ADTRAN OPERATING SYSTEM (AOS) Command Reference Guide April 2003 61950860L1-35D
Trademarks Any brand names and product names included in this manual are trademarks, registered trademarks, or trade names of their respective holders. To the Holder of this Manual The contents of this manual are current as of the date of publication. ADTRAN reserves the right to change the contents without prior notice.
Command Reference Guide Warranty and Customer Service ADTRAN will replace or repair this product within five years from the date of shipment if it does not meet its published specifications or fails while in service. For detailed warranty, repair, and return information refer to the ADTRAN Equipment Warranty and Repair and Return Policy Procedure. Return Material Authorization (RMA) is required prior to returning equipment to ADTRAN.
Command Reference Guide Customer Service, Product Support Information, and Training ADTRAN will repair and return this product if within five years from the date of shipment the product does not meet its published specification or the product fails while in service. A return material authorization (RMA) is required prior to returning equipment to ADTRAN. For service, RMA requests, training, or more information, use the contact information which follows.
Command Reference Guide Installation and Maintenance Support The ADTRAN Custom Extended Services (ACES) program offers multiple types and levels of installation and maintenance services which allow you to choose the kind of assistance you need. This support is available at: http://www.adtran.com/aces For questions, call the ACES Help Desk: ACES Help Desk (888) 874-ACES, ext. 2237 Training The Enterprise Network (EN) Technical Training Department offers training on our most popular products.
Command Reference Guide ADTRAN OS COMMAND REFERENCE GUIDE Contents CLI Introduction ......................................................................................................................... 7 Accessing the CLI from your PC ....................................................................................... 7 Understanding Command Security Levels ........................................................................ 8 Understanding Configuration Modes ..................................
Command Reference Guide CLI Introduction REFERENCE GUIDE INTRODUCTION If you are new to the ADTRAN Operating System’s Command Line Interface (CLI), take a few moments to review the information provided in the section which follows (CLI Introduction). If you are already familiar with the CLI and you need information on a specific command or group of commands, proceed to Command Descriptions on page 13 of this guide.
Understanding Command Security Levels Command Reference Guide Understanding Command Security Levels The ADTRAN CLI has two command security levels — Basic and Enable. Both levels support a specific set of commands. For example, all interface configuration commands are accessible only through the Enable security level. The following table contains a brief description of each level. Table 1. Command Security Level Descriptions Level Access by... Prompt With this level you can...
Command Reference Guide Understanding Configuration Modes Understanding Configuration Modes The ADTRAN CLI has four configuration modes to organize the configuration commands – Global, Line, Router, and Interface. Each configuration mode supports a set of commands specific to the configurable parameters for the mode. For example, all frame relay configuration commands are accessible only through the Interface Configuration Mode (for the virtual frame relay interface).
Using CLI Shortcuts Command Reference Guide Using CLI Shortcuts The ADTRAN CLI provides several shortcuts which help you configure your router more easily. See the following table for descriptions. Table 3. Command Line Shortcuts Shortcut Description Up arrow key To re-display a previously entered command, use the up arrow key. Continuing to press the up arrow key cycles through all commands entered starting with the most recent command.
Command Reference Guide Performing Common CLI Functions Performing Common CLI Functions The following table contains descriptions of common CLI commands. Table 4. Common CLI Functions Command Description do The do command provides a way to execute commands in other command sets without taking the time to exit the current command set and enter the desired one.
Understanding CLI Error Messages Command Reference Guide Understanding CLI Error Messages The following table lists and defines some of the more common error messages given in the CLI. Table 5. CLI Error Messages Message Helpful Hints %Ambiguous command %Unrecognized Command The command may not be valid in the current command mode, or you may not have entered enough correct characters for the command to be recognized. Try using the “?” command to determine your error.
Command Reference Guide Command Descriptions COMMAND DESCRIPTIONS This portion of the guide provides a detailed listing of all available commands for the ADTRAN CLI (organized by command set). Each command listing contains pertinent information including the default value, the command security level required to access the command, a description of all sub-command parameters, functional notes for using the command, and a brief technology review.
Basic Mode Command Set Command Reference Guide BASIC MODE COMMAND SET To activate the Basic Mode command set, simply log in to the unit. After connecting the unit to a VT100 terminal (or terminal emulator) and activating a terminal session, the following prompt displays: Router> The following command is common to multiple command sets and is covered in a centralized section of this guide.
Command Reference Guide Basic Mode Command Set enable Use the enable command (at the Basic Command Mode prompt) to enter the Enable Command Mode. Use the disable command to exit the Enable Command Mode. See the section Enable Mode Command Set on page 24 for more information. Syntax Description No subcommands. Default Values No default value necessary for this command. Command Modes > Basic Command Mode Command History Release 1.1 Command was introduced.
Basic Mode Command Set Command Reference Guide logout Use the logout command to terminate the current session and return to the login screen. Syntax Description No subcommands. Default Values No defaults necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced. Usage Examples The following example shows the logout command being executed in the Basic Mode: Router> logout Session now available Press RETURN to get started.
Command Reference Guide Basic Mode Command Set ping
Use the ping command (at the Basic Command Mode prompt) to verify IP network connectivity. Syntax Description *Optional Specifies the IP address of the system to ping. Entering the ping command with no specified address prompts the user with parameters for a more detailed ping configuration. See Functional Notes (below) for more information. Default Values No default value necessary for this command.Basic Mode Command Set Command Reference Guide Functional Notes (Continued) Source Address (or interface): Specifies the IP address to use as the source address in the ECHO_REQ packets. Data Pattern: Specify an alphanumerical string to use (the ASCII equivalent) as the data pattern in the ECHO_REQ packets. Sweep Range of Sizes: Varies the sizes of the ECHO_REQ packets transmitted. Sweep Min Size: Specifies the minimum size of the ECHO_REQ packet (valid range: 0 to 1448).
Command Reference Guide Basic Mode Command Set show clock Use the show clock command to display the system time and date entered using the clock set command. See the section clock set
Basic Mode Command Set Command Reference Guide show snmp Use the show snmp command to display the system Simple Network Management Protocol (SNMP) parameters and current status of SNMP communications. Syntax Description No subcommands. Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced.
Command Reference Guide Basic Mode Command Set show version Use the show version command to display the current ADTRAN OS version information. Syntax Description No subcommands. Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced. Usage Examples The following is a sample show version output: >show version ADTRAN OS version 03.00.18.
Basic Mode Command Set Command Reference Guide telnet
Use the telnet command to open a Telnet session (through the ADTRAN OS) to another system on the network. Syntax Description Specifies the IP address of the remote system. Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example opens a Telnet session with a remote system (10.200.4.Command Reference Guide Basic Mode Command Set traceroute
Use the traceroute command to display the IP routes a packet takes to reach the specified destination. Syntax Description Specifies the IP address of the remote system to trace the routes to Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.Enable Mode Command Set Command Reference Guide ENABLE MODE COMMAND SET To activate the Enable Mode command set, enter the enable command at the Basic Mode prompt. (If an enable password has been configured, a password prompt will display.) For example: Router> enable Password: XXXXXXX Router# The following command is common to multiple command sets and is covered in a centralized section of this guide.
Command Reference Guide Enable Mode Command Set clear access-list Use the clear access-list command to clear all counters associated with all access lists (or a specified access list). Syntax Description *Optional Specifies the name (label) of an access list Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide clear arp-cache Use the clear arp-cache command to remove all dynamic entries from the Address Resolution Protocol (ARP) cache table. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example removes all dynamic entries from the ARP cache: > enable # clear arp-cache 26 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set clear arp-entry
Use the clear arp-entry command to remove a single entry from the Address Resolution Protocol (ARP) cache. Syntax Description Specifies the IP address of the entry to remove Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example removes the entry for 10.200.4.Enable Mode Command Set Command Reference Guide clear bridge Use the clear bridge command to clear all counters associated with bridging (or for a specified bridge-group). Syntax Description *Optional Specifies a single bridge group (1-255). Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Command Reference Guide Enable Mode Command Set clear buffers max-used Use the clear buffers max-used command to clear the maximum-used statistics for buffers displayed in the show memory heap command. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples > enable # clear buffers max-used 61950860L1-35D © 2003 ADTRAN, Inc.
Enable Mode Command Set Command Reference Guide clear counters Use the clear counters command to clear all interface counters (or the counters for a specified interface). Syntax Description *Optional Specifies a single interface Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Command Reference Guide Enable Mode Command Set clear crypto ike sa Use the clear crypto ike sa command to clear existing IKE security associations (SAs), including active ones. Syntax Description *Optional Clear out all existing IKE SAs associated with the designated policy priority. This number is assigned using the crypto ike policy command. See crypto ike on page 150 for more information. Default Values No default value necessary for this command.
Enable Mode Command Set Command Reference Guide clear crypto ipsec sa Use the clear crypto ipsec sa command to clear existing IPSec security associations (SAs), including active ones.
Command Reference Guide Enable Mode Command Set clear event-history Use the clear event-history command to clear all messages logged to the local event-history. Messages cleared from the local event-history (using the clear event-history command) are no longer accessible. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide clear ip policy-sessions Use the clear ip policy-sessions command to clear policy class sessions. You may clear all the sessions or a specific session. Refer to the show ip policy-sessions for a current session listing.
Command Reference Guide Enable Mode Command Set Usage Examples The following example clears the Telnet association (TCP port 23) for policy class "pclass1" with source IP address 192.22.71.50 and destination 192.22.71.130: > enable # clear ip policy-sessions pclass1 tcp 192.22.71.50 23 192.22.71.130 23 61950860L1-35D © 2003 ADTRAN, Inc.
Enable Mode Command Set Command Reference Guide clear ip policy-stats entry Use the clear ip policy-stats command to clear statistical counters for policy classes Syntax Description *Optional Specifies the policy class to clear. If no policy class is specified, statistics are cleared for all policies.
Command Reference Guide Enable Mode Command Set clear ip route
<*> Use the clear ip route command to clear the IP route table (or remove a specified route). Syntax Description Specifies the IP address of the entry to remove from the route table. Specifies the subnet mask of the entry to remove from the route table. <*> Removes all IP routes from the route table. Default Values No default value necessary for this command.Enable Mode Command Set Command Reference Guide clock set
Command Reference Guide Enable Mode Command Set configure Use the configure command to enter the Global Configuration Mode or to configure the system from memory. See Global Configuration Mode Command Set on page 135 for more information. Syntax Description terminal Enter the Global Configuration Mode to configure the system from terminal inputs. memory Configure the active system with the commands located in the default configuration file stored in NVRAM.
Enable Mode Command Set Command Reference Guide copy
Command Reference Guide Enable Mode Command Set copy tftp Use the copy tftp command to copy a file located on a network Trivial File Transfer Protocol (TFTP) server to a specified destination. Syntax Description Specifies the destination of the file copied from the TFTP server. Valid destinations include: flash (FLASH memory), startup-config (the configuration file stored in NVRAM), or running-config (the current running configuration file).
Enable Mode Command Set Command Reference Guide copy xmodem Use the copy xmodem command to copy a file (using the XMODEM protocol) to a specified destination. XMODEM capability is provided in terminal emulation software such as HyperTerminal™. Syntax Description Specifies the destination of the copied file. Valid destinations include: flash (FLASH memory), startup-config (the configuration file stored in NVRAM), or running-config (the current running configuration file).
Command Reference Guide Enable Mode Command Set debug access-list Use the debug access-list command to activate debug messages (for a specified list) associated with access list operation. Debug messages are displayed (real-time) on the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description Specifies a configured access list Default Values By default, all debug messages in the ADTRAN OS are disabled.
Enable Mode Command Set Command Reference Guide debug crypto [ike | ike negotiation | ike client configuration | ipsec] Use the debug crypto command to activate debug messages associated with IKE and IPSec functions. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description ike Displays all IKE debug messages. ike negotiation Displays only IKE key management debug messages (e.g., handshaking).
Command Reference Guide Enable Mode Command Set debug dial-backup Use the debug dial-backup command to activate debug messages associated with dial-backup operation. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide debug dialup-interfaces Use the debug dialup-interfaces command to generate debug messages used to aid in troubleshooting problems with all dialup interfaces such as the modem or the BRI cards. Use the no version of this command to disable it. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 2.
Command Reference Guide Enable Mode Command Set debug firewall Use the debug firewall command to activate debug messages associated with the ADTRAN OS firewall operation. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 2.
Enable Mode Command Set Command Reference Guide debug frame-relay [ events | llc2 | lmi ] Use the debug frame-relay command to activate debug messages associated with the frame relay operation. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages.
Command Reference Guide Enable Mode Command Set debug interface [ ethernet | shdsl ] Use the debug interface command to activate debug messages associated with the Ethernet or SHDSL interface. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description ethernet Activates debug messages for the ethernet network interface. shdsl Activates debug messages for the SHDSL (errors and events).
Enable Mode Command Set Command Reference Guide debug ip dhcp-client Use the debug ip dhcp-client command to activate debug messages associated with DHCP client operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 2.
Command Reference Guide Enable Mode Command Set debug ip dhcp-server Use the debug ip dhcp-server command to activate debug messages associated with DHCP server operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 2.
Enable Mode Command Set Command Reference Guide debug ip dns-client Use the debug ip dns-client command to activate debug messages associated with DNS (domain naming system) client operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled.
Command Reference Guide Enable Mode Command Set debug ip dns-proxy Use the debug ip dns-proxy command to activate debug messages associated with DNS (domain naming system) proxy operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled.
Enable Mode Command Set Command Reference Guide debug ip icmp [send | recv] Use the debug ip icmp command to show all ICMP messages as they come into the router or are originated by the router. If an optional keyword (send or recv) is not used, all results are displayed. Use the no form of this command to disable the debug messages. Syntax Description send *Optional Optional keyword which allows you to only display ICMP messages sent by the router.
Command Reference Guide Enable Mode Command Set debug ip ospf Use the debug ip ospf command to activate debug messages associated with OSPF routing operations. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages.
Enable Mode Command Set Command Reference Guide Usage Examples The following is an example of debug ip ospf command results: > enable # debug ip ospf flood OSPF: Update LSA: id=c0a8020d rtid=192.168.2.13 area=11.0.0.0 type=1 OSPF: Update LSA: id=0b003202 rtid=11.0.50.2 area=11.0.0.0 type=1 OSPF: Queue delayed ACK lasid=0b003202 lsartid=11.0.50.2 nbr=11.0.50.2 OSPF: Rx ACK lasid=c0a8020d lsartid=192.168.2.13 nbr=11.0.50.2 OSPF: Received LSA ACK LSA_ID=-64.-88.2.13 LSA_RT_ID=-64.-88.2.
Command Reference Guide Enable Mode Command Set debug ip rip [events] Use the debug ip rip command to activate debug messages associated with Routing Information Protocol (RIP) operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description events *Optional Use this optional keyword to display only RIP protocol events. Default Values No default value necessary for this command.
Enable Mode Command Set Command Reference Guide debug ip tcp events Use the debug ip tcp events command to activate debug messages associated with significant TCP events such as state changes, retransmissions, session aborts, etc., in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. These debug events are logged for packets that are sent or received from the router.
Command Reference Guide Enable Mode Command Set debug ip udp Use the debug ip udp command to activate debug messages associated with UDP send and receive events in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. These debug events are logged for packets that are sent or received from the router. Forwarded UDP packets are not included.
Enable Mode Command Set Command Reference Guide debug ppp [ authentication | errors | negotiation | verbose ] Use the debug ppp command to activate debug messages associated with point-to-point protocol (PPP) operation in the ADTRAN OS. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description authentication Activates debug messages pertaining to PPP authentication (CHAP, PAP, EAP, etc.).
Command Reference Guide Enable Mode Command Set debug sntp Use the debug sntp command to enable debug messages associated with the Simple Network Time Protocol (SNTP). All SNTP Packet Exchanges and time decisions are displayed with these debugging events enabled. Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages.
Enable Mode Command Set Command Reference Guide debug system Use the debug system command to enable debug messages associated with system events (i.e., login, logouts, etc.). Debug messages are displayed (real-time) to the terminal (or Telnet) screen. Use the no form of this command to disable the debug messages. Syntax Description No subcommands Default Values By default, all debug messages in the ADTRAN OS are disabled. Command Modes # Enable Command Mode Command History Release 3.
Command Reference Guide Enable Mode Command Set dir Use the dir command to display a directory list of files on the system. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples The following is sample output from the dir command: > enable # dir Files: 988161 NV3200A-02-00-11.biz 1152 startup-config 1113 startup-config.bak 1739729 030018adv.
Enable Mode Command Set Command Reference Guide disable Use the disable command to exit the Enable Command Mode and enter the Basic Command Mode. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example exits the Enable Command Mode and enters the Basic Command Mode: # disable > 64 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set erase [ | startup-config ] Use the erase command to erase the specified file. Syntax Description Specifies the name of the file (located in FLASH memory) to erase. startup-config Erases the startup configuration file stored in NVRAM. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide events Use the events command to enable event reporting to the current CLI session. Use the no form of this command to disable all event reporting to the current CLI session. Syntax Description No subcommands Default Values By default, this command is enabled. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples The following example enables event reporting: > enable # events 66 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set logout Use the logout command to terminate the current session and return to the login screen. Syntax Description No subcommands Default Values No defaults necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example shows the logout command being executed in Enable Mode: # logout Session now available Press RETURN to get started.
Enable Mode Command Set Command Reference Guide ping
Use the ping command (at the Enable Command Mode prompt) to verify IP network connectivity. Syntax Description *Optional Specifies the IP address of the system to ping. Entering the ping command with no specified address prompts the user with parameters for a more detailed ping configuration. See Functional Notes (below) for more information. Default Values No default value necessary for this command.Command Reference Guide Enable Mode Command Set Functional Notes (Continued) Data Pattern: Specifies an alphanumerical string to use (the ASCII equivalent) as the data pattern in the ECHO_REQ packets. Sweep Range of Sizes: Varies the sizes of the ECHO_REQ packets transmitted. Sweep Min Size: Specifies the minimum size of the ECHO_REQ packet (valid range: 0 to 999999). Sweep Max Size: Specifies the maximum size of the ECHO_REQ packet (valid range: Sweep Min Size to 1448).
Enable Mode Command Set Command Reference Guide reload [cancel | in ] Use the reload command to preform a manual reload of the ADTRAN OS. Performing an ADTRAN OS reload disrupts data traffic. Syntax Description cancel *Optional Use the cancel keyword to deactivate a pending reload command. in *Optional Use the in keyword to specify a delay period the ADTRAN OS will wait before reloading. Specifies the delay period in minutes (mmm) or hours and minutes (hh:mm).
Command Reference Guide Enable Mode Command Set show access-lists Use the show access-lists command to display all configured access lists in the system (or a specific list). Syntax Description *Optional Specify a particular access list to display. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 2.
Enable Mode Command Set Command Reference Guide show arp Use the show arp command to display the Address Resolution Protocol (ARP) table. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following is a sample output of the show arp command: > enable # show arp ADDRESS TTL (min) MAC ADDRESS LAST UPDATED (min) INTERFACE 192.168.30.36 192.168.30.
Command Reference Guide Enable Mode Command Set show bridge [ethernet | frame-relay | ppp] Use the show bridge command to display a list of all configured bridge groups (including individual members of each group). Enter an interface or a bridge number to display the corresponding list. Syntax Description ethernet *Optional Display all bridge groups associated with the Ethernet interface.
Enable Mode Command Set Command Reference Guide show buffers Use the show buffers command to display the statistics for the buffer pools on the network server. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples The following is a sample output from the show buffers command: #show buffers Buffer handles: 119 of 2000 used.
Command Reference Guide Enable Mode Command Set show buffers users Use the show buffers users command to display a list of the top users of packet buffers. Typically, this command will only be used as a debug tool by ADTRAN personnel. Syntax Description No subcommands. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 4.
Enable Mode Command Set Command Reference Guide show clock [detail] Use the show clock command to display the system time and date entered using the clock set command. See clock set on page 38 for more information. Syntax Description detail *Optional Use this optional keyword to display more detailed clock information, including the time source. Default Values No default value necessary for this command.
Command Reference Guide Enable Mode Command Set show configuration Use the show configuration command to display a text printout of the startup configuration file stored in NVRAM. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide Usage Examples (Continued) ! interface dds 1/1 shutdown ! interface bri 1/2 shutdown ! ! ip access-list standard Outbound permit host 10.3.50.6 permit 10.200.5.0 0.0.0.255 ! ! ip access-list extended UnTrusted deny icmp 10.5.60.0 0.0.0.255 any source-quench deny tcp any any ! no ip snmp agent ! ! ! line con 0 no login ! line telnet 0 login line telnet 1 login line telnet 2 login line telnet 3 login line telnet 4 login ! 78 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show crypto ike Use the show crypto ike command to display information regarding the IKE configuration.
Enable Mode Command Set Command Reference Guide Usage Examples The following is a sample from the show crypto ike policy command: > enable # show crypto ike policy Crypto IKE Policy 100 Main mode Using System Local ID Address Peers: 192.168.1.2 initiate main respond anymode Attributes: 10 Encryption: 3DES Hash: SHA Authentication: Pre-share Group: 1 Lifetime: 900 seconds 80 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show crypto ipsec Use the show crypto ipsec command to display information regarding the IPSec configuration. Variations of this command include the following: show crypto ipsec sa show crypto ipsec sa address show crypto ipsec sa map show crypto ipsec transform-set show crypto ipsec transform-set Syntax Description sa Displays all IPSec security associations.
