HP MSR Router Series Network Management and Monitoring Command Reference(V7) Part number: 5998-5636 Software version: CMW710-R0106 Document version: 6PW100-20140607
Legal and notice information © Copyright 2014 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice.
Contents Ping, tracert, and system debugging commands······································································································· 1 debugging ································································································································································· 1 display debugging ··················································································································································· 2 ping ······
reaction checked-element mos ····························································································································· 54 reaction checked-element { owd-ds | owd-sd } ·································································································· 55 reaction checked-element packet-loss ·················································································································· 57 reaction checked-element probe-duration ············
ntp-service ntp-service ntp-service ntp-service ntp-service ntp-service ntp-service ntp-service max-dynamic-sessions ······················································································································ 107 multicast-client ··································································································································· 108 multicast-server ·····································································································
display snmp-agent sys-info ································································································································ 161 display snmp-agent trap queue·························································································································· 162 display snmp-agent trap-list ································································································································ 162 display snmp-agent usm-user ·····
cwmp cpe connect retry······································································································································ 219 cwmp cpe inform interval ··································································································································· 219 cwmp cpe inform interval enable ······················································································································ 220 cwmp cpe inform time ··············
monitor kernel deadloop time ···························································································································· 282 monitor kernel starvation enable ······················································································································· 283 monitor kernel starvation exclude-thread ·········································································································· 284 monitor kernel starvation time ··············
ipv6 netstream export rate ································································································································· 343 ipv6 netstream export source ····························································································································· 344 ipv6 netstream export v9-template refresh-rate packet ···················································································· 345 ipv6 netstream export v9-template refresh-rate ti
info-center synchronous ······································································································································ 382 info-center timestamp ·········································································································································· 383 info-center timestamp loghost ····························································································································· 384 info-center trace-logfil
Ping, tracert, and system debugging commands debugging Use debugging to enable debugging for a module. Use undo debugging to disable debugging for a module. Syntax debugging { all [ timeout time ] | module-name [ option ] } undo debugging { all | module-name [ option ] } Default Debugging functions are disabled for all modules. Views User view Predefined user roles network-admin Parameters all: Enables all debugging functions. timeout time: Specifies the timeout time for the debugging all command.
display debugging Use display debugging to display the enabled debugging functions. Syntax display debugging [ module-name ] Views Any view Predefined user roles network-admin network-operator Parameters module-name: Specifies a module by its name. To display the current module name, use the display debugging ? command. Examples # Display all enabled debugging functions.
-h ttl: Specifies the TTL value of ICMP echo requests. The value range is 1 to 255, and the default is 255. -i interface-type interface-number: Specifies the source interface of ICMP echo requests. If this option is not provided, the system uses the primary IP address of the matching route's egress interface as the source interface of ICMP echo requests. -m interval: Specifies the interval (in milliseconds) to send ICMP echo requests. The value range is 1 to 65535, and the default is 200.
Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break 56 bytes from 1.1.2.2: icmp_seq=0 ttl=254 time=2.137 ms 56 bytes from 1.1.2.2: icmp_seq=1 ttl=254 time=2.051 ms 56 bytes from 1.1.2.2: icmp_seq=2 ttl=254 time=1.996 ms 56 bytes from 1.1.2.2: icmp_seq=3 ttl=254 time=1.963 ms 56 bytes from 1.1.2.2: icmp_seq=4 ttl=254 time=1.991 ms --- Ping statistics for 1.1.2.2 --5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.963/2.028/2.137/0.
• The destination is reachable. • The route is 1.1.1.1 <-> {1.1.1.2; 1.1.2.1} <-> 1.1.2.2. Table 1 Command output Field Description Ping 1.1.2.2 (1.1.2.2): 56 data bytes, press CTRL_C to break Test whether the device with IP address 1.1.2.2 is reachable. There are 56 bytes in each ICMP echo request. Press Ctrl+C to abort the ping operation. Received ICMP echo replies from the device whose IP address is 1.1.2.2. If no echo reply is received within the timeout period, no information is displayed.
-c count: Specifies the number of ICMPv6 echo requests that are sent to the destination. The value range is 1 to 4294967295, and the default is 5. -m interval: Specifies the interval (in milliseconds) to send an ICMPv6 echo reply. The value range is 1 to 65535, and the default is 1000. -q: Displays only the summary statistics. Without this keyword, the system displays all the ping statistics.
--- Ping6 statistics for 2001::2 --5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 4.000/25.000/62.000/20.000 ms # Test whether the IPv6 address (2001::2) is reachable. Detailed ping information is displayed. ping ipv6 –v 2001::2 Ping6(56 data bytes) 2001::1 --> 2001::2, press CTRL_C to break 56 bytes from 2001::2, icmp_seq=0 hlim=64 dst=2001::1 idx=3 time=62.000 ms 56 bytes from 2001::2, icmp_seq=1 hlim=64 dst=2001::1 idx=3 time=23.
tracert Use tracert to trace the path the packets traverse from source to destination. Syntax tracert [ -a source-ip | -f first-ttl | -m max-ttl | -p port | -q packet-number | -t tos | { -topology topo-name |-vpn-instance vpn-instance-name } | -w timeout ] * host Views Any view Predefined user roles network-admin Parameters -a source-ip: Specifies an IP address of the device as the source IP address of probe packets.
Examples # Display the path that the packets traverse from source to destination (1.1.2.2). tracert 1.1.2.2 traceroute to 1.1.2.2 (1.1.2.2), 30 hops at most, 40 bytes each packet, press CTRL_C to break 1 1.1.1.2 (1.1.1.2) 673 ms 425 ms 30 ms 2 1.1.2.2 (1.1.2.2) 580 ms 470 ms 80 ms # Trace the path to destination (192.168.0.46) over an MPLS network. tracert 192.168.0.46 traceroute to 192.168.0.46(192.168.0.46), 30 hops at most, 40 bytes each packet, press CTRL_C to break 1 192.0.2.
Syntax tracert ipv6 [ -f first-hop | -m max-hops | -p port | -q packet-number | -t traffic-class | -vpn-instance vpn-instance-name | -w timeout ] * host Views Any view Predefined user roles network-admin Parameters -f first-hop: Specifies the TTL value of the first packet. The value range is 1 to 255, and the default is 1. The value must be no greater than the value of the max-hops argument. -m max-hops: Specifies the maximum number of hops allowed for a packet.
Table 4 Command output Field Description traceroute to 2001:3::2 Display the route that the IPv6 packets traverse from the current device to the device whose IP address is 2001:3:2. hops at most Maximum number of hops of the probe packets, which can be set by the -m keyword. byte packets Number of bytes of a probe packet. 1 2001:1::2 0.661 ms 0.618 ms 0.
NQA commands NQA client commands advantage-factor Use advantage-factor to configure the advantage factor that is used to count Mean Opinion Scores (MOS) and Calculated Planning Impairment Factor (ICPIF) values. Use undo advantage-factor to restore the default. Syntax advantage-factor factor undo advantage-factor Default The advantage factor is 0. Views Voice operation view Predefined user roles network-admin Parameters factor: Specifies the advantage factor in the range of 0 to 20.
undo codec-type Default The codec type for the voice operation is G.711 A-law. Views Voice operation view Predefined user roles network-admin Parameters g711a: Specifies G.711 A-law codec type. g711u: Specifies G.711 μ-law codec type g729a: Specifies G.729 A-law codec type. Examples # Configure the codec type for the voice operation as g729a.
If the payload length is greater than the string length, the system fills the payload with the string cyclically until the payload is full. For example, if you configure the string as abcd and the payload size as 6 bytes, abcdab is filled. How the string is filled depends on the operation type: • For the ICMP echo operation, the string fills the whole payload of an ICMP echo request. • For the UDP echo operation, the first five bytes of the payload of a UDP packet are for special purpose.
Operation type Codec type Default size (bytes) Voice G.711 μ-law 172 Voice G.729 A-law 32 Views ICMP/UDP echo operation view Path/UDP jitter operation view Voice operation view ICMP template view Predefined user roles network-admin Parameters size: Specifies the size of the payload in each probe packet in bytes. Available value ranges include: • 20 to 8100 for probe packets of the ICMP echo or UDP echo operation. • 68 to 8100 for probe packets of the UDP jitter or path jitter operation.
Parameters text: Specifies a case-sensitive string of 1 to 200 characters. Examples # Configure the description for an NQA operation as icmp-probe. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] description icmp-probe # In ICMP template view, configure the description for an NQA operation as icmp-probe.
destination ipv6 Use destination ipv6 to configure the destination IPv6 address for the operation. Use undo destination ipv6 to remove the destination IPv6 address. Syntax destination ipv6 ipv6-address undo destination ipv6 Default No destination IPv6 address is configured for the operation. Views DNS template view, ICMP template view, TCP template view Predefined user roles network-admin Parameters ipv6-address: Specifies the destination IPv6 address for the operation.
Parameters port-number: Specifies the destination port number for the operation, in the range of 1 to 65535. Examples # Configure the destination port number as 9000 for the UDP echo operation. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type udp-echo [Sysname-nqa-admin-test-udp-echo] destination port 9000 # In TCP template view, configure the destination port number as 9000 for the UDP echo operation.
6 328 Succeeded 2011-04-29 20:54:25.1 5 328 Succeeded 2011-04-29 20:54:24.8 4 328 Succeeded 2011-04-29 20:54:24.5 3 328 Succeeded 2011-04-29 20:54:24.1 2 328 Succeeded 2011-04-29 20:54:23.8 1 328 Succeeded 2011-04-29 20:54:23.4 Table 6 Command output Field Description Index History record ID. Response Round-trip time if the operation succeeds, timeout time upon timeout, or 0 if the operation cannot be completed, in milliseconds.
The monitoring results of an operation are accumulated, and are not cleared after the operation completes. Examples # Display the monitoring results of all reaction entries of the ICMP echo operation with the administrator name admin and the operation tag test.
Monitored performance metric Threshold type Collect data in Checked Num Over-threshold Num average N/A N/A N/A OWD-DS/OWD-SD N/A Packets sent after the operation starts. Number of sent packets. Number of packets with the one-way delay exceeding the threshold. packet-loss accumulate Packets sent after the operation starts. Number of sent packets. Total packet loss.
Failures due to other errors: 0 # Display the most recent result of the UDP jitter operation. display nqa result admin test NQA entry (admin admin, tag test) test results: Send operation times: 10 Receive response times: 10 Min/Max/Average round trip time: 15/46/26 Square-Sum of round trip time: 8103 Last packet received time: 2011-05-29 10:56:38.
Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Voice results: RTT number: 0 Min positive SD: 0 Min positive DS: 0 Max positive SD: 0 Max positive DS: 0 Positive SD number: 0 Positive DS number: 0 Positive SD sum: 0 Positive DS sum: 0 Positive SD average: 0 Positive DS average: 0 Positive SD square-sum: 0 Positive DS square-sum: 0 Min negative SD: 0 Min negative DS: 0 Max negative SD: 0 Max negative DS: 0 Negative SD number: 0 Negative DS number: 0 Negati
Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0 Min/Max/Average negative jitter: 0/0/0 Sum/Square-Sum negative jitter: 0/0 Hop IP 192.168.50.
Field Description Failures due to internal error Number of failures due to internal errors. Failures due to other errors Failures due to other errors. Packets out of sequence Number of failures due to out-of-sequence packets. Packets arrived late Number of response packets received after a probe times out. UDP-jitter results UDP jitter operation results, available only in the UDP jitter operation. Voice results Voice operation results, available only in the voice operation.
Field Description One way results Unidirectional delay, available for the UDP jitter or voice operation. Max SD delay Maximum delay from source to destination. Max DS delay Maximum delay from destination to source. Min SD delay Minimum delay from source to destination. Min DS delay Minimum delay from destination to source. Number of SD delay Number of delays from source to destination. Number of DS delay Number of delays from destination to source.
Syntax display nqa statistics [ admin-name operation-tag ] Views Any view Predefined user roles network-admin network-operator Parameters admin-name operation-tag: Specifies an NQA operation by its administrator name and operation tag. The admin-name argument represents the name of the administrator who creates the NQA operation. The operation-tag argument represents the operation tag. Each of the arguments is a case-insensitive string of 1 to 32 characters that cannot contain hyphens (-).
Min/Max/Average round trip time: 1/11/5 Square-Sum of round trip time: 24360 Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 UDP-jitter results: RTT number: 550 Min positive SD: 1 Min positive DS: 1 Max positive SD: 7 Max positive DS: 1 Positive SD number: 220 Positive DS number: 97 Positive SD sum: 283 Positive DS sum: 287 Positive SD average: 1 Positive DS averag
Extended results: Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Voice results: RTT number: 10 Min positive SD: 3 Min positive DS: 1 Max positive SD: 10 Max positive DS: 1 Positive SD number: 3 Positive DS number: 2 Positive SD sum: 18 Positive DS sum: 2 Positive SD average: 6 Positive DS average: 1 Positive SD square-sum: 134 Positive DS square-sum: 2 Min negative SD: 3 Min ne
Packet loss ratio: 0% Failures due to timeout: 0 Failures due to internal error: 0 Failures due to other errors: 0 Packets out of sequence: 0 Packets arrived late: 0 Path-Jitter Results: Jitter number: 9 Min/Max/Average jitter: 0/0/0 Positive jitter number: 0 Min/Max/Average positive jitter: 0/0/0 Sum/Square-Sum positive jitter: 0/0 Negative jitter number: 0 Min/Max/Average negative jitter: 0/0/0 Sum/Square-Sum negative jitter: 0/0 Hop IP 192.168.50.
Field Description Square-Sum of round trip time Square sum of round-trip time. Packet loss ratio Average packet loss ratio. Failures due to timeout Number of timeout occurrences in an operation. Failures due to disconnect Number of disconnections by the peer. Failures due to no connection Number of failures to connect with the peer. Failures due to internal error Number of failures due to internal errors. Failures due to other errors Failures due to other errors.
Field Description Negative SD sum Sum of absolute values of negative jitters from source to destination. Negative DS sum Sum of absolute values of negative jitters from destination to source. Negative SD average Average absolute value of negative jitters from source to destination. Negative DS average Average absolute value of negative jitters from destination to source. Negative SD square-sum Square sum of negative jitters from source to destination.
Field Description Path Serial number for the path in the path jitter operation, available only in the path jitter operation. Hop IP IP address of the hop, available only in the path-jitter operation. Path-jitter results Path jitter operation results, available only in the path jitter operation. Jitter number Number of jitters, available only in the path jitter operation. Min/Max/Average jitter Minimum/maximum/average positive jitter in milliseconds, available only in the path jitter operation.
Monitored performance metric Threshold type Collect data in Checked Num Over-threshold Num average N/A N/A N/A OWD-DS/OWD-SD N/A Packets sent in the counting interval. Number of sent packets. Number of packets of which the one-way delay exceeds the threshold. packet-loss accumulate Packets sent in the counting interval. Number of sent packets. Number of packet loss.
Examples # In HTTP template view, configure the expected data as welcome!. system-view [Sysname] nqa template http httptplt [Sysname-nqatplt-http-httptplt] expect data welcome! expect status Use expect status to configure the expected status code. Use undo expect status to restore the default. Syntax expect status status-list undo expect status [ status-list ] Default No expected status code is configured.
Views DNS template view Predefined user roles network-admin Parameters ip-address: Specifies the expected IP address for a DNS echo request. Usage guidelines During a DNS operation, the NQA client compares the expected IP address with the IP address resolved by the DNS server. If they are the same, it considers the DNS server legal. Examples # In DNS template view, configure the expected IP address as 1.1.1.1.
filename Use filename to specify a file to be transferred between the FTP server and the FTP client. Use undo filename to restore the default. Syntax filename filename undo filename Default No file is specified. Views FTP operation view, FTP template view Predefined user roles network-admin Parameters filename: Specifies the name of a file, a case-sensitive string of 1 to 200 characters that cannot contain slashes (/).
Views Any NQA operation view, any NQA template view Predefined user roles network-admin Parameters interval: Specifies the interval in milliseconds between two consecutive operations, in the range of 0 to 604800000. An interval of 0 milliseconds sets NQA to perform the operation only once, and not to generate any statistics. Usage guidelines If an operation is not completed when the interval is reached, the next operation does not start.
system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] history-record enable Related commands display nqa history history-record keep-time Use history-record keep-time to set the lifetime of history records for an NQA operation. Use undo history-record keep-time to restore the default. Syntax history-record keep-time keep-time undo history-record keep-time Default The history records of an NQA operation are kept for 120 minutes.
undo history-record number Default A maximum of 50 records can be saved for an NQA operation. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view Predefined user roles network-admin Parameters number: Specifies the maximum number of history records that can be saved for an NQA operation. The value is in the range of 0 to 50. Usage guidelines If the number of history records for an NQA operation exceeds the maximum number, earliest history records are removed.
Usage guidelines The path jitter operation first uses tracert to detect each hop to the destination. It then sends ICMP echo requests to measure the delay and jitters from the source to each node. If multiple routes exist between the source and destination, the operation uses the path specified by using lsr-path command. Examples # Specify 10.1.1.20 and 10.1.2.10 as the hops on the LSR path for the path jitter operation.
Syntax next-hop ip-address undo next-hop Default No next hop IP address is configured for the ICMP echo operation. Views ICMP echo operation view Predefined user roles network-admin Parameters ip-address: Specifies the IP address of the next hop. Examples # Specify the next hop IP address as 10.1.1.1 for the ICMP echo operation. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] next-hop 10.1.1.
Examples # Create an NQA operation with administrator name admin and operation tag test, and enter NQA operation view. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] nqa template Use nqa template to create an NQA template and enter its view. Use undo nqa template to remove the NQA template. Syntax nqa template { dns | ftp | http | icmp | tcp } name undo nqa template { dns | ftp | http | icmp | tcp } name Default No NQA template is created.
Predefined user roles network-admin Examples # Enable the NQA client. system-view [Sysname] nqa agent enable Related commands nqa server enable nqa schedule Use nqa schedule to configure scheduling parameters for an NQA operation. Use undo nqa schedule to stop the operation.
Usage guidelines You cannot enter the operation view or operation type view of a scheduled NQA operation. Specify a lifetime long enough for an operation to complete. Examples # Schedule the operation with the administrator name admin and operation tag test to start on 08:08:08 2008/08/08 and last 1000 seconds.
