Management Commands 1-2 Network Management General Network Management Commands banner This command cr eates a login banner at the XSR’ s CLI prompt. Te x t is entered one line at time and should not exceed 80 characters per line. ?[...]
-
Page 17
General Network Management Commands XSR CLI Reference Guide 1-3 crypto key dsa This command generates the Digital Signature Algorithm (DSA) type host key pair (pri va te and public) as we ll as displays the public key . A unique set of host k[...]
-
Page 18
General Network Management Commands 1-4 Network Management Example XSR#disable enable This command jumps to Privileged EXEC mode. Synt ax enable Mode EXEC: XSR> Example XSR>enable end This command terminates configuration mode. Synt ax end Mode Any configuration Example XSR(config)#end exit This[...]
-
Page 19
General Network Management Commands XSR CLI Reference Guide 1-5 help This command retrieves he lp at any Mode. Synt ax help Mode All Example XSR#help ip http port This command changes the HTTP (Hyper Te x t Tr a n s f e r Protocol) port where incoming HTT P (W eb) sessi[...]
-
Page 20
General Network Management Commands 1-6 Network Management Synt ax ip http server [ enable | disable ] Synt ax of the “no” Form The no form of this command disables the HTTP serv er: no ip http server Mode Global configuration: XSR(config)# Default Disable Examples XSR(config)#ip http server enable XS[...]
-
Page 21
General Network Management Commands XSR CLI Reference Guide 1-7 •P o r t number 22 Example XSR(config)#ip ssh server enable ip telnet port This command changes the Te l n e t port where incoming Te l n e t sessions connect to. Synt ax ip telnet port { port_number | default } Mode Global conf[...]
-
Page 22
General Network Management Commands 1-8 Network Management Mode Global configuration: XSR(config)# Default Enabled Examples XSR(config)#ip telnet server enable XSR(config)#no ip telnet server ping This network connectivity command, whi ch applies to IP pin g only , sends fiv e echo request[...]
-
Page 23
General Network Management Commands XSR CLI Reference Guide 1-9 Reply from 192.168.27.165: 10ms Reply from 192.168.27.165: 10ms Reply from 192.168.27.165: 10ms Reply from 192.168.27.165: 10ms Packets: Sent = 5, Received = 5, Los t = 0 The following example shows the destination lost afte r three pings: XSR>pin[...]
-
Page 24
General Network Management Commands 1-10 Network Management Mode Global configuration: XSR(config)# Default s •P r i v i l e g e level 0: all statistics ( show ) commands with low ‐ level security su ch as show version , show clock , etc. •P r i v i l e g e levels 1 throu[...]
-
Page 25
General Network Management Commands XSR CLI Reference Guide 1-11 session-timeout This command sets the interv al for closing a connection when there is no input. If the keyw ord console, ssh, or Te l n e t is used, the timeout be comes the de[...]
-
Page 26
General Network Management Commands 1-12 Network Management •W i d t h : 132 characters •0 means no limit Example XSR#terminal width 40 XSR#terminal length 40 traceroute This command gathers information regarding the route that IP datag rams follow to a specified destin[...]
-
Page 27
General Network Management Commands XSR CLI Reference Guide 1-13 username This command adds a user , privileg e level, passw ord, and encryption type for those accessing the XSR. Assigni ng privilege lev e ls lets you control which users can mana ge [...]
-
Page 28
General Show Commands 1-14 Network Management Mode Global configuration: XSR(config)# Default s •U s e r n a m e : admin • P assword: ““ (null or zero length string) •N e w user level: 0 unless expli citly set •P r i v i l e g e for special user admin : 15 ?[...]
-
Page 29
General Show Commands XSR CLI Reference Guide 1-15 Sample Output The following output display s public key: XSR(config)#crypto key dsa show ---- BEGIN SSH2 PUBLIC KEY ---- Subject: root Comment: "1024-bit dsa, administrato r@Robo1, Mon Mar 03 2003 05:06:16 " AAAAB3NzaC1kc3MAAACBAIgwEkVM26GpC9L+ cu9HnXps8S6Qlrhp7mwGudUY[...]
-
Page 30
snmp-server Commands 1-16 Network Management Sample Output The following is output from the ip telnet command: XSR#show ip telnet TELNET Information: Telnet Server: Enabled Telnet Port: 23 Active Telnet Sessions: 1 snmp-server Commands This command set configures the SNMP agent on the [...]
-
Page 31
snmp-server Commands XSR CLI Reference Guide 1-17 Yo u can download Enterasys MIBs from the fo llowing We b site: http://www .enterasys.com/support/mibs/ Enterasys Configuration Management This MIB allows an SNMP management entity to upload and download executab[...]
-
Page 32
snmp-server Commands 1-18 Network Management snmp-server community This command allows a community string to access MIBs in the XSR. Synt ax snmp-server community community-stri ng [ view view-name ][ ro | rw ] [ access-list - num ] Synt ax of the “no” Form The no form of this [...]
-
Page 33
snmp-server Commands XSR CLI Reference Guide 1-19 Synt ax of the “no” Form The no form of this command offers no contact information: no snmp-server contact Mode Global configuration: XSR(config)# Default Null string Example XSR(config)#snmp-server contact Larr yCurtis@enterasys.com XSR(config)#sn[...]
-
Page 34
snmp-server Commands 1-20 Network Management Synt ax of the “no” Form The no form of this command disables the sending of specified traps: no snmp-server enable traps [[ snmp [ authentication ]] entity | frame-relay ] Mode Global configuration: XSR(config)# Default Disabled Examples To ena[...]
-
Page 35
snmp-server Commands XSR CLI Reference Guide 1-21 Mode Global configuration: XSR(config)# Example The following example specifies the Engine ID: XSR(config)#snmp-server engineID loc al 00020AF100 results in an engine ID of 0x800015F80500020A F100 snmp-server group This command configur[...]
-
Page 36
snmp-server Commands 1-22 Network Management snmp-server host This command specifies host parameters of the SNMP serv er; it adds a new man agement station to send traps to. If the address already exists, the command will update the s[...]
-
Page 37
snmp-server Commands XSR CLI Reference Guide 1-23 Example The following examples illustrate an SNMP host with trap on and off : XSR(config)#snmp-server host 192.168 .1.10 traps trapsOn XSR(config)#no snmp-server host 192. 168.2.11 Sample Output The following are three sample outputs ?[...]
-
Page 38
snmp-server Commands 1-24 Network Management Example This example shows an inform with 1 retry , a 5 ‐ second timeout and a 10 pending val u e : XSR(config)#snmp-server informs retr ies 1 timeout 5 pending 10 snmp-server location This command specifies the location of[...]
-
Page 39
snmp-server Commands XSR CLI Reference Guide 1-25 Default 0 traps (unlimited) Example The following example sets the traps permitted to 1000: XSR(config)#snmp-server max-traps-pe r-window 1000 snmp-server min-trap-sp acing This command sets the interv al betw een successiv e SNMP ?[...]
-
Page 40
snmp-server Commands 1-26 Network Management Synt ax of the “no” Form The no form sets the maximum allow ed incoming and outgoing packetsize to the default: no snmp-server packetsize Mode Global configuration: XSR(config)# Default 1,500 bytes Example The following example ?[...]
-
Page 41
snmp-server Commands XSR CLI Reference Guide 1-27 Synt ax snmp-server set entityMIB { entPhysic alAlias | entPhysicalAssetID } host < strin g > Synt ax of the “no” Form The no command sets the PhysicalAlias or PhysicalAssetID in the Entity MIB as an empty string: no snmp-server s[...]
-
Page 42
snmp-server Commands 1-28 Network Management snmp-server t f t p-server-list This command specifies an Access Control List (A CL) to limit TF TP serv ers’ access during SNMP downloads. Synt ax snmp-server tftp-server-list access- list-num Synt ax of the “no” Form The no form [...]
-
Page 43
snmp-server Commands XSR CLI Reference Guide 1-29 snmp-server trap-timeout This command specifies the interval traps in the retransmission queue are retried if no route exists to the host that SNMP traps will to be sent to. Synt ax snmp-server tr[...]
-
Page 44
snmp-server Commands 1-30 Network Management Synt ax of the “no” Form Use the no form of this command to remov e a user: no snmp-server user username group name { v1 | v2c | v3 } Mode Global configuration: XSR(config)# Example The example below configures ljc of the [...]
-
Page 45
snmp-server Commands XSR CLI Reference Guide 1-31 Mode Global configuration: XSR(config)# Examples The following example creates a view of all objec ts on the XSR: XSR(config)#snmp-server view v3view internet included The following example creates a view of all obje[...]
-
Page 46
snmp-server Commands 1-32 Network Management at 1.3. 6.1.2. 1.3 atEntry 1.3.6 .1.2.1 .3.1.1 ip 1.3. 6.1.2. 1.4 ipAddrEn try 1.3.6.1 .2.1.4.20 .1 ipRouteEnt ry 1.3.6. 1.2.1.4. 21.1 ipNetT oMedi aEntry 1. 3.6.1.2.1 .4.22.1 icmp 1.3. 6.1.2. 1.5 tcp 1.3.6.1 .2.1.6 tcpConnEntry 1.3.6.1.2.1. 6.13.1 udp 1.3.6 .1.2.1.7 udpEntry 1.3. 6.1.2. 1.7.5.1 egp 1.3.[...]
-
Page 47
snmp-server Commands XSR CLI Reference Guide 1-33 snmp-server window-time This command specifies the length, in seconds, of the moving window used to count the number of traps sent. Synt ax snmp-server window-time time Synt ax of the “no” Form The no form of [...]
-
Page 48
SNMP Show Commands 1-34 Network Management SNMP Show Commands show snmp This command information about the SNMP server . Synt ax show snmp [ location ] Mode Privileged EXEC: XSR# Sample Output The following is sample output from the command: XSRtop(config)#show snmp Chassis serial#: 000001[...]
-
Page 49
SNMP Show Commands XSR CLI Reference Guide 1-35 0 Silent drops 0 Proxy drops The example below shows output with the location option entered: XSR#show snmp location Haverhill Mass. show snmp engineID This command displays the identification of the local SNMP engine. Synt ax sho[...]
-
Page 50
SNMP Show Commands 1-36 Network Management grouname: nm security model: v3 auth readview: v1default wirteview: nmMIBIIview notifyview: nmMIBIIview The following is sample output from the command: XSR#show snmp group groupname: v3RWGroup security model: v3 readview: v3view writeView: v3view notifyview: <no notifyview s[...]
-
Page 51
SLA Agent Commands XSR CLI Reference Guide 1-37 User name: authprivUser group: v3RWGroup Engine ID: 800015f8030001f423e691 storage-type: nonvolatile active Parameter Description show snmp view This command displays information on each SNMP view in the gro up username table. Synt ax show snmp view Mode[...]
-
Page 52
SLA Agent Commands 1-38 Network Management Synt ax aggregate-period period Synt ax of the “no” Form The no form of this command returns to the default va l u e : aggregate-period period Mode RTR Echo configuration: XSR(config-rtr-echo- xx )# Default 600 seconds Example The following ?[...]
-
Page 53
SLA Agent Commands XSR CLI Reference Guide 1-39 Example This example sets the buckets ‐ of ‐ history val u e to 5 records: XSR(config-rtr-echo-1)#buckets-of-hi story-kept 5 frequency This command specifies how frequently to send a Response Time Reporter (RTR) probe.[...]
-
Page 54
SLA Agent Commands 1-40 Network Management Mode RTR Echo configuration: XSR(config-rtr-echo- xx )# Example The following example creates an RTR map: XSR(config-rtr-echo-57)#map "network in Peoria" owner This command binds a Response Time Reporter (RTR) owner (administ[...]
-
Page 55
SLA Agent Commands XSR CLI Reference Guide 1-41 Mode RTR Echo configuration: XSR(config-rtr-echo- xx )# Default Pa y l o a d size: 12 bytes Example The following example limits the RTR payload size to 32 bytes: XSR(config-rtr-echo-57)#request-data -size 32 ta g This command spe[...]
-
Page 56
SLA Agent Commands 1-42 Network Management Synt ax of the “no” Form The no form of this command returns to the default va l u e : no timeout Mode RTR Echo configuration: XSR(config-rtr-echo- xx )# Default 5000 milliseconds Example The following example resets the RTR ?[...]
-
Page 57
RTR-mode Commands XSR CLI Reference Guide 1-43 RTR-mode Commands rtr This command creates a Response Time Reporter (RTR) entry . The following are sub ‐ commands: • rtr owner registers the RTR administrator . Go to page 1 ‐ 43 for the command descr[...]
-
Page 58
RTR-mode Commands 1-44 Network Management Default Quota: 700 Example The following example registers the RTR owner: XSR(config)#rtr owner operator1 192.168.57.5 email larrycurtis@enterays.com quota 1000 rtr schedule This command schedules an Response Time Re porter (RTR) entry . Synt ax rt[...]
-
Page 59
RTR Show Commands XSR CLI Reference Guide 1-45 RTR Show Commands show rtr operation-st ate This command displays the current operational state of the Response Time Reporter (RTR). Synt ax show rtr operation-state [ operation- id ] Mode EXEC configuration: XSR> Sample Output The following ?[...]
-
Page 60
RTR Show Commands 1-46 Network Management Status of Entry (SNMP RowStatus): ac tive Protocol Type: ipIcmpEcho Target Address: 192.168.57.3 Source Address: 192.168.57.43 Request Size (data portion): 12 Life (seconds): 5000 Next Scheduled Start Time: Start Tim e already passed Number of History Buckets kept: 15 show rtr history This command d[...]
-
Page 61
XSR CLI Reference Guide 2-55 2 Configuring T1/E1 and T3/E3 Subsystems Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. T1/E1 & T3/E3 Commands The following commands define T1/E1 /T3/E3 subsys tem funct[...]
-
Page 62
T1/E1 & T3/E3 Commands 2-56 Configuring T1/E1 and T3/E3 Subsystems cablelength For T3 controllers only This command specifies the distance of cabling from the XSR to the network equipment for a T3 NIM card only . Synt ax cablelength feet Synt ax of the “no” Form The[...]
-
Page 63
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-57 the received sig nals. This feature is provided by placing a transmit attenuator in the data path. This attenuation is selectable from 0 , ‐ 7.5 , ‐ 15 , or ‐ 22.5 dB . Synt ax cablele[...]
-
Page 64
T1/E1 & T3/E3 Commands 2-58 Configuring T1/E1 and T3/E3 Subsystems Synt ax cablelength short { 133 | 266 | 399 | 533 | 655 } Synt ax of the “no” form The no form of this command returns the val u e to the default setting: no cablelength short Default s 133 feet Mode Controller conf[...]
-
Page 65
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-59 Synt ax of the “no” Form Use the no form of the command to remov e a channel group: no channel-group number Default s Speed: 64 kbps for both T1 and E1 controlle rs. Mode Controller configuration: XSR(confi[...]
-
Page 66
T1/E1 & T3/E3 Commands 2-60 Configuring T1/E1 and T3/E3 Subsystems Default Line Mode Controller configuration: XSR(config-controller < xx >)# Examples The following example configures the T1 controller on NIM 1 , port 0 (f irst port), with ESF framing, B8ZS li[...]
-
Page 67
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-61 Synt ax of the “no” Form The no form of this command deletes the defined controller: no controller { t1 | e1 | t3 | e3 }{ slot/card/port } no controller { t1 | e1 | t3 | e3 }{ card/port } Mode Global configuration: XSR(config)# Next Mode Controll[...]
-
Page 68
T1/E1 & T3/E3 Commands 2-62 Configuring T1/E1 and T3/E3 Subsystems Synt ax crc { 16 | 32 } Synt ax of the “‘no” Form The no form of this command returns to the default setting: no crc Default 16 Mode Interface configuration: XSR(config-if< xx >)# Example This example enables ?[...]
-
Page 69
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-63 XSR(config)#controller t1 1/0 XSR(config-controller<T1-1/0>)#frami ng esf XSR(config-controller<T1-1/0>)#linec ode b8zs XSR(config-controller<T1-1/0>)#clock source line XSR(config-controller<T1-1/0>)#descr iption “Acme’s T1” The following example descr[...]
-
Page 70
T1/E1 & T3/E3 Commands 2-64 Configuring T1/E1 and T3/E3 Subsystems XSR(config-controller<T3-1/2/0>)#fra ming m13 XSR(config-controller<T3-1/2/0>)#cab lelength 250 XSR(config-controller<T3-1/2/0>)#dsu mode adtran dsu bandwid th For T3 controllers only This command specifies the peak allowable bandwidth ?[...]
-
Page 71
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-65 Mode Controller configuration: XSR(config-controller xx )# Default •T 3 : 44,210 kbps (full ‐ rate) •E 3 : 34,099.5 kbps (full ‐ rate) Example The following example configures the T3 controller in slot 1 , card 2 ?[...]
-
Page 72
T1/E1 & T3/E3 Commands 2-66 Configuring T1/E1 and T3/E3 Subsystems equipment For T3/E3 controllers only This command configures the T3/E3 controller as network or customer equipment and operates according to the T1.403 ANSI standard, allowing equipment configure[...]
-
Page 73
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-67 Synt ax framing { sf | esf } ( T1 ) framing { crc4 | no-crc4 } ( E1 ) framing { c-bit | m13 } ( T3 ) framing { g751 | bypass } ( E3 ) Synt ax of the “no” Form Return to the defaul t framing setting by using the no form: no framing Default s •T 1 : [...]
-
Page 74
T1/E1 & T3/E3 Commands 2-68 Configuring T1/E1 and T3/E3 Subsystems interface serial This command configures the Seria l interface automatically created by the controller command in conjunction with T1/E1 and T3/E3 NIM operations. The T3 module offers [...]
-
Page 75
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-69 Example The following example configures the E3 controller in slot 1 , card 2 with line source clocking and international bits of 0 and 0 : XSR(config)#controller e3 1/2/0 XSR(config-controller<E3-1/2/0&[...]
-
Page 76
T1/E1 & T3/E3 Commands 2-70 Configuring T1/E1 and T3/E3 Subsystems Synt ax linecode { ami | b8zs | hdb3 } Synt ax of the “no” Form Return to the defaul t linecode setting by using the no form: no linecode Default s •T 1 line: B8ZS •E 1 line: HDB3 Mode Controller configuration: [...]
-
Page 77
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-71 Synt ax of the “no” Form no loopback Default Disabled Mode Controller configuration: XSR(config-controller < xx >)# Examples The following example init iates a local loopback test: XSR(config)#controller t1 1/0 XSR(config-controller<T1-1/0>)#[...]
-
Page 78
T1/E1 & T3/E3 Commands 2-72 Configuring T1/E1 and T3/E3 Subsystems Mode Controller configuration: XSR(config-controller xx )# Default 1 Example The following example configures the E3 controller in slot 1 , card 2 with line sou rce clocking and a national reserv[...]
-
Page 79
T1/E1 & T3/E3 Commands XSR CLI Reference Guide 2-73 Example The following example configures the T3 controller in slot 1 , car d 2 with line source clocking, M13 framing, in unchannelized mode, cablelength of 250 , DSU interoperability mode ?[...]
-
Page 80
T1/E1 and T3/E3 Clear and Show Commands 2-74 Configuring T1/E1 and T3/E3 Subsystems Examples The following example disables a T1 controller: XSR(config)#controller t1 1/0 XSR(config-controller<T1-1/0>)#shutd own The following example re ‐ ena bles a T3 controller: XSR(config)#controller t3 1/2[...]
-
Page 81
T1/E1 and T3/E3 Clear and Show Commands XSR CLI Reference Guide 2-75 show controllers This command displays the status and statistics for any controller . The T1/E1, T3/E3, and AT M subsystems track var i o u s status and statist ical parameters, including t[...]
-
Page 82
T1/E1 and T3/E3 Clear and Show Commands 2-76 Configuring T1/E1 and T3/E3 Subsystems 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 Rx ABCD * * * * * * F F 0 * F F F F F F F F F F F F F F Channel 1: Timeslots 1,2,3,4,5,6,7,8,9, 10 64kbps Base rate Channel 2: Timeslots 12,13 56kbps Base rate Data in current interval (502 second s elapsed): 0 Line Co[...]
-
Page 83
T1/E1 and T3/E3 Clear and Show Commands XSR CLI Reference Guide 2-77 Latest II I II IV No Code No Code No Code No Code Alarms Detected: LOS LOF TxAIS RxAIS TxRA I RxRAI LOOP PayLd X X X 24 Hour Statistics cleared: MAY 04 2 2:33:47 Current time: MAY 04 22:34:13 Interval LVC PCV CCV PES PSES SE FS UAS LES CES CSES Total 4352 0 0 2 2 2 2 2 2 2 Current[...]
-
Page 84
T1/E1 and T3/E3 Clear and Show Commands 2-78 Configuring T1/E1 and T3/E3 Subsystems Rx ABCD * * * * * * F F 0 * F F F F F F F F F F F F F F Time slot that bypasses between port 0 and 1 carry Channel Associa[...]
-
Page 85
T1/E1 and T3/E3 Clear and Show Commands XSR CLI Reference Guide 2-79 FE AC code rece iv e d Displays the last 4 FEAC codes or commands that wer e received. Applicable for C ‐ bit parity framing only , per ANSI T1.105 ‐ 1995. This field are in[...]
-
Page 86
Drop and Insert Commands 2-80 Configuring T1/E1 and T3/E3 Subsystems Drop and Insert Commands These commands effect the operation of the T1/E1 Drop and Insert NI M. drop-and-insert-group This command, which takes no parameters, instructs the T1 controller to off[...]
-
Page 87
Drop and Insert Commands XSR CLI Reference Guide 2-81 Mode Controller configuration: XSR(config-controller < xx >)# Default cas Example This configuration instructs the XSR to terminate timeslots 1, 2, 3, 4, 5, 6 and 7 of controller T1 0/1/ 0 into a ?[...]
-
Page 88
Drop and Insert Commands 2-82 Configuring T1/E1 and T3/E3 Subsystems Applique type is Fractional T1. Loopback is set as none. Cablelength long and short 0. Framing is esf, Line Encoding is b8z s, Clock Source is line. Description: None Alarms Detected: None Rx 0signal level -0.0DB (Accuracy:+/-3DB) Bypass time slots table ( * data tim e slots on s/[...]
-
Page 89
XSR CLI Reference Guide 3-83 3 Configuring the XSR Plat form Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described in the following table. Plat form Commands The following sets of commands define the platform subsystem ?[...]
-
Page 90
Clock Commands 3-84 Configuring the XSR Platform Clock Commands clock set This command sets the current time of the Real Time Clock chip (software module clock). After resetting the XSR, you must manually set the clock. Synt ax clock set hh:mm:ss wday md[...]
-
Page 91
Crypto Key Commands XSR CLI Reference Guide 3-85 Crypto Key Commands crypto key master generate This command generates a random master encryption key . When the command is entered, you are prompted to identify the previous master key . If yo u success fu[...]
-
Page 92
Other Platform Commands 3-86 Configuring the XSR Platform crypto key master specify This command allows you to speci fy a master encryption key . When entered , the command first prompts you to identify the pr evious ma ster key . If you cannot i[...]
-
Page 93
Other Platform Commands XSR CLI Reference Guide 3-87 Example XSR(config)#cpu-utilization debug processor This command defines a method to force forw arding engine jobs to a specific CPU or allows the jobs to float between av ailable CPUs. Synt ax debug processor[...]
-
Page 94
Other Platform Commands 3-88 Configuring the XSR Platform Example XSR#hostname XSR-1800 XSR-1800# logging This command enables/disables message logging at va r y i n g severity leve ls for specified destinations. Refer to Appendix A in the XSR User ’s Guide for ?[...]
-
Page 95
Other Platform Commands XSR CLI Reference Guide 3-89 Synt ax of the “no” Form Use the no form of this command to di sable the earlier configured se rvice: no logging [console | buffered | mon itor | snmp | A.B.C.D | file | ti mestamp] Mode Global Configuration: XSR(config)# Default s •F [...]
-
Page 96
Other Platform Commands 3-90 Configuring the XSR Platform Examples This example sets logging at High for the console wi th a local ti mestamp: XSR#logging console high timestamp l ocal The following example sets a Low logging level for all destinations with [...]
-
Page 97
SNTP Commands XSR CLI Reference Guide 3-91 Mode Global configuration: XSR(config)# Examples The following example selects a 5 ‐ minute auto inst all: XSR(config)#netload The following example selects a persistent auto inst all: XSR(config)#netload persistent SNTP Commands sntp-client[...]
-
Page 98
SNTP Commands 3-92 Configuring the XSR Platform sntp-client poll-interval This command configures the interval th e SNTP client wa i ts , when synchronized, before sending another time request to an SNTP serv er . The poll ‐ interval is applied continu[...]
-
Page 99
SNTP Commands XSR CLI Reference Guide 3-93 no sntp-server This command disables the SNTP server . Synt ax no sntp-server Mode Global configuration: XSR(config)# show sntp This command displays the current status of the SNTP server . Synt ax show sntp Output XSR>show sntp SNTP server[...]
-
Page 100
Platform Clear and Show Commands 3-94 Configuring the XSR Platform Nominal freq is xxxxx Hz , actual freq is xxxx Hz, precision is 2**16 Reference time is 12345678.12345678 (01:01:01 .123 EDT Mon Jan 1 2004) Clock offset is 1.1234 msec, root [...]
