HP MSR2000/3000/4000 Router Series Fundamentals Command Reference (V7) Part number: 5998-4007 Software version: CMW710-R0007P02 Document version: 6PW100-20130927
Legal and notice information © Copyright 2013 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents Basic CLI commands ···················································································································································· 1 command-alias enable ············································································································································· 1 command-alias mapping ········································································································································· 1 displa
free line··································································································································································· 59 free user-interface ·················································································································································· 61 history-command max-size ··································································································································· 62 idle-t
ftp client ipv6 source ··········································································································································· 101 ftp ipv6 ································································································································································· 102 get ······································································································································································
Configuration file management commands ·········································································································· 148 archive configuration ·········································································································································· 148 archive configuration interval ···························································································································· 149 archive configuration location ······
rmdir ····································································································································································· 194 shutdown ······························································································································································ 194 ssh2 ·······························································································································································
scheduler schedule ·············································································································································· 245 shutdown-interval ················································································································································· 246 sysname ································································································································································ 247 time
Basic CLI commands command-alias enable Use command-alias enable to enable the command keyword alias function. Use undo command-alias enable to disable the command keyword alias function. Syntax command-alias enable undo command-alias enable Default The command keyword alias function is disabled. Views System view Predefined user roles network-admin Usage guidelines To make configured aliases take effect, enable the command keyword alias function.
Views System view Predefined user roles network-admin Parameters cmdkey: Specifies the first keyword of a non-undo command or the second keyword of an undo command. You must enter the keyword in its complete form. alias: Specifies an alias for the keyword. It must be different from the first keyword of any non-undo command and the second keyword of any undo command. Usage guidelines You can configure an alias for the first keyword of a non-undo command or the second keyword of an undo command.
include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. Usage guidelines Use the | { begin | exclude | include } regular-expression option with a display command to filter the command output. For more information about regular expressions, see Fundamentals Configuration Guide. Examples # Display the lines that contain "vlan" in the running configuration.
9: Untagged ports: 10: Ethernet1/1 # Display the first line that begins with "user-group" in the running configuration and all of the following lines. display current-configuration | by-linenum begin user-group 114: user-group system 115- # 116- return display > Use display > to save the output from a display command to a separate file.
display >> Use display >> to append the output from a display command to the end of a file. Syntax display command >> filename Views Any view Predefined user roles network-admin network-operator Parameters command: Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ?. filename: Specifies the name of the file that is used to save the output, a string of 1 to 63 characters.
Ethernet1/1 display command-alias Use display command-alias to display the status of the command keyword alias function and the configured command keyword alias. Syntax display command-alias Views Any view Predefined user roles network-admin network-operator Examples # Display command keyword alias information.
Examples # Display all commands saved in the command history buffer for your current CLI session. display history-command system-view vlan 2 quit Related commands history-command max-size display history-command all Use display history-command all to display all commands saved in the command history buffer for all CLI sessions.
Syntax display hotkey Views Any view Predefined user roles network-admin network-operator Examples # Display hotkey information. display hotkey ----------------- Hotkeys -----------------Defined command hotkeysCTRL_G display current-configuration CTRL_L display ip routing-table CTRL_O undo debugging all -Undefined command hotkeysCTRL_T NULL CTRL_U NULL -System-reserved hotkeysCTRL_A Move the cursor to the beginning of the line. CTRL_B Move the cursor one character to the left.
hotkey Use hotkey to assign a command to a configurable hotkey. Use undo hotkey to restore the default. Syntax hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U } command undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U } Default • Ctrl_G: display current-configuration (display the running configuration). • Ctrl_L: display ip routing-table (display the IPv4 routing table information). • Ctrl_O: undo debugging all (disable all debugging functions).
Syntax quit Views Any view Predefined user roles network-admin network-operator Usage guidelines Executing this command in user view disconnects you from the device. Examples # Return from Ethernet 1/1 interface view to system view and then to user view. [Sysname-Ethernet1/1] quit [Sysname] quit return Use return to return to user view from any other view.
Default The default depends on the configuration of the screen-length command in user line view. The following are default settings for the screen-length command: • Pausing between screens of output. • Displaying up to 24 lines on a screen. Views User view Predefined user roles network-admin Usage guidelines If you disable pausing between screens of output, all output is displayed and the screen is refreshed continuously until the final screen is displayed.
RBAC commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. description Use description to configure a description for a user role. Use undo description to delete the description of a user role. Syntax description text undo description Default A user role has no description.
Predefined user roles network-admin network-operator Parameters name role-name: Specifies a user role name, a case-sensitive string of 1 to 63 characters. Usage guidelines If no user role name is specified, the command displays information about all user roles, including the predefined user roles. Examples # Display information about the user role 123.
Role: network-operator Description: Predefined network operator role has access to all read commands on the device VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------Rule Perm Type Scope Entity ------------------------------------------------------------------sys-1 permit command display * sys-2 permit command xml sys-3 deny command display history-command all sys-4 deny c
Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------Rule Perm Type Scope Entity ------------------------------------------------------------------sys-1 permit command tracert * sys-2 permit command telnet * sys-3 permit command ping * sys-4 permit command ssh2 * sys-5 permit command display * sys-6 permit command super * sys-7 deny command display history-command all R:Read W:Write X:Execu
VPN instance policy: permit (default) Role: level-8 Description: Predefined level-8 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) Role: level-9 Description: Predefined leve-9 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------Rule Perm Type Scope Entity ------------------------------------------------------------------
Description: Predefined level-14 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) Role: level-15 Description: Predefined level-15 role VLAN policy: permit (default) Interface policy: permit (default) VPN instance policy: permit (default) ------------------------------------------------------------------Rule Perm Type Scope Entity ------------------------------------------------------------------sys-1 permit command * sys-2 permit RWX xml
sys-3 permit command system-view ; info-center securi ty-logfile directory * sys-4 permit command security-logfile save sys-5 permit command cd * sys-6 permit command copy * sys-7 permit command delete * sys-8 permit command dir * sys-9 permit command mkdir * sys-10 permit command more * sys-11 permit command move * sys-12 permit command rmdir * sys-13 permit command pwd sys-14 permit command rename * sys-15 permit command undelete * sys-16 permit comman
sys-50 permit command virtual-ftp-verbose sys-51 permit command virtual-ftp-remove sys-52 permit command virtual-ftp-exit R:Read W:Write X:Execute Table 1 Command output Field Description User role name. Role Predefined user role names include network-admin, network-operator, level-n (where n represents an integer in the range of 0 to 15), and security-audit. Description User role description you have configured for easy identification.
Field Description Rule control scope: • command—Controls access to the command or commands, as specified in the Entity field. • feature—Controls access to the commands of the feature, as specified in the Entity field. Scope • feature-group—Controls access to the commands of the features in the feature group, as specified in the Entity field. • web-menu—Controls access to Web menus. Web menus are not supported in this release. • xml-element—Controls access to XML elements.
… # Display the commands of each feature.
Table 2 Command output (display role feature name aaa) Field Description Feature Displays the name and brief function description of the feature. system-view ; domain * All the commands that start with domain in system view and all the commands in ISP domain view. system-view ; header * All the commands that start with header in system view. display domain * All the commands that start with display domain in user view.
Usage guidelines Feature groups L2 and L3 are predefined feature groups. Examples # Display the feature lists of feature groups.
system-view ; probe ; debugging stp * (W) system-view ; probe ; dispaly system internal stp * Feature: lldp (R) (LLDP related commands) display lldp * (R) system-view ; lldp * (W) system-view ; interface * ; lldp * debugging lldp * (W) (W) display debugging lldp * Feature: loopbk-detect (R) (Loopback-detection related commands) display loopback-detection * (R) system-view ; loopback-detection * (W) system-view ; interface * ; loopback-detection * debugging loopback-detection * (W) displ
display debugging port-security * (R) Feature group: L3 Feature: route (Route management related commands) display debugging rib * (R) display ip routing-table * (R) display ipv6 routing-table * display router id * display rib * (R) (R) (R) display ipv6 rib * (R) reset ip routing-table statistics * (W) reset ipv6 routing-table statistics * debugging rib * (W) (W) debugging ipv6 rib * (W) system-view ; router id * system-view ; rib * (W) (W) system-view ; probe * ; display system inte
debugging ospf * (W) debugging ospfv3 * (W) system-view ; ospf * (W) system-view ; snmp-agent trap enable ospf * system-view ; interface * ; ospf * system-view ; ospfv3 * (W) (W) (W) system-view ; interface * ; ospfv3 * (W) system-view ; probe * ; display system internal ospf * (R) system-view ; probe * ; display system internal ospfv3 * system-view ; probe * ; reset ospf * Feature: rip (Routing Information Protocol related commands) display rip * (R) display ripng * reset rip * (R) (W)
system-view ; snmp-agent trap enable l3vpn (W) system-view ; probe ; debugging system internal ip vpn-instance * (W) system-view ; probe ; display system internal ip vpn-instance * system-view ; probe ; display system internal ip vpn-binding * Feature: route-policy (Routing Policy related commands) display route-policy * (R) display ip prefix-list * (R) display ipv6 prefix-list * display mac-list * (R) (R) display debugging route-policy * display ip community-list * display ip as-path * (R) (
display debugging ipv6 l2mf * debugging mrib * (R) (W) debugging ipv6 mrib * (W) display debugging mrib * (R) display debugging ipv6 mrib * system-view ; multicast * (R) (W) system-view ; ipv6 multicast * (W) system-view ; ip rpf-route-static * (W) system-view ; delete ip rpf-route-static * system-view ; interface * ; multicast * (W) (W) system-view ; interface * ; ipv6 multicast * system-view ; probe * ; multicast * Feature: pim (W) (W) (Protocol Independent Multicast related commands)
Feature: isis (ISIS protocol related commands) Feature: bgp (Border Gateway Protocol related commands) Feature: l3vpn (Layer 3 Virtual Private Network related commands) Related commands • feature • role feature-group feature Use feature to add a feature to a feature group. Use undo feature to remove a feature from a feature group. Syntax feature feature-name undo feature feature-name Default A user-defined feature group has no features.
Syntax interface policy deny undo interface policy deny Default A user role has access to any interface. Views User role view Predefined user roles network-admin Usage guidelines The interface policy deny command denies the access of a user role to any interface. To restrict the interface access of a user role to only a set of interfaces: 1. Use interface policy deny to deny access to any interface. 2. Use permit interface to specify accessible interfaces.
Syntax permit interface interface-list undo permit interface [ interface-list ] Default No permitted interfaces are configured in user role interface policy view. A user role cannot access any interface after you configure the interface policy deny command. Views User role interface policy view Predefined user roles network-admin Parameters interface interface-list: Specifies a space-separated list of up to 10 interface items.
# Verify that you can assign Ethernet 1/5 to VLAN 10. In this example, the user role can access any VLAN because the default VLAN policy of the user role is used. system-view [Sysname] vlan 10 [Sysname-vlan10] port ten-gigabitEthernet1/5 # Verify that you cannot enter Ethernet 1/2 interface view. system-view [Sysname] interface ethernet 1/2 Permission denied.
Examples # Permit the user role role1 to access VLANs 2, 4, and 50 to 100, enter interface view and VLAN view and execute all the commands that are available in interface view and VLAN view.