[Sysname-nqa-admin-test] type ftp [Sysname-nqa-admin-test-ftp] operation put # In FTP template view, specify the operation type for the FTP operation as put. system-view [Sysname] nqa template ftp ftptplt [Sysname-nqatplt-ftp-ftptplt] operation put operation (HTTP operation view) Use operation to specify the operation type for the HTTP operation. Use undo operation to restore the default. Syntax operation { get | post | raw } undo operation Default The HTTP operation type is get.
Use undo password to remove the configuration. Syntax password { cipher | simple } password undo password Default No FTP or HTTP login password is configured. Views FTP/HTTP operation view FTP/HTTP template view Predefined user roles network-admin Parameters cipher: Sets a ciphertext password. simple: Sets a plaintext password. password: Specifies the password string. This argument is case sensitive.
Syntax probe count times undo probe count Default An operation performs one probe. Views DHCP/DNS/DLSw/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view UDP jitter operation view Predefined user roles network-admin Parameters times: Specifies the probe times in the range of 1 to 15. Usage guidelines The following describes how NQA performs different types of operations: • A TCP or DLSw operation sets up a connection. • A UDP jitter or voice operation sends a number of probe packets.
[Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] probe count 10 probe packet-interval Use probe packet-interval to configure the interval for sending packets in the probe. Use undo probe packet-interval to restore the default. Syntax probe packet-interval packet-interval undo probe packet-interval Default The interval is 20 milliseconds.
Parameters packet-number: Specifies the number of packets to be sent per probe. Available ranges: • 10 to 1000 for the UDP jitter or path jitter operation. • 10 to 60000 for the voice operation. Examples # Configure the UDP jitter probe to send 100 packets.
Syntax probe timeout timeout undo probe timeout Default The timeout time of a probe is 3000 milliseconds. Views DHCP/DNS/DLSw/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view Any NQA template view Predefined user roles network-admin Parameters timeout: Specifies the probe timeout time in milliseconds. The available value ranges include: • 10 to 86400000 for the FTP or HTTP operation. • 10 to 3600000 for the DHCP, DNS, DLSw, ICMP echo, SNMP, TCP, or UDP echo operation.
Predefined user roles network-admin Usage guidelines This command places you in raw request view and deletes the content of the previously configured GET request. Examples # Enter raw request view and specify the content of a request for the HTTP operation.
none: Specifies the action of only displaying results on the terminal display. trap-only: Specifies the action of displaying results on the terminal display and meanwhile sending SNMP trap messages to the NMS. Usage guidelines You cannot edit a reaction entry after it is created. To change the attributes in a reaction entry, use undo reaction to delete the entry first and reconfigure a new one.
accumulate accumulate-occurrences: Checks the total number of threshold violations in the operation. The value is in the range of 1 to 14999 for the UDP jitter operation, and 1 to 59999 for the voice operation. average: Checks the average one-way jitter. threshold-value: Specifies threshold range in milliseconds. upper-threshold: Specifies the upper limit in the range of 0 to 3600000. lower-threshold: Specifies the lower limit in the range of 0 to 3600000. It must not be greater than the upper limit.
Syntax reaction item-number checked-element [ action-type { none | trap-only } ] mos threshold-value upper-threshold lower-threshold undo reaction item-number Default No reaction entry for monitoring the MOS value is configured. Views Voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-value: Specifies threshold range. upper-threshold: Specifies the upper limit in the range of 1 to 500.
Use undo reaction to delete the specified reaction entry. Syntax reaction item-number checked-element { owd-ds | owd-sd } threshold-value upper-threshold lower-threshold undo reaction item-number Default No reaction entry for monitoring the one-way delay is configured. Views UDP jitter operation view, voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10.
reaction checked-element packet-loss Use reaction checked-element packet-loss to configure a reaction entry for monitoring packet loss in UDP jitter or voice operation. Use undo reaction to delete the specified reaction entry. Syntax reaction item-number checked-element packet-loss threshold-type accumulate accumulate-occurrences [ action-type { none | trap-only } ] undo reaction item-number Default No reaction entry for monitoring packet loss is configured.
reaction checked-element probe-duration Use reaction checked-element probe-duration to configure a reaction entry for monitoring the probe duration. Use undo reaction to delete the specified reaction entry.
Examples # Create reaction entry 1 for monitoring the average probe duration of ICMP echo operation, and set the upper limit to 50 milliseconds and lower limit to 5 milliseconds. Before the NQA operation starts, the initial state of the reaction entry is invalid. After the operation, the average probe duration is checked. If it exceeds the upper limit, the state is set to over-threshold. If it is below the lower limit, the state of the reaction entry is set to below-threshold.
Default No reaction entry for monitoring probe failures is configured. Views DHCP/DLSw/DNS/FTP/HTTP/SNMP/TCP operation view ICMP/UDP echo operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10. threshold-type: Specifies a threshold type. accumulate accumulate-occurrences: Checks the total number of probe failures. The value is in the range of 1 to 15.
reaction checked-element probe-fail (for trigger) Use reaction checked-element probe-fail to configure a reaction entry for monitoring probe failures. Use undo reaction to remove the specified reaction entry. Syntax reaction item-number checked-element probe-fail threshold-type consecutive consecutive-occurrences action-type trigger-only undo reaction item-number Default No reaction entry for monitoring probe failures is configured.
Syntax reaction item-number checked-element rtt threshold-type { accumulate accumulate-occurrences | average } threshold-value upper-threshold lower-threshold [ action-type { none | trap-only } ] undo reaction item-number Default No reaction entry for monitoring packet round-trip time is configured. Views UDP jitter operation view, voice operation view Predefined user roles network-admin Parameters item-number: Assigns an ID to the reaction entry, in the range of 1 to 10.
[Sysname-nqa-admin-test-udp-jitter] reaction 1 checked-element rtt threshold-type average threshold-value 50 5 action-type trap-only # Create reaction entry 2 for monitoring the round-trip time of UDP jitter probe packets, and set the upper limit to 50 milliseconds and lower limit to 5 milliseconds. Before the NQA operation starts, the initial state of the reaction entry is invalid. After the operation, the packet round-trip time is checked.
Examples # Configure the system to send a trap if five or more consecutive probe failures occur in an ICMP echo operation. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] reaction trap probe-failure 5 reaction trigger probe-fail Use reaction trigger probe-fail to configure the number of consecutive probe failures that lead to an operation failure. Use undo reaction trigger probe-fail to restore the default.
Default When the number of consecutive successful probes reaches 3, the operation succeeds. Views Any NQA template view Predefined user roles network-admin Parameters count: Specifies the number of consecutive successful probes, in the range of 1 to 15. Usage guidelines If the operation succeeds, the NQA client notifies the feature that uses the template of the successful operation event. Examples # In HTTP template view, if the number of consecutive successful probes reaches 5, the operation succeeds.
[Sysname-nqa-admin-test-dns] resolve-target domain1 # In DNS template view, set the domain name domain1 to be resolved. system-view [Sysname] nqa template dns dnstplt [Sysname-nqatplt-dns-dnstplt] resolve-target domain1 resolve-type Use resolve-type to configure the domain name resolution type. Use undo resolve-type to restore the default. Syntax resolve-type { A | AAAA } undo resolve-type Default The domain name resolution type is type A.
ICMP/UDP echo operation view UDP jitter operation view Predefined user roles network-admin Usage guidelines When the routing table bypass function is enabled, the routing table is not searched. Packets are sent directly to the destination in a directly connected network. Examples # Enable the routing table bypass function.
[Sysname-nqa-admin-test-icmp-echo] source interface gigabitethernet 2/1/1 # In ICMP template view, specify the IP address of interface GigabitEthernet 2/1/1 as the source IP address of ICMP echo request packets. system-view [Sysname] nqa template icmp icmptplt [Sysname-nqatplt-icmp-icmptplt] source interface gigabitethernet 2/1/1 Related commands source ip source ip Use source ip to configure the source IP address for probe packets. Use undo source ip to remove the configured source address.
# In ICMP template view, configure the source IP address for ICMP echo requests as 10.1.1.1. system-view [Sysname] nqa template icmp icmptplt [Sysname-nqatplt-icmp-icmptplt] source ip 10.1.1.1 Related commands source interface source ipv6 Use source ipv6 to configure the source IPv6 address for probe packets. Use undo source ipv6 to remove the configured source IPv6 address. The IPv6 address of the interface that sends a probe packet serves as the source IPv6 address of the probe packet.
source port Use source port to configure the source port for probe packets. Use undo source port to remove the configured source port number. Syntax source port port-number undo source port Default No source port number is configured for probe packets. Views SNMP/voice operation view UDP echo operation view UDP jitter operation view DNS template view Predefined user roles network-admin Parameters port-number: Specifies the source port number in the range of 1 to 65535.
Predefined user roles network-admin Parameters hold-time: Specifies the hold time in minutes, in the range of 1 to 1440. Usage guidelines A statistics group is deleted when its hold time expires. Examples # Configure the hold time of statistics groups as 3 minutes.
Use undo statistics max-group to restore the default. Syntax statistics max-group number undo statistics max-group Default A maximum of two statistics groups can be saved. Views Any operation view Predefined user roles network-admin Parameters number: Specifies the maximum number of statistics groups, in the range of 0 to 100. To disable statistics collection, set the value to 0.
[Sysname-nqa-admin-test] type path-jitter [Sysname-nqa-admin-test- path-jitter] target-only tos Use tos to set the ToS value in the IP header for probe packets. Use undo tos to restore the default. Syntax tos value undo tos Default The ToS value in the IP header of probe packets is 0. Views Any operation view, any NQA template view Predefined user roles network-admin Parameters value: Specifies the ToS value in the range of 0 to 255.
UDP jitter operation view Any NQA template view Predefined user roles network-admin Parameters value: Specifies the TTL for probe packets, in the range of 1 to 255. Usage guidelines The route-option bypass-route command sets the TTL to 1 for probe packets. The ttl command does not take effect. Examples # Configure the TTL as 16 for probe packets.
snmp: Specifies the SNMP operation type. tcp: Specifies the TCP operation type. udp-echo: Specifies the UDP echo operation type. udp-jitter: Specifies the UDP jitter operation type. voice: Specifies the voice operation type. Examples # Specify the type of FTP operation and enter FTP operation view. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type ftp [Sysname-nqa-admin-test-ftp] url Use url to specify the URL of the destination HTTP or FTP server.
[Sysname-nqa-admin-test-http] url http://www.company.com/index.html # In HTTP template view, configure http://www.company.com/index.htm. the URL that the HTTP operation visits as system-view [Sysname] nqa template http httptplt [Sysname-nqatplt-http-httptplt] url http://www.company.com/index.html username Use username to specify an FTP or HTTP login username. Use undo username to remove the configuration.
Use undo version to restore the default. Syntax version { v1.0 | v1.1 } undo version Default HTTP 1.0 is used in the HTTP operation. Views HTTP operation view Predefined user roles network-admin Parameters v1.0: Uses HTTP version 1.0. v1.1: Uses HTTP version 1.1. Examples # Configure the HTTP operation to use the HTTP version 1.1. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type http [Sysname-nqa-admin-test-http] version v1.
Examples # Apply the ICMP echo operation to vpn1. system-view [Sysname] nqa entry admin test [Sysname-nqa-admin-test] type icmp-echo [Sysname-nqa-admin-test-icmp-echo] vpn-instance vpn1 # In FTP template view, apply the FTP operation to vpn1. system-view [Sysname] nqa template ftp ftptplt [Sysname-nqatplt-ftp-ftptplt] vpn-instance vpn1 NQA server commands IMPORTANT: Configure the NQA server only for UDP jitter, TCP, UDP echo, and voice operations.
Field Description Port Port number specified for the TCP/UDP listening service on the NQA server. Vpn-instance Name of the MPLS L3VPN instance to which the NQA server belongs. nqa server enable Use nqa server enable to enable the NQA server. Use undo nqa server enable to disable the NQA server. Syntax nqa server enable undo nqa server enable Default The NQA server is disabled. Views System view Predefined user roles network-admin Examples # Enable the NQA server.
Parameters ip-address: Specifies the IP address for the TCP listening service. port-number: Specifies the port number for the TCP listening service, in the range of 1 to 65535. tos tos: Specifies the ToS value in the IP header for reply packets. The value range for the tos argument is 0 to 255, and the default value is 0. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.
tos tos: Specifies the ToS value in the IP header for reply packets. The value range for the tos argument is 0 to 255, and the default value is 0. vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify this option, the NQA server listens on a public IP address. Usage guidelines Use this command on the NQA server for only the UDP jitter, UDP echo, and voice operations.
NTP commands display ntp-service ipv6 sessions Use display ntp-service ipv6 sessions to display information about all IPv6 NTP associations. Syntax display ntp-service ipv6 sessions [ verbose ] Views Any view Predefined user roles network-admin network-operator Parameters verbose: Displays detailed information about all IPv6 NTP associations. If you do not specify this keyword, the command displays only brief information about the IPv6 NTP associations.
Field Description Reference clock ID of the NTP server. If the reference clock is the clock of another device on the network, this field displays the MD5 digest value of the first 32 bits of the IPv6 address. The MD5 digest value is in dotted decimal format. If this field displays INIT, the local device has not established a connection with the NTP server. Reference Clock stratum Stratum level of the NTP server, which determines the clock accuracy. The value is in the range of 1 to 16.
Rcvtime: 00000000.00000000 Thu, Feb 7 2036 6:28:16.000 Xmttime: 00000000.00000000 Thu, Feb 7 2036 6:28:16.000 Roundtrip delay samples: 0.000 0.000 0.000 0.000 0.000 0.000 0.000 0.000 Offset samples: 0.00 Filter order: 0 1 0.00 2 0.00 0.00 3 0.00 4 0.00 5 6 0.00 0.00 7 Total sessions: 1 Table 14 Command output Field Description Clock source IPv6 address of the clock source. If this field displays ::, the IPv6 address of the NTP server has not been resolved successfully.
Field Description Operation mode of the local device: Local mode local poll interval • • • • • • • unspec—The mode is unspecified. sym_active—Active mode. sym_passive—Passive mode. client—Client mode. server—Server mode. broadcast—Broadcast or multicast server mode. bclient—Broadcast or multicast client mode. Polling interval for the local device, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local device is 26, or 64 seconds.
Field Description Xmttime Transmit timestamp in the NTP message. Filter order Dispersion information. Status of the local clock. The field is displayed only when you use the ntp-service refclock-master command to set the local clock as a reference clock. Reference clock status When the reach field of the local clock is 255, the field is displayed as working normally. Otherwise, the field is displayed as working abnormally. Total sessions Total number of associations.
Table 15 Command output Field Description • When the reference clock is the local clock, the field displays LOCAL source (number). It indicates that the IP address of the local clock is 127.127.1.number, where number represents the NTP process number in the range of 0 to 3. • When the reference clock is the clock of another device, the field displays the IP address of the NTP server. If this field displays 0.0.0.0, the IP address of the NTP server has not been resolved successfully.
Field Description Total sessions Total number of associations. # Display detailed information about all IPv4 NTP associations. display ntp-service sessions verbose Clock source: 192.168.1.40 Session ID: 35888 Clock stratum: 2 Clock status: configured, master, sane, valid Reference clock ID: 127.127.1.0 VPN instance: Not specified Local mode: client, local poll interval: 6 Peer mode: server, peer poll interval: 6 Offset: 0.2862ms, roundtrip delay: 3.2653ms, dispersion: 4.
Field Description Status of the clock source corresponding to this association: • configured—The association was created by a configuration command. • dynamic—The association is established dynamically. • master—The clock source is the primary reference source of the current system. • selected—The clock source has survived the clock selection algorithm. Clock status • • • • candidate—The clock source is the candidate reference source. sane—The clock source has passed the sane authentication.
Field Description Operation mode of the peer device: Peer mode • • • • • • • unspec—The mode is unspecified. active—Active mode. passive—Passive mode. client—Client mode. server—Server mode. broadcast—Broadcast or multicast server mode. bclient—Broadcast or multicast client mode. peer poll interval Polling interval of the peer device, in seconds. The value displayed is a power of 2. For example, if the displayed value is 6, the poll interval of the local device is 26, or 64 seconds.
display ntp-service status Use display ntp-service status to display NTP service status. Syntax display ntp-service status Views Any view Predefined user roles network-admin network-operator Examples # Display NTP service status after time synchronization. display ntp-service status Clock status: synchronized Clock stratum: 2 System peer: LOCAL(0) Local mode: client Reference clock ID: 127.127.1.0 Leap indicator: 00 Clock jitter: 0.000977 s Stability: 0.
Field Description System peer IP address of the selected NTP server. Operation mode of the local device: Local mode • • • • • • • unspec—The mode is unspecified. active—Active mode. passive—Passive mode. client—Client mode. server—Server mode. broadcast—Broadcast or multicast server mode. bclient—Broadcast or multicast client mode. For an IPv4 NTP server: The field represents the IP address of the remote server when the local device is synchronized to a remote NTP server.
Field Description Reference time Reference timestamp. display ntp-service trace Use display ntp-service trace to display brief information about each NTP server from the local device back to the primary reference source. Syntax display ntp-service trace Views Any view Predefined user roles network-admin network-operator Examples # Display brief information about each NTP server from the local device back to the primary reference source. display ntp-service trace Server 127.0.0.
Use undo ntp-service acl to remove the configured NTP service access-control right. Syntax ntp-service { peer | query | server | synchronization } acl acl-number undo ntp-service { peer | query | server | synchronization } acl acl-number Default The access-control right for the peer devices to access the NTP services of the local device is peer.
• ntp-service authentication-keyid • ntp-service reliable authentication-keyid ntp-service authentication enable Use ntp-service authentication enable to enable NTP authentication. Use undo ntp-service authentication enable to disable NTP authentication. Syntax ntp-service authentication enable undo ntp-service authentication enable Default NTP authentication is disabled.
Predefined user roles network-admin Parameters keyid: Specifies a key ID to identify an authentication key, in the range of 1 to 4294967295. authentication-mode md5 value: Uses the MD5 algorithm for key authentication. simple: Sets a plaintext authentication key. cipher: Sets a ciphertext authentication key. value: Specifies the MD5 authentication key string. If simple is specified, it is a string of 1 to 32 characters. If cipher is specified, it is a string of 1 to 73 characters.
Predefined user roles network-admin Usage guidelines After you configure this command, the device listens to NTP messages sent by the NTP broadcast server and is synchronized based on the received NTP messages. If you have configured the device to operate in broadcast client mode on an interface with this command, do not add the interface to any aggregate group. To add the interface to an aggregate group, remove the configuration of the command.