-
Page 101
Platform Clear and Show Commands XSR CLI Reference Guide 3-95 clear logging This command deletes all messages from the logging buffer in RAM. Synt ax clear logging Mode Privileged EXEC: XSR# Example XSR#clear logging show buffers This command displays platform memory statistics [...]
-
Page 102
Platform Clear and Show Commands 3-96 Configuring the XSR Platform Memory Block Allocation: Memory Options enabled: None. ------------------------------------ --------------------------------- Size Number Number Avg.S ize Max.Size Number of Size Carved Carved In Use In Use Request Requests Upgrade ------------------------------------ --------------[...]
-
Page 103
Platform Clear and Show Commands XSR CLI Reference Guide 3-97 show buffers i/o This command displays summary I/O (data buffers, frame elements) memory usage statistics. Allocations are based on the hardwa re present in the XSR. Synt ax show buffers i/o Mode Privileg[...]
-
Page 104
Platform Clear and Show Commands 3-98 Configuring the XSR Platform Parameter Descriptions show buffers malloc This command displays summary Malloc (tables, configuration structure) area memory statistics. Synt ax show buffers malloc Mode Privileged EXEC configuration: XSR# Common Buffer ?[...]
-
Page 105
Platform Clear and Show Commands XSR CLI Reference Guide 3-99 Sample Output Memory Block Allocation: Memory Options enabled: None. ------------------------------------ ------------------------------ Size Number Number Avg.Size Max.Size Number of Size Carved Carved In Use In Use Request Requests Upgrade ------------------------------------ ---------[...]
-
Page 106
Platform Clear and Show Commands 3-100 Configuring the XSR Platform show cpu-utilization This command tracks current use of va r i o us CPU processes as a percentage of tota l CPU usage for the last five second, one minute, and fiv e ‐ minute inter[...]
-
Page 107
Platform Clear and Show Commands XSR CLI Reference Guide 3-101 show fault-report This command displays the fault report captured when the XSR experiences a system problem. It contains information that pinpoints the cause of the software fai lure. Thi[...]
-
Page 108
Platform Clear and Show Commands 3-102 Configuring the XSR Platform Sample Output The following is sample output from an XSR ‐ 3020 router: Fault Report captured in node Router Name on Sept 22, 2001 at 3:30:5 9pm Fault: Data TLB Miss Processor up-time = 1234 hours 59 mi nutes 59 seconds Processor = PowerPC 405 GP E[...]
-
Page 109
Platform Clear and Show Commands XSR CLI Reference Guide 3-103 004276be 12345678 12345678 12345678 12345678 12345678 12345678 12345 678 004276ce 12345678 12345678 12345678 12345678 12345678 12345678 12345 678 004276de 12345678 12345678 12345678 12345678 12345678 12345678 12345 678 etc. for all tasks End of fault report. When the XSR is [...]
-
Page 110
Platform Clear and Show Commands 3-104 Configuring the XSR Platform Synt ax show logging Mode EXEC or Privileged EXEC: XSR> or XSR# Example XSR>show logging file Sample Output The following example displays the logging file information: XSR#show logging file History of logging to file cflash:lo ggen[...]
-
Page 111
Platform Clear and Show Commands XSR CLI Reference Guide 3-105 Mode Privileged EXEC: XSR# Sample Output XSR#show sntp Server IP:192.168.27.88 Poll Interval: 512 Sntp Requested: 1 Last Synced: 17:00:34-UTC-Sunday,26- JAN-2003 Current Time: 10:53:01-UTC-Monday,27 -JAN-2003 show version This command displays current XSR har[...]
-
Page 112
Platform Clear and Show Commands 3-106 Configuring the XSR Platform Software: Version 5.5.1.3, Built May 16 20 03, 14:31:56 CLI revision 1.5 Software file is “xsr1800.fls” w ith VPN; with Firewall XSR-1800 uptime is 33 days, 10 h ours, 44 minutes. The following example displays output from an XSR ‐ 3150: XSR#show v[...]
-
Page 113
File System Commands XSR CLI Reference Guide 3-107 Example XSR#show whoami Sample Output XSR#show whoami Comm Server “Enterasys”, current lin e at 9600bps. File System Commands The XSR employs an MS ‐ DOS ‐ compatible file system in Flash memory . The following commands are av ailable.[...]
-
Page 114
File System Commands 3-108 Configuring the XSR Platform XSR(config)#rename VPN_XSR1800.fls x sr1800.fls Rename flash:VPN_xsr1800.fls to flas h:xsr1800.fls(y/n) ? y renaming file flash:VPN_xsr1800.fls -> flash:xsr1800.fls XSR# The following example renames the firmw are file as part of an F TP/TF TP [...]
-
Page 115
File System Commands XSR CLI Reference Guide 3-109 XSR#copy running-config startup-conf ig . Mode Privileged EXEC: XSR# Examples XSR#copy tftp://192.168.27.1/root/en terasys-sw flash: Save Configuration to TFTP Server Save the startup-config fi le on a TF TP serv er over the netw ork. Enter: XSR#copy [...]
-
Page 116
File System Commands 3-110 Configuring the XSR Platform Configuration Load This example loads startu p ‐ config via the netw ork from a TF TP server . The XSR does not load the configuration from the netw ork automat ically . XSR#copy tftp:TFTP1/tftpfiles/tftpim a[...]
-
Page 117
File System Commands XSR CLI Reference Guide 3-111 Mode Privileged EXEC: XSR# Example XSR#copy startup-config tftp://192.1 68.1.100/cfg.txt Sample Output XSR#copy startup-config tftp://192.1 68.1.100/abc.cfg Copy 'startup-config' from Flash to server as 'abc.cfg'(y/n) ? y Upload to server done File size: 2997 bytes delet[...]
-
Page 118
File System Commands 3-112 Configuring the XSR Platform Mode Privileged EXEC: XSR# Default flash: unless you change the default using the cd command. Example XSR#dir flash: Sample Output The following is sample output from an XSR 1800 Series router: XSR#dir flash: Listi[...]
-
Page 119
File System Commands XSR CLI Reference Guide 3-113 Default •F o r m a t : ASCII •D i r e c t o r y : current directory Examples XSR#more /ascii flash:startup-config XSR#more flash:startup-config Sample Output In ASCII format ( /ascii ): Controller t1 1/0 Clock source line primary Framing esf In Binary format [...]
-
Page 120
File System Commands 3-114 Configuring the XSR Platform which is specified in the flash:boot ‐ config file. Although you cannot configure the secondary EOS file, if you wish to rename it, use the boot system command. Be aw are that if t[...]
-
Page 121
File System Commands XSR CLI Reference Guide 3-115 Examples The following example immediately cold restarts the XSR: XSR#reload cold The following example warm upgrades the new image from the primary OS file in the flash: directory and tests it ?[...]
-
Page 122
File System Commands 3-116 Configuring the XSR Platform Example XSR#rename cflash:xsr3000.fls.5512 flash:xsr3000.fls show hostname This command displays the name you specified for the XSR. Synt ax show hostname Mode EXEC: XSR> Example XSR#show hostname Sample Output XSR#show hostname Local hostname is XSR [...]
-
Page 123
File System Commands XSR CLI Reference Guide 3-117 XSR#show reload No reload is scheduled No EOS fallback Parameter Description show running-config This command displays the router ’ s running configuration as a sequence of CLI commands segmented by module. The XSR gathers ?[...]
-
Page 124
File System Commands 3-118 Configuring the XSR Platform session-timeout console 35000 session-timeout telnet 35000 session-timeout ssh 35000 !T1E1 controller t1 0/2/0 clock source internal no shutdown !IKE crypto isakmp proposal try1 authentication pre-share encryption aes hash md5 group 5 lifetime 40000 crypto isakmp peer 2.2.2.2 255.255.2 55.255 [...]
-
Page 125
File System Commands XSR CLI Reference Guide 3-119 !OSPF router ospf 1 network 30.1.1.0 0.0.0.255 area 0.0. 0.0 network 20.1.1.0 0.0.0.255 area 0.0. 0.0 !RIP router rip !SNMP snmp-server community public rw snmp-server enable !AAA aaa group ii dns server primary 0.0.0.0 dns server secondary 0.0.0.0 wins server primary 0.0.0.0 wins server secondary [...]
-
Page 126
File System Commands 3-120 Configuring the XSR Platform verify This command veri fi es a packed softw are image file. The file name must end in *.fls . If the directory name is not specified, the current directory is used. Synt ax XSR#verify [fla[...]
-
Page 127
Bootrom Monitor Mode Commands XSR CLI Reference Guide 3-121 Bootrom Monitor Mode Commands Bootrom monitor mode offers special user access for Flash:/CompactFlash: file operations and on occasions when the XSR lacks va l i d software or runs abnormally . Ente[...]
-
Page 128
Bootrom Monitor Mode Commands 3-122 Configuring the XSR Platform If the Bootrom password is lost on the XSR 1800 Series, you can restore it by pressing the Default button. Be aw are that when pressed, the Default button erases all [...]
-
Page 129
Bootrom Monitor Mode Commands XSR CLI Reference Guide 3-123 da This command displays system date and time with this sample output: XSR-1800: da Date: Thursday, 29-MAY-2003. Time: 10:14:07 del This command removes a fi le from flash: or cflash: memory . df This command ?[...]
-
Page 130
Bootrom Monitor Mode Commands 3-124 Configuring the XSR Platform dt This command sets system time using th e syntax hh mm ss . For example: XSR:dt 11 59 59 ff This command formats the Flash file system. We recommend you fi rst save any .dat , .cert , .cfg , [...]
-
Page 131
Bootrom Monitor Mode Commands XSR CLI Reference Guide 3-125 Remote Host IP address (192.168.1.10 ) : Remote file path (c:) : Use TFTP (no) : Ftp userid (anonymous) : Ftp password () : Local target name (robo1) : Autoboot (yes) : Quick boot (no) : Permanently save the network paramet ers? (y/n) ns This command saves a file over [...]
-
Page 132
Bootrom Monitor Mode Commands 3-126 Configuring the XSR Platform gp= 8219b1e0 sp= 85febb90 s8= 00000000 ra= 82 0e9178 par1= ffffffff par2= 85febaf8 par3= ffffffff par4= 82 0e9b10 cause= 80000014 cntxt= ffffffff fpcsr= d3800000 badva= 08 112233 divLo= 00000000 divHi= 00000000 causeR= ffffffff fpcsr= 82 0e9170 BadVAddr=08112233 PP - Crashed Task Stac[...]
-
Page 133
Bootrom Monitor Mode Commands XSR CLI Reference Guide 3-127 RAM: 512MB without interleave Memory Bus at 120MHz, CASL at 2.0 Bootrom Flash: 4MB Filesystem Flash: 8MB CompactFlash not present Real Time Clock I/O on Motherboard: GigabitEthernet 1 2 3 Encryption Hardware: not present Slot 0 card 1: Empty Slot 0 card 2: Empty System up for 9 days, 3 hou[...]
-
Page 134
Bootrom Monitor Mode Commands 3-128 Configuring the XSR Platform[...]
-
Page 135
XSR CLI Reference Guide 4-83 4 Configuring Hardware Controllers Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described in the following table. Hardware Controller Commands The following command sets allow you to define sy[...]
-
Page 136
Hardware Controller Comman ds 4-84 Configuring Hardware Controllers Synt ax clock rate bps Synt ax of the “no” Form no clock rate Mode Interface configuration: XSR(config-if<S x >)# Default 9600 Example XSR(config-if<S1/0>)#clock rate 1920 0 dat abit s This command sets the number of data bits [...]
-
Page 137
Hardware Controller Commands XSR CLI Reference Guide 4-85 description This command sets the description text for an interface. The description wil l appear in the ifDescription (interface description) var i a bl e of the MIB. Synt ax description < text > Mode [...]
-
Page 138
Hardware Controller Comman ds 4-86 Configuring Hardware Controllers Synt ax of the “no” Form no duplex Default auto Mode Interface configuration: XSR(config-if<F x >)# Example XSR(config-if<F1/0>)#duplex full XSR(config-if<F1/0>)#speed 100 loopback This command forces the port into internal [...]
-
Page 139
Hardware Controller Commands XSR CLI Reference Guide 4-87 media-type This command sets the media ‐ type appropriate to the cable type that the interface is connected to. Synt ax media-type {RS232 | RS422 | RS449 | RS530A | V35 | X21} Mode Interface configuration: XSR(config-if<[...]
-
Page 140
Hardware Controller Comman ds 4-88 Configuring Hardware Controllers pa r i t y This command configur es th e parity on a serial inter face. It is val i d and ta kes effect only when the interface is in Asynchronous mode. Synt ax parity { even | mark | none | odd[...]
-
Page 141
Hardware Controller Commands XSR CLI Reference Guide 4-89 Mode Interface configuration: XSR(config-if<Sx>)# Default Sync Example XSR(config-if<S1/0>)#physical-layer async shut down This command disables an interface. When th e interface is created, it is disabl ed by defaul[...]
-
Page 142
Hardware Controller Comman ds 4-90 Configuring Hardware Controllers • Speed cannot be changed in loopback mode. •W h e n connecting an auto setting on an XSR to a forced setting on another router , the forced setting must be set to ha[...]
-
Page 143
Hardware Controller Commands XSR CLI Reference Guide 4-91 Mode Interface configuration: XSR(config-if<S x >)# Default 1 Example The following example sets 2 stopbits on Serial port 1/0 : XSR(config-if<S1/0>)#stopbits 2 vlan This command configures a Vi rt u a l LAN (VLA[...]
-
Page 144
Hardware Controller Clear and Show Commands 4-92 Configuring Hardware Controllers Hardware Controller Clear and Show Commands clear counters fastethernet This command clears MIB ‐ II counters for the FastEther net interface. The counters cleared include: •i f I n O c t e t s •i f I n U c a s t P[...]
-
Page 145
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-93 Mode Privileged EXEC: XSR# Example The following example clears the MIB ‐ II counters on GigabitEthernet port 3 , sub ‐ interface 2 : XSR#clear counters gigabitethernet 3 .2 clear interface fastethernet This comma[...]
-
Page 146
Hardware Controller Clear and Show Commands 4-94 Configuring Hardware Controllers Example The following example resets GigabitEthernet port 1 , sub ‐ interface 5 : XSR#clear counters gigabitethernet 1 .5 clear counters serial This command clears serial interface counters. The counters ?[...]
-
Page 147
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-95 Synt ax clear interface serial [ card / port ] Mode Privileged EXEC: XSR# Example XSR#clear interface serial 1/0 show controllers fastethernet This command displays detailed FastEthernet controller data for a port. This inter[...]
-
Page 148
Hardware Controller Clear and Show Commands 4-96 Configuring Hardware Controllers dataLen 0x00000000, status 0 x00001300, buffer 0x00000000 dataLen 0x00000000, status 0 x00001300, buffer 0x00000000 dataLen 0x00000000, status 0 x00001300, buffer 0x00000000 dataLen 0x00000000, status 0 x00001300, buffer 0x00000000 [...] RX RING ENTRIES: The ring star[...]
-
Page 149
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-97 datalen 0x00000000, status 0 x00000000, buffer 0x80000000 datalen 0x00000000, status 0 x00000000, buffer 0x80000000 datalen 0x00000000, status 0 x00000000, buffer 0x80000000 datalen 0x00000000, status 0 x00000000, buffer 0x80000000 datalen 0x00000000, status 0 x00000000, buffe[...]
-
Page 150
Hardware Controller Clear and Show Commands 4-98 Configuring Hardware Controllers Packet Processor Tx Scheduler Stats: 0 Packet driver Tx OK 0 Packet driver not Tx: MUX END_ERR_BLOCK 0 Packet driver not Tx: MUX ERROR 0 Packet driver not Tx: Unkn own Msg from MUX The unit number is 50331656. The interrupt number is 26. The DSR poll count is 800 ms. [...]
-
Page 151
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-99 Mode Privileged EXEC or Global configuration: XSR# or XSR(config)# Sample Output The following example displays output by the command: XSR(config)#show interface bri 1/0 ********** Serial Interface Stats ********** D-Serial 1[...]
-
Page 152
Hardware Controller Clear and Show Commands 4-100 Configuring Hardware Contr ollers show interface dialer This command displays information about th e Dialer interf ace. Synt ax show interface dialer [ number ] Mode Privileged EXEC or Global configuration: XSR# or XSR(config)# Sample Output The ?[...]
-
Page 153
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-101 Internet address is 54.54.54.1, subn et mask is 255.255.255.0 Secondar y Internet address is 57.57.57.1, subn et mask is 255.255.255.0 Secondar y Internet address is 58.58.58.1, subn et mask is 255.255.255.0 Secondar y The name of this device is Eth1. The physical link is cur[...]
-
Page 154
Hardware Controller Clear and Show Commands 4-102 Configuring Hardware Contr ollers The Name of the Access Concentrator is c3600-1 The Session Id is 0x0005 The MAC Address of the Access Concen trator is 0x00:30:85:20:47:62 The MTU is 1492 Other Interface Statistics: ifOperStatus 1 ifInOctets 119439 ifOutOctets 119256 Configured VLANs: VLAN Id 1400 [...]
-
Page 155
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-103 ifLastChange 00:00:0 0 ifInOctets 0 ifInUcastPkts 0 ifInNUcastPkts 0 ifInDiscards 0 ifInErrors 0 ifInUnknownProtos 0 ifOutOctets 0 ifOutUcastPkts 0 ifOutNUcastPkts 0 ifOutDiscards 0 ifOutErrors 0 ifOutQLen 256 show interface loopback This command displays informat[...]
-
Page 156
Hardware Controller Clear and Show Commands 4-104 Configuring Hardware Contr ollers XSR#show interface multilink 8 ********** Multilink Interface Stats ********** Multilink 8 is Admin Down Internet address is not assigned LCP State: CLOSED Multilink State: CLOSED Max Fragment delay is 10 ms MLPPP Bundle Info: Control Object state is Admin Down / Op[...]
-
Page 157
Hardware Controller Clear and Show Commands XSR CLI Reference Guide 4-105 Sent: 0 octets, 0 unicast packets, 0 discards, 0 errors. MTU is 1500 bytes. Proxy ARP is enabled. Helper address is not set. Directed broadcast is enabled. Outgoing access list is not set. Inbound access list is not set. IP Policy Based Routing is not enabl ed. The follow[...]
-
Page 158
Hardware Controller Clear and Show Commands 4-106 Configuring Hardware Contr ollers ifindex 0 ifType 22 ifAdminStatus 1 ifOperStatus 1 ifLastChange 00:00:2 5 ifInOctets 1500 ifInUcastPkts 100 ifInNUcastPkts 0 ifInDiscards 0 ifInErrors 0 ifInUnknownProtos 0 ifOutOctets 2134 ifOutUcastPkts 14 ifOutNUcastPkts 0 ifOutDiscards 0 ifOutErrors 0 ifOutQLen [...]
-
Page 159
XSR CLI Reference Guide 5-83 5 Configuring the Internet Protocol Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed below . IP Commands The following command sets define IP functionality on the XSR including: • “OSPF Comman[...]
-
Page 160
OSPF Commands 5-84 Configuring the Internet Protocol • “VRRP Clear and Show Commands” on page 5 ‐ 197. OSPF Commands area authentication This command enables/disables authenticati on for an OSPF area. Synt ax area area-id authentication [ message -digest ] Synt ax of the “no” Form The [...]
-
Page 161
OSPF Commands XSR CLI Reference Guide 5-85 Synt ax of the “no” Form The no form of this command removes the cost va l u e from the summary route that is sent by default in to the stub area identified by the ar ea ‐ id : no area area-id defa[...]
-
Page 162
OSPF Commands 5-86 Configuring the Internet Protocol Default No NSSA defined Example The following example configures area 10 as a NSSA area: XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip address 172.16 .10.5 255.255.255.252 XSR(config)#router ospf 1 XSR(config-router)#network 172.16.10[...]
-
Page 163
OSPF Commands XSR CLI Reference Guide 5-87 Mode Router configuration: XSR(config-router)# Examples This example sets the address range used by this router for summarized routes learned at the boundary of area 0.0.0.0 , as 172.16.0.0/16 : XSR(config)#interfac[...]
-
Page 164
OSPF Commands 5-88 Configuring the Internet Protocol XSR(config)#router ospf XSR(config)#network 172.16.152.0 0.0 .0.0 area 10 XSR(config)#area 10 stub area virtual-link This command defines an OSPF virtual link, which represents a logical connection betw een the backbone and a non[...]
-
Page 165
OSPF Commands XSR CLI Reference Guide 5-89 The no form of this command removes the virtual li nk : no area area-id virtual-link router-id [ authenticati on [ message-digest | null ]] [ hello - interval seconds ] [ retransmit -interval seconds ] [ transmit-delay second s ] [ dead-interval seconds ] [ authenticat i[...]
-
Page 166
OSPF Commands 5-90 Configuring the Internet Protocol Figure 5-1 Area V irtual Link Example auto-virtual-link This command automatically creates virtual links . Refer to the area-virtual-link command for more related information. Synt ax auto-virtual-link Synt ax This command’ s no ?[...]
-
Page 167
OSPF Commands XSR CLI Reference Guide 5-91 Default s •L i m i t : ‐ 1 •E x i t External Interv al: 0 • W arning Level: 0 Mode OSPF Router configuration: XSR(config-router)# Examples The following example configures param eters for Ty p e 5 external LSA database o[...]
-
Page 168
OSPF Commands 5-92 Configuring the Internet Protocol Synt ax distance ospf { intra | inter | ext } weight Synt ax of the “no” Form The no command resets the administrative distance to the default va l u e for the particular type of routes. If no type of routes ?[...]
-
Page 169
OSPF Commands XSR CLI Reference Guide 5-93 Example This example sets the administrativ e distance for OSPF external routes to 65 . Note that you can do so only if both intra and inter OSPF distances are less than 65, otherwise [...]
-
Page 170
OSPF Commands 5-94 Configuring the Internet Protocol ip osp f cost This command sets the cost of sending a pack et on a interface. Each router interface that participates in OSPF routing is assigned a def ault cost. Thi s command ov erwrites [...]
-
Page 171
OSPF Commands XSR CLI Reference Guide 5-95 Default Four times the val u e of the seconds parameter defined in the ospf hello-interval command. Example The following example sets the dead interv al to 20 for FastEthernet port 2: XSR(config)#interface fast[...]
-
Page 172
OSPF Commands 5-96 Configuring the Internet Protocol ip osp f message-digest-key This command enables/disables OSPF MD5 authentication on an interface to val i d a t e OSPF routing updates between neighboring routers. Synt ax ip ospf message-digest-key keyid md5 key Synt ax of the “n[...]
-
Page 173
OSPF Commands XSR CLI Reference Guide 5-97 Mode Interface configuration: XSR(config-if< xx ># Example The following example imposes OSPF passive on Fast Ethernet interface 1: XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip ospf passive ip osp f poll-interval This command [...]
-
Page 174
OSPF Commands 5-98 Configuring the Internet Protocol Mode Interface configuration: XSR(config-if< xx >)# Default 1 Example The following example sets OSPF priority to 20 for FastEthernet port 1: XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip address 172.16 .16.1 255.255.255[...]
-
Page 175
OSPF Commands XSR CLI Reference Guide 5-99 ip osp f transmit-delay This command sets the interv al required to trans mit a link state update packet on this interface. Synt ax ip ospf transmit-delay seconds Synt ax of the “no” Form The no form of this command set[...]
-
Page 176
OSPF Commands 5-100 Configuring the Internet Protocol Mode Router configuration: XSR(config-router)# Default s • Disabled •C o s t s : LAN ‐ 10, Serial ‐ 64 Example In this example , three routers are configured to run OSPF . Router R1 and R3 are interna[...]
-
Page 177
OSPF Commands XSR CLI Reference Guide 5-101 Synt ax of the “no” Form The no form of this command cancels the redistribution of routes: no redistribute from_protocol [ metric metric value ] Mode Router configuration: XSR(config-router)# Default Disabled Examples This example redistributes ?[...]
-
Page 178
OSPF Commands 5-102 Configuring the Internet Protocol Next Mode Router configuration: XSR(config-router)# Default OSPF disabled Example The following example enables OSPF routing: XSR(config)#router ospf 2 XSR(config-router)# summary address This command summarizes locally ‐ sourced (Ty p e ‐ 5) ?[...]
-
Page 179
OSPF Commands XSR CLI Reference Guide 5-103 Synt ax of the “no” Form The no form of this command removes summary addressing on the XSR: no summary-address < ip-address >< ip-mask > Mode Router configuration: XSR(config-router)# Example The following example produce [...]
-
Page 180
OSPF Debug and Show Commands 5-104 Configuring the Internet Protocol OSPF Debug and Show Commands debug ip osp f dr This command debugs OSPF des ignated router events. As wi th al l XSR debug command s, it is set to privilege leve l 15 by default. Synt ax debug ip o[...]
-
Page 181
OSPF Debug and Show Commands XSR CLI Reference Guide 5-105 Synt ax of the “no” Form The no form of this command returns the debug function to the default: no debug ip ospf packet Mode EXEC configuration: XSR> Examples The following example displays a transmitted [...]