Parameters vpn-instance-name&<1-10>: Specifies a space-separated list of up to 10 MPLS L3VPN names. Each name is a case-sensitive string of 1 to 31 characters. Usage guidelines To permit a user role to access an MPLS L3VPN after you configure the vpn-instance policy deny command, you must add the VPN to the permitted VPN list of the policy. With the user role, you can create, remove, configure only the VPNs in the permitted VPN list, enter their views, and specify them in a feature command.
role Use role to create a user role and enter user role view. If the user role has been created, you directly enter the user role view. Use undo role to delete a user role. Syntax role name role-name undo role name role-name Default The system has 19 predefined user roles: network-admin, network-operator, level-n (where n represents an integer in the range of 0 to 15), and security-audit. Views System view Predefined user roles network-admin Parameters name role-name: Specifies a username.
Use undo role default-role enable to restore the default. Syntax role default-role enable undo role default-role enable Default The default user role function is disabled. AAA users that do not have a user role cannot log in to the device. Views System view Predefined user roles network-admin Usage guidelines An AAA authentication user must have at least one user role to log in to the device.
Parameters name feature-group-name: Specifies a feature group name. The feature-group-name argument is a case-sensitive string of 1 to 31 characters. Usage guidelines Assign a set of features to a user role feature group for easy permission assignment management. In addition to the predefined feature groups L2 and L3, you can create up to 64 user role feature groups. The L2 feature group includes all Layer 2 feature commands, and the L3 feature group includes all Layer 3 feature commands.
command command-string: Specifies a command string. The command-string argument is a case-sensitive string of 1 to 128 characters, including the wildcard asterisk (*), the delimiters space and tab, and all printable characters. execute: Specifies the execute commands of a feature or feature group. An execute command (for example, ping) executes a specific function or program. read: Specifies the read commands of a feature or feature group.
Any rule modification, addition, or removal for a user role takes effect only on the users that log in with the user role after the change. When you specify a command string, follow the guidelines in Table 3. Table 3 Command string configuration rules Rule Guidelines Use a semicolon to separate the command of each view that you must enter before you access a command or a set of commands, except for the commands (for example, display and dir) available in user view or any view.
Rule Do not include the vertical bar (|), greater-than sign (>), or double greater-than sign (>>) when you specify display commands in a user role command rule. Guidelines The system does not treat these redirect signs and the parameters that follow them as part of command lines, but in user role command rules, they are handled as part of command lines. As a result, no rule that includes any of these signs can find a match.
Parameters rolename: Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system. If no user role is specified, you obtain the user role network-admin. Usage guidelines To enable a user to obtain a temporary user role that is not specified in the user account, you must configure user role authentication.
If you specify both local and scheme keywords, the keyword first entered in the command takes precedence, as follows: • scheme local—Enables remote-then-local authentication mode. The device first performs AAA authentication for temporary user role authorization. If the remote HWTACACS or RADIUS server does not respond or the AAA configuration on the device is invalid, local password authentication is performed. • local scheme—Enables local-then-remote authentication mode.
Parameters role rolename: Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system. If no user role is specified, this command sets a password for user role network-admin. hash: Sets a hashed password. simple: Sets a plaintext password. This password will be saved in hashed text for security purposes. password: Specifies the password string. This argument is case sensitive.
Predefined user roles network-admin Usage guidelines The vlan policy deny command denies the access of a user role to any VLAN. To restrict the VLAN access of a user role to only a set of VLANs: 1. Use vlan policy deny to deny access to any VLAN. 2. Use permit vlan to specify accessible VLANs. To create, remove, or configure a VLAN, enter its view, or specify the VLAN in a feature command, you must make sure the VLAN is permitted by the VLAN policy of any user role that you are logged in with.
Usage guidelines The vpn-instance policy deny command denies the access of a user role to any VPN. To restrict the VPN access of a user role to only a set of VPNs: 1. Use vpn-instance policy deny to deny access to any VPN. 2. Use permit vpn-instance to specify accessible VPNs. To create, remove, or configure an MPLS L3VPN, enter its view, or specify it in a feature command, you must make sure the VPN is permitted by the VPN instance policy of any user role that you are logged in with.
Login management commands Some login management commands are available in both user line view and user line class view. This chapter describes only the login management commands available in user line view. If you configure a login management command in user line view, the configuration is applied only to the specified user lines. If you configure a login management command in user line class view, the configuration is applied to all user lines of the class.
[Sysname-line-console0] activation-key s To verify the configuration: 1. Exit the console session. [Sysname-line-console0] return quit 2. Log in again through the console line. The following message appears: Press ENTER to get started. 3. Press Enter. Pressing Enter does not start a session. 4. Enter s. A terminal session is started. authentication-mode Use authentication-mode to set the authentication mode for a user line. Use undo authentication-mode to restore the default.
Usage guidelines When the authentication mode is none, any user can log in without authentication. To improve device security, use the password or scheme authentication mode. Examples # Enable the none authentication mode for user line VTY 0. system-view [Sysname] line vty 0 [Sysname-line-vty0] authentication-mode none # Enable password authentication for user line VTY 0 and set the password to 321.
Predefined user roles network-admin Parameters command: Specifies the command to be automatically executed. Usage guidelines This command is not supported in console line view or console line class view. This command is not supported in AUX line view or AUX line class view. The device automatically executes the specified command when a user logs in through the user line, and closes the user connection after the command is executed.
command accounting Use command accounting to enable command accounting. Use undo command accounting to restore the default. Syntax command accounting undo command accounting Default Command accounting is disabled, and the accounting server does not record executed commands. Views User line view, user line class view Predefined user roles network-admin Usage guidelines When command accounting is enabled but command authorization is not, every executed command is recorded on the HWTACACS server.
Predefined user roles network-admin Usage guidelines When command authorization is enabled, a command is available only if the user has the commensurate user role and is authorized to use the command by the AAA scheme. Examples # Enable command accounting for VTY 0 so a user logged in through VTY 0 can execute only authorized commands that are permitted by the user role.
[Sysname] line aux 0 [Sysname-line-aux0] databits 5 display line Use display line to display user line information. Syntax display line [ number1 | { aux | console | tty | vty } number2 ] [ summary ] Views Any view Predefined user roles network-admin network-operator Parameters number1: Specifies the absolute number of a user line. It typically starts from 0. aux: Specifies the AUX line. console: Specifies the console line. tty: Specifies the TTY line. vty: Specifies the VTY line.
+ : Line is active. F : Line is active and in async mode. Idx : Absolute index of line. Type : Type and relative index of line. Auth : Login authentication mode. Int : Physical port of the line. A : Authentication use AAA. N : No authentication is required. P : Password authentication. Table 4 Command output Field Description Modem Whether the modem allows calling in or out. By default, this attribute is not configured and a hyphen (-) is displayed.
Syntax display telnet client Views Any view Predefined user roles network-admin network-operator Examples # Display the Telnet client configuration of the device when it serves as a Telnet client. display telnet client The source IP address is 1.1.1.1. The output shows that the device uses the source IPv4 address 1.1.1.1 for outgoing Telnet packets when it serves as a Telnet client.
Keyword MSR2000 MSR3000 MSR4000 console No No Yes The following matrix shows the argument and router compatibility: Argument MSR2000 MSR3000 MSR4000 number1 0 to 128 0 to 240 0 to 499 aux: 0 aux: 0 tty: 1 to 64 tty: 1 to 176 vty: 0 to 63 vty: 0 to 63 number2 aux: 0 to1 console: 0 to 1 tty: 1 to 432 vty: 0 to 63 Usage guidelines This is an older command reserved for backward compatibility purposes.
Line type : [VTY] 65:UUUU XXXX XXXX XXXX 81:XXXX XXXX XXXX XXXX 97:XXXX XXXX XXXX XXXX 113:XXXX XXXX XXXX XXXX 4 lines used. (U) 125 lines not used. (X) Table 7 Command output Fields Description The number indicates the absolute number of the first user line of the user line class, starting from 0. The status indicates whether the user lines of the user line class are being used (X for unused and U for used).
The output shows that two users have logged in to the device: one is using user line VTY 0 and the other (yourself) is using VTY 1. Your IP address is 192.168.1.26. Table 8 Command output Field Description Idx Absolute number of the user line. Line Type and relative number of the user line. Idle Time elapsed after the user's most recent input, in the format hh:mm:ss. Time Login time of the user. Pid Process ID of the user session. Type User type, such as Telnet, SSH, or PAD.
If you define a single character as the shortcut key for terminating tasks, pressing the character when a command is being executed stops the command. If no command is being executed, pressing the character enters the character as a common character. It is a good practice to use a key sequence as the shortcut key.
Predefined user roles network-admin Parameters hardware: Performs hardware flow control. none: Disables flow control. software: Performs software flow control. flow-control-type1, flow-control-type2: Specifies the flow control direction, in or out. If in is specified, the local device receives flow control information from the remote device. If out is specified, the local device sends flow control information to the remote device. Usage guidelines This command is not supported in VTY line view.
Syntax free line { number1 | { aux | console | tty | vty } number2 } Views User view Predefined user roles network-admin Parameters number1: Specifies the absolute number of a user line. It typically starts from 0. aux: Specifies the AUX line. console: Specifies the console line. tty: Specifies the TTY line. vty: Specifies the VTY line. number2: Specifies the relative number of a user line.
Location: 192.168.1.26 2. + : Current operation user. F : Current operation user works in async mode. If the operations of the user on VTY 1 impact your operations, log out the user. free line vty 1 Are you sure to free line vty1? [Y/N]:y [OK] free user-interface Use free user-interface to release a user line.
This is an older command reserved for backward compatibility purposes. Although it has the same functionality and output as the free line command, HP recommends you use the free line command. Examples # Release user line VTY 1: 1. Display online users. display users Idx LINE Idle Time Pid Type 10 VTY 0 00:10:49 Jun 11 11:27:32 320 TEL + 11 VTY 1 00:00:00 Jun 11 11:39:40 334 TEL Following are more details. VTY 0 : Location: 192.168.1.12 VTY 1 : Location: 192.168.1.26 2.
Terminating a CLI session clears the commands in the history buffer. Examples # Set the size of the command history buffer to 20 for user line Console 0. system-view [Sysname] line console 0 [Sysname-line-console0] history-command max-size 20 idle-timeout Use idle-timeout to set the session idle timeout. Use undo idle-timeout to restore the default. Syntax idle-timeout minutes [ seconds ] undo idle-timeout Default The idle-timeout interval is 10 minutes.
Views System view Predefined user roles network-admin Parameters first-number1: Specifies the absolute number of the first user line. It typically starts from 0. last-number1: Specifies the absolute number of the last user line. The value range varies with devices and typically starts from 0. This number cannot be smaller than first-number1. aux: Specifies the AUX line. console: Specifies the console line. tty: Specifies the TTY line. vty: Specifies the VTY line.
[Sysname] line vty 0 63 [Sysname-line-vty0-63] Related commands line class line class Use line class to enter user line class view. Syntax line class { aux | console | tty | vty } Views System view Predefined user roles network-admin Parameters aux: Specifies the AUX line class view. console: Specifies the console line class view. tty: Specifies the TTY line class view. vty: Specifies the VTY line class view.
