See the description for the admin-password command. If the admin-password is configured in the config>system>security>password context, then any user can enter a special administrative mode by entering the enable-admin command.
The enable-admin command is in the default profile. By default, all users are given access to this command.
Once the enable-admin command is entered, the user is prompted for a password. If the password matches, the user is given unrestricted access to all the commands.
The minimum length of the password is determined by the minimum-length command. The complexity requirements for the password is determined by the complexity command.
The following displays an example of the password command usage.
The following example displays the password configuration:
There are two ways to verify that a user is in the enable-admin mode:
This command moves the context back one level of the command hierarchy. For example, if the current level is the config router mpls context, the back command moves the cursor to the config router context level.
This command clears statistics for a specified entity or clears and resets the entity.
This command echoes arguments on the command line. The primary use of this command is to allow messages to be displayed to the screen in files executed with the exec command.
This command executes the contents of a text file as if they were CLI commands entered at the console.
Exec commands do not have no versions.
Related commands are:
If an error occurs entering an exec file sourced from stdin, all commands after the command returning the error will be silently ignored. The exec command will indicate the command error line number when the stdin input is terminated with an end-of-file input.
This command returns to the context from which the current level was entered. For example, if you navigated to the current level on a context by context basis, then the exit command only moves the cursor back one level.
If you navigated to the current level by entering a command string, then the exit command returns the cursor to the context in which the command was initially entered.
The exit all command moves the cursor all the way back to the root level.
This command provides a brief description of the help system. The following information is displayed:
Available editing keystrokes:
Available global commands:
Use the following CLI commands to display more information about commands and command syntax:
This command lists the last 30 commands entered in this session.
Re-execute a command in the history with the !n command, where n is the line number associated with the command in the history output.
For example:
This command displays the running configuration for the configuration context.
The output of this command is similar to the output of a show config command. This command, however, lists the configuration of the context where it is entered and all branches below that context level.
For example:
By default, the command only enters the configuration parameters that vary from the default values. The detail keyword causes all configuration parameters to be displayed.
This command logs out of the router session.
When the logout command is issued from the console, the login prompt is displayed and any log IDs directed to the console are discarded. When the console session resumes (regardless of the user), the log output to the console resumes.
When a Telnet session is terminated from a logout command, all log IDs directed to the session are removed. When a user logs back in, the log IDs must be recreated.
This command changes a user CLI login password.
When a user logs in after the administrator forces a new-password-at-login, or the password has expired (aging), then this command is automatically invoked.
When invoked, the user is prompted to enter the old password, the new password, and then the new password again to verify the correct input.
If a user fails to create a new password after the administrator forces a new-password-at-login or after the password has expired, the user is not allowed access to the CLI.
This command is the TCP/IP utility to verify IP reachability.
The detail parameter includes in the output the interface on which the ping reply was received.
This command displays the present or previous working context of the CLI session.
The pwc command provides a user who is in the process of dynamically configuring a chassis a way to display the current or previous working context of the CLI session. The pwc command displays a list of the CLI nodes that hierarchically define the current context of the CLI instance of the user.
For example:
When the previous keyword is specified, the previous context is displayed. This is the context entered by the CLI parser upon execution of the exit command. The current context of the CLI is not affected by the pwc command.
This command causes the console session to pause operation (sleep) for 1 second (default) or for the specified number of seconds.
This command opens a Secure Shell (SSH) session with another host.
This command initiates a client SSH session with the remote host and is independent from the administrative or operational state of the SSH server. However, to be the target of an SSH session, the SSH server must be operational.
Quitting SSH while in the process of authentication is accomplished by either executing a <Ctrl-c> or "~." (tilde and dot) assuming the “~” is the default escape character for the SSH session.
For IPv6 addresses, including the “-interface” for the link local address is mandatory; otherwise, “-interface” is omitted. For example, if the user is alu_admin and the IPv6 hostname consists of FE80::9876:DEEF:154D along with the link local interface “ies1_chicago”, then the full command would be (note the “-” between the ipv6-address and the interface):
ssh -l alu_admin FE80::9876:DEEF:154D-ies1_chicago
This command opens a Telnet session to a remote host.
Telnet servers in 7705 SAR networks limit a Telnet client to three retries to log in. The Telnet server disconnects the Telnet client session after three retries. The number of retry attempts for a Telnet client session is not user-configurable.