-
Page 182
OSPF Debug and Show Commands 5-106 Configuring the Internet Protocol debug ip osp f lsas This command debugs OSPF Link State Advertisem ents (LS As). As with all XSR debug commands, it is set to privilege lev el 15 by default. Synt ax debug ip ospf lsas Synt ax [...]
-
Page 183
OSPF Debug and Show Commands XSR CLI Reference Guide 5-107 OSPF: Tx LSA. external, age:017a opt :20 id:13.0.0.0 rid:10.0.0.1 seq: 80000088 chk:807a l:36 from GigabitEthernet 2 The following example displays a receiv ed LSA acknowledgement: OSPF: Rx Ack. external, nbr:10.0.0.1 age:017b opt:20 id:13.0.0.0 rid: 10.0.0.1 seq[...]
-
Page 184
OSPF Debug and Show Commands 5-108 Configuring the Internet Protocol Synt ax debug ip ospf nbr Synt ax of the “no” Form The no form of this command returns the debug function to the default: no debug ip ospf nbr Mode EXEC configuration: XSR> Examples The following example di[...]
-
Page 185
OSPF Debug and Show Commands XSR CLI Reference Guide 5-109 show ip osp f This command, when any debugging type is enabled, displays output about the following types of OSPF information: designated router events, neighbor events, Link State Adv ertisement[...]
-
Page 186
OSPF Debug and Show Commands 5-110 Configuring the Internet Protocol show ip osp f border-routers This command displays information about OSPF internal route table entries to ABRs and ASBRs. Synt ax show ip ospf border-routers Mode EXEC or Global configuration: XSR> or XSR(config)# [...]
-
Page 187
OSPF Debug and Show Commands XSR CLI Reference Guide 5-111 show ip osp f dat abase This command displays the link state (LS) database. Synt ax show ip ospf database show ip ospf database router [ link-s tate-id ] show ip ospf database network [ link- state-id ] show ip ospf database summary [ link- state-id ] show ip osp[...]
-
Page 188
OSPF Debug and Show Commands 5-112 Configuring the Internet Protocol No Parameter XSR>show ip ospf database OSPF Router with ID(10.1.2.1) Displaying Net Link States (Area 0.0.0.0) LinkID ADV Router Age Seq# Checksum 10.1.1.1 10.0.0.1 0x1 0x80000001 0x61c610.5.6.1 10.1.2.1 0x0 0x80000001 0x927c Displaying Router Link States (Area 0.0.0.0) LinkID [...]
-
Page 189
OSPF Debug and Show Commands XSR CLI Reference Guide 5-113 (Link Data) Router Interface addr ess: 0.0.0.0 Number of TOS metrics: 0 TOS 0 Metrics: 64 Network Parameter XSR>show ip ospf database network OSPF Router with ID (192.168.44.2) Net Link States (Area 0.0.0.0) Routing Bit Set on this LSA LS age: 332 Options: (No TOS-capability, DC) LS Type[...]
-
Page 190
OSPF Debug and Show Commands 5-114 Configuring the Internet Protocol Link State ID: 172.15.0.0 (summary N etwork Number) Advertising Router: 192.168.44.2 LS Seq. number: 80000006 Checksum: 0x5ACD Length: 28 Network Mask: /0 TOS: 0 Metric: 16777215 External Parameter Response XSR>show ip ospf database external OSPF Router with ID (192.168.44.2) T[...]
-
Page 191
OSPF Debug and Show Commands XSR CLI Reference Guide 5-115 Forward Address: 192.168.33.2 External Route Tag: 0 Dat abase-summary Parameter Re sponse XSR>show ip ospf data database-summa ry OSPF Router with ID (192.168.44.1) AreaID Router Network S-Net S-ASBR Type-7 Subtotal Delete Manage 0.0.0.0 2 0 2 0 N/A 4 0 0 2 203 04 91 1 AS External 0 0 0 [...]
-
Page 192
OSPF Debug and Show Commands 5-116 Configuring the Internet Protocol For Network Parameter For Summary Parameter Display T ype of rou te r Ty p e of OSPF rou ter ‐ internal, ABR, and ASBR. Number of links To t a l individual links inside this LS record. Link connected t[...]
-
Page 193
OSPF Debug and Show Commands XSR CLI Reference Guide 5-117 For ASB-summary Parameter Display For External Parameter LS T ype Summary links (network) for summary LS record. Link State ID IP address of the summarized network. Advertising Router Orig inating router ID. LS Seq. [...]
-
Page 194
OSPF Debug and Show Commands 5-118 Configuring the Internet Protocol For NSSA-external Parameter For Dat abase-summary Parameter Length Length of the LS record in bytes. Network mask Mask of the network. Metric type OSPF type 1 or 2 metric. TO S 0 due to non support [...]
-
Page 195
OSPF Debug and Show Commands XSR CLI Reference Guide 5-119 show ip osp f interface This command displays interface OSPF ‐ related information, including network type, priority , cost, hello, interv al, dead interval. Synt ax show ip ospf interface [ type ][ number ] Mode EXEC or Glob[...]
-
Page 196
OSPF Debug and Show Commands 5-120 Configuring the Internet Protocol show ip osp f neighbor This command displays the state of communication betw een this router and it s neighbor routers. Synt ax show ip ospf neighbor [ type number ] [ neighbor-id ] [ d etail ] Mode EXEC or Global con[...]
-
Page 197
OSPF Debug and Show Commands XSR CLI Reference Guide 5-121 Sample Output The following are sample responses: XSR#show ip ospf neighbor ID Pri State Dead Intvl Address Address 10.7.7.1 1 FULL 40 10.5.6.1 FastEthernet6 10.0.0.1 1 FULL 40 10.1.1.1 FastEthernet3 XSR#show ip ospf neighbor detail Neighbor 10.7.7.1 interface address 10.5.6[...]
-
Page 198
OSPF Debug and Show Commands 5-122 Configuring the Internet Protocol Sample Output The following is sample output: XSR>show ip ospf virtual-links Virtual Link OSPF_VLI to router 192. 168.22.1 is up Run as demand circuit. DoNotAge LSA not allowed (Number o f Dcbitless LSA is 2). Transit area 4, via interface Seri al1, Cost of usin[...]
-
Page 199
RIP Commands XSR CLI Reference Guide 5-123 RIP Commands dist ance (RIP) This command defines administrative distances (route prefe rence) in the RIP domain. The RIP default ranks higher than all other routed di stances. If sever al routes to the same[...]
-
Page 200
RIP Commands 5-124 Configuring the Internet Protocol Mode Router configuration: XSR(config-router)# Example The following example sets the RIP administrative distance to 85 : XSR(config)#router rip XSR(config-router)#distance 85 distribute-list This RIP command filters netw orks receiv[...]
-
Page 201
RIP Commands XSR CLI Reference Guide 5-125 ip rip authentication This command sets or deletes the single authentication key used for RIP authentication on the interface. Authentication can be used only if a key exis ts. Deleting an existing ?[...]
-
Page 202
RIP Commands 5-126 Configuring the Internet Protocol FastEthernet port 2 is instructed to be totally passive (no adve rtising on it, no sending of triggered updates, and no receiving of updates). Serial 1 is allow ed to re ceive both [...]
-
Page 203
RIP Commands XSR CLI Reference Guide 5-127 Mode Interface configuration: XSR(config-if< xx >)# Default No authentication mode specified. Examples This example sets text authentication mode and the key XenObhobe for use on FastEthernet 1: XSR(config)#interface fastethe[...]
-
Page 204
RIP Commands 5-128 Configuring the Internet Protocol Default Allows RIP to respond to a triggered update. Example This example prevents RIP from responding to a request for tri ggered updates on F 1 : XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip rip [...]
-
Page 205
RIP Commands XSR CLI Reference Guide 5-129 Figure 5-3 Offs et Example ip rip receive version This command sets RIP v1 or v2 for update packets receiv ed on the port. Synt ax ip rip receive version [ 1 ] [ 2 ] Synt ax of the “no” Form The no form of this command restores[...]
-
Page 206
RIP Commands 5-130 Configuring the Internet Protocol ip rip send version This command sets RIP v1 or v2 for update packets sent on the interface. Synt ax ip rip send version { 1 | 2 | r1compatible } Synt ax of the “no” Form The no form restore s the ver s io n of up[...]
-
Page 207
RIP Commands XSR CLI Reference Guide 5-131 Default IP split ‐ horizon Example The following command sets split horizon for packets to be transmitted by RIP on interfac e 1 : XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip split-horizon neighbor This command d[...]
-
Page 208
RIP Commands 5-132 Configuring the Internet Protocol network This command attaches a ne twork of directly connected networks to a RI P routing process. Synt ax network netAddress Synt ax of the “no” Form The no form of this command disables RIP on the sp[...]
-
Page 209
RIP Commands XSR CLI Reference Guide 5-133 Example This example sets F2 as a passiv e interface. No RIP updates will be transmitted on F2 : XSR(config-router)#passive-interface fastethernet 2 receive-interface This command allows RIP to receiv e update packets ?[...]
-
Page 210
RIP Commands 5-134 Configuring the Internet Protocol Synt ax of the “no” Form The no form of this command cancels the redistribution of routes: no redistribute from_protocol [ metric metric value ] Mode Router configuration: XSR(config-router)# Default Disabled Examples This example redist[...]
-
Page 211
RIP Commands XSR CLI Reference Guide 5-135 Example XSR(config)#router rip XSR(config-router)# timers This command configures RIP timers. Synt ax timers basic [ update | invalid | flu sh ] Synt ax of the “no” Form The no form of this command resets the timers to the defa ult val u e[...]
-
Page 212
RIP Show Commands 5-136 Configuring the Internet Protocol RIP Show Commands show ip rip This command displays configuration data and stati stics global to all ports. Synt ax show ip rip [ interface | database ] Mode EXEC or Global configuration: XSR> or XSR(config)# Sample Output The follow[...]
-
Page 213
RTP Header Compression Commands XSR CLI Reference Guide 5-137 Routing Source Information: 192.168.28.0/24 via: 192.168.29.22 cost:2 age:16 FastEthernet2 1.1.1.1/32 via: 192.168.29.22 cost:2 age:16 FastEthernet2 10.0.0.0/32 via: 201.1.1.0 cost:2 age: - Serial2/0:1.1 The following is sample output with the interface op[...]
-
Page 214
RTP Header Compression Commands 5-138 Configuring the Internet Protocol UDP payload must be less than 500 bytes Pa c k e t must not be fragmented The destination port of the packet must be within user configured port range (there is no restri[...]
-
Page 215
RTP Header Compression Commands XSR CLI Reference Guide 5-139 Mode Interface configuration: XSR(config-if<xx>)# This command is applicable only on serial interface with PPP encapsulation. Note: The XSR currently does not block this command on ʺ interfa[...]
-
Page 216
RTP Header Compression Commands 5-140 Configuring the Internet Protocol Mode Interface configuration: XSR(config-if<xx>)# This command is applicable only on serial interface with PPP encapsulation. Note: The XSR currently does not block this command on [...]
-
Page 217
RTP Header Compression Commands XSR CLI Reference Guide 5-141 show ip rtp header compression interface serial This command displays the RT P header compression statistics for the specif ic PPP serial interface. Note: The existing command “show ppp interface serial” [...]
-
Page 218
Triggered on Demand RIP Commands 5-142 Configuring the Internet Protocol T riggered on Demand RIP Commands The following commands are subsets of triggered RIP functionality: • ip rip max-retransmissions - Specifies the maximum number of retransmissions. Refer to page 190 [...]
-
Page 219
Triggered on Demand RIP Commands XSR CLI Reference Guide 5-143 • ip rip triggered-on-demand ‐ Enables the functionality on the specified interface. Refer to page 192 for the command definition. ip rip max-retransmissions This command sets the maximum number of[...]
-
Page 220
Triggered on Demand RIP Commands 5-144 Configuring the Internet Protocol Synt ax of the “no” Form The no command resets maximum retransmissions to the default: no ip rip polling interval Mode Interface configuration: XSR(config-if< xx >)# Default 30 seconds Example The following example [...]
-
Page 221
Policy-Based Routing Commands XSR CLI Reference Guide 5-145 Synt ax of the “no” Form The no form of this command disables triggered RIP on the interface: no ip rip triggered-on-demand Mode Interface configuration: XSR(config-if< xx >)# Default Disabled Example The following examp[...]
-
Page 222
Policy-Based Routing Commands 5-146 Configuring the Internet Protocol Examples The following example enables PBR on interface FastEthernet 2 : XSR(config-if<F2>)#ip policy The following example enables PBR on interface Di aler 57: XSR(config-if<D57>)#ip policy route-map pbr[...]
-
Page 223
Policy-Based Routing Commands XSR CLI Reference Guide 5-147 match ip address This command associates the PBR policy with a configured Access Control List (ACL). Synt ax match ip address access-number Synt ax of the “no” Form The no command deletes the specified ACL matc[...]
-
Page 224
PBR Clear and Show Commands 5-148 Configuring the Internet Protocol set interface This command specifies an XSR interface as the forw arding port for Po l i c y Based Routing. Synt ax set interface interface-num Synt ax of the “no” Form The no command deletes the specified [...]
-
Page 225
ARP Commands XSR CLI Reference Guide 5-149 XSR>show ip pbr-cache Source Destination Age(sec) IP Prot TCP/UDP Port ICMP Code 192.168.1.1 192.168.27.1 109 1 8 192.168.1.1 192.168.27.33 70 255 192.168.1.1 192.168.27.33 50 6 (23, 23) Parameter Descriptions show route-map pbr This command displays the Po l i c y Map Ta b l e ?[...]
-
Page 226
ARP Commands 5-150 Configuring the Internet Protocol Synt ax arp ip-address hardware-address Synt ax of the “no” Form The no form of this command deletes the specified permanent ARP entry: no arp ip-address hardware-address Mode Global configuration: XSR(config)# Default No permanent A[...]
-
Page 227
Other IP Commands XSR CLI Reference Guide 5-151 Example This example adds a permanent ARP entry for the IP addr ess 130.2.3.1 and sets the timeout at 5 hours (18,000 seconds) as shown in Figure 5 ‐ 4 : XSR(config)#arp 130.2.3.1 0003.4712. 7a99 XSR(conf[...]
-
Page 228
Other IP Commands 5-152 Configuring the Internet Protocol Mode Interface configuration: XSR(config-if< xx >)# Examples The following CIDR exam ple sets IP address 192.168.1.1 with a mask of /24 on interface F1 . XSR(config)# interface FastEthernet 1 XSR(config-if)# ip address 192[...]
-
Page 229
Other IP Commands XSR CLI Reference Guide 5-153 Mode Global configuration: XSR(config)# Example In the following example, as shown in Figu re 5 ‐ 5 , Router 1 sets two candidates for the def ault route: network 199.15.2.0 and 198.15.2.0 . XSR(config)#ip defaul[...]
-
Page 230
Other IP Commands 5-154 Configuring the Internet Protocol Mode Interface configuration: XSR(config-if< xx >)# Default Enabled Example The following example denies ICMP broadcasts on port FastEthernet 1: XSR(config)#access-list 100 deny ICM P any any XSR(config)#interface fastethernet 1 XSR(config-if<[...]
-
Page 231
Other IP Commands XSR CLI Reference Guide 5-155 ip domain This command identifies th e domain to which the XSR belongs. If the command is reissued, it is considered an update of the domain name and will overwrite the old val u e ?[...]
-
Page 232
Other IP Commands 5-156 Configuring the Internet Protocol Parameters Synt ax of the “no” Form The no form of the command disables equal ‐ cost mu lti ‐ path: no ip equal-cost multi-path Mode Global configuration: XSR(config)# Default Disabled Example The following example enables equal[...]
-
Page 233
Other IP Commands XSR CLI Reference Guide 5-157 Synt ax of the “no” Form The no form of this command removes a UDP port or UDP protocol. If the UDP protocol is removed, UDP forw arding is disabled. no ip forward-protocol { udp [ port ]} Mode Global confi[...]
-
Page 234
Other IP Commands 5-158 Configuring the Internet Protocol DHCP Relay Functionality The DHCP Relay functionality is applied with the help of IP broadc ast forw arding. A typical situation, as shown in Figure 5 ‐ 7 , occurs when a Host re quest s an [...]
-
Page 235
Other IP Commands XSR CLI Reference Guide 5-159 XSR(config)#ip forward-protocol udp XSR(config)#interface fastethernet 1 XSR(config-if<F1>)#ip helper-address 192.168.1.255 XSR(config)#interface fastethernet 2 XSR(config-if<F2)#ip helper-address 192.24.1.255 ip host This command defines a static host name ‐ to ‐ [...]
-
Page 236
Other IP Commands 5-160 Configuring the Internet Protocol Synt ax ip irdp [ multicast | holdtime seconds | advertinterval seconds | preference number ] Synt ax of the “no” Form The no form of this command disables the IRDP command: no ip irdp Default s •M u l t i c a s t : broadcast address •H o l[...]
-
Page 237
Other IP Commands XSR CLI Reference Guide 5-161 Mode Interface configuration: XSR(config-if< xx >)# Default 1500 Example The following example sets the MTU size to 1200 for interface Serial 1/0: XSR(config-if<S1/0>)#ip mtu 1200 ip proxy-arp This command enables/disables Pro[...]
-
Page 238
Other IP Commands 5-162 Configuring the Internet Protocol Synt ax ip proxy-dns enable Synt ax of the “no” Form The no form of this command disables Proxy DNS: no ip proxy-dns enable Mode Global configuration: XSR(config)# Default Disabled ip proxy-dns name server This command specifies up [...]
-
Page 239
Other IP Commands XSR CLI Reference Guide 5-163 Synt ax of the “no” Form The no form of this command negates IP redirection: no ip redirects Default Enabled Mode Global configuration: XSR(config)# Example In the following example, IP redirection is disabled : XSR(config)#no ip [...]
-
Page 240
Other IP Commands 5-164 Configuring the Internet Protocol Mode Global configuration: XSR(config)# Examples This example, shown in Figure 5 ‐ 8 , sets 2 static routes to netw orks 192.1.2.0 and 193.62.5.0 through gateway 192.31.7.65 . Note that the distance [...]
-
Page 241
Other IP Commands XSR CLI Reference Guide 5-165 ip tcp adjust-mss This command sets the Maximum Segment Size (MSS) for TCP SYN (synchronize) packets. When the XSR terminates PPP oE traffi c, a PC connected to the FastEthernet interface may ha[...]
-
Page 242
Other IP Commands 5-166 Configuring the Internet Protocol ip telnet server This command enables or disable s Te l n e t service to the XSR. If the optional parameter is not supplied, the Te l n e t server is enabled. Since the Te l n e t serve r [...]
-
Page 243
Other IP Commands XSR CLI Reference Guide 5-167 Synt ax ip unnumbered [ type number ] Synt ax of the “no” Form The no form of this command disables the unnumbered interface: no ip unnumbered Mode Interface configuration: XSR(config-if< xx >)# Default Disabled Example In this example , Se[...]
-
Page 244
IP Clear and Show Commands 5-168 Configuring the Internet Protocol Example The following example configures a router identifier: XSR(config)#ip router-id 1.2.3.4 IP Clear and Show Commands clear arp-cache This command deletes all nonstatic entries from the ARP cache. Synt ax clear arp-cach[...]
-
Page 245
IP Clear and Show Commands XSR CLI Reference Guide 5-169 clear ip traffic-counters This command clears all IP related counters (IP , ICMP , ARP , UDP , TCP , RIP , OSPF) displayed by the show ip traffic command. Synt ax clear ip traffic-counters Mode Privileged EXEC: ?[...]
-
Page 246
IP Clear and Show Commands 5-170 Configuring the Internet Protocol Internet 134.141.235.137 1 00b0.d07f.0cab ARPA FastEthernet1 Internet 134.141.235.150 0 00b0.d02c.06d2 ARPA FastEthernet1 Internet 134.141.235.155 2 00b0.d02c.077e ARPA FastEthernet1 Internet 134.141.235.124 17 00b0.d06d.b6ca ARPA FastEthernet1 Internet 58.58.58.1 - 0001.f4cc.dd02 A[...]
-
Page 247
IP Clear and Show Commands XSR CLI Reference Guide 5-171 Sample Output The following is sample output from the command: XSR>show ip interface Dialer 0 is Admin Up Internet address is 1.1.1.1/24 Last change: 11:14 AM Rcvd: 10245 octets, 1231 unicast packets, 0 discards, 3 errors, 4 unknown prot ocol Sent: 11232 octets, 1132 unicast packets, 0 dis[...]
-
Page 248
IP Clear and Show Commands 5-172 Configuring the Internet Protocol Internet address is 58.58.58.1, sub net mask is 255.255.255.0 Seconda ry Rcvd: 515027 octets, 3306 unicast p ackets, 0 discards, 0 errors, 0 unkno wn protocol. Sent: 363256 octets, 2472 unicast p ackets, 0 discards, 0 errors. MTU is 1500 bytes. Helper address is not set. Directed br[...]
-
Page 249
IP Clear and Show Commands XSR CLI Reference Guide 5-173 show ip ird p This command displays ICMP router discov ery settings. Synt ax show ip irdp Configuration Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following is sample output: XSR>show ip irdp FastEth[...]
-
Page 250
IP Clear and Show Commands 5-174 Configuring the Internet Protocol Sample Output The following is sample output from the command: XSR>show ip proxy-dns cache Name Age(sec) www.enterasys.com 100 www.test.com 10 Parameter Description show ip route This command displays information about th e Rout[...]
-
Page 251
IP Clear and Show Commands XSR CLI Reference Guide 5-175 Sample Output The following is sample output. Note the route costs as indicate d within brackets. XSR>show ip route Codes: C-connected, S-static, R-RIP, O-OSPF, IA-OSPF interarea N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 [...]
-
Page 252
IP Clear and Show Commands 5-176 Configuring the Internet Protocol show ip st atic dat abase This command displays static route information including the destination IP address , gat eway IP address, and administrative distance . Synt ax show ip static database [ A.B.C.D. A. B.C.D./mas[...]
-
Page 253
IP Clear and Show Commands XSR CLI Reference Guide 5-177 show ip traffic This command displays general IP protocols statistics. Synt ax show ip traffic Mode EXEC or Global configuration: XSR> or XSR(config)# Sample Output The following is sample output: XSR>show ip traffic IP statistics: Rcv[...]
-
Page 254
IP Clear and Show Commands 5-178 Configuring the Internet Protocol 0 link state updates, 0 link state a cks Sent: 0 total ARP statistics: Rcvd: 87441 requests, 5 replies Sent: 3 requests, 36 replies (0 proxy) Parameter Description show resources This command displays the allow a ble number of resource entries cre[...]
-
Page 255
IP Clear and Show Commands XSR CLI Reference Guide 5-179 Max Unresolved ARP Requests| 0| 384| 0| 0 Routing Table Size| 3| 352| 1056| 0 Number of Static Routes| 2| 96| 192| 0 Number of Secondary IP| 0| 576| 0| 0 Number of Virtual IP| 0| 1344| 0| 0 IP Helper Addresses| 0| 96| 0| 0 UDP Broadcast Fwd Entries| 7| 96| 672| 0 OSPF LSA type 1| 2| 9408| 188[...]
-
Page 256
IP Clear and Show Commands 5-180 Configuring the Internet Protocol Parameter Description show tcp This command displays TCP statistics. Synt ax show tcp { connections | general } Configuration Mode EXEC or Global configuration: XSR> or XSR(config)# Sample Output The following are sample responses: Conn[...]
-
Page 257
IP Clear and Show Commands XSR CLI Reference Guide 5-181 4 transitions from LISTEN to SYN-RCV D 2 transitions from SYN-SENT or SYN-R CVD to CLOSED 2 transitions from ESTABLISHED or CL OSE-WAIT to CLOSE Parameter Description Connection st ate - Possible stat es for a TCP connection: telnet ip_address This command supports Te l n e t t i [...]
-
Page 258
Network Address Translation Commands 5-182 Configuring the Internet Protocol Default Standard Te l n e t port 23. If the port is not provided , the client will try to connect to port 23 on the remote serv er . Example The following example connects ?[...]
-
Page 259
Network Address Translation Commands XSR CLI Reference Guide 5-183 The following example clears a specific UDP entry from the NAPT table: XSR#clear ip nat translation fastEthernet 1 17 200.2.233.1 1220 192.168.27.95 1220 1 NAP T entries or NA T m[...]
-
Page 260
Network Address Translation Commands 5-184 Configuring the Internet Protocol Next Mode IP Local P ool configuration: XSR(ip-local-pool) # Example The following example creates local IP address pool marketing , which contains all IP addr esses in the range 203.5 7.99[...]
-
Page 261
Network Address Translation Commands XSR CLI Reference Guide 5-185 Synt ax ip nat pool name Synt ax of the “no” Form The no command removes one or more ad dresses from the NA T pool: no ip nat pool name Mode Global configuration: XSR(config)# Example The following example configure[...]
-
Page 262
Network Address Translation Commands 5-186 Configuring the Internet Protocol XSR(config)#ip nat service list 1 ft p tcp port 2021 XSR(config)#access-list 1 permit 10. 1.1.1 This example sets non ‐ standard port 2021 and standard port 21 for FT P . Be aware that if the FT P se[...]