• escape-key • history-command max-size • idle-timeout • protocol inbound • screen-length • set authentication password • shell • terminal type • user-role Examples # Set the user connection timeout to 15 minutes in VTY line class view. system-view [Sysname] line class vty [Sysname-line-class-vty] idle-timeout 15 Related commands line lock Use lock to lock the current user line. This method prevents unauthorized users from using the user line.
locked ! // The user line is locked. To unlock it, press Enter and enter the password: Password: parity Use parity to specify a parity check mode. Use undo parity to restore the default. Syntax parity { even | mark | none | odd | space } undo parity Default The setting is none, and no parity check is performed. Views User line view Predefined user roles network-admin Parameters even: Performs even parity check. mark: Performs mark parity check. none: Disables parity check.
protocol inbound Use protocol inbound to enable a user line to support Telnet, PAD, SSH, or all three protocols. Use undo protocol inbound to restore the default. Syntax In non-FIPS mode: protocol inbound { all | pad | ssh | telnet } undo protocol inbound In FIPS mode: protocol inbound ssh undo protocol inbound Default In non-FIPS mode, all three protocols are supported. In FIPS mode, SSH is supported.
Syntax screen-length screen-length undo screen-length Default Up to 24 lines are displayed on a screen. Views User line view, user line class view Predefined user roles network-admin Parameters screen-length: Specifies the maximum number of lines to be displayed on a screen, in the range of 0 to 512. Setting it to 0 disables pausing between screens of output. Usage guidelines This command sets the maximum number of lines that can be displayed on one screen when the screen pause function is enabled.
Parameters all: Specifies all user lines. number1: Specifies the absolute number of a user line. It typically starts from 0. aux: Specifies the AUX line. console: Specifies the console line. tty: Specifies the TTY line. vty: Specifies the VTY line. number2: Specifies the relative number of a user line.
set authentication password Use set authentication password to set a password for password authentication. Use undo set authentication password to remove the password. Syntax set authentication password { hash | simple } password undo set authentication password Default No password is set for password authentication. Views User line view, user line class view Predefined user roles network-admin Parameters hash: Sets a hashed password. simple: Sets a plaintext password.
undo shell Default The terminal service is enabled on all user lines. Views User line view, user line class view Predefined user roles network-admin Usage guidelines The undo shell command is not supported in console line view or console line class view. The undo shell command is not supported in AUX line view or AUX line class view. You cannot disable the terminal service on the user line you are using.
Usage guidelines This command is not supported in VTY line view. The configuration terminal and the device must be configured with the same transmission rate to communicate. Examples # Set the transmission rate to 19200 bps for user line AUX 0. system-view [Sysname] line aux 0 [Sysname-line-aux0] speed 19200 stopbits Use stopbits to specify the number of stop bits for a character. Use undo stopbits to restore the default. Syntax stopbits { 1 | 1.
telnet Use telnet to Telnet to a host in an IPv4 network. Syntax telnet remote-host [ service-port ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number | ip ip-address } ] [ dscp dscp-value ] Views User view Predefined user roles network-admin Parameters remote-host: Specifies the IPv4 address or host name of a remote host. A host name can be a case-insensitive string of 1 to 253 characters.
Use undo telnet client source to remove the configuration. Syntax telnet client source { interface interface-type interface-number | ip ip-address } undo telnet client source Default No source IPv4 address or source interface is specified for outgoing Telnet packets. The source IPv4 address is the primary IPv4 address of the outbound interface. Views System view Predefined user roles network-admin Parameters interface interface-type interface-number: Specifies a source interface.
Parameters remote-host: Specifies the IP address or host name of a remote host. A host name can be a case-insensitive string of 1 to 253 characters. Valid characters for a host name include letters, digits, hyphens (-), underscores (_), and dots (.). -i interface-type interface-number: Specifies the outbound interface for sending Telnet packets. This option is required when the destination address is a link-local address. port-number: Specifies the TCP port number for the Telnet service on the remote host.
Usage guidelines Only one ACL can be used to filter Telnet logins, and only users permitted by the ACL can Telnet to the device. This command does not take effect on existing Telnet connections. You can specify an ACL that has not been created yet in this command. The command takes effect after the ACL is created. For more information about ACL, see ACL and QoS Configuration Guide. This command is not supported in FIPS mode. Examples # Permit only the user at 1.1.1.1 to Telnet to the device.
telnet server ipv6 acl Use telnet server ipv6 acl to apply an IPv6 ACL to filter IPv6 Telnet logins. Use undo telnet server ipv6 acl to restore the default. Syntax telnet server ipv6 acl [ ipv6 ] acl-number undo telnet server ipv6 acl Default No ACL is used to filter IPv6 Telnet logins. Views System view Predefined user roles network-admin Parameters acl-number: Specifies an IPv6 ACL by its number: • Basic ACL—2000 to 2999. The ipv6 option is required. • Advanced ACL—3000 to 3999.
Syntax telnet server ipv6 dscp dscp-value undo telnet server ipv6 dscp Default IPv6 uses the DSCP value 48 for outgoing Telnet packets on a Telnet server. Views System view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63. Usage guidelines The DSCP value is carried in the Traffic class field of an IPv6 packet, and it indicates the transmission priority of the packet. This command is not supported in FIPS mode.
system-view [Sysname] telnet server enable terminal type Use terminal type to specify the terminal display type. Use undo terminal type to restore the default. Syntax terminal type { ansi | vt100 } undo terminal type Default The terminal display type is ANSI. Views User line view, user line class view Predefined user roles network-admin Parameters ansi: Specifies the terminal display type ANSI. vt100: Specifies the terminal display type VT100.
Parameters first-number1: Specifies the absolute number of the first user line. It typically starts from 0. last-number1: Specifies the absolute number of the last user line. The value range varies with devices and typically starts from 0. This number cannot be smaller than first-number1. aux: Specifies the AUX line. console: Specifies the console line. tty: Specifies the TTY line. vty: Specifies the VTY line. first-number2: Specifies the relative number of the first user line.
Related commands user-interface class user-interface class Use user-interface class to enter user line class view. Syntax user-interface class { aux | console | tty | vty } Views System view Predefined user roles network-admin Parameters aux: Specifies the AUX line class view. console: Specifies the console line class view. tty: Specifies the TTY line class view. vty: Specifies the VTY line class view.
• escape-key • history-command max-size • idle-timeout • protocol inbound • screen-length • set authentication password • shell • terminal type • user-role Examples # Set the user connection timeout to 15 minutes in VTY line class view.
This command is not supported in FIPS mode. Examples # Assign user role network-admin through the user line AUX 0.
FTP commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. In FIPS mode, the device does not support FTP. FTP server commands display ftp-server Use display ftp-server to display FTP server configuration and status information.
Syntax display ftp-user Views Any view Predefined user roles network-admin network-operator Examples # Display detailed information about logged-in FTP users. display ftp-user UserName HostIP Port HomeDir root 192.168.20.184 46539 cfa0: If a username exceeds 10 characters, a host IP address exceeds 15 bits, or a directory name exceeds 37 bits, the exceeded part is displayed in the next line and right justified, as shown below.
Parameters username: Specifies a username. You can use the display ftp-user command to display FTP user information. Examples # Manually release the FTP connection that was established by using the user account named ftpuser. free ftp user ftpuser Are you sure to free FTP connection? [Y/N]:y free ftp user-ip Use free ftp user-ip to manually release the FTP connection that was established from a specific IPv4 address.
Parameters ipv6-address: Specifies the source IPv6 address of an FTP connection to be released. You can use the display ftp-user command to view the source IPv6 address of the FTP connection. port port: Specifies the source port of an FTP connection to be released. You can use the display ftp-user command to view the source port of the FTP connection. Examples # Manually release the FTP connection that was established from IPv6 address 2000::154.
ftp server dscp Use ftp server dscp to set the DSCP value for IPv4 to use for outgoing FTP packets on an FTP server. Use undo ftp server dscp to restore the default. Syntax ftp server dscp dscp-value undo ftp server dscp Default IPv4 uses the DSCP value 0 for outgoing FTP packets on an FTP server. Views System view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63.
system-view [Sysname] ftp server enable ftp server ipv6 dscp Use ftp server ipv6 dscp to set the DSCP value for IPv6 to use for outgoing FTP packets on an FTP server. Use undo ftp server ipv6 dscp to restore the default. Syntax ftp server ipv6 dscp dscp-value undo ftp server ipv6 dscp Default IPv6 uses the DSCP value 0 for outgoing FTP packets on an FTP server. Views System view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63.
Parameters Minute: Specifies an idle-timeout interval in the range of 1 to 35791 minutes. Usage guidelines If no packet is exchanged on an FTP connection within the idle-timeout interval, the FTP server breaks the FTP connection to release resources. Examples # Set the idle-timeout interval to 36 minutes. system-view [Sysname] ftp timeout 36 FTP client commands Before executing FTP client configuration commands, make sure you have configured authorization settings for users on the FTP server.
ascii Use ascii to set the file transfer mode to ASCII. Syntax ascii Default The file transfer mode is ASCII. Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. The carriage return characters vary with operating systems. For example, HP and Windows use /r/n, and Linux uses /n.
Usage guidelines You can perform this operation only after you log in to the FTP server. The carriage return characters vary with operating systems. For example, HP and Windows use /r/n, and Linux uses /n. To transfer files between two systems that use different carriage return characters, determine FTP transfer mode according to the file type. FTP transfers files in the following modes: • Binary mode—Transfers program file or pictures. • ASCII mode—Transfers text files.
Views FTP client view Predefined user roles network-admin Parameters directory: Specifies the name of the target directory in the format [drive:][/]path, where drive represents the storage medium name, typically cf. If the target directory does not exist, the cd command does not change the current working directory. If no drive information is provided, the argument represents a folder or subfolder in the current directory.
Views FTP client view Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Change the working directory to the upper directory. ftp> pwd 257 "/ftp/subdir" is your current location ftp> cdup 250 OK. Current directory is /ftp ftp> pwd 257 "/ftp" is your current location Related commands • cd • pwd close Use close to terminate the connection to the FTP server without exiting FTP client view.
debug Use debug to enable or disable FTP client debugging. Syntax debug Default FTP client debugging is disabled. Views FTP client view Predefined user roles network-admin Usage guidelines When FTP client debugging is enabled, executing this command disables FTP client debugging. When FTP client debugging is disabled, executing this command enables FTP client debugging. Examples # Enable and then disable FTP client debugging. ftp> debug Debugging on (debug=1). ftp> debug Debugging off (debug=0).
delete Use delete to permanently delete a file on the FTP server. Syntax delete remotefile Views FTP client view Predefined user roles network-admin Parameters remotefile: Specifies the name of a file on the FTP server. Usage guidelines You can perform this operation only after you log in to the FTP server. To perform this operation, you must have delete permission on the FTP server. Examples # Delete file b.txt. ftp> delete b.txt 250 Deleted b.
In FTP client view, executing the dir command is the same as executing the ls command. Examples # Display detailed information about the files and subdirectories in the current directory on the FTP server. ftp> dir 150 Connecting to port 50201 -rwxr-xr-x 1 0 0 -rwxr-xr-x 1 0 0 1481 Jul 7 15:36 a.
Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Terminate the connection to the FTP server without exiting the FTP client view. ftp> disconnect 221-Goodbye. You uploaded 0 and downloaded 0 kbytes. 221 Logout. ftp> Related commands close display ftp client source Use display ftp client source to display the source address settings on the FTP client.
vpn-instance vpn-instance-name: Specifies the VPN instance to which the FTP server belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the FTP server belongs to the public network, do not specify this option. dscp dscp-value: Specifies the DSCP value for IPv4 to use in outgoing FTP packets to indicate the packet transmission priority, in the range of 0 to 63. The default is 0.