Enable Mode Command Set Command Reference Guide Usage Examples The following are samples from the show crypto ipsec transform-set command: > enable # show crypto ipsec transform-set Transform Set "MySet" ah-md5-hmac mode tunnel Transform Set "Set1" esp-3des esp-sha-hmac mode tunnel Transform Set "esp-des" esp-des mode tunnel 82 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show crypto map Use the show crypto map command to display information regarding crypto map settings.
Enable Mode Command Set Command Reference Guide Usage Examples The following is a sample from the show crypto map command: > enable #show crypto map testMap Crypto Map "testMap" 10 ipsec-ike Extended IP access list NewList Peers: 192.168.1.1 Transform sets: esp-des Security-association lifetimes: 0 kilobytes 86400 seconds No PFS group configured Interfaces using crypto map testMap: eth 0/1 84 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show debugging Use the show debugging command to display a list of all activated debug message categories. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide show dial-backup interfaces Use the show dial-backup interfaces command to display all configured dial-backup interfaces and the associated parameters for each. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Command Reference Guide Enable Mode Command Set Usage Examples (Continued) Backup enabled all day on the following days: Sunday Monday Tuesday Wednesday Thursday Friday Saturday Backup phone number list: Number Call Type min/max DS0s 3332222 64K 1/1 61950860L1-35D © 2003 ADTRAN, Inc.
Enable Mode Command Set Command Reference Guide show dialin interfaces Use the show dialin interfaces command to display information regarding remote console dialin. . Syntax Description No subcommands. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 4.1 Command was introduced Usage Examples The following is sample output from the show dialin interfaces command: > enable # show dialin interfaces Dialin interfaces...
Command Reference Guide Enable Mode Command Set show event-history Use the show event-history command to display all entries in the current local event-history log. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The event history provides useful information regarding the status of the system and individual port states.
Enable Mode Command Set Command Reference Guide show flash Use the show flash command to display a list of all files currently stored in FLASH memory. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following is a sample show flash output: > enable # show flash Files: 245669 010100boot.biz 1141553 new.biz 821 startup-config 1638 startup-config.
Command Reference Guide Enable Mode Command Set show frame-relay [ lmi | pvc ] frame-relay Use the show frame-relay command to display configuration and status parameters for configured virtual frame relay interfaces.
Enable Mode Command Set Command Reference Guide Usage Examples (Continued) in BECN pkts: 0 in DE pkts: 0 out DE pkts: 0 pvc create time: 00:00:00:12 last time pvc status changed: 00:00:13:18 DLCI = 20 DLCI USAGE = LOCAL PVC STATUS = ACTIVE INTERFACE = FR 1.
Command Reference Guide Enable Mode Command Set show hosts Use the show hosts command to display information such as the domain name, name lookup service, a list of name server hosts, and the cached list of host names and addresses on the network to which you can connect. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Enable Mode Command Set Command Reference Guide show interfaces Use the show interfaces command to display configuration parameters and current statistics for all interfaces (or a specified interface). Syntax Description *Optional Specific interface to display. Type show interfaces ? for a complete list of valid interfaces. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Command Reference Guide Enable Mode Command Set Usage Examples (Continued) # show interfaces fr 1 TDM group 10 line protocol is UP Encapsulation FRAME-RELAY (fr 1) 463 packets input 25488 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 864 packets output 239993 bytes 0 underruns 0 input clock glitches 0 output clock glitches 0 carrier lost 0 cts lost Line Status: -- No Alarms -Current Performance Statistics: 0 Errored Seconds 0 Bursty Errored Second
Enable Mode Command Set Command Reference Guide Usage Examples (Continued) # show interfaces dds 1/1 dds 1/1 is UP line protocol is UP Encapsulation FRAME-RELAY (fr 1) Loop rate is set to 56000 actual rate is 56000 Clock source is line Data scrambling is disabled No Loopbacks 75 packets input 6108 bytes 0 no buffer 0 runts 0 giants 0 throttles 0 input errors 0 CRC 0 frame 0 abort 0 ignored 0 overruns 81 packets output 11496 bytes 0 underruns 0 input clock glitches 0 output clock glitches 0 carrier lost 0
Command Reference Guide Enable Mode Command Set show interfaces shdsl Use the show interfaces shdsl command to display configuration parameters and current statistics for the SHDSL interfaces (or a specified interface).
Enable Mode Command Set Command Reference Guide Functional Notes The following is a list of output messages from the show interfaces shdsl command: Equipment Type Shows whether the unit is operating in CPE (NT) mode or CO (LT) mode. Line Rate Shows the current line rate. The line rate is the data rate + 8 kbps. Therefore, a rate of 2056 kbps implies an actual data rate of 2048 kbps. Alarms Shows the current alarm conditions.
Command Reference Guide Enable Mode Command Set Functional Notes (Continued) Loop Attenuation Shows the current, minimum, and maximum loop attenuation of the line. These may be cleared using the clear counters shdsl command. Performance Stats Shows current interval line statistics. These statistics may be cleared through the use of the clear counters shdsl command, but the number of elapsed seconds will continue running and accumulating time.
Enable Mode Command Set Command Reference Guide Technology Review A network loopback loops data toward the network (away from the unit). A customer loopback loops data toward the router. The router does not instigate customer-side loopbacks, only network loopbacks (remote or local). The reason for this is that the customer interface is internal to the router. There is little use for looping back router data on itself. A transparent loopback is one in which the unit loops back one side (i.e.
Command Reference Guide Enable Mode Command Set show ip access-lists Use the show ip access-lists command to display all configured IP access lists in the system. Syntax Description *Optional Specify a particular access list to display. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 2.
Enable Mode Command Set Command Reference Guide show ip arp Use the show ip arp command to display the Address Resolution Protocol (ARP) table. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following is a sample output of the show ip arp command: > enable # show ip arp ADDRESS TTL (min) MAC ADDRESS LAST UPDATED (min) 192.168.30.36 192.168.30.
Command Reference Guide Enable Mode Command Set show ip dhcp-client lease Use the show ip dhcp-client lease command to display all Dynamic Host Client Protocol (DHCP) lease information for interfaces that have dynamically assigned IP addresses. Syntax Description *Optional Displays the information for the specified interface Valid interfaces include: Ethernet (eth 0/1) and virtual frame relay interfaces (fr 1) Default Values No default value necessary for this command.
Enable Mode Command Set Command Reference Guide show ip dhcp-server binding Use the show ip dhcp-server binding command to display the Dynamic Host Client Protocol (DHCP) server client table with associated information. Syntax Description *Optional Specify a particular client IP address. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 2.
Command Reference Guide Enable Mode Command Set show ip interfaces [ | brief] Use the show ip interfaces command to display the status information for all IP interfaces (or a specific interface). Syntax Description *Optional Enter a specific interface to view its status information. If no interface is entered, status information for all interfaces is displayed. Valid entries include: FrameRelay, ethernet, loopback, and ppp.
Enable Mode Command Set Command Reference Guide show ip ospf Use the show ip ospf command to display general information regarding OSPF processes. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples The following is a sample output from the show ip ospf command: > enable # show ip ospf Summary of OSPF Process with ID: 192.2.72.
Command Reference Guide Enable Mode Command Set show ip ospf border-routers Use the show ip ospf border-routers command to display the internal OSPF routing table entries for area border routers (ABRs) and autonomous system boundary routers (ASBRs). Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Enable Mode Command Set Command Reference Guide show ip ospf database Use the show ip ospf database command to display information from the OSPF database regarding a specific router. There are several variations of this command which you can use to obtain information about different OSPF link state advertisements.
Command Reference Guide Enable Mode Command Set Functional Notes The link-state-id differs depending on whether the link state advertisement in question describes a network or a router. If describing a network, this ID is one of the following: • The network’s IP address. This is true for type 3 summary link advertisements and in autonomous system external link advertisements. • An address obtained from the link state ID.
Enable Mode Command Set Command Reference Guide show ip ospf interface Use the show ip ospf interface command to display OSPF information for a specific interface. Syntax Description *Optional Enter the interface type (i.e., eth, ppp, loopback, etc.). *Optional Enter the interface number. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Command Reference Guide Enable Mode Command Set show ip ospf neighbor [detail] Use the show ip ospf neighbor command to display OSPF neighbor information for a specific interface. Syntax Description *Optional Enter the interface type (i.e., eth, ppp, etc.). *Optional Enter the interface number. *Optional Enter a specific neighbor’s router ID.
Enable Mode Command Set Command Reference Guide show ip ospf summary-address Use the show ip ospf summary-address command to display a list of all summary address redistribution information for the system. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples > enable # show ip ospf summary-address 112 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show ip policy-class Use the show ip policy-class command to display a list of currently configured access policies. See ip policy-class max-sessions on page 208 for information on configuring access policies. Syntax Description *Optional Enter a specific policy class name to display information for a single policy. Default Values No default value necessary for this command.
Enable Mode Command Set Command Reference Guide show ip policy-sessions Use the show ip policy-sessions command to display a list of current policy class associations. See ip policy-class max-sessions on page 208 for information on configuring access policies. Syntax Description *Optional Enter a specific policy class name to display information for a single policy. Default Values No default value necessary for this command.
Command Reference Guide Enable Mode Command Set show ip policy-stats Use the show ip policy-stats command to display a list of current policy class statistics. See ip policy-class max-sessions on page 208 for information on configuring access policies. Syntax Description *Optional Enter a specific policy class name to display information for a single policy. Default Values No default value necessary for this command.
Enable Mode Command Set Command Reference Guide show ip protocols Use the show ip protocols command to display IP routing protocol parameters and statistics. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Command Reference Guide Enable Mode Command Set show ip route [ connected| ospf | rip | static | table] Use the show ip route command to display the contents of the IP route table. Syntax Description connected *Optional Displays only the IP routes for directly connected networks. ospf *Optional Displays only the IP routes associated with OSPF. rip *Optional Displays only the IP routes that were dynamically learned through RIP.
Enable Mode Command Set Command Reference Guide show ip traffic Use the show ip traffic command to display all IP traffic statistics. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples > enable # show ip traffic 118 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show memory heap Use the show memory heap command to display statistics regarding memory including memory allocation and buffer use statistics. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Enable Mode Command Set Command Reference Guide show output-startup Use the show output-startup command to display startup configuration output line-by-line. This output can be copied into a text file and then used as a configuration editing tool. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.
Command Reference Guide Enable Mode Command Set show processes cpu Use the show processes cpu command to display information regarding any processes that are currently active. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples The following is a sample output from the show processes cpu command: > enable # show processes cpu processes cpu System load: 7.
Enable Mode Command Set Command Reference Guide show running-config [verbose | checksum] Use the show running-config command to display a text print of all the non-default parameters contained in the current running configuration file. Use the verbose keyword to display a text print of the entire configuration (including parameters in their default state).
Command Reference Guide Enable Mode Command Set show snmp Use the show snmp command to display the system Simple Network Management Protocol (SNMP) parameters and current status of SNMP communications. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide show sntp Use the show sntp command to display the system Simple Network Time Protocol (SNTP) parameters and current status of SNTP communications. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 3.1 Command was introduced Usage Examples > show sntp 124 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show spanning-tree Use the show spanning-tree command to display the latest spanning-tree calculations, including priority path cost root path information. Syntax Description *Optional Display spanning-tree for a specific bridge group. Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide Usage Examples (Continued) Port 3 (fr 1.17) of Bridge group 1 is forwarding Port path cost 1302 Port priority 128 Port Identifier 128.3. Designated root has priority 32768 address 00:A0:C8:00:8F:98 Designated bridge has priority 32768 address 00:A0:C8:08:CA:A2 Designated port id is 128.3 designated path cost 100 BPDU: sent 37014 received 23 126 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show startup-config Use the show startup-config command to display a text printout of the startup configuration file stored in NVRAM. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 1.
Enable Mode Command Set Command Reference Guide Usage Examples (Continued) ! interface dds 1/1 shutdown ! interface bri 1/2 shutdown ! ! ip access-list standard MatchAll permit host 10.3.50.6 permit 10.200.5.0 0.0.0.255 ! ! ip access-list extended UnTrusted deny icmp 10.5.60.0 0.0.0.255 any source-quench deny tcp any any ! no ip snmp agent ! ! ! line con 0 no login ! line telnet 0 login line telnet 1 login line telnet 2 login line telnet 3 login line telnet 4 login ! 128 © 2003 ADTRAN, Inc.
Command Reference Guide Enable Mode Command Set show tcp info Use the show tcp info command to display TCP control block information in the ADTRAN OS. This information is for troubleshooting and debug purposes only. For more detailed information, you can optionally specify a particular TCP control block. When a particular TCP control block is specified, the system provides additional information regarding crypto map settings that the show tcp info command does not display.
Enable Mode Command Set Command Reference Guide show version Use the show version command to display the current ADTRAN OS version information. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following is a sample show version output: >enable # show version ADTRAN OS version: 02.01.
Command Reference Guide Enable Mode Command Set telnet
Use the telnet command to open a Telnet session (through the ADTRAN OS) to another system on the network. Syntax Description Specifies the IP address of the remote system. Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.1 Command was introduced Usage Examples The following example opens a Telnet session with a remote system (10.200.4.Enable Mode Command Set Command Reference Guide traceroute
Use the traceroute command to display the IP routes a packet takes to reach the specified destination. Syntax Description *Optional Specifies the IP address of the remote system to trace the routes to. Default Values No default value necessary for this command. Command Modes > or # Basic or Enable Command Mode Command History Release 1.Command Reference Guide Enable Mode Command Set undebug all Use the undebug all command to disable all activated debug messages. Syntax Description No subcommands Default Values No default value necessary for this command. Command Modes # Enable Command Mode Command History Release 2.1 Command was introduced Usage Examples The following example disabled all activated debug messages: > enable # undebug all 61950860L1-35D © 2003 ADTRAN, Inc.
Enable Mode Command Set Command Reference Guide write [erase | memory | network | terminal] Use the write command to save the running configuration to the unit’s NVRAM or a TFTP server. Also use the write command to clear NVRAM or to display the running configuration on the terminal screen. Entering the write command with no other arguments copies your configuration changes to the unit’s nonvolatile random access memory (NVRAM).
Command Reference Guide Global Configuration Mode Command Set GLOBAL CONFIGURATION MODE COMMAND SET To activate the Global Configuration Mode command set, enter the configuration command at the Enable security mode prompt. For example: Router> enable Router# configure terminal Router(config)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Global Configuration Mode Command Set Command Reference Guide banner [ exec | login | motd ] Use the banner command to specify messages to be displayed in certain situations. Use the no form of this command to delete a previously configured banner. Syntax Description exec This command creates a message to be displayed when any exec-level process takes place. login This command creates a message to be displayed before the username and password login prompts.
Command Reference Guide Global Configuration Mode Command Set boot system flash [no-backup | ] Use the boot system flash command to specify the system image loaded at startup. Syntax Description Specifies the filename (located in flash memory) of the image (filenames are case-sensitive) - image files should have a .biz extension no-backup Specify that no backup image is to be saved to the system. Specify a name for the backup image.
Global Configuration Mode Command Set Command Reference Guide bridge address discard Use the bridge address discard command to filter frames on a specific interface that contain the specified hardware address in either the source or destination field. Using the discard version of this command limits the processing of unwanted frames on the specified interface. Multiple bridge address commands may be entered for custom filtering applications.
Command Reference Guide Global Configuration Mode Command Set Technology Review A bridged network can provide excellent traffic management to reduce collisions and limit the amount of bandwidth wasted with unnecessary transmissions. Transparent bridges working at Layer 2 (of the OSI Model) forward packets on network segments only when it is necessary. The decision process involves only Layer 2 hardware addresses.
Global Configuration Mode Command Set Command Reference Guide bridge address forward Use the bridge address forward command to filter frames on a specific interface that contain the specified hardware address in either the source or destination field. Using the forward version of this command predefines the path for specified packets. Multiple bridge address commands may be entered for custom filtering applications.
Command Reference Guide Global Configuration Mode Command Set bridge aging-time Use the bridge aging-time command to set the length of time a dynamic entry may remain in the bridge table from the time the entry was created or last updated. To return to the default aging-time interval, use the no form of this command.
Global Configuration Mode Command Set Command Reference Guide bridge forward-time Use the bridge forward-time command to specify the delay interval (in seconds) when forwarding bridge packets. Use the no form of this command to return to the default interval. The default value may be restored using the no form of this command.
Command Reference Guide Global Configuration Mode Command Set bridge hello-time Use the bridge hello-time command to specify the delay interval (in seconds) between hello bridge protocol data units (BPDUs). To return the default interval, use the no form of this command.
Global Configuration Mode Command Set Command Reference Guide bridge max-age Use the bridge max-age command to specify the interval (in seconds) the bridge will wait to receive Bridge Protocol Data Units (BPDUs) from the root bridge before assuming the network has changed, thus re-evaluating the spanning-tree topology. Use the no form of this command to return to the default interval.
Command Reference Guide Global Configuration Mode Command Set bridge priority Use the bridge priority command to set the priority for bridging interfaces in the specified bridge group. The lower the priority value, the higher the likelihood the configured bridge interface will be the root for the bridge group. To return to the default bridge priority value, use the no version of this command.
Global Configuration Mode Command Set Command Reference Guide bridge protocol ieee The bridge protocol ieee command configures a bridge group for the IEEE Spanning Tree Protocol. Use the no form of this command (with the appropriate arguments) to delete this setting. Syntax Description ieee Bridge group number (1 to 255) specified using the bridge command IEEE 802.
Command Reference Guide Global Configuration Mode Command Set cross-connect <#> Use the cross-connect command to create a cross-connect map from a created tdm-group on an interface to another physical or virtual interface. Changing cross-connect settings could potentially result in service interruption.
Global Configuration Mode Command Set Command Reference Guide Usage Examples The following example creates a frame relay endpoint and connects it to the t1 1/1 physical interface: 1. Create the frame relay virtual endpoint and set the signaling method: (config)# interface frame-relay 1 (config-fr 1)# frame-relay lmi-type cisco 2. Create the sub-interface and configure the PVC parameters (including DLCI and IP address): (config-fr 1)# interface fr 1.1 (config-fr 1.
Command Reference Guide Global Configuration Mode Command Set Technology Review (Continued) Step 3: (VALID ONLY FOR T1 INTERFACES) Specify the group of DS0s used for signaling on the T1 interface by creating a tdm-group. Group any number of aggregate DS0s together to create a data pipe for layer 2 signaling. Also use the tdm-group command to specify the per-DS0 signaling rate on the interface.
Global Configuration Mode Command Set Command Reference Guide crypto ike Use the crypto ike command to define the system-level local ID for IKE negotiations and to enter the IKE Client or IKE Policy command sets.
Command Reference Guide Global Configuration Mode Command Set Technology Review The following example configures an ADTRAN OS product for VPN using IKE aggressive mode with pre-shared keys. The ADTRAN OS product can be set to initiate IKE negotiation in main mode or aggressive mode. The product can be set to respond to IKE negotiation in main mode, aggressive mode, or any mode. In this example, the device is configured to initiate in aggressive mode and to respond to any mode.
Global Configuration Mode Command Set Command Reference Guide Technology Review (Continued) (config)#crypto ike policy 10 (config-ike)#no local-id (config-ike)#peer 192.168.1.2 (config-ike)#initiate aggressive (config-ike)#respond anymode (config-ike)#attribute 10 (config-ike-attribute)#encryption 3des (config-ike-attribute)#hash sha (config-ike-attribute)#authentication pre-share (config-ike-attribute)#group 1 (config-ike-attribute)#lifetime 900 Step 5: Define the remote-id settings.
Command Reference Guide Global Configuration Mode Command Set Technology Review (Continued) Step 9: Configure public interface. This process includes configuring the IP address for the interface and applying the appropriate crypto map to the interface. Crypto maps are applied to the interface on which encrypted traffic will be transmitted. (config)#interface ethernet 0/1 (config-eth 0/1)#ip address 192.168.1.1 255.255.255.
Global Configuration Mode Command Set Command Reference Guide crypto ike remote-id Use the crypto ike remote-id command to specify the remote ID and to associate a pre-shared key with the remote ID.
Command Reference Guide Global Configuration Mode Command Set crypto ipsec transform-set Use the crypto ipsec transform-set command to define the transform configuration for securing data (e.g., esp-3des, esp-sha-hmac, etc.). The transform-set is then assigned to a crypto map using the map’s set transform-set command. See set transform-set on page 282.
Global Configuration Mode Command Set Command Reference Guide Usage Examples The following example first creates a transform-set (Set1) consisting of two security algorithms (up to three may be defined), and then assigns the transform-set to a crypto map (Map1): (config)#crypto ipsec transform-set Set1 esp-3des esp-sha-hmac (cfg-crypto-trans)#exit (config)#crypto map Map1 1 ipsec-ike (config-crypto-map)#set transform-set Set1 156 © 2003 ADTRAN, Inc.
Command Reference Guide Global Configuration Mode Command Set crypto map Use the crypto map command to define crypto map names and numbers and to enter the associated command set (either Crypto Map IKE or Crypto Map Manual).
Global Configuration Mode Command Set Command Reference Guide Functional Notes Crypto map entries do not directly contain the transform configuration for securing data. Instead, the crypto map is associated with transform sets which contain specific security algorithms (see crypto ipsec transform-set on page 155). Crypto map entries do not directly contain the selectors used to determine which data to secure. Instead, the crypto map entry refers to an access control list.