-
Page 263
Network Address Translation Commands XSR CLI Reference Guide 5-187 ip nat source int f-st atic (interface mode) This command configures a single static translation entry in the Network Ad dress T ranslation (NA T) table. Interface static NA T is similar to global ?[...]
-
Page 264
Network Address Translation Commands 5-188 Configuring the Internet Protocol Synt ax of the “no” Form The no form of the command removes a single static translation entry: no ip nat source static local-ip glo bal-ip Mode Global configuration: XSR(config)# Example The following example [...]
-
Page 265
Network Address Translation Commands XSR CLI Reference Guide 5-189 Default s •T i m e o u t : 180 seconds (3 minutes) •U D P ‐ timeout: 300 seconds (5 min utes) •T C P ‐ timeout: 86,400 seconds (24 hours) •I C M P ‐ timeout: 60 seconds Example The example below times [...]
-
Page 266
Network Address Translation Commands 5-190 Configuring the Internet Protocol NAPT using address: 10.10.10.2 Num translations: 8 ------------------------------------ --- Pro Private Host NAT Addr External Host Idle (Local IP Addr) (Global IP Addr) UDP 192.168.50.90:1024 10.10.10. 2:20002 10.10.10.15:3664 24 UDP 192.168.50.90:1024 10.10.10. 2:20001 1[...]
-
Page 267
Virtual Router Redundancy Protocol Commands XSR CLI Reference Guide 5-191 V irtual Router Redundan cy Protocol Commands vrrp <group> adver-int This command configures the interval betw een successive advertisements sent by the master VR in a virtual group. Advertisements [...]
-
Page 268
Virtual Router Redundancy Protocol Commands 5-192 Configuring the Internet Protocol message is accepted and if not, it is discarded. All routers within the group must share the same authentication string. Synt ax vrrp group authentication string Synt ax of the “no” [...]
-
Page 269
Virtual Router Redundancy Protocol Commands XSR CLI Reference Guide 5-193 Synt ax vrrp group ip ipaddress Synt ax of the “no” Form The no form of this command removes the virtual IP address on a port: no vrrp group ip ipaddress Default s •N o VR configured •G r o u p : 1 Mode I[...]
-
Page 270
Virtual Router Redundancy Protocol Commands 5-194 Configuring the Internet Protocol Default s • Disabled ‐ the VR master will not respond to an ICMP echo request sent to the virtual IP address if it is not the physical owner . •I f no gro[...]
-
Page 271
Virtual Router Redundancy Protocol Commands XSR CLI Reference Guide 5-195 Mode Interface configuration: XSR(config-if< xx >)# Examples The following example enables preempt for virtual router group 1 with a 2 ‐ second de lay set on F1 : XSR(config)#interface fastetherne[...]
-
Page 272
Virtual Router Redundancy Protocol Commands 5-196 Configuring the Internet Protocol vrrp <group> track This command allows a Vir t u a l Router (VR) to track another interface (FastEthernet, Serial, Dialer or Multilink P PP) or one or moe routes on the[...]
-
Page 273
VRRP Clear and Show Commands XSR CLI Reference Guide 5-197 XSR(config)#interface fastethernet 1 XSR(config-if)#vrrp 2 track serial 1/0 This example disables the track ing of interface Serial 1/0 by interface F1 on VR 2 : XSR(config-if)#no vrrp 2 track VRRP Clear and Show Commands clear vrrp-co[...]
-
Page 274
VRRP Clear and Show Commands 5-198 Configuring the Internet Protocol Mode EXEC: XSR> Sample Output The following sample output displays configuration data for all virtual routers on this router: XSR#show vrrp Ethernet Interface: 1 Group ID: 1 State: backup Preempt: Preempt Enabled Priority:[...]
-
Page 275
VRRP Clear and Show Commands XSR CLI Reference Guide 5-199 InvalidTypePktsRcvd: 0 UnknownAuthType: 0 AuthTypeErrors: 10 AuthFailures: 0 show vrrp interface This command displays all the virtual routers and the ir status on a specified interface. Synt ax show vrrp interface < interface > Mode[...]
-
Page 276
VRRP Clear and Show Commands 5-200 Configuring the Internet Protocol show vrrp summary This command displays VRRP summary information on this router . Synt ax show vrrp summary Mode EXEC: XSR> Sample Output The following sample output displays VRRP summary data on the XS[...]
-
Page 277
VRRP Clear and Show Commands XSR CLI Reference Guide 5-201 Maximum number of virtual addresses per VR: 11 Number of virtual IP address in use: Fast Ethernet 1 Fast Ethernet 2 F ast Ethernet 3 VR1 1 1 1 VR3 1 VR2 1 ------------------------------------ ------------------------[...]
-
Page 278
VRRP Clear and Show Commands 5-202 Configuring the Internet Protocol[...]
-
Page 279
XSR CLI Reference Guide 6-83 6 Configuring the Border Gateway Protocol Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described below . BGP Configuration Commands The following command subsets define BGP functionality on the XSR, ?[...]
-
Page 280
BGP Configuration Commands 6-84 Configuring the Border Gateway Pr otocol •N e t w o r k s •N e i g h b o r parameters • Routing policies Synt ax router bgp autonomous-system Synt ax of the “no” Form The no form of this command sets the default parameter ‐ disabled: no router bgp autonomo[...]
-
Page 281
BGP Configuration Commands XSR CLI Reference Guide 6-85 Synt ax of the “no” Form The no form of this command removes the aggregate entry from the table: no aggregate-address address mask Mode Router configuration: XSR(config-router)# Default Disabled Example The following example ?[...]
-
Page 282
BGP Configuration Commands 6-86 Configuring the Border Gateway Pr otocol Mode Router configuration: XSR(config-router)# Default Enabled Example The following example configures summarization in BGP process 100 : XSR(config)#router bgp 100 XSR(config-router)#auto-summary bgp always-comp are-med This comman[...]
-
Page 283
BGP Configuration Commands XSR CLI Reference Guide 6-87 bgp bestp ath med missing-as-worst This command specifies that a route with a MED is alw ays considered better tha n a route without a MED by causing the missing MED attribute to have a [...]
-
Page 284
BGP Configuration Commands 6-88 Configuring the Border Gateway Pr otocol Example This example first disables the default reflection setting on this router then restores the default: XSR(config)#router bgp 100 XSR(config-router)#no bgp client-to- client reflection XSR(config-router)#bgp client-[...]
-
Page 285
BGP Configuration Commands XSR CLI Reference Guide 6-89 Synt ax bgp confederation identifier autonom ous-system Synt ax of the “no” Form The no form of this command removes the confederation id entifier: no bgp confederation identifier Mode Router configuration: XSR(config-router)# Example The fol[...]
-
Page 286
BGP Configuration Commands 6-90 Configuring the Border Gateway Pr otocol bgp dampening This command enables BGP route dampening to minimize propagation of flapping routes (repeatedly available/unav ailable) across the netw ork. Each time a route flaps, a pen[...]
-
Page 287
BGP Configuration Commands XSR CLI Reference Guide 6-91 bgp default local-preference This command changes the default local preference val u e . The path with the highest local preference va l u e is preferred over competing paths to the same destination[...]
-
Page 288
BGP Configuration Commands 6-92 Configuring the Border Gateway Pr otocol Default s •E x t e r n a l : 20 • Internal: 200 Mode Router configuration: XSR(config-router)# Example This example sets BGP external and internal administrati ve distances to 50 and 150, respective ly: XS[...]
-
Page 289
BGP Configuration Commands XSR CLI Reference Guide 6-93 Example The following example sets the neighbor adverti sement ‐ interv al va l ue within BGP process 100 . Note that the neighbor remote-as command must be executed before this command can be ent[...]
-
Page 290
BGP Configuration Commands 6-94 Configuring the Border Gateway Pr otocol neighbor distribute-list This command distributes the information specified in an access ‐ list to a BGP neighbor . Before entering this command, a neighbor or peer group must be [...]
-
Page 291
BGP Configuration Commands XSR CLI Reference Guide 6-95 neighbor ebgp-multihop This command connects the BGP neighbors on networks that are not directly ‐ connected to the network of the router that this command is entered on. Before entering t[...]
-
Page 292
BGP Configuration Commands 6-96 Configuring the Border Gateway Pr otocol Synt ax of the “no” Form The no form of this command removes the specified neighbor: no neighbor { ip-address | peer-group -name } filter-list filter-list Mode Router configuration: XSR(config-router)# Example This example ?[...]
-
Page 293
BGP Configuration Commands XSR CLI Reference Guide 6-97 Synt ax of the “no” Form The no form of this command removes the specified neighbor: no neighbor { ip-address | peer-group -name } maximum-prefix value [ threshold ] [ warning-only ] Mode Router configuration: XSR(config-router)# Default s •N o[...]
-
Page 294
BGP Configuration Commands 6-98 Configuring the Border Gateway Pr otocol Example The following example sets the router at 192.168.1.1 as the next hop: XSR(config)#router bgp 100 XSR(config-router)#neighbor 192.168. 1.1 remote-as 101 XSR(config-router)#neighbor 192.168.1.1 next-hop-sel f neighbor p assword[...]
-
Page 295
BGP Configuration Commands XSR CLI Reference Guide 6-99 neighbor peer-group This command creates a BGP peer group and assigns a BGP neighbor to a peer group. Synt ax neighbor { ip-address | peer-group-na me } peer-group [ peer-group-name ] Synt ax of the “no” Form The no form ?[...]
-
Page 296
BGP Configuration Commands 6-100 Configuring the Border Gateway Protocol Mode Router configuration: XSR(config-router)# Example The following example configures two neighbors. Neighbor 192.168.1.1 is an external neighbor since the AS number of 101 dif fers from [...]
-
Page 297
BGP Configuration Commands XSR CLI Reference Guide 6-101 neighbor route-reflector-client This command establishes the router that this command wa s entered on as a BGP route reflector . This command also identifies the specif ied neighbor router as t[...]
-
Page 298
BGP Configuration Commands 6-102 Configuring the Border Gateway Protocol Example The following example sets a neighbor ’ s community: XSR(config)#router bgp 100 XSR(config-router)#neighbor 192.168. 1.1 remote-as 101 XSR(config-router)#neighbor 192.168.1.1 send-communi ty neighbor shut down This command disables [...]
-
Page 299
BGP Configuration Commands XSR CLI Reference Guide 6-103 Synt ax of the “no” Form The no form of this command returns to the command default: no neighbor { ip-address | peer-group -name } soft-reconfiguration inbound Mode Router configuration: XSR(config-router)# Default No soft reconfigur[...]
-
Page 300
BGP Configuration Commands 6-104 Configuring the Border Gateway Protocol Mode Router configuration: XSR(config-router)# Example This example sets the peer keep ‐ aliv e to 10 seconds and, subsequently , the hold ‐ time to 30 seconds: XSR(config)#router bgp 100 XSR(config-router[...]
-
Page 301
BGP Configuration Commands XSR CLI Reference Guide 6-105 neighbor weight This command specifies a we ig ht va l ue for a connection to a neighbor or a BGP peer group. Synt ax neighbor { ip-address | peer-group-na me } weight value Synt ax of the “no” Form The no form ?[...]
-
Page 302
BGP Configuration Commands 6-106 Configuring the Border Gateway Protocol Synt ax of the “no” Form The no form of this command removes the configured filter li st: no ip as-path access-list access-lis t-number Mode Global configuration: XSR(config)# Example The following example configu[...]
-
Page 303
BGP Configuration Commands XSR CLI Reference Guide 6-107 Synt ax of the “no” Form The no form of this command removes the commmunity list number: no community-list community-list-num ber Mode Global configuration: XSR(config)# Example This example configures IP community list ?[...]
-
Page 304
BGP Configuration Commands 6-108 Configuring the Border Gateway Protocol Synt ax of the “no” Form The no form removes the network from the routing table: no network network-number [ mask netw ork-mask ] Mode Router configuration: XSR(config-router)# Example The following example configures[...]
-
Page 305
BGP Configuration Commands XSR CLI Reference Guide 6-109 Mode Router configuration: XSR(config-router)# Default Redistribution is not enabled. Example The following example redistributes static routes into BGP: XSR(config)#router bgp 100 XSR(config-router)#redistribute stat ic synchronization This [...]
-
Page 306
Route Map Commands 6-110 Configuring the Border Gateway Protocol Synt ax timers bgp keep-alive Synt ax of the “no” Form The no form of this command deletes the timers valu e : no timers bgp Mode Router configuration: XSR(config-router)# Default s •K e e p a l i v e timer: 30 seconds •H[...]
-
Page 307
Route Map Commands XSR CLI Reference Guide 6-111 Synt ax of the “no” Form The no form of this command removes the patch li st number: no match as-path path-list-number Mode Route ‐ map configuration: XSR(config-route-map)# Example This example sets the match as ‐ path i[...]
-
Page 308
Route Map Commands 6-112 Configuring the Border Gateway Protocol Mode Route ‐ map configuration: XSRA(config-route-map)# Default No match based on community list Example The following example configures the match community va l u e in the context of configuring a [...]
-
Page 309
Route Map Commands XSR CLI Reference Guide 6-113 Mode Route ‐ map configuration: XSR(config-route-map)# Example The following example sets the match metric to 300 : XSR(config)#route-map 1 permit 1 XSR(config-route-map)#match metric 300 match ip address This command match es IP address es ?[...]
-
Page 310
BGP Set Commands 6-114 Configuring the Border Gateway Protocol Synt ax match ip next-hop access-list-number Synt ax of the “no” Form The no form of this command removes the match next hop va l u e : no match ip next-hop access-list-num ber Mode Route ‐ map configuration: XSR(config-route-map[...]
-
Page 311
BGP Set Commands XSR CLI Reference Guide 6-115 Synt ax of the “no” Form The no form of this command removes the AS path va lu e : no set as-path Mode Route ‐ map configuration: XSR(config-route-map)# Example The following example configures the as ‐ path va l u e in[...]
-
Page 312
BGP Set Commands 6-116 Configuring the Border Gateway Protocol Synt ax of the “no” Form The no form of this command removes the se t community val u e : no set community Mode Route ‐ map configuration: XSR(config-route-map)# Example The fol lowing example configures the set ?[...]
-
Page 313
BGP Set Commands XSR CLI Reference Guide 6-117 •T h e XSR penalizes a route marked as unstable with a va l u e of 1024 each time it fails. If penalties accrue beyond the suppress threshold you set, the route is no longer adv[...]
-
Page 314
BGP Set Commands 6-118 Configuring the Border Gateway Protocol XSR(config)#router bgp 100 XSR(config)#bgp dampening route-map 1 set ip next-hop This command specifies where to output packets that pass a match clause of a route map for policy routing. It modifies the[...]
-
Page 315
BGP Set Commands XSR CLI Reference Guide 6-119 Synt ax of the “no” Form The no form of this command removes the lo cal preference val u e: no set local-preference value Mode Route ‐ map configuration: XSR(config-route-map)# Default Preference val u e : 100. Example The following [...]
-
Page 316
BGP Set Commands 6-120 Configuring the Border Gateway Protocol Mode Route ‐ map configuration: XSR(config-route-map)# Default The dynamically ‐ learned metric valu e . Example The following example displays how the set metric command is used to update the val u e of[...]
-
Page 317
BGP Set Commands XSR CLI Reference Guide 6-121 Mode Route ‐ map configuration: Router(config-route-map)# Default The default val ue for this command is the defaul t val u e for the origin code. The default val u e for the origin code is incomplete [...]
-
Page 318
BGP Clear and Show Commands 6-122 Configuring the Border Gateway Protocol Example The following example configures the weig ht parameter in the context of configuring route map 1 and applying it to updates arriving from tw o remote neighbors: XSR(config)[...]
-
Page 319
BGP Clear and Show Commands XSR CLI Reference Guide 6-123 Synt ax clear ip bgp {* | address | peer-gro up peer-group-name } [ soft [ in | out ]]} Mode Privileged EXEC: XSR# Examples This example displays all BGP connections and neighbors cleared by means of a hard rese t, the m[...]
-
Page 320
BGP Clear and Show Commands 6-124 Configuring the Border Gateway Protocol show ip bgp This command displays entries in the BGP routing table. Synt ax show ip bgp [ network ][ network - mask ][ longer - prefixes ] Mode EXEC configuration: XSR> Examples The following is sample output from[...]
-
Page 321
BGP Clear and Show Commands XSR CLI Reference Guide 6-125 Display Parameters The following is sample output from the command: XSR#show ip bgp 55.5.5.0/24 BGP routing table entry for 55.5.5.0 255.255.255.0 Paths: (2 available, learned over EB GP) AS Path 200, Aggregator 500 1.2.3.4 Next Hop 52.52.52.3 from 52.52.52.3 (52.[...]
-
Page 322
BGP Clear and Show Commands 6-126 Configuring the Border Gateway Protocol XSR#show ip bgp community 400 Local router ID is 1.1.1.4 Status codes: s suppressed, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? = incomplete Network Next Hop Metric LocPrf Weight Path *> 192.4.4.0/24 192.168.72.1 00 0 100 100 300 ? *> 192.1.1.0/2[...]
-
Page 323
BGP Clear and Show Commands XSR CLI Reference Guide 6-127 Synt ax show ip bgp dampened-paths Mode EXEC configuration: XSR> Example The following is sample output from the command: XSR#show ip bgp dampened-paths Local router ID is 1.1.1.4 Status codes: s suppressed, * valid, > best, i - internal Origin codes[...]
-
Page 324
BGP Clear and Show Commands 6-128 Configuring the Border Gateway Protocol show ip bgp inconsistent-as This command displays routes that have incomplete originating ASs. Synt ax show ip bgp inconsistent-as Mode EXEC configuration: XSR> Example The following is sample output from the [...]
-
Page 325
BGP Clear and Show Commands XSR CLI Reference Guide 6-129 Hold time is 90, keepalive interval is 30 seconds Neighbor capabilities: Route Refresh: advertised & recei ved Address family IPv4 Unicast: adve rtised & received Received 11 messages, 1 notificatio ns Sent 10 messages, 1 notifications, 0 in queue Route Refresh request: received 0 s [...]
-
Page 326
BGP Clear and Show Commands 6-130 Configuring the Border Gateway Protocol show ip bgp peer-group This command displays information about th e BGP peer group belonging to the router that this command is entered on. Synt ax show ip bgp peer-group [ peer-group-n ame ][ summary ] M[...]
-
Page 327
BGP Clear and Show Commands XSR CLI Reference Guide 6-131 Local router ID is 1.1.1.4 Status codes: s suppressed, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? = incomplete Network Next Hop Metric LocPrf Weight Path *> 192.4.4.0/24 192.168.72.1 00 0 100 100 300 ? *> 192.1.1.0/24 192.168.72.1 00 0 100 100 300 ? *> 66.6.6[...]
-
Page 328
BGP Debug Commands 6-132 Configuring the Border Gateway Protocol show route-map This command displays configured route maps and information about policy maps that are referenced. Synt ax show route-map [ map-number ] Mode EXEC configuration: XSR> Example The following is sam[...]
-
Page 329
BGP Debug Commands XSR CLI Reference Guide 6-133 Synt ax of the “no” Form The no form of this command disables debugging output: no debug ip bgp [ events | updates ] Mode EXEC configuration: XSR> Default BGP debugging is di sabled. Examples The following is sample output [...]
-
Page 330
BGP Debug Commands 6-134 Configuring the Border Gateway Protocol Display Parameters show ip traffic This command display BGP statistics among other IP data. Synt ax show ip traffic Mode EXEC configuration: XSR> Example The following sample outputdisp lays only BGP ‐ specific data:[...]
-
Page 331
XSR CLI Reference Guide 7-83 7 Configuring IP Multicast Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described below . IGMP and Generic Multicast Commands The following command sets define IP Multicast functionality on the XS[...]
-
Page 332
Observing Syntax and Conventions 7-84 Configuring IP Multicast Synt ax The no form of the command disables the multicast service: no ip multicast-routing Mode Global configuration: XSR(config)# Default Disabled Example In the following example, multicast service is ena bled [...]
-
Page 333
Observing Syntax and Conventions XSR CLI Reference Guide 7-85 ip igmp join This command manua lly joins a multicast group to a local interface. Synt ax ip igmp join-group group-address Synt ax of the “no” Form The no form of this command cancels membership in a grou[...]
-
Page 334
Observing Syntax and Conventions 7-86 Configuring IP Multicast ip igmp last-member-query-interval This command sets the frequency at which IGMP group ‐ specific host query messages ar e sent. Synt ax ip igmp last-member-query-interval interval Synt ax of the “no” Form The no form [...]
-
Page 335
Observing Syntax and Conventions XSR CLI Reference Guide 7-87 Example This example changes the frequency which IGMP host ‐ query messages are sent to 3 minutes: XSR(config-if<F1>)#ip igmp query-int erval 180 ip igmp query-max-response-time This command configures the maximu[...]
-
Page 336
Observing Syntax and Conventions 7-88 Configuring IP Multicast Mode Interface configuration: XSR(config-if<xx>)# Default Tw o ti mes the query interv al Example The following example sets the XSR to wa i t 30 seconds from the time it received the last [...]
-
Page 337
PIM Commands XSR CLI Reference Guide 7-89 PIM Commands ip pim sp arse-mode This command enables Protocol Independent Multicast (PIM) Spa rse Mode (SM) on a local interface. Synt ax ip pim sparse-mode Synt ax of the “no” Form The no form of this command disables PIM [...]
-
Page 338
PIM Commands 7-90 Configuring IP Multicast Example The following example sets interface F1 as the PIM domain border: XSR(config-if<F1>)#ip pim bsr-border ip pim bsr-candidate This command enables the XSR to announce its candidacy as a BootStrap Router [...]
-
Page 339
PIM Commands XSR CLI Reference Guide 7-91 ip pim dr-priority This command sets the priority for which a router is elected as the Designated Router (DR). Synt ax ip pim dr-priority priority-value Synt ax of the “no” Form The no form of this command disables t[...]
-
Page 340
PIM Commands 7-92 Configuring IP Multicast Default 60 seconds Example The following example changes the PIM ‐ SM message interv al to 120 seconds: XSR(config-if<F1>)#ip pim message-in terval 120 ip pim query-interval This command sets the frequency of Protocol Independe[...]
-
Page 341
PIM Commands XSR CLI Reference Guide 7-93 Synt ax of the “no” Form The no form of this command removes the static RP configuration: no ip pim rp-address rp-address Mode Global configuration: XSR(config)# Example This example configures the RP used by the multicast ?[...]
-
Page 342
PIM Commands 7-94 Configuring IP Multicast ip pim regcksum wholep acket This command changes the register checksum calculation to the industry standard. Synt ax ip pim RegCksum wholepacket Synt ax of the “no” Form The no command removes the stati c RP configuration: no ip pim R[...]
-
Page 343
IGMP Clear and Show Commands XSR CLI Reference Guide 7-95 Default The threshold is 0 Example The following example sets the source tree switching threshold to 4 kbps: XSR(config)#ip pim spt-threshold 4 IGMP Clear and Show Commands clear ip mroute This command deletes entries fr[...]
-
Page 344
IGMP Clear and Show Commands 7-96 Configuring IP Multicast State: Dynamic Mode: Include Current version: V3 Group IP: 232.1.1.1 Reporter IP: 3.3.3.199 V1MEM exist timer: 0 V2MEM exist timer: 0 Member expire timer: 256 Source IP: 6.6.6.10 (Forward state: YES, Timer:260) Parameters in the Response show ip igmp interface This command displays [...]
-
Page 345
IGMP Clear and Show Commands XSR CLI Reference Guide 7-97 IGMP state: Enabled Multicast ttl threshold: 0 Current query Interval: 125 Last Member Interval: 1 Querier timeout: 255 Max Response Timeout: 10 Current robust value: 2 Querier IP: 1.1.1.2 (Self) Query sending timer: 124 Group configured: None ---------------------------------- -------------[...]
-
Page 346
IGMP Clear and Show Commands 7-98 Configuring IP Multicast show ip mroute This command displays entries in the IP multicast routing table. Synt ax show ip mroute [][ source-address ][ su mmary ] Mode EXEC configuration: XSR> Example The following example displays sample responses: X[...]
-
Page 347
IGMP Clear and Show Commands XSR CLI Reference Guide 7-99 Parameters in the Response show ip pim bsr This command displays Bootstrap Router (BSR) ver s io n 2 information. Synt ax show ip pim bsr Mode EXEC configuration: XSR> Flags Provides information about following entries: • D ‐?[...]
-
Page 348
IGMP Clear and Show Commands 7-100 Configuring IP Multicast Example The following example displays sample responses: XSR>#show ip pim bsr PIMv2 Bootstrap information This system is the Elected Bootstrap Router (BSR) BSR address: 192.168.27.1 Uptime: 04:37:46, BSR Priority: 4, Hash mask length: 30 Next bootstrap message in 00:[...]
-
Page 349
IGMP Clear and Show Commands XSR CLI Reference Guide 7-101 Parameter Descriptions show ip pim neighbor This command displays discov ered Protocol Independent Multicast (PIM) neighbors. Synt ax show ip pim neighbor [ type number ] Mode EXEC configuration: XSR> Example The following example shows[...]
-
Page 350
IGMP Clear and Show Commands 7-102 Configuring IP Multicast show ip pim rp This command displays the activ e rende zvous points (RPs) that are cached with associated multicast routing entries. Synt ax show ip pim rp [ group-address | mapp ing ] Mode EXEC configuration: XSR> Exam[...]