The TCP/IP traceroute utility determines the route to a destination address. Note that aborting a traceroute with the <Ctrl-c> command could require issuing a second <Ctrl-c> command before the prompt is returned.
This command displays the command hierarchy structure from the present working context.
This command sends a console message to a specific user or to all users with active console sessions.
This command enables the substitution of a command line by an alias.
Use the alias command to create alternative names for an entity or command string that are easier to understand and remember. If the string contains special characters (#, $, spaces, etc.), the entire string must be enclosed within double quotes. Only a single command can be present in the command string.
The alias command can be entered in any context but must be created in the root>environment context.
For example, to create an alias named soi to display MPLS interfaces, enter:
alias soi “show router mpls interface”
By default, the create command is required to create a new OS entity.
The no form of the command disables requiring the create keyword.
create
This command enables per-screen CLI output, meaning that the output is displayed on a screen-by-screen basis. The terminal screen length can be modified with the terminal command.
The following prompt appears at the end of each screen of paginated output:
The no form of the command displays the output all at once. If the output length is longer than one screen, the entire output will be displayed, which may scroll the screen.
more
This command configures the maximum number of higher CLI context levels to display in the CLI prompt for the current CLI session. This command is useful when configuring features that are several node levels deep, which can cause the CLI prompt to become too long.
By default, the CLI prompt displays the system name and the complete context in the CLI.
The number of nodes specified indicates the number of higher-level contexts that can be displayed in the prompt.
For example, if reduced-prompt is set to 2, the two highest contexts from the present working context are displayed by name with the hidden (reduced) contexts compressed into a ellipsis (“…”).
Note that the setting is not saved in the configuration. It must be reset for each CLI session or stored in an exec script file.
The no form of the command reverts to the default.
no reduced-prompt
This command enables a saved indicator in the prompt. When changes are made to the configuration file, a “*” appears in the prompt string indicating that the changes have not been saved. When an admin save command is executed, the “*” disappears.
This command enables the context to configure the terminal screen length for the current CLI session.
This command sets the terminal screen length (number of lines).
24 — terminal dimensions are set to 24 lines long by 80 characters wide
This command displays timestamps in the CLI session based on local time or Coordinated Universal Time (UTC).
The system keeps time internally in UTC and is capable of displaying the time in either UTC or local time based on the time zone configured.
This configuration command is only valid for times displayed in the current CLI session. This includes displays of event logs, traps and all other places where a timestamp is displayed.
In general, all timestamps are shown in the time selected. This includes log entries destined for console/session, memory, or SNMP logs. Log files on compact flash are maintained and displayed in UTC format.
time-display local
This command displays timestamps before the CLI prompt, indicating the last time that the command was completed. The date and time are displayed; the time format is either local or UTC, depending on how it was set with the time-display command.
no time-stamp
This command enables the context to configure criteria to monitor IP filter statistics.
This command enables IP filter monitoring. The statistical information for the specified IP filter entry is displayed at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified IP filter. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of statistical information for the specified IP filter entry.
This command enables IPv6 filter monitoring. The statistical information for the specified IPv6 filter entry is displayed at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified IPv6 filter. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
This command enables the context to configure criteria to monitor management access filters. Management access filters control all traffic. They can be used to restrict management of the 7705 SAR by other nodes outside specific (sub)networks or through designated ports.
This command enables IP filter monitoring. The statistical information for the specified IP filter entry is displayed at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified IP filter. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
This command enables IPv6 filter monitoring. The statistical information for the specified IPv6 filter entry is displayed at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified IPv6 filter. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
This command enables port traffic monitoring. The specified port(s) statistical information is displayed at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified port(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta. The percentage of the port being used is also displayed. For Ethernet ports, the usage includes inter-frame gap and preamble.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of statistical information about the port.
This command enables the context to configure criteria to monitor statistical information for LDP and MPLS protocols.
This command displays statistical information for LDP sessions at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified LDP session(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of statistical information the LDP session.
This command displays statistics for an LDP instance at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the LDP statistics. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The following output is an example of statistics for an LDP instance.
This command monitors statistics for a PIM source group.
This command displays statistical RIP neighbor information at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the specified RIP neighbor(s). The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output. When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
This command displays statistics for a VRRP instance.
This command enables the context to configure criteria to monitor specific service SAP criteria.
This command displays statistics for a specific service, specified by the service-id, at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the service-id. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
This command displays statistics for a SAP associated with this service.