Command Reference Guide Global Configuration Mode Command Set enable password [md5] Use the enable password command to define a password (with optional encryption) for accessing the Enable Mode command set. Use the no enable password command to remove a configured password. To prevent unauthorized users from accessing the configuration functions of your AOS device, immediately install an Enable-level password.
Global Configuration Mode Command Set Command Reference Guide event-history on Use the event-history on command to enable event logging for the ADTRAN OS system. Event log messages will not be recorded unless this command has been issued (regardless of the event-history priority configured). The event log may be displayed using the show event-history command. Use the no form of this command to disable the event log.
Command Reference Guide Global Configuration Mode Command Set event-history priority Use the event-history priority command to set the threshold for events stored in the event history. All events with the specified priority or higher will be kept for viewing in the local event log. The event log may be displayed using the show event-history command. Use the no form of this command to keep specified priorities from being logged.
Global Configuration Mode Command Set Command Reference Guide Functional Notes The event history provides useful information regarding the status of the system and individual port states. Use the event history as a troubleshooting tool when identifying system issues. The following is a sample event history log. Router# show event-history Using 526 bytes 2002.07.12 15:34:01 T1.t1 1/1 Yellow 2002.07.12 15:34:01 INTERFACE_STATUS.t1 1/1 changed state to down. 2002.07.12 15:34:02 T1.t1 1/1 No Alarms 2002.07.
Command Reference Guide Global Configuration Mode Command Set hostname Creates a name used to identify the unit. This alphanumeric string should be used as a unique description for the unit. This string will be displayed in all prompts. Syntax Description Alphanumeric string up to 32 characters used to identify the unit Default Values Router Command Modes (config)# Global Configuration Mode required Command History Release 1.
Global Configuration Mode Command Set Command Reference Guide interface Activates the Interface Configuration Mode for the listed physical interface. Syntax Description Identifies the physical port type of the installed Network Interface Module (NIM) Dial-Backup Interface Module (DIM) or Ethernet port. Type interface ? for a complete list of valid interfaces. Specifies an interface based on its physical location (slot and port).
Command Reference Guide Global Configuration Mode Command Set interface frame-relay
Global Configuration Mode Command Set Command Reference Guide Functional Notes (Continued) Step 2: Create the sub-interface and configure the PVC parameters. Using the sub-interface command set, apply access policies to the interface, create bridging interfaces, configure dial-backup, assign an IP address, and set the PVC data-link control identifier (DLCI). For example, the following creates a frame relay sub-interface labeled 22, sets the DLCI to 30, and assigns an IP address of 193.44.69.
Command Reference Guide Global Configuration Mode Command Set interface loopback
Global Configuration Mode Command Set Command Reference Guide interface ppp
Command Reference Guide Global Configuration Mode Command Set Functional Notes (Continued) Step 3: (VALID ONLY FOR T1 INTERFACES) Specify the group of DS0s used for signaling on the T1 interface by creating a tdm-group. Group any number of aggregate DS0s together to create a data pipe for layer 2 signaling. Also use the tdm-group command to specify the per-DS0 signaling rate on the interface.
Global Configuration Mode Command Set Command Reference Guide ip access-list extended Use the ip access-list extended command to create an empty access list and enter the extended access-list command set. Use the no form of this command to delete an access list and all the entries contained in it.
Command Reference Guide Global Configuration Mode Command Set Syntax Description (Continued) *Optional The source port is used only when is tcp or udp The following keywords and port numbers are supported for the field: any Match any destination port eq Match only packets on a given port number gt Match only packets with a port number higher than the one listed host Match a single destination host lt Match only
Global Configuration Mode Command Set Command Reference Guide Syntax Description (Continued) The following is the list of TCP port numbers that may be identified using the text name (in bold): bgp (Port 179) lpd (Port 515) chargen (Port 19) nntp (Port 119) cmd (Port 514) pim-auto-rp (Port 496) daytime (Port 13) pop2 (Port 109) discard (Port 9) pop3 (Port 110) domain (Port 53) smtp (Port 25) echo (Port 7) sunrpc (Port 111) exec (Port 512) syslog (Port 514) finger (Port 79) tacacs (Port 49)
Command Reference Guide Global Configuration Mode Command Set Syntax Description (Continued) *Optional ICMP packets that are filtered using the ICMP message type (using the keyword) may also be filtered using the ICMP message code (valid range: 0 to 255). An must be specified when entering an . *Optional Filter packets using ICMP descriptive message rather than the corresponding type and code associations.
Global Configuration Mode Command Set Command Reference Guide Usage Examples The following example creates an access list AllowIKE to allow all IKE (UDP Port 500) packets from the 190.72.22.55.0/24 network: (config)# ip access-list extended AllowIKE (config-ext-nacl)# permit udp 190.72.22.55.0 0.0.0.255 eq 500 any eq 500 For more details, refer to the NetVanta 3000 Series System Manual CD or the ADTRAN website (www.adtran.com) for technical support notes regarding access-list configuration.
Command Reference Guide Global Configuration Mode Command Set Technology Review (Continued) discard list dest-policy All packets passed by the access list(s) entered and destined for the interface using the access policy listed will be blocked from the router system. This allows for configurations to deny packets on a specified interface.
Global Configuration Mode Command Set Command Reference Guide ip access-list standard Use the ip access-list standard command to create an empty access list and enter the standard access-list command set. Use the no form of this command to delete an access list and all the entries contained in it.
Command Reference Guide Global Configuration Mode Command Set Functional Notes Access control lists are used as packet selectors by access policies (ACPs); by themselves they do nothing. ACLs are composed of an ordered list of entries with an implicit deny all at the end of each list. An ACL entry contains two parts: an action (permit or deny) and a packet pattern. A permit ACL is used to allow packets (meeting the specified pattern) to enter the router system.
Global Configuration Mode Command Set Command Reference Guide Usage Examples The following example creates an access list UnTrusted to deny all packets from the 190.72.22.248/30 network: (config)# ip access-list standard UnTrusted (config-std-nacl)# deny 190.72.22.248 0.0.0.3 For more details, refer to the NetVanta 3000 Series System Manual CD or the ADTRAN website (www.adtran.com) for technical support notes regarding access-list configuration.
Command Reference Guide Global Configuration Mode Command Set Technology Review (Continued) discard list dest-policy All packets passed by the access list(s) entered and destined for the interface using the access policy listed will be blocked from the router system. This allows for configurations to deny packets on a specified interface.
Global Configuration Mode Command Set Command Reference Guide ip classless Use the ip classless command to forward classless packets to the best supernet route available. A classless packet is a packet addressed for delivery to a subnet of a network with no default network route. Syntax Description No subcommands Default Values By default, this command is enabled. Command Modes (config)# Global Configuration Mode required Command History Release 1.
Command Reference Guide Global Configuration Mode Command Set ip crypto Use the ip crypto command to enable ADTRAN OS VPN functionality and allow crypto maps to be added to interfaces. Use the no form of this command to disable the VPN functionality. Disabling the ADTRAN OS security features (using the no ip crypto command) does not affect VPN configuration settings (with the exception of the removal of all crypto maps from the interfaces).
Global Configuration Mode Command Set Command Reference Guide ip default-gateway Use the ip default-gateway command to specify a default gateway if (and only if) IP routing is NOT enabled on the unit. Use the ip route command to add a default route to the route table when using IP routing functionality. See ip route on page 213 for more information.
Command Reference Guide Global Configuration Mode Command Set ip dhcp-server excluded-address Use the ip dhcp-server excluded-address command to specify IP addresses that cannot be assigned to DHCP clients. Use the no form of this command to remove a configured IP address restriction. Syntax Description Specifies the lowest IP address (using dotted decimal notation) in the range OR a single IP address to be excluded.
Global Configuration Mode Command Set Command Reference Guide ip dhcp-server ping packets <#packets> Use the ip dhcp-server ping packets command to specify the number of ping packets the DHCP server will transmit before assigning an IP address to a requesting DHCP client. Transmitting ping packets verifies that no other hosts on the network are currently configured with the specified IP address.
Command Reference Guide Global Configuration Mode Command Set ip dhcp-server ping timeout Use the ip dhcp-server ping timeout command to specify the interval (in milliseconds) the DHCP server will wait for a response to a transmitted DHCP ping packet. The DHCP server transmits ping packets before assigning an IP address to a requesting DHCP client. Transmitting ping packets verifies that no other hosts on the network are currently configured with the specified IP address.
Global Configuration Mode Command Set Command Reference Guide ip dhcp-server pool Use the ip dhcp-server pool command to create a DHCP address pool and enter the DHCP pool command set. Use the no form of this command to remove a configured DHCP address pool. See the section DHCP Pool Command Set on page 240 for more information.
Command Reference Guide Global Configuration Mode Command Set ip domain-lookup Use the ip domain-lookup command to enable the IP DNS (domain naming system), allowing DNS-based host translation (name-to-address). Use the no form of this command to disable DNS. Syntax Description No subcommands Default Values By default, this command is enabled. Command Modes (config)# Global Configuration Mode required Command History Release 3.
Global Configuration Mode Command Set Command Reference Guide ip domain-name Use the ip domain-name command to define a default IP domain name to be used by the ADTRAN OS to resolve host names. Use the no form of this command to disable this function. Syntax Description Default IP domain name used to resolve unqualified host names. Do not include the initial period that separates the unresolved name from the default domain name. Default Values By default, this command is disabled.
Command Reference Guide Global Configuration Mode Command Set ip domain-proxy Use the ip domain-proxy command to enable DNS proxy for the router. This enables the router to act as a proxy for other units on the network. Syntax Description No subcommands Default Values By default, this command is disabled. Command Modes (config)# Global Configuration Mode required Command History Release 3.
Global Configuration Mode Command Set Command Reference Guide ip firewall Use the ip firewall command to enable ADTRAN OS security features including access control policies and lists, Network Address Translation (NAT), and the stateful inspection firewall. Use the no form of this command to disable the security functionality. Disabling the ADTRAN OS security features (using the no ip firewall command) does not affect security configuration.
Command Reference Guide Global Configuration Mode Command Set Functional Notes This command enables firewall processing for all interfaces with a configured policy class. Firewall processing consists of the following functions: 1. Attack Protection: Detects and discards traffic that matches profiles of known networking exploits or attacks. 2. Session Initiation Control: Allows only sessions that match traffic patterns permitted by access-control policies to be initiated through the router. 3.
Global Configuration Mode Command Set Command Reference Guide Technology Review Concepts: Access control using the ADTRAN OS firewall has two fundamental parts: Access Control Lists (ACLs) and Access Policy Classes (ACPs). ACLs are used as packet selectors by other ADTRAN OS systems; by themselves they do nothing. ACPs consist of a selector (ACL) and an action (allow, discard, NAT). ACPs integrate both allow and discard policies with NAT. ACPs have no effect until they are assigned to a network interface.
Command Reference Guide Global Configuration Mode Command Set Technology Review (Continued) Attack Protection: When the ip firewall command is enabled and access-policies are created using the ip policy-class command and applied to interfaces with the access-policy command, firewall attack protection is enabled. The ADTRAN OS blocks traffic (matching patterns of known networking exploits) from traveling through the device.
Global Configuration Mode Command Set Command Reference Guide Invalid Traffic Pattern Manually ADTRAN OS Firewall Response Enabled? Common Attacks Attacks that send TCP URG packets Yes Any TCP packets that have the URG flag set are discarded by the firewall. Winnuke, TCP XMAS Scan Falsified IP Header Attacks No The firewall verifies that the packet’s actual length matches the length indicated in the IP header. If it does not, the packet is dropped.
Command Reference Guide Global Configuration Mode Command Set Application Specific Processing: The following applications and protocols require special processing to operate concurrently with NAT/firewall functionality. The ADTRAN OS firewall includes ALGs for handling these applications and protocols: AOL Instant Messenger VPN ALGS: ESP and IKE FTP H.323: H.245 Q.
Global Configuration Mode Command Set Command Reference Guide ip firewall attack-log threshold Use the ip firewall attack-log threshold command to specify the number of attack mounting attempts the ADTRAN OS will identify before generating a log message. Use the no form of this command to return to the default threshold. The ADTRAN OS security features must be enabled (using the ip firewall command) for the stateful inspection firewall to be activated.
Command Reference Guide Global Configuration Mode Command Set ip firewall check syn-flood Use the ip firewall check syn-flood command to enable the ADTRAN OS stateful inspection firewall to filter out phony TCP service requests and allow only legitimate requests to pass through. Use the no form of this command to disable this feature. The ADTRAN OS security features must be enabled (using the ip firewall command) for the stateful inspection firewall to be activated.
Global Configuration Mode Command Set Command Reference Guide ip firewall check winnuke Use the ip firewall check winnuke command to enable the ADTRAN OS stateful inspection firewall to discard all Out of Band (OOB) data (to protect against WinNuke attacks). Use the no form of this command to disable this feature. The ADTRAN OS security features must be enabled (using the ip firewall command) for the stateful inspection firewall to be activated.
Command Reference Guide Global Configuration Mode Command Set ip firewall policy-log threshold Use the ip firewall policy-log threshold command to specify the number of connections required by an access control policy before the ADTRAN OS will generate a log message. Use the no form of this command to return to the default threshold. The ADTRAN OS security features must be enabled (using the ip firewall command) for the stateful inspection firewall to be activated.
Global Configuration Mode Command Set Command Reference Guide ip forward-protocol udp Use the ip forward-protocol udp command to specify the protocols and ports the ADTRAN OS allows when forwarding broadcast packets. Use the no form of this command to disable a specified protocol or port from being forwarded. The ip helper command must be used in conjunction with the ip forward-protocol command to configure the ADTRAN OS to forward UDP broadcast packets.
Command Reference Guide Global Configuration Mode Command Set Command Modes (config)# Global Configuration Mode Command History Release 2.1 Command was introduced Functional Notes Use this command to configure the ADTRAN OS to forward UDP packets across the WAN link to allow remote devices to connect to a UDP service on the other side of the WAN link. Usage Examples The following example forwards all Domain Name Server broadcast traffic to the DNS server with IP address 192.33.5.
Global Configuration Mode Command Set Command Reference Guide ip ftp access-class in Use the ip ftp access-class in command to assign an access policy to all self-bound File Transfer Protocol (FTP) sessions. Syntax Description Specifies the configured access policy (ACP) to apply to inbound FTP traffic Default Values By default, all ftp access is allowed. Command Modes (config)# Global Configuration Mode required Command History Release 2.
Command Reference Guide Global Configuration Mode Command Set ip ftp agent Use the ip ftp agent command to enable the file transfer protocol (FTP) agent. Syntax Description No subcommands Default Values By default, the FTP agent is enabled. Command Modes (config)# Global Configuration Mode required Command History Release 4.1 Command was introduced Usage Examples The following example enables the IP FTP agent: (config)# ip ftp agent 61950860L1-35D © 2003 ADTRAN, Inc.
Global Configuration Mode Command Set Command Reference Guide ip host Use the ip host command to define an IP host name. This allows you to statically map host names and addresses in the host cache. Use the no form of this command to remove defined maps. Syntax Description Name of the host. IP address associated with this IP host. Default Values By default, the host table is empty.
Command Reference Guide Global Configuration Mode Command Set ip http [server | access-class in] Use the ip http command to enable web access to the router. Syntax Description server Enable the http server connection. access-class Enable http for all incoming connections associated with a specific access list. Access list name. in Apply to all incoming connections. Default Values By default, this command is disabled.
Global Configuration Mode Command Set Command Reference Guide ip n-form [agent | access-class in] Use the ip n-form command to enable and customize N-Form access to the router Syntax Description agent Enable the N-Form agent. access-class Enable N-Form access for all incoming connections associated with a specific access list. Access list name. in Apply to all incoming connections. Default Values By default, n-form agent is disabled.
Command Reference Guide Global Configuration Mode Command Set ip name-server [server-address2....server-address6] Use the ip name-server command to designate one or more name servers to use for name-to-address resolution. Use the no form of this command to remove any addresses previously specified. Syntax Description Enter up to six name-server addresses. Default Values By default, no name servers are specified.
Global Configuration Mode Command Set Command Reference Guide ip policy-class max-sessions Use the ip policy-class command to create an access control policy and enter the access control policy command set. Use the no form of this command to delete an access policy and all the entries contained in it. Configured access policies will only be active if the ip firewall command has been entered at the Global Configuration Mode prompt to enable the ADTRAN OS security features.
Command Reference Guide Global Configuration Mode Command Set Functional Notes ADTRAN OS access control policies are used to allow, discard, or manipulate (using NAT) data for each physical interface. Each ACP consists of a selector (access list) and an action (allow, discard, NAT). When packets are received on an interface, the configured ACPs are applied to determine whether the data will be processed or discarded.
Global Configuration Mode Command Set Command Reference Guide Technology Review Creating access policies and lists to regulate traffic through the routed network is a four-step process: Step 1: Enable the security features of the ADTRAN OS using the ip firewall command. Step 2: Create an access list to permit or deny specified traffic. Standard access lists provide pattern matching for source IP addresses only. (Use extended access lists for more flexible pattern matching.
Command Reference Guide Global Configuration Mode Command Set ip policy-timeout Use multiple ip policy-timeout commands to customize timeout intervals for protocols (TCP UDP ICMP) or specific services (by listing the particular port number). Use the no form of this command to return to the default timeout values. Syntax Description Specifies the data protocol such as ICMP, TCP, or UDP.
Global Configuration Mode Command Set Command Reference Guide Syntax Description (Continued) *Optional ftp-data (Port 20) tftp (Port 69) gopher (Port 70) telnet (Port 23) hostname (Port 101) time (Port 37) ident (Port 113) uucp (Port 540) irc (Port 194) whois (Port 43) klogin (Port 543) www (Port 80) kshell (Port 544) Wait interval (in seconds) before an active session is closed (valid range: 0 to 4294967295 seconds).
Command Reference Guide Global Configuration Mode Command Set ip route Use the ip route command to add a static route to the route table. This command can be used to add a default route by entering ip route 0.0.0.0 0.0.0.0 and specifying the interface or IP address. Use the no form of this command to remove a configured static route. Syntax Description Specifies the network address (in dotted decimal notation) to add to the route table.
Global Configuration Mode Command Set Command Reference Guide ip routing Use the ip routing command to enable the ADTRAN OS IP routing functionality. Use the no form of this command to disable IP routing. Syntax Description No subcommands Default Values By default, IP routing is enabled. Command Modes (config)# Global Configuration Mode required Command History Release 1.
Command Reference Guide Global Configuration Mode Command Set ip snmp agent Use the ip snmp agent command to enable the Simple Network Management Protocol (SNMP) agent. Syntax Description No subcommands Default Values By default, the SNMP agent is disabled. Command Modes (config)# Global Configuration Mode required Command History Release 1.1 Command was introduced Functional Notes Allows a MIB browser to access standard MIBs within the product.
Global Configuration Mode Command Set Command Reference Guide ip subnet-zero The ip subnet-zero command is the default operation and cannot be disabled. This command signifies the router’s ability to route to subnet-zero subnets. Syntax Description No subcommands. Default Values By default, this command is enabled. Command Modes (config)# Global Configuration Mode required Command History Release 3.
Command Reference Guide Global Configuration Mode Command Set line [ console | telnet ] Use the line command to enter the line configuration command set for the specified console or telnet session. This command can be used to add a route to the default gateway by entering ip route 0.0.0.0 0.0.0.0 and specifying the interface or IP address.
Global Configuration Mode Command Set Command Reference Guide Usage Examples The following example begins the configuration for the CONSOLE port located on the rear of the unit: (config)# line console 0 (config-con0)# The following example begins the configuration for all available Telnet sessions: (config)# line telnet 0 4 (config-telnet0-4)# 218 © 2003 ADTRAN, Inc.
Command Reference Guide Global Configuration Mode Command Set logging email address-list ; Use the logging email command to specify one or more email addresses that will receive notification when an event matching the criteria configured using the logging email priority-level command is logged by the ADTRAN OS. See logging email priority-level on page 221 for more information. Use the no form of this command to remove a listed address.
Global Configuration Mode Command Set Command Reference Guide logging email on Use the logging email on command to enable the ADTRAN OS email event notification feature. Use the logging email address-list command to specify email address(es) that will receive notification when an event matching the criteria configured using the logging email priority-level command is logged by the ADTRAN OS.
Command Reference Guide Global Configuration Mode Command Set logging email priority-level Use the logging email priority-level command to set the threshold for events sent to the addresses specified using the logging email address-list command. All events with the specified priority or higher will be sent to all addresses in the list. The logging email on command must be enabled.
Global Configuration Mode Command Set Command Reference Guide logging email receiver-ip Use the logging email receiver-ip command to specify the IP address of the email server to use when sending notification that an event matched the criteria configured using the logging email priority-level command. See logging email priority-level on page 221 for related information. Use the no form of this command to remove a configured address.
Command Reference Guide Global Configuration Mode Command Set logging facility Use the logging facility command to specify a syslog facility type for the syslog server. Error messages meeting specified criteria are sent to the syslog server. For this service to be active, you must enable log forwarding. See logging forwarding on on page 224 for related information. The different facility types are described under Functional Notes below.
Global Configuration Mode Command Set Command Reference Guide logging forwarding on Use the logging forwarding on command to enable the ADTRAN OS syslog event feature. Use the logging forwarding priority-level command to specify the event matching the criteria used by the ADTRAN OS to determine whether a message should be forwarded to the syslog server. See logging forwarding priority-level on page 225 for related information. Use the no form of this command to disable the syslog event feature.