-
Page 351
IGMP Clear and Show Commands XSR CLI Reference Guide 7-103 Example The following example displays sample responses: XSR>show ip pim rp-hash 239.1.1.1 RP 192.168.27.12 Parameter Descriptions RP Address of the RP for the group specified (239.1.1.1).[...]
-
Page 352
IGMP Clear and Show Commands 7-104 Configuring IP Multicast[...]
-
Page 353
XSR CLI Reference Guide 8-83 8 Configuring the Point-to-Point Protocol Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. PPP Commands This chapter defines Po i n t ‐ to ‐ Poi n t Protocol (PPP) service [...]
-
Page 354
PPP Commands 8-84 Configuring the Point-to-Point Protocol encap sulation ppp This command sets the Poi n t ‐ to ‐ Po i n t Protocol (PPP) as the encapsulation method used by a ser ial port. To use PPP encapsulation, the XSR must be configured wit[...]
-
Page 355
PPP Commands XSR CLI Reference Guide 8-85 Synt ax interface type slot_num card_num por t_num sub-interface_num Slots, cards, ports, and sub ‐ interfaces ar e expressed as follows on the CLI: Synt ax of the “no” Form The no command deletes the interface: no interface serial port_n[...]
-
Page 356
PPP Commands 8-86 Configuring the Point-to-Point Protocol XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#encapsulation p pp XSR(config-if<S1/0>)#no shutdown The following example selects c hannel group 12 of the T1/E1 port1 on the second NIM card so that late[...]
-
Page 357
PPP Commands XSR CLI Reference Guide 8-87 Synt ax of the “no” Form The no form of this command disable PPP authentication: no ppp authentication Default Not enabled Mode Interface configuration: XSR(config-if< xx >)# Example 1 Figure 8 ‐ 1 shows two routers, Site A and [...]
-
Page 358
PPP Commands 8-88 Configuring the Point-to-Point Protocol Example 2 Figure 8 ‐ 2 shows two router s, Site A and Site B, and only one peer configured to do authentication (using chap) with only Site B issuing the challenge. The configuration[...]
-
Page 359
PPP Commands XSR CLI Reference Guide 8-89 Synt ax of the “no” Form The no form of this command disables either function: no ppp chap { hostname | refuse | password } Mode Interface configuration: XSR(config-if< xx >)# Examples The f ollowing example creates the alternate CHAP[...]
-
Page 360
PPP Commands 8-90 Configuring the Point-to-Point Protocol Example The following example sets Serial interface 1/0 to have keepaliv e configured at 8 ‐ second interv als: XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#encapsulation p pp XSR(config-if<S1/0>)#no shutdown XSR(conf[...]
-
Page 361
PPP Commands XSR CLI Reference Guide 8-91 Synt ax ppp lcp max-failure number Synt ax of the “no” Form The no command resets the counter to the def ault val u e : no ppp lcp max-failure Default 5 Mode Serial, Dialer or Fast/GigabitEthernet Su b ‐ interface configuration: XSR(config-if[...]
-
Page 362
PPP Commands 8-92 Configuring the Point-to-Point Protocol Mode Serial, Dialer and Fast/GigabitEthernet Sub ‐ interface configuration: XSR(con fig-if< xx >)# Example The following example sets the terminate ‐ request counter at 10 requests on Dialer interface 57 : [...]
-
Page 363
PPP Commands XSR CLI Reference Guide 8-93 Synt ax ppp pap sent-username [ username ] pas sword [ password ] Synt ax of the “no” Form Use the no form of this command to del ete the username and password: no pap sent-username Default No username or password Mode Interface configurati[...]
-
Page 364
PPP Commands 8-94 Configuring the Point-to-Point Protocol Synt ax ppp peer default ip address { ip addr ess } Synt ax of the “no” Form Use the no form of this command to remov e the IP address: no ppp peer default ip address Mode Interface configuration: XSR(config-if< xx >)# Examples Th[...]
-
Page 365
PPP Commands XSR CLI Reference Guide 8-95 Synt ax of the “no” Form Use the no form of this command to di sable LQM: no ppp quality Default Disabled Mode Interface configuration: XSR(config-if< xx >)# Example The following example enables LQM on Serial interfac e 2[...]
-
Page 366
PPP Commands 8-96 Configuring the Point-to-Point Protocol XSR(config-if<S1>)#ppp timeout retry 20 username This command adds or modifies a user who can manage the XSR. This command specifies the password to be used in the PPP Challenge H andshake A[...]
-
Page 367
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-97 Example The following example enables CHAP on serial interface 1/0 and defines a passw o rd for local server Bob and remote serve r John : XSR(config)#hostname Bob XSR(config)#interface serial 1/0 XSR(confi[...]
-
Page 368
PPP Debug, Clear and Show Commands 8-98 Configuring the Point-to-Point Protocol XSR#debug ppp packet serial 2/0:0 li mit 10 lcp bacp bap Sample Output The following debugging output displays all PPP control packets: May 21, 2003: 13:00:00 Rx 20 bytes L CP CONFIG_REQ: MRU: 1500 Magic Number: 12345678 (0xBC614E) May 21[...]
-
Page 369
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-99 Synt ax of the “no” Form The no form of this command removes PPP de bugging on the interface: no ppp debug packet Default Limit: 100 packets Mode Interface configuration: XSR(config-if<xx>)# Example This example [...]
-
Page 370
PPP Debug, Clear and Show Commands 8-100 Configuring the Point-to-Point Protocol XSR#show ppp interface ********** PPP Stats ********** Serial 1/0:0: PPP is Admin Up / Oper Up / Link Speed: 64000 LCP Current State: OPENED IPCP Current State: OPENED Multilink Current State: OPENED LCP STATS Total Rcv Pck: 0 Total Rcv Control Pck: 0 Total Rcv Data Pc[...]
-
Page 371
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-101 Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following output is displayed fo r Serial and Multilink interfaces: XSR#show ppp Serial 1/0 PPP State: LCP State: OPENED IPCP State: OPEN ED Multilink Stat[...]
-
Page 372
PPP Debug, Clear and Show Commands 8-102 Configuring the Point-to-Point Protocol Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following output is produced by this command: Serial 1/0 is Admin Up / Oper Up Internet address is 25.25.25.3, subn et mask is 255.255.255.0 LCP St[...]
-
Page 373
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-103 Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following output display s with a PPP connection established (PPP quality has not been enabled on the interface so [...]
-
Page 374
PPP Debug, Clear and Show Commands 8-104 Configuring the Point-to-Point Protocol Serial 1/0:0 Serial 1/0:3 Serial 1/0:7 Serial 1/0:13 Serial 1/0:10 Serial 1/0:1 Serial 1/0:25 Serial 1/0:11 Serial 1/0:24 Serial 1/0:12 Serial 1/0:5 Serial 1/0:16 Serial 1/0:14 Serial 1/0:29 The following displays output with PPP quality ena[...]
-
Page 375
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-105 Quality: good InGoodOctets : 26600 LocalPeriod: 100000 RemotePeriod: 100 000 OutLQRs:1000InLQRs: 1000 LCP Configuration: LCP CONFIGURATION InitialMRU: 1500 MagicNumber: true FcsSize: 16 LQR CONFIGURATION Period: 10 sec Status: Disabled Output Parameters Summary For PPP link ?[...]
-
Page 376
PPP Debug, Clear and Show Commands 8-106 Configuring the Point-to-Point Protocol RemoteT oLocalProtocolCompression LocalMRU RemoteMRU ReceiveFcsSize T ransmitFcsSize LQR St atus and St atistics This section displays LQR parameters display ed for the local PPP entity . Va l u e s are display ed [...]
-
Page 377
PPP Debug, Clear and Show Commands XSR CLI Reference Guide 8-107 OutLQRs LCP Configuration This section describes LCP configuration data display ed for a PPP Link. InitialMRU MagicNumber FcsSize LQR Configuration This section describes LQR configuration data displayed for a [...]
-
Page 378
Multilink PPP Commands 8-108 Configuring the Point-to-Point Protocol St atus Multilink PPP Commands interface multilink This command names the multilink group and creates a logic interface for this multilink group. Only the PPP multilink group is supported curre[...]
-
Page 379
Multilink PPP Commands XSR CLI Reference Guide 8-109 XSR(config-if<S1/1>)#multilink-group 2 XSR(config-if<S1/1>)#encapsulation p pp XSR(config-if<S1/1>)#ppp multilink XSR(config-if<S1/1>)#no shutdown multilink max-links This command sets the maximum number of links allowed in this [...]
-
Page 380
Multilink PPP Commands 8-110 Configuring the Point-to-Point Protocol Default 1 Mode Dialer Interface configuration: XSR(con fig-if< xx >)# Examples The following example sets the minimum multil ink limit to 6 on the terminating dialer interface: XSR(config)#interface dialer 4[...]
-
Page 381
Multilink PPP Commands XSR CLI Reference Guide 8-111 XSR(config-if<D57>)#ppp bap call acc ept ppp bap callback This command sets enables Bandwidth Allocation Protocol (BAP) callback parameters on a dialer interface to set up Bandwidth ‐ on ‐ Demand (BoD). It p[...]
-
Page 382
Multilink PPP Commands 8-112 Configuring the Point-to-Point Protocol Synt ax ppp bap number { default phone-number } Synt ax of the “no” Form The no command removes a BAP phone number: no ppp bap number { default phone-number } Mode Dialer Interface configuration: XSR(con fig-if<D x >)# Example The [...]
-
Page 383
Multilink PPP Commands XSR CLI Reference Guide 8-113 Example The following example resets the BAP pending timeout on Dialer port 1: XSR(config)#interface dialer 1 XSR(config-if<D1>)#ppp bap timeout p ending 60 ppp multilink This command enables Multilink PPP on an XSR [...]
-
Page 384
Multilink PPP Commands 8-114 Configuring the Point-to-Point Protocol Default Disabled Mode Dialer or Serial Interface configuration: XSR(config -if<D/S xx >)# Examples The following example configures a dialer for Multilink PPP . It does not show the configuration [...]
-
Page 385
Multilink PPP Commands XSR CLI Reference Guide 8-115 Mode Dialer , Multilink, BRI Interface, and Controller configuration: XSR(c onfig-if< xx >) and XSR(config-controller<T/E xx >) Default Hostname Example The following example sets the PPP multilink endpoint va l u e over [...]
-
Page 386
Multilink PPP Commands 8-116 Configuring the Point-to-Point Protocol entered, no maximum fragment size will be set and the fragment size will only be decided with the load balance. Synt ax ppp multilink fragment-delay value Synt ax of the “no” Form The no fo[...]
-
Page 387
Multilink PPP Commands XSR CLI Reference Guide 8-117 ppp multilink fragment disable This command disables fragmentation over a bundle PPP connection, supporting Multilink and Dialer interfaces. Synt ax ppp multilink fragment disable Synt ax of the “no” Form The no form of this [...]
-
Page 388
Multilink PPP Commands 8-118 Configuring the Point-to-Point Protocol Group Num: 1 LCP State: OPENED IPCP State: OPENED Multilink State: OPENED Multi-Class State: OPENED Multilink header format is LONG SEQ NUM Class suspendable level is 5 tx clas ses and 5 rcv classes Fragmentation is disabled Bundle Size: 2 Class Level Tx: 5 Rx: 5 Max Load Threshol[...]
-
Page 389
Multilink PPP Commands XSR CLI Reference Guide 8-119 Synt ax of the “no” Form The no form of this command removes the PP P multilink group: no multilink-group Default Disabled with no s pecific multilink group assigned Mode Interface configuration: XSR(config-if< xx >[...]
-
Page 390
Multilink PPP Commands 8-120 Configuring the Point-to-Point Protocol Synt ax multilink load-threshold number ( 1-2 55 ) Default 255 Mode Dialer Interface configuration: XSR(con fig-if< xx >)# Example The following example sets the multilink PPP load threshold to 250 on the termin[...]
-
Page 391
Multilink PPP Commands XSR CLI Reference Guide 8-121 Example The following example enables the multi ‐ class MLPPP option: XSR(config-if<D57>)#ppp multilink mu lti-class[...]
-
Page 392
Multilink Show Commands 8-122 Configuring the Point-to-Point Protocol Multilink Show Commands show interface multilink This command displays multil ink interface statistics including MLPPP status for both the bundle and the member link. Synt ax show interface multilink [ number ] Mode [...]
-
Page 393
Multilink Show Commands XSR CLI Reference Guide 8-123 PPP Multilink St atus LCP St ate IPCP St ate Multilink St ate Multi-Class St ate Bundle Size Class Level Tx/Rx Max Load Threshold Bundle Tx/Rx Load A vg No Of Pck in Rx Buf Q Lowest link S peed Range INITIAL/ ST ARTING/ CLOSED/ STOPPED/ CLOSING/ STOPPING/ REQSENT/ ACK[...]
-
Page 394
Multilink Show Commands 8-124 Configuring the Point-to-Point Protocol Max Fragment Size High Pri Member link is Serial 1/00 PPP Multilink Bundle St atistics Rx St ats Tx St ats Range Not defined. Description Ma ximum fragment size ov er the member links. Range Not defined. Description Hig hest speed link [...]
-
Page 395
Multilink Show Commands XSR CLI Reference Guide 8-125 show ppp interface multilink/dialer This command displays PPP status, statistics and configurat ion data for interfaces running PP P . Synt ax show ppp interface [ interface type / n umber ][ option type ] Mode EXEC: XSR> Sample Output The ?[...]
-
Page 396
Multilink Show Commands 8-126 Configuring the Point-to-Point Protocol Invalid Proto: 0 Wrong Proto: 0 Padding Error: 0 Invalid Cls#: 0 Error to CP: 0 No Lower Lyr: 0 No Upper Lyr: 0 Others: 0 Tx Stats Total: 0 Data: 0 Control: 0 Null: 0 Discard: Pck Too Long: 0 No Lower Lyr: 0 EnQueue Full: 0 Others: 0 The following is is sample [...]
-
Page 397
Multilink Show Commands XSR CLI Reference Guide 8-127 Pck Too Long: 0 Invalid Proto: 0 Wrong Proto: 0 Padding Error: 0 Invalid Cls#: 0 Error to CP: 0 No Lower Lyr: 0 No Upper Lyr: 0 Others: 0 Tx Stats Total: 0 Data: 0 Control: 0 Null: 0 Discard: Pck Too Long: 0 No Lower Lyr: 0 EnQueue Full: 0 Others: 0 Refer to the show interface multil[...]
-
Page 398
Multilink Show Commands 8-128 Configuring the Point-to-Point Protocol Max Fragment delay is 10 ms Max Fragment Size is 256 bytes Class 0 1 2 3 4 QoSCls# -1 0 1 2 3 ExpctSeq# 1 1 1 1 1 LastFwdSeq# 0 0 0 0 0 LastM# 0 0 0 0 0 maxFListSize 0 0 0 0 0 FragListSize 0 0 0 0 0 TxSeq# 1 1 1 1 1 TxBufferSize 0 0 0 0 0 Rx Load Average 0 0 0 0 0 Max 0 0 0 0 0 M[...]
-
Page 399
Multilink Show Commands XSR CLI Reference Guide 8-129 ExpctSeq# LastFwdSeq# LastM# MaxFListSize FragListSize TxSeq# TxBufferSize Tx/Rx Load A verage/Max/Min Description Equivalent QoS class, • -1: fair class. • 0: low priority class. • 1: normal priority class. • 2: medium priority cla ss. • 3: high priority class. Range ‐ 1[...]
-
Page 400
Multilink Show Commands 8-130 Configuring the Point-to-Point Protocol Rx St ats Tx St ats show ppp interface multilink/dialer memberlink This command displays general me mber link statistics under MLPPP or specific member link statistics if specified. Synt ax show ppp interface multilink &[...]
-
Page 401
Multilink Show Commands XSR CLI Reference Guide 8-131 IPCP State: OPENED Multilink State: OPENED Multi-Class State: OPENED Multilink header format is LONG SEQ NUM Class suspendable level is 5 tx clas ses and 5 rcv classes Serial 1/0:0 Tx: Total 0 Discard 0(0/0) Rx: Total 0 Discard 0 PPP Multilink Member Link Paremeter Descriptions The detail ?[...]
-
Page 402
Multilink Show Commands 8-132 Configuring the Point-to-Point Protocol ********** MLPPP Member Link MultiCl assStats ********** Multilink 1: MLPPP is Admin Up / Ope r Up Group Num: 1 LCP State: OPENED IPCP State: OPENED Multilink State: OPENED Multi-Class State: OPENED Multilink header format is LONG SEQ NUM Class suspendable level is 5 tx clas ses [...]
-
Page 403
Multilink Show Commands XSR CLI Reference Guide 8-133 Rx St ats Tx St ats show ppp interface dialer x mlpppgroup x bap This command displays BAP multilink bundle statistics of a specific bundle under the dialer interface. Yo u can view individu al multilink bundles [...]
-
Page 404
Multilink Show Commands 8-134 Configuring the Point-to-Point Protocol BACP State: OPENED Multilink State: OPENED Multi-Class State: OPENED Multilink header format is LONG SEQ NUM Class suspendable level is 5 tx clas ses and 5 Max Fragment delay is 10 ms Bundle Size: 20 Class Level Tx: 5 Rx: 5 Max Load Threshold: 100 Bundle Tx Load Avg: 0 Bundle Rx [...]
-
Page 405
Multilink Show Commands XSR CLI Reference Guide 8-135 Rcv Call-ReqAck: 19 Rcv CallBack-Req: 0 Rcv CallBack-ReqAck: 0 Rcv LinkDrop-Req: 0 Rcv LinkDrop-ReqAck: 0 Tx Call-Req: 20 Tx Call-ReqAck: 0 Tx CallBack-Req: 0 Tx CallBack-ReqAck: 0 Tx LinkDrop-Req: 0 Tx LinkDrop-ReqAck: 0 Discriminators Local Remote Serial 3/2/0:26 0 1 Serial 3/2/0:30 1 3 Serial[...]
-
Page 406
Multilink Show Commands 8-136 Configuring the Point-to-Point Protocol[...]
-
Page 407
XSR CLI Reference Guide 9-83 9 Configuring Frame Relay Observing Synt ax and Conventions CLI command syntax and conventions use the notation described below . Frame Relay Commands This chapter descri bes the configurable features of the Frame Relay interface for the[...]
-
Page 408
Frame Relay Commands 9-84 Configuring Frame Relay Synt ax encapsulation frame-relay Synt ax of the “no” Form Disable Frame Relay encapsulation on the interface with the no form: no encapsulation frame-relay Mode Interface configuration: XSR(config-if< xx >)# Example This example sets[...]
-
Page 409
Frame Relay Commands XSR CLI Reference Guide 9-85 Synt ax of the “no” Form The no form removes the association of the map class to the interface or sub ‐ interface: no frame-relay class name Mode Interface configuration: XSR(config-if< xx >)# Example The following c[...]
-
Page 410
Frame Relay Commands 9-86 Configuring Frame Relay Once chosen as static, no inv erse ARP will be sent out by default. A free inver se ARP reque st (similar to above) can be requested by this command. Once chosen as static, thi s ?[...]
-
Page 411
Frame Relay Commands XSR CLI Reference Guide 9-87 Next Mode Frame Relay DLCI configuration: XSR(config- fr-dlci<xx>)# Examples The following example maps DLCIs 16 and 18 on serial sub ‐ interface 1/0.1 to the specified IP addresses, supporting bootp [...]
-
Page 412
Frame Relay Commands 9-88 Configuring Frame Relay XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#no shutdown XSR(config-if<S1/0>)#encapsulation f rame-relay XSR(config-if<S1/0>)#frame-relay int f-type dte XSR(config-if<S1/0>)#frame-relay lmi -type ansi The following example configures Serial interf[...]
-
Page 413
Frame Relay Commands XSR CLI Reference Guide 9-89 frame-relay lmi-n391d te This command sets the full status ‐ polling interv al when the Digital Te r m i n a l Equipment (DTE) interface is configured to set the full status message ‐ polling interval. Synt a[...]
-
Page 414
Frame Relay Commands 9-90 Configuring Frame Relay Default 3 Mode Interface configuration: XSR(config-if< xx >)# Example This example sets the LMI failur e threshold to 5 for the DCE devi ce: XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#encapsulation f rame-relay XSR(config[...]
-
Page 415
Frame Relay Commands XSR CLI Reference Guide 9-91 frame-relay lmi-t392dce This command sets polling veri f ic at io n timer on a Data Communications Equipment (DCE) interface. The timer marks the duration that the DCE expects to receive a Status [...]
-
Page 416
Frame Relay Commands 9-92 Configuring Frame Relay Mode Interface configuration: XSR(config-if< xx >)# Example This example sets the LMI failur e threshold to 5 for the DCE devi ce: XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#encapsulation f rame-relay XSR(config-if<S1/[...]
-
Page 417
Frame Relay Commands XSR CLI Reference Guide 9-93 frame-relay lmi-type This command configures the Local Management Interface (LMI) type on a per ‐ interface basis. Synt ax frame-relay lmi-type { ilmi | ansi | q933a | auto | none } Synt ax of the “no” Form Use the no command to ?[...]
-
Page 418
Frame Relay Commands 9-94 Configuring Frame Relay Synt ax of the “no” Form The no command disables the use of map ‐ class parameters: no frame-relay traffic-shaping Default Disable Mode Interface configuration: XSR(config-if< xx >)# Example This example enables both traffic sha[...]
-
Page 419
Frame Relay Map Class Commands XSR CLI Reference Guide 9-95 Synt ax of the “no” Form The no command deletes the interface: no interface serial port_num interface_num Mode Global configuration: XSR(config)# Examples This example selects interface serial 1/0 and sets Frame Relay [...]
-
Page 420
Frame Relay Map Class Commands 9-96 Configuring Frame Relay Mode Vi rt u a l Circuit configuration: XSR(config -fr-dlci)# Example The first three commands in the following example set up Serial sub ‐ interface 1/0.1 with associated DLCI 16 . The last two c[...]
-
Page 421
Frame Relay Map Class Commands XSR CLI Reference Guide 9-97 Synt ax frame-relay bc out bits Synt ax of the “no” Form The no command resets the committed burst size to its default valu e : no frame-relay bc out Mode Map Class configuration: XSR(config-map-class)# Default 7000 bits Examp[...]
-
Page 422
Frame Relay Map Class Commands 9-98 Configuring Frame Relay Example This example adds map class slowlink with Be of 10000 and Bc of 6000 bits: XSR(config)#map-class frame-relay sl owlink XSR(config-map-class<slowlink>)#fram e-relay be out 10000 XSR(config-map-class<slowlink>)#fram [...]
-
Page 423
Frame Relay Map Class Commands XSR CLI Reference Guide 9-99 frame-relay fragment This command specifies the FRF .12 end ‐ to ‐ end fragment si ze for a Frame Relay map ‐ class. Fragment size is defined in bytes. It specifies the number of payload ?[...]
-
Page 424
Frame Relay Map Class Commands 9-100 Configuring Frame Relay Synt ax of the “no” Form no map-class [ frame-relay | dialer ] map-class-name Mode Global configuration: XSR(config)# Next Mode FR Map ‐ Class configuration: XSR(config-map-class)# Example This example defines frame relay map ‐ class nor[...]
-
Page 425
Frame Relay Map Class Commands XSR CLI Reference Guide 9-101 Example The following example specifies HighPriori ty as the policy for the class map: XSR(config-map-class)#service-policy out HighPriority shut down This command disables an interface or sub ‐ interface. A sub[...]
-
Page 426
Frame Relay Clear and Show Commands 9-102 Configuring Frame Relay Examples This example selects sub ‐ interface Serial 1/0.5 on a serial interface: XSR(config)#interface serial 1/0 XSR(config-if<S1/0>)#encapsulation f rame-relay XSR(config-if<S1/0>)#no shutdown XSR(config-if<S1/0>)#interface s[...]
-
Page 427
Frame Relay Clear and Show Commands XSR CLI Reference Guide 9-103 Mode EXEC: XSR> Examples The following example clears all Frame Relay Inve rse ARP entries: XSR(config)#clear frame-relay inarp This example clears all Frame Relay Inv erse ARP entries for Interface ?[...]
-
Page 428
Frame Relay Clear and Show Commands 9-104 Configuring Frame Relay XSR(config)#show frame-relay fragmen t interface serial 2/0.1 960 Frame Relay End-to-End Fragmentation Detailed Statistics Serial 2/0.1 DLCI = 960 Fragment Size = 53 Incoming Traffic Outgoing Traffic Fragmented pkts = 0 Fragmented pkts = 0 Fragmented bytes = 0 Fragmented bytes = 0 As[...]
-
Page 429
Frame Relay Clear and Show Commands XSR CLI Reference Guide 9-105 show frame-relay lmi This command displays Local Management Interface (LMI) st atistics. Enter the command without arguments to obtain statistics about all Frame Relay interfaces. Synt ax show frame-relay[...]
-
Page 430
Frame Relay Clear and Show Commands 9-106 Configuring Frame Relay Parameter Descriptions show frame-relay map This command displays data from current fr ame ‐ relay map entries. Synt ax show frame-relay map Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following ?[...]
