enable-admin
<global>
See the description for the admin-password command. If the admin-password is configured in the config>system>security>password context, any user can enter a special administrative mode by entering the enable-admin command.
The enable-admin command is in the default profile. By default, all users are given access to this command.
When the enable-admin command is entered, the user is prompted for a password. If the password is correct, the user is given unrestricted access to all commands.
The minimum length of the password is determined by the minimum-length command. The complexity requirements for the password is determined by the complexity command.
The following is an example of a password configuration.
A:ALA-1>config>system>security# info
----------------------------------------------
...
password
aging 365
minimum-length 8
attempts 5 time 5 lockout 20
admin-password "rUYUz9XMo6I" hash
exit
...
----------------------------------------------
A:ALA-1>config>system>security#
Use one of the following options to verify that a user is in the enable-admin mode.
Administrators cab use the show users command to know which users are in this mode.
Enter the enable-admin command again at the root prompt and an error message will be returned.
The following is an example output for the show users command.
A:ALA-1# show users
===============================================================================
User Type From Login time Idle time
===============================================================================
admin Console -- 10AUG2006 13:55:24 0d 19:42:22
admin Telnet 10.20.30.93 09AUG2004 08:35:23 0d 00:00:00 A
-------------------------------------------------------------------------------
Number of users : 2
'A' indicates user is in admin mode
===============================================================================
A:ALA-1#
A:ALA-1# enable-admin
MINOR: CLI Already in admin mode.
A:ALA-1#
back
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command moves the context back one level in the command hierarchy. For example, if the current level is the config router ospf context, the back command moves the cursor to the config router context level.
clear
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command clears statistics for a specified entity, or it clears and resets the entity.
Clears CRON history.
Clears IPv4, IPv6, MAC, and log filter counters.
Clears LAG-related entities.
Closes and reinitializes the log specified by log-id.
Clears port statistics.
Clears QoS statistics.
Clears the RADIUS server state.
Clears router commands affecting the router instance in which they are entered.
Clears the SAA test results.
Clears the console or telnet screen.
Clears service ID and statistical entities.
Clears or re-enables a previously failed reference.
Clears the TACACS+ server state.
Clears the trace log.
echo [text-to-echo] [extra-text-to-echo] [more-text]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command echoes arguments on the command line. The primary use of this command is to allow messages to be displayed to the screen in files executed with the exec command.
Specifies a text string to be echoed up to 256 characters.
Specifies more text to be echoed up to 256 characters.
Specifies more text to be echoed up to 256 characters.
exec [-echo] [-syntax] {filename | [eof_string]}
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command executes the contents of a text file as if they were CLI commands entered at the console.
Exec commands do not have no versions.
The following commands are related to the exec command:
Use this command to configure a URL for a CLI script to exec following a failed configuration boot.
Use this command to configure a URL for a CLI script to exec following a successful configuration boot.
Keyword to echo the contents of the exec file to the session screen as it executes.
Keyword to perform a syntax check of the file without executing the commands. Syntax checking finds invalid commands and keywords, but it will not be able to validate erroneous user-configured parameters.
The text file with CLI commands to execute.
Stdin can be used as the source of commands for the exec command. When stdin is used as the exec command input, the command list is terminated with Ctrl-C, ‟EOF<Return>” or ‟eof_string<Return>”.
If an error occurs entering an exec file sourced from stdin, all commands after the command returning the error will be silently ignored. The exec command will indicate the command error line number when the stdin input is terminated with an end-of-file input.
Specifies the ASCII printable string used to indicate the end of the exec file when stdin is used as the exec file source. Ctrl-C and ‟EOF” can always be used to terminate an exec file sourced from stdin.
exit [all]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command returns to the context from which the current level was entered. For example, if you navigated to the current level on a context by context basis, then the exit command only moves the cursor back one level.
A:Dut-G# configure
A:Dut-G>config# service
A:Dut-G>config>service# vpls 1
A:Dut-G>config>service>vpls# exit
A:Dut-G>config>service# exit
A:Dut-G>config# exit
If you navigated to the current level by entering a command string, then the exit command returns the cursor to the context in which the command was initially entered.
The following is a sample configuration output.
A:Dut-G# configure service vpls 1
A:Dut-G>config>service>vpls# exit
A:Dut-G#
The exit all command moves the cursor all the way back to the root level.
A:Dut-G# configure
A:Dut-G>config# service
A:Dut-G>config>service# vpls 1
A:Dut-G>config>service>vpls# exit all
A:Dut-G#
Keyword to exit back to the root CLI context.
help
help edit
help global
help special-characters
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command provides a brief description of the help system. The following information is displayed:
Help may be requested at any point by hitting a question mark '?'.
In case of an executable node, the syntax for that node will be displayed with an
explanation of all parameters.
In case of sub-commands, a brief description is provided.
Global Commands:
Help on global commands can be observed by issuing "help globals" at any time.
Editing Commands:
Help on editing commands can be observed by issuing "help edit" at any time.
Keyword to display help on editing. The following output displays available editing keystrokes.