Command Reference Guide Global Configuration Mode Command Set logging forwarding priority-level Use the logging forwarding priority-level command to set the threshold for events sent to the configured syslog server specified using the logging forwarding receiver-ip command. All events with the specified priority or higher will be sent to all configured syslog servers. See logging forwarding receiver-ip on page 226 for related information.
Global Configuration Mode Command Set Command Reference Guide logging forwarding receiver-ip Use this command to specify the IP address of the syslog server to use when logging events that match the criteria configured using the logging forwarding priority-level command. Enter multiple logging forwarding receiver-ip commands to develop a list of syslog servers to use. See logging forwarding priority-level on page 225 for related information.
Command Reference Guide Global Configuration Mode Command Set router ospf Use the router ospf command to activate OSPF in the router and to enter the OSPF Configuration Mode. See the section Router (OSPF) Configuration Command Set on page 541 for more information. Use the no form of this command to disable OSPF routing. Syntax Description No subcommands. Default Values By default, OSPF is disabled. Command Modes (config)# Global Configuration Mode required Command History Release 3.
Global Configuration Mode Command Set Command Reference Guide router rip Use the router rip command to enter the RIP Configuration Mode. See the section Router (RIP) Configuration Command Set on page 532 for more information. Syntax Description No subcommands. Default Values No default values necessary for this command. Command Modes (config)# Global Configuration Mode required Command History Release 1.
Command Reference Guide Global Configuration Mode Command Set Technology Review The RIP protocol is based on the Bellham-Ford (distance-vector) algorithm. This algorithm provides that a network will converge to the correct set of shortest routes in a finite amount of time, provided that: • Gateways continuously update their estimates of routes. • Updates are not overly delayed and are made on a regular basis. • The radius of the network is not excessive. • No further topology changes take place.
Global Configuration Mode Command Set Command Reference Guide snmp-server chassis-id Use the snmp-server chassis-id command to specify an identifier for the Simple Network Management Protocol (SNMP) server. Use the no form of this command to return to the default value. Syntax Description Alphanumeric string (up to 32 characters in length) used to identify the product.
Command Reference Guide Global Configuration Mode Command Set snmp-server community [ ro | rw ] ] Use the snmp-server community command to specify a community string to control access to the Simple Network Management Protocol (SNMP) information. Use the no form of this command to remove a specified community. Syntax Description Specifies the community string (a password to grant SNMP access).
Global Configuration Mode Command Set Command Reference Guide snmp-server contact Use the snmp-server contact command to specify the SNMP sysContact string. Use the no form of this command to remove a configured contact. Syntax Description “” Alphanumeric string encased in quotes (up to 32 characters in length) used to populate the sysContact string. Default Values Customer Service Command Modes (config)# Global Configuration Mode required Command History Release 1.
Command Reference Guide Global Configuration Mode Command Set snmp-server enable traps Use the snmp-server enable traps command to enable all Simple Network Management Protocol (SNMP) traps available on your system or specified using the option. Use multiple snmp-server enable traps to enable multiple trap types. Use the no form of this command to disable traps (or the specified traps).
Global Configuration Mode Command Set Command Reference Guide snmp-server host
traps Use the snmp-server host traps command to specify traps sent to an identified host. Use multiple snmp-server host traps commands to specify all desired hosts. Use the no form of this command to return to the default value. Syntax Description Specifies the IP address of the SNMP host that receives the traps.Command Reference Guide Global Configuration Mode Command Set snmp-server host
traps version Use the snmp-server host traps version command to specify traps sent to an identified host. Use multiple snmp-server host traps version commands to specify all desired hosts. Use the no form of this command to return to the default value. Syntax Description Specifies the IP address of the SNMP host that receives the traps.Global Configuration Mode Command Set Command Reference Guide snmp-server location Use the snmp-server location command to specify the Simple Network Management Protocol (SNMP) system location string. Use the no form of this command to return to the default value. Syntax Description “” Alphanumeric string encased in quotation marks (up to 32 characters in length) used to populate the system location string.
Command Reference Guide Global Configuration Mode Command Set snmp-server trap-source Use the snmp-server trap-source command to tell the AOS where to expect SNMP traps to originate from (interface type). Use the no form of this command to remove specified interfaces. Syntax Description Specifies the physical interface that should originate SNMP traps. Enter snmp-server trap-source ? for a complete list of valid interfaces.
Global Configuration Mode Command Set Command Reference Guide sntp server
version <1-3> Use the sntp server command to set the hostname of the SNTP server as well as the version of SNTP to use. The Simple Network Time Protocol (SNTP) is an abbreviated version of the Network Time Protocol (NTP). SNTP is used to set the time of the AOS product over a network. The SNTP server usually serves the time to many devices within a network.Command Reference Guide Global Configuration Mode Command Set username password Use this command to configure the username and password to use for all protocols requiring a username-based authentication system including FTP server authentication, line (login local-user list), and HTTP access.
DHCP Pool Command Set Command Reference Guide DHCP POOL COMMAND SET To activate the DHCP Pool command set, enter the ip dhcp-server pool command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# ip dhcp-server pool MyPool Router(config-dhcp)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide DHCP Pool Command Set client-identifier Use the client-identifier command to specify a unique identifier (in dotted hexadecimal notation) for a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove a configured client-identifier. Syntax Description Specify a custom client-identifier using a text string (that is converted to a hexadecimal equivalent) or 7 to 28 hexadecimal numbers (with colon delimiters).
DHCP Pool Command Set Command Reference Guide Default Values (Continued) The Q.922 ADDRESS field is populated using the following: 8 7 6 5 4 3 DLCI (high order) DLCI (lower) FECN BECN 2 1 C/R EA DE EA Where the FECN, BECN, C/R, DE, and high order EA bits are assumed to be 0, and the lower order extended address (EA) bit is set to 1. The following list provides a few example DLCIs and associated Q.922 addresses: DLCI (decimal) / Q.
Command Reference Guide DHCP Pool Command Set client-name Use the client-name command to specify the name of a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured client name. Syntax Description Alphanumeric string (up to 32 characters in length) used to identify the DHCP client (example is client1). The specified client name should not contain the domain name. Default Values By default, there are no specified client names.
DHCP Pool Command Set Command Reference Guide default-router
Use the default-router command to specify the default primary and secondary routers to use for the Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured router. Syntax Description Specifies the address (in dotted decimal notation) of the preferred router on the client’s subnet (example: 192.22.4.254).Command Reference Guide DHCP Pool Command Set dns-server
Use the dns-server command to specify the default primary and secondary Domain Name System (DNS) servers to use for the Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured DNS server. Syntax Description Specifies the address (in dotted decimal notation) of the preferred DNS server on the network (example: 192.72.4.254).DHCP Pool Command Set Command Reference Guide domain-name Use the domain-name command to specify the domain name for the Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured domain name. Syntax Description Alphanumeric string (up to 32 characters in length) used to identify the DHCP client (e.g., adtran.com). Default Values By default, there are no specified domain-names.
Command Reference Guide DHCP Pool Command Set hardware-address Use the hardware-address command to specify the name of a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured client name. Syntax Description Specifies the hardware address (in hexadecimal notation with colon delimiters) of the preferred router on the client’s subnet (example d2:17:04:91:11:50).
DHCP Pool Command Set Command Reference Guide Command History Release 2.1 Command was introduced Usage Examples The following example specifies an Ethernet client with a MAC address of ae:11:54:60:99:10: (config)# ip dhcp-server pool MyPool (config-dhcp)# hardware-address ae:11:54:60:99:10 Ethernet 248 © 2003 ADTRAN, Inc.
Command Reference Guide DHCP Pool Command Set host
[ or ] Use the host command to specify the IP address and subnet mask for a manual binding to a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to remove the configured client address. Syntax Description Specifies the IP address (in dotted decimal notation) for a manual binding to a DHCP client.DHCP Pool Command Set Command Reference Guide lease Use the lease command to specify the duration of the lease for an IP address assigned to a Dynamic Host Configuration Protocol (DHCP) client. Use the no form of this command to return to the default lease value. Syntax Description Specifies the duration of the IP address lease in days. *Optional Specifies the number of hours in a lease.
Command Reference Guide DHCP Pool Command Set netbios-name-server
Use the netbios-name-server command to specify the primary and secondary NetBIOS Windows Internet Naming Service (WINS) name servers available for use by the Dynamic Host Configuration Protocol (DHCP) clients. Use the no form of this command to remove a configured NetBIOS name server.DHCP Pool Command Set Command Reference Guide netbios-node-type Use the netbios-node-type command to specify the type of NetBIOS node used with Dynamic Host Configuration Protocol (DHCP) clients. Use the no form of this command to remove a configured NetBIOS node type. Syntax Description Specifies the NetBIOS node type used with DHCP clients.
Command Reference Guide DHCP Pool Command Set network
[ or ] Use the network command to specify the subnet number and mask for an ADTRAN OS Dynamic Host Configuration Protocol (DHCP) server address pool. Use the no form of this command to remove a configured subnet. Syntax Description Specifies the IP address (in dotted decimal notation) of the DHCP address pool. *Optional Specifies the network mask (subnet) for the address pool.IKE Policy Command Set Command Reference Guide IKE POLICY COMMAND SET To activate the IKE Policy command set, enter the crypto ike policy command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# crypto ike policy 1 Router(config-ike)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide IKE Policy Command Set attribute Use the attribute command to define attributes for the associated IKE policy. Multiple attributes can be created for a single IKE policy. Once you enter this command, you are in the IKE Policy Attribute command set. Refer to IKE Policy Attributes Command Set on page 270 for more information. Syntax Description Assign a number (range: 1-65535) to the attribute policy.
IKE Policy Command Set Command Reference Guide client configuration pool Use the client configuration pool command to configure the AOS to perform as mode-config server (edge device) when an IKE policy is negotiated. Syntax Description The pool from which to obtain parameters to assign to the client.
Command Reference Guide IKE Policy Command Set Technology Review The following example configures an ADTRAN OS product for VPN using IKE aggressive mode with pre-shared keys and mode config support (i.e., IPv4 address, primary and secondary DNS, and NBNS addresses). The ADTRAN OS product can be set to initiate IKE negotiation in main mode or aggressive mode. The product can be set to respond to IKE negotiation in main mode, aggressive mode, or any mode.
IKE Policy Command Set Command Reference Guide Technology Review (Continued) (config)#crypto ike policy 10 (config-ike)#no local-id (config-ike)#peer 192.168.1.
Command Reference Guide IKE Policy Command Set Technology Review (Continued) Step 8: Create crypto map. A Crypto Map is used to define a set of encryption schemes to be used for a given interface. A crypto map entry has a unique index within the crypto map set. The crypto map entry will specify whether IKE is used to generate encryption keys or if manually specified keys will be used.
IKE Policy Command Set Command Reference Guide initiate [main | aggressive] Use the initiate command to allow the IKE policy to initiate negotiation (in main mode or aggressive mode) with peers. Use the no form of this command to allow the policy to respond only. Syntax Description main Specify to initiate using main mode. Main mode requires that each end of the VPN tunnel has a static WAN IP address. Main mode is more secure than aggressive mode because more of the main mode negotiations are encrypted.
Command Reference Guide IKE Policy Command Set local-id [address | fqdn | user-fqdn] Use the local-id command to set the local ID for the IKE policy. This setting overrides the system local ID setting (set in the Global command set using the crypto ike local-id address command). Syntax Description address Specifies a remote ID of IPv4 type. fqdn Specifies a fully qualified domain name (e.g., adtran.com) as the remote ID.
IKE Policy Command Set Command Reference Guide Usage Examples The following example sets the local ID of this IKE policy to the IPv4 address 192.168.1.1: (config-ike)# local-id address 192.168.1.1 262 © 2003 ADTRAN, Inc.
Command Reference Guide IKE Policy Command Set peer [ | any ] Use the peer command to enter the IP address of the peer device. Repeat this command for multiple peers. Use the any keyword if you want to set up a policy that will initiate or respond to any peer. Syntax Description Enter a peer IP address. any Allow any peer to connect to this IKE policy. Default Values There are no default settings for this command.
IKE Policy Command Set Command Reference Guide Technology Review IKE policies must have a peer address associated with them to allow certain peers to negotiate with the ADTRAN product. This is a problem when you have "roaming" users (those who obtain their IP address using DHCP or some other dynamic means). To allow for "roaming" users, the IKE policy can be set up with peer any to allow any peer to negotiate with the ADTRAN product. There can only be one peer any policy in the running configuration.
Command Reference Guide IKE Policy Command Set respond [main | aggressive | anymode] Use the respond command to allow the IKE policy to respond to negotiations by a peer. Use the no form of this command to allow the policy to only initiate negotiations. Syntax Description main Specify to respond to only main mode. aggressive Specify to respond to only aggressive mode. anymode Specify to respond to any mode. Default Values By default, respond to any mode is enabled.
IKE Client Command Set Command Reference Guide IKE CLIENT COMMAND SET To activate the IKE Client command set, enter the crypto ike client command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# crypto ike client configuration pool ConfigPool1 Router(config-ike-client-pool)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide IKE Client Command Set dns-server Use the dns-server command to specify the DNS server address(es) to assign to a client. Syntax Description The first DNS server address to assign. *Optional The second DNS server address to assign. Default Values By default, no DNS server address is defined. Command Modes (config-ike-client-pool)# IKE Client Configuration Mode Command History Release 4.
IKE Client Command Set Command Reference Guide ip-range Use the ip-range command to specify the range of addresses from which the router draws when assigning an IP address to a client. Syntax Description The first IP address in the range for this pool. The last IP address in the range for this pool. Default Values By default, no IP address range is defined. Command Modes (config-ike-client-pool)# IKE Client Configuration Mode Command History Release 4.
Command Reference Guide IKE Client Command Set netbios-name-server Use the netbios-name-server command to specify the NetBIOS Windows Internet Naming Service (WINS) name servers to assign to a client. Syntax Description The first WINs server address to assign. The second WINs server address to assign. Default Values By default, no WINs server address is defined.
IKE Policy Attributes Command Set Command Reference Guide IKE POLICY ATTRIBUTES COMMAND SET To activate the IKE Policy Attributes command set, enter the attribute command at the IKE Policy prompt. For example: Router> enable Router# configure terminal Router(config)# crypto ike policy 1 Router(config-ike)# attribute 10 Router(config-ike-attribute)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide IKE Policy Attributes Command Set authentication pre-share Use the authentication pre-share command to configure this IKE policy to use pre-shared secrets during IKE negotiation. Other authentication choices will be available in future ADTRAN OS updates. Syntax Description pre-share Specify the use of pre-shared secrets during IKE negotiation to validate the peer. Default Values By default, this command is enabled.
IKE Policy Attributes Command Set Command Reference Guide encryption [aes-xxx-cbc | des | 3des] Use the encryption command to specify which encryption algorithm this IKE policy will use to transmit data over the IKE-generated SA. Syntax Description aes-128-cbc Choose the aes-128-cbc encryption algorithm. aes-192-cbc Choose the aes-192-cbc encryption algorithm. aes-256-cbc Choose the aes-256-cbc encryption algorithm. des Choose the des encryption algorithm.
Command Reference Guide IKE Policy Attributes Command Set group [ 1 | 2 ] Use the group command to specify the Diffie-Hellman group (1 or 2) to be used by this IKE policy to generate the keys (which are then used to create the IPSec SA). Syntax Description 1 768-bit mod P 2 1024-bit mod P Default Values By default, group is set to 1. Command Modes (config-ike-attribute)# IKE Policy Attribute Configuration Mode Command History Release 4.
IKE Policy Attributes Command Set Command Reference Guide hash [ md5| sha ] Use the hash command to specify the hash algorithm to be used to authenticate the data transmitted over the IKE SA. Syntax Description md5 Choose the md5 hash algorithm. sha Choose the sha hash algorithm. Default Values By default, hash is set to sha. Command Modes (config-ike-attribute)# IKE Policy Attribute Configuration Mode Command History Release 4.
Command Reference Guide IKE Policy Attributes Command Set lifetime Use the lifetime command to specify how long an IKE SA is valid before expiring. Syntax Description Specify how many seconds an IKE SA will last before expiring. Default Values By default, lifetime is set to 28,800 seconds. Command Modes (config-ike-attribute)# IKE Policy Attribute Configuration Mode Command History Release 4.
Crypto Map IKE Command Set Command Reference Guide CRYPTO MAP IKE COMMAND SET To activate the Crypto Map IKE command set, enter a valid version of the crypto map ipsec-ike command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# crypto map Map-Name 10 ipsec-ike Router(config-crypto-map)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Crypto Map IKE Command Set match address Use the match address command to assign an IP access-list to a crypto map definition. The access-list designates the IP packets to be encrypted by this crypto map. See ip access-list extended on page 170 for more information on creating access-lists. Syntax Description Enter the name of the access-list you wish to assign to this crypto map. Default Values By default, no IP access-lists are defined.
Crypto Map IKE Command Set Command Reference Guide Technology Review A crypto map entry is a single policy that describes how certain traffic is to be secured. There are two types of crypto map entries: ipsec-manual and ipsec-ike. Each entry is given an index, which is used to sort the ordered list. When a non-secured packet arrives on an interface, the crypto map set associated with that interface is processed in order. If a crypto map entry matches the non-secured traffic, the traffic is discarded.
Command Reference Guide Crypto Map IKE Command Set set peer
Use the set peer command to set the IP address of the peer device. This must be set for multiple remote peers. Syntax Description Enter the IP address of the peer device. If this is not configured, it implies responder only to any peer. Default Values There are no default settings for this command. Command Modes (config-crypto-map)# Crypto Map Configuration Mode (IKE or Manual) Command History Release 4.Crypto Map IKE Command Set Command Reference Guide set pfs [group1 | group2] Use the set pfs command to choose the type of perfect forward secrecy (if any) that will be required during IPSec negotiation of security associations for this crypto map. Use the no form of this command to require no PFS. Syntax Description group1 IPSec is required to use Diffie-Hellman Group 1 (768-bit modulus) exchange during IPSec SA key generation.
Command Reference Guide Crypto Map IKE Command Set set security-association lifetime [kilobytes | seconds] Use the set security-association lifetime command to define the lifetime (in kilobytes and/or seconds) of the IPSec SAs created by this crypto map. Syntax Description kilobytes SA lifetime limit in kilobytes. seconds SA lifetime limit in seconds.
Crypto Map IKE Command Set Command Reference Guide set transform-set Use the set transform-set command to assign up to six transform-sets to a crypto map. See crypto ipsec transform-set on page 155 for information on defining transform-sets. Syntax Description Assign up to six transform-sets to this crypto map by listing the set names, separated by a space. Default Values By default, there is no transform-set assigned to the crypto map.
Command Reference Guide Crypto Map Manual Command Set CRYPTO MAP MANUAL COMMAND SET To activate the Crypto Map Manual command set, enter a valid version of the crypto map ipsec-manual command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# crypto map Map-Name 10 ipsec-manual Router(config-crypto-map)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Crypto Map Manual Command Set Command Reference Guide match address Use the match address command to assign an IP access-list to a crypto map definition. The access-list designates the IP packets to be encrypted by this crypto map. See ip access-list extended on page 170 for more information on creating access-lists. Syntax Description Enter the name of the access-list you wish to assign to this crypto map. Default Values By default, no IP access-lists are defined.
Command Reference Guide Crypto Map Manual Command Set Technology Review A crypto map entry is a single policy that describes how certain traffic is to be secured. There are two types of crypto map entries: ipsec-manual and ipsec-ike. Each entry is given an index, which is used to sort the ordered list. When a non-secured packet arrives on an interface, the crypto map set associated with that interface is processed in order. If a crypto map entry matches the non-secured traffic, the traffic is discarded.
Crypto Map Manual Command Set Command Reference Guide set peer
Use the set peer command to set the IP address of the peer device. Syntax Description Enter the IP address of the peer device. Default Values There are no default settings for this command. Command Modes (config-crypto-map)# Crypto Map Configuration Mode (IKE or Manual) Command History Release 4.Command Reference Guide Crypto Map Manual Command Set set session-key [inbound | outbound] Use the set session-key command to define the encryption and authentication keys for this crypto map.
Crypto Map Manual Command Set Command Reference Guide Functional Notes (Continued) AES-128-CBC 128-bits in length; 16 hexadecimal bytes AES-192-CBC 192-bits in length; 24 hexadecimal bytes AES-256-CBC 256-bits in length; 32 hexadecimal bytes md5 128-bits in length; 16 hexadecimal bytes sha1 160-bits in length; 20 hexadecimal bytes Technology Review The following example configures an ADTRAN OS product for VPN using IPSec manual keys.
Command Reference Guide Crypto Map Manual Command Set Technology Review (Continued) Step 5: Create crypto map and define manual keys. A Crypto Map is used to define a set of encryption schemes to be used for a given interface. A crypto map entry has a unique index within the crypto map set. The crypto map entry will specify whether IKE is used to generate encryption keys or if manually specified keys will be used.
Crypto Map Manual Command Set Command Reference Guide set transform-set Use the set transform-set command to assign a transform-set to a crypto map. See crypto ipsec transform-set on page 155 for information on defining transform-sets. Syntax Description Assign a transform-set to this crypto map by entering the set name. Default Values By default, no transform-set is assigned to the crypto map.
Command Reference Guide Ethernet Interface Configuration Command Set ETHERNET INTERFACE CONFIGURATION COMMAND SET To activate the Ethernet Interface Configuration command set, enter the interface ethernet command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface ethernet 0/1 Router(config-eth 0/1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Ethernet Interface Configuration Command Set Command Reference Guide access-policy Use the access-policy command to assign a specified access policy to an interface. Use the no form of this command to remove an access policy association. Syntax Description Alphanumeric descriptor for identifying the configured access policy (all access policy descriptors are case-sensitive) Default Values By default, there are no configured access policies associated with an interface.