Views System view Predefined user roles network-admin Parameters interface interface-type interface-number: Specifies the source interface for establishing FTP connections. The primary IPv4 address of the source interface is used as the source IP address of packets sent to a FTP server. Make sure the interface is up and has the primary IPv4 address configured. Otherwise, the transmission fails. ip source-ip-address: Specifies the source IP address for outgoing FTP packets.
Parameters interface interface-type interface-number: Specifies the source interface by its type and number. The IPv6 address configured on the source interface is the source address of outgoing FTP packets. Make sure the interface is up. Otherwise, the transmission fails. ipv6 source-ipv6-address: Specifies the source IPv6 address for outgoing FTP packets. It must be the IPv6 address of an interface in up state. Otherwise, the transmission fails.
• interface interface-type interface-number: Specifies an interface by its type and number. This parameter can be used only when the FTP server address is a link local address and the specified output interface has a link local address. For more information about link local addresses, see Layer 3—IP Services Configuration Guide. • ipv6 source-ipv6-address: Specifies an IPv6 address. This address must be an address that has been configured on the device.
To save the downloaded file to the working directory accessed by the ftp command, the localfile argument must specify a file name such as a.cfg. If you do not provide the localfile argument, the downloaded file uses its original name. To save the downloaded file to some other directory, the localfile argument must specify the target directory plus the file name such as cfa0:/subdirectory/a.cfg. Otherwise, the command fails to take effect. Examples # Download file a.txt and save it as b.
Usage guidelines In FTP client view, executing the help command is the same as entering?. Examples # Display all commands supported by the FTP client. ftp> help Commands may be abbreviated. Commands are: append delete ls quit rmdir ascii debug mkdir reget status binary dir newer rstatus system bye disconnect open rhelp user cd get passive rename verbose cdup help put reset ? close lcd pwd restart # Display the help information for the dir command.
Local directory now /cfa0:/logfile ls Use ls to display detailed information about the files and subdirectories under the current directory on the FTP server. Use ls remotefile to display detailed information about a specific file or directory on the FTP server. Use ls remotefile localfile to save detailed information about a specific file or directory on the FTP server to a local file.
150 Connecting to port 50203 226-Glob: a.txt # Display the content of file s.txt. ftp> bye 221-Goodbye. You uploaded 0 and downloaded 2 kbytes. 221 Logout. more s.txt -rwxr-xr-x 1 0 0 1481 Jul 7 12:34 a.txt Related commands dir mkdir Use mkdir to create a subdirectory in the current directory on the FTP server. Syntax mkdir directory Views FTP client view Predefined user roles network-admin Parameters directory: Specifies the name of the directory to be created.
Parameters remotefile: Specifies the name of the remote file on the FTP server. localfile: Specifies the name of the local file to be updated. Usage guidelines You can perform this operation only after you log in to the FTP server. If the local file does not exist, this command downloads the file from the FTP server and saves it locally. If the remote file on the FTP server is not newer than the local file, this command does not update the local file. Examples # Update the local file with the file a.
Password: 230 User logged in. Remote system type is HP. ftp> passive Use passive to set the FTP operation mode to passive. Syntax passive Default The FTP operation mode is passive. Views FTP client view Predefined user roles network-admin Usage guidelines FTP can operate in either of the following modes: • Active mode—The FTP server initiates the TCP connection. • Passive mode—The FTP client initiates the TCP connection.
Parameters localfile: Specifies the name of the local file to be uploaded. remotefile: Specifies the file name for saving the uploaded file on the FTP server. Usage guidelines You can perform this operation only after you log in to the FTP server. To upload a file in the working directory accessed by the ftp command, the localfile argument must specify a file name such as a.cfg.
Predefined user roles network-admin Usage guidelines You can perform this operation only after you log in to the FTP server. Examples # Display the currently accessed directory on the remote FTP server. ftp> cd subdir 250 OK. Current directory is /subdir ftp> pwd 257 "/subdir" is your current location quit Use quit to terminate the connection to the FTP server and return to user view.
Parameters remotefile: Specifies the name of the file on the FTP server. localfile: Specifies the name of the local file. Usage guidelines You can perform this operation only after you log in to the FTP server. If a file download is not completed due to network problems or insufficient storage space, you can use the reget command to get the missing part of the file from the FTP server after you solve the problem. Examples # Get the part of the s.bin file that is missing due to transmission interruption.
(to-name) b.txt 350 RNFR accepted - file exists, ready for destination 250 File successfully renamed or moved • Method 3 ftp> rename a.txt b.txt 350 RNFR accepted - file exists, ready for destination 250 File successfully renamed or moved reset Use reset to clear the reply information received from the FTP server in the buffer. Syntax reset Views FTP client view Predefined user roles network-admin Examples # Clear the reply information received from the FTP server.
local: h.c remote: h.c 350 Restart position accepted (2). 150 Ok to send data. 226 File receive OK. 80 bytes sent in 0.000445 seconds (175.6 kbyte/s) ftp> dir 150 Here comes the directory listing. -rw-r--r-- 1 0 0 80 Jul 18 02:58 h.c rhelp Use rhelp to display the FTP-related commands supported by the FTP server. Use rhelp protocol-command to display the help information of an FTP-related command supported by the FTP server.
Field Description SYST System parameters. TYPE Request type. CWD Changes the current working directory. XCWD Extended command with the meaning of CWD. PWD Prints the working directory. CDUP Changes the directory to the upper directory. XCUP Extended command with the meaning of CDUP. XPWD Extended command with the meaning of PWD. LIST Lists files. NLST Lists brief file description. MLSD Lists file content. PORT Active mode (IPv4). EPRT Active mode (IPv6).
Predefined user roles network-admin Parameters directory: Specifies the name of a directory on the remote FTP server. Usage guidelines You can perform this operation only after you log in to the FTP server. To perform this operation, you must have delete permission on the FTP server. Delete all files and subdirectories in a directory before you delete the directory. For more information about how to delete files, see the delete command.
No session bandwidth limit Session timeout in seconds is 300 Control connection is plain text Data connections will be plain text At session startup, client count was 1 vsFTPd 2.0.6 - secure, fast, stable 211 End of status Table 13 Command output Filed Description 211-FTP server status: Beginning of the display of FTP server status, where 211 specifies the FTP command. Connected to 192.168.20.177 IP address of the FTP client. Logged in as root Login username root.
Field Description The first bit specifies the file type: -rw-r--r-- • • • • • • • -—Common. B—Block. c—Character. d—Directory. l—Symbol connection file. p—Pipe. s—socket. The second bit through the tenth bit are divided into three groups. Each group contains three characters, representing the access permission of the owner, group, and other users. • • • • -—No permission. r—Read permission. w—Write permission. x—Execution permission. 1 Number of connections. 0 Name of the file owner.
Store unique: off; Receive unique: off Case: off; CR stripping: on Ntrans: off Nmap: off Hash mark printing: off; Use of PORT cmds: on Table 15 Command output Field Description Connected to 192.168.1.56. IP address of the FTP server that is connected to the FTP client. Verbose: on; Bell: off; Prompting: on; Globbing: off Displays debugging information. Store unique: off; Receive unique: off The name of the file on the FTP server is unique and the name of the local file is unique.
Syntax user username [ password ] Views FTP client view Predefined user roles network-admin Parameters username: Specifies the username of the target user account. password: Specifies the password of the target user account. Usage guidelines You can perform this operation only after you log in to the FTP server. The username and password of the target user account must have been configured. Otherwise, the user account change operation fails and the FTP connection is closed.
Verbose mode off. ftp> verbose Verbose mode on. # Execute the get command when FTP operation information display is disabled. ftp> verbose Verbose mode off. ftp> get a.txt # Execute the get command when FTP operation information display is enabled. ftp> verbose Verbose mode on. ftp> get a.txt local: a.txt remote: a.txt 150 Connecting to port 47455 226 File successfully transferred 1569 bytes received in 0.0117 seconds (130.8 kbyte/s) ? Use ? to display all commands supported by an FTP client.
# Display the help information for the dir command.
TFTP commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. In FIPS mode, the device does not support TFTP. tftp Use tftp to download a file from the TFTP server to the local device or upload a local file to the TFTP server in an IPv4 network.
source { interface interface-type interface-number | ip source-ip-address }: Specifies the source address for outgoing TFTP packets. If this keyword is not specified, the device uses the primary IPv4 address of the output interface for the route to the server as the source IPv4 address of outgoing TFTP packets. • interface interface-type interface-number: Specifies an interface by its type and number.
undo tftp client source Default No source IPv4 address is configured for outgoing TFTP packets. The device uses the primary IPv4 address of the output interface for the route to the server as the source IP address. Views System view Predefined user roles network-admin Parameters interface interface-type interface-number: Specifies the source interface for establishing TFTP connections. The primary IPv4 address of the source interface is used as the source IPv4 address for packets sent to a TFTP server.
Parameters tftp-ipv6-server: Specifies the IPv6 address or host name of a TFTP server. The host name can be a case-insensitive string of 1 to 253 characters and can contain only letters, digits, hyphens (-), underscores (_), and dots (.). -i interface-type interface-number: Specifies an output interface by its type and number. This parameter can be used only when the TFTP server address is a link local address and the specified output interface has a link local address.
Usages guidelines The source address specified with the tftp ipv6 command takes precedence over the source address specified with the tftp client ipv6 source command. The source address specified with the tftp client ipv6 source command applies to all TFTP connections. The source address specified with the tftp ipv6 command applies only to the current TFTP connection. Examples # Download the new.bin file from the TFTP server at 2001::1 and save it as new.bin. tftp ipv6 2001::1 get new.bin new.
Examples # Specify source IPv6 address 2000::1 for outgoing TFTP packets. system–view [Sysname] tftp client ipv6 source ipv6 2000::1 Related commands tftp ipv6 tftp-server acl Use tftp-server acl to use an ACL to control the device's access to TFTP servers in an IPv4 network. Use undo tftp-server acl to restore the default. Syntax tftp-server acl acl-number undo tftp-server acl Default No ACL is used to control the device's access to TFTP servers.
Default No ACL is used to control the device's access to TFTP servers. Views System view Predefined user roles network-admin Parameters acl-number: Specifies the number of a basic ACL, in the range of 2000 to 2999. Usages guidelines You can use an ACL to deny or permit the device's access to specific TFTP servers. Examples # Allow the device to access only the TFTP server at 2001::1.
File system management commands IMPORTANT: • Before managing storage media, files, and directories, make sure you know the possible impacts. • A file or directory whose name starts with a period (.) is considered a hidden file or directory. Do not give a common file or directory a name that starts with a period. • Some system files and directories are hidden.
# Return to the upper directory. cd .. # On an MSR4000, change to the test folder in the root directory of the active MPU. 1. Display the number of the slot where the standby MPU resides. display device Slot No. Board Type Status Primary SubSlots ----------------------------------------------------------------------------0 MPU-100 Normal Master 0 1 MPU-100 Normal Standby 0 2 SPU-300 Normal N/A 10 The output shows that the slot number of the standby MPU is 1. 2.
interface as the source IP address for outgoing packets. If you do not specify this option, the device uses the outgoing interface as the source interface. Usage guidelines In non-FIPS mode, you can use the copy command to perform the following operations: • Copy a local file and save it locally. • Copy a local file and save it to an FTP or TFTP server. • Copy a file on an FTP or TFTP server and save it locally. In FIPS mode, you can only copy a local file and save it locally.