If you have configured the device to operate in broadcast server mode on an interface with this command, do not add the interface to any aggregate group. To add the interface to an aggregate group, remove the configuration of the command. Examples # Configure the device to operate in broadcast server mode and send NTP broadcast messages on GigabitEthernet 2/1/1, using key 4 for encryption. Set the NTP version to 4.
undo ntp-service enable Default The NTP service is not enabled. Views System view Predefined user roles network-admin Examples # Enable the NTP service. system-view [Sysname] ntp-service enable ntp-service inbound disable Use ntp-service inbound disable to disable an interface from processing NTP messages. Use undo ntp-service inbound disable to restore the default. Syntax ntp-service inbound disable undo ntp-service inbound disable Default An interface processes NTP messages.
Syntax ntp-service ipv6 { peer | query | server | synchronization } acl acl-number undo ntp-service ipv6 { peer | query | server | synchronization } acl acl-number Default The access-control right for the peer devices to access the IPv6 NTP services of the local device is peer.
• ntp-service reliable authentication-keyid ntp-service ipv6 dscp Use ntp-server ipv6 dscp to configure a DSCP value for IPv6 NTP packets. Use undo ntp-server ipv6 dscp to restore the default. Syntax ntp-service ipv6 dscp dscp-value undo ntp-service ipv6 dscp Default The DSCP value for IPv6 NTP packets is 56. Views System view Predefined user roles network-admin Parameters dscp-value: Specifies a DSCP value in the range of 0 to 63 for IPv6 NTP packets.
• You do not want the interface to synchronize the peer devices in the corresponding subnet. • You do not want the device to be synchronized by the peer devices in the subnet corresponding to the interface. Examples # Disable GigabitEthernet 2/1/1 from processing IPv6 NTP messages.
ntp-service ipv6 multicast-server Use ntp-service ipv6 multicast-server to configure the device to operate in IPv6 NTP multicast server mode and use the current interface to send IPv6 NTP multicast packets. Use undo ntp-service ipv6 multicast-server to remove the configuration.
Syntax ntp-service ipv6 source interface-type interface-number undo ntp-service ipv6 source Default No source interface is specified for IPv6 NTP messages. The device automatically selects the source IP address for IPv6 NTP messages. For more information, see RFC 3484. Views System view Predefined user roles network-admin Parameters interface-type interface-number: Specifies an interface by its type and number.
Default No IPv6 symmetric-passive peer is specified for the device. Views System view Predefined user roles network-admin Parameters peer-name: Specifies the host name of the symmetric-passive peer, a case-insensitive string of 1 to 253 characters. ipv6-address: Specifies the IPv6 address of the symmetric-passive peer. It must be a unicast address, rather than a multicast address.
Related commands • ntp-service authentication enable • ntp-service authentication-keyid • ntp-service reliable authentication-keyid ntp-service ipv6 unicast-server Use ntp-service ipv6 unicast-server to specify an IPv6 NTP server for the device. Use undo ntp-service ipv6 unicast-server to remove an IPv6 NTP server specified for the device.
To synchronize the PE to a PE or CE in a VPN, specify the vpn-instance vpn-instance-name option in the command. If you include the vpn-instance vpn-instance-name option in the undo ntp-service unicast-server command, the command removes the NTP server with the IPv6 address of ipv6-address in the specified VPN. If you do not include the vpn-instance vpn-instance-name option in this command, the command removes the NTP server with the IPv6 address of ipv6-address in the public network.
system-view [Sysname] ntp-service max-dynamic-sessions 50 Related commands display ntp-service sessions ntp-service multicast-client Use ntp-service multicast-client to configure the device to operate in NTP multicast client mode and use the current interface to receive NTP multicast packets. Use undo ntp-service multicast-client to remove the configuration.
Syntax ntp-service multicast-server [ ip-address ] [ authentication-keyid keyid | ttl ttl-number | version number ] * undo ntp-service multicast-server [ ip-address ] Default The device does not operate in any NTP association mode. Views Interface view Predefined user roles network-admin Parameters ip-address: Specifies a multicast IP address in the range of 224.0.1.0 to 239.255.255.255. The default is 224.0.1.1. A multicast server and client must be configured with the same multicast IP address.
Syntax ntp-service refclock-master [ ip-address ] [ stratum ] undo ntp-service refclock-master [ ip-address ] Default The device does not use its local clock as a reference clock. Views System view Predefined user roles network-admin Parameters ip-address: IP address of the local clock, which is 127.127.1.u, where u is the NTP process ID in the range of 0 to 3. If you do not specify ip-address, it defaults to 127.127.1.0. stratum: Stratum level of the local clock, in the range of 1 to 15.
Views System view Predefined user roles network-admin Parameters keyid: Specifies an authentication key number in the range of 1 to 4294967295. Usage guidelines When NTP authentication is enabled, a client can be synchronized only to a server that can provide a trusted authentication key. Before you use the command, make sure NTP authentication is enabled and an authentication key is configured. The key automatically changes to untrusted after you delete the key.
Parameters interface-type interface-number: Specifies an interface by its type and number. Usage guidelines If you specify the source interface for NTP messages, the device sets the source IP address of the NTP messages as the primary IP address of the specified interface when sending the NTP messages. When the device responds to an NTP request, the source IP address of the NTP response is always the IP address of the interface that has received the NTP request.
ip-address: Specifies the IP address of the symmetric-passive peer. It must be a unicast address, rather than a broadcast address, a multicast address, or the IP address of the local clock. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the symmetric-passive peer belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the symmetric-passive peer is on the public network, do not specify this option.
undo ntp-service unicast-server { server-name | ip-address } [ vpn-instance vpn-instance-name ] Default No NTP server is specified for the device. Views System view Predefined user roles network-admin Parameters server-name: Specifies the host name of the NTP server, a case-insensitive string of 1 to 253 characters. ip-address: Specifies the IP address of the NTP server. It must be a unicast address, rather than a broadcast address, a multicast address, or the IP address of the local clock.
SNTP commands display sntp ipv6 sessions Use display sntp ipv6 sessions to display information about all IPv6 SNTP associations. Syntax display sntp ipv6 sessions Views Any view Predefined user roles network-admin network-operator Examples # Display information about all IPv6 SNTP associations. display sntp ipv6 sessions SNTP server: 2001::1 Stratum: 16 Version: 4 Last receive time: No packet was received.
Syntax display sntp sessions Views Any view Predefined user roles network-admin network-operator Examples # Display information about all IPv4 SNTP associations. display sntp sessions SNTP server Stratum Version Last receive time 1.0.1.11 2 4 Tue, May 17 2011 9:11:20.833 (Synced) Table 20 Command output Field Description SNTP server SNTP server (NTP server). If this field displays 0.0.0.0, the IP address of the NTP server has not been resolved successfully.
To authenticate an NTP server, set an authentication key and specify it as a trusted key. Examples # Enable SNTP authentication. system-view [Sysname] sntp authentication enable Related commands • sntp authentication-keyid • sntp reliable authentication-keyid sntp authentication-keyid Use sntp authentication-keyid to set an SNTP authentication key. Use undo sntp authentication-keyid to remove the SNTP authentication key.
Examples # Set an MD5 authentication key, with the key ID of 10 and key value of BetterKey. Input the key in plain text. system-view [Sysname] sntp authentication enable [Sysname] sntp authentication-keyid 10 authentication-mode md5 simple BetterKey Related commands • sntp authentication enable • sntp reliable authentication-keyid sntp enable Use sntp enable to enable the SNTP service. Use undo sntp enable to disable the SNTP service.
Predefined user roles network-admin Parameters server-name: Specifies the host name of the NTP server, a case-insensitive string of 1 to 253 characters. ipv6-address: Specifies the IPv6 address of the NTP server. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the NTP server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the NTP server is on the public network, do not specify this option.
Syntax sntp reliable authentication-keyid keyid undo sntp reliable authentication-keyid keyid Default No trust key is specified. Views System view Predefined user roles network-admin Parameters keyid: Specifies an authentication key number in the range of 1 to 4294967295. Usage guidelines If SNTP is enabled, the SNTP client is only synchronized to an NTP server that provides a trusted key. Before you use the command, make sure SNTP authentication is enabled and an authentication key is configured.
Predefined user roles network-admin Parameters server-name: Specifies the host name of the NTP server, a case-insensitive string of 1 to 253 characters. ip-address: Specifies the IP address of the NTP server. It must be a unicast address, rather than a broadcast address, a multicast address, or the IP address of the local clock. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the NTP server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters.
PoE commands MSR3024, MSR3044, MSR3064, MSR4060, and MSR4080 routers installed with the SIC-4FSWP, SIC 4GSWP, DSIC 9FSWP, or HMIM 24GSW-POE support PoE. MSR1002-4 router installed with the SIC-4FSWP or SIC 4GSWP support PoE. apply poe-profile Use apply poe-profile to apply a PoE profile to a power interface (PI). Use undo apply poe-profile to remove application of a PoE profile from a PI.
Default No PoE profile is applied to a PI. Views System view Predefined user roles network-admin Parameters index index: Specifies a PoE profile by its index number in the range of 1 to 100. name profile-name: Specifies a PoE profile by its name, a case-sensitive string of 1 to 15 characters.
Table 21 Command output Field Description PSE ID ID of the PSE. Slot No. Slot number of the PSE. SSlot No. Sub-slot number of the PSE. PortNum Number of PIs on the PSE. MaxPower(W) Maximum power of the PSE. PSE status: State Model • On—The PSE is supplying power. • Off—The PSE stops supplying power. • Faulty—The PSE has failed. PSE model. display poe interface Use display poe interface to display power supplying information for PIs.
Electric Current : 244 Voltage mA : 51.7 PD Description V : IP Phone For Room 101 Table 22 Command output Field Description PoE status: PoE status • Enabled. • Disabled. Power supply priority of the PI: Power Priority • Critical (highest). • High. • Low. Operating status of a PI: • Off—PoE is disabled. • On—Power is being supplied to a PI correctly. • Power-lack—Remaining guaranteed power for a critical PI is insufficient. Oper • Power-deny—The PSE refuses to supply power.
Field Description Voltage Voltage of a PI. PD Description Type and location description for the PD connected to the PI. # Display power supplying information for all PIs. display poe interface Interface PoE Priority CurPower Oper IEEE Detection (W) Class Status GE2/1/1 Enabled Low GE2/1/2 Enabled Critical GE2/1/3 Enabled Low GE2/1/4 Enabled Critical GE2/1/5 Enabled Low 4.0 On 2 Delivering Power GE2/1/6 Enabled Low 0.
Field Description Power detection status of a PI: • • • • • • • Detection Status Disabled—PoE function is disabled. Searching—The PI is searching for the PD. Delivering Power—The PI is supplying power for the PD. Fault—A fault has occurred during the test. Test—The PI is undergoing a test. Other fault—A fault has caused the PSE to enter the idle status. PD disconnected—The PD is disconnected. On State Ports Number of PIs that are supplying power. Used Power consumed by the current PI.
GE2/1/29 0.0 0.0 0.0 IP Phone in Room 709 for Jack GE2/1/30 0.0 0.0 0.0 IP Phone in Room 809 for Alien --- On State Ports: 3; Used: 23.8(W); Remaining: 776.2(W) --- Table 24 Command output Field Description Interface Interface name of a PI. CurPower Current power of a PI. PeakPower Peak power of a PI. MaxPower Maximum power of a PI. PD Description Type and location description for the PD connected to a PI. Ports On Number of PIs that are supplying power.
Table 25 Command output Field Description PoE Current Power Total power that has been consumed by PSEs. PoE Max Power Maximum PoE power. PoE Max Guaranteed Power Maximum power that can be supplied to critical PSEs. PoE Remaining Allocable Power Remaining allocable PoE power = Maximum PoE power – Total maximum power of all PoE-enabled PSEs. PoE Remaining Guaranteed Power Remaining guaranteed PoE power = Maximum guaranteed PoE power – Total maximum power of all critical PSEs.
display poe pse 7 PSE ID : 7 Slot No.
Field Description Nonstandard PD detection status: Legacy PD Detection • Enabled. • Disabled. Power Utilization Threshold PSE power alarm threshold. PSE Power Policy PSE power management policy mode. PD Power Policy PD power management policy mode. PD Disconnect Detection Mode PD disconnection detection mode. display poe pse interface Use display poe pse interface to display the PoE status of all PIs on a PSE.
Table 27 Command output Field Description Interface Interface name of a PI. PoE status of a PI: PoE • Enabled. • Disabled. Priority of a PI: Priority CurPower • Critical (highest). • High. • Low. Current power of a PI. Operating status of a PI: • Off—PoE is disabled. • On—Power is being supplied to a PI correctly. • Power-lack—Remaining guaranteed power for a critical PI is insufficient. Oper • Power-deny—The PSE refuses to supply power.
Views Any view Predefined user roles network-admin network-operator Parameters pse pse-id: Specifies a PSE by its ID. Usage guidelines To view PSE ID and slot mappings, use the display poe device command. Examples # Display power information for PIs on PSE 7. display poe pse 7 interface power Interface Current Peak (W) (W) Max PD Description (W) GE2/1/25 4.4 4.5 4.6 IP Phone on Room 309 for Peter Smith GE2/1/26 4.4 4.5 15.4 IP Phone on Room 409 for Peter Pan GE2/1/27 15.
Predefined user roles network-admin network-operator Examples # Display PoE power information.
Field Description PoE power status: • • • • • • Status Normal—The PoE power supply is operating correctly. Absent—The PoE power supply is not present. Off—The PoE power is turned off. Active—The active PoE power supply is operating correctly. Standby—The standby PoE power supply is operating correctly. Balanced—The PoE power supply is operating in load balancing mode. • Redundant—The PoE power supply is operating in redundancy mode. • Alarm—An alarm has been triggered in the PoE power supply.
# Display information about the PoE profile with index number 1. display poe-profile index 1 PoE Profile Index forIPphone 1 ApplyNum Interfaces 6 Configuration GE2/1/5 poe enable GE2/1/6 poe priority critical GE2/1/7 GE2/1/8 GE2/1/9 GE2/1/1 --- Total ports: 0 --- Table 30 Command output Field Description PoE Profile Name of the PoE profile. Index Index number of the PoE profile. ApplyNum Number of PIs to which a PoE profile is applied.
poe disconnect Use poe disconnect to configure a PD disconnection detection mode. Use undo poe disconnect to restore the default. Syntax poe disconnect { ac | dc } undo poe disconnect Default The default PD disconnection detection mode is AC mode. Views System view Predefined user roles network-admin Parameters ac: Specifies the PD disconnection detection mode as ac. dc: Specifies the PD disconnection detection mode as dc.
Predefined user roles network-admin Usage guidelines If a PoE profile has been applied to a PI, remove the application before configuring the PI in PoE profile view. If a PI has been configured, remove the configuration before configuring the PI in PI view. Examples # Enable PoE on a PI in PI view. system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] poe enable # Enable PoE on a PI in PoE profile view.
poe legacy enable Use poe legacy enable to enable a PSE to detect nonstandard PDs. Use undo poe legacy enable to disable a PSE from detecting nonstandard PDs. Syntax poe legacy enable pse pse-id undo poe legacy enable pse pse-id Default Nonstandard PD detection is disabled. Views System view Predefined user roles network-admin Parameters pse pse-id: Specifies a PSE by its ID. Examples # Enable PSE 7 to detect nonstandard PDs.
Parameters max-power: Sets the maximum power in milliwatts allocated to a PI. The maximum PI power of the SIC-4FSWP, SIC 4GSWP, and DSIC 9FSWP is in the range of 1 to 15400 milliwatts. The maximum PI power of the HMIM 24GSW-POE is in the range of 1 to 16600 milliwatts. Examples # Set the maximum power of a PI to 12000 milliwatts in PI view.
system-view [Sysname] poe pse 7 max-power 38 Related commands poe priority pse poe pd-description Use poe pd-description to configure a description for the PD that connects to a PI. Use undo poe pd-description to restore the default. Syntax poe pd-description text undo poe pd-description Default No description is available for the PD that connects to a PI.
Usage guidelines If PI power management is enabled, when a PSE is overloaded, the PSE allocates power to new PDs based on the priority of their PIs. If PI power management is disabled, when PSE power overload occurs, the PSE does not supply power to new PDs. Examples # Enable PI power management. system-view [Sysname] poe pd-policy priority Related commands poe priority poe priority Use poe priority to configure a power supply priority for a PI. Use undo poe priority to restore the default.
system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] poe priority critical # Set the power supply priority of the PI to critical in PoE profile view.
Examples # Set the power supply priority of PSE 7 to critical. system-view [Sysname] poe priority critical pse 7 Related commands poe pse-policy priority poe pse-policy priority Use poe pse-policy priority to enable PSE power management. Use undo poe pse-policy priority to restore the default. Syntax poe pse-policy priority undo poe pse-policy priority Default PSE power management is disabled.
Predefined user roles network-admin Parameters full: Upgrades the PSE firmware in full mode. refresh: Upgrades the PSE firmware in refresh mode. filename: Specifies the name of the upgrade file, a case-sensitive string of 1 to 64 characters. The specified file must be in the root directory of the file system of the device. pse pse-id: Specifies a PSE by its ID. If you do not specify any PSE, all PSEs are upgraded. Usage guidelines Typically, you can upgrade the firmware in refresh mode.
If a PoE profile is applied, use the undo apply poe-profile command to remove the application before deleting the PoE profile. Examples # Create a PoE profile, name it abc, and specify the index number as 3. system-view [Sysname] poe-profile abc 3 [Sysname-poe-profile-abc-3] # Create a PoE profile and name it def. Do not specify the index number.
SNMP commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. By default, the device provides low encryption. To obtain high encryption, you must install the Strong Cryptography feature license. This feature provides stronger cryptography, additional IPsec tunnels, and higher encryption performance.
Community name: bb Group name: bb Storage-type: nonVolatile Community name: userv1 Group name: testv1 Storage-type: nonVolatile Table 31 Command output Field Description Community name Community name created by using the snmp-agent community command or username created by using the snmp-agent usm-user { v1 | v2c } command. SNMP group name. • If the community is created by using the snmp-agent community command, the Group name group name is the same as the community name.
Views Any view Predefined user roles network-admin network-operator Parameters context-name: Specifies an SNMP context by its name, a case-sensitive string of 1 to 32 characters. If no SNMP context is specified, the command displays all SNMP contexts created on the device. Examples # Display all SNMP contexts created on the device.