Command Reference Guide Ethernet Interface Configuration Command Set Usage Examples (Continued) Associate the access policy with the ethernet 0/1 interface: (config)# interface ethernet 0/1 (config-eth 0/1) access-policy UnTrusted Technology Review Creating access policies and lists to regulate traffic through the routed network is a four-step process: Step 1: Enable the security features of the ADTRAN OS using the ip firewall command. Step 2: Create an access list to permit or deny specified traffic.
Ethernet Interface Configuration Command Set Command Reference Guide Technology Review (Continued) nat source list address overload All packets passed by the access list(s) entered will be modified to replace the source IP address with the entered IP address. The overload keyword allows multiple source IP addresses to be replaced with the single IP address entered. This hides private IP addresses from outside the local network.
Command Reference Guide Ethernet Interface Configuration Command Set arp arpa Use the arp arpa command to enable address resolution protocol on the Ethernet interface. Syntax Description arpa Keyword used to set standard address resolution protocol for this interface. Default Values The default for this command is arpa. Command Modes (config-eth 0/1)# Ethernet Interface Configuration Mode Command History Release 3.
Ethernet Interface Configuration Command Set Command Reference Guide bandwidth Use the bandwidth command to provide the bandwidth value of an interface to the higher-level protocols. This value is used in cost calculations. Use the no form of this command to restore the default values. Syntax Description Enter bandwidth in kbps. Default Values To view default values use the show interfaces command.
Command Reference Guide Ethernet Interface Configuration Command Set bridge-group Use the bridge-group command to assign an interface to the specified bridge group. This command is supported on all Ethernet interfaces, PPP virtual interfaces, and frame relay virtual sub-interfaces. Use the no form of this command to remove the interface from the bridge group.
Ethernet Interface Configuration Command Set Command Reference Guide bridge-group path-cost Use the bridge-group path-cost command to assign a cost to a bridge group that is used when computing the spanning-tree root path. To return to the default path-cost value, use the no form of this command.
Command Reference Guide Ethernet Interface Configuration Command Set bridge-group priority Use the bridge-group priority command to select the priority level of a port associated with a bridge. To return to the default bridge-group priority value, use the no version of this command.
Ethernet Interface Configuration Command Set Command Reference Guide bridge-group spanning-disabled Use the bridge-group spanning-disabled command to transparently bridge two interfaces on a network (that have no parallel paths) without the overhead of spanning-tree protocol calculations. To enable the spanning-tree protocol on an interface, use the no form of this command.
Command Reference Guide Ethernet Interface Configuration Command Set crypto map Use the crypto map command to associate crypto maps with the interface. When you apply a map to an interface, you are applying all crypto maps with the given map name. This allows you to apply multiple crypto maps if you have created maps which share the same name but have different map index numbers.
Ethernet Interface Configuration Command Set Command Reference Guide Functional Notes When configuring a system to use both the stateful inspection firewall and IKE negotiation for VPN, keep the following notes in mind. When defining the policy-class and associated access-control lists (ACLs) that describe the behavior of the firewall, do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system.
Command Reference Guide Ethernet Interface Configuration Command Set full-duplex Use the full-duplex command to configure the Ethernet interface for full-duplex operation. This allows the interface to send and receive simultaneously. Use the no form of this to return to the default half-duplex operation. Syntax Description No subcommands Default Values By default, all Ethernet interfaces are configured for half-duplex operation.
Ethernet Interface Configuration Command Set Command Reference Guide half-duplex Use the half-duplex command to configure the Ethernet interface for half-duplex operation. This setting allows the Ethernet interface to either send or receive at any given moment, but not simultaneously. Use the no form of this command to disable half-duplex operation. Syntax Description No subcommands Default Values By default, all Ethernet interfaces are configured for half-duplex operation.
Command Reference Guide Ethernet Interface Configuration Command Set ip access-group [in | out] Use the ip access-group command to create an access list to be used for packets transmitted to/from the asynchronous host. Use the no form of this command to disable this type of control. Syntax Description listname Assigned IP access list name. in Enables access control on packets transmitted from the host. out Enables access control on packets sent to the host.
Ethernet Interface Configuration Command Set Command Reference Guide ip address dhcp Use the ip address dhcp command to use Dynamic Host Configuration Protocol (DHCP) to obtain an address on the Ethernet interface. Use the no form of this command to remove a configured IP address (using DHCP) and disable DHCP operation on the interface.
Command Reference Guide Ethernet Interface Configuration Command Set Default Values (Continued) interface using four hexadecimal bytes. For example, a virtual frame relay interface labeled 1 would have a FR_PORT# of 00:00:00:01. The Q.922 ADDRESS field is populated using the following: 8 7 6 5 4 3 DLCI (high order) DLCI (lower) FECN BECN 2 1 C/R EA DE EA Where the FECN, BECN, C/R, DE, and high order EA bits are assumed to be 0 and the lower order extended address (EA) bit is set to 1.
Ethernet Interface Configuration Command Set Command Reference Guide Usage Examples The following example enables DHCP operation on Ethernet interface 0/1: (config)# interface eth 0/1 (config-eth 0/1)# ip address dhcp 308 © 2003 ADTRAN, Inc.
Command Reference Guide Ethernet Interface Configuration Command Set ip address
secondary Use the ip address command to define an IP address on the specified interface. Use the optional secondary keyword to define a secondary IP address. Use the no form of this command to remove a configured IP address. Syntax Description Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101).Ethernet Interface Configuration Command Set Command Reference Guide ip dhcp release Use the ip dhcp release command to transmit a message to the DHCP server requesting termination of the IP address lease on that interface. If you are currently connected to the unit using a Telnet session through the Ethernet interface, using the ip dhcp release command will terminate your Telnet session and render your Telnet capability inoperable until a new IP address is assigned by the DHCP server.
Command Reference Guide Ethernet Interface Configuration Command Set ip dhcp renew Use the ip dhcp renew command to transmit a message to the DHCP server requesting renewal of the IP address lease on that interface. Default Values No defaults necessary for this command. Command Modes (config-eth 0/1)# Ethernet Interface Configuration Mode required Command History Release 2.
Ethernet Interface Configuration Command Set Command Reference Guide ip helper-address
Use the ip helper-address command to configure the ADTRAN OS to forward User Datagram Protocol (UDP) broadcast packets received on the interface. Use the no form of this command to disable forwarding packets. The ip helper command must be used in conjunction with the ip forward-protocol command to configure the ADTRAN OS to forward UDP broadcast packets.Command Reference Guide Ethernet Interface Configuration Command Set Usage Examples The following example forwards all DNS broadcast traffic to the DNS server with IP address 192.33.5.99: (config)# ip forward-protocol udp domain (config)# interface eth 0/1 (config-eth 0/1)# ip helper-address 192.33.5.99 61950860L1-35D © 2003 ADTRAN, Inc.
Ethernet Interface Configuration Command Set Command Reference Guide ip ospf Use the ip ospf command to customize OSPF settings (if needed). Syntax Description authentication-key Assign a simple-text authentication password to be used by other routers using the OSPF simple password authentication. cost Specify the OSPF cost of sending a packet on the interface. This value overrides any computed cost value. Range: 1-65535.
Command Reference Guide Ethernet Interface Configuration Command Set ip ospf authentication [message-digest | null] Use the ip ospf authentication command to authenticate an interface that is performing OSPF authentication. Syntax Description message-digest *Optional Select message-digest authentication type. null *Optional Select for no authentication to be used. Default Values By default, this is set to null (meaning no authentication is used).
Ethernet Interface Configuration Command Set Command Reference Guide ip ospf network [broadcast | point-to-point] Use the ip ospf network command to specify the type of network on this interface. Syntax Description broadcast Set the network type for broadcast. point-to-point Set the network type for point-to-point. Default Values By default, Ethernet defaults to broadcast. PPP and frame relay default to point-to-point.
Command Reference Guide Ethernet Interface Configuration Command Set ip proxy-arp Use the ip proxy-arp to enable proxy Address Resolution Protocol (ARP) on the interface. Use the no form of this command to disable this feature. Syntax Description
Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101) Specifies the subnet mask that corresponds to the listed IP address Default Values By default, proxy arp is enabled.Ethernet Interface Configuration Command Set Command Reference Guide ip rip receive version Use the ip rip receive version command to configure the RIP version the unit accepts in all RIP packets received on the interface.
Command Reference Guide Ethernet Interface Configuration Command Set ip rip send version Use the ip rip send version command to configure the RIP version the unit sends in all RIP packets transmitted on the interface. Syntax Description Specifies the RIP version 1 Only transmits RIP version 1 packets on the interface 2 Only transmits RIP version 2 packets on the interface Default Values By default, all interfaces transmit RIP version 1 (the default value for the version command).
Ethernet Interface Configuration Command Set Command Reference Guide ip route-cache Use the ip route-cache command to enable fast-cache switching on the interface. Use the no form of this command to disable fast-cache switching and return to process switching mode. Using Network Address Translation (NAT) or the ADTRAN OS firewall capabilities on an interface requires process switching mode (using the no ip route-cache command). Syntax Description No subcommands.
Command Reference Guide Ethernet Interface Configuration Command Set ip unnumbered Use the ip unnumbered command to use the IP address assigned to the specified interface for all IP processing on the active interface. Use the no form of this command to remove the unnumbered configuration.
Ethernet Interface Configuration Command Set Command Reference Guide mac-address
Use the mac-address command to specify the Media Access Control (MAC) address of the unit. Only the last three values of the MAC address can be modified. The first three values are read-only and contain the ADTRAN reserved number (00:0A:C8). Use the no form of this command to return to the default MAC address programmed by ADTRAN.Command Reference Guide Ethernet Interface Configuration Command Set mtu Use the mtu command to configure the maximum transmit unit (MTU) size for the active interface. Use the no form of this command to return to the default value. Syntax Description Configures the window size for transmitted packets. The valid ranges for the various interfaces are listed below: Ethernet (eth 0/1) 64 to 1500 virtual frame relay sub-interfaces (fr 1.
Ethernet Interface Configuration Command Set Command Reference Guide snmp trap Use the snmp trap command to enable all supported Simple Network Management Protocol (SNMP) traps on the interface. Syntax Description No subcommands Default Values By default, all interfaces (except virtual frame relay interfaces and sub-interfaces) have SNMP traps enabled.
Command Reference Guide Ethernet Interface Configuration Command Set speed Use the speed command to configure the speed of an Ethernet interface. Use the no form of this command to return to the default value.
DDS Interface Configuration Command Set Command Reference Guide DDS INTERFACE CONFIGURATION COMMAND SET To activate the DDS Interface Configuration command set, enter the interface dds command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface dds 1/1 Router(config-dds 1/1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide DDS Interface Configuration Command Set clock rate Use the clock rate command to configure the data rate used as the operating speed for the interface. This rate should match the rate required by the DDS service provider. Use the no form of this command to return to the default value.
DDS Interface Configuration Command Set Command Reference Guide clock source
Command Reference Guide DDS Interface Configuration Command Set data-coding scrambled Use the data-coding scrambled command to enable the ADTRAN OS scrambler to combine user data with pattern data to ensure user data does not mirror standard DDS loop codes. The scrambler may only be used on 64 kbps circuits without frame relay signaling (clear channel). Syntax Description No subcommands Default Values By default, the scrambler is disabled.
DDS Interface Configuration Command Set Command Reference Guide loopback [ dte | line | remote ] Use the loopback command to initiate a specified loopback on the interface. Use the no form of this command to deactivate the loop. Syntax Description dte Initiates a loop to connect the transmit and receive path through the unit. line Initiates a loop of the DDS circuit towards the network by connecting the transmit path to the receive path.
Command Reference Guide DDS Interface Configuration Command Set remote-loopback Use the remote-loopback command to configure the interface to respond to loopbacks initiated by a remote unit (or the service provider). Use the no form of this command to disable this feature. Syntax Description No subcommands. Default Values By default, all interfaces respond to remote loopbacks.
DDS Interface Configuration Command Set Command Reference Guide snmp trap Use the snmp trap command to enable all supported Simple Network Management Protocol (SNMP) traps on the interface. Syntax Description No subcommands Default Values By default, all interfaces (except virtual frame relay interfaces and sub-interfaces) have SNMP traps enabled.
Command Reference Guide DDS Interface Configuration Command Set snmp trap link-status Use the snmp trap link-status command to control the SNMP variable that enables (or disables) the interface to send SNMP traps when there is an interface status change (ifLinkUpDownTrapEnable of RFC 2863). Use the no form of this command to disable this trap.
T1 Interface Configuration Command Set Command Reference Guide T1 INTERFACE CONFIGURATION COMMAND SET To activate the T1 Interface Configuration command set, enter the interface t1 command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface t1 1/1 Router(config-t1 1/1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide T1 Interface Configuration Command Set clock source
T1 Interface Configuration Command Set Command Reference Guide coding [ ami | b8zs ] Use the coding command to configure the line coding for a T1 or DSX-1 physical interface. This setting must match the line coding supplied on the circuit by the provider. Syntax Description ami Configures the line coding for alternate mark inversion. b8zs Configures the line coding for bipolar eight zero substitution. Default Values By default, all T1 interfaces are configured with B8ZS line coding.
Command Reference Guide T1 Interface Configuration Command Set fdl [ ansi | att | none ] Use the fdl command to configure the format for the facility data link channel on the T1 circuit. FDL channels are only available on point-to-point circuits. Use the no form of this command to return to the default value. Syntax Description ansi Configures the FDL for ANSI T1.
T1 Interface Configuration Command Set Command Reference Guide framing [ d4 | esf ] Use the framing command to configure the framing format for the T1 or DSX-1 interface. This parameter should match the framing format supplied by your network provider. Use the no form of this command to return to the default value. Syntax Description d4 D4 superframe format (SF) esf Extended SF Default Values esf Command Modes (config-t1 1/1)# T1 or DSX-1 Interface Configuration Mode required.
Command Reference Guide T1 Interface Configuration Command Set lbo Use the lbo command to set the line build out (in dB) for the T1 interface. Use the no form of this command to return to the default value Syntax Description Configures the line build out for the T1 interface Valid options include: 0, -7.5, -15, and -22.5 dB Default Values 0 dB Command Modes (config-t1 1/1)# T1 Interface Configuration Mode required Command History Release 1.
T1 Interface Configuration Command Set Command Reference Guide loopback network [ line | payload ] Use the loopback network command to initiate a loopback on the interface toward the network. Use the no form of this command to deactivate the loopback. Syntax Description line Initiates a metallic loopback of the physical T1 network interface. payload Initiates a loopback of the T1 framer (CSU portion) of the T1 network interface. Default Values No default necessary for this command.
Command Reference Guide T1 Interface Configuration Command Set loopback remote line [ fdl | inband ] Use the loopback remote line command to send a loopback code to the remote unit to initiate a line loopback. Use the no form of this command to send a loopdown code to the remote unit to deactivate the loopback. Syntax Description fdl Uses the facility data link (FDL) to initiate a full 1.544 Mbps loopback of the signal received by the remote unit from the network.
T1 Interface Configuration Command Set Command Reference Guide loopback remote payload Use the loopback remote payload command to send a loopback code to the remote unit to initiate a payload loopback. A payload loopback is a 1.536 Mbps loopback of the payload data received from the network maintaining bit-sequence integrity for the information bits by synchronizing (regenerating) the timing. Use the no form of this command to send a loopdown code to the remote unit to deactivate the loopback.
Command Reference Guide T1 Interface Configuration Command Set remote-loopback Use the remote-loopback command to configure the interface to respond to loopbacks initiated by a remote unit (or the service provider). Use the no form of this command to disable this feature. Syntax Description No subcommands. Default Values By default, all interfaces respond to remote loopbacks.
T1 Interface Configuration Command Set Command Reference Guide show [ p511 ] Use the show command to display the current status of T1 tests, including information regarding loopbacks and test patterns. Syntax Description p511 511-bit repeating pattern of ones and zeros Default Values No defaults required for this command. Command Modes (config-t1 1/1)# T1 Interface Configuration Mode required (does not apply to DSX-1 interfaces) Command History Release 2.
Command Reference Guide T1 Interface Configuration Command Set snmp trap line-status Use the snmp trap line-status command to control the Simple Network Management Protocol (SNMP) variable dsx1LineStatusChangeTrapEnable (RFC 2495) to enable (or disable) the interface to send SNMP traps when there is an interface status change. The dsx1LineStatusChangeTrapEnable variable is set to enabled by default.
T1 Interface Configuration Command Set Command Reference Guide snmp trap link-status Use the snmp trap link-status to control the SNMP variable ifLinkUpDownTrapEnable (RFC 2863) to enable (or disable) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap. Syntax Description No subcommands Default Values By default, the ifLinkUpDownTrapEnable OID is set to enabled for all interfaces except virtual frame relay interfaces.
Command Reference Guide T1 Interface Configuration Command Set tdm-group timeslots <1-24> speed [56 | 64] Use the tdm-group command to create a group of contiguous DS0s on this interface to be used during the cross-connect process. See cross-connect <#> on page 147 for related information. Changing tdm-group settings could potentially result in service interruption.
T1 Interface Configuration Command Set Command Reference Guide test-pattern [ones | zeros | clear | insert | p511] Use the test-pattern command to activate the built-in pattern generator and begin sending the specified test pattern. This pattern generation can be used to verify a data path when used in conjunction with an active loopback. Use the no form of this command to cease pattern generation. Syntax Description ones Generate continous ones. zeros Generate continous zeros.
Command Reference Guide DSX-1 Interface Configuration Command Set DSX-1 INTERFACE CONFIGURATION COMMAND SET To activate the DSX-1 Interface Configuration command set, enter the interface t1 command (and specify the DSX-1 port) at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface t1 1/2 Router(config-t1 1/2)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
DSX-1 Interface Configuration Command Set Command Reference Guide coding [ ami | b8zs ] Use the coding command to configure the line coding for a T1 or DSX-1 physical interface. This setting must match the line coding supplied on the circuit by the PBX. Syntax Description ami Configures the line coding for alternate mark inversion. b8zs Configures the line coding for bipolar eight zero substitution. Default Values By default, all T1 interfaces are configured with B8ZS line coding.
Command Reference Guide DSX-1 Interface Configuration Command Set framing [ d4 | esf ] Use the framing command to configure the framing format for the DSX-1 interface. This parameter should match the framing format set on the external device. Use the no form of this command to return to the default value. Syntax Description d4 D4 superframe format (SF) esf Extended superframe format Default Values esf Command Modes (config-t1 1/1)# T1 or DSX-1 Interface Configuration Mode required.
DSX-1 Interface Configuration Command Set Command Reference Guide line-length Use the line-length command to set the line build out (in feet or dB) for the DSX-1 interface. Use the no form of this command to return to the default value. Syntax Description Configures the line build out for the DSX-1 interface Valid options include: -7.
Command Reference Guide DSX-1 Interface Configuration Command Set loopback network [ line | payload ] Use the loopback network command to initiate a loopback on the interface toward the network. Use the no form of this command to deactivate the loopback. Syntax Description line Initiates a metallic loopback of the physical T1 network interface payload Initiates a loopback of the T1 framer (CSU portion) of the T1 network interface Default Values No default necessary for this command.
DSX-1 Interface Configuration Command Set Command Reference Guide loopback remote line inband Use the loopback remote line inband command to send a loopback code to the remote unit to initiate a line loopback. Use the no form of this command to send a loopdown code to the remote unit to deactivate the loopback. Syntax Description inband Uses the inband channel to initiate a full 1.544 Mbps physical loopback (metallic loopback) of the signal received from the network.
Command Reference Guide DSX-1 Interface Configuration Command Set remote-loopback Use the remote-loopback command to configure the interface to respond to loopbacks initiated by a remote unit (or the service provider). Use the no form of this command to disable this feature. Syntax Description No subcommands. Default Values By default, all interfaces respond to remote loopbacks. Command Modes (config-t1 1/1)# T1, DSX-1, or DDS Interface Configuration Mode required.
DSX-1 Interface Configuration Command Set Command Reference Guide signaling-mode [ message-oriented | none | robbed-bit ] Use the signaling-mode command to configure the signaling type (robbed-bit for voice or clear channel for data) for the DS0s mapped to the DSX-1 port. Syntax Description message-oriented Clear channel signaling on Channel 24 only. Use this signaling type with QSIG installations. none Clear channel signaling on all 24 DS0s.
Command Reference Guide DSX-1 Interface Configuration Command Set snmp trap line-status Use the snmp trap line-status command to control the Simple Network Management Protocol (SNMP) variable dsx1LineStatusChangeTrapEnable (RFC 2495) to enable (or disable) the interface to send SNMP traps when there is an interface status change. The dsx1LineStatusChangeTrapEnable variable is set to enabled by default.
DSX-1 Interface Configuration Command Set Command Reference Guide snmp trap link-status Use the snmp trap link-status to control the SNMP variable ifLinkUpDownTrapEnable (RFC 2863) to enable (or disable) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap. Syntax Description No subcommands Default Values By default, the ifLinkUpDownTrapEnable OID is set to enabled for all interfaces except virtual frame relay interfaces.
Command Reference Guide DSX-1 Interface Configuration Command Set test-pattern [ones | zeros] Use the test-pattern command to activate the built-in pattern generator and begin sending the specified test pattern. This pattern generation can be used to verify a data path when used in conjunction with an active loopback. Use the no form of this command to cease pattern generation.