# Copy test.cfg from the current folder and save it to the working directory on FTP server 1.1.1.1 as testbackup.cfg. In this example, the FTP username and password are user and private. copy test.cfg ftp://user:private@1.1.1.1/testbackup.cfg Copy cfa0:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg?[Y/N]:y Copying file cfa0:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg... Done. # Copy test.cfg from the working directory on TFTP server 1.1.1.
Syntax delete [ /unreserved ] file-url Views User view Predefined user roles network-admin Parameters /unreserved: Permanently deletes the specified file. If you do not specify this keyword, the command moves the file to the recycle bin. file-url: Specifies the name of the file to be deleted. Asterisks (*) are acceptable as wildcards. For example, to remove files with the .txt extension in the current directory, enter delete *.txt.
Deleting the file permanently will take a long time. Please wait... Deleting file cfa0:/2.cfg...Done. # On an MSR4000, remove the 1.cfg file from the root directory of the storage medium on the standby MPU (in slot 1): • Method 1 delete slot1#cfa0:/1.cfg Delete slot1#cfa0:/1.cfg?[Y/N]:y Deleting file slot1#cfa0:/1.cfg...Done. • Method 2 cd slot1#cfa0:/ delete 1.cfg Delete slot1#cfa0:/1.cfg?[Y/N]:y Deleting file slot1#cfa0:/1.cfg...Done.
dir /all Directory of cfa0:/ ... # On an MSR2000 or MSR3000, display files and folders in the root directory of all storage media on the device. The output was created on an MSR3000. dir /all-filesystems Directory of cfa0:/ ... Directory of cfa0:/ ... # On an MSR4000, display information about all files and folders in the current directory. dir /all Directory of cfa0:/ ... # On an MSR4000, display files and folders in the root directory of all storage media on the device.
file prompt Use file prompt to set the operation mode for files and folders. Syntax file prompt { alert | quiet } undo file prompt Default The alert mode is activated and the system prompts for confirmation when you perform a destructive file or folder operation. Views System view Predefined user roles network-admin Parameters alert: Prompts for confirmation when a destructive file or folder operation is being performed. quiet: Gives no confirmation prompt for file or folder operations.
Before you repair a storage medium, make sure no other users are accessing the medium. Otherwise, the repair operation fails. Examples # Examine and repair the CF card. fixdisk cfa0: Restoring cfa0: may take some time... Restoring cfa0:...Done. format Use format to format a storage medium. Syntax format medium-name Views User view Predefined user roles network-admin Parameters medium-name: Specifies the name of a storage medium.
Parameters filename: Specifies the name of the file to be decompressed. This argument must have .gz as the extension. Usage guidelines This command deletes the specified file after decompressing it. Examples # Decompress the file system.bin.gz. 1. Before decompressing the file, you can display files whose names start with the system. string. dir system.* Directory of cfa0: 1 -rw- 20 Jun 14 2012 10:18:53 system.bin.gz 472972 KB total (472840 KB free) 2. Decompress the file system.bin.gz.
2. Compress the file system.bin. gzip system.bin 3. Verify the compress operation. dir system.* Directory of cfa0: 1 -rw- 20 Jun 14 2012 10:18:53 system.bin.gz 472972 KB total (472840 KB free) mkdir Use mkdir to create a folder in the current directory. Syntax mkdir directory Views User view Predefined user roles network-admin Parameters directory: Specifies the name of a folder. Usage guidelines The name of the folder to be created must be unique in the specified directory.
Predefined user roles network-admin Parameters file-url: Specifies a file name. Examples # Display the contents of the test.txt file. more test.txt Have a nice day. # Display the contents of the testcfg.cfg file. more testcfg.cfg # version 5.20, Beta 1201, Standard # sysname Sysname # vlan 2 # return # On an MSR4000, display the contents of the testcfg.cfg file on the standby MPU (in slot 1). more slot1#cfa0:/testcfg.cfg # version 5.
Parameters medium-name: Specifies the name of a storage medium. Usage guidelines To avoid file system corruption: • On an MSR2000 or MSR3000, do not install or remove a storage medium while the system is mounting it. • On an MSR4000, do not install or remove storage media or cards or perform active/standby switchover while the system is mounting a storage medium. Examples # On an MSR2000 or MSR3000, mount a CF card. mount cfa0: # On an MSR4000, mount a CF card on an MPU.
pwd Use pwd to display the current working directory. Syntax pwd Views User view Predefined user roles network-admin Examples # Display the current working directory. pwd cfa0: rename Use rename to rename a file or folder. Syntax rename fileurl-source fileurl-dest Views User view Predefined user roles network-admin Parameters fileurl-source: Specifies the name of the source file or folder. fileurl-dest: Specifies the name of the destination file or folder.
Views User view Parameters /force: Deletes all files in the recycle bin without prompting for confirmation. If you do not specify this option, the command prompts you to confirm the deletion. Usage guidelines The delete file-url command only moves a file to the recycle bin. To permanently delete the file, use the reset recycle-bin command to clear the recycle bin. If a file is corrupted, you might not be able to delete the file by using the reset recycle-bin command.
Examples # Remove the subtest folder. rmdir subtest/ Remove directory cfa0:/test/subtest and the files in the recycle-bin under this directory will be deleted permanently. Continue?[Y/N]:y Removing directory cfa0:/test/subtest... Done. sha256sum Use sha256sum to use the SHA-256 algorithm to calculate the digest of a file. Syntax sha256sum file-url Views User view Predefined user roles network-admin Parameters file-url: Specifies the name of a file.
Usage guidelines If another file that has the same name exists in the directory, the system prompts you about whether to overwrite the existing file. If you enter Y, the existing file is overwritten. If you enter N, the command is not executed. Examples # Restore the copy.cfg file, which was moved from the cfa0: directory to the recycle bin. undelete copy.cfg Undelete cfa0:/copy.cfg?[Y/N]:y Undeleting file cfa0:/copy.cfg... Done. # Restore the startup.
• On an MR4000, do not install or remove storage media or cards or perform active/standby switchover while the system is unmounting a storage medium. Examples # On an MR2000 or MR3000, unmount a CF card. umount cfa0: # On an MR4000, unmount a CF card from an MPU.
Configuration file management commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. archive configuration Use archive configuration to manually archive the running configuration to the configuration archive directory.
• display archive configuration archive configuration interval Use archive configuration interval to enable automatic running-configuration archiving and set the archiving interval. Use undo archive configuration interval to restore the default. Syntax archive configuration interval minutes undo archive configuration interval Default The system does not automatically archive the running configuration.
Related commands • archive configuration • archive configuration location • archive configuration max • display archive configuration archive configuration location Use archive configuration location to configure the directory and file name prefix for archiving the running configuration. Use undo archive configuration location to restore the default.
The undo archive configuration location command not only removes the configuration archive directory and file name prefix settings but also disables the configuration archive function (both manual and automatic methods), restores the default settings of the archive configuration interval and archive configuration max commands, and clears all configuration archives. Examples # Configure the configuration archive directory as cfa0:/archive/ and the archive file name prefix as my_archive.
Suppose seven configuration archives have been saved before the archive limit is set to four. When saving a new configuration archive, the system first deletes the oldest four (7 – 4 + 1) archives. If you execute the undo archive configuration location command, the default archive limit is restored. Examples # Set the maximum number of configuration archives to 10.
Use undo configuration encrypt to restore the default. Syntax configuration encrypt { private-key | public-key } undo configuration encrypt Default Configuration encryption is disabled. The running configuration is saved to a configuration file without encryption. Views System view Predefined user roles network-admin Parameters private-key: Encrypts configuration with a private key. Any HP device running Comware V7 software can decrypt the encrypted configuration file.
To ensure a successful rollback: • Make sure the replacement configuration file is created by using the configuration archive function or the save command on the device. • If the configuration file is not created on the device, make sure the configuration file content format is fully compatible with the device. • Make sure the replacement configuration file is not encrypted. Examples # Replace the running configuration with the configuration in the my_archive_1.cfg configuration file.
Table 18 Command output Field Description Location Absolute path of the directory for saving running-configuration archives. Filename prefix File name prefix for configuration archives. Archive interval in minutes Interval (in minutes) for the system to automatically archive the running configuration. If automatic configuration saving is disabled, this field is not available. Maximum number of archive files Maximum number of configuration archives that can be saved.
If the system has automatically changed the setting you have made for a parameter, for example, due to a system restriction, this command displays the effective setting rather than the configured one. Examples # Display local user configuration.
display saved-configuration Use display saved-configuration to display the configuration saved to the main next-startup configuration file. Syntax display saved-configuration Views Any view Predefined user roles network-admin network-operator Usage guidelines Use this command to verify that important settings have been saved to the main next-startup configuration file.
Syntax display startup Views Any view Predefined user roles network-admin network-operator Usage guidelines Current startup configuration file is the configuration file that has been loaded. Next-startup configuration file is the configuration file used at the next startup. On an MSR4000, the standby MPU always uses the same current startup configuration file as the active MPU.
Field Description Next main startup saved-configuration file Primary startup configuration file to be used at the next startup. Next backup startup saved-configuration file Backup startup configuration file to be used at the next startup. Slot n Displays the startup configuration files on the MPU in slot n. Related commands startup saved-configuration display this Use display this to display the running configuration in the current view.
user-role network-operator # user-interface con 0 user-role network-admin # user-interface vty 0 63 authentication-mode none user-role network-admin # return reset saved-configuration Use reset saved-configuration to delete next-startup configuration files. Syntax reset saved-configuration [ backup | main ] Views User view Predefined user roles network-admin Parameters backup: Deletes the backup next-startup configuration file. main: Deletes the main next-startup configuration file.
Please wait ........... Configuration file is cleared. # On MSR4000, delete the main next-startup configuration file. reset saved-configuration The saved configuration file will be erased. Are you sure? [Y/N]:y Configuration file in cfa0 is being cleared. Please wait ... .. MainBoard: Configuration file is cleared.
# On an MSR4000, download the configuration file test.cfg from the TFTP server at 2.2.2.2, and specify the file as the main next-startup configuration file. restore startup-configuration from 2.2.2.2 config.cfg Restoring the next startup-configuration file from 2.2.2.2. Please wait...finished. Now restoring the next startup-configuration file from main board to backup board. Please wait...finished.
safely: Saves the configuration file in safe mode. If this keyword is not specified, the device saves the configuration file in fast mode. Safe mode is slower than fast mode, but more secure. In safe mode, the system saves configuration in a temporary file and starts overwriting the target next-startup configuration file after the save operation is complete. If a reboot, power failure, or out of memory event occurs during the save operation, the next-startup configuration file is retained.
Configuration is saved to device successfully. # On an MSR4000, save the running configuration to a file in the root directory of the storage medium, and specify the file as the main next-startup configuration file. save The current configuration will be written to the device. Are you sure? [Y/N]:y Please input the file name(*.cfg)[cfa0:/startup.cfg] (To leave the existing filename unchanged, press the enter key): Validating file. Please wait...
main: Specifies the configuration file as the main next-startup configuration file. This is the primary configuration file that the device attempts to load at startup. If the loading attempt fails, the device tries the backup next-startup configuration file. Usage guidelines On an MSR4000, the startup saved-configuration command applies to both MPUs.