Table 32 Command output Field Description Group name SNMP group name. Security model • authPriv—authentication with privacy. • authNoPriv—authentication without privacy. • noAuthNoPriv—no authentication, no privacy. Security model of the SNMP group: Security model of an SNMPv1 or SNMPv2c group can only be noAuthNoPriv. Readview Read-only MIB view accessible to the SNMP group. Writeview Write MIB view accessible to the SNMP group. Notifyview Notify MIB view for the SNMP group.
display snmp-agent mib-node Use display snmp-agent mib-node to display SNMP MIB node information. Syntax display snmp-agent mib-node [ details | index-node | trap-node | verbose ] Views Any view Predefined user roles network-admin network-operator Parameters details: Specifies detailed MIB node information, including node name, last octet of an OID string, and name of the next leaf node. index-node: Specifies SNMP MIB tables, and node names and OIDs of MIB index nodes.
Table 33 Command output Field Description -std MIB node name. <1.0> OID of a MIB node. Permissions to MIB nodes: NA—Not accessible. NF—Supports notifications. RO—Supports read-only access. (NA) RW—Supports read and write access. RC—Supports read-write-create access. WO—Supports write-only access. * Leaf node or MIB table node. # Display detailed MIB node information.
# Display MIB table names, and node names and OIDs of MIB index nodes. display snmp-agent mib-node index-node Table |lldpPortConfigTable Index ||lldpPortConfigPortNum OID ||| Table |lldpConfigManAddrTable Index ||lldpLocManAddrSubtype OID ||| Index ||lldpLocManAddr OID ||| Table |lldpStatsTxPortTable Index ||lldpStatsTxPortNum OID ||| Table |lldpStatsRxPortTable Index ||lldpStatsRxPortNum OID ||| Table |lldpLocPortTable Index ||lldpLocPortNum OID ||| 1.0.8802.1.1.
Trap Object Name |||lldpRemChassisIdSubtype OID ||||1.0.8802.1.1.2.1.4.1.1.4 Name |||lldpRemChassisId OID ||||1.0.8802.1.1.2.1.4.1.1.5 Name |||lldpXMedRemDeviceClass OID ||||1.0.8802.1.1.2.1.5.4795.1.3.1.1.3 Name |mplsL3VpnVrfUp OID ||1.3.6.1.2.1.10.166.11.0.1 Trap Object Name |||mplsL3VpnIfConfRowStatus OID ||||1.3.6.1.2.1.10.166.11.1.2.1.1.5 Name |||mplsL3VpnVrfOperStatus OID ||||1.3.6.1.2.1.10.166.11.1.2.2.1.
Next sibling ||lldpConfigManAddrTable Name |lldpPortConfigEntry OID ||1.0.8802.1.1.2.1.1.6.1 Properties ||NodeType: Row ||AccessType: NA ||DataType: NA ||MOR: 0x00000000 Parent ||lldpPortConfigTable First child ||lldpPortConfigPortNum Next leaf ||lldpPortConfigPortNum Next sibling || Index ||[indexImplied:0, indexLength:1]: Name |lldpPortConfigPortNum OID ||1.0.8802.1.1.2.1.1.6.1.
Table 37 Command output Field Description Name MIB node name. OID OID of a MIB node. MIB node types: NodeType • • • • • • • Table—Table node. Row—Row node in a MIB table. Column—Column node in a MIB table. Leaf—Leaf node. Group—Group node (parent node of a leaf node). Trapnode—Notification node. Other—Other node types. Permissions to MIB nodes: AccessType • • • • • • NA—Not accessible. NF—Supports notifications. RO—Supports read-only access. RW—Supports read and write access.
Field Description Operation types allowed: • • • • Allow get/set/getnext—All operations. get—Get operation. set—Set operation. getnext—GetNext operation. Value range Value range of a MIB node. Index Table index. This field appears only for a table node. display snmp-agent mib-view Use display snmp-agent mib-view to display MIB views.
View status: active View name: ViewDefault MIB Subtree: snmpVacmMIB Subtree mask: Storage-type: nonVolatile View Type: excluded View status: active View name: ViewDefault MIB Subtree: snmpModules.18 Subtree mask: Storage-type: nonVolatile View Type: excluded View status: active ViewDefault is the default MIB view. The output shows that except for the MIB objects in the snmpUsmMIB, snmpVacmMIB, and snmpModules.18 subtrees, all the MIB objects in the iso subtree are accessible.
Predefined user roles network-admin network-operator Parameters ip-address: Specifies the IP address of a remote SNMP entity to display its SNMP engine ID. ipv6 ipv6-address: Specifies the IPv6 address of a remote SNMP entity to display its SNMP engine ID. vpn-instance vpn-instance-name: Specifies the VPN for a remote SNMP entity. The vpn-instance-name argument specifies the name of the MPLS L3VPN, a case-sensitive string of 1 to 31 characters.
network-operator Examples # Display SNMP message statistics. display snmp-agent statistics 1684 messages delivered to the SNMP entity. 5 messages were for an unsupported version. 0 messages used an unknown SNMP community name. 0 messages represented an illegal operation for the community supplied. 0 ASN.1 or BER errors in the process of decoding. 1679 messages passed from the SNMP entity. 0 SNMP PDUs had badValue error-status. 0 SNMP PDUs had genErr error-status.
Field Description MIB objects retrieved successfully Number of MIB objects that have been successfully retrieved. MIB objects altered successfully Number of MIB objects that have been successfully modified. GetRequest-PDU accepted and processed Number of GetRequest requests that have been received and processed. GetNextRequest-PDU accepted and processed Number of getNext requests that have been received and processed.
The location information of the agent: The SNMP version of the agent: SNMPv3 Related commands snmp-agent sys-info display snmp-agent trap queue Use display snmp-agent trap queue to display basic information about the trap queue, including the queue size and number of traps in the queue. Syntax display snmp-agent trap queue Views Any view Predefined user roles network-admin network-operator Examples # Display the trap queue configuration and usage status.
Examples # Display the modules that can generate notification and their notification function status. display snmp-agent trap-list arp notification is disabled. configuration notification is enabled. l3vpn notification is enabled. mac-address notification is enabled. radius notification is disabled. standard notification is enabled. system notification is enabled.
Engine ID: 800063A203000FE240A1A6 Storage-type: nonVolatile UserStatus: active Username: userv3code Group name: groupv3code Engine ID: 800063A203000FE240A1A6 Storage-type: nonVolatile UserStatus: active Table 41 Command output Field Description Username SNMP username. Group name SNMP group name. Engine ID Engine ID that the SNMP agent used when the SNMP user was created. Storage type: Storage-type • • • • • volatile. nonvolatile. permanent. readOnly. other.
undo enable snmp trap updown Default Link state notifications are enabled. Views Interface view Predefined user roles network-admin network-operator Usage guidelines For an interface to generate linkUp/linkDown notifications when its state changes, you must also enable the linkUp/linkDown notification function globally by using the snmp-agent trap enable standard [ linkdown | linkup ] * command. Examples # Enable GigabitEthernet 2/1/1 to send linkUp/linkDown SNMP traps to 10.1.1.
Usage guidelines The snmp-agent command is optional for an SNMP configuration task. The SNMP agent is automatically enabled when you execute any command that begins with snmp-agent except for the snmp-agent calculate-password command. Examples # Enable the SNMP agent. system-view [Sysname] snmp-agent snmp-agent calculate-password Use snmp-agent calculate-password to convert a plaintext key to a ciphertext key for authentication or encryption in SNMPv3.
Use this command to calculate ciphertext authentication and privacy keys when you create SNMPv3 users by using the snmp-agent usm-user v3 command. The converted key is valid only under the engine ID specified for key conversion. Examples # Use the local engine and the SHA-1 algorithm to convert the plaintext key authkey to a ciphertext key.
acl acl-number: Specifies a basic IPv4 ACL to filter NMSs by source IPv4 address. The acl-number argument represents an ACL number in the range of 2000 to 2999. In the specified community, only NMSs with an IPv4 address permitted in the ACL can access the SNMP agent. If no ACL is specified, the specified ACL does not exist, or the specified ACL does not have any rules, all NMSs in the SNMP community can access the SNMP agent. For detailed information about ACL, see ACL and QoS Configuration Guide.
Related commands • display snmp-agent community • snmp-agent mib-view snmp-agent community-map Use snmp-agent community-map to map an SNMP community to an SNMP context. Use undo snmp-agent community-map to delete the mapping between an SNMP community and an SNMP context. Syntax snmp-agent community-map community-name context context-name undo snmp-agent community-map community-name context context-name Default No mapping between an SNMP community and an SNMP context exists on the device.
Default No SNMP context is configured on the device. Views System view Predefined use roles network-admin Parameters context-name: Specifies an SNMP context, a case-sensitive string of 1 to 32 characters. Usage guidelines An NMS and an SNMP agent can communicate with each other if the following conditions exist: • No SNMP context is configured on the NMS and the SNMP agent. • The NMS and the SNMP agent use the same SNMP context.
undo snmp-agent group v3 group-name [ authentication | privacy ] Default No SNMP group exists. SNMPv3 groups use the no authentication, no privacy security model if neither authentication nor privacy is specified. Views System view Predefined use roles network-admin Parameters v1: Specifies SNMPv1. v2c: Specifies SNMPv2c. v3: Specifies SNMPv3. group-name: Specifies an SNMP group name, a string of 1 to 32 case-sensitive characters.
All SNMPv3 users in a group share the same security model, but can use different authentication and privacy key settings. To implement a security model for a user and avoid SNMP communication failures, make sure the security model configuration for the group and the security key settings for the user are compliant with Table 42 and match the settings on the NMS.
Predefined user roles network-admin Parameters engineid: Specifies an SNMP engine ID as a hexadecimal string. It must contain an even number of hexadecimal characters, in the range of 10 to 64. All-zero and all-F strings are invalid. Usage guidelines An SNMP engine ID uniquely identifies an SNMP entity in an SNMP managed network. Make sure the local SNMP engine ID is unique within your SNMP managed network to avoid communication problems.
Examples # Enable logging SNMP Get operations. system-view [Sysname] snmp-agent log get-operation # Enable logging SNMP Set operations. system-view [Sysname] snmp-agent log set-operation snmp-agent mib-view Use snmp-agent mib-view to create or update a MIB view. Use undo snmp-agent mib-view to delete a MIB view.
Be cautious with deleting the default MIB view. The operation blocks the access to any MIB object on the device from NMSs that use the default view. Examples # Include the mib-2 (OID 1.3.6.1) subtree in the mibtest view and exclude the system subtree from this view. system-view [Sysname] snmp-agent sys-info version all [Sysname] snmp-agent mib-view included mibtest 1.3.6.
snmp-agent port Use snmp-agent port to specify the UDP port for receiving SNMP packets. Use undo snmp-agent port to restore the default. Syntax snmp-agent port port-num undo snmp-agent port Default The device uses UDP port 161 for receiving SNMP packets. Views System view Predefined user roles network-admin Parameters port-num: Specifies the UDP port for receiving SNMP packets, in the range of 1 to 65535. The default is 161.
Predefined user roles network-admin Parameters ip-address: Specifies the IP address of a remote SNMP entity. ipv6 ipv6-address: Specifies the IPv6 address of a remote SNMP entity. vpn-instance vpn-instance-name: Specifies the VPN for a remote SNMP entity. The vpn-instance-name argument specifies the name of the MPLS L3VPN, a case-sensitive string of 1 to 31 characters. If this option is not specified, the remote SNMP entity is in the public network.
trap: Specifies traps. interface-type { interface-number | interface-number.subnumber }: Specifies an interface by its type and number. The interface-number argument specifies a main interface number. The subnumber argument specifies a subinterface number in the range of 1 to 4094.
Examples # Configure the system contact as Dial System Operator # 27345. system-view [Sysname] snmp-agent sys-info contact Dial System Operator # 27345 Related commands display snmp-agent sys-info snmp-agent sys-info location Use snmp-agent sys-info location to configure the system location. Use undo snmp-agent sys-info location to restore the default location. Syntax snmp-agent sys-info location sys-location undo snmp-agent sys-info location Default The system location is Null.
snmp-agent sys-info version v3 undo snmp-agent sys-info version v3 Default The system uses SNMPv3. Views System view Predefined user roles network-admin Parameters all: Specifies SNMPv1, SNMPv2c, and SNMPv3. v1: Specifies SNMPv1. v2c: Specifies SNMPv2c. v3: Specifies SNMPv3. Usage guidelines SNMPv1 and SNMPv2c settings in this command are supported only in non-FIPS mode. Configure the SNMP agent with the same SNMP version as the NMS for successful communications between them. Examples # Enable SNMPv3.
snmp-agent target-host inform address udp-domain { ip-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string v3 { authentication | privacy } snmp-agent target-host trap address udp-domain { ip-address | ipv6 ipv6-address } [ udp-port port-number ] [ vpn-instance vpn-instance-name ] params securityname security-string v3 { authentication | privacy } undo snmp-agent target-host { trap | inform } address udp-domain { ip-address | ipv6 ipv6-
Make sure the SNMP agent uses the same UDP port for SNMP notifications as the target host. Typically, NMSs, for example, IMC and MIB Browser, use port 162 for SNMP notifications as defined in the SNMP protocols. If none of the keywords v1, v2c, or v3 is specified, SNMPv1 is used. Make sure the SNMP agent uses the same SNMP version as the target host so the host can receive the notification. If neither authentication nor privacy is specified, the security model is no authentication, no privacy.
Table 43 Standard SNMP notifications Keyword Definition authentication Authentication failure notification sent when an NMS fails to authenticate to the SNMP agent. coldstart Notification sent when the device restarts. linkdown Notification sent when the link of a port goes down. linkup Notification sent when the link of a port comes up. warmstart Notification sent when the SNMP agent restarts.
Usage guidelines Extended linkUp and linkDown notifications add interface description and interface type to the standard linkUp/linkDown notifications for fast failure point identification. When you use this command, make sure the NMS supports the extended linkup and linkDown notifications. Examples # Enable extended linkUp/linkDown notifications.
Syntax snmp-agent trap log undo snmp-agent trap log Default SNMP notification logging is disabled. Views System view Predefined user roles network-admin Usage guidelines Use SNMP notification logging to record SNMP notifications sent by the SNMP agent for notification tracking. The SNMP agent sends logs to the information center. You can configure the information center to output the logs to a destination as needed. Examples # Enable SNMP notification logging.
system-view [Sysname] snmp-agent trap queue-size 200 Related commands • snmp-agent target-host • snmp-agent trap enable • snmp-agent trap life snmp-agent usm-user { v1 | v2c } Use snmp-agent usm-user { v1 | v2c } to add a user to an SNMPv1 or SNMPv2c group. Use undo snmp-agent usm-user { v1 | v2c } to delete a user from an SNMPv1 or SNMPv2c group.
When you create an SNMPv1 or SNMPv2c user, the system automatically creates a community that has the same name as the SNMPv1 or SNMPv2c username. This community has the same access right as the SNMPv1 or SNMPv2c group. To display the SNMPv1 and SNMPv2c communities created in this way, use the display snmp-agent community command. To change the access right of the SNMPv1 or SNMPv2c user, use the snmp-agent community command or the snmp-agent group { v1 | v2c } command.
In FIPS mode: snmp-agent usm-user v3 user-name group-name [ remote { ip-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] ] { cipher | simple } authentication-mode sha auth-password [ privacy-mode aes128 priv-password ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * undo snmp-agent usm-user v3 user-name group-name { local | engineid engineid-string | remote { ip-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] } Default No SNMPv3 users have been configured.
priv-password: Specifies a case-sensitive plaintext or encrypted privacy key. In non-FIPS mode, a plaintext key is a string of 1 to 64 characters. In FIPS mode, a plaintext key is a string of 15 to 64 visible characters, which must contain numbers, uppercase letters, lowercase letters, and special characters. If the cipher keyword is specified, the encrypted privacy key length requirements differ by authentication algorithm and key string format, as shown in Table 45.
Examples # Add the user testUser to the SNMPv3 group testGroup, and enable the authentication without privacy security model for the group. Specify the authentication algorithm SHA-1 and the authentication key 123456TESTplat&! in plain text for the user.
RMON commands display rmon alarm Use display rmon alarm to display entries in the RMON alarm table. Syntax display rmon alarm [ entry-number ] Views Any view Predefined user roles network-admin network-operator Parameters entry-number: Specifies an alarm entry index in the range of 1 to 65535. If no entry is specified, the command displays all entries in the RMON alarm table. Examples # Display all entries in the RMON alarm table. display rmon alarm AlarmEntry 1 owned by user1 is VALID.
Field Description Sample type (MIB object alarmSampleType): • absolute—RMON compares the value of the variable with the rising and Sample type falling thresholds at the end of the sampling interval. • delta—RMON subtracts the value of the variable at the previous sample from the current value, and then compares the difference with the rising and falling thresholds. Sampled variable Monitored variable (MIB object alarmVariable).
Related commands rmon alarm display rmon event Use display rmon event to display RMON event entries. Syntax display rmon event [ entry-number ] Views Any view Predefined user roles network-admin network-operator Parameters entry-number: Specifies an event entry index in the range of 1 to 65535. If no entry is specified, the command displays all event entries.
Field Description Community SNMP community name for the RMON event (MIB object eventCommunity). You can specify an SNMP community name when you create an RMON event entry, but the setting does not take effect. The system always uses the settings configured with the SNMP feature when it sends RMON event notifications. Actions that the system takes when the event occurs (MIB object eventType): Take the action action when triggered last triggered at time uptime • • • • none—Takes no action.
LogEntry 99.2 created at 50days 09h:11m:13s uptime. Description: The 1.3.6.1.2.1.16.1.1.1.4.5 defined in alarmEntry 77, less than(or =) 20000000 with alarm value 16951648. Alarm sample type is absolute. LogEntry 99.3 created at 50days 09h:18m:43s uptime. Description: The alarm formula defined in prialarmEntry 777, less than(or =) 15000000 with alarm value 14026493. Alarm sample type is absolute. LogEntry 99.4 created at 50days 09h:23m:28s uptime.
network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If no interface is specified, the command displays history samples for all interfaces that have an RMON history control entry. Usage guidelines RMON uses the etherHistoryTable object to store the history samples of Ethernet statistics for Ethernet interfaces. To collect history samples for an Ethernet interface, you must first create a history control entry on the interface.
fragments : 0 , jabbers : 0 collisions : 0 , utilization : 0 Table 49 Command output Field Description Status and owner of the history control entry: HistoryControlEntry entry-number owned by owner is status. • entry-number—History control entry index (MIB object historyControlIndex). • owner—Entry owner (MIB object historyControlOwner). • status—Entry status (MIB object historyControlStatus): { VALID—The entry is valid. { UNDERCREATION—The entry is invalid.