Serial Interface Configuration Command Set Command Reference Guide SERIAL INTERFACE CONFIGURATION COMMAND SET To activate the Serial Interface Configuration command set, enter the interface serial command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface serial 1/1 Router(config-ser 1/1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Serial Interface Configuration Command Set et-clock-source Use the et-clock-source command to configure the clock source used when creating the external transmit (reference clock). Use the no form of this command to return to the default value. Syntax Description Specifies the signal source to use when creating the External Transmit reference clock (et-clock). rxclock Use the clock recovered from the receive signal to generate et-clock.
Serial Interface Configuration Command Set Command Reference Guide ignore dcd Use the ignore dcd command to specify the behavior of the serial interface when the Data Carrier Detect (DCD) signal is lost. Use the no form of this command to return to the default value. Syntax Description No subcommands. Default Values By default, the serial interface does not ignore a change in status of the DCD signal. Command Modes (config-ser 1/1)# Serial Interface Configuration Mode Command History Release 1.
Command Reference Guide Serial Interface Configuration Command Set invert etclock Use the invert etclock command to configure the serial interface to invert the External Transmit (reference clock) in the data stream before transmitting. Use the no form of this command to return to the default value. Syntax Description No subcommands. Default Values By default, the serial interface does not invert etclock. Command Modes (config-ser 1/1)# Serial Interface Configuration Mode Command History Release 1.
Serial Interface Configuration Command Set Command Reference Guide invert rxclock Use the invert rxclock command to configure the serial interface to expect an inverted Receive Clock (found in the received data stream). Use the no form of this command to return to the default value. Syntax Description No subcommands. Default Values By default, the serial interface does not expect an inverted receive clock (rxclock).
Command Reference Guide Serial Interface Configuration Command Set invert txclock Use the invert txclock command to configure the serial interface to invert the Transmit Clock (found in the transmitted data stream) before sending the signal. Use the no form of this command to return to the default value. Syntax Description No subcommands. Default Values By default, the serial interface does not invert txclock.
Serial Interface Configuration Command Set Command Reference Guide serial-mode Use the serial-mode command to specify the electrical mode for the interface. Use the no form of this command to return to the default value. Syntax Description Specifies the electrical specifications for the interface V35 Configures the interface for use with the V.35 adapter cable (P/N 1200873L1) X21 Configures the interface for use with the X.
Command Reference Guide Serial Interface Configuration Command Set snmp trap Use the snmp trap command to enable all supported Simple Network Management Protocol (SNMP) traps on the interface. Syntax Description No subcommands Default Values By default, all interfaces (except virtual frame relay interfaces and sub-interfaces) have SNMP traps enabled.
Serial Interface Configuration Command Set Command Reference Guide snmp trap link-status Use the snmp trap link-status command to control the SNMP variable to enable (or disable) the interface to send SNMP traps when there is an interface status change (ifLinkUpDownTrapEnable per RFC 2863). Use the no form of this command to disable this trap.
Command Reference Guide SHDSL Interface Configuration Command Set SHDSL INTERFACE CONFIGURATION COMMAND SET To activate the SHDSL Interface Configuration command set, enter the interface shdsl command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface shdsl 1/1 Router(config-shdsl 1/1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
SHDSL Interface Configuration Command Set Command Reference Guide alarm-threshold [loop-attenuation | snr-margin] Use the alarm-threshold command to set thresholds for specific alarm conditions. Use the no form of this command to disable threshold settings. Syntax Description loop-attenuation Enter a value from 1-127 dB. If signal energy loss on the loop exceeds the configured value, the router issues an alarm. snr-margin Signal-to-noise ratio margin. Enter a value from 1-15 dB.
Command Reference Guide SHDSL Interface Configuration Command Set boot alternate-image Use the boot alternate-image command to execute new code after a firmware upgrade. Syntax Description No subcommands. Default Values No defaults necessary for this command. Command Modes (config-shdsl 1/1)# SHDSL Interface Configuration Mode required Command History Release 3.
SHDSL Interface Configuration Command Set Command Reference Guide equipment-type [co | cpe ] Use the equipment-type command to determine the operating mode for the SHDSL interface. Syntax Description co Use this option only in a campus environment when operating two SHDSL network interface modules (NIMs) back-to-back. In this setup, configure the Master NIM to co and the Slave NIM to cpe.
Command Reference Guide SHDSL Interface Configuration Command Set inband-detection Use the inband-detection enable inband loopback pattern detection on the SHDSL interface. Use the no form of this command to disable inband-detection. Syntax Description No subcommands Default Values By default, this command is enabled. Command Modes (config-shdsl 1/1)# SHDSL Interface Configuration Mode required Command History Release 4.
SHDSL Interface Configuration Command Set Command Reference Guide inband-protocol Use the inband-protocol command to designate the inband loopback pattern to send/detect on the SHDSL interface. Use the no form of this command to reset the inband-protocol to its default. Syntax Description pn127 Selects PN127 as the inband loopback pattern to send/detect. v54 Selects V.54 as the inband loopback pattern to send/detect. Default Values By default, the inband-protocol is set to v54.
Command Reference Guide SHDSL Interface Configuration Command Set linerate Use the linerate command to define the line rate for the SHDSL interface (the value includes 8 kbps of framing overhead). This command is functional only in CO operating mode (see the section equipment-type [co | cpe ] on page 372). The first two selections listed (72 and 136 kbps) are not supported by the SHDSL NIM (1200867L1). Syntax Description Enter the line rate in kbps.
SHDSL Interface Configuration Command Set Command Reference Guide loopback network Use the loopback network command to initiate a loopback test on the SHDSL interface, looping the data toward the network. Use the no form of this command to deactivate the loopback. Syntax Description No subcommands. Default Values No default necessary for this command. Command Modes (config-shdsl 1/1)# SHDSL Interface Configuration Mode required. Command History Release 3.
Command Reference Guide SHDSL Interface Configuration Command Set loopback remote Use the loopback remote command to send a loopback request to the remote unit. This command is functional only in CO operating mode (see the section equipment-type [co | cpe ] on page 372). Use the no form of this command to send a loopdown code to the remote unit to deactivate the loopback. Syntax Description No subcommands. Default Values No defaults necessary for this command.
SHDSL Interface Configuration Command Set Command Reference Guide outage-retrain Use the outage-retrain command to cause the SHDSL interface to force the SHDSL retrain sequence (which takes the line down temporarily) if the interface detects more than ten consecutive errored seconds. A retrain is forced in hopes that the newly retrained line will attain better performance that the previous training state. Use the no version of the command to disable this feature. Syntax Description No subcommands.
Command Reference Guide SHDSL Interface Configuration Command Set snmp trap Use the snmp trap command to enable all supported Simple Network Management Protocol (SNMP) traps for the SHDSL interface. Syntax Description No subcommands Default Values By default, all interfaces (except virtual frame relay interfaces and sub-interfaces) have SNMP traps enabled.
SHDSL Interface Configuration Command Set Command Reference Guide snmp trap link-status Use the snmp trap link-status command to control the SNMP variable ifLinkUpDownTrapEnable (RFC 2863), which enables (or disables) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap.
Command Reference Guide SHDSL Interface Configuration Command Set test-pattern Use the test-pattern command to activate the built-in pattern generator and begin sending the 2^15 test pattern toward the network. This pattern generation can be used to verify a data path when used in conjunction with an active loopback. Use the no form of this command to cease pattern generation. Syntax Description 2^15 Sends a 2^15 test pattern toward the network.
Modem Interface Configuration Command Set Command Reference Guide MODEM INTERFACE CONFIGURATION COMMAND SET To activate the Modem Interface Configuration command set, enter the interface modem command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface modem 1/2 Router(config-modem 1/2)# The modem interface number in the example above is shown as modem 1/2.
Command Reference Guide Modem Interface Configuration Command Set dialin Use the dialin command to enable the modem for remote console dialin, disabling the use of the modem for dial-backup. Syntax Description No subcommands. Default Values By default, dialin is disabled. Command Modes (config-modem 1/2)# Modem Interface Configuration Mode Command History Release 3.
Modem Interface Configuration Command Set Command Reference Guide iq-handshake Use the iq-handshake command for dial-backup with the ADTRAN IQ and Express family products. Using the iq-handshake command enables the association of incoming calls with packet endpoints (in cases where there is a single call-in number (hunt group) and no Caller ID information available). Use the no form of this command to disable the IQ handshake.
Command Reference Guide BRI Interface Configuration Command Set BRI INTERFACE CONFIGURATION COMMAND SET To activate the BRI Interface Configuration command set, enter the interface bri command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface bri 1/2 Router(config-bri 1/2)# The BRI interface number in the example above is shown as bri 1/2.
BRI Interface Configuration Command Set Command Reference Guide bonding txadd-timer Use the bonding txadd-timer command to specify the value (in seconds) for the aggregate call connect timeout. Use the no form of this command to return to the default value.
Command Reference Guide BRI Interface Configuration Command Set bonding txcid-timer Use the bonding txcid-timer command to specify the value (in seconds) for the bearer channel (B-channel) negotiation timeout. Use the no form of this command to return to the default value.
BRI Interface Configuration Command Set Command Reference Guide bonding txdeq-timer Use the bonding txdeq-timer command to specify the value (in seconds) for the network delay equalization timeout. Use the no form of this command to return to the default value.
Command Reference Guide BRI Interface Configuration Command Set bonding txfa-timer Use the bonding txfa-timer command to specify the value (in seconds) for the frame pattern detection timeout. Use the no form of this command to return to the default value.
BRI Interface Configuration Command Set Command Reference Guide bonding txinit-timer Use the bonding txinit-timer command to specify the value (in seconds) for the originating endpoint negotiation timeout. Use the no form of this command to return to the default value.
Command Reference Guide BRI Interface Configuration Command Set bonding txnull-timer Use the bonding txnull-timer command to specify the value (in seconds) for the answering endpoint negotiation timeout. Use the no form of this command to return to the default value.
BRI Interface Configuration Command Set Command Reference Guide iq-handshake Use the iq-handshake command for dial-backup operation with ADTRAN IQ and Express family products. Using the iq-handshake command enables the association of incoming calls with packet endpoints (in cases where there is a single call-in number (hunt group) and no Caller ID information available). Use the no form of this command to disable the IQ handshake.
Command Reference Guide BRI Interface Configuration Command Set isdn spid1 Use the isdn spid1 command to specify the Service Profile Identifiers (SPIDs). Use the no form of this command to remove a configured SPID. The BRI Module requires all incoming calls to be directed to the Local Directory Number (LDN) associated with the SPID programmed using the isdn spid1 command. All calls to the LDN associated with SPID 2 will be rejected (unless part of a BONDing call).
BRI Interface Configuration Command Set Command Reference Guide Usage Examples The following example defines a SPID of 704 555 1111 0101 with an LDN of 555-1111: (config)# interface bri 1/2 (config-bri 1/2)# isdn spid1 70455511110101 5551111 394 © 2003 ADTRAN, Inc.
Command Reference Guide BRI Interface Configuration Command Set isdn spid2 Use the isdn spid2 command to specify the Service Profile Identifiers (SPIDs). Use the no form of this command to remove a configured SPID. The BRI Module requires all incoming calls to be directed to the Local Directory Number (LDN) associated with the SPID programmed using the isdn spid1 command. All calls to the LDN associated with SPID 2 will be rejected (unless part of a BONDing call).
BRI Interface Configuration Command Set Command Reference Guide Usage Examples The following example defines a SPID of 704 555 1111 0101: (config)# interface bri 1/2 (config-bri 1/2)# isdn spid2 70455511110101 5551111 396 © 2003 ADTRAN, Inc.
Command Reference Guide BRI Interface Configuration Command Set isdn switch-type Use the isdn switch-type command to specify the ISDN signaling type configured on the Basic Rate ISDN (BRI) interface. The type of ISDN signaling implemented on the BRI interface does not always match the manufacturer of the Central Office Switch. Use the no form of this command to return to the default value.
Frame Relay Interface Config Command Set Command Reference Guide FRAME RELAY INTERFACE CONFIG COMMAND SET To activate the Frame Relay Interface Configuration command set, enter the interface frame-relay command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface frame-relay 1 Router(config-fr 1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Frame Relay Interface Config Command Set encapsulation frame-relay ietf Use the encapsulation frame-relay ietf command to configure the encapsulation on a virtual frame relay interface as IETF (RFC 1490). Currently, this is the only encapsulation setting. Settings for this option must match the far-end router’s settings in order for the frame relay interface to become active. Syntax Description No subcommands.
Frame Relay Interface Config Command Set Command Reference Guide frame-relay intf-type Use the frame-relay intf-type command to define the frame relay signaling role needed for the endpoint. Use the no form of this command to return to the default value. Syntax Description Specifies the frame relay interface types as DTE, DCE, or NNI dce DCE or Network signaling role. Use this interface type when you need the unit to emulate the frame switch. dte DTE or User signaling role.
Command Reference Guide Frame Relay Interface Config Command Set frame-relay lmi-n391dce Use the frame-relay lmi-n391dce command to set the n391 full status polling counter for the DCE endpoint. Typical applications should leave the default value for this timer. Use the no form of this command to return to the default value.
Frame Relay Interface Config Command Set Command Reference Guide frame-relay lmi-n391dte Use the frame-relay lmi-n391dte command to set the N391 full status polling counter for the DTE endpoint. Typical applications should leave the default value for this timer. Use the no form of this command to return to the default value.
Command Reference Guide Frame Relay Interface Config Command Set frame-relay lmi-n392dce Use the frame-relay lmi-n392dce command to set the N392 error threshold for the DCE endpoint. Typical applications should leave the default value for this setting. Use the no form of this command to return to the default value.
Frame Relay Interface Config Command Set Command Reference Guide frame-relay lmi-n392dte Use the frame-relay lmi-n392dte command to set the N392 error threshold for the DTE endpoint. Typical applications should leave the default value for this setting. Use the no form of this command to return to the default value.
Command Reference Guide Frame Relay Interface Config Command Set frame-relay lmi-n393dce Use the frame-relay lmi-n393dce to set the N393 LMI monitored event counter for the DCE endpoint. Typical applications should leave the default value for this counter. Use the no form of this command to return to the default value.
Frame Relay Interface Config Command Set Command Reference Guide frame-relay lmi-n393dte Use the frame-relay lmi-n393dte command to set the N393 LMI monitored event counter for the DTE endpoint. Typical applications should leave the default value for this counter. Use the no form of this command to return to the default value.
Command Reference Guide Frame Relay Interface Config Command Set frame-relay lmi-t391dte Use the frame-relay lmi-t391dte command to set the T391 signal polling timer for the DTE endpoint. Typical applications should leave the default value for this timer. Use the no form of this command to return to the default value.
Frame Relay Interface Config Command Set Command Reference Guide frame-relay lmi-t392dce Use the frame-relay lmi-t392dce command to set the T392 polling verification timer for the DCE endpoint. Typical applications should leave the default value for this timer. Use the no form of this command to return to the default value.
Command Reference Guide Frame Relay Interface Config Command Set frame-relay lmi-type Use the frame-relay lmi-type command to define the frame relay signaling (LMI) type. Use the no form of the command to return to the default value. Syntax Description Sets the signaling type for the endpoint ansi Annex D signaling method auto Automatically determine signaling type by messages received on the frame circuit cisco Group of 4 signaling method none Turns off signaling on the endpoint.
Frame Relay Interface Config Command Set Command Reference Guide snmp trap Use the snmp trap command to enable all supported Simple Network Management Protocol (SNMP) traps on the interface. Syntax Description No subcommands Default Values By default, all interfaces (except virtual frame relay interfaces and sub-interfaces) have SNMP traps enabled.
Command Reference Guide Frame Relay Interface Config Command Set snmp trap link-status Use the snmp trap link-status command to control the SNMP variable ifLinkUpDownTrapEnable (RFC 2863), which enables (or disables) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap.
Frame Relay Sub-Interface Config Command Set Command Reference Guide FRAME RELAY SUB-INTERFACE CONFIG COMMAND SET To activate the Frame Relay Interface Configuration command set, enter the interface frame-relay command (and specify a sub-interface) at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface frame-relay 1.16 Router(config-fr 1.
Command Reference Guide Frame Relay Sub-Interface Config Command Set access-policy Use the access-policy command to assign a specified access policy for the inbound traffic on an interface. Use the no form of this command to remove an access policy association. Configured access policies will only be active if the ip firewall command has been entered at the Global Configuration Mode prompt to enable the ADTRAN OS security features.
Frame Relay Sub-Interface Config Command Set Command Reference Guide Usage Examples (Continued) Create the access list (this is the packet selector): (config)# ip access-list extended InWeb (config-ext-nacl)# permit tcp any host 63.12.5.253 eq 80 Create the access policy that contains the access list InWeb: (config)# ip policy-class UnTrusted (config-policy-class)# permit list InWeb Associate the access list with the ethernet 0/1 interface: (config)# interface frame-relay 1.16 (config-fr 1.
Command Reference Guide Frame Relay Sub-Interface Config Command Set Technology Review (Continued) allow list dest-policy All packets passed by the access list(s) entered and destined for the interface using the access policy listed will be permitted to enter the router system. This allows for configurations to permit packets to a single interface and not the entire system.
Frame Relay Sub-Interface Config Command Set Command Reference Guide bandwidth Use the bandwidth command to provide the bandwidth value of an interface to the higher-level protocols. This value is used in cost calculations. Use the no form of this command to restore the default values. Syntax Description Enter bandwidth in kbps. Default Values To view default values use the show interfaces command.
Command Reference Guide Frame Relay Sub-Interface Config Command Set bridge-group Use the bridge-group command to assign an interface to the specified bridge group. This command is supported on all Ethernet interfaces, PPP virtual interfaces, and frame relay virtual sub-interfaces. Use the no form of this command to remove the interface from the bridge group.
Frame Relay Sub-Interface Config Command Set Command Reference Guide bridge-group path-cost Use the bridge-group path-cost command to assign a cost to a bridge group that is used when computing the spanning-tree root path. To return to the default path-cost value, use the no form of this command.
Command Reference Guide Frame Relay Sub-Interface Config Command Set bridge-group priority Use the bridge-group priority command to select the priority level of a port associated with a bridge. To return to the default bridge-group priority value, use the no version of this command.
Frame Relay Sub-Interface Config Command Set Command Reference Guide bridge-group spanning-disabled Use the bridge-group spanning-disabled command to transparently bridge two interfaces on a network (that have no parallel or redundant paths) without the overhead of spanning-tree protocol calculations. To enable the spanning-tree protocol on an interface, use the no form of this command.
Command Reference Guide Frame Relay Sub-Interface Config Command Set crypto map Use the crypto map command to associate crypto maps with the interface. When you apply a map to an interface, you are applying all crypto maps with the given map name. This allows you to apply multiple crypto maps if you have created maps which share the same name but have different map index numbers.
Frame Relay Sub-Interface Config Command Set Command Reference Guide Functional Notes When configuring a system to use both the stateful inspection firewall and IKE negotiation for VPN, keep the following notes in mind. When defining the policy-class and associated access-control lists (ACLs) that describe the behavior of the firewall, do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup auto-backup Use the dial-backup auto-backup command to configure the sub-interface to automatically attempt a dial-backup upon failure. Syntax Description No subcommands. Default Values By default, all backup endpoints will automatically attempt dial-backup upon a failure. Command Modes (config-fr 1.16)# Virtual Frame Relay Sub-Interface Configuration Mode required Command History Release 1.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup auto-restore Use the dial-backup auto-restore command to configure the sub-interface to automatically discontinue dial backup when all network conditions are operational. Use the no form of this command to disable the auto-restore feature. Syntax Description No subcommands. Default Values By default, all backup endpoints will automatically restore the primary connection when the failure condition clears.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup backup-delay Use the dial-backup backup-delay command to configure the amount of time the router will wait after the failure condition is recognized before attempting to backup the link. Use the no form of this command to return to the default value.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup call-mode Use the dial-backup call-mode command to combine user data with pattern data to ensure data does not mirror standard DDS loop codes (use only on 64 kbps circuits without frame relay signaling). Use the no form of this command to return to the default value. Syntax Description Selects the role the router will take in backup of this sub-interface.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup connect-timeout Use the dial-backup connect-timeout command to specify the number of seconds to wait for a connection after a call is attempted before trying to call again or dialing a different number. It is recommended this number be greater than 60.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup force Use the dial-backup force command to manually override the automatic dial backup feature. This can be used to force a link into backup to allow maintenance to be performed on the primary link without disrupting data. Use the no form of this command to return to the normal dial-backup operation state. Syntax Description Selects the forced backup state of the sub-link.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup iq-handshake Use the dial-backup iq-handshake command for dial-backup operation with ADTRAN IQ and Express family products. Using the dial-backup iq-handshake command enables the association of incoming calls with packet endpoints in cases where there is a single call-in number (hunt group) and no Caller ID information available. Use the no form of this command to disable the IQ handshake.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup maximum-retry Use the dial-backup maximum-retry command to select the number of calls the router will make when attempting to backup a link. Use the no form of this command to return to the default state. Syntax Description Selects the number of call retries that will be made after a sub-link failure (valid range: 0 to 15).
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup number Use the dial-backup number command to configure the phone number and the call type the router will dial upon network failure. Multiple entries can be made for a sub-interface to allow alternate sites to be dialed.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup priority Use the dial-backup priority command to select the backup priority for this interface. Allows the user to establish the highest priority backup link and ensure that link will override backups attempted by lower priority links. Use the no form of this command to return to the default value. Syntax Description Sets the relative priority to this link (valid range: 0 to 100).