Software upgrade commands boot-loader file Use boot-loader file to specify startup software image files.
Usage guidelines On an MSR2000 or MSR3000: Before specifying startup software image files, you must perform the following tasks: • Save the upgrade files to the root directory of the storage medium. • If the specified software images require a license, register and activate a license for each image.
cfa0:/ssh.bin already exists on the device. Overwrite it? [Y/N]:y The specified file list will be used as the backup startup software images at the next reboot on the device. # On an MSR4000, specify cfa0:/all.ipe as the backup startup image file for the MPU in slot 0. boot-loader file cfa0:/all.ipe slot 0 backup Images in IPE: boot.bin system.bin ssh.bin This command will set the backup startup software images. Continue? [Y/N]:Y Add images to target slot. cfa0:/boot.bin already exists on slot 0.
The startup images synchronized to the standby MPU are set as main startup images, regardless of whether the source startup images are main or backup. If the active MPU has started up with main startup images, its main startup images are synchronized to the standby MPU, regardless of whether any change has been made to this set of startup images.
you do not specify a subcard for a base card, this command performs Boot ROM loading for the base card. (MSR2000/MSR3000.) slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number. For example, slot 0 to 1 2. (MSR4000.) subslot subslot-number-list: Specifies a list of up to seven subslot number items.
Usage guidelines Before a Boot ROM image upgrade starts, this function examines the upgrade Boot ROM image for file validity and incompatibility with hardware. If the Boot ROM image passes the check, the upgrade process starts. If not, the system does not perform the upgrade. Examples # Enable Boot ROM image validity check. system-view [Sysname] bootrom-update security-check enable display boot-loader Use display boot-loader to display current software images and startup software images.
None # On an MSR4000, display current software images and startup software images. display boot-loader Software images on slot 0: Current software images: cfa0:/msr56-cmw710-boot-e000603.bin cfa0:/msr56-cmw710-system-e000603.bin cfa0:/msr56-cmw710-security-e000603.bin cfa0:/msr56-cmw710-voice-e000603.bin cfa0:/msr56-cmw710-data-e000603.bin Main startup software images: cfa0:/msr56-cmw710-boot-e000603.bin cfa0:/msr56-cmw710-system-e000603.bin cfa0:/msr56-cmw710-security-e000603.
version auto-update enable Use version auto-update enable to enable software synchronization from the active MPU to the standby MPU at startup. Use undo version auto-update enable to disable the function. Syntax version auto-update enable undo version auto-update enable Default If software inconsistency is detected at startup, the standby MPU loads the current software images of the active MPU.
Use undo version check ignore to enable this function. Syntax version check ignore undo version check ignore Default The startup software images on the standby MPU are checked for version inconsistency with the current software images on the active MPU.
Emergency shell commands Unless otherwise stated, a file name or path argument for an MSR2000 or MSR3000 is case insensitive and must indicate the storage medium. The path information might contain multiple levels of directories, and each can include 1 to 255 characters. The file name alone (without the path information) can include 1 to 255 characters. The argument, including the storage medium, the path information, and the file name, can include 1 to 511 characters.
Syntax delete file-url Views User view Parameters file-url: Specifies the name of the file to be deleted. Examples # Delete the tt.cfg file from the current directory. delete cfa0:/tt.cfg Delete cfa0:/tt.cfg? [Y/N]:y Deleting the file permanently will take a long time. Please wait... Start to delete cfa0:/tt.cfg...Done. dir Use dir to display files or directories. Syntax dir [ /all ] [ file-url ] Views User view Parameters /all: Displays both hidden and non-hidden files and subdirectories.
1 drw- - Apr 16 2013 15:46:32 logfile 2 drw- - Mar 07 2013 00:04:48 diagfile 3 drw- - Mar 07 2013 00:04:48 seclog 4 -rw- 47854592 Apr 16 2013 15:44:50 msr36.ipe 5 -rw- 11892736 Apr 16 2013 15:45:28 msr36-cmw710-boot-e000603 6 -rw- 777 Apr 17 2013 17:47:18 ifindex.dat 7 -rw- 3606 Apr 17 2013 17:47:18 startup.cfg 8 -rw- 2304 Apr 17 2013 17:45:34 3640a_security.ak 9 -rw- 2298 Apr 17 2013 17:45:46 3640a_voice.ak 10 -rw- 2296 Apr 17 2013 17:45:58 3640a_data.
Field Description Information about a file or directory: • 0—Index number, automatically assigned by the system. • -rw-—Attributes of the file or directory. The first character is the directory 0 drw2013 17:47:00 indicator (d for directory and - for file). The second character indicates whether the file or directory is readable (r for readable). The third character indicates whether the file or directory is writable (w for writable).
cfa0:/system.bin [Package] Vendor: HP Product: MSR3000 Service name: boot Platform version: 7.1.042P01 Product version: ESS 000603 Supported board: MSR3012,MSR3024,MSR3044,MSR3064 [Component] Component: boot Description: boot package Table 23 Command output Field Description Product Product name. Type of the service package: Service name • boot—Boot image. • system—System image. • patch—Patch package. The value of this field is any other value for feature packages.
Inet6 Address is FE80::54D5:4EFF:FE4D:451C/10 Scope:Link IP Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address:56D5-4E4D-451C IPV6 Packet Frame Type:PKTFMT_ETHNT_2, Hardware Address:56D5-4E4D-451C Input:513 packets, 0 errors, 0 dropped, 0 overruns, 0 frame Output:6 packets, 0 errors, 0 dropped, 0 overruns, 0 carrier 0 collisions, 0 txqueuelen Input bytes:68702 Output bytes:468 Table 24 Command output Field Description Physical layer status of the management Ethernet interface: • Administratively DOWN—The
Field Description Statistics for sent packets: Output: 431 packets, 0 errors, 0 dropped, 0 overruns, 0 carrier, 0 collisions, 1000 txqueuelen • • • • • • • Total number. Number of erroneous packets. Number of dropped packets. Number of packets encountering queue overflow errors. Number of packets encountering carrier failures. Number of packets with collision. Number of packets permitted by the queue. Input bytes Total number of received bytes. Output bytes Total number of sent bytes.
Field Description Ref Number of times the route has been referenced by other route entries. Use Number of times the route has been matched. Iface Outbound interface. display ipv6 routing-table Use display ipv6 routing-table to display IPv6 routing information. Syntax display ipv6 routing-table Views Any view Examples # Display IPv6 routing information.
Field Description Use Number of times the route has been matched. Iface Outbound interface. If it is a loopback interface, the value of this field is lo. display version Use display version to display the version information of the boot image. Syntax display version Views Any view Examples # Display the version information of the boot image. display version … format Use format to format a storage medium.
ftp Use ftp to access a remote FTP server. Syntax ftp { server-ipv4-address | ipv6 server-ipv6-address } user username password password { get remote-file local-file | put local-file remote-file } Views User view Parameters server-ipv4-address: Specifies the IPv4 address of the FTP server. server-ipv6-address: Specifies the IPv6 address of the FTP server. user username: Specifies the login username, a case-sensitive string of 1 to 15 characters.
Usage guidelines When you execute this command, the system modifies the main startup software image set to include only the boot image and system image so the device can reboot correctly. After the Comware system is started, you can load feature images and patch images as described in the chapters about software upgrade and ISSU in Fundamentals Configuration Guide. Examples # Load a system image and start the Comware system. install load cfa0:/system.bin Check package cfa0:/system.bin ...
Related commands quit ip address Use ip address to assign an IPv4 address to the management Ethernet port. Use undo ip address to restore the default. Syntax ip address ip-address { mask-length | mask } undo ip address Default The management Ethernet port has no IPv4 address. Views Management Ethernet port view Parameters ip-address: Specifies an IPv4 address in dotted decimal notation. mask-length: Specifies the length of the subnet mask, in the range of 0 to 32.
Default The management Ethernet port has no IPv4 gateway configured. Views Management Ethernet port view Parameters ip-address: Specifies an IPv4 gateway address in dotted decimal notation. Usage guidelines When the device needs to communicate with a device on a remote IPv4 network, you must specify an IPv4 gateway for the management Ethernet port. If you execute this command multiple times, the most recent configuration takes effect.
system-view [boot] interface m-eth0 [boot-m-eth0] ipv6 address 2001::1 64 ipv6 gateway Use ipv6 gateway to specify an IPv6 gateway for the management Ethernet port. Use undo ipv6 gateway to restore the default. Syntax ipv6 gateway link-local undo ipv6 gateway Default The management Ethernet port has no IPv6 gateway configured. Views Management Ethernet port view Parameters link-local: Specifies the Link-local address of an IPv6 gateway.
Usage guidelines The path must already exist. For example, to create the cfa0:/test/mytest directory, the directory test must already exist on the CF card. The name for the new directory must be unique in the upper-level directory. Examples # Create a directory named test in the current directory. mkdir cfa0:/test Directory cfa0:/test created. # Create a directory named subtest in the test directory. mkdir cfa0:/test/subtest Directory cfa0:/test/subtest created.
Usage guidelines If you specify a non-existent destination file name, the command moves the source file to the destination directory and renames it. If you specify an existing destination file name, the system prompts whether to overwrite the existing file. Examples # Move the config.cfg file to the cfa0:/002 directory. move cfa0:/config.cfg cfa0:/test/ Move cfa0:/config.cfg to cfa0:/test/config.cfg?[Y/N]:y dir cfa0:/test Directory of cfa0:/test 0 -rw- 77065 Oct 20 1939 06:15:02 test.
Table 27 Command output Field description PING 1.2.1.1 (1.2.1.1) Checking the connectivity to the device at 1.2.1.1. 56 data bytes Number of data bytes in each ICMP echo request. Received an ICMP reply from the device at 1.2.1.1. Fields of the reply: 56 bytes from 1.2.1.1: seq=0 ttl=128 time=2.243 ms • bytes—Number of data bytes in the ICMP reply. • seq—Sequence number of the reply. You can examine the sequence numbers of replies to determine whether packets are missing, disordered, or duplicated.
56 bytes from 2001::2: seq=1 ttl=64 time=1.140 ms 56 bytes from 2001::2: seq=2 ttl=64 time=2.027 ms 56 bytes from 2001::2: seq=3 ttl=64 time=0.887 ms 56 bytes from 2001::2: seq=4 ttl=64 time=0.791 ms --- 2001::2 ping statistics --5 packets transmitted, 5 packets received, 0% packet loss round-trip min/avg/max = 0.791/2.053/5.420 ms For more information about the fields, see Table 27. pwd Use pwd to display the current path. Syntax pwd Views User view Examples # Display the current path.
Views User view Examples # On an MSR2000 or MSR3000, reboot the device. reboot # On an MSR4000, reboot the current MPU. reboot reset ssh public-key Use reset ssh public-key to delete all server public keys saved on the device.
client001@192.168.1.59's password: ****************************************************************************** * Copyright (c) 2010-2013 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** rmdir Use rmdir to delete an existing directory.