Field oversize packets Description Number of oversize packets received during the sampling interval (MIB object etherHistoryOversizePkts). Oversize packets are longer than 1518 octets (excluding framing bits but including FCS octets). fragments Number of undersize packets with CRC errors received during the sampling interval (MIB object etherHistoryFragments). jabbers Number of oversize packets with CRC errors received during the sampling interval (MIB object etherHistoryJabbers).
Table 50 Command output Field Description Alarm entry owner and status: • entry-number—Alarm entry index (MIB object HPRmonExtAlarmIndex). • owner—Entry owner (MIB object HPRmonExtAlarmOwner). • status—Entry status (MIB object HPRmonExtAlarmStatus): PrialarmEntry entry-number owned by owner is status. { VALID—The entry is valid. { UNDERCREATION—The entry is invalid. The status field is not configurable at the CLI. All alarm entries created from the CLI are valid by default.
Field Description Alarm falling threshold (MIB object HPRmonExtAlarmFallingThreshold). A falling alarm will be generated when the following conditions are all met: • The current sampled value is less than or equal to this threshold. • The value at the previous sampling interval was greater than this Falling threshold threshold.
Predefined user roles network-admin network-operator Parameters interface-type interface-number: Specifies an interface by its type and number. If no interface is specified, the command displays RMON statistics for all interfaces. Usage guidelines This command displays the cumulative interface statistics for the period from the time the statistics entry was created to the time the command was executed. The statistics are cleared when the device reboots.
Field Description etherStatsUndersizePkts Total number of undersize packets received on the interface (MIB object etherStatsUndersizePkts). etherStatsOversizePkts Total number of oversize packets received on the interface (MIB object etherStatsOversizePkts). etherStatsFragments Total number of undersize packets received with CRC errors on the interface (MIB object etherStatsFragments).
Default No alarm entries have been created. Views System view Predefined user roles network-admin Parameters entry-number: Specifies an alarm entry index in the range of 1 to 65535. alarm-variable: Specifies an alarm variable, a string of 1 to 255 characters. You can only specify variables that can be parsed as an ASN.1 INTEGER value (INTEGER, INTEGER32, Unsigned32, Counter32, Counter64, Gauge, or TimeTicks) for the alarm-variable argument.
value range for the event-entry2 argument is 0 to 65535. If 0 is specified, the alarm does not trigger any event. owner text: Specifies the entry owner, a case-sensitive string of 1 to 127 characters. The string can contain spaces, but it cannot contain the question mark (?) or any unprintable control characters in the US ASCII character set. Usage guidelines You can create up to 60 entries in the RMON alarm table.
Default No event entries have been created. Views System view Predefined user roles network-admin Parameters entry-number: Specifies an event entry index in the range of 1 to 65535. description string: Configures an event description, a case-sensitive string of 1 to 127 characters. The string can contain spaces, but it cannot contain the question mark (?) or any unprintable control characters in the US ASCII character set. log: Logs the event when it occurs.
• rmon prialarm rmon history Use rmon history to create an entry in the RMON history control table. Use undo rmon history to remove an entry from the RMON history control table. Syntax rmon history entry-number buckets number interval sampling-interval [ owner text ] undo rmon history entry-number Default No history control entries have been created.
Related commands display rmon history rmon prialarm Use rmon prialarm to create an entry in the private alarm table. Use undo rmon prialarm to remove an entry from the private alarm table.
rising-threshold threshold-value1 event-entry1: Sets the rising threshold. The threshold-value1 argument represents the rising threshold in the range of –2147483648 to +2147483647. The event-entry1 argument represents the index of the event that is triggered when the rising threshold is crossed. The value range for the event-entry1 argument is 0 to 65535. If 0 is specified, the alarm does not trigger any event. falling-threshold threshold-value2 event-entry2: Sets the falling threshold.
[Sysname-GigabitEthernet2/1/1] quit [Sysname] rmon prialarm 1 (.1.3.6.1.2.1.16.1.1.1.6.1*100/.1.3.6.1.2.1.16.1.1.1.5.1) BroadcastPktsRatioOfEth1/1 10 absolute rising-threshold 80 1 falling-threshold 5 2 entrytype forever owner user1 The last number in the OID forms of variables must be the same as the statistics entry index for the interface. For example, if you execute the rmon statistics 5 command, you must replace 1.3.6.1.2.1.16.1.1.1.6.1 and 1.3.6.1.2.1.16.1.1.1.5.1 with 1.3.6.1.2.1.16.1.1.1.6.5 and 1.
system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] rmon statistics 20 owner user1 Related commands display rmon statistics 210
NETCONF commands The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide. xml Use xml to enter XML view. Syntax xml Views User view Predefined user roles network-admin network-operator Usage guidelines In XML view, you can use NETCONF messages to configure the device or obtain data from the device.
xml urn:ietf:pa rams:netconf:base:1.1urn:ietf:params:netconf:writable-runnin gurn:ietf:params:netconf:capability:notification:1.0urn:ietf:params:netconf:capability:validate:1.1urn:ietf:params:netconf:capability:interleave:1.
CWMP commands cwmp Use cwmp to enter CWMP view. Syntax cwmp Views System view Predefined user roles network-admin Examples # Enter CWMP view. system-view [Sysname] cwmp Related commands cwmp enable cwmp acs default password Use cwmp acs default password { cipher | simple } to configure a password for authentication to the default ACS URL. Use undo cwmp acs default password to restore the default.
password: Specifies the password string. This argument is case sensitive. If you specify the simple keyword, it must be a string of 1 to 255 characters. If you specify the cipher keyword, it must be a ciphertext string of 33 to 373 characters. Usage guidelines You can configure only one password for authentication to the default ACS URL. If you use the command multiple times, the password configured most recently takes effect.
Examples # Specify the default ACS URL. system-view [Sysname] cwmp [Sysname-cwmp] cwmp acs default url http://www.acs.com:80/acs Related commands • cwmp acs default password • cwmp acs default username cwmp acs default username Use cwmp acs default username to configure the username for authentication to the default ACS. Use undo cwmp acs default username to restore the default.
Syntax cwmp acs password { cipher | simple } password undo cwmp acs password Default No password is configured for authentication to the preferred ACS URL. Views CWMP view Predefined user roles network-admin Parameters cipher: Specifies a password in ciphertext. simple: Specifies a password in plain text. For security purposes, all passwords, including passwords configured in plain text, are saved in ciphertext. password: Specifies the password string. This argument is case sensitive.
Views CWMP view Predefined user roles network-admin Parameters url: Specifies the preferred ACS URL, a string of 8 to 255 characters. The URL must use the http://host[:port]/path or https://host[:port]/path format. Usage guidelines The device supports only one preferred ACS URL. If you use the command multiple times, the final URL configuration takes effect. The preferred ACS URL is configurable from the CPE's CLI, the DHCP server, and the ACS.
Examples # Configure the username used for authentication to the preferred ACS URL. system-view [Sysname] cwmp [Sysname-cwmp] cwmp acs username newname Related commands • cwmp acs password cwmp cpe connect interface Use cwmp cpe connect interface to specify the CWMP connection interface. Use undo cwmp cpe connect interface to restore the default.
cwmp cpe connect retry Use cwmp cpe connect retry to configure the maximum number of attempts the CPE can make to retry a failed CWMP connection. Use undo cwmp cpe connect retry to restore the default. Syntax cwmp cpe connect retry times undo cwmp cpe connect retry Default The CPE retries a failed connection until the connection is established with the ACS. Views CWMP view Predefined user roles network-admin Parameters times: Specifies the maximum number of CWMP connection retries.
Predefined user roles network-admin Parameters seconds: Sets the periodic Inform interval in the range of 10 to 86400 seconds. Usage guidelines This command sets the interval for the CPE to send Inform messages automatically to the ACS. For the command to take effect, you must configure the cwmp cpe inform interval enable command. Examples # Set the periodic Inform interval to 3600 seconds.
cwmp cpe inform time Use cwmp cpe inform time to schedule a connection initiation for the CPE to connect to the ACS. Use undo cwmp cpe inform time to restore the default. Syntax cwmp cpe inform time time undo cwmp cpe inform time Default No connection initiation has been scheduled. Views CWMP view Predefined user roles network-admin Parameters time: Specifies the time at which the CPE sends an Inform message.
simple: Specifies a password in plain text. For security purposes, all passwords, including passwords configured in plain text, are saved in ciphertext. password: Specifies the password string. This argument is case sensitive. If you specify the simple keyword, it must be a string of 1 to 255 characters. If you specify the cipher keyword, it must be a ciphertext string of 33 to 373 characters.
The CPE can have only one provision code. If you use the command multiple times, the final provision code takes effect. Examples # Set the provision code to HP20130525. system [Sysname] cwmp [Sysname-cwmp] cwmp cpe provision-code HP20130525 cwmp cpe stun enable Use cwmp cpe stun enable to enable NAT traversal for the connection requests from the ACS to reach the CPE through a NAT gateway. Use undo cwmp cpe stun enable to restore the default.
cwmp cpe username Use cwmp cpe username to configure the username for the CPE to authenticate the ACS. Use undo cwmp cpe username to restore the default. Syntax cwmp cpe username username undo cwmp cpe username Default No username is configured for authenticating the ACS. Views CWMP view Predefined user roles network-admin Parameters username: Specifies a username, a case-sensitive string of 1 to 255 characters.
Default The close-wait timer is 30 seconds. Views CWMP view Predefined user roles network-admin Parameters seconds: Sets the close-wait timer, in the range of 30 to 1800 seconds. Usage guidelines The close-wait timer specifies the amount of time the connection to the ACS can be idle before it is terminated. The CPE terminates the connection to the ACS if no traffic is transmitted before the timer expires.
[Sysname] cwmp [Sysname-cwmp] cwmp enable Related commands cwmp display cwmp configuration Use display cwmp configuration to display the CWMP configuration. Syntax display cwmp configuration Views Any view Predefined user roles network-admin network-operator Examples # Display the CWMP configuration after CWMP is enabled. display cwmp configuration CWMP state : Enabled ACS URL : http://www.acs.
Field Description Username for the CPE to authenticate to the default ACS URL. ACS default username This field displays Null if no username has been configured for authentication to the default ACS URL. Periodic inform Status of the periodic Inform feature: Enabled or Disabled. Inform interval Periodic Inform interval. The default interval is 600 seconds. Inform time Date and time at which an Inform message is scheduled to be sent. If you do not schedule an Inform sending, this field displays None.
Connection status : Disconnected Data transfer status : None Most recent successful connection attempt Length of time before next connection attempt : None : 1096832s Table 54 Command output Field Description CWMP state Status of CWMP: Enabled or Disabled. ACS URL of most recent connection ACS URL used for the most recent connection to the ACS. Source from which the CPE obtained the ACS URL: ACS information source • User—ACS URL assigned by using the cwmp acs url command or by ACS.
Views CWMP view Predefined user roles network-admin Parameters policy-name: Specifies the name of an SSL client policy, a string of 1 to 31 characters. Usage guidelines CWMP uses HTTP or HTTPS for data transmission. If the ACS uses HTTPS for secure access, its URL begins with https://. You must configure an SSL client policy for the CPE to authenticate the ACS for establishing an HTTPS connection. For more information about configuring SSL client policies, see Security Configuration Guide.
EAA commands In this chapter, "MSR2000" refers to MSR2003. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. action cli Use action cli to add a CLI action to a monitor policy. Use undo action to remove an action. Syntax action number cli command-line undo action number Default Monitor policies do not contain any actions.
system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] action 1 cli system-view [Sysname-rtm-test] action 2 cli interface gigabitethernet 2/1/1 [Sysname-rtm-test] action 3 cli shutdown action reboot Use action reboot to add a reboot action to a monitor policy. Use undo action to remove an action.
system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] action 3 reboot action switchover Use action switchover to add an active/standby switchover action to a monitor policy. Use undo action to remove an action. Syntax action number switchover undo action number The following matrix shows the support of MSR routers for the command: Hardware Command compatibility MSR2000 No MSR3000 No MSR4000 Yes Default Monitor policies do not contain any actions.
Syntax action number syslog priority level facility local-number msg msg-body undo action number Default Monitor policies do not contain any actions. Views CLI-defined policy view Predefined user roles network-admin Parameters number: Specifies an action ID, in the range of 0 to 231. priority level: Specifies the log severity level in the range of 0 to 7. A lower value represents a higher severity level.
Views CLI-defined policy view Predefined user roles network-admin Usage guidelines You must execute this command for a CLI-defined policy to take effect. After changing the settings in a policy that has been enabled, you must re-execute this command for the changes to take effect. Examples # Enable the CLI-defined policy test.
Predefined user roles network-admin Parameters active: Displays policies that are running. registered: Displays policies that have been created. policy-name: Specifies a policy by its name. If you do not specify a policy, the command displays all monitor policies that are running or have been created. verbose: Displays detailed information about monitor policies. Examples # Display all running monitor policies.
Field Description User-role User roles for executing the monitor policy. To execute the monitor policy, an administrator must have at least one of the displayed user roles. event cli Use event cli to configure a CLI event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy. Syntax event cli { async [ skip ] | sync } mode { execute | help | tab } pattern regular-exp undo event Default No CLI events are configured.
[Sysname-rmt-test] event cli async skip mode execute pattern dis inter brief # Configure a CLI-defined policy to monitor the use of the Tab key at command lines that contain the dis inter brief string. Enable the system to execute the actions in the policy and display the complete parameter when Tab is pressed at a policy-matching command line.
Examples # Configure a CLI-defined policy to monitor the card in slot 2 for card swapping. system-view [Sysname] rtm cli-policy test [Sysname-rtm-test] event hotplug slot 2 event interface Use event interface to configure an interface event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy.
Monitored traffic statistic Description output-drops Number of discarded outgoing packets. output-errors Number of outgoing error packets. rcv-bps Receive rate, in bps. rcv-broadcasts Number of incoming broadcasts. rcv-pps Receive rate, in packets per second. tx-bps Transmit rate, in bps. tx-pps Transmit rate, in packets per second. Table 57 Comparison operators Comparison operator Description eq Equal to. ge Greater than or equal to. gt Greater than. le Less than or equal to.
event process Use event process to configure a process event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy. Syntax event process { exception | restart | shutdown | start } [ name process-name [ instance instance-id ] ] [ slot slot-number ] undo event Default No process events are configured. Views CLI-defined policy view Predefined user roles network-admin Parameters exception: Monitors the specified process for exceptional events.
event snmp oid Use event snmp oid to configure an SNMP event for a CLI-defined monitor policy. Use undo event to delete the event in a CLI-defined monitor policy. Syntax event snmp oid oid monitor-obj { get | next } start-op start-op start-val start-val restart-op restart-op restart-val restart-val [ interval interval ] undo event Default No SNMP events are configured.
3. Compares the variable sample with the restart threshold at sampling intervals by using the restart operator until the comparison result meets the condition. 4. Executes the policy again. This process cycles for the monitor policy to be executed and re-executed. You can configure only one event for one monitor policy. If the monitor policy already contains an event, the new event replaces the old event. Examples # Configure a CLI-defined policy to get the value of the MIB variable 1.3.6.4.9.9.42.1.2.
EAA executes an SNMP_Notification event monitor policy when the value of the monitored variable in an SNMP notification meets the specified condition. You can configure only one event for one monitor policy. If the monitor policy already contains an event, the new event replaces the old event. Examples # Configure a CLI-defined policy to monitor SNMP notifications that contain the variable OID 1.3.6.1.4.1.318.2.8.3.
NOTE: EAA does not count log messages generated by the RTM module when it counts log matches. You can configure only one event for one monitor policy. If the monitor policy already contains an event, the new event replaces the old event. Examples # Configure a CLI-defined policy to monitor Syslog messages for level 3 to level 0 messages that contain the down string. Enable the system to execute the policy when five log matches are found within 6 seconds.
Related commands commit rtm environment Use rtm environment to configure an EAA environment variable. Use undo rtm environment to delete a user-defined environment variable. Syntax rtm environment var-name var-value undo rtm environment var-name Default The system provides the variables in Table 58. You cannot create, delete, or modify these system-defined variables. Table 58 System-defined EAA environment variables by event type Variable name Description Any event: _event_id Event ID.
Views System view Predefined user roles network-admin Parameters var-name: Specifies an environment variable name, a string of 1 to 63 characters. A user-defined EAA environment variable name can contain digits, letters, and the underscore sign (_), but its leading character cannot be the underscore sign. var-value: Specifies the variable value.
rtm tcl-policy Use rtm tcl-policy to create a Tcl-defined policy and bind it to a Tcl script file. Use undo rtm tcl-policy to delete a Tcl policy. Syntax rtm tcl-policy policy-name tcl-filename undo rtm tcl-policy policy-name Default No Tcl policies exist. Views System view Predefined user roles network-admin Parameters policy-name: Specifies a policy name, a case-sensitive string of 1 to 63 characters. tcl-filename: Specifies a .tcl script file name. The file name is case sensitive.
Views CLI-defined policy view Predefined user roles network-admin Parameters time: Specifies the runtime of the CLI-defined policy, in the range of 0 to 31536000 seconds. If you specify 0, the policy can run forever until it is manually interrupted. Usage guidelines Policy runtime limits the amount of time that the monitor policy can run from the time it is triggered. When the runtime is reached, the system stops executing the policy even if the execution is not finished.
A monitor policy supports up to 64 valid user roles. User roles added after this limit is reached do not take effect. You cannot assign a monitor policy user roles that have higher privilege than the user roles you are logged in with. Examples # Assign user roles to a CLI-defined policy.
Process monitoring and maintenance commands In this chapter, "MSR2000" refers to MSR2003. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. The display memory, display process, display process cpu, monitor process and monitor thread commands display information about both user processes and kernel threads. In these commands, "process" refers to both user processes and kernel threads.