Delete current character.....................Ctrl-d
Delete text up to cursor.....................Ctrl-u
Delete text after cursor.....................Ctrl-k
Move to beginning of line....................Ctrl-a
Move to end of line..........................Ctrl-e
Get prior command from history...............Ctrl-p
Get next command from history................Ctrl-n
Move cursor left.............................Ctrl-b
Move cursor right............................Ctrl-f
Move back one word...........................Esc-b
Move forward one word........................Esc-f
Convert rest of word to uppercase............Esc-c
Convert rest of word to lowercase............Esc-l
Delete remainder of word.....................Esc-d
Delete word up to cursor.....................Ctrl-w
Transpose current and previous character.....Ctrl-t
Enter command and return to root prompt......Ctrl-z
Refresh input line...........................Ctrl-l
Keyword to display help on global commands.The following output displays the available global commands.
back - Go back a level in the command tree
echo - Echo the text that is typed in
exec - Execute a file - use -echo to show the commands and
prompts on the screen
exit - Exit to intermediate mode - use option all to exit to
root prompt
help - Display help
history - Show command history
info - Display configuration for the present node
logout - Log off this system
oam + OAM Test Suite
ping - Verify the reachability of a remote host
pwc - Show the present working context
sleep - Sleep for specified number of seconds
ssh - SSH to a host
telnet - Telnet to a host
traceroute - Determine the route to a destination address
tree - Display command tree structure from the context of
execution
write - Write text to another user
Keyword to display help on special characters. Use the following CLI commands to display more information about commands and command syntax:
Lists all commands in the current context.
Lists all commands available in the current context that start with the string.
Displays command syntax and associated keywords.
Completes a partial command name (auto-completion) or list available commands that match the string.
history
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command lists the last 30 commands entered in this session.
Re-execute a command in the history with the !n command, where n is the line number associated with the command in the history output.
For example:
A:ALA-1# history
68 info
69 exit
70 info
71 filter
72 exit all
73 configure
74 router
75 info
76 interface "test"
77 exit
78 reduced-prompt
79 info
80 interface "test"
81 icmp unreachables exit all
82 exit all
83 reduced-prompt
84 configure router
85 interface
86 info
87 interface "test"
88 info
89 reduced-prompt
90 exit all
91 configure
92 card 1
93 card-type
94 exit
95 router
96 exit
97 history
A:ALA-1# !91
A:ALA-1# configure
A:ALA-1>config#
info [detail]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command displays the running configuration for the configuration context.
The output of this command is similar to the output of a show config command. This command, however, lists the configuration of the context where it is entered and all branches below that context level.
By default, the command only enters the configuration parameters that vary from the default values. The detail keyword causes all configuration parameters to be displayed.
Displays all configuration parameters, including parameters at their default values.
logout
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command logs out of the router session.
When the logout command is issued from the console, the login prompt is displayed, and any log IDs directed to the console are discarded. When the console session resumes (regardless of the user), the log output to the console resumes.
When a Telnet session is terminated from a logout command, all log IDs directed to the session are removed. When a user logs back in, the log IDs must be recreated.
password
<ROOT>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command changes a user CLI login password.
When a user logs in after the administrator forces a new-password-at-login, or the password has expired (aging), then this command is automatically invoked.
When this command is invoked, the user is prompted to enter the old password, the new password, and the new password again to verify the correct input.
If a user fails to create a new password after the administrator forces a new-password-at-login or after the password has expired, the user is denied access to the CLI.
ping {ip-address | dns-name} [rapid | detail] [ttl time-to-live] [tos type-of-service] [size bytes] [pattern pattern] [source ip-address] [interval seconds] [{next-hop ip-address} | {interface interface-name} | bypass-routing] [count requests] [do-not-fragment] [router router-instance | service-name service-name] [timeout timeout]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command is the TCP/IP utility to verify IP reachability.
Specifies the remote host to ping. The IP address or the DNS name (if DNS name resolution is configured) can be specified.
The rapid keyword specifies to send ping requests rapidly. The results are reported in a single message, not in individual messages for each ping request. By default, five ping requests are sent before the results are reported. To change the number of requests, include the count option.
The detail keyword includes in the output the interface on which the ping reply was received.
The following is a sample configuration.
*A:ALU-7210# ping 192.xxx.xxx.xxx
PING 192.xxx.xxx.xxx 56 data bytes
64 bytes from 192.xxx.xxx.xxx: icmp_seq=1 ttl=64 time<10ms.
64 bytes from 1192.xxx.xxx.xxx: icmp_seq=2 ttl=64 time<10ms.
64 bytes from 192.xxx.xxx.xxx: icmp_seq=3 ttl=64 time<10ms.
64 bytes from 192.xxx.xxx.xxx: icmp_seq=4 ttl=64 time<10ms.
64 bytes from 192.xxx.xxx.xxx: icmp_seq=5 ttl=64 time<10ms.
---- 192.xxx.xxx.xxx PING Statistics ----
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min < 10ms, avg < 10ms, max < 10ms, stddev < 10ms
*A:ALU-7210#
Specifies the IP Time To Live (TTL) value to include in the ping request, expressed as a decimal integer.