-
Page 431
Frame Relay Clear and Show Commands XSR CLI Reference Guide 9-107 The following example displays a point ‐ to ‐ point Frame Relay map: XSR#show frame-relay map Frame Relay Map Statistics (Serial 2 /0) Serial 2/0.3 dlci 981 (0x3D5, 0x F450) Remote Addr. P2P, gratuitous-inverse-arp, bootp, static ip 2.2.2.3 Paramet[...]
-
Page 432
Frame Relay Clear and Show Commands 9-108 Configuring Frame Relay PVC Statistics for Serial 2/0:1.1 (F rame Relay DTE) LMI = NONE DLCI = 16 PVC Status = UP INPUT: Pkt/Sec = 0 Packets = 17941 Bytes = 20018904 Drop Pkts = 0 BECN pkts = 0 FECN pkts = 0 DE pkts = 0 OUTPUT: Pkt/Sec = 2 Packets = 17942 Bytes = 20018904 Drop Pkts = 0 BECN pkts = 0 FECN pk[...]
-
Page 433
Frame Relay Clear and Show Commands XSR CLI Reference Guide 9-109 show frame-relay traffic This command displays global Frame Relay statistics since the last reload. Synt ax show frame-relay traffic Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output XSR#show frame-relay [...]
-
Page 434
Frame Relay Clear and Show Commands 9-110 Configuring Frame Relay Serial 1/0, CIR= 64000, Bc=8000, B E= 9000, fragment=53 Adaptive Shaping: Disabled, Servic e Policy: Voice # FR Ports = 1, # FR sub-Interfaces = 3, # DLCIs = 7 show interface serial The following statistics are added to the command if the port [...]
-
Page 435
Frame Relay Clear and Show Commands XSR CLI Reference Guide 9-111 The card is 2. The channel is 0. The current MTU is 1506. The device is in polling mode, and i s active. The last driver error is (null). The physical-layer is HDLC-SYNC, the TX, RX clock source is external. The device uses CRC-16 for Tx. The device uses CRC-16 for Rx. The type of en[...]
-
Page 436
Frame Relay Clear and Show Commands 9-112 Configuring Frame Relay[...]
-
Page 437
XSR CLI Reference Guide 10-83 10 Configuring the Dialer Interface This chapter descri bes commands for the dialer , dial er backup, and Dial ‐ on ‐ Demand/Bandwidth ‐ on ‐ Demand services. Observing Synt ax and Conventions The CLI command syntax and conventions use the [...]
-
Page 438
Dialer Interface Commands 10-84 Configuring the Dialer Interface •T h e dialer string command must be set to the dialer interface that owns the dialer pool where the dialer DTR serial interface is added. •T h e serial interface must be co[...]
-
Page 439
Dialer Interface Commands XSR CLI Reference Guide 10-85 Mode Interface configuration: XSR(config-if< xx >)# Example The following example shows dialer interface 0 assigned to dialer pool 6. XSR(config)#interface dialer 0 XSR(config-if<D1>)#dialer pool 6 XSR(config-if<D1>)#no shut[...]
-
Page 440
Dialer Interface Commands 10-86 Configuring the Dialer Interface dialer string This command creates a string used to place a call a destination or subnet. Ty p i c a l l y, it is the telephone number needed for dialing. Synt ax dialer string dial-string [ class [...]
-
Page 441
Dialer Interface Commands XSR CLI Reference Guide 10-87 Example The following example specifies a wai t time of 90 seconds for the carrier signal on serial port 1/0: XSR(config-if<S1/0>)#dialer wait-for-carrier -time 90 dialer wait-for-carrier-time (m ap-class dialer configur[...]
-
Page 442
Dialer Interface Commands 10-88 Configuring the Dialer Interface This mode of operation of the dial er interface is called spoofing and it is the default mode for this interface. Spoofing mode changes to non ‐ spoofing mode when the f o[...]
-
Page 443
Dialer Interface Commands XSR CLI Reference Guide 10-89 XSR(config-if<D3>)#dialer-group 7 XSR(config-if<D3>)#access-list 101 permit ip 0.0.0.0 255.255.255.255 255.255.255.255 0.0.0.0 XSR(config)#dialer-list 7 protocol i p list 101 map-class dialer This command defines the dial string ʹ s characteristics and [...]
-
Page 444
Dialer Interface Clear and Show Commands 10-90 Configuring the Dialer Interface Synt ax of the “no” Form The no form of this command removes the modem ‐ ini t ‐ string: no modem-init-string Mode Map ‐ Class Dialer configuration: XSR(config-map-c lass< xx >)# Example The foll owing [...]
-
Page 445
Dialer Interface Clear and Show Commands XSR CLI Reference Guide 10-91 Example XSR#show dialer 1 Sample Output The following is sample output from the show dialer command for a dial er interface: #show dialer 5 Dialer5 Dialer state is: UP Wait for carrier default: 60, defaul t retry: 3 Dial String Success[...]
-
Page 446
Dialer Interface Clear and Show Commands 10-92 Configuring the Dialer Interface Phone numbers: <2400:12> Connection speed/type: <64k>/<On De mand> Dialer maps configured on Interface <Dialer2>: Next hop IP address: <20.20.20.2> Phone numbers: <2400> Connection speed/type: <not set>/<O n Demand> show d[...]
-
Page 447
Dial Backup Commands XSR CLI Reference Guide 10-93 Dial Backup Commands The following set of commands defines a backup dial line. backup This command set backup functionality on Serial, Ethernet or sub ‐ interfaces. Yo u can also specify a delay be[...]
-
Page 448
Dial Backup Commands 10-94 Configuring the Dialer Interface backup interface dialer This command designates a Serial or Fast/GigabitEthernet/GigabitEthernet int erface or sub ‐ interface as a backup dialer interface. Synt ax backup interface dialer number Synt ax of the “no” Form no back[...]
-
Page 449
Dial Backup Commands XSR CLI Reference Guide 10-95 XSR(config)#interface fastethernet 2 XSR(config-if<F2>)#no shutdown XSR(config)#interface fastethernet 2 .1 XSR(config-if>)#backup interface dia ler 57 XSR(config-if>)#encapsulation ppp XSR(config-if>)#ip address negotiate d XSR(config-if>)#ip mtu 1492 XSR(config-if>)#no shutdo[...]
-
Page 450
DOD/BOD Commands 10-96 Configuring the Dialer Interface show interface dialer This command displays general information for a dialer interface. Synt ax show interface dialer number Mode Privileged EXEC: XSR# Sample Output The example below displays output from the show interface di[...]
-
Page 451
DOD/BOD Commands XSR CLI Reference Guide 10-97 Synt ax dialer-group group-number Synt ax of the ‘no’ Form Use the no form of this command to remov e an interface from the specified di aler access group: no dialer-group Mode Dialer Interface configuration: XSR(con fig-if[...]
-
Page 452
DOD/BOD Commands 10-98 Configuring the Dialer Interface Example The following example maps ACL 1350 to dialer li st 57: XSR(config) #access-list 57 permit ip 0.0.0.0 255.2 55.255.255 25 5.255.255.25 5 0.0.0.0 XSR(config)#dialer-list 57 protocol ip list 1350 dialer called This command maps incomi ng ?[...]
-
Page 453
DOD/BOD Commands XSR CLI Reference Guide 10-99 Synt ax of the “no” Form The no form of this command disables the feature: no dialer caller number Mode Dialer Interface configuration: XSR(con fig-if<D x >)# Example The following example configures the dialer caller num[...]
-
Page 454
DOD/BOD Commands 10-100 Configuring the Dia ler Interface XSR(config)#interface dialer 1 XSR(config-if<D1>)#dialer idle-timeo ut 300 The following example disables the idle ‐ timeout: XSR(config-if<D1>)#dialer idle-timeo ut 0 dialer map This command configures a Dialer or Integrated Serv[...]
-
Page 455
DOD/BOD Commands XSR CLI Reference Guide 10-101 Example The following example configures a next hop IP address, SPC, hostname and line speed for map class AcmeMap : XSR(config)#dialer map 1 XSR(config-if<D 1 >)#dialer map ip 192 .168.57.9 class AcmeMap name AcmeHost spc speed[...]
-
Page 456
DOD/BOD Commands 10-102 Configuring the Dia ler Interface Mode Interface configuration: XSR(config-if< xx >)# Default s •A t t e m p t : 1 (no redial) •I n t e r v a l : 10 seconds •R e ‐ enable: 5 seconds Example Assuming you have configured Serial interfaces 1/0 , 1/1, [...]
-
Page 457
Dialer Watch Commands XSR CLI Reference Guide 10-103 Dialer W a tch Commands dialer watch-group This command enables Dialer Wa t c h backup on a dialer interface with up to 16 wat c h ‐ groups. Synt ax dialer watch-group group-number Synt ax of the “no” Form Use the no form ?[...]
-
Page 458
Dialer Watch Commands 10-104 Configuring the Dia ler Interface Synt ax of the “no” Form Use the no form of this command to di sable this feature: no dialer watch-list group-number [ delay route-check initial initial-delay ][ delay connect connect-delay ][ delay disconn ect disconnect-delay ][ ip ip-addres[...]
-
Page 459
Dialer Watch Commands XSR CLI Reference Guide 10-105 dial string: 3200, success: 0, fail : 0 Dialer pool 1 stats: member: Serial 1/3:0, available B-channels: 30, serial p orts: 0 Watch-group stats: watch-group 1, rt cnt 1, trigg cnt 1, state is UP, delays: init 10, connect 3, discon nect 3, time range 10:15 11:15 timer expires in 18h:32m:28s watch-[...]
-
Page 460
Dialer Watch Commands 10-106 Configuring the Dia ler Interface[...]
-
Page 461
Book Title goes here 11-83 11 ISDN BRI and PRI Commands Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. ISDN Commands The following set of commands allows you to configure BRI/PRI functionalit[...]
-
Page 462
ISDN Commands 11-84 ISDN BRI and PRI Commands Synt ax of the “no” Form no interface bri board/slot Mode Global configuration: XSR(config)# Next Mode BRI Interface configuration: XSR(config- if<BRI- xx >)# Example The following example acquires BRI B ‐ channel 1 interface mode: XSR(conf[...]
-
Page 463
ISDN Commands Book Title goes here 11-85 Synt ax of the “no” Form Use the no form of this command to remov e the ve r if ic a ti on request: no isdn answer1 [ called-party-number ][ :subaddress ] Default No ver i fi ca t io n of either number Mode BRI Interface configuration: ?[...]
-
Page 464
ISDN Commands 11-86 ISDN BRI and PRI Commands Example The following example sets the T1 controller to make call selections in ascending order: XSR(config)#controller t1 1/0/0 XSR(config-controller<T1-1/0:0>)#des cription “T1 at Acme” XSR(config-controller<T1-1/0:0>)#fra ming esf XS[...]
-
Page 465
ISDN Commands Book Title goes here 11-87 A PRI or BRI port can hav e only one ISDN calling ‐ number entry . For ISDN PRI, this command is intended for us e when the network offers better pricing on calls in which devi ces ?[...]
-
Page 466
ISDN Commands 11-88 ISDN BRI and PRI Commands Example The following example sets up a test call on channel 24 on BRI port 1/1: XSR#isdn disconnect 1/1 24 <186>Jul 28 22:49:51 10.10.10.20 ISD N: No Channel Available For Test Call isdn spid1, isdn spid2 (BRI) This command specifies[...]
-
Page 467
ISDN Commands Book Title goes here 11-89 Synt ax isdn switch-type switch-type { basic-dms100 | basic-ni1 | basic-ntt | basic-net3 | primary-net5 | primary-ni2 | primary-5ess | primary- dms100 | primary-ntt } BRI Switch T ypes: PRI Switch T ypes: Synt ax of the “no” Form The no form of this command deletes the thr[...]
-
Page 468
ISDN Commands 11-90 ISDN BRI and PRI Commands Example The following example selects a switch typ e on the BRI 1/1 interface: XSR(config)#interface bri 1/1 XSR(config-if<BRI-1/1>)#isdn switch- type basic-net3 leased-line bri This command sets up an ISDN BRI port for ?[...]
-
Page 469
ISDN Commands Book Title goes here 11-91 Examples The following example configures two data streams on leas ed ‐ line BRI interface 1/1 at 56 kbps with PPP encapsulation: XSR(config)#interface bri 1/1 XSR(config-if<BRI-1/1>)#leased-line 56 XSR(config)#interface bri 1/1:1 XS[...]
-
Page 470
ISDN Debug and Show Commands 11-92 ISDN BRI and PRI Commands shut down (BRI) This command forces all data calls to be disconnected and signals all intern al XSR resources that the port is not available. Synt ax shutdown [ board / slot / port ] Synt ax of the “no” Fo[...]
-
Page 471
ISDN Debug and Show Commands Book Title goes here 11-93 Synt ax of the “no” Form The no form of this command removes ISDN message tracing. Yo u may choose to issue the command with all or no parameters selected. no debug isdn slot / card / por t [...]
-
Page 472
ISDN Debug and Show Commands 11-94 ISDN BRI and PRI Commands Packet Processor Tx Scheduler Stats: 0 Packet driver Tx OK 0 Packet driver not Tx: MUX END_ERR_BLOCK 0 Packet driver not Tx: MUX ERROR 0 Packet driver not Tx: Unkn own Msg from MUX The unit number is 167772177. The interrupt number is 27. General: SCC 4 parm ram = 0xa0290f00 , reg = 0xa02[...]
-
Page 473
ISDN Debug and Show Commands Book Title goes here 11-95 •P R I ‐ show interface serial 2/1:0 - 14 , 16-30 for E1 B channels Use the following table for refere nce. Synt ax (PRI) show interface bri [ card / port ]:[ chan nel number ] Synt ax (BRI) show interface bri [ card / port ]:[ chan nel number [...]
-
Page 474
ISDN Debug and Show Commands 11-96 ISDN BRI and PRI Commands Standard output of the command follows but is not displayed here. The following output is displayed fo r the BRI interface 2/1: XSR#sh interface bri 2/1 ********** Serial Interface Stats ********** D-Serial 2/1:0 [...]
-
Page 475
ISDN Debug and Show Commands Book Title goes here 11-97 show isdn history This command displays past ISDN actions on the XSR. Synt ax show isdn history [ board / slot / port ] Mode Privileged EXEC or Global configuration: XSR# or XSR(config)# Sample Output The following output disp[...]
-
Page 476
ISDN Debug and Show Commands 11-98 ISDN BRI and PRI Commands show isdn active This command displays current call information of all BRI or PRI ports, or only the selected port specified by board/slot/port identifier . Synt ax show isdn active [ board / slot / port ] Mod[...]
-
Page 477
ISDN Debug and Show Commands Book Title goes here 11-99 show isdn service This command displays the service status of all or selected ISDN ports . Synt ax show isdn service [ board / slot / port ] Mode Privileged EXEC or Global configuration: XSR# or XSR(config)# Parameter Descript[...]
-
Page 478
ISDN Debug and Show Commands 11-100 ISDN BRI and PRI Commands 20 CONNECTED 21 CONNECTED 22 CON NECTED 23 CONNECTED 24 CONNEC TED 25 CONNECTED 26 CONNECTED 27 CON NECTED 28 CONNECTED 29 CONNEC TED 30 CONNECTED[...]
-
Page 479
XSR CLI Reference Guide 12-83 12 Configuring Quality of Service Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. QoS Commands The following set of commands configure Quality of Service (QoS) va[...]
-
Page 480
Policy-Map Commands 12-84 Configuring Quality of Service service-policy This command attaches a policy map to an output or input interface. Yo u can att ach a single policy map to one or more interfaces. Synt ax service-policy [ input | output ] poli cy-map-[...]
-
Page 481
Policy-Map Commands XSR CLI Reference Guide 12-85 • random-detect exponential-weighting- constant ‐ Configures the WRED exponential wei gh t fact or for the av erage queue size calculation.Refer to page 12 ‐ 95 for the command definition. • random-detect precedenc[...]
-
Page 482
Policy-Map Commands 12-86 Configuring Quality of Service Example These commands create class ‐ map class1 and define its match criteria: XSR(config)#class-map class1 XSR(config-cmap<class1>)#match acces s-group 136 These commands create the policy map which is defined t[...]
-
Page 483
Policy-Map Commands XSR CLI Reference Guide 12-87 Synt ax of the “no” Form Remove the bandwidth sp ecified for a class by using the no for m of this command: no bandwidth Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c< xx> )# Example The following [...]
-
Page 484
Policy-Map Commands 12-88 Configuring Quality of Service Synt ax of the “no” Form The no form of this command removes a class from the policy map: no class { class-name } Mode Po l i c y ‐ Map configuration: XSR(config-pmap< xx> )# Next Mode Po l i c y ‐ Map Class configu[...]
-
Page 485
Policy-Map Commands XSR CLI Reference Guide 12-89 police This command configures traffic policing. Synt ax police bps [ burst-normal ][ burst-max ][ conform-action action ][ exceed-action action ][ violate-action action ] Synt ax of the “no” Form T raffic policing is remo ved by using the no form [...]
-
Page 486
Policy-Map Commands 12-90 Configuring Quality of Service Example The following example defines a traffic class using the class-map command and match criteria from the traffic class with the T raffic Po l ic i n g configuration , which is configured i[...]
-
Page 487
Policy-Map Commands XSR CLI Reference Guide 12-91 Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c-< xx> )# Example The following example configures two PQs fo r the policy map policy57 , with a high priority lev el , guaranteed bandwidth of [...]
-
Page 488
Policy-Map Commands 12-92 Configuring Quality of Service XSR(config)#policy-map policy75 XSR(config-pmap<policy75>)#class acl 203 XSR(config-pmap-c<acl203>)#bandwidth percent 35 XSR(config-pmap-c<acl203>)#queue-lim it 50 random-detect (RED) This command configures RED for a policy map. This command [...]
-
Page 489
Policy-Map Commands XSR CLI Reference Guide 12-93 random-detect (WRED) This command configures and enables We i g h t e d Random Early Detect (WRED) for the class. WRED is a congestion avoidance mechan ism that slows traffic by randomly dropping pack[...]
-
Page 490
Policy-Map Commands 12-94 Configuring Quality of Service Synt ax random-detect dscp dscp-value min-th res max-thres [ mark-prob ] Synt ax of the “no” Form The no form reverts WRED parameters to the default for a DSCP va l u e : no random-detect Mode Po l i c y ‐ Map Class configuration: [...]
-
Page 491
Policy-Map Commands XSR CLI Reference Guide 12-95 Examples The following example enables WRED with a minimum threshold for DSCP af21 of 24 and maximum threshold of 40 . The dropping probability is 1/4th . All other DSCPs hav e default [...]
-
Page 492
Policy-Map Commands 12-96 Configuring Quality of Service Synt ax of the “no” Form The no form of this command sets the constant to the default va l u e of 9: no random-detect exponential-weighting-constant Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c-< xx&g[...]
-
Page 493
Policy-Map Commands XSR CLI Reference Guide 12-97 Default s • Disabled •M a r k ‐ prob: 10 Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c-< xx> )# Examples The following example enables WR ED with a minimum IP precedence threshold of 24 and maximum ?[...]
-
Page 494
Policy-Map Commands 12-98 Configuring Quality of Service Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c-< xx> )# Example The following example configures policy ‐ map setCosT o4 that matches input priority val u e range from 5 to 7 and sets t[...]
-
Page 495
Policy-Map Commands XSR CLI Reference Guide 12-99 Synt ax of the “no” Form The no form of this command removes a previously set IP DSCP: no set ip dscp Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c- xx )# Example In the following example, the IP DSC[...]
-
Page 496
Policy-Map Commands 12-100 Configuring Quality of Service Mode Po l i c y ‐ Map Class configuration: XSR(config-pmap-c- xx )# Example The following example sets the IP Precedence bit to 7 for packets that satisfy the match criteria of the class map cal[...]
-
Page 497
Class-map Commands XSR CLI Reference Guide 12-101 Class-map Commands class-map This command creates a class map for matching packets to a specified class. Use it to specify the name of the class for which you wa n t to create or modif[...]
-
Page 498
Class-map Commands 12-102 Configuring Quality of Service XSR(config)#class-map class57 XSR(config-cmap<class57>)#match acce ss-group 136 XSR(config)#policy-map policy99 XSR(config-pmap<policy99>)#class cla ss57 XSR(config-pmap-c<class57>)#bandwidt h percent 10 XSR(config-pmap-c<class57>)#queue-li mit 40 XSR(config-pmap<po[...]
-
Page 499
Class-map Commands XSR CLI Reference Guide 12-103 match cos This command identifies a specific IEEE 802.1 priority va l ue as a match criterion. Up to 8 priority va l u e s can be matched in one match statement. For example, if you wa[...]
-
Page 500
Class-map Commands 12-104 Configuring Quality of Service Synt ax match ip dscp ip-dscp-value [ ip-dscp -value ][ ip-dscp-value ] [ ip-dscp-value ] [ ip- dscp-value ][ ip-dscp-value ][ ip-dscp-value ][ ip-dscp-va lue ] Synt ax of the “no” Form To remove a specif ic IP DSCP va l u e from a class map, us[...]
-
Page 501
QoS Show Commands XSR CLI Reference Guide 12-105 Synt ax of the “no” Form Use the no form of this command to remov e IP precedence va l ue s from a class map: no match ip precedence ip-precedence -value [ ip-precedence-value ] [ ip-preceden ce- value ][ ip-precedence-value ][ ip-prece [...]
-
Page 502
QoS Show Commands 12-106 Configuring Quality of Service Class map c3 Match access-group 103 Class map c2 Match ip precedence 2 Class map c1 Match ip dscp 32 show policy-map This command displays the configur ation of all classes for a specified se rvice policy map or all classes fo[...]
-
Page 503
QoS Show Commands XSR CLI Reference Guide 12-107 show policy-map interface This command shows the configuration of all service policies applied on an interface or Frame Relay Data ‐ link Connection Identifier (DLCI) . It displays the configuration for [...]
-
Page 504
QoS Show Commands 12-108 Configuring Quality of Service XSR(config)#map-class frame-relay fo o XSR(config-map-class<foo>)#frame-rel ay cir out 100000 XSR(config-map-class<foo>)#frame-rel ay bc out 10000 XSR(config-map-class<foo>)#service-p olicy output mypolicy XSR(config-map-class<foo>)#service p olicy input mypolicy XSR#sh[...]
-
Page 505
QoS Show Commands XSR CLI Reference Guide 12-109 show random-detect interface This command displays data about Random Early Detection (RED). Synt ax show random-detect interface [ interf ace-type interface-number ] Mode EXEC: XSR> or XSR(config)# Sample Output The following commands configure p[...]
-
Page 506
QoS Show Commands 12-110 Configuring Quality of Service DSCP min-th max-th mark-prob tail drop early drop 0 2 5 20 0 0 1 2 5 20 0 0 2 2 5 20 0 0 3 2 5 20 0 0 4 2 5 20 0 0 5 2 5 20 0 0 6 2 5 20 0 0 7 2 5 20 0 0 8 2 5 20 0 0 9 2 5 20 0 0 10 2 5 20 0 0 11 2 5 20 0 0 12 2 5 20 0 0 13 2 5 20 0 0 14 2 5 20 0 0 15 2 5 20 0 0 16 2 5 20 0 0 17 2 5 20 0 0 18[...]
-
Page 507
QoS Show Commands XSR CLI Reference Guide 12-111 49 2 5 20 0 0 50 2 5 20 0 0 51 2 5 20 0 0 52 2 5 20 0 0 53 2 5 20 0 0 54 2 5 20 0 0 55 2 5 20 0 0 56 2 5 20 0 0 57 2 5 20 0 0 58 2 5 20 0 0 59 2 5 20 0 0 60 2 5 20 0 0 61 2 5 20 0 0 62 2 5 20 0 0 63 2 5 20 0 0 Exponential weighting consta nt: 9 Parameter Descriptions show shape interface This com[...]
-
Page 508
QoS Show Commands 12-112 Configuring Quality of Service Sample Output This following commands configure shape information for each class. In the following example policy ‐ map shape is configured as follows: XSR(config)#policy-map Shape XSR(config-pmap<Shape>)#class d32[...]
-
Page 509
XSR CLI Reference Guide 13-83 13 Configuring ADSL Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described below . ADSL Configuration Commands The following command sets define ADSL functionality on the XSR including: • “CM[...]
-
Page 510
CMV Commands 13-84 Configuring ADSL Synt ax cmv append command-ID offset value Mode AT M Interface configuration: XSR(config-if<ATM xx >)# Example The following example adds the CMV DOP T 1 with a hex va l u e : XSR(config-if<ATM0/1/1>)#cmv append DOPT 1 0x306090c0 cmv clear This ?[...]
-
Page 511
CMV Commands XSR CLI Reference Guide 13-85 Synt ax cmv cr command-ID offset Mode AT M Interface configuration: XSR(config-if<ATM xx >)# Example The following example reads CMV ST A T 0 from the DSP: XSR(config-if<ATM0/1/1>)#cmv cr STAT 0 cmv cw This command writes a Command[...]
-
Page 512
CMV Commands 13-86 Configuring ADSL Synt ax cmv delete command-ID offset [value] Mode AT M Interface configuration: XSR(config-if<ATM xx >)# Example The following example deletes CMV OP TN2 , from the retaining list: XSR(config-if<ATM0/1/1>)#cmv delete OPTN 2 cmv print This command [...]