Core file path: flash:/core/node0_routed_120_7_20130409-171430_1365527670.core #0 0xb7caba4a #1 0x0804cb79 #2 0xb7cd77c4 #3 0x08049f45 Backtrace stopped. Registers' content eax:0xfffffffc ebx:0x00000003 ecx:0xbfe244ec edx:0x0000000a esp:0xbfe244b8 ebp:0xbfe244c8 esi:0xffffffff edi:0xbfe24674 eip:0xb7caba4a eflag:0x00000292 cs:0x00000073 ss:0x0000007b fs:0x00000000 gs:0x00000033 ds:0x0000007b es:0x0000007b # Display the exception context information on the x86-based 64-bit device.
Core file path: flash:/core/node0_routed_133_7_20130410-154749_1365608869.core #0 0x184720bc #1 0x10006b4c Backtrace stopped.
nip:0x00000fff803c66b4 lr:0x0000000010009b94 cr:0x0000000058000482 ctr:0x00000fff803c66ac msr:0x000000008002d000 xer:0x0000000000000000 ret:0xfffffffffffffffc dsisr:0x0000000000000000 gr3:0x0000000000000003 softe:0x0000000000000001 trap:0x0000000000000c00 dar:0x00000fff8059d14c # Display the exception context information on the MIPS-based 32-bit device.
a6:0xffffffff8021349c a7:0x20696e206368616e t0:0x0000000000000000 t1:0xffffffff80105068 t2:0xffffffff80213890 t3:0x0000000000000008 s0:0x0000005555a99c40 s1:0x000000ffff89af5f s2:0x0000000120007320 s3:0x0000005555a5f470 s4:0x000000ffff899f80 s5:0xffffffff803cc6c0 s6:0xffffffff803cc6a8 s7:0xffffffff803cc690 t8:0x0000000000000002 t9:0x0000005555a3bc98 k0:0x0000000000000000 k1:0x0000000000000000 gp:0x0000000120020460 sp:0x000000ffff899d70 s8:0x000000ffff899d80 ra:0x0000000120006c1c sr:0x0
display exception filepath [ slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays the core file directory on the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Examples # Display the core file directory on the MPU. (MSR2000/MSR3000.) display exception filepath The exception filepath is flash:.
cpu cpu-number: Specifies a CPU by its number. Examples # Display brief information about the latest kernel thread deadloop. display kernel deadloop 1 ----------------- Deadloop record 1 ----------------Description : BUG: soft lockup - CPU#0 stuck for 61! [comsh: 16306] Recorded at : 2013-05-01 11:16:00.823018 Occurred at : 2013-05-01 11:16:00.
Reg: r22, Val = 0x00002000 ; Reg: r23, Val = 0x0000002c ; Reg: r24, Val = 0x00000002 ; Reg: r25, Val = 0x24000024 ; Reg: r26, Val = 0x00000000 ; Reg: r27, Val = 0x057d9484 ; Reg: r28, Val = 0x0000002c ; Reg: r29, Val = 0x00000000 ; Reg: r30, Val = 0x0000002c ; Reg: r31, Val = 0x00000000 ; Reg: cr, Val = 0x84000028 ; Reg: nip, Val = 0x057d9550 ; Reg: xer, Val = 0x00000000 ; Reg: lr, Val = 0x0186eff0 ; Reg: ctr, Val = 0x682f7344 ; Reg: msr, Val = 0x00784b5c ; Reg: trap, Val = 0x0000b0
Function Address = 0x80179b30 Function Address = 0x80127438 Function Address = 0x8012d734 Function Address = 0x80100a00 Function Address = 0xe0071004 Function Address = 0x8016ce0c Function Address = 0x801223a0 Instruction dump: 41a2fe9c 812300ec 800200ec 7f890000 409efe8c 80010014 540b07b9 40a2fe80 4bfffe6c 80780290 7f64db78 4804ea35 <807f002c> 38800000 38a00080 3863000c Table 60 Command output Field Description Description Description for the kernel thread deadloop, including the CPU number, thread ru
display kernel deadloop configuration Use display kernel deadloop configuration to display kernel thread deadloop detection configuration. Syntax MSR2000/MSR3000: display kernel deadloop configuration MSR4000: display kernel deadloop configuration [ slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number.
display kernel exception show-number [ offset ] [ verbose ] MSR4000: display kernel exception show-number [ offset ] [ verbose ] [ slot slot-number [ cpu cpu-number ] ] Views Any view Predefined user roles network-admin Parameters show-number: Specifies the number of kernel exceptions to display, in the range of 1 to 10. offset: Specifies the offset between the starting exception and the latest exception, in the range of 0 to 9. The default value is 0. verbose: Displays detailed information.
CPU ID : 0 Kernel module info : module name (mrpnc) module address (0xe332a000) module name (12500) module address (0xe00bd000) Last 5 thread switches : migration/0 (11:16:00.823018)--> swapper (11:16:00.833018)--> kthreadd (11:16:00.833518)--> swapper (11:16:00.833550)--> disk (11:16:00.
0xe2be5f80: 02 be 5f c0 00 ac 1b f4 00 00 00 00 02 45 00 00 0xe2be5f90: 00 03 00 00 00 00 00 00 02 be 5f e0 00 00 00 30 0xe2be5fa0: 02 be 5f c0 00 ac 1b 14 61 f1 2e ae 02 45 00 00 0xe2be5fb0: 02 44 b3 74 02 be 5f d0 00 00 00 30 02 be 5f e0 0xe2be5fc0: 02 be 60 60 01 74 ff f8 00 00 00 00 00 00 08 00 0xe2be5fd0: 02 be 5f f0 00 e8 93 7e 02 be 5f f8 02 be 5f fc 0xe2be5fe0: 00 00 00 00 00 00 00 00 00 00 00 00 02 be 60 18 0xe2be5ff0: 02 be 60 10 00 e9 65 98 00 00 00 58 00 00 2a 4f 0xe2be6000: 02 be 60 10 00 00 00
Views Any view Predefined user roles network-admin Parameters show-number: Specifies the number of kernel thread reboots to display, in the range of 1 to 10. offset: Specifies the offset between the starting reboot and the latest reboot, in the range of 0 to 9. The default value is 0. verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information. slot slot-number: Specifies an MPU by its slot number.
Dump stack (total 1024 bytes, 16 bytes/line): 0xe2be5ea0: 02 be 5e c0 24 00 00 24 00 00 00 00 05 7d 94 84 0xe2be5eb0: 00 00 00 04 00 00 00 00 00 00 00 28 05 8d 34 c4 0xe2be5ec0: 02 be 60 a0 01 86 ef f0 00 00 00 00 00 00 00 00 0xe2be5ed0: 02 04 05 b4 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ee0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5ef0: 95 47 73 35 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f00: a0 e1 64 21 00 00 00 00 00 00 00 00 00 00 00 00 0xe2be5f10: 00 00 00 00 00 00 00 00 00 00 00 0
Table 62 Command output Field Description Recorded at Time when the kernel thread reboot was recorded on the MPU, with microsecond precision. Occurred at Time when a kernel thread rebooted, with microsecond precision. Reason Reboot reason. Thread Name and number of the rebooted kernel thread. Context Context where the reboot occurred. Slot Slot number of the MPU where the kernel thread ran. (MSR4000.) Fixed to 0 without any special meaning. (MSR2000/MSR3000.
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information. slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays kernel thread starvation information for the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Examples # Display brief information about the latest kernel thread starvation.
Reg: r14, Val = 0x00000000 ; Reg: r15, Val = 0x02000000 ; Reg: r16, Val = 0xe2be5f00 ; Reg: r17, Val = 0x00000000 ; Reg: r18, Val = 0x00000000 ; Reg: r19, Val = 0x00000000 ; Reg: r20, Val = 0x024c10f8 ; Reg: r21, Val = 0x057d9244 ; Reg: r22, Val = 0x00002000 ; Reg: r23, Val = 0x0000002c ; Reg: r24, Val = 0x00000002 ; Reg: r25, Val = 0x24000024 ; Reg: r26, Val = 0x00000000 ; Reg: r27, Val = 0x057d9484 ; Reg: r28, Val = 0x0000002c ; Reg: r29, Val = 0x00000000 ; Reg: r30, Val = 0x00000
Call trace: Function Address = 0x8012a4b4 Function Address = 0x8017989c Function Address = 0x80179b30 Function Address = 0x80127438 Function Address = 0x8012d734 Function Address = 0x80100a00 Function Address = 0xe0071004 Function Address = 0x8016ce0c Function Address = 0x801223a0 Instruction dump: 41a2fe9c 812300ec 800200ec 7f890000 409efe8c 80010014 540b07b9 40a2fe80 4bfffe6c 80780290 7f64db78 4804ea35 <807f002c> 38800000 38a00080 3863000c For detailed information about the command output, see Table 60.
Table 63 Command output Field Description Starvation timer (in seconds): n Time interval (in seconds) to identify a kernel thread starvation. A kernel thread starvation occurs if a kernel thread does not run within n seconds. Threads excluded from monitoring Kernel threads excluded from kernel thread starvation detection. Name Kernel thread name. TID Kernel thread number.
Job ID: 1 PID: 1 Parent JID: 0 Parent PID: 0 Executable path: Instance: 0 Respawn: OFF Respawn count: 1 Max. spawns per minute: 0 Last started: Wed Jun 1 14:45:46 2013 Process state: sleeping Max. core: 0 ARGS: TID LAST_CPU 1 Stack PRI State 0K 120 S 0 HH:MM:SS:MESC Name 0:0:5:220 scmd Table 64 Command output Field Description Job ID Job ID of the process. The job ID never changes. PID Number of the process. The number identifies the process, and it might change as the process restarts.
Field Description ARGS Parameters carried by the process during startup. If the process carries no parameters, this field displays a hyphen (-). TID Thread ID. LAST_CPU Number of the CPU on which the process is last scheduled. Stack Stack size. PRI Thread priority. Thread state: • • • • • State R—Running. S—Sleeping. T—Traced or stopped. D—Uninterruptible sleep. Z—Zombie. HH:MM:SS:MESC Running time since the latest start. Name Process name. # Display state information for all processes.
Field Description PID Number of a process. %CPU CPU usage in percentage (%). %MEM Memory usage in percentage (%). State of a process: • • • • • STAT R—Running. S—Sleeping. T—Traced or stopped. D—Uninterruptible sleep. Z—Zombie. PRI Priority of a process for scheduling. TTY TTY used by a process. HH:MM:SS Running time since the latest start. COMMAND Name and parameters of a process. If square brackets ([ ]) exist in a process name, the process is a kernel thread.
3 0.1% 0.0% 0.0% [ksoftirqd/0] 4 0.0% 0.0% 0.0% [watchdog/0] 5 0.0% 0.0% 0.0% [events/0] 6 0.0% 0.0% 0.0% [khelper] 29 0.0% 0.0% 0.0% [kblockd/0] 49 0.0% 0.0% 0.0% [vzmond] 52 0.0% 0.0% 0.0% [pdflush] 53 0.0% 0.0% 0.0% [pdflush] 54 0.0% 0.0% 0.0% [kswapd0] 110 0.0% 0.0% 0.0% [aio/0] 712 0.0% 0.0% 0.0% [mtdblockd] 719 0.0% 0.0% 0.0% [TNetJob] 720 0.0% 0.0% 0.0% [TMTH] 727 0.0% 0.0% 0.0% [CF] 730 0.0% 0.0% 0.0% [DIBC] 752 0.0% 0.
network-operator Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays log information for all user processes on the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Examples # Display log information for all user processes.
Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays memory usage for all user processes on the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Usage guidelines When a user process starts, it requests the following types of memory from the system: • Text memory—Stores code for the user process. • Data memory—Stores data for the user process.
• display process memory heap address • display process memory heap size display process memory heap Use display process memory heap to display heap memory usage for a user process.
16 8 52 60 13% 64 3 1262 1265 0.2% 128 2 207 209 1% 512 3 55 58 5.1% 4096 3 297 300 1% 8192 1 19 20 5% 81920 0 1 1 0% Summary: Total virtual memory heap space (in bytes) : 2293760 Total physical memory heap space (in bytes) : 58368 Total allocated memory (in bytes) 42368 : Table 69 Command output Field Description Size Size of each memory block, in bytes. Free Number of free memory blocks. Used Number of used memory blocks.
address starting-address: Specifies the starting memory block by its address. length memory-length: Specifies the memory block length in the range of 1 to 1024 bytes. slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays memory content information on the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Usage guidelines When a user process runs abnormally, this command helps locate the problem.
offset offset-size: Specifies an offset in the range of 0 to 4294967295. The default value is 128. For example, suppose the system allocates 100 16-byte memory blocks to process job 1, and the process has used 66 blocks. Then if you execute the display process memory heap job 1 size 16 offset 50 command, the output shows the addresses of the 51st through 66th 16-byte blocks used by the process. slot slot-number: Specifies a card by its slot number.
Predefined user roles network-admin Parameters directory: Specifies the directory for saving core files, which can only be the root directory of the flash memory or a CF card. Usage guidelines Each MPU has a default directory to store core files. You can use this command to change the directory on the active MPU and the standby MPU. If no directory is specified or the specified directory is not accessible, the system cannot store core files or record context information for process exceptions.
Usage guidelines Kernel threads share resources in kernel space. If a kernel thread monopolizes the CPU for a long time, other threads cannot run, resulting in a deadloop. This command enables the device to detect deadloops. If a thread occupies the CPU regularly, the device considers that a deadloop has occurred. It outputs a deadloop message and reboots to remove the deadloop. Inappropriate use of this command can cause service problems or system breakdown.
slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the active MPU is specified. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Usage guidelines You can disable kernel thread deadloop detection for up to 128 kernel threads by executing this command. Inappropriate use of this command can cause service problems or system breakdown. Make sure you understand the impact of this command on your network before you use it.
cpu cpu-number: Specifies a CPU by its number. Usage guidelines If a kernel thread runs for the specified interval, kernel thread deadloop detection considers that a deadloop has occurred. The system records the deadloop and restarts. Inappropriate use of this command can cause service problems or system breakdown. Make sure you understand the impact of this command on your network before you use it. Examples # Set the interval for identifying a kernel thread deadloop to 8 seconds.
This command enables the system to detect and report thread starvation. If a thread is not executed within an interval, the system considers that a starvation has occurred, and outputs a starvation message. Thread starvation does not impact system operation. A starved thread can automatically run when certain conditions are met. Inappropriate use of this command can cause service problems or system breakdown. Make sure you understand the impact of this command on your network before you use it.
cpu cpu-number: Specifies a CPU by its number. Usage guidelines You can disable kernel thread starvation detection for up to 128 kernel threads by executing the command. Inappropriate use of this command can cause service problems or system breakdown. Make sure you understand the impact of this command on your network before you use it. Examples # Disable kernel thread starvation detection for kernel thread 15.
Usage guidelines If a thread is not executed within the specified interval, the system considers that a starvation has occurred, and outputs a starvation message. Inappropriate use of this command can cause service problems or system breakdown. Make sure you understand the impact of this command on your network before you use it. Examples # Set the interval for identifying a kernel thread starvation to 120 seconds.
Usage guidelines If you do not specify the dumbtty keyword, the command displays process statistics in an interactive mode. In this mode, the system automatically determines the number of displayed processes according to the screen size, and does not display exceeding processes. You can also input interactive commands as shown in Table 70 to perform relevant operations. Table 70 Interactive commands Commands Description ? or h Displays help information that includes available interactive commands.
4 4 115 S 0 0K 00:00:06 0.00% [ksoftirqd/0] 5 5 99 S 0 0K 00:00:00 0.00% [watchdog/0] 6 6 115 S 0 0K 00:00:01 0.00% [events/0] 7 7 115 S 0 0K 00:00:00 0.00% [khelper] 4797 4797 120 S 8 28832K 00:00:02 0.00% comsh 5117 5117 120 S 8 1496K 00:00:00 0.00% top # Display process statistics twice in dumbtty mode.
3 3 99 S 0 0K 00:00:00 0.00% [migration/0] 4 4 115 S 0 0K 00:00:06 0.00% [ksoftirqd/0] 5 5 99 S 0 0K 00:00:00 0.00% [watchdog/0] 7 7 115 S 0 0K 00:00:00 0.00% [khelper] 4796 4796 120 S 11 2744K 00:00:00 0.00% login 4797 4797 120 S 8 28832K 00:00:03 0.00% comsh # Display process statistics in interactive mode. monitor process 76 processes; 103 threads; 687 fds Thread states: 1 running, 102 sleeping, 0 stopped, 0 zombie CPU states: 78.
Enter n, and then enter a number to modify the maximum number of displayed processes. If you enter 5, statistics for five processes are displayed. • Enter the max number of procs to display(0 is unlimited): 5 87 processes; 113 threads; 735 fds Thread states: 2 running, 111 sleeping, 0 stopped, 0 zombie CPU states: 86.57% idle, 0.83% user, 11.74% kernel, 0.
Field Description PRI Priority level of a process. State of a process: State • • • • • R—Running. S—Sleeping. T—Traced or stopped. D—Uninterruptible sleep. Z—Zombie. FDs Number of open files for a process. MEM Memory usage. It displays 0 for a kernel thread. HH:MM:SS Running time of a process since last restart. CPU CPU usage of a process. Name Name of a process. If square brackets ([ ]) exist in a process name, the process is a kernel thread.
Usage guidelines If you do not specify the dumbtty keyword, the command displays thread statistics in an interactive mode. In this mode, the system automatically determines the number of displayed thread processes according to the screen size and does not display exceeding processes. You can also input interactive commands as shown in Table 72 to perform relevant operations. Table 72 Interactive commands Commands Description ? or h Displays help information that includes available interactive commands.
CPU states: 94.43% idle, 0.76% user, 3.64% kernel, 1.15% interrupt Memory: 755M total, 417M available, page size 4K • JID TID LAST_CPU PRI State HH:MM:SS MAX CPU Name 1176 1176 0 120 R 00:00:01 1 3.42% top 866 866 0 120 S 00:00:12 1 0.85% devd 881 881 0 120 S 00:00:09 1 0.64% diagd 1 1 0 120 S 00:00:06 1 0.42% scmd 1160 1160 0 120 S 00:00:01 1 0.21% sshd 2 2 0 115 S 00:00:00 0 0.00% [kthreadd] 3 3 0 115 S 00:00:01 0 0.