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup protocol Use the dial-backup protocol command to select the protocol to use over the backup link. Use the no form of this command to return to the default value. Syntax Description frame-relay The router will perform frame relay signaling on the backup link. This protocol is supported in all products using the ADTRAN OS as well as ADTRAN’s ATLAS IQ and Express series products.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup randomize-timers Use the dial-backup randomize-timers command to randomize the call timers to minimize potential contention for resources. Use the no form of this command to return to the default value. Syntax Description No subcommands. Default Values By default, the ADTRAN OS does not randomize the dial-backup call timers. Command Modes (config-fr 1.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup redial-delay Use the dial-backup redial-delay command to configure the delay after an unsuccessful call until the call will be re-tried. Syntax Description The delay is seconds between attempting to re-dial a failed backup attempt (valid range: 10 to 3600) Default Values 10 seconds Command Modes (config-fr 1.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup remote-dlci Use the dial-backup remote-dlci command to select the Data Link Connection Identifier (DLCI) for the remote unit. When backing up to an ADTRAN IQ device, the DLCI value should match the primary DLCI configured on the IQ unit. When backing up to another AOS device, the two AOS devices must have the same DLCI value entered for this command.
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup restore-delay Use the dial-backup restore-delay command to configure the amount of time the router will wait after the network is restored before disconnecting the backup link and reverting to the primary. This setting is used to prevent disconnecting the backup link if the primary link is “bouncing” in and out of alarm.
Frame Relay Sub-Interface Config Command Set Command Reference Guide dial-backup schedule Use the dial-backup schedule command to set the time of day that backup will be enabled. Use this command if backup is desired only during normal business hours and on specific days of the week. Use the no form of this command to disable dial-backup (as specified).
Command Reference Guide Frame Relay Sub-Interface Config Command Set dial-backup shutdown Use the dial-backup shutdown command to deactivate all dial-backup functionality in the unit. Dial-backup configuration parameters are kept intact, but the unit will not initiate (or respond) to dial-backup sequences in the event of a network outage. Use the no form of this command to reactivate the dial-backup interface. Syntax Description No subcommands.
Frame Relay Sub-Interface Config Command Set Command Reference Guide frame-relay bc Use the frame-relay bc command to set the bc (committed burst) value for a frame relay sublink. The value is in bits. The time interval is always one second, so this can also be considered bits per second. Shaping is performed on a sliding one-second window to make maximum use of configured bandwidth.
Command Reference Guide Frame Relay Sub-Interface Config Command Set frame-relay be Use the frame-relay be command to set the be (excessive burst) value for a frame relay sublink. The value is in bits. The time interval is always one second, so this can also be considered bits per second. Shaping is performed on a sliding one-second window to make maximum use of configured bandwidth. Note that when both bc and be are non-zero, shaping is performed on the virtual circuit.
Frame Relay Sub-Interface Config Command Set Command Reference Guide frame-relay interface-dlci Use the frame-relay interface-dlci command to configure the Data Link Connection Identifier (DLCI) for the frame relay sub-interface. This setting should match the DLCI supplied by your frame relay service provider. Use the no form of this command to remove the configured DLCI.
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip access-group [in | out] Use the ip access-group command to create an access list to be used for packets transmitted to/from the asynchronous host. Use the no form of this command to disable this type of control. Syntax Description listname Assigned IP access list name. in Enables access control on packets transmitted from the host. out Enables access control on packets sent to the host.
Frame Relay Sub-Interface Config Command Set Command Reference Guide ip address dhcp Use the ip address dhcp command to use Dynamic Host Configuration Protocol (DHCP) to obtain an address on the interface. Use the no form of this command to remove a configured IP address (using DHCP) and disable DHCP operation on the interface.
Command Reference Guide Frame Relay Sub-Interface Config Command Set Default Values (Continued) interface using four hexadecimal bytes. For example, a virtual frame relay interface labeled 1 would have a FR_PORT# of 00:00:00:01. The Q.922 ADDRESS field is populated using the following: 8 7 6 5 4 3 DLCI (high order) DLCI (lower) FECN BECN 2 1 C/R EA DE EA Where the FECN, BECN, C/R, DE, and high order EA bits are assumed to be 0 and the lower order extended address (EA) bit is set to 1.
Frame Relay Sub-Interface Config Command Set Command Reference Guide Usage Examples The following example enables DHCP operation on the virtual frame-relay interface (labeled 1.16): (config)# interface frame-relay 1.16 (config-fr 1.16)# ip address dhcp 446 © 2003 ADTRAN, Inc.
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip address
secondary Use the ip address command to define an IP address on the specified interface. Use the optional secondary keyword to define a secondary IP address. Use the no form of this command to remove a configured IP address. Syntax Description Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101).Frame Relay Sub-Interface Config Command Set Command Reference Guide ip dhcp [release | renew] Use the ip dhcp command to release or renew the DHCP IP address. This command is only applicable when using DHCP for IP address assignment. Syntax Description release Use this keyword to release DHCP IP address. renew Use this keyword to renew DHCP IP address. Default Values No default values required for this command.
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip helper-address
Use the ip helper-address command to configure the ADTRAN OS to forward User Datagram Protocol (UDP) broadcast packets received on the interface. Use the no form of this command to disable forwarding packets. The ip helper command must be used in conjunction with the ip forward-protocol command to configure the ADTRAN OS to forward UDP broadcast packets.Frame Relay Sub-Interface Config Command Set Command Reference Guide Usage Examples The following example forwards all DNS broadcast traffic to the DNS server with IP address 192.33.5.99: (config)# ip forward-protocol udp domain (config)# interface frame-relay 1.16 (config-fr 1.16)# ip helper-address 192.33.5.99 450 © 2003 ADTRAN, Inc.
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip ospf Use the ip ospf command to customize OSPF settings (if needed). Syntax Description authentication-key Assign a simple-text authentication password to be used by other routers using the OSPF simple password authentication. cost Specify the OSPF cost of sending a packet on the interface. This value overrides any computed cost value. Range: 1-65535.
Frame Relay Sub-Interface Config Command Set Command Reference Guide ip ospf authentication [message-digest | null] Use the ip ospf authentication command to authenticate an interface that is performing OSPF authentication. Syntax Description message-digest *Optional Select message-digest authentication type. null *Optional Select for no authentication to be used. Default Values By default, this is set to null (meaning no authentication is used).
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip ospf network [broadcast | point-to-point] Use the ip ospf network command to specify the type of network on this interface. Syntax Description broadcast Set the network type for broadcast. point-to-point Set the network type for point-to-point. Default Values By default, Ethernet defaults to broadcast. PPP and frame relay default to point-to-point.
Frame Relay Sub-Interface Config Command Set Command Reference Guide ip proxy-arp Use the ip proxy-arp to enable proxy Address Resolution Protocol (ARP) on the interface. Use the no form of this command to disable this feature. Syntax Description
Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101) Specifies the subnet mask that corresponds to the listed IP address Default Values By default, proxy arp is enabled.Command Reference Guide Frame Relay Sub-Interface Config Command Set ip rip receive version Use the ip rip receive version command to configure the RIP version the unit accepts in all RIP packets received on the interface. Use the no form of this command to restore the default value.
Frame Relay Sub-Interface Config Command Set Command Reference Guide ip rip send version Use the ip rip send version command to configure the RIP version the unit sends in all RIP packets transmitted on the interface. Use the no form of this command to restore the default value.
Command Reference Guide Frame Relay Sub-Interface Config Command Set ip route-cache
Use the ip route-cache command to enable fast-cache switching on the interface. Use the no form of this command to disable fast-cache switching and return to process switching mode. Using Network Address Translation (NAT) or the ADTRAN OS firewall capabilities on an interface requires process switching mode (using the no ip route-cache command). Syntax Description No subcommands.Frame Relay Sub-Interface Config Command Set Command Reference Guide ip unnumbered Use the ip unnumbered command to use the IP address assigned to the specified interface for all IP processing on the active interface. Use the no form of this command to remove the unnumbered configuration. Syntax Description Specifies the interface (in the format type slot/port) that contains the IP address to use as the source address for all packets transmitted on this interface.
Command Reference Guide Frame Relay Sub-Interface Config Command Set mtu Use the mtu command to configure the maximum transmit unit (MTU) size for the active interface. Use the no form of this command to return to the default value. Syntax Description Configures the window size for transmitted packets. The valid ranges for the various interfaces are listed below: Ethernet (eth 0/1) 64 to 1500 virtual frame relay sub-interfaces (fr 1.
PPP Interface Configuration Command Set Command Reference Guide PPP INTERFACE CONFIGURATION COMMAND SET To activate the PPP Interface Configuration command set, enter the interface ppp command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface ppp 1 Router(config-ppp 1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide PPP Interface Configuration Command Set access-policy Use the access-policy command to assign a specified access policy to an interface. Use the no form of this command to remove an access policy association. Syntax Description Alphanumeric descriptor for identifying the configured access policy. All access policy descriptors are case-sensitive. Default Values By default, there are no configured access policies associated with an interface.
PPP Interface Configuration Command Set Command Reference Guide Usage Examples (Continued) Associate the access list with the PPP virtual interface (labeled 1): (config)# interface ppp 1 (config-ppp 1)# access-policy UnTrusted Technology Review Creating access policies and lists to regulate traffic through the routed network is a four-step process: Step 1: Enable the security features of the ADTRAN OS using the ip firewall command. Step 2: Create an access list to permit or deny specified traffic.
Command Reference Guide PPP Interface Configuration Command Set Technology Review (Continued) nat source list address overload All packets passed by the access list(s) entered will be modified to replace the source IP address with the entered IP address. The overload keyword allows multiple source IP addresses to be replaced with the single IP address entered. This hides private IP addresses from outside the local network. This function is also known as “many-to-one NAT”.
PPP Interface Configuration Command Set Command Reference Guide alias link<“text”> Each configured PPP interface (when referenced using SNMP) contains a link (physical port) and a bundle (group of links). RFC 1471 (for Link Connection Protocol) provides an interface table to manage lists of bundles and associated links. The alias link command provides the management station an identifying description for each link (PPP physical).
Command Reference Guide PPP Interface Configuration Command Set bandwidth Use the bandwidth command to provide the bandwidth value of an interface to the higher-level protocols. This value is used in cost calculations. Use the no form of this command to restore the default values. Syntax Description Enter bandwidth in kbps. Default Values To view default values, use the show interfaces command.
PPP Interface Configuration Command Set Command Reference Guide bridge-group Use the bridge-group command to assign an interface to the specified bridge group. This command is supported on all Ethernet interfaces, PPP virtual interfaces, and frame relay virtual sub-interfaces. Syntax Description Bridge group number (1 to 255) specified using the bridge-group command Default Values By default, there are no configured bridge groups.
Command Reference Guide PPP Interface Configuration Command Set bridge-group spanning-disabled Use the bridge-group spanning-disabled command to transparently bridge two interfaces on a network (that have no parallel or redundant paths) without the overhead of spanning-tree protocol calculations. To enable the spanning-tree protocol on an interface, use the no form of this command.
PPP Interface Configuration Command Set Command Reference Guide crypto map Use the crypto map command to associate crypto maps with the interface. When you apply a map to an interface, you are applying all crypto maps with the given map name. This allows you to apply multiple crypto maps if you have created maps which share the same name but have different map index numbers.
Command Reference Guide PPP Interface Configuration Command Set Functional Notes When configuring a system to use both the stateful inspection firewall and IKE negotiation for VPN, keep the following notes in mind. When defining the policy-class and associated access-control lists (ACLs) that describe the behavior of the firewall, do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system.
PPP Interface Configuration Command Set Command Reference Guide ip access-group [in | out] Use the ip access-group command to create an access list to be used for packets transmitted to/from the asynchronous host. Use the no form of this command to disable this type of control. Syntax Description listname Assigned IP access list name. in Enables access control on packets transmitted from the host. out Enables access control on packets sent to the host.
Command Reference Guide PPP Interface Configuration Command Set ip address
secondary Use the ip address command to define an IP address on the specified interface. Use the optional secondary keyword to define a secondary IP address. Use the no form of this command to remove a configured IP address. Syntax Description Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101).PPP Interface Configuration Command Set Command Reference Guide ip helper-address
Use the ip helper-address command to configure the ADTRAN OS to forward User Datagram Protocol (UDP) broadcast packets received on the interface. Use the no form of this command to disable forwarding packets. The ip helper command must be used in conjunction with the ip forward-protocol command to configure the ADTRAN OS to forward UDP broadcast packets.Command Reference Guide PPP Interface Configuration Command Set Usage Examples The following example forwards all DNS broadcast traffic to the DNS server with IP address 192.33.5.99: (config)# ip forward-protocol udp domain (config)# interface ppp 1 (config-ppp 1)# ip helper-address 192.33.5.99 61950860L1-35D © 2003 ADTRAN, Inc.
PPP Interface Configuration Command Set Command Reference Guide ip ospf Use the ip ospf command to customize OSPF settings (if needed). Syntax Description authentication-key Assign a simple-text authentication password to be used by other routers using the OSPF simple password authentication. cost Specify the OSPF cost of sending a packet on the interface. This value overrides any computed cost value. Range: 1-65535.
Command Reference Guide PPP Interface Configuration Command Set ip ospf authentication [message-digest | null] Use the ip ospf authentication command to authenticate an interface that is performing OSPF authentication. Syntax Description message-digest *Optional Select message-digest authentication type. null *Optional Select for no authentication to be used. Default Values By default, this is set to null (meaning no authentication is used).
PPP Interface Configuration Command Set Command Reference Guide ip ospf network [broadcast | point-to-point] Use the ip ospf network command to specify the type of network on this interface. Syntax Description broadcast Set the network type for broadcast. point-to-point Set the network type for point-to-point. Default Values By default, Ethernet defaults to broadcast. PPP and frame relay default to point-to-point.
Command Reference Guide PPP Interface Configuration Command Set ip proxy-arp Use the ip proxy-arp to enable proxy Address Resolution Protocol (ARP) on the interface. Use the no form of this command to disable this feature. Syntax Description
Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101) Specifies the subnet mask that corresponds to the listed IP address Default Values By default, proxy-arp is enabled.PPP Interface Configuration Command Set Command Reference Guide ip rip receive version Use the ip rip receive version command to configure the RIP version the unit accepts in all RIP packets received on the interface. Use the no form of this command to restore the default value.
Command Reference Guide PPP Interface Configuration Command Set ip rip send version Use the ip rip send version command to configure the RIP version the unit sends in all RIP packets transmitted on the interface. Use the no form of this command to restore the default value.
PPP Interface Configuration Command Set Command Reference Guide ip route-cache Use the ip route-cache command to enable fast-cache switching on the interface. Use the no form of this command to disable fast-cache switching and return to process switching mode. Using Network Address Translation (NAT) or the ADTRAN OS firewall capabilities on an interface requires process switching mode (using the no ip route-cache command). Syntax Description No subcommands.
Command Reference Guide PPP Interface Configuration Command Set ip unnumbered Use the ip unnumbered command to use the IP address assigned to the specified interface for all IP processing on the active interface. Use the no form of this command to remove the unnumbered configuration. Syntax Description Specifies the interface (in the format type slot/port) that contains the IP address to use as the source address for all packets transmitted on this interface.
PPP Interface Configuration Command Set Command Reference Guide keepalive Use the keepalive command to enable the transmission of keepalive packets on the interface and specify the time interval in seconds between transmitted packets.
Command Reference Guide PPP Interface Configuration Command Set mtu Use the mtu command to configure the maximum transmit unit (MTU) size for the active interface. Use the no form of this command to return to the default value. Syntax Description Configures the window size for transmitted packets. The valid ranges for the various interfaces are listed below: Ethernet (eth 0/1) 64 to 1500 virtual frame relay sub-interfaces (fr 1.
PPP Interface Configuration Command Set Command Reference Guide peer default ip address
Use the peer default ip address command to specify the default IP address of the remote end of this interface. Syntax Description Specifies the default IP address for the remote end (A.B.C.D). Default Values By default, there is no assigned peer default IP address. Command Modes (config-ppp 1)# PPP Interface Configuration Mode required Command History Release 3.Command Reference Guide PPP Interface Configuration Command Set ppp authentication Use the ppp authentication command to specify the authentication protocol on the PPP virtual interface that the peer should use to authenticate itself.
PPP Interface Configuration Command Set Command Reference Guide Technology Review (Continued) Several example scenarios are given below for clarity. Configuring PAP Example 1: Only the local router requires the peer to authenticate itself.
Command Reference Guide PPP Interface Configuration Command Set Technology Review (Continued) Several example scenarios are given below for clarity. Configuring CHAP Example 1: Only the local router requires the peer to authenticate itself.
PPP Interface Configuration Command Set Command Reference Guide Technology Review (Continued) Configuring CHAP Example 3: Using the ppp chap hostname command as an alternate solution.
Command Reference Guide PPP Interface Configuration Command Set ppp chap hostname Use the ppp chap hostname command to configure an alternate hostname for CHAP PPP authentication. Use the no form of this command to remove a configured hostname. For more information on PAP and CHAP functionality, see the Technology Review section for the command ppp authentication on page 485.
PPP Interface Configuration Command Set Command Reference Guide ppp chap password Use the ppp chap password command to configure an alternate password when the peer requires CHAP PPP authentication. Use the no form of this command to remove a configured password. For more information on PAP and CHAP functionality, see the Technology Review section for the command ppp authentication on page 485.
Command Reference Guide PPP Interface Configuration Command Set ppp pap sent-username password Use the ppp pap sent-username/password command to configure a username and password when the peer requires PAP PPP authentication. Use the no form of this command to remove a configured password. For more information on PAP and CHAP functionality, see the Technology Review section for the command ppp authentication on page 485.
PPP Interface Configuration Command Set Command Reference Guide snmp trap link-status Use the snmp trap link-status command to control the SNMP variable that enables (or disables) the interface to send SNMP traps when there is an interface status change (ifLinkUpDownTrapEnable of RFC 2863). Use the no form of this command to disable this trap.
Command Reference Guide PPP Interface Configuration Command Set username password Configures the username and password of the peer to use for PPP authentication. Syntax Description Alphanumerical string up to 30 characters in length (the username is case-sensitive) Alphanumerical string up to 30 characters in length (the password is case-sensitive) Default Values By default, there is no established username and password.
Loopback Interface Configuration Command Set Command Reference Guide LOOPBACK INTERFACE CONFIGURATION COMMAND SET To activate the Loopback Interface Configuration command set, enter the interface loopback command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# interface loopback 1 Router(config-loop 1)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Loopback Interface Configuration Command Set access-policy Use the access-policy command to assign a specified access policy to an interface. Use the no form of this command to remove an access policy association. Syntax Description Alphanumeric descriptor for identifying the configured access policy (all access policy descriptors are case-sensitive). Default Values By default, there are no configured access policies associated with an interface.
Loopback Interface Configuration Command Set Command Reference Guide Usage Examples (Continued) Associate the access policy with the loopback interface: (config)# interface loopback 1 (config-loop 1) access-policy UnTrusted Technology Review Creating access policies and lists to regulate traffic through the routed network is a four-step process: Step 1: Enable the security features of the ADTRAN OS using the ip firewall command. Step 2: Create an access list to permit or deny specified traffic.
Command Reference Guide Loopback Interface Configuration Command Set Technology Review (Continued) nat source list address overload All packets passed by the access list(s) entered will be modified to replace the source IP address with the entered IP address. The overload keyword allows multiple source IP addresses to be replaced with the single IP address entered. This hides private IP addresses from outside the local network.
Loopback Interface Configuration Command Set Command Reference Guide bandwidth Use the bandwidth command to provide the bandwidth value of an interface to the higher-level protocols. This value is used in cost calculations. Use the no form of this command to restore the default values. Syntax Description Enter bandwidth in kbps. Default Values To view default values, use the show interfaces command.
Command Reference Guide Loopback Interface Configuration Command Set crypto map Use the crypto map command to associate crypto maps with the interface. When you apply a map to an interface, you are applying all crypto maps with the given map name. This allows you to apply multiple crypto maps if you have created maps which share the same name but have different map index numbers.
Loopback Interface Configuration Command Set Command Reference Guide Functional Notes When configuring a system to use both the stateful inspection firewall and IKE negotiation for VPN, keep the following information in mind: When defining the policy-class and associated access-control lists (ACLs) that describe the behavior of the firewall, do not forget to include the traffic coming into the system over a VPN tunnel terminated by the system.
Command Reference Guide Loopback Interface Configuration Command Set ip access-group [in | out] Use the ip access-group command to create an access list to be used for packets transmitted to/from the asynchronous host. Use the no form of this command to disable this type of control. Syntax Description listname Assigned IP access list name. in Enables access control on packets transmitted from the host. out Enables access control on packets sent to the host.
Loopback Interface Configuration Command Set Command Reference Guide ip address
secondary Use the ip address command to define an IP address on the specified interface. Use the optional secondary keyword to define a secondary IP address. Use the no form of this command to remove a configured IP address. Syntax Description Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101).Command Reference Guide Loopback Interface Configuration Command Set ip helper-address
Use the ip helper-address command to configure the ADTRAN OS to forward User Datagram Protocol (UDP) broadcast packets received on the interface. Use the no form of this command to disable forwarding packets. The ip helper command must be used in conjunction with the ip forward-protocol command to configure the ADTRAN OS to forward UDP broadcast packets.Loopback Interface Configuration Command Set Command Reference Guide Usage Examples The following example forwards all DNS broadcast traffic to the DNS server with IP address 192.33.5.99: (config)# ip forward-protocol udp domain (config)# interface loopback 1 (config-loop 1)# ip helper-address 192.33.5.99 504 © 2003 ADTRAN, Inc.