-
Page 513
Other ADSL Commands XSR CLI Reference Guide 13-87 Synt ax cmv save file-name Mode AT M Interface configuration: XSR(config-if<ATM xx >)# Example The following example saves the CMV training list to file ret ra i n ‐ list : XSR(config-if<ATM0/1/1>)#cmv save re train-list Save complete[...]
-
Page 514
Other ADSL Commands 13-88 Configuring ADSL interface atm This command creates an AT M interface object and its associated de vice driv er which downloads the specified firmware file to th e on ‐ board DSP . Depending on the size of the [...]
-
Page 515
Other ADSL Commands XSR CLI Reference Guide 13-89 • backup ‐ configures and enables a backup interface for the AT M sub ‐ interface. Refer to page 13 ‐ 90 for the command description. • crypto ‐ enables and configures VPN parameters on ?[...]
-
Page 516
Other ADSL Commands 13-90 Configuring ADSL Default s • Backup : Disabled • VPN : Disabled • Description : Set to the empty string • Encapsulation : None • IP : Not configured • PPP : Not configured • OA M procedures : Disabled • AT M PV C VPI/VCI : Set ?[...]
-
Page 517
Other ADSL Commands XSR CLI Reference Guide 13-91 Default Disabled by default. When enabled, all operational parameters must be specified . Example The following example configures a sub ‐ interface backup with a Dialer ID of 1, delay of 20 [...]
-
Page 518
Other ADSL Commands 13-92 Configuring ADSL XSR(config-if<ATM0/1/0.1>)#crypto ez ipsec XSR(config-if<ATM0/1/0.1>)#crypto ip sec df-bit copy XSR(config-if<ATM0/1/0.1>)#crypto ma p ets-vpn description This command adds a description string to an existing AT M sub ‐ interface. This com[...]
-
Page 519
Other ADSL Commands XSR CLI Reference Guide 13-93 Synt ax of the “no” Form The no form of this command removes any form of encapsulation, effectiv ely disabling the sub ‐ interface: no encapsulation Mode AT M Sub ‐ Interface configuration: XSR(config-if <ATM xx.x >)# [...]
-
Page 520
Other ADSL Commands 13-94 Configuring ADSL Synt ax ip address { ip-address / subnet-mask | negotiated } Synt ax of the “no” Form The no form of this command returns this parameter to its def ault setting: no ip address Mode AT M Sub ‐ Interface configuration: XSR(config-if <ATM xx[...]
-
Page 521
Other ADSL Commands XSR CLI Reference Guide 13-95 oam-pvc This command enables end ‐ to ‐ end F5 (circuit) OAM cell procedures for AT M P ermanent Vi rt u a l Circuit (PVC) management. OAM cells and how they are used are as follows: • Alarm [...]
-
Page 522
Other ADSL Commands 13-96 Configuring ADSL Example The following example sets the OAM frequency to 20 seconds: XSR(config-if<ATM0/1/0.1>)#oam-pvc m anage 20 oam retry This command configures parame ters related to OAM cell handling for AT M VC management. [...]
-
Page 523
Other ADSL Commands XSR CLI Reference Guide 13-97 Synt ax pvc vpi/vci Synt ax of the “no” Form The no form of this command returns this parameter to its def ault setting: no pvc Mode AT M Sub ‐ Interface configuration: XSR(config-if <ATM x / x / x . x >)# Default VPI/VCI de[...]
-
Page 524
Other ADSL Commands 13-98 Configuring ADSL no shut down This command sets the AT M interface to the administrativ e Up state and enables the line for operation. Data traffi c cannot flow until at least one associated sub ‐ interface is [...]
-
Page 525
PPP Configuration Commands XSR CLI Reference Guide 13-99 PPP Configuration Commands This section lists the subset of PPP configuration commands that apply when an AT M sub ‐ interface is configured for PPP o A or PPP oE encapsulation. ppp chap This command [...]
-
Page 526
PPP Configuration Commands 13-100 Configuring ADSL Synt ax of the “no” Form The no form of this command returns this parameter to its def ault setting: no ppp keepalive Mode AT M Sub ‐ Interface configuration: XSR(config-if <ATM x / x / x . x >)# Default s • Disabled •K e e[...]
-
Page 527
PPP Configuration Commands XSR CLI Reference Guide 13-101 Example The following example sets LCP parameters: XSR(config-if<ATM0/1/0.1>)#ppp lcp m ax-configure 5 max-failure 5 max- terminate 2 XSR(config-if<ATM0/1/0.1>)# ppp max-bad-auth This command configures the maximum number of authent[...]
-
Page 528
PPP Configuration Commands 13-102 Configuring ADSL Synt ax of the “no” Form The no form of this command returns this parameter to its def ault setting: no ppp pap Mode AT M Sub ‐ Interface configuration: XSR(config-if <ATM x / x / x . x >)# Default PA P is disabled Exam[...]
-
Page 529
ATM Clear and Show Commands XSR CLI Reference Guide 13-103 ppp timeout retry This command sets the maximum time to wai t for a response during PPP negotiation. It requires a properly configured AT M su b ‐ interface specifying enca psulation type PPPoA[...]
-
Page 530
ATM Clear and Show Commands 13-104 Configuring ADSL Example The following example clears the AT M counters: XSR#clear counters atm show controllers atm This command displays inter nal hardw are config uration and operational interface details regarding: receiv e (Rx) and ?[...]
-
Page 531
ATM Clear and Show Commands XSR CLI Reference Guide 13-105 The following is sample output when a sub ‐ interface is specified: XSR#show controllers atm 1/0.1 ********** ATM Sub-Interface Stats * ********* ATM 1/0.1 Packet Processor Tx Scheduler Stats: 952 Packet driver Tx OK 0 Packet driver not Tx: MUX END_ERR_[...]
-
Page 532
ATM Clear and Show Commands 13-106 Configuring ADSL Parameters in the Sub-Interface Response Packet Processor Tx Scheduler St ats A TM Sub-interface S t atistic Counters: DSP Image File : CFlash:adsl.fls Name of the file containing the DSP image. DSP Image Rev.: 43e2ea93 V endor ʹ s revision of the DSP ?[...]
-
Page 533
ATM Clear and Show Commands XSR CLI Reference Guide 13-107 show interface atm This command displays the running configuration and st atistical details for an AT M interface. Statistics supported by the ADSL interface are har dwa re dependent. General categor[...]
-
Page 534
ATM Clear and Show Commands 13-108 Configuring ADSL Examples The following is sample output when an interface is sp ecified: XSR#show interface atm 1/0 ********** ATM Interface Stats ***** ***** ATM 1/0 is Admin Up / Oper Up The name of this device is adsl Administrative State is ENABLED Operational State is UP O[...]
-
Page 535
ATM Clear and Show Commands XSR CLI Reference Guide 13-109 The logical link is currently Up The Name of the Access Concentrator is ENTERASY-CDDU1S The Session Id is 0x000b The MAC Address of the Access Concen trator is 0x00:60:f9:11:01:08 The MTU is 1492 The name of this device is adsl-0 Administrative state is ENABLED Operational State is UP Circu[...]
-
Page 536
ATM Clear and Show Commands 13-110 Configuring ADSL Parameters in the Sub-Interface Response The last section contains the MIB2 interface table as described in RFC ‐ 1213. General info : MIB2 interface table entries as described in RFC ‐ 1213 including AIS F4[...]
-
Page 537
XSR CLI Reference Guide 14-83 14 Configuring the VPN Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. VPN Commands The following command subsets configure the Vir t u a l Priv ate Network suite [...]
-
Page 538
PKI commands 14-84 Configuring the VPN • “Crypto Map Mode Commands” on pag e 14 ‐ 110. • “Crypto T ransform Mode Commands” on page 14 ‐ 115. • “Crypto Show Commands” on page 14 ‐ 118. • “Interface CLI Commands” on page 14 ‐ 121. • “Interface [...]
-
Page 539
CA Identity Mode Commands XSR CLI Reference Guide 14-85 Synt ax of the “no” Form Use the no form to delete all identity information and certificates associated with the CA: no crypto ca identity name Mode Global configuration: XSR(config)# Next Mode Certificate Authority [...]
-
Page 540
CA Identity Mode Commands 14-86 Configuring the VPN Mode Certificate Authority Identity configuration: XSR(ca-identity)# Example The following example sets the CRL to be retrieved for fi ve hours: XSR(config)#crypto ca identity ACMEc a XSR(ca-identify)crl frequency 300 enrollment http-p[...]
-
Page 541
CA Identity Mode Commands XSR CLI Reference Guide 14-87 Synt ax of the “no” Form The no form of this command resets the va l u e to the default: no enrollment retry count Default 3 Mode Certificate Authority Identity configuration: XSR(ca-identity)# Example The following exampl[...]
-
Page 542
CA Identity Mode Commands 14-88 Configuring the VPN XSR(config)#crypto ca identity ACMEc a XSR(ca-identity)#enrollment url http://ca_server XSR(ca-identity)#enrollment retry pe riod 5 enrollment url This command sets the Uniform Resource Locator (URL) of the Certificate Authority (CA). If the [...]
-
Page 543
CA Identity Mode Commands XSR CLI Reference Guide 14-89 Synt ax crypto ca enroll name Synt ax of the “no” Form The no form of this command cancels a current enrollment request: no crypto ca enroll name Mode Global configuration: XSR(config)# Sample Output The following script displays [...]
-
Page 544
Other Certificate Comman ds 14-90 Configuring the VPN show crypto ca identity This command displays data about enrolled Certificate Authorities (CA). Synt ax show crypto ca identity Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following output display s [...]
-
Page 545
Other Certificate Commands XSR CLI Reference Guide 14-91 Mode Global configuration: XSR(config)# Sample Output The following script prompts yo u to accept the certificate. XSR#crypto ca authenticate ACMEca Certificate has the following attrib utes: Fingerprint: 0123 4567 89AB CDEF 012 3 Do you accept this [...]
-
Page 546
Other Certificate Comman ds 14-92 Configuring the VPN crypto ca crl request This command downloads a new Certificate Rev ocation List (CRL) from the specified Certificate Authority (CA), updating the CRL. Synt ax crypto ca crl request name Mode Global configuration: XSR(con[...]
-
Page 547
Other Certificate Commands XSR CLI Reference Guide 14-93 Issuer: C=US, O=sml, CN= ldapca Valid From: 2002 Aug 20th, 1 8:26:01 GMT Valid To: 2002 Aug 20th, 2 0:01:01 GMT Issuing CDP: ldap://ldapca.sml.com/CN=ldapca( 6),CN=ldapca,CN=CDP,CN=Publ ic%20Key%20Services,CN=Services,CN=C onfiguration,DC=sml,DC=com?certif icateRevoc ationList?base?objectclas[...]
-
Page 548
IKE Security Protocol Commands 14-94 Configuring the VPN The following is sample output from the command when the CA supports an RA. In thi s example, CA and RA certificates wer e requested ear lier by the crypto ca authenticate command. XSR&[...]
-
Page 549
ISAKMP Protocol Policy Mode Commands XSR CLI Reference Guide 14-95 ISAKMP Protocol Policy Mode Commands crypto isakmp proposal This command de fines an IKE proposal (policy) ‐ a set of parameters used during IKE negotiation. It invokes ISAKMP protocol poli cy config[...]
-
Page 550
ISAKMP Protocol Policy Mode Commands 14-96 Configuring the VPN Next Mode ISAKMP protocol proposal configuration: XSR(config-isakmp)# Example The following example configures two policies for the peer: XSR(config)#crypto isakmp proposal 5 7 XSR(config-isakmp)#hash md5 XSR(config-isakmp)#authentication [...]
-
Page 551
ISAKMP Protocol Policy Mode Commands XSR CLI Reference Guide 14-97 encryption This command sets the encryption algorithm used in an IKE proposal (policy). Synt ax encryption { des | 3des | aes } Synt ax of the “no” Form The no form of this commands resets the algorithm [...]
-
Page 552
ISAKMP Protocol Policy Mode Commands 14-98 Configuring the VPN Synt ax of the “no” Form The no form of this command resets the va l u e to the default: no group Default Group 2 Mode ISAKMP protocol policy configuration: XSR(config-isakmp)# Example The following example [...]
-
Page 553
Remote Peer ISAKMP Protocol Policy Mode Commands XSR CLI Reference Guide 14-99 lifetime This command specifies the lifetime of an IKE Se curity Association (SA) for a giv en IKE proposal (policy). Synt ax lifetime seconds Synt ax of the “no” Form The no form of this[...]
-
Page 554
Remote Peer ISAKMP Protocol Policy Mode Commands 14-100 Configuring the VPN Synt ax crypto isakmp peer_address subnet-ma sk Synt ax The no form of this command removes policies from a re mote peer: no crypto isakmp peer peer_address s ubnet-mask Mode Global configuration: XSR(config)# Next Mode Re[...]
-
Page 555
Remote Peer ISAKMP Protocol Policy Mode Commands XSR CLI Reference Guide 14-101 Default Disabled Mode Remote P eer ISAKMP protocol policy configuration: XSR(config-isakmp-peer)# Example The following example configures the IKE IP address assignment mode to client : XSR(config)#cryp[...]
-
Page 556
Remote Peer ISAKMP Protocol Policy Mode Commands 14-102 Configuring the VPN XSR(config-isakmp-peer)#exchange-mod e main nat-traversal The command sets the IKE and IPSec NA T (Network Add ress T ranslation) trav ersal mode used when communicating with remote peers matching ?[...]
-
Page 557
Remote Peer ISAKMP Protocol Policy Mode Commands XSR CLI Reference Guide 14-103 Synt ax of the “no” Form The no form of this command removes policies from the peer: no proposal Mode Remote P eer ISAKMP protocol policy configuration: XSR(config-isakmp-peer)# Example The followin[...]
-
Page 558
Remote Peer Show Commands 14-104 Configuring the VPN Remote Peer Show Commands show crypto isakmp peer This command displays attributes for each ISAKMP peer . IKE ʹ s first config uration der ives from the IP address of the remote peer . ISAKMP peers created ?[...]
-
Page 559
Remote Peer Show Commands XSR CLI Reference Guide 14-105 show crypto isakmp proposal This command lists attributes for each Internet Key Exchange (IKE) proposal. ISAKMP proposals created with EZ ‐ IPSec are ma rked with an asterisk (*) in the show [...]
-
Page 560
IPSec Commands 14-106 Configuring the VPN Parameters Descriptions Main Mode Exchange Aggressive Mode Exchange Quick Mode Exchange IPSec Commands This section describes commands that configure the IPSec protocol which pr ovides anti ‐ replay protection as wel l as da ta authentica[...]
-
Page 561
IPSec Commands XSR CLI Reference Guide 14-107 Synt ax access-list acl-number { deny | permit } protocol [ source_addr source_mask [ eq port ] destination_addr destination_mask [ eq port ] Synt ax of the “no” Form The no form of this command removes the access list: no access-list acl-number { deny | permit } [...]
-
Page 562
IPSec Clear and Show Commands 14-108 Configuring the VPN IPSec Clear and Show Commands clear crypto sa This command deletes IPSec Securi ty Associations (SAs ) as follows: •I f the SAs wer e established via IKE, they are delete d and future IPSec traffic wi ll[...]
-
Page 563
IPSec Clear and Show Commands XSR CLI Reference Guide 14-109 Default If an access list number is not specified, all access lists are shown. Mode EXEC or Global configuration: XS R> or XSR(config)# Examples The following example displays configured access list[...]
-
Page 564
Crypto Map Mode Commands 14-110 Configuring the VPN Sample Output The following output display s when a master key is generated: XSR(config)#crypto key master genera te New key is 8573 4583 3994 2ff5 183b 4bdf fe92 dbc1 1132 ffe0 f8d9 3759 A script displays when a master key is spe[...]
-
Page 565
Crypto Map Mode Commands XSR CLI Reference Guide 14-111 Crypto Map Rules A crypto map is a collection of rules, each with a different seq ‐ num but the same map ‐ name . So, for a given interface, yo u can have certain traffic forw arded [...]
-
Page 566
Crypto Map Mode Commands 14-112 Configuring the VPN Synt ax of the “no” Form Use the no form to remov e the ACL from a crypto map entry: no match address [ access-list-id ] Default No access lists are matche d to th e crypto map entry . Mode Crypto Map c[...]
-
Page 567
Crypto Map Mode Commands XSR CLI Reference Guide 14-113 Mode Crypto Map configuration: XSR( config-crypto-m)# Example This example defines a tr ansform ‐ set and changes the mode to transport mode. The mode val ue only applies to IP traffic with source[...]
-
Page 568
Crypto Map Mode Commands 14-114 Configuring the VPN set security-association level per-host This command specifies that separate IPSec Security Associati ons (SAs) should be requested for each source/destination host pair . Synt ax set security-association level per-h ost Synt ax of th[...]
-
Page 569
Crypto Transform Mode Commands XSR CLI Reference Guide 14-115 Example This example defines tw o transform ‐ sets, specifying both ca n be used within a crypto map entry . When traffic matches ACL 101 , the SA can use either transform ‐ set my[...]
-
Page 570
Crypto Transform Mode Commands 14-116 Configuring the VPN Mode of the “no” Form The no form of the command deletes a transfor m ‐ set: no crypto ipsec transform-set transf orm-set-name Mode Global configuration: XSR(config)# Next Mode Crypto Tr a n s f o r m configuration: XSR(cfg-crypto-tran)# [...]
-
Page 571
Crypto Transform Mode Commands XSR CLI Reference Guide 14-117 Mode Crypto Tr a n s f o r m configuration: XSR(cfg-crypto-tran)# Example This example selects PFS group 2 whe never a new SA is negotiated for crypto map ACMEmap : XSR(config)#crypto map ACMEmap 7 ips ec-isakmp X[...]
-
Page 572
Crypto Show Commands 14-118 Configuring the VPN Crypto Show Commands show crypto ip sec sa This command displays current Security Associations (SAs) settings. Synt ax show crypto ipsec sa [ map map-name | address ] Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following[...]
-
Page 573
Crypto Show Commands XSR CLI Reference Guide 14-119 show crypto ip sec transform-set This command displays configured transform ‐ sets. IPSe c transform ‐ sets created with EZ ‐ IPSec configuration are marked with an asterisk (*) in the show output. These [...]
-
Page 574
Crypto Show Commands 14-120 Configuring the VPN show crypto map This command displays the crypto map configuration. IPSec crypto maps created with EZ ‐ IPSec configuration are marked with an asterisk (* ) in the leftmost column of the show [...]
-
Page 575
Interface CLI Commands XSR CLI Reference Guide 14-121 Interface CLI Commands crypto map This command applies a previously defined crypto map to an interf ace. It is governe d by the following rules: •A crypto map must be assi gned to an interface ?[...]
-
Page 576
Interface VPN Commands 14-122 Configuring the VPN crypto ezip sec This command creates a suite of IPSec policies, sorted by cryptograp hic strength, that are offered to the remote security gateway . The gatew ay selects one of these policies [...]
-
Page 577
Interface VPN Commands XSR CLI Reference Guide 14-123 • ip multicast-redirect - Native IPSec tunnels attached to VPN interfaces will not easily forward multicast traffic multicast packet redirection to the unicast address of the remote tunnel endpoint.[...]
-
Page 578
Interface VPN Commands 14-124 Configuring the VPN A mul ti ‐ point interface accepts many inbound tunnels and is used when the XSR is configured as a remote access VPN gatew ay . Synt ax interface vpn { number }{ point-to-poin t | multi-point } Synt ax of the “no”[...]
-
Page 579
Interface VPN Commands XSR CLI Reference Guide 14-125 Mode VPN Interface configuration: XSR(config ‐ if<xx>)# Example The following example configures VPN interface 1 with an IP address, and TOS copy enabled. It also sets a peer IP address, G[...]
-
Page 580
Interface VPN Commands 14-126 Configuring the VPN ip address negotiated This command marks the VPN interface to dynamically get its IP address via the tunnel protocol. PPTP and L2TP protocols use PPP IPCP and IPSec/IKE uses the Mode Confi[...]
-
Page 581
Tunnel Commands XSR CLI Reference Guide 14-127 Mode Internet Protocol Interface configuration: XSR( config-int<vpn>)# Example This example redirects multicas t traffic to the remote tunnel server: XSR(config)#interface vpn 57 multi-p oint XSR(config-int<vpn>)#ip multicast-re direct[...]
-
Page 582
Tunnel Commands 14-128 Configuring the VPN • set protocol - Defines the VPN tunneling protocol used when the tunnel is created: client mode or network ext ension mode. Refer to page 14 ‐ 130 for the command definition. • set user - Username [...]
-
Page 583
Tunnel Commands XSR CLI Reference Guide 14-129 Mode Tu n n e l configuration: XSR(config-tms-tunnel)# Example The following example enables the tu nnel ACME_VPN: XSR(config)#interface vpn 57 multi-p oint XSR(config-int<vpn>)#tunnel ACME_VPN XSR#(config-tms-tunnel)#set active set heartbeat This command c[...]
-
Page 584
Tunnel Commands 14-130 Configuring the VPN set peer This command specifies the physical IP address of the remote VPN gatew ay . Synt ax set peer ip-address Synt ax of the “no” Form no set peer ip-address Mode Tu n n e l configuration: XSR#(config-tms-tunnel)# Example The following exam[...]
-
Page 585
Tunnel Commands XSR CLI Reference Guide 14-131 Mode Tu n n e l configuration: XSR#(config-tms-tunnel)# Default IPSec Examples The following example sets the IPSec tunnel protocol in client mode: XSR(config)#interface vpn 29 point-t o-point XSR(config-int<vpn>)#tunnel ACME_VPN XSR#(config-tms-tun[...]
-
Page 586
Tunnel Clear and Show Commands 14-132 Configuring the VPN T unnel Clear and Show Commands clear tunnel This command terminates a non ‐ GRE tunnel associated wi th a user or tunnel ID. T unnels will re ‐ establish themselves if set to do so unless the [...]
-
Page 587
Tunnel Clear and Show Commands XSR CLI Reference Guide 14-133 User: xsrclient Tunnel ID: 40000001 VPN Interface: VPN1 Group: xsrgroup Connect Time: 11/05/2003, 23:39 Protocol: L2TP Authentication Method: MS-CHAPv2 Packets In/Out: 0000000088/0000000027 Errors In/Out: 0000000000/0000000000 Discards In/Out: 0000000000/0000000000 The following [...]
-
Page 588
Additional Tunnel Termination Commands 14-134 Configuring the VPN Additional T unnel T ermination Commands ip local pool This command configures a local pool of IP addresses for when a remote peer connects to a point ‐ to ‐ multipoint interface or for use by[...]
-
Page 589
Additional Tunnel Termination Commands XSR CLI Reference Guide 14-135 exclude This sub ‐ command bars the use of a range of IP addresses fr om an earlier created IP pool. Synt ax exclude { ip address } { number } Synt ax of the “no” Form The no form of this co[...]
-
Page 590
Additional Tunnel Termination Commands 14-136 Configuring the VPN show ip local pool This command displays statistics for any define d IP address pools. Synt ax show ip local pool [ name ] Mode Privileged EXEC: XSR# Sample Output This output displays when the command is specifi[...]
-
Page 591
DF Bit Commands XSR CLI Reference Guide 14-137 10.120.122.22 10.120.122.24 10.120.122.25 10.120.122.26 10.120.122.28 10.120.122.31 10.120.122.32 Inuse addresses: 10.120.122.10 10.120.122.21 10.120.122.23 10.120.122.27 10.120.122.29 10.120.122.30 10.120.122.34 Excluded addresses: Reserved addresses: 10.120.122.0 10.120.122.4 Parameter Description DF[...]
-
Page 592
DF Bit Commands 14-138 Configuring the VPN Default s • Disabled • Copy setting Mode Global configuration: XSR(config)# Example The following example clears the DF bit on all interfaces: XSR(config)#crypto ipsec df-bit clea r crypto ip sec df-bit (Interface configuration) This command sets [...]
-
Page 593
XSR CLI Reference Guide 15-83 15 Configuring DHCP Observing Synt ax and Conventions The CLI command syntax and conventions use the notation described in the following table. DHCP Commands The following commands configure the Dynami c Host Configurat ion Protocol [...]
-
Page 594
DHCP Commands 15-84 Configuring DHCP Synt ax of the “no” Form Use the no form of this command to del ete the boot image name: no bootfile Mode Any of the following command modes are av ailable: DHCP pool configuration: XSR(config-dhcp-pool )# DHCP host ?[...]
-
Page 595
DHCP Commands XSR CLI Reference Guide 15-85 Example The following example specifies string clientclass1 that will be the name of the client class: XSR(config-dhcp-pool)#client-class c c1 client-identifier This command specifies the unique identifier (i n dotted [...]
-
Page 596
DHCP Commands 15-86 Configuring DHCP Example The following example specifies the client identifier for MAC address 00.01f4.0127.10 in dotted hexadecimal notation: XSR(config-dhcp)#client-identifier 0 100.01f4.0127.10 The following example specifies the client identifier[...]
-
Page 597
DHCP Commands XSR CLI Reference Guide 15-87 debug ip dhcp server This command enables DHCP server de bugging. Thi s command should be used for troubleshooting purposes only . Synt ax debug ip dhcp server { events | packe ts | linkages } Synt ax of the “no” Form Use no form of ?[...]