JID TID LAST_CPU PRI State HH:MM:SS MAX CPU Name 1176 1176 0 120 R 00:00:04 1 1.86% top 866 866 0 120 S 00:00:14 1 0.87% devd 1 1 0 120 S 00:00:07 1 0.49% scmd 730 730 0 0 S 00:00:04 1 0.12% [DIBC] 762 762 0 120 S 00:00:22 1 0.12% [MNET] Enter q to quit interactive mode. • Table 73 Command output Field Description 84 processes; 107 threads Numbers of processes and threads. JID Job ID of a thread, which never changes. TID ID of a thread.
Default A process generates a core file for the first exception and does not generate any core files for subsequent exceptions. Predefined user roles network-admin Parameters off: Disables core file generation. maxcore value: Enables core file generation and sets the maximum number of core files, in the range of 1 to 10. name process-name: Specifies a process by its name, a case-insensitive string of 1 to 15 characters. job job-id: Specifies a process by its job ID, in the range of 1 to 2147483647.
Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears context information for process exceptions on the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Examples # Clear context information for exceptions.
Syntax MSR2000/MSR3000: reset kernel exception MSR4000: reset kernel exception [ slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread exception information for the active MPU. (MSR4000.) cpu cpu-number: Specifies a CPU by its number. Examples # Clear kernel thread exception information.
Related commands display kernel reboot reset kernel starvation Use reset kernel starvation to clear kernel thread starvation information. Syntax MSR2000/MSR3000: reset kernel starvation MSR4000: reset kernel starvation [ slot slot-number [ cpu cpu-number ] ] Views User view Predefined user roles network-admin Parameters slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command clears kernel thread starvation information for the active MPU. (MSR4000.
Sampler configuration commands In this chapter, "MSR2000" refers to MSR2003. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. display sampler Use display sampler to display configuration information for a sampler.
sampler Use sampler to create a sampler. Use undo sampler to delete a sampler. Syntax sampler sampler-name mode { fixed | random } packet-interval rate undo sampler sampler-name Default No sampler exists. Views System view Predefined user roles network-admin Parameters sampler-name: Specifies a sampler by its name, a case-insensitive string of 1 to 31 characters. fixed: Specifies the fixed sampling mode. A sampler in this mode selects the first packet per sampling.
Port mirroring commands display mirroring-group Use display mirroring-group to display mirroring group information. Syntax display mirroring-group { group-id | all | local } Views Any view Predefined user roles network-admin network-operator Parameters group-id: Specifies a mirroring group by its ID in the range of 1 to 6. all: Specifies all mirroring groups. local: Specifies local mirroring groups.
Field Description Type Type of the mirroring group. Status of the mirroring group: Status • Active—The mirroring group configuration has taken effect. • Incomplete—The mirroring group is not configured completely and does not take effect. Mirroring port Source port. Monitor port Destination port. mirroring-group Use mirroring-group to create a mirroring group. Use undo mirroring-group to delete mirroring groups.
Default No source port is configured for any mirroring groups. Views Interface view Predefined user roles network-admin Parameters group-id: Specifies a mirroring group by its ID in the range of 1 to 6. The specified mirroring group must already exist. both: Mirrors both received and sent packets on the port. inbound: Mirrors only received packets on the port. outbound: Mirrors only sent packets on the port. Usage guidelines A port can belong to only one mirroring group.
interface-list: Specifies a space-separated list of up to eight port items. Each item specifies a single port or a port range in the form of interface-type interface-number 1 to interface-type interface-number 2. The specified ports must be of the same type and on the same card. The interface number for interface-number 2 must be equal to or greater than the interface number for interface-number 1. both: Mirrors both received and sent packets on the specified ports.
[Sysname] mirroring-group 1 local [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] mirroring-group 1 monitor-port Related commands mirroring-group mirroring-group monitor-port (system view) Use mirroring-group monitor-port to configure a port as the monitor port for a mirroring group. Use undo mirroring-group monitor-port to remove the monitor port from a mirroring group.
Traffic mirroring commands The traffic mirroring commands are available on the following hardware: Layer 2 switching modules on the MSR routers. mirror-to Use mirror-to to configure a mirroring action for a traffic behavior. Use undo mirror-to to cancel the configuration. Syntax mirror-to interface interface-type interface-number undo mirror-to interface interface-type interface-number Default No mirroring action is configured for a traffic behavior.
NetStream configuration commands In this chapter, "MSR2000" refers to MSR2003. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. display ip netstream cache Use display ip netstream cache to display the configuration and status for the NetStream entries in the cache.
IP packet size distribution (1103746 packets in total): 1-32 64 96 128 160 192 224 256 288 320 352 384 416 448 480 .249 .694 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 >4608 .000 .000 .027 .000 .027 .000 .000 .000 .000 .000 .000 .
IP& 172.16.1.1(68) 172.16.2.1(67) MPLS LDP(4.4.4.4/24) 17 64 GE2/1/3(I) 1848 1:55-6-0 2:16-6-1 TCPFlag: 0 DstMask: 24 DstAS: 0 InVRF: 0 SamplerMode: 0 Active: SrcMask: 382.542 24 SrcAS: 0 SamplerInt: 0 Bytes/Pkt: NextHop: 172.16.2.10 BGPNextHop: 0.0.0.0 1426 # Display detailed information about the NetStream entries in the cache of slot 1. (MSR4000.
-------------------------------------------------------------------------IP 11.1.1.1(1024) TCPFlag: 27 DstMask: 24 DstAS: 0 InVRF: 10 SamplerMode: Active: L2 11.1.1.2(21) 2 120.600 6 SrcMask: 24 SrcAS: 0 SamplerInt: 256 Bytes/Pkt: 152 0012-3f86-e94c(10) 0012-3f86-e86a(0) SamplerMode: SamplerInt: 64 Bytes/Pkt: 210 Active: 1 5.510 MPLS LDP(3.3.3.3/24) 128 ET1/1(I) 42996 NextHop: 0.0.0.0 BGPNexthop: 0.0.0.
Field Description IP flow entries counted Number of IP flows that have been counted. MPLS flow entries counted Number of MPLS flows that have been counted. L2 flow entries counted Number of Layer 2 flows that have been counted. IPL2 flow entries counted Number of Layer 2 and Layer 3 flows that have been counted. Last time when the statistics were cleared.
Field Description Statistics of the active flows in the current cache: • Flow type. Flows are classified into the following types: Type DstIP(Port) SrcIP(Port) Pro ToS If(Direct) Pkts • • • • • • { IP flows. { L2 flows. { IP&L2 flows. { MPLS flows without IP options. { MPLS flows with IP options. Destination IP address (destination port). Source IP address (source port). Protocol number. ToS. Interface type and name (direction). Number of packets.
Field Description Other information about the active flows in the cache: TCPFlag: DstMask: NextHop: SrcMask: DstAS: SrcAS: BGPNextHop: OutVRF: InVRF: SamplerMode: Active: SamplerInt: • • • • • • • • • • Bytes/Pkt: TCP tag. Destination mask. Source mask. Routing next hop. Destination AS. Source AS. BGP next hop. VPN to which the outbound packets belong. VPN to which the inbound packets belong. Sampling mode. NetStream supports the following sampling modes: { 0—No sampling. { 1—Fixed sampling.
Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 10.10.0.10 (30000) Version 9 exported flows number : 20 Version 9 exported UDP datagrams number (failed) : 2 (0) as aggregation export information: Flow source interface : GigabitEthernet2/1/1 Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 10.10.0.
display ip netstream template MSR4000: display ip netstream template [ slot slot-number ] Views Any view Predefined user roles network-admin network-operator Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays NetStream template information for the active MPU. (MSR4000.) Examples # Display information about the NetStream template when the NetStream aggregation mode of AS is enabled.
Last template export time : Never Field count : 14 Field type Field length (bytes) --------------------------------------------------------------------------Flows 4 In packets 8 In bytes 8 First forwarded 4 Last forwarded 4 Source AS 4 Destination AS 4 Input interface index 4 Output interface index 4 Direction 1 Sampling algorithm 1 PAD 1 PAD 1 Sampling interval 4 Table 78 Command output Field Description Flow template refresh frequency Refresh frequency at which the tem
Field Description Input interface index Index of the input interface. Output interface index Index of the output interface. PAD Padding string. Sampling interval Sampling rate. enable Use enable to enable a NetStream aggregation mode. Use undo enable to disable a NetStream aggregation mode. Syntax enable undo enable Default No NetStream aggregation is enabled. Views NetStream aggregation mode view Predefined user roles network-admin Examples # Enable NetStream AS aggregation.
Predefined user roles network-admin Parameters inbound: Enables NetStream for incoming traffic. outbound: Enables NetStream for outgoing traffic. Examples # Enable NetStream for incoming traffic on GigabitEthernet 2/1/1. system-view [Sysname] interface gigabitethernet 2/1/1 [Sysname-GigabitEthernet2/1/1] ip netstream inbound ip netstream aggregation Use ip netstream aggregation to set a NetStream aggregation mode and to enter the NetStream aggregation mode view.
prefix-port: Specifies the prefix-port aggregation by the following criteria: • Source prefix. • Destination prefix. • Source address mask length. • Destination address mask length. • ToS. • Protocol number. • Source port. • Destination port. • Inbound interface index. • Outbound interface index. protocol-port: Specifies the protocol-port aggregation by protocol number, source port, and destination port.
A flow matching multiple aggregation modes is counted as multiple aggregate flows. Examples # Set the NetStream aggregation mode as AS, and enter the NetStream AS aggregation view. system-view [Sysname] ip netstream aggregation as Related commands enable ip netstream export host Use ip netstream export host to specify a destination host for the NetStream data export.
Examples # Specify the destination host for NetStream data export as 172.16.105.48 and UDP port 5000. system-view [Sysname] ip netstream export host 172.16.105.48 5000 Related commands • ip netstream aggregation • ip netstream export source ip netstream export rate Use ip netstream export rate to limit the NetStream data export rate. Use undo ip netstream export rate to restore the default.
Views System view, NetStream aggregation mode view Predefined user roles network-admin Parameters interface-type interface-number: Specifies a source interface by its type and number. Usage guidelines You can configure different source interfaces in different NetStream aggregation mode views. If no source interface is configured in NetStream aggregation mode view, the source interface in system view applies. Examples # Specify GigabitEthernet 2/1/1 as the source interface for NetStream data packets.
• The version 9 template is not updated on a NetStream server. To avoid this situation, configure the refresh frequency for version 9 templates so that NetStream servers can refresh them. The refresh frequency and the refresh interval can both be configured, and the template is resent when either of the conditions is reached. Examples # Configure the device to wait until 100 packets are sent before resending a NetStream version 9 template to NetStream servers.
Examples # Configure the device to wait for 60 minutes before resending NetStream version 9 templates to NetStream servers. system-view [Sysname] ip netstream export v9-template refresh-rate time 60 Related commands ip netstream export v9-template refresh-rate packet ip netstream export version Use ip netstream export version 5 to export NetStream data in the version 5 format and choose whether or not to record data about AS information.
Statistics of BGP next hop can be exported only in the version 9 format. If you execute this command multiple times, the most recent configuration takes effect. Examples # Configure the device to export NetStream data in the version 5 format and to specify the NetStream data to include the source AS and destination AS. system-view [Sysname] ip netstream export version 5 origin-as ip netstream filter Use ip netstream filter to enable NetStream filtering on an interface.
undo ip netstream max-entry Default The cache can accommodate up to 10000 entries. Views System view Predefined user roles network-admin Parameters max-entries: Specifies the maximum number of entries that the cache can accommodate. The value range for this argument is 1000 to 100000. Usage guidelines (MSR4000.) The max-entries argument takes effect on each card. Examples # Set the maximum number of entries in the cache to 5000.
Usage guidelines The ip netstream mpls command enables statistics collection of MPLS packets for both IPv4 and IPv6 NetStream. If multiple labels are to be counted, the label positions specified cannot be the same and are in ascending order. Examples # Enable NetStream of MPLS packets with top label counted and exported but without IP fields. system-view [Sysname] ip netstream mpls no-ip-fields ip netstream sampler Use ip netstream sampler to enable NetStream sampling.
undo ip netstream timeout active Default The aging timer is 30 minutes for active flows. Views System view Predefined user roles network-admin Parameters minutes: Sets the aging timer for active flows, in the range of 1 to 60 minutes. Usage guidelines A flow is considered active if packets for the NetStream entry arrive within the range of time set by the aging timer for active flows. Examples # Set the aging timer to 60 minutes for active flows.
system-view [Sysname] ip netstream timeout inactive 60 Related commands ip netstream timeout active reset ip netstream statistics Use reset ip netstream statistics to age out all flows in the cache and export NetStream data. Syntax reset ip netstream statistics Views User view Predefined user roles network-admin Usage guidelines It takes several minutes for the system to execute the command. During this period, the system does not perform NetStream data collection.
IPv6 NetStream commands In this chapter, "MSR2000" refers to MSR2003. "MSR3000" collectively refers to MSR3012, MSR3024, MSR3044, MSR3064. "MSR4000" collectively refers to MSR4060 and MSR4080. display ipv6 netstream cache Use display ipv6 netstream cache to display the configuration and status for the IPv6 NetStream entries in the cache.
.249 .694 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 .000 512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 >4608 .000 .000 .027 .000 .027 .000 .000 .000 .000 .000 .000 .
512 544 576 1024 1536 2048 2560 3072 3584 4096 4608 >4608 .000 .000 .027 .000 .027 .000 .000 .000 .000 .000 .000 .
Table 79 Command output Field Description IPv6 NetStream cache information Configuration and status for the IPv6 NetStream entries in the cache. Active flow timeout Aging timer for active flows, in minutes. Inactive flow timeout Aging timer for inactive flows, in seconds. Max number of entries Maximum number of IPv6 flows allowed in the cache. IPv6 active flow entries Number of active IPv6 flows in the cache. MPLS active flow entries Number of active IPv6 MPLS flows in the cache.
Field Description Statistics of the active flows in the current cache: • Flow type. Flows are classified into the following types: Type DstIP(Port) SrcIP(Port) FlowLbl If(Direct) Pkts Pro TC • • • • • • • { IP flows. { Layer 2 flows with IPv6 protocol information (IPL2). { MPLS flows without IP options (MPLS). { MPLS flows with IP options (IP&MPLS). Destination IPv6 address (destination port). Source IPv6 address (source port). Protocol number. Traffic classification. Flow label.
Field Description Other information about the active flows in the cache: • • • • • • • • • • TcpFlag: DstMask: SrcMask: DstAS: SrcAS: NextHop: BGPNextHop: OutVRF: InVRF: SamplerMode: Active: SamplerInt: Bytes/Pkt: TCP flag. Destination mask. Source mask. Destination AS. Source AS. Routing next hop. BGP next hop. VPN to which the outbound packets belong. VPN to which the inbound packets belong. Sampling mode. IPv6 NetStream supports the following sampling modes: { 0—No sampling.
Version 9 exported flows number : 16 Version 9 exported UDP datagrams number (failed): 16 (0) MPLS export information: Flow source interface : GigabitEthernet2/1/1 Flow destination VPN instance : VPN1 Flow destination IP address (UDP) : 10.10.0.10 (30000) Version 9 exported flows number : 20 Version 9 exported UDP datagrams number (failed) : 2 (0) Table 80 Command output Field Description IPv6 export information Statistics of the IPv6 NetStream data export.
Parameters slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays IPv6 NetStream template information for the active MPU. (MSR4000.) Examples # Display information about the IPv6 NetStream templates.
Sampling algorithm 1 PAD 1 Sampling interval 4 L3 outbound template: Template ID : 3305 Field count : 27 Field type Field length (bytes) --------------------------------------------------------------------------Out packets 8 Out bytes 8 First forwarded 4 Last forwarded 4 Input Interface Index 4 Output Interface Index 4 IPv6 source address 16 IPv6 destination address 16 IPv6 nexthop 16 PAD 1 IPv6 flow label 3 Source AS 4 Destination AS 4 L4 source port 2 L4 destination
IPv6 destination address 16 IPv6 nexthop 16 PAD 1 IPv6 flow label 3 Source AS 4 Destination AS 4 L4 source port 2 L4 destination port 2 IP protocol version 1 TCP flags 1 Protocol 1 Source ToS 1 IPv6 source mask 1 IPv6 destination mask 1 Direction 1 Forwarding offset 1 Out VPN ID 2 Sampling algorithm 1 PAD 1 Sampling interval 4 Table 81 Command output Field Description Flow template refresh frequency Refresh frequency at which the templates are sent, in packets.
Field Description First forwarded System time when the first packet was forwarded, accurate to milliseconds. Last forwarded System time when the last packet was forwarded, accurate to milliseconds. PAD Padding string. Sampling interval Sampling rate. enable Use enable to enable an IPv6 NetStream aggregation mode. Use undo enable to disable an IPv6 NetStream aggregation mode. Syntax enable undo enable Default No IPv6 NetStream aggregation is enabled.
Views Interface view Predefined user roles network-admin Parameters inbound: Enables IPv6 NetStream for incoming traffic. outbound: Enables IPv6 NetStream for outgoing traffic. Examples # Enable IPv6 NetStream for incoming traffic on GigabitEthernet 2/1/1.
• Destination prefix. • Input interface index. • Output interface index. protocol-port: Specifies the protocol-port aggregation by protocol number, source port, and destination port. source-prefix: Specifies the source-prefix aggregation by source AS number, source address mask length, source prefix, and input interface index. Usage guidelines In IPv6 NetStream aggregation mode view, you can perform the following tasks: • Enable or disable the specified IPv6 NetStream aggregation mode.
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the destination host belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the destination is on the public network, do not specify this option. Usage guidelines You cannot use the display ipv6 netstream export command to display information about the IPv6 NetStream aggregation mode that is not enabled. You can specify the same destination host in different IPv6 NetStream aggregation mode views.
Predefined user roles network-admin Parameters rate: Specifies the maximum rate for exporting IPv6 NetStream data, in the range of 1 to 1000 (maximum number of packets per second). Examples # Allow a maximum of 10 packets to be exported per second. system-view [Sysname] ipv6 netstream export rate 10 ipv6 netstream export source Use ipv6 netstream export source to specify the source interface for data packets sent to the NetStream servers.
ipv6 netstream export v9-template refresh-rate packet Use ipv6 netstream export v9-template refresh-rate packet to configure the refresh frequency (in packets) for IPv6 NetStream version 9 templates. The templates are sent after the specified number of packets are sent. Use undo ipv6 netstream export v9-template refresh-rate packet to restore the default.