Command Reference Guide Loopback Interface Configuration Command Set ip ospf Use the ip ospf command to customize OSPF settings (if needed). Syntax Description authentication-key Assign a simple-text authentication password to be used by other routers using the OSPF simple password authentication. cost Specify the OSPF cost of sending a packet on the interface. This value overrides any computed cost value. Range: 1-65535.
Loopback Interface Configuration Command Set Command Reference Guide ip ospf authentication [message-digest | null] Use the ip ospf authentication command to authenticate an interface that is performing OSPF authentication. Syntax Description message-digest *Optional Select message-digest authentication type. null *Optional Select for no authentication to be used. Default Values By default, this is set to null (meaning no authentication is used).
Command Reference Guide Loopback Interface Configuration Command Set ip ospf network [broadcast | point-to-point] Use the ip ospf network command to specify the type of network on this interface. Syntax Description broadcast Set the network type for broadcast. point-to-point Set the network type for point-to-point. Default Values By default, Ethernet defaults to broadcast. PPP and frame relay default to point-to-point.
Loopback Interface Configuration Command Set Command Reference Guide ip proxy-arp Use the ip proxy-arp to enable proxy Address Resolution Protocol (ARP) on the interface. Use the no form of this command to disable this feature. Syntax Description
Defines the IP address for the interface in dotted decimal notation (for example: 192.22.73.101). Specifies the subnet mask that corresponds to the listed IP address. Default Values By default, proxy arp is enabled.Command Reference Guide Loopback Interface Configuration Command Set ip rip receive version Use the ip rip receive version command to configure the RIP version the unit accepts in all RIP packets received on the interface. Syntax Description Specifies the RIP version. 1 Only accept received RIP version 1 packets on the interface. 2 Only accept received RIP version 2 packets on the interface.
Loopback Interface Configuration Command Set Command Reference Guide ip rip send version Use the ip rip send version command to configure the RIP version the unit sends in all RIP packets transmitted on the interface. Syntax Description Specifies the RIP version. 1 Only transmits RIP version 1 packets on the interface. 2 Only transmits RIP version 2 packets on the interface.
Command Reference Guide Loopback Interface Configuration Command Set ip route-cache Use the ip route-cache command to enable fast-cache switching on the interface. Use the no form of this command to disable fast-cache switching and return to process switching mode. Using Network Address Translation (NAT) or the ADTRAN OS firewall capabilities on an interface requires process switching mode (using the no ip route-cache command). Syntax Description No subcommands.
Loopback Interface Configuration Command Set Command Reference Guide ip unnumbered Use the ip unnumbered command to use the IP address assigned to the specified interface for all IP processing on the active interface. Use the no form of this command to remove the unnumbered configuration.
Command Reference Guide Loopback Interface Configuration Command Set loopback remote inband Use the loopback remote inband command to inject the selected inband loop-up pattern into the data stream to cause a loopback at the far-end. Use the no form of this command to inject a loop-down pattern into the data stream to cause an existing inband loopback at the far-end to cease. Syntax Description No subcommands Default Values By default, this command is enabled.
Loopback Interface Configuration Command Set Command Reference Guide mtu Use the mtu command to configure the maximum transmit unit size for the active interface. Use the no form of this command to return to the default value. Syntax Description Configures the window size for transmitted packets. The valid ranges for the various interfaces are listed below: Ethernet (eth 0/1) 64 to 1500 virtual frame relay sub-interfaces (fr 1.
Command Reference Guide Loopback Interface Configuration Command Set snmp trap link-status Use the snmp trap link-status to control the SNMP variable ifLinkUpDownTrapEnable (RFC 2863) to enable (or disable) the interface to send SNMP traps when there is an interface status change. Use the no form of this command to disable this trap. Syntax Description No subcommands Default Values By default, the ifLinkUpDownTrapEnable OID is set to enabled for all interfaces except virtual frame relay interfaces.
Line (Console) Interface Config Command Set Command Reference Guide LINE (CONSOLE) INTERFACE CONFIG COMMAND SET To activate the Line (Console) Interface Configuration command set, enter the line console 0 command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# line console 0 Router(config-con 0)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Line (Console) Interface Config Command Set databits
Line (Console) Interface Config Command Set Command Reference Guide flowcontrol [none | software] Use the flowcontrol command to set flow control for the line console. Syntax Description none Set no flow control. software in Configure AOS to derive flow control from the attached device. Default Values By default, flow control is set to none. Command Modes (config-con 0)# Console Interface Configuration Mode required Command History Release 3.
Command Reference Guide Line (Console) Interface Config Command Set line-timeout Use the line-timeout command to specify the number of minutes a line session may remain inactive before the ADTRAN OS terminates the session. Use the no form of this command to return to the default value. Syntax Description Specifies the number of minutes a line session may remain inactive before the ADTRAN OS terminates the session Entering a line-timeout value of 0 disables the feature.
Line (Console) Interface Config Command Set Command Reference Guide login Use the login command to enable security login on the line session requiring the password configured using the password command. Use the no form of this command to disable the login feature. Syntax Description No subcommands. Default Values By default, there is no login password set for access to the unit.
Command Reference Guide Line (Console) Interface Config Command Set login local-userlist Use the login local-userlist command to enable security login for the terminal session requiring the usernames and passwords configured using the username/password Global Configuration command. Use the no form of this command to disable the login local-userlist feature. All user properties assigned using the username/password command are valid when using the login local-userlist command.
Line (Console) Interface Config Command Set Command Reference Guide parity
Command Reference Guide Line (Console) Interface Config Command Set password Use the password command to configure the password required on the line session when security login is enabled (using the login command). Use the no form of this command to remove a configured password. Syntax Description Alphanumeric character string (up to 16 characters) used to specify the password for the line session Default Values By default, there is no login password set for access to the unit.
Line (Console) Interface Config Command Set Command Reference Guide speed Use the speed command to specify the data rate for the CONSOLE port. This setting must match your VT100 terminal emulator or emulator software. Use the no form of this command to restore the default value. Syntax Description Rate of data transfer on the interface (2400, 4800, 9600, 19200, 38400, 57600, or 115200 bps).
Command Reference Guide Line (Console) Interface Config Command Set stopbits
Line (Telnet) Interface Config Command Set Command Reference Guide LINE (TELNET) INTERFACE CONFIG COMMAND SET To activate the Line (Telnet) Interface Configuration command set, enter the line telnet command specifying a Telnet session(s) at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# line telnet 0 4 Router(config-telnet0-4)# You can select a single line by entering the line telnet command followed by the line number (0-4).
Command Reference Guide Line (Telnet) Interface Config Command Set access-class in Use the access-class in command to restrict Telnet access using a configured access list. Received packets passed by the access list will be allowed. Use the access list configuration to deny hosts or entire networks or to permit specified IP addresses. Syntax Description Alphanumeric descriptor for identifying the configured access list (all access list descriptors are case-sensitive).
Line (Telnet) Interface Config Command Set Command Reference Guide line-timeout Use the line-timeout command to specify the number of minutes a line session may remain inactive before the ADTRAN OS terminates the session. Use the no form of this command to return to the default value. Syntax Description Specifies the number of minutes a line session may remain inactive before the ADTRAN OS terminates the session. Entering a line-timeout value of 0 disables the feature.
Command Reference Guide Line (Telnet) Interface Config Command Set login Use the login command to enable security login on the line session requiring the password configured using the password command. Use the no form of this command to disable the login feature. Syntax Description No subcommands. Default Values By default, there is no login password set for access to the unit.
Line (Telnet) Interface Config Command Set Command Reference Guide login local-userlist Use the login local-userlist command to enable security login for the terminal session requiring the usernames and passwords configured using the username/password Global Configuration command. Use the no form of this command to disable the login local-userlist feature. All user properties assigned using the username/password command are valid when using the login local-userlist command.
Command Reference Guide Line (Telnet) Interface Config Command Set password Use the password command to configure the password required on the line session when security login is enabled (using the login command). Use the no form of this command to remove a configured password. Syntax Description Alphanumeric character string (up to 16 characters) used to specify the password for the line session Default Values By default, there is no login password set for access to the unit.
Router (RIP) Configuration Command Set Command Reference Guide ROUTER (RIP) CONFIGURATION COMMAND SET To activate the Router (RIP) Configuration command set, enter the router rip command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# router rip Router(config-rip)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Command Reference Guide Router (RIP) Configuration Command Set auto-summary Use the auto-summary command to have RIP version 2 summarize subnets to the classful boundaries. Use the no form of this command to disable this summarization. Syntax Description No subcommands. Default Values By default, auto-summary is disabled. Command Modes (config-rip)# Router (RIP) Configuration Mode required Command History Release 3.
Router (RIP) Configuration Command Set Command Reference Guide default-metric Use the default-metric command to set the default metric value for the RIP routing protocol. Use the no form of this command to return to the default settings. Syntax Description Set the default metric value (range: 1-4294967295 Mbps). Default Values By default, this value is set at 0. Command Modes (config-ospf)# (config-rip)# Router (OSPF or RIP) Configuration Mode required Command History Release 3.
Command Reference Guide Router (RIP) Configuration Command Set network
Use the network command to enable RIP on the specified network. The ADTRAN OS will only allow processing (sending and receiving) RIP messages on interfaces with IP addresses that are contained in the networks listed using this command. All RIP messages received on interfaces not listed using this command will be discarded.Router (RIP) Configuration Command Set Command Reference Guide passive-interface Use the passive-interface command to disable the transmission of routing updates on the specified interface. All routing updates received on that interface will still be processed (and advertised to other interfaces), but no updates will be transmitted to the network connected to the specified interface. Multiple passive-interface commands may be used to create a customized list of interfaces.
Command Reference Guide Router (RIP) Configuration Command Set redistribute connected Use the redistribute connected command to pass routes from one network to another, regardless of the routing protocol implemented on the routing domain. Using the connected keyword allows the propagation of routes connected to other interfaces using the RIP routing protocol. Use the no form of this command to disable the propagation of the specified route type.
Router (RIP) Configuration Command Set Command Reference Guide redistribute ospf [metric ] Use the redistribute ospf command to advertise routes from one protocol to another, regardless of the routing protocol implemented on the routing domain. Using the ospf keyword allows the propagation of OSPF routes into RIP. Use the no form of this command to disable the propagation of the specified route type.
Command Reference Guide Router (RIP) Configuration Command Set redistribute static Use the redistribute static command to pass routes from one network to another, regardless of the routing protocol implemented on the routing domain. Using the static keyword allows the propagation of static routes to other interfaces using the RIP routing protocol. Use the no form of this command to disable the propagation of the specified route type.
Router (RIP) Configuration Command Set Command Reference Guide version Use the version command to specify (globally) the Routing Information Protocol (RIP) version used on all IP interfaces. This global configuration is overridden using the configuration commands ip rip send version and ip rip receive version. Use the no form of this command to return to the default value.
Command Reference Guide Router (OSPF) Configuration Command Set ROUTER (OSPF) CONFIGURATION COMMAND SET To activate the Router (OSPF) Configuration command set, enter the router ospf command at the Global Configuration Mode prompt. For example: Router> enable Router# configure terminal Router(config)# router ospf Router(config-ospf)# The following commands are common to multiple command sets and are covered in a centralized section of this guide.
Router (OSPF) Configuration Command Set Command Reference Guide area default-cost Use this command to assign a cost of the default summary route sent into a stub area or not-so-stubby-area (NSSA). Use the no form of this command to delete the assigned cost. Syntax Description Identifier for this area. Enter as an integer (range: 0-4294967295) or an IP address . Default summary route cost. Range: 0-166777214. Default Values No default.
Command Reference Guide Router (OSPF) Configuration Command Set area range [advertise | not-advertise] Use this command to configure area route summarizations and to determine whether an address range is advertised to the networks. Syntax Description Identifier for this area. Enter as an integer (range: 0-4294967295) or an IP address . The IP address of the advertised summary route.
Router (OSPF) Configuration Command Set Command Reference Guide area stub [no-summary] Use this command to configure an area as a stub area. Use the no form of this command to disable stub-designation for areas defined as stubs using this command. Syntax Description Identifier for this stub area. Enter as an integer (range: 0-4294967295) or an IP address . no-summary *Optional Use this optional keyword to designate the area as a total stub area.
Command Reference Guide Router (OSPF) Configuration Command Set auto-cost reference-bandwidth Use the auto-cost reference-bandwidth command to assign a different interface cost to an interface. It may be necessary to assign a higher number to high-bandwidth links. This value is used in OSPF metric calculations. Syntax Description Set the default reference-bandwidth rate (range: 1-4294967 Mbps). Default Values By default, the rate is set to 100.
Router (OSPF) Configuration Command Set Command Reference Guide default-information-originate [always] [metric value] [metric-type type] Use the default-information-originate command to cause an ASBR to generate a default route. It must have its own default route before it generates one unless the always keyword is used. Syntax Description always *Optional Always advertise default route. metric *Optional Configure metric value (range is 0-16777214).
Command Reference Guide Router (OSPF) Configuration Command Set default-metric Use the default-metric command to set a metric value for redistributed routes. Syntax Description Set the default metric value (range: 0-4294967295). Default Values By default, this value is set at 20. Command Modes (config-ospf)# Router (OSPF or RIP) Configuration Mode required Command History Release 3.
Router (OSPF) Configuration Command Set Command Reference Guide network area Use the network area command to enable routing on an IP stack and to define area IDs for the interfaces on which OSPF will run. Use the no form of this command to disable OSPF routing for interfaces defined using this command. Syntax Description Network address . The wildcard mask is in an IP-address-type format and includes “don’t care” bits.
Command Reference Guide Router (OSPF) Configuration Command Set redistribute connected Use the redistribute connected command to advertise routes from one protocol to another. Using the connected keyword allows the advertisement of connected routes into the OSPF routing protocol. This will advertise all connected routes on OSPF-enabled interfaces. It does not enable OSPF on all interfaces. Use the no form of this command to disable the propagation of the specified route type.
Router (OSPF) Configuration Command Set Command Reference Guide redistribute rip Use the redistribute rip command to advertise routes from one protocol to another, regardless of the routing protocol implemented on the routing domain. Using the rip keyword allows the propagation of RIP routes into OSPF. Use the no form of this command to disable the propagation of the specified route type. Syntax Description rip Optional keyword that specifies the ADTRAN OS to import RIP routes into OSPF.
Command Reference Guide Router (OSPF) Configuration Command Set redistribute static Use the redistribute static command to advertise routes from one protocol to another. Using the static keyword allows the advertisement of static routes into the OSPF routing protocol. This will advertise all static routes on OSPF-enabled interfaces. It does not enable OSPF on all interfaces. Use the no form of this command to disable the propagation of the specified route type.
Router (OSPF) Configuration Command Set Command Reference Guide summary-address
not-advertise Use this command to control address summarization of routes that are redistributed into OSPF from other sources (e.g., RIP-to-OSPF, static-to-OSPF, etc.). The not-advertise option causes suppression of routes that match the specified mask/prefix mask pair. Syntax Description IP address or Prefix A.B.C.D.Command Reference Guide Router (OSPF) Configuration Command Set timers lsa-group-pacing Use the timers lsa-group-pacing command to change the link state advertisement (LSA) refresh interval. Syntax Description Set the LSA refresh interval in seconds (range: 10-1800). Default Values By default, this value is set at 240 seconds. Command Modes (config-ospf)# Router (OSPF) Configuration Mode required Command History Release 3.
Router (OSPF) Configuration Command Set Command Reference Guide timers spf Use the timers spf command to configure the shortest path first (SPF) calculation and hold intervals. Syntax Description Time in seconds between OSPF’s receipt of topology changes and the beginning of SPF calculations. Time in seconds between consecutive SPF calculations. Range: 10-1800 seconds.
Command Reference Guide Common Commands COMMON COMMANDS The following section contains descriptions of commands which are common across multiple command sets. These commands are listed in alphabetical order. alias <“text”> on page 556 description on page 557 do on page 558 end on page 559 exit on page 560 shutdown on page 561 61950860L1-35D © 2003 ADTRAN, Inc.
Common Commands Command Reference Guide alias <“text”> Use the alias command to populate the ifAlias OID (Interface Table MIB of RFC 2863) for all physical interfaces and frame relay virtual interfaces when using SNMP management stations. Syntax Description Alphanumeric character string describing the interface (for SNMP) — must be encased in quotation marks Default Values No defaults required for this command.
Command Reference Guide Common Commands description Use the description command as a comment line to enter an identifier for the specified interface (for example, circuit ID, contact information, etc.). Syntax Description No subcommands. Default Values No defaults required for this command. Command Modes Any Configuration Mode. Command History Release 1.
Common Commands Command Reference Guide do Use the do command to execute any ADTRAN OS command, regardless of the active configuration mode. Syntax Description No subcommands Default Values No defaults required for this command. Command Modes Any Configuration Mode Command History Release 2.1 Command was introduced Functional Notes Use the do command to view configurations or interface states after configuration changes are made without exiting to the Enable mode.
Command Reference Guide Common Commands end Use the end command to exit the current Configuration Mode and enter the Enable Security Mode. When exiting the Global Configuration Mode, remember to perform a copy running-config startup-config to save all configuration changes. Syntax Description No subcommands Default Values No defaults necessary for this command. Command Modes This command is valid for all command modes except the Enable Security Mode. Command History Release 1.
Common Commands Command Reference Guide exit Use the exit command to exit the current Configuration Mode and enter the previous one. For example, using the exit command in the Interface Configuration Mode will activate the Global Configuration Mode. When using the exit command in the Basic Mode, the current session will be terminated. When exiting the Global Configuration Mode, remember to perform a copy running-config startup-config to save all configuration changes.
Command Reference Guide Common Commands shutdown Use the shutdown command to administratively disable the interface (no data will be passed through). Use the no form of this command to activate the interface. Syntax Description No subcommands Default Values By default, all interfaces are disabled. Command Modes Any Configuration Mode Command History Release 1.
Common Commands 562 Command Reference Guide © 2003 ADTRAN, Inc.
Index A able 15 access-class in 527 access-policy 292, 413, 461, 495 alarm-threshold 370 alias 556 alias link 464 area default-cost 542 area range 543 area stub 544 arp arpa 295 attribute 255, 270 authentication pre-share 271 auto cost reference-bandwidth 545 bridge-group priority 299, 419 bridge-group spanning-disabled 300, 420, 467 B bandwidth 296, 416, 465, 498 banner 136 basic 8 Basic Mode command set 14 bonding txadd-timer 386 bonding txcid-timer 387 bonding txdeq-timer 388 bonding txfa-timer 389 bon
Command Reference Guide Index configuration modes global 9 interface 9 line 9 router 9 configure 39 connected 537, 549 console port 7, 42 copy 40 copy tftp 41 copy xmodem 42 cross-connect 147 crypto ike 150 crypto ike client 266 crypto ike policy 254 crypto ike remote-id 154 crypto ipsec transform-set 155 crypto map 157, 301, 421, 468, 499 Crypto Map IKE command set 276 crypto map ipsec-ike 276 crypto map ipsec-manual 283 Crypto Map Manual command set 283 D databits 517 data-coding scrambled 329 DDS Inter
Index Command Reference Guide 291 event-history on 160 event-history priority 160, 161 events 66 exit 560 F fdl 337 flowcontrol 518 Frame Relay Interface Configuration command set 398 Frame Relay Sub-Interface Config command set 412 frame-relay bc 440 frame-relay be 441 frame-relay interface-dlci 442 frame-relay intf-type 400 frame-relay lmi-n391dce 401 frame-relay lmi-n391dte 402 frame-relay lmi-n392dce 403 frame-relay lmi-n392dte 404 frame-relay lmi-n393dce 405 frame-relay lmi-n393dte 406 frame-relay lm
Command Reference Guide Index ip ftp agent 203 ip helper-address 312, 449, 472, 503 ip host 204 ip http 205 ip name-server 207 ip n-form agent 206 ip ospf 314, 451, 474, 505 ip ospf authentication 315, 452, 475, 506 ip ospf network 316, 453, 476, 507 ip policy-class 208 ip policy-timeout 211 ip proxy-arp 317, 454, 477, 508 ip rip receive version 318, 455, 478, 509, 540 ip rip send version 319, 456, 479, 510, 540 ip route 182, 213 ip route-cache 320, 457, 480, 511 ip routing 214 ip snmp agent 215 ip subnet
Index Command Reference Guide peer default ip address 484 ping 17, 68 point-to-point 165 ppp authentication 485 ppp chap hostname 489 ppp chap password 490 ppp chap sent-username/password 491 PPP Interface Configuration command set 460 preventing unauthorized users 8 R redistribute 537, 538, 539, 549, 550, 551 redistribute static 551 reload 70 remote-loopback 331, 343, 355 respond 265 rip 550 router 9 Router (OSPF) Configuration command set 541 Router (RIP) Configuration command set 532 router ospf 227, 5
Command Reference Guide Index 411, 492, 515 snmp-server chassis-id 230 snmp-server community 231 snmp-server contact 232 snmp-server enable traps 233 snmp-server host traps 234 snmp-server host traps version 235 snmp-server location 236 snmp-server trap-source 237 sntp server 238 speed 325, 524 static 539 stopbits 525 summary-address not-advertise 552 telnet 22, 131 test-pattern 348, 359, 381 timers lsa-group-pacing 553 timers spf 554 traceroute 23, 132 U unauthorized users 8 undebug all 133 username pas