Usage guidelines When the management Ethernet port is not operating correctly, you can shut it down and then bring it up. Examples # Shut down the management Ethernet port. system-view [boot] interface m-eth0 [boot-m-eth0] shutdown # Bring up the management Ethernet port. [boot-m-eth0] undo shutdown ssh2 Use ssh2 to log in to an SSH server.
****************************************************************************** * Copyright (c) 2004-2013 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** system-view Use system-view to enter system view from user view.
tftp Use tftp to log in to a TFTP server. Syntax tftp server-ipv4-address { get remote-file local-file | put local-file remote-file } tftp ipv6 server-ipv6-address { get remote-file local-file | put local-file remote-file } Views User view Parameters server-ipv4-address: Specifies the IPv4 address of the TFTP server in dotted decimal notation. server-ipv6-address: Specifies the IPv6 address of the TFTP server. get remote-file local-file: Downloads a file from the TFTP server.
Device management commands card-mode Use card-mode to set the operating mode of an interface card. Syntax On an MSR2000 or MSR3000: card-mode slot slot-number mode-name On an MSR4000: card-mode slot slot-number subslot subslot-number mode-name Views System view Predefined user roles network-admin Parameters slot slot-number: Specifies a subcard by its subslot number. (On an MSR2000 or MSR3000.) slot slot-number: Specifies a card by its slot number. (On an MSR4000.
Usage guidelines The new operating mode takes effect immediately. Examples # Set the operating mode to E3 for the interface card in slot 2. system-view [Sysname] card-mode slot 2 e3 Please reboot or hot-swap the board or card (if supported) to make the configuration take effect. clock datetime Use clock datetime to set the UTC time. Syntax clock datetime time date Views User view Predefined user roles network-admin Parameters time: Specifies a time in the format hh:mm:ss.
clock summer-time Use clock summer-time to configure the device to use daylight saving time during a specific period of time. Use undo clock summer-time to cancel the configuration. Syntax clock summer-time name start-time start-date end-time end-date add-time undo clock summer-time Default Daylight saving time is disabled. Views System view Pre-defined user roles network-admin Parameters name: Specifies a name for the daylight saving time schedule, a case-sensitive string of 1 to 32 characters.
{ week—Represents week of the month. It takes first, second, third, fourth, fifth, or last. { day—Takes Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday. add-time: Specifies the time to be added to the standard time, in the format hh:mm:ss. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it.
minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8. Usage guidelines The local time zone, together with the UTC time and daylight saving time, determines the system time. You can use the display clock command to view the system time. A correct system time setting is essential to network management and communication.
The system does not check the validity of the command argument. You must make sure the command is supported by the device, is input in the correct format, and uses valid values. Otherwise, the command cannot be executed automatically. Examples # Assign commands to job backupconfig to back up configuration file startup.cfg to the TFTP server at 192.168.100.11. system-view [Sysname] scheduler job backupconfig [Sysname-job-backupconfig] command 2 tftp 192.168.100.11 put cfa0:/startup.cfg backup.
**************************************************************************** User interface con0 is available. Press ENTER to get started. # Disable displaying the copyright statement. system-view [Sysname] undo copyright-info enable When a Telnet user logs in, the user view prompt appears: • When a console user quits user view, the following message appears: • User interface con0 is available. Press ENTER to get started.
Field Description Level Alarm severity. Possible values include ERROR, WARNING, NOTICE, and INFO, in descending order. Info Detailed alarm information. faulty The card is starting up or is faulty. # On an MSR4000, display alarm information. display alarm Slot Level Info 2 ERROR faulty 5 ERROR faulty 8 ERROR faulty Table 29 Command output Field Description Slot Slot number of the card with an alarm. If the value is a hyphen (-), the alarm was generated by the chassis.
# Display the system time and date when the local time zone Z5 and daylight saving time PDT are specified. display clock 15:11:00 Z5 Fri 03/16/2012 Time Zone : Z5 add 05:00:00 Summer Time : PDT 06:00:00 08/01 06:00:00 09/01 01:00:00 Related commands • clock datetime • clock timezone • clock summer-time display copyright Use display copyright to display the copyright statement, including software and hardware copyright statements, and third-party software license agreements.
Parameters slot slot-number: Specifies a card by its slot number. Without this option, the command displays the CPU usage statistics for all cards. (On an MSR4000.) cpu cpu-number: Displays the CPU usage statistics for the specified CPU. If this option is not provided, the command displays the CPU usage statistics for all CPUs on the card in the specified slot.
display cpu-usage history [ job job-id ] [ slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin network-operator Parameters job job-id: Specifies a process by its ID. Without this option, the command displays the historical CPU usage statistics for the entire system, which is the sum of the historical CPU usage statistics for all processes in the system. To view the IDs and names of the running processes, use the display process command.
25%| 20%| 15%| # 10%| ### 5%| # ######## -----------------------------------------------------------10 20 30 40 50 60 (minutes) cpu-usage (CPU 0) last 60 minutes (SYSTEM) The output shows the historical CPU usage statistics for the entire system (with the name SYSTEM) in the last 60 minutes: • 5%: 12 minutes ago • 10%: 13 minutes ago • 15%: 14 minutes ago • 10%: 15 minutes ago • 5%: 16 and 17 minutes ago • 10%: 18 minutes ago • 5%: 19 minutes ago • 2% or lower than 2%: Other ti
• 5%: 20 minutes ago • 2% or lower than 2%: Other time display device Use display device to display device information. Syntax On an MSR2000 or MSR3000: display device [ cf-card | usb ] [ slot slot-number | verbose ] On an MSR4000: display device [ cf-card | usb ] [ slot slot-number [ subslot subslot-number ] | verbose ] Views Any view Predefined user roles network-admin network-operator Parameters cf-card: Specifies the CF cards. usb: Specifies the device connected to the USB interface.
Table 31 Command output Field Description Slot No. Slot number of the card. Board Type Hardware type of the card. Card status: Status • Fault—The card is faulty and cannot start up. • Normal—The card is operating correctly. Max Ports Maximum number of ports that the card supports. # On an MSR4000, display device information. display device Slot No.
Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a subcard by its subslot number. Without this option, the command displays the electronic label information of all subcards. (On an MSR2000 or MSR3000.) slot slot-number: Specifies a card by its slot number. Without this option, the command displays the electronic label information of all cards. (On an MSR4000.) subslot subslot-number: Specifies a subcard by its subslot number.
MANUFACTURING_DATE : 2013-03-10 VENDOR_NAME : HP Slot 2 subslot 0 DEVICE_NAME : RT-MPU-100 DEVICE_SERIAL_NUMBER : 210231A1UXA129000001 MAC_ADDRESS : 000F-E212-3458 MANUFACTURING_DATE : 2012-09-15 VENDOR_NAME : HP subslot 3 DEVICE_NAME : RT-HMIM-Adapter DEVICE_SERIAL_NUMBER : 210231A1V4B132000120 MAC_ADDRESS : NONE MANUFACTURING_DATE : 2013-02-26 VENDOR_NAME : HP Fan 1 DEVICE_NAME : NONE DEVICE_SERIAL_NUMBER : NONE MAC_ADDRESS : NONE MANUFACTURING_DATE : NONE VENDOR_NAME : NONE Po
Syntax display device manuinfo fan fan-id The following matrix shows the command and router compatibility: Command MSR2000 MSR3000 MSR4000 display device manuinfo fan No No Yes Views Any view Predefined user roles network-admin network-operator Parameters fan-id: Specifies a fan by its ID. The value is always 1. Examples # Display the electronic label information of fan 1.
Parameters power-id: Specifies a power supply by its ID. The following matrix shows the argument and router compatibility and the value ranges for the argument: Argument MSR2000 power-id No MSR3000 MSR4000 Yes Yes 1 to 2 1 to 4 Examples # Display the electronic label information of power supply 2.
display the output on the screen. The file used to save the output is automatically compressed to save storage space. Examples # Display the operating statistics for multiple feature modules in the system.
0 0 hotspot 1 36 0 60 70 1 0 hotspot 1 37 0 60 70 2 0 inflow 1 31 0 60 70 2 0 hotspot 1 38 0 65 70 Table 34 Command output Field Description Slot The value vent indicates that the sensor is for the frame or fan tray. A number in this field indicates that the sensor is for the device. (On an MSR2000 or MSR3000.) Slot The value vent indicates that the sensor is for the frame or fan tray. A number in this field indicates that the sensor is for the card in the specified slot.
network-operator Parameters slot slot-number: Specifies an interface card by its slot number. Without this option, the command displays the switching fabric channel utilization on all interface cards. Examples # Display the switching fabric channel utilization on the interface card in slot 5.
Examples # Display the operating states of all fans. display fan display memory Use display memory to display memory usage. Syntax On an MSR2000 or MSR3000: display memory On an MSR4000: display memory [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a card by its slot number. Without this option, the command displays memory usage for all cards. (On an MSR4000.) Examples # Display memory usage.
Field Description Free Free physical memory. Shared Physical memory shared by processes. Buffers Physical memory used for buffers. Cached Physical memory used for caches. FreeRatio Free memory ratio. -/+ buffers/cache Swap -/+ buffers/cache:used = Mem:used – Mem:buffers – Mem:cached, which indicates the physical memory used by applications. -/+ buffers/cache:free = Mem:free + Mem:buffers + Mem:cached, which indicates the physical memory available for applications. Swap memory.
Current memory state: Normal Event statistics: [Back to normal state] First notification: 2012-5-15 09:21:35.546 Latest notification: 2012-5-15 09:21:35.546 Total number of notifications sent: 1 [Enter minor low-memory state] First notification at: 2012-5-15 09:07:05.941 Lastest notification at: 2012-5-15 09:07:05.941 Total number of notifications sent: 1 [Back to minor low-memory state] First notification at: 0.0 Lastest notification at: 0.
• Number of redundant power supplies and the available, redundant, used, and remaining power of each power supply. • Status of the installed power supplies. • Power supply status of the interface cards. Examples # Display detailed power supply information. (Output not shown.) display power-supply verbose display scheduler job Use display scheduler job to display job configuration information.
Views Any view Predefined user roles network-admin network-operator Examples # Display job execution log information. display scheduler logfile Logfile Size: 1902 Bytes. Job name : shutdown Schedule name : shutdown Execution time : Tue Dec 27 10:44:42 2011 Completion time : Tue Dec 27 10:44:47 2011 --------------------------------- Job output ----------------------------------system-view System View: return to User View with Ctrl+Z.
Examples # Display the automatic reboot schedule. display scheduler reboot System will reboot at 16:32:00 05/23/2011 (in 1 hours and 39 minutes). Related commands • scheduler reboot at • scheduler reboot delay display scheduler schedule Use display scheduler schedule to display schedule information.
Field Description Last completion time Last time when the schedule was completed. If no execution time is specified, this field is not displayed. Execution counts Number of times the schedule has been executed. If the schedule has never been executed, this field is not displayed. Job name Name of a job under the schedule. Result of the most recent execution: Last execution status • • • • • Successful. Failed. Waiting—The device is executing the schedule and the job is waiting to be executed.
Field Remarks TX bias low The transmitted bias current is low. TX power high The transmitted optical power is high. TX power low The transmitted optical power is low. Temp high The temperature is high. Temp low The temperature is low. Voltage high The voltage is high. Voltage low The voltage is low. Transceiver info I/O error Transceiver information read/write error. Transceiver info checksum error Transceiver information checksum error.