Syntax ipv6 netstream export v9-template refresh-rate time minutes undo ipv6 netstream export v9-template refresh-rate time Default Version 9 templates are resent every 30 minutes. Views System view Predefined user roles network-admin Parameters minutes: Specifies the refresh interval that the device waits before IPv6 NetStream version 9 templates are sent to NetStream servers. The value range is 1 to 3600 minutes. Usage guidelines Version 9 is template-based and supports user-defined formats.
Default The version 9 format is used to export IPv6 NetStream traditional data, IPv6 NetStream aggregation data, and MPLS flow data with IPv6 fields. The peer AS numbers are recorded. The BGP next hop is not recorded. Views System view Predefined user roles network-admin Parameters origin-as: Exports statistics of the source AS originating the route for the source address and the destination AS for the destination address.
Parameters acl acl-number: Specifies an ACL by its number. • For a basic or an advanced ACL, the value range is 2000 to 3999. • For an Ethernet frame header ACL, the value range is 4000 to 4999. inbound: Filters incoming traffic. outbound: Filters outgoing traffic. Usage guidelines IPv6 NetStream filtering uses an ACL to identify intended packets. • If you want to collect data for specific flows, use the ACL permit statements to identify the flows. IPv6 NetStream collects data for only these flows.
[Sysname] ipv6 netstream max-entry 5000 ipv6 netstream sampler Use ipv6 netstream sampler to enable IPv6 NetStream sampling. Use undo ipv6 netstream sampler to restore the default. Syntax ipv6 netstream sampler sampler-name { inbound | outbound } undo ipv6 netstream sampler sampler-name { inbound | outbound } Default IPv6 NetStream sampling is disabled.
Parameters minutes: Sets the aging timer for active flows, in the range of 1 to 60 minutes. Usage guidelines A flow is considered active if packets for the IPv6 NetStream entry arrive within the period set by the aging timer. Examples # Set the aging timer to 60 minutes for active flows.
Syntax reset ipv6 netstream statistics Views User view Predefined user roles network-admin Usage guidelines It takes several minutes for the system to execute the command. During this period, the system does not perform IPv6 NetStream data collection. Examples # Age out and export all IPv6 NetStream data. reset ipv6 netstream statistics This process may take a few minutes. NetStream statistic function is disabled during this process.
sFlow commands display sflow Use display sflow to display sFlow configuration and operation information. Syntax display sflow Views Any view Predefined user roles network-admin network-operator Examples # Display sFlow configuration and operation information. display sflow sFlow datagram version: 5 Global information: Agent IP: 10.10.10.1(CLI) Source address: 10.0.0.
Field Description Port sFlow collector port. Aging Remaining lifetime of the sFlow collector. If this field displays N/A, the sFlow collector never ages out. Size Maximum length of the sFlow data portion in an sFlow packet. VPN-instance Name of the VPN bound with the sFlow collector. Description Description of the sFlow collector. Port information Information about interfaces configured with sFlow. Interface Interface configured with sFlow.
Parameters ip ip-address: Specifies an IPv4 address for the sFlow agent. ipv6 ipv6-address: Specifies an IPv6 address for the sFlow agent. Usage guidelines HP recommends that you manually configure an IP address for the sFlow agent. Only one IP address can be specified for the sFlow agent on the device. A newly configured IP address overwrites the existing one. Examples # Specify IP address 10.10.10.1 for the sFlow agent. system-view [Sysname] sflow agent ip 10.10.10.
time-out seconds: Specifies the aging timer of the sFlow collector, in the range of 1 to 2147483647 seconds. When the aging timer expires, the sFlow collector settings are deleted. The sFlow collector settings do not age out by default. Examples # Configure the following parameters for sFlow collector 2: • VPN name—vpn1. • IP address—3.3.3.1. • Port number—Default. • Description—netserver. • Aging timer—1200 seconds. • Maximum length of the sFlow data portion in the sFlow packet—1000 bytes.
Syntax sflow counter collector collector-id undo sflow counter collector Default No sFlow collector is specified for counter sampling. Views Layer 2 Ethernet interface view, Layer 3 Ethernet interface view Predefined user roles network-admin Parameters collector-id: Specifies an sFlow collector by its ID in the range of 1 to 10. Examples # Specify sFlow collector 2 on GigabitEthernet 2/1/1 for counter sampling.
sflow flow max-header Use sflow flow max-header to set the maximum number of bytes (starting from the packet header) that flow sampling can copy per packet. Use undo sflow flow max-header to restore the default. Syntax sflow flow max-header length undo sflow flow max-header Default Flow sampling can copy up to 128 bytes of a packet.
• The next time the device samples the 4010th packet, and so on. random: Specifies the random sampling mode. For example, if the packet sampling interval is set to 4000, the device samples packets randomly as follows: • The device might sample one packet from the first 4000 packets. • The device might sample multiple packets from the next 4000 packets. • The device might sample no packets from the third 4000 packets. However, the device samples one packet from 4000 packets on average.
sflow source Use sflow source to specify the source IP address of sFlow packets. Use undo sflow source to restore the default. Syntax sflow source { ip ip-address | ipv6 ipv6-address } * undo sflow source { ip | ipv6 } * Default The source IP address of sent sFlow packets is determined by routing. Views System view Predefined user roles network-admin Parameters ip ip-address: Specifies the source IPv4 address of sFlow packets. ipv6 ipv6-address: Specifies the source IPv6 address of sFlow packets.
Information center commands diagnostic-logfile save Use diagnostic-logfile save to manually save diagnostic logs from the diagnostic log buffer to the diagnostic log file. Syntax diagnostic-logfile save Views Any view Predefined user roles network-admin Usage guidelines You can specify the directory to save the diagnostic log file with the info-center diagnostic-logfile directory command. The system clears the diagnostic log buffer after saving the buffered diagnostic logs to the diagnostic log file.
display diagnostic-logfile summary Diagnostic log file: Enabled. Diagnostic log file size quota: 10 MB Diagnostic log file directory: cfa0:/diagfile Writing frequency: 24 hour 0 min 0 sec Table 83 Command output Field Description • Enabled—Diagnostic logs can be output to the diagnostic log Diagnostic log file file. • Disabled—Diagnostic logs cannot be output to the diagnostic log file. Diagnostic log file size quota Maximum size of the diagnostic log file, in MB.
display logbuffer Use display logbuffer to display the state of the log buffer and the log information in the log buffer. Syntax MSR2000/MSR3000: display logbuffer [ reverse ] [ level severity | size buffersize ] * MSR4000: display logbuffer [ reverse ] [ level severity | size buffersize | slot slot-number ] * Views Any view Predefined user roles network-admin network-operator Parameters reverse: Displays log entries chronologically, with the most recent entry at the top.
Examples # (MSR2000/MSR3000.) Display the state and log information of the log buffer. display logbuffer Log buffer: Enabled Max buffer size: 1024 Actual buffer size: 512 Dropped messages: 0 Overwritten messages: 718 Current messages: 512 %Jun 17 15:57:09:578 2013 Sysname SYSLOG/7/SYS_RESTART:System restarted -… # (MSR4000.) Display the state and log information of the log buffer.
display logbuffer summary [ level severity | slot slot-number ] * Views Any view Predefined user roles network-admin network-operator Parameters level severity: Specifies a severity level in the range of 0 to 7. Without this keyword, the command displays log information of all levels in the log buffer. For more information about log levels, see Table 84. slot slot-number: Specifies a card by its slot number. (MSR4000.) Examples # (MSR2000/MSR3000.) Display the summary of the log buffer.
Views Any view Predefined user roles network-admin network-operator Examples # Display the log file configuration. display logfile summary Log file: Enabled. Log file size quota: 10 MB Log file directory: caf0:/logfile Writing frequency: 0 hour 1 min 10 sec Table 87 Command output Field Description Log file • Enabled—Logs can be output to a log file. • Disabled—Logs cannot be output to a log file. Log file size quota Maximum storage space reserved for a log file, in MB.
Current usage: 30% Writing frequency: 1 hour 0 min 0 sec Table 88 Command output Field Description Security log file • Enabled—Security logs can be output to the security log file. • Disabled—Security logs cannot be output to the security log file. Security log file size quota Maximum storage space reserved for the security log file. Security log file directory Security log file directory. Alarm-threshold Alarm threshold of the security log file usage.
Syntax info-center diagnostic-logfile enable undo info-center diagnostic-logfile enable Default Saving diagnostic logs into the diagnostic log file is enabled. Views System view Predefined user roles network-admin Usage guidelines This command enables the system to save generated diagnostic logs to the diagnostic log file for centralized management. This facilitates users in monitoring device activities and debugging problems by viewing the diagnostic logs.
Examples # Configure the system to save diagnostic logs from the diagnostic log file buffer to the diagnostic log file every 600 seconds. system-view [Sysname] info-center diagnostic-logfile frequency 600 Related commands info-center diagnostic-logfile enable info-center diagnostic-logfile quota Use info-center diagnostic-logfile quota to set the maximum size of a diagnostic log file. Use undo info-center diagnostic-logfile quota to restore the default.
Parameters dir-name: Specifies a directory by its name, a string of 1 to 64 characters. Usage guidelines The specified directory must have been created. The command cannot survive a reboot. (MSR2000/MSR3000.) The command cannot survive a reboot or an active/standby switchover. (MSR4000.) Examples # Set the directory to save the diagnostic log file to caf0:/test. mkdir test Creating directory caf0:/test... Done.
info-center enable Use info-center enable to enable the information center. Use undo info-center enable to disable the information center. Syntax info-center enable undo info-center enable Default The information center is enabled. Views System view Predefined user roles network-admin Examples # Enable the information center. system-view [Sysname] info-center enable Information center is enabled. info-center format Use info-center format to set the format of logs sent to a log host.
Examples # Set the format of logs sent to a log host as unicom. system-view [Sysname] info-center format unicom info-center logbuffer Use info-center logbuffer to configure log output to the log buffer. Use undo info-center logbuffer to disable log output to the log buffer. Syntax info-center logbuffer undo info-center logbuffer Default Logs are allowed to be output to the log buffer.
Parameters buffersize: Specifies the maximum number of logs that can be stored in the log buffer. The value range is 0 to 1024, and the default is 512. Examples # Set the maximum number of logs that can be stored in a log buffer to 50. system-view [Sysname] info-center logbuffer size 50 # Restore the default maximum log buffer size.
Default The default saving interval is 86400 seconds. Views System view Predefined user roles network-admin Parameters freq-sec: Specifies the interval at which the system saves logs to a log file, in seconds. The value range is 1 to 86400. Usage guidelines With this command executed, the system saves logs in the log file buffer to a log file at the specified interval. Examples # Configure the interval for saving logs to a log file as 60000 seconds.
Examples # Set the maximum size for a log file to 6 MB. system-view [Sysname] info-center logfile size-quota 6 Related commands info-center logfile enable info-center logfile directory Use info-center logfile directory to configure the directory where a log file is saved. Syntax info-center logfile directory dir-name Default Log files are stored in the logfile directory under the root directory of the storage device.
Syntax info-center logging suppress duplicates undo info-center logging suppress duplicates Default Duplicate log suppression is disabled. Views System view Predefined user roles network-admin Usage guidelines Outputting consecutive duplicate logs at an interval of less than 30 seconds wastes system and network resources.
Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-fc58-123d This message repeated 1 times in last 1 second. %Jan 1 07:30:19:542 2013 Sysname CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=[12]-CommandSource=[2]-ConfigSource=[4]-ConfigDestination=[2]; Configuration is changed. The output shows that a different log is generated during the suppression period. %Jan 1 07:30:24:643 2013 Sysname ARP/6/DUPIFIP: Duplicate address 172.16.0.
Examples # Output logs to the log host 1.1.1.1. system-view [Sysname] info-center loghost 1.1.1.1 info-center loghost source Use info-center loghost source to specify the source IP address for output logs. Use undo info-center loghost source to restore the default. Syntax info-center loghost source interface-type interface-number undo info-center loghost source Default The source IP address of output logs is the primary IP address of the matching route's egress interface.
Default The alarm threshold for security log file usage is 80. When the usage of the security log file reaches 80%, the system outputs a message to inform the administrator. Views System view Predefined user roles network-admin Parameters usage: Specifies an alarm threshold. The value must be an integer in the range of 1 to 100. Usage guidelines When the size of the security log file reaches the upper limit, the system deletes the oldest logs and then writes new logs into the security log file.
system-view [Sysname] info-center security-logfile enable info-center security-logfile frequency Use info-center security-logfile frequency to configure the interval for saving security logs to the security log file. Use undo info-center security-logfile frequency to restore the default saving interval. Syntax info-center security-logfile frequency freq-sec undo info-center security-logfile frequency Default The default saving interval is 86400 seconds.
Predefined user roles network-admin Parameters size: Specifies the maximum size for the security log file, in MB. The value range is 1 to 10. Examples # Set the maximum size for the security log file to 6 MB. system-view [Sysname] info-center security-logfile size-quota 6 Related commands info-center security-logfile alarm-threshold info-center security-logfile directory Use info-center security-logfile directory to configure the directory where the security log file is saved.
Syntax info-center source { module-name | default } { console | logbuffer | logfile | loghost | monitor } { deny | level severity } undo info-center source { module-name | default } { console | logbuffer | logfile | loghost | monitor } Default Table 89 lists the default log output rules.
level severity: Specifies a severity level in the range of 0 to 7. See Table 84 for more information. With this keyword, you can specify the lowest severity level of the logs allowed/denied to be output. Usage guidelines This command sets an output rule for a specified module or all modules. For example, you can output IP log information with a severity of at least warning to the log host, and output IP log information with a severity of at least informational to the log buffer.
Examples # Enable synchronous information output, and then issue the display current-configuration command to view the current configuration of the device. system-view [Sysname] info-center synchronous Info-center synchronous output is on [Sysname] display current- At this time, the system receives log information. It displays the log information first, and then displays your previous input, which is display current- in this example.
Parameters boot: Sets the timestamp format as xxx.yyy, where xxx is the most significant 32 bits (in milliseconds) and yyy is the least significant 32 bits. For example, 0.21990989 equals Jun 25 14:09:26:881 2013. The boot time shows the time since system startup. date: Sets the timestamp format as "MMM DD hh:mm:ss:xxx YYYY", such as Dec 8 10:12:21:708 2013. The date time shows the current system time.
Examples # Configure the timestamp format for system information sent to a log host as no-year-date. system-view [Sysname] info-center timestamp loghost no-year-date Related commands info-center timestamp info-center trace-logfile quota Use info-center trace-logfile quota to set the maximum size of the trace log file. Use undo info-center trace-logfile quota to restore the default.
Examples # Manually save logs from the log file buffer into a log file. logfile save The contents in the log file buffer have been saved to the file caf0:/logfile/logfile.log. Related commands • info-center logfile enable • info-center logfile directory reset logbuffer Use reset logbuffer to clear the log buffer. Syntax reset logbuffer Views User view Predefined user roles network-admin Examples # Clear the log buffer.
security-logfile save The contents in the security log file buffer have been saved to the file caf0:/seclog/seclog.log. Related commands • info-center security-logfile directory • authorization-attribute (Security Command Reference) terminal debugging Use terminal debugging to enable the display of debug information on the current terminal. Use undo terminal debugging to disable the display of debug information on the current terminal.
terminal debugging The current terminal is enabled to display debugging information. Related commands • terminal logging level • terminal monitor terminal logging level Use terminal logging level to set the lowest level of the logs that can be output to the current terminal. Use undo terminal logging level to restore the default.
Default Monitoring of logs is enabled on the console and disabled on the monitor terminal. Views User view Predefined user roles network-admin Usage guidelines The configuration of this command is valid for only the current connection between the terminal and the device. If a new connection is established, the default is restored. Examples # Enable the monitoring of logs on the current terminal. terminal monitor The current terminal is enabled to display logs.
Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.
Conventions This section describes the conventions used in this documentation set. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. [] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x | y | ... } Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.
Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Represents an access controller, a unified wired-WLAN module, or the switching engine on a unified wired-WLAN switch. Represents an access point. Represents a mesh access point.
Index ACDEFHILMNOPRSTUVWX diagnostic-logfile save,360 A display cwmp configuration,226 action cli,230 display cwmp status,227 action reboot,231 display debugging,2 action switchover,232 display diagnostic-logfile summary,360 action syslog,232 display exception context,250 advantage-factor,12 display exception filepath,254 apply poe-profile,122 display info-center,361 apply poe-profile interface,122 display ip netstream cache,307 C display ip netstream export,313 codec-type,12 display ip
display poe pse interface,131 event hotplug,237 display poe pse interface power,132 event interface,238 display poe-power,133 event process,240 display poe-profile,135 event snmp oid,241 display poe-profile interface,136 event snmp-notification,242 display process,269 event syslog,243 display process cpu,272 exception filepath,279 display process log,273 expect data,34 display process memory,274 expect ip,35 display process memory heap,276 expect ipv6,36 display process memory heap addre
monitor kernel deadloop exclude-thread,281 info-center timestamp loghost,384 info-center trace-logfile quota,385 monitor kernel deadloop time,282 ip netstream,317 monitor kernel starvation enable,283 ip netstream aggregation,318 monitor kernel starvation exclude-thread,284 ip netstream export host,320 monitor kernel starvation time,285 ip netstream export rate,321 monitor process,286 ip netstream export source,321 monitor thread,291 ip netstream export v9-template refresh-rate packet,322 N net
reset kernel starvation,298 P reset logbuffer,386 password,46 resolve-target,65 ping,2 resolve-type,66 ping ipv6,5 rmon alarm,202 poe disconnect,137 rmon event,204 poe enable,137 rmon history,206 poe enable pse,138 rmon prialarm,207 poe legacy enable,139 rmon statistics,209 poe max-power,139 route-option bypass-route,66 poe max-power (system view),140 rtm cli-policy,244 poe pd-description,141 rtm environment,245 poe pd-policy priority,141 rtm scheduler suspend,246 poe priority,142
target-only,72 snmp-agent trap enable,182 snmp-agent trap if-mib link extended,183 terminal debugging,387 snmp-agent trap life,184 terminal logging level,388 snmp-agent trap log,184 terminal monitor,388 snmp-agent trap queue-size,185 tos,73 snmp-agent usm-user { v1 | v2c },186 tracert,8 snmp-agent usm-user v3,187 tracert ipv6,9 sntp authentication enable,116 ttl,73 sntp authentication-keyid,117 type,74 sntp enable,118 U sntp ipv6 unicast-server,118 url,75 sntp reliable authentication-ke