-
Page 598
DHCP Commands 15-88 Configuring DHCP Mode Any of the following command modes are av ailable: DHCP pool configuration: XSR(config-dhcp-pool )# DHCP host configuration: XSR(config-dhcp-host)# DHCP client class configuration: XSR(config-dhcp-clas s)# Example The following exam[...]
-
Page 599
DHCP Commands XSR CLI Reference Guide 15-89 Example The following example specifies 1 1.12.1.99 as the IP address of the DNS serv er of a client in the subnet: XSR(config-dhcp-pool)#dns-server 11. 12.1.99 The following example specif ies 1 1.12.1.99 as t[...]
-
Page 600
DHCP Commands 15-90 Configuring DHCP The following example specifies enterasys.com as the domain name of any client in the client ‐ class engineering : XSR(config-dhcp-pool)#client-class e ngineering XSR(config-dhcp-class)#domain-name e nterasys.com hardware-address This command [...]
-
Page 601
DHCP Commands XSR CLI Reference Guide 15-91 Examples The following example specifies the hardw are address for the DHCP client host to be of Ethernet type with MAC address 0001.f401.2710 : XSR(config-dhcp-pool)#hardware-addre ss 0001.f401.2710 ethernet The following[...]
-
Page 602
DHCP Commands 15-92 Configuring DHCP Next Mode When this command is specified from either DHCP pool configuration mode or DHCP class configuration sub ‐ mode, the CL I acquires DHCP host config uration mode. When specified from DHCP host ?[...]
-
Page 603
DHCP Commands XSR CLI Reference Guide 15-93 Default DCHP Client is not active on an interface Mode Interface configuration: XSR(config-if< xx >)# Example The following example enables DHCP Client: XSR(config)#interface FastEthernet1 XSR(config-if< F1 >)#ip address dhcp ip dhcp ping[...]
-
Page 604
DHCP Commands 15-94 Configuring DHCP Synt ax ip dhcp ping timeout milliseconds Synt ax of the “no” Form Use the no form of this command to restor e the ping timeout default: no ip dhcp ping timeout Default 500 milliseconds Mode Global configuration: XSR(config)# Example The followi[...]
-
Page 605
DHCP Commands XSR CLI Reference Guide 15-95 Mode Global configuration: XSR(config)# Next Mode DHCP pool configuration: XSR(config-dhcp-pool )# Example The following example adds IP local pool sales with specified subnetworks and defines sales as the name of [...]
-
Page 606
DHCP Commands 15-96 Configuring DHCP ip local pool This command, when issued multipl y , configures a local pool of IP addre sses to be used for a DHCP Server pool ran ge. Use it in conjunction with the no form of to create ?[...]
-
Page 607
DHCP Commands XSR CLI Reference Guide 15-97 exclude This sub ‐ command of ip local pool bars the use of a range of IP address es from an earlier created IP pool. Synt ax exclude { ip address }{ number } Synt ax of the “no” Form The no form exempts the [...]
-
Page 608
DHCP Commands 15-98 Configuring DHCP lease This command configures the duration of the lease for an IP address that a DHCP server assigns to a DHCP client. The lease time set is the system de fault val u e which ove rrides [...]
-
Page 609
DHCP Commands XSR CLI Reference Guide 15-99 netbios-name- server This command configures NetBIOS W indows Internet Naming Service (WINS) name servers that are av ailable to Microsoft DHCP clients. Depending on the client configuration inheritance, the ?[...]
-
Page 610
DHCP Commands 15-100 Configuring DHCP netbios-node-type This command configures the NetBIOS node type for Microsoft DHCP clients. Depending on the client configuration inheritance, the command should be used in proper mode. If it is speci[...]
-
Page 611
DHCP Commands XSR CLI Reference Guide 15-101 next-server This command specifies the server from whi ch the initial boot file will be loaded. The server can be designated either by IP address or hostname. Synt ax next-server server [ hostname | ip_ad dres[...]
-
Page 612
DHCP Commands 15-102 Configuring DHCP Synt ax of the “no” Form Use the no form of this command to remov e the options: no option code [ instance number ] Default Default instance number: 0 Mode Any of the following command modes are av ailable: DHCP pool con[...]
-
Page 613
DHCP Commands XSR CLI Reference Guide 15-103 5 Name Server BOOTP/IP address list - IEN 1 16 name serve rs availab le to a c lient. List in order of preference . Length: 4-octet minimum; multiples of 4 6 * Domain Name Server Basic, MS DHCP Client/ IP address list - List of Domain Name System (STD 13, RFC-1035) name serve rs available to a client. Li[...]
-
Page 614
DHCP Commands 15-104 Configuring DHCP 20 Non-Local Source Routing Host IP/ Boolean (hex) false S pecifies whether a cli ent will config ure its IP layer to allow forwarding of datagrams with non-local source routes. Length: 1 octet V alues: 0=disabl e; 1=enable 21 Policy Filter Host IP/ Alternating IP address/ mask - Policy filters for non-local so[...]
-
Page 615
DHCP Commands XSR CLI Reference Guide 15-105 32 Router Solicitation Address Interface/ IP address - Address to which a client should send router solicitation requests. Length: 4 octets 33 S tatic Route Interface/ IP address pai rs - S tatic routes that a client will install in its routing cache. If mu ltiple routes to the same destination are speci[...]
-
Page 616
DHCP Commands 15-106 Configuring DHCP 44 * NetBIOS over TCP/ IP Name Server WINS/ NetBIOS, MS DHCP Client/ IP address list - RFC-1001/1002 NBNS name servers listed by preference. Length: 4-octet minimum; multiples of 4 CLI command: netbios-name-server 45 NetBIOS over TCP/ IP Datagram Distribution Server WINS/ NetBIOS /IP address list - NBDD name se[...]
-
Page 617
DHCP Commands XSR CLI Reference Guide 15-107 53 DHCP Message Ty p e - - Conveys the type of DHCP message . The default is 1 (DHCPDISCOVER). 1=DHCPDISCOVER 2=DHCPOFFER 3=DHCPREQUEST 4=DHCPDECLINE 5=DHCP ACK 6=DHCPNAK 7=DHCPRELEASE 8=DHCPINFORM Length: 1 octet 54 Server Identifier IP address - Used in DHCPOFFER and DHCPREQUEST messages, and may optio[...]
-
Page 618
DHCP Commands 15-108 Configuring DHCP 61 * Client- Identifier Basic/S tring - A DHCP client’s unique identifier . DHCP servers use this value to in dex their database of address bindings. This value is expected to be unique for all clients in an administrative domain. Length: 2-octet minimum CLI command: ip address dhcp 64 NIS+ Domain Servers/ AS[...]
-
Page 619
DHCP Commands XSR CLI Reference Guide 15-109 Examples The following example configures DHCP option 33, which specifies static routes that the client should install in it s routing cache. If multiple routes to the same d estination are set[...]
-
Page 620
DHCP Commands 15-110 Configuring DHCP The following example configures DHCP option 36, which specifies Ethernet encapsulation Ve r s i o n 2 (RFC ‐ 894) or IEEE 802.3 for DHCP clients. Ve r s i o n 2 encapsulation is set in this example: XS[...]
-
Page 621
DHCP Clear and Show Commands XSR CLI Reference Guide 15-111 service dhcp This command enables DHCP server functionality to respond to client requests. Al though DHCP server is enabled by default on all XSR interfaces, you can optionally enable or[...]
-
Page 622
DHCP Clear and Show Commands 15-112 Configuring DHCP Example The example below deletes address binding 18.12.22.99 from a DHCP server bi ndings database: XSR#clear ip dhcp binding 18.12.22.9 9 clear ip dhcp server st atistics This command resets all DHCP se rver counters. A[...]
-
Page 623
DHCP Clear and Show Commands XSR CLI Reference Guide 15-113 Parameter Descriptions show interface This command displays DHCP interface’ s IP address and subnet mask. When negotiating, the interface will indicate ʺ Internet address is not assi gned ʺ . Synt ax show in[...]
-
Page 624
DHCP Clear and Show Commands 15-114 Configuring DHCP show ip dhcp binding This command displays activ e address bindings on the DHCP serve r . If the address is not specified, all address bindings are shown . Otherwise, only the binding for the ?[...]
-
Page 625
DHCP Clear and Show Commands XSR CLI Reference Guide 15-115 11.1.0.253 0002.2ab4.4b01 JUL 19 2003 05:07PM Automatic Y The following example the displays lease expiration of DHCP client 11.1.0.253 in local time: XSR#show ip dhcp binding local 11.1. 0.253 IP address Hardware address Lease expiration[...]
-
Page 626
DHCP Clear and Show Commands 15-116 Configuring DHCP Message Sent BOOTREPLY 12 DHCPOFFER 19 DHCPACK 17 DHCPNAK 6 Parameter Descriptions Memory usage Sum of bytes of RAM allocated by the DHCP server . Address pools Sum of configured address pools in the DHCP database. Databa[...]
-
Page 627
XSR CLI Reference Guide 16-83 16 Configuring Security Observing Synt ax and Conventions The CLI Syntax and conv entions use the notation descri bed in the following table. The following set of commands allows you to define security features for the X[...]
-
Page 628
General Security Commands 16-84 Configuring Security General Security Commands access-list (extended) This command defines an extended IP Access List (ACL) by number ranging from 100 to 199. Yo u can restri ct or allow the following traffi c: •I P (Any[...]
-
Page 629
General Security Commands XSR CLI Reference Guide 16-85 Additional Synt ax The access-list command also provides the move option, expressed in the following syntax: access-list list-number move destina tion src1 [ src2 ] Synt ax of the “no” Form The no form of this command remo[...]
-
Page 630
General Security Commands 16-86 Configuring Security Mode Global configuration: XSR(config)# Default No access list defined (that is, all access permitted) Examples The following example denies access only for ICMP packets coming from hosts on the three [...]
-
Page 631
General Security Commands XSR CLI Reference Guide 16-87 Synt ax access-list list# [[{ insert | replace | move }] [{ ent ry# destination source1 [ source2 ]]}{ deny | permit }{log} { src IpAddr [ srcWildCardBits ]| host srcIpAddr | any } Synt ax of the “no” Form The no form of this command removes the def ined [...]
-
Page 632
General Security Commands 16-88 Configuring Security Examples The following example allows access only to those hosts on the three specified networks. The wildcard bits apply to the host portions of the netw ork addr esses. An y host wi t[...]
-
Page 633
General Security Commands XSR CLI Reference Guide 16-89 Synt ax of the “no” Form Threshold logging is disabled with the no form of this command : no access-list log-update-threshold Mode Global configuration: XSR(config)# Default Disabled Example The following example enables alarm[...]
-
Page 634
General Security Commands 16-90 Configuring Security Example The example below enables protection from land attack and large ICMP packets. Synflood protection wil l trigger for more than 7 sessions. Protection against large ICMP packets will [...]
-
Page 635
Security Clear and Show Commands XSR CLI Reference Guide 16-91 Security Clear and Show Commands clear host dos-counters This command clears all host security statistics. Synt ax clear hostdos-counters Mode Privileged EXEC: XSR# show access-list s This command displays configured IP access [...]
-
Page 636
Security Clear and Show Commands 16-92 Configuring Security show access-list log-up date-threshold This command displays ACL log information. It is processed as follows: •A packet with a fresh source IP address on the ACL group is reported immediately [...]
-
Page 637
AAA Commands XSR CLI Reference Guide 16-93 IP packet with Multicast/broadcast s ource address Always enabled No attacks Syn flood attack mitigation Always enabled 100 attacks Fragmented ICMP traffic Enabled 38 attacks Large ICMP packets Enabled;Size 1024 42 attacks Ping-of-Death attack Always enabled No attack Filter TCP traffic with Syn and Fin bi[...]
-
Page 638
AAA Usergroup Commands 16-94 Configuring Security Mode Global configuration: XSR(config)# Examples The following example configures the Te l n e t sub ‐ system to use the AAA sub ‐ system: XSR(config)#aaa client telnet The following example configures the SSH sub ‐ sy[...]
-
Page 639
AAA Usergroup Commands XSR CLI Reference Guide 16-95 Example The following example adds the usergroup headquarter s: XSR(config)#aaa group headquarters XSR(aaa-group)# dns server This command sets the address of DNS servers. These addresses are give n to connecting clie[...]
-
Page 640
AAA Usergroup Commands 16-96 Configuring Security Synt ax of the “no” Form The no form unlinks a pool of addresses from a group of us ers: no ip pool pool-name Mode Usergroup configuration: XSR(aaa-group)# Example The following example adds the IP pool denver : [...]
-
Page 641
AAA User Commands XSR CLI Reference Guide 16-97 wins server This command sets the WINS serv er address which is give n to connecting clients during connection time. Synt ax wins server [ primary | secondary ] ip -address Synt ax of the “no” Form The no form of this [...]
-
Page 642
AAA User Commands 16-98 Configuring Security Synt ax aaa user user-name Synt ax of the “no” Form The no form of this command deletes the user profile: no aaa user user-name Mode Global configuration: XSR(config)# Next Mode Username configuration: XSR(aaa-user)# Example The following ex[...]
-
Page 643
AAA User Commands XSR CLI Reference Guide 16-99 ip address This command specifies the IP address to be assigned to the remote user . If an IP address is not specified, it is taken from the pool associ ated with the user ʹ s group[...]
-
Page 644
AAA User Commands 16-100 Configuring Security Example The following example sets the password williams for user ted : XSR(config)#aaa user ted XSR(aaa-user)#password williams policy This command configures the user ʹ s policy or authorized list of services, and it [...]
-
Page 645
AAA Method Commands XSR CLI Reference Guide 16-101 privilege This command configures the privilege level of a user . It is available from both AAA User and AAA Group configuration modes. Compare this command with the Interface mode privil[...]
-
Page 646
AAA Method Commands 16-102 Configuring Security • client ‐ Configures the default AAA method (plug ‐ in) for each client service. Refer to page 16 ‐ 106 for the command definition. • enable - Enables the current AAA server for RADIUS. Refer ?[...]
-
Page 647
AAA Method Commands XSR CLI Reference Guide 16-103 acct-port This command specifies the UDP port for accounting requests and uses the RADIUS method only . Synt ax acct-port port-number Synt ax of the “no” Form The no form of this command resets to the de[...]
-
Page 648
AAA Method Commands 16-104 Configuring Security Mode AAA Method configuration: XSR(aaa-method-radius)# Example The following example sets number9 as the RADIUS server host ‐ name: XSR(config)#aaa method radius ias de fault XSR(aaa-method-radius)#address host- name number9 attempt s This command [...]
-
Page 649
AAA Method Commands XSR CLI Reference Guide 16-105 Synt ax auth-port port-number Synt ax of the “no” Form The no form of this command resets to the default port number ‐ 1645: no auth-port Default The default authorization port numbe r is 1645. Mode AAA Method c[...]
-
Page 650
AAA Method Commands 16-106 Configuring Security client This command configures the default AAA me thod (plug ‐ in) for each client service. If a client service is not registered by thi s command, requests from that service will fall thr[...]
-
Page 651
AAA Method Commands XSR CLI Reference Guide 16-107 Default Enabled Mode AAA Method configuration: XSR(aaa-method-radius)# Example The following example enables the RADIUS serv er: XSR(config)#aaa method radius sbr de fault XSR(aaa-method-radius)#enable group This command specifies the group ad[...]
-
Page 652
AAA Method Commands 16-108 Configuring Security hash enable This command enables the hash for the plugin and is used for the RADIUS method only . The sub ‐ command may be a plugin ‐ type dependent command. Synt ax hash enable Synt ax of the “no” Form[...]
-
Page 653
AAA Method Commands XSR CLI Reference Guide 16-109 Example The following example resets the RADIUS key val u e to 1234qwerty : XSR(config)#aaa method radius defaul t XSR(aaa-method-radius)#key 1234qwert y qtimeout This command specifies the interval a ti meout request is allow [...]
-
Page 654
AAA Method Commands 16-110 Configuring Security Default 3 Mode AAA Method configuration: XSR(aaa-method- xx )# Example The following example lengthens the retransmit va l ue to 5 : XSR(config)#aaa method radius defaul t XSR(aaa-method-radius)#retransmit 5 timeout This command specifies the [...]
-
Page 655
AAA Per-Interface Commands XSR CLI Reference Guide 16-111 AAA Per-Interface Commands aaa-method This command is executed at the Interface Mode. This command specifies the name of the AAA method yo u will use for authentication requests originating from t[...]
-
Page 656
AAA Debug and Show Commands 16-112 Configuring Security Synt ax of the “no” Form The no form of this command removes the us er/group/interface re striction: no aaa privilege Mode Interface configuration: XSR(config-if<xx># Default Privilege level: 15' Example This example resets [...]
-
Page 657
AAA Debug and Show Commands XSR CLI Reference Guide 16-113 AAuthenticatePlugin::queue (alg == 0 xf) groupplugin Reply: Pool = authpool IRMauthorizeMsg::clientLogon [test] The following is a debug authentication message showing the Local method failed with MSCHAP : Local::queue(test) AAuthenticateP[...]
-
Page 658
AAA Debug and Show Commands 16-114 Configuring Security IP Address is: 0.0.0.0 IP Mask is: 0.0.0.0 Primary DNS server is: 0.0.0.0 Secondary DNS server is: 0.0.0.0 Primary WINS server is: 0.0.0.0 Secondary WINS server is: 0.0.0.0 IP pool for the group is: PPTP encryption is 128 bit Access Policy is: firewall Privilege Level is: 0 show aaa user This [...]
-
Page 659
Firewall Feature Set Commands XSR CLI Reference Guide 16-115 Default If the method ‐ name is not set, all methods and method attributes display . Mode EXEC or Global configuration: XS R> or XSR(config)# Sample Output The following output is displayed by enterin[...]
-
Page 660
Firewall Feature Set Commands 16-116 Configuring Security Synt ax of the “no” Form The no form sets either the timeout or Auth port to its default va l u e : no ip firewall auth { timeout # | por t # } Default s •T i m e o u t : 1800 seconds • Authentication port: 3000 Mode[...]
-
Page 661
Firewall Feature Set Commands XSR CLI Reference Guide 16-117 Default Disabled globally Mode Global or Interface configuration: XSR(config)# or XSR(conf ig-if< xx >)# Example The following example enables the fi rewall globally: XSR(config)#ip firewall enable ip firewall filter This command d[...]
-
Page 662
Firewall Feature Set Commands 16-118 Configuring Security Default s Deny all Mode Global configuration: XSR(config)# Example The following example permits any remote host to run a PPTP tunnel to a server on the internal network: XSR(config)#ip firewall network pptp [...]
-
Page 663
Firewall Feature Set Commands XSR CLI Reference Guide 16-119 Synt ax ip firewall java { all, none, selected network_name } ip firewall activex { all, none, selected network_name } Synt ax of the “no” Form The no form of this command disables Java or ActiveX: no ip firewall java/activex { all , no ne , selecte[...]
-
Page 664
Firewall Feature Set Commands 16-120 Configuring Security Synt ax of the “no” Form The no form of this command cancels a scheduled load and unlocks the firew all config CLI: XSR(config)#no ip firewall load dela y Mode Global configuration: XSR(config)# Examples The followin[...]
-
Page 665
Firewall Feature Set Commands XSR CLI Reference Guide 16-121 Synt ax ip firewall logging event-threshold 0-7 Synt ax of the “no” Form The no form of this command sets firew all logging to the default va l u e : no ip firewall logging event-thresho ld Default Leve l 3 ‐ All denies ?[...]
-
Page 666
Firewall Feature Set Commands 16-122 Configuring Security Also, all firewall object names including pre ‐ defined objects such as ANY_EXTERNAL and user ‐ defined object names are case ‐ sensitiv e. Synt ax ip firewall network name { A.B.C.D mask A.B.C.D | A.B .C.D A.B.C.D }{ inte[...]
-
Page 667
Firewall Feature Set Commands XSR CLI Reference Guide 16-123 objects such as ANY_EXTERNAL and user ‐ defined object names are case ‐ sensitive. Refer to the ip firewall policy command for applicable policy and gating rule limit s. Synt ax ip firewall network-group n[...]
-
Page 668
Firewall Feature Set Commands 16-124 Configuring Security Synt ax ip firewall policy policy_name src_net_name dst_net_name se rv_name { allow | allow- log | allow-auth group_name | reject | log | url-b | url-w | cls name ... name }[ before policy_name | after pol icy_name | first ] [ bidirectional ] Synt ax of the “no” Form The no form [...]
-
Page 669
Firewall Feature Set Commands XSR CLI Reference Guide 16-125 Example The f ollowing policy allows FT P access to a host. Be aware that the host’ s source IP address will be authenticated against the group sales ‐ group . XSR(config)#ip firewall network s[...]
-
Page 670
Firewall Feature Set Commands 16-126 Configuring Security Synt ax of the “no” Form The no form of this command sets the default RP C timeout val u e : no ip firewall rpc timeout Default 5 seconds Mode Global configuration: XSR(config)# Example The following example resets t[...]
-
Page 671
Firewall Feature Set Commands XSR CLI Reference Guide 16-127 Synt ax of the “no” Form The no form of this command disables the selected ser vice: no ip firewall service name Mode Global configuration: XSR(config)# Example The following example defines the FT P service (alth[...]
-
Page 672
Firewall Feature Set Commands 16-128 Configuring Security ip firewall tcp/ud p timeout This command resets the idle timeout interval for Firew all sessions applying TCP or UDP pa cket inspection. If the Firewall session is idle for the spe cified per[...]
-
Page 673
Firewall Interface Commands XSR CLI Reference Guide 16-129 Examples The following examples configure va li d inputs: ip firewall url-load-black-list blac klist.txt ip firewall url-load-black-list flas h:blacklist.txt ip firewall url-load-white-list cfla sh:whitelist.txt Firewall Interface Commands ip firewall disable This co[...]
-
Page 674
Firewall Interface Commands 16-130 Configuring Security Example The following example disables the firewa ll on FastEthernet port 2 only: XSR(config-if<F2>)#ip firewall disab le ip firewall ip-broadcast This command allows incoming/outgoing IP packets through the firew al[...]
-
Page 675
Firewall Interface Commands XSR CLI Reference Guide 16-131 no ip firewall ip-multicast { in | ou t | both } Default Multicast packets are not allowed inbound and outbound. Mode Interface configuration: XSR(config-if<xx>)# Example The following example permits multicast packets in [...]
-
Page 676
Firewall Interface Commands 16-132 Configuring Security no ip firewall ip-options {loose-sou rce-route | strict-source-route | record- route | time-stamp | other | all} {i n | out | both} Default IP options are not allow ed inbound and outbound. Mode Interface configuration: XSR(config-if<xx>)# Example The [...]
-
Page 677
Firewall Show Commands XSR CLI Reference Guide 16-133 Example The following example blocks the host when the sy nc packets exceed 1000 packets per second: XSR(config-if<F2>)#ip firewall sync- attack-protect block-host thresho ld 1000 Firewall Show Commands show ip firewall config Since ?[...]
-
Page 678
Firewall Show Commands 16-134 Configuring Security Ip firewall policy dmz private SMTP allow ! ! Policies: between dmz and external ! Ip firewall policy ANY_EXTERNAL dmz HTTP allow Ip firewall policy dmz ANY_EXTERNAL HTTP allow Ip firewall policy ANY_EXTERNAL dmz SMTP allow Ip firewall policy dmz ANY_EXTERNAL SMTP allow ! ! Policy: Allow any from p[...]
-
Page 679
Firewall Show Commands XSR CLI Reference Guide 16-135 Mode EXEC or Privileged EXEC Mode: XSR> or XSR# Sample Output The following output display s Filter Source Destination Protocol ICMP Bi/Log Name Network Network Name/Number Type noICMP dmz private ICMP N/A Y/N show ip firewall network This static counter shows [...]
-
Page 680
Firewall Show Commands 16-136 Configuring Security Sample Output The output below displays netw ork objects for the Private ‐ network and Partner ‐ networks groups. Note that only member obje cts names are shown. Yo u can enter the show ip firewall netwo[...]
-
Page 681
Firewall Show Commands XSR CLI Reference Guide 16-137 Mode EXEC or Privileged EXEC Mode: XSR> or XSR# Sample Output The following output display s firew all service group data: Name Service objects all-my-tcp-services my-ftp my-telnet show ip firewall policy This static counter displays all policy [...]
-
Page 682
Firewall Show Commands 16-138 Configuring Security Mode EXEC or Privileged EXEC Mode: XSR> or XSR# Default If no options are specified all sessions are display ed. Sample Output The following sample output displays current firew all sessions: XSR#show ip firewall sessions icmp Source Ad[...]
-
Page 683
Firewall Show Commands XSR CLI Reference Guide 16-139 Sample Output The following sample output displays summary statistics: Overall Firewall Status: Enabled Protected Interfaces: FastEthernet2 Unprotected Interfaces: FastEthernet1 Session Information ------------------------------------ -------------------- active peak bloc[...]
-
Page 684
Firewall Show Commands 16-140 Configuring Security Mode EXEC or Privileged EXEC Mode: XSR> or XSR# Example The following is sample output from the command: show ip firewall urLlist Black URLs from File: blacklist.tx t 1. www.cisco.com 2. www.playboy.com 3. readme.eml 4. amber.cl White URLs from File: NOT LOADED Redire[...]