Specifies the type-of-service (TOS) bits in the IP header of the ping packets, expressed as a decimal integer.
Specifies the size in bytes of the ping request packets.
Specifies a 16-bit pattern string to include in the ping packet, expressed as a decimal integer.
Specifies the source IP address to use in the ping requests in dotted-decimal notation.
Specifies the interval in seconds between consecutive ping requests, expressed as a decimal integer.
This option disregards the routing table and will send this packet to the specified next hop address. This address must be on an adjacent router that is attached to a subnet that is common between this and the next-hop router.
Specifies the interface name.
Keyword to send the ping request to a host on a directly attached network bypassing the routing table. The host must be on a directly attached network or an error is returned.
Specifies the number of ping requests to send to the remote host, expressed as a decimal integer.
Specifies that the request frame should not be fragmented. This option is particularly useful in combination with the size parameter for maximum MTU determination.
Specifies the router name or service ID.
Specifies the timeout in seconds.
Specifies a unique service name, up to 64 characters to identify the service.
pwc [previous]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command displays the present or previous working context of the CLI session. The pwc command provides a user who is in the process of dynamically configuring a chassis a way to display the current or previous working context of the CLI session. The pwc command displays a list of the CLI nodes that hierarchically define the current context of the CLI instance of the user.
The following is a sample configuration output.
A:Dut-G>config>service>vpls# pwc
-------------------------------------------------------------------------------
Present Working Context :
-------------------------------------------------------------------------------
<root>
configure
service
vpls 1
-------------------------------------------------------------------------------
A:Dut-G>config>service>vpls#
When the previous keyword is specified, the previous context displays. This is the context entered by the CLI parser upon execution of the exit command. The current context of the CLI is not affected by the pwc command.
Keyword to display the previous present working context.
sleep [seconds]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command causes the console session to pause operation (sleep) for 1 second (default) or for the specified number of seconds.
Specifies the number of seconds for the console session to sleep, expressed as a decimal integer.
ssh [ip-addr | dns-name |username@ip-addr] [-l username] [-v SSH-version] [router router-instance| service-name service-name]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command initiates a client Secure Shell (SSH) session with the remote host and is independent from the administrative or operational state of the SSH server. However, to be the target of an SSH session, the SSH server must be operational.
Quitting SSH while in the process of authentication is accomplished by either executing a Ctrl-C or "~." (tilde and dot), assuming the ‟~” is the default escape character for SSH session.
Specifies the remote host for an SSH session. The IP address or the DNS name (if DNS name resolution is configured) can be specified.
Specifies the username to use when opening the SSH session.
Specifies the router name or service ID.
telnet [ip-address | dns-name] [port] [router router-instance]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command opens a Telnet session to a remote host. Telnet servers in 7210 SAS networks limit a Telnet clients to three login attempts. The Telnet server disconnects the Telnet client session after the third attempt has failed. The number of attempts for a Telnet client session is not user-configurable.
Specifies the IP address or the DNS name (if DNS name resolution is configured).
Specifies the DNS name (if DNS name resolution is configured), up to 128 characters.
Specifies the TCP port number to use to Telnet to the remote host, expressed as a decimal integer.
Specifies the router name or service ID.
traceroute {ip-address | dns-name} [ttl ttl] [wait milliseconds] [no-dns] [source ip-address] [tos type-of-service] [router router-instance]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
The TCP/IP traceroute utility determines the route to a destination address. Aborting a traceroute with the Ctrl-C could require issuing a second Ctrl-C before the prompt is returned.
The following is a sample configuration output.
A:ALA-1# traceroute 192.168.xx.xx4
traceroute to 192.168.xx.xx4, 30 hops max, 40 byte packets
1 192.168.xx.xx4 0.000 ms 0.000 ms 0.000 ms
A:ALA-1#
Specifies the remote address to traceroute. The IP address or the DNS name (if DNS name resolution is configured) can be specified.
Specifies the maximum Time-To-Live (TTL) value to include in the traceroute request, expressed as a decimal integer.
Specifies the time in milliseconds to wait for a response to a probe, expressed as a decimal integer.
Keyword to specify not to perform a DNS lookup for the specified host.
Specifies the source IP address to use as the source of the probe packets in dotted-decimal notation. If the IP address is not one of the device interfaces, an error is returned.
Specifies the type-of-service (TOS) bits in the IP header of the probe packets, expressed as a decimal integer.
Specifies the router name or service ID.
tree [detail]
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command displays the command hierarchy structure from the present working context.
Keyword to include parameter information for each command displayed in the tree output.
write {user | broadcast} message-string
<GLOBAL>
Supported on all 7210 SAS platforms as described in this document, including those operating in access-uplink mode
This command sends a console message to a specific user or to all users with active console sessions.
Specifies the name of a user with an active console session to which to send a console message.
Keyword to send the message-string to all users logged into the router.
Specifies the message string to send. Allowed values are any string up to 250 characters composed of printable, 7-bit ASCII characters. If the string contains special characters (#, $, spaces, and others), the entire string must be enclosed within double quotes.