Field Remarks Transceiver type and port configuration mismatch The type of the transceiver module does not match the port configuration. Transceiver type not supported by port hardware The port does not support this type of transceiver modules. XENPAK: WIS local fault WAN interface sublayer local error. Receive optical power fault Received optical power error. PMA/PMD receiver local fault Physical medium attachment/physical medium dependent local error.
Table 40 Command output Field Description transceiver current alarm information Alarms present on the transceiver module. RX loss of signal Received signals are lost. RX power low Received power is low. display transceiver diagnosis Use display transceiver diagnosis to display the current measured values of the digital diagnosis parameters for transceiver modules.
Field Description TX power(dBm) TX power in dBm, accurate to 0.01 dBm. display transceiver interface Use display transceiver interface to display the key parameters of transceiver modules. Syntax display transceiver interface [ interface-type interface-number ] Views Any view Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number.
Field Description Transfer distance, with "xx" representing the distance unit: km (kilometers) for single-mode transceiver modules and m (meters) for other transceiver modules. Transfer Distance(xx) Digital Diagnostic Monitoring Ordering Name If the transceiver module supports multiple transfer media, the transfer distances are separated by commas. The transfer medium is included in the bracket following the transfer distance value.
Predefined user roles network-admin network-operator Usage guidelines The device records its current startup software version information and all subsequent version update information. Such information can survive reboots. The maximum number of records is 10. Examples # Display the startup software image upgrade history records. display version-update-record Name Record 1 Version * boot-e2205.bin system-e2205.bin Record 2 Compile time (updated on Jul 27 2012 at 09:47:58): 7.1.
Predefined user roles network-admin Parameters incoming: Configures the banner to be displayed before a modem dial-up user accesses user view. If authentication is required, the incoming banner appears after the authentication is passed. legal: Configures the banner to be displayed before a user inputs the username and password to access the CLI. login: Configures the banner displayed to be before password or scheme authentication is performed for a login user.
Welcome to motd(header motd) Welcome to login(header login) Login authentication Password: Welcome to shell(header shell) job Use job to assign a job to a schedule. Use undo job to revoke a job. Syntax job job-name undo job job-name Default No job is assigned to a schedule. Views Schedule view Predefined user roles network-admin Parameters job-name: Specifies the job name, a case-sensitive string of 1 to 47 characters. Usage guidelines You can assign multiple jobs to a schedule.
memory-threshold Use memory-threshold to set memory usage thresholds. Use undo memory-threshold to restore the defaults. Syntax On an MSR2000 or MSR3000: memory-threshold minor minor-value severe severe-value critical critical-value normal normal-value undo memory-threshold On an MSR4000: memory-threshold [ slot slot-number ] minor minor-value severe severe-value critical critical-value normal normal-value undo memory-threshold [ slot slot-number ] Default • Minor alarm threshold: 96 MB.
Option MSR2000 MSR3000 MSR4000 critical critical-value 0 to 1004 0 to 1961 0 to 1961 normal normal-value 0 to 1004 0 to 1961 0 to 1961 Usage guidelines To ensure correct operation and improve memory utilization, the system monitors the amount of free memory space in real time. When a threshold is exceeded, the system sends an alarm notification or an alarm-removed notification to affected feature modules or processes so they can take countermeasures.
Examples # Disable password recovery capability. system-view [Sysname] undo password-recovery enable power-supply policy enable Use power-supply policy enable to enable power supply management. Use undo power-supply policy enable to disable power supply management.
Default The number of redundant power supplies is 0. Views System view Predefined user roles network-admin Parameters module-count: Specifies the number of redundant power supplies. The upper limit of the value range is the maximum number of redundant power supplies supported by the system.
Usage guidelines CAUTION: • A device reboot can interrupt network services. • If the main startup software images are corrupted or missing, you must re-specify a set of main startup software images before using the reboot command to reboot the device. Otherwise, the device cannot start up. For data security, the device does not reboot if you reboot the device while the device is performing file operations. If you do not specify the slot-number argument, the command reboots the entire device.
This command will reboot the specified subslot, Continue? [Y/N]:y Now rebooting, please wait... # On an MSR4000, reboot the interface card in slot 2 by force. reboot slot 2 subslot 2 force This command will reboot the specified subslot, Continue? [Y/N]:y Now rebooting, please wait... reset version-update-record Use reset version-update-record to clear the startup software image upgrade history records. (On an MSR2000 or MSR3000.
Related commands display scheduler logfile restore factory-default Use restore factory-default to restore the factory-default configuration for the device. Syntax restore factory-default Views User view Predefined user roles network-admin Usage guidelines CAUTION: This command is disruptive. If a device fails or you want to use it in a different scenario, you can restore the factory-default configuration for the device. This command does the following: • Deletes all configuration files (.
Syntax save-power delay-timer time undo save-power delay-timer The following matrix shows the command and router compatibility: Command MSR2000 MSR3000 MSR4000 save-power delay-timer Yes Yes No Default The wake-to-sleep delay time is 30 seconds. Views System view Predefined user roles network-admin Parameters time: Specifies the delay time in seconds, in the range of 10 to 100. Usage guidelines When the power saving function is enabled, the device operates in sleep mode or wake mode.
Default The power saving function is disabled. Views System view Predefined user roles network-admin Examples # Enable the power saving function. system-view [Sysname] save-power enable scheduler job Use scheduler job to create a job and enter job view. If the job already exists, you enter job view directly. Use undo scheduler job to delete a job. Syntax scheduler job job-name undo scheduler job job-name Default No job exists.
scheduler logfile size Use scheduler logfile size to set the size of the job execution log file. Syntax scheduler logfile size value Default The size of the job execution log file is 16 KB. Views System view Predefined user roles network-admin Parameters value: Sets the size of the job execution log file, in KB. The value range is 16 to 1024. Usage guidelines The job execution log file saves the execution information of jobs. If the file is full, old records will be replaced by new records.
Parameters time: Specifies the reboot time in the format hh:mm, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59. date: Specifies the reboot date in the format MM/DD/YYYY or YYYY/MM/DD. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range of DD depends on the month value. Usage guidelines CAUTION: Device reboot interrupts network services.
Parameters time: Specifies the reboot delay time in the format hh:mm or mm. This argument can consist up to 6 characters. When in the format hh:mm, mm must be in the range of 0 to 59. Usage guidelines CAUTION: Device reboot interrupts network services. For data security, if you are performing file operations at the reboot time, the system does not reboot. The device supports only one device reboot schedule.
4. In schedule view, use the job command to assign the job to the schedule. You can assign multiple jobs to a schedule. The jobs must already exist. 5. In schedule view, use the time at, time once, or time repeating command to specify an execution time for the schedule. You can specify only one execution time per schedule. Examples # Create a schedule named saveconfig.
system-view [Sysname] shutdown-interval 100 sysname Use sysname to set the device name. Use undo sysname to restore the default. Syntax sysname sysname undo sysname Default The device name is HP. Views System view Predefined user roles network-admin Parameters sysname: Specifies a name for the device, a string of 1 to 30 characters. Usage guidelines A device name identifies a device in a network and is used as the user view prompt at the CLI.
Predefined user roles network-admin Parameters time: Specifies the schedule execution time in the format hh:mm, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59. date: Specifies the schedule execution date in the format MM/DD/YYYY or YYYY/MM/DD. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range of DD depends on the month value. Usage guidelines The specified time (date plus time) must be later than the current system time.
week-day week-day&<1-7>: Specifies one or more week days for the schedule. Valid values include Mon, Tue, Wed, Thu, Fri, Sat, and Sun. <1-7> means that you can specify 1 to 7 week days. To specify multiple week days, separate the values with spaces. delay time: Specifies the delay time for executing the schedule, in the format hh:mm or mm. This argument can consist up to 6 characters. When in the format hh:mm, mm must be in the range of 0 to 59.
Default No execution time table is specified for a schedule. Views Schedule view Predefined user roles network-admin Parameters at time: Specifies the execution time in the format hh:mm, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59. If you do not specify this option, the current system time is used as the execution time. date: Specifies the start date for the periodic schedule, in the format MM/DD/YYYY or YYYY/MM/DD.
[Sysname-schedule-saveconfig] time repeating at 8:00 month-date 5 # Configure the device to execute schedule saveconfig at 8:00 a.m. on the last day of every month. system-view [Sysname] scheduler schedule saveconfig [Sysname-schedule-saveconfig] time repeating at 8:00 month-date last # Configure the device to execute schedule saveconfig at 8:00 a.m. every Friday and Saturday.
undo usb disable Default All USB interfaces are enabled. Views System view Predefined user roles network-admin Usage guidelines You can use USB interfaces to upload or download files or to connect a 3G modem. By default, all USB interfaces are enabled. Before using this command, you must unmount all USB devices. Examples # Enable all USB interfaces.
Tcl commands tclsh Use tclsh to enter Tcl configuration view from user view. Syntax tclsh Views User view Predefined user roles network-admin Usage guidelines From user view, you can use the tclsh command to enter Tcl configuration view, where you can execute the following commands: • All Tcl 8.5 commands. • Comware commands. In this case, the Tcl configuration view is equivalent to the user view. You can use Comware commands in Tcl configuration view in the same way they are used in user view.
Examples # Return from Tcl configuration view to user view.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point.
Index ABCDEFGHIJLMNOPQRSTUVW A D activation-key,46 databits,51 append,91 debug,96 archive configuration,148 delete,175 archive configuration interval,149 delete,133 archive configuration location,150 delete,97 archive configuration max,151 description,12 ascii,92 dir,176 authentication-mode,47 dir,135 auto-execute command,48 dir,97 B disconnect,98 display | { begin | exclude | include },2 backup startup-configuration,152 display | by-linenum,3 binary,92 display >,4 boot-loader file
display history-command all,7 ftp,99 display hotkey,7 ftp,184 display install package,178 ftp client ipv6 source,101 display interface m-eth0,179 ftp client source,100 display ip routing-table,181 ftp ipv6,102 display ipv6 routing-table,182 ftp server acl,88 display line,52 ftp server dscp,89 display memory,219 ftp server enable,89 display memory-threshold,220 ftp server ipv6 dscp,90 display power-supply,221 ftp timeout,90 display role,12 G display role feature,20 get,103 display rol
more,140 restore startup-configuration,161 mount,141 return,10 move,142 rhelp,114 move,189 rmdir,115 N rmdir,194 rmdir,144 newer,107 role,35 O role default-role enable,35 open,108 role feature-group,36 P rstatus,116 rule,37 parity,67 passive,109 S password-recovery enable,235 save,162 permit interface,30 save-power delay-timer,240 permit vlan,32 save-power enable,241 permit vpn-instance,33 scheduler job,242 ping,190 scheduler logfile size,243 ping ipv6,191 scheduler reboot at,
telnet,74 transceiver phony-alarm-disable,251 telnet,196 U telnet client source,74 umount,146 telnet ipv6,75 undelete,145 telnet server acl,76 usb disable,251 telnet server dscp,77 user,119 telnet server enable,79 user-interface,80 telnet server ipv6 acl,78 user-interface class,82 telnet server ipv6 dscp,78 user-role,83 terminal type,80 V tftp,123 tftp,197 verbose,120 tftp client ipv6 source,127 version auto-update enable,173 tftp client source,124 version check ignore,173 tftp ipv