This command displays statistics for a specific SAP, identified by the port ID and encapsulation value, at the configured interval until the configured count is reached.
The first screen displays the current statistics related to the SAP. The subsequent statistical information listed for each interval is displayed as a delta to the previous screen output.
When the keyword rate is specified, the rate per second for each statistic is displayed instead of the delta.
Monitor commands are similar to show commands, but only statistical information is displayed. Monitor commands display the selected statistics according to the configured number of times at the interval specified.
The sap-id can be configured in one of the formats described in Table 11. The range of values for the parameters follow the table.
Type | Syntax | Example |
port-id | slot/mda/port[.channel] | 1/1/5 |
bridge | slot/mda/<bridge-id.branch-id> | 1/5/16.10 |
null | [port-id | bundle-id | lag-id | aps-id | mw-link-id] | port-id: 1/1/3 bundle-id: bundle-ppp-1/1.1 lag-id: lag-1 aps-id: aps-1 mw-link-id: mw-link-1 |
dot1q | [port-id | lag-id | aps-id | mw-link-id]:qtag1 | port-id:qtag1: 1/1/3:100 lag-id: lag-1:10 aps-id: aps-1 mw-link-id: mw-link-1 |
qinq | [port-id | lag-id]:qtag1.qtag2 | port-id:qtag1.qtag2: 1/1/3:100.30 lag-id: lag-1:10.10 |
atm | [port-id | aps-id][:vpi/vci | vpi | vpi1.vpi2] 1 | port-id: 1/1/1 or 1/1/1.1 (for T1/E1 channelized ports) aps-id: aps-1 vpi/vci: 16/26 vpi: 16 vpi1.vpi2: 16.22 |
lag | lag-id | lag-2 |
frame | [port-id| aps-id]:dlci | 1/1/1 aps-id: aps-1 dlci: 16 |
frame relay | [port-id]:dlci | 1/1/1 dlci: 16 |
cisco-hdlc | slot/mda/port.channel | 1/1/1.3 |
cem | slot/mda/port.channel | 1/1/1.3 |
ima-grp | bundle-id[:vpi/vci | vpi | vpi1.vpi2] | 1/1/3.1 |
ipcp | slot/mda/port.channel | 1/2/2.4 |
hdlc | slot/mda/port.channel | 1/1/3.1 |
lag-id | lag-id | lag-1 |
mw-link-id | mw-link-id | mw-link-1 |
aps-id | aps-group-id[.channel] | aps-1 |
bundle-id | bundle-[ima | ppp]-slot/mda.bundle-num | bundle-ima-1/1.1 |
tunnel-id | tunnel-<id>.[private | public]:<tag> | tunnel-1.private:1 |
Note:
null | [port-id | bundle-id | lag-id | aps-id | mw-link-id] | |
dot1q | [port-id | lag-id | aps-id | mw-link-id]:qtag1 | |
qinq | [port-id | lag-id]:qtag1.qtag2 | |
atm | [port-id | aps-id][:vpi/vci |vpi | vpi1.vpi2] | |
frame | [port-id | aps-id]:dlci | |
cisco-hdlc | slot/mda/port.channel | |
cem | slot/mda/port.channel | |
ipcp | slot/mda/port.channel | |
ima-grp | bundle-id[:vpi/vci | vpi | vpi1.vpi2] | |
hdlc | slot/mda/port.channel | |
port-id | slot/mda/port[.channel] | |
bridge | slot/mda/bridge-id.branch-id bridge-id 1 to 16 branch-id 1 to 32 | |
bundle-id | bundle-type-slot/mda.bundle-num bundle keyword type ima, ppp bundle-num 1 to 32 | |
aps-id | aps-group-id[.channel] aps keyword group-id 1 to 24 | |
mw-link-id | mw-link-id id 1 to 24 | |
lag-id | lag-id lag keyword id 1 to 16 | |
qtag1 | *, 0 to 4094 | |
qtag2 | *, 0 to 4094 | |
vpi | NNI 0 to 4095 UNI 0 to 255 | |
vci | 1, 2, 5 to 65535 | |
dlci | 16 to 1022 | |
tunnel-id | tunnel-id.[private | public]:tag tunnel keyword id 1 to 16 (1 is the only valid value) tag 0 to 4094 |
If the card in the slot has an adapter card installed, the port-id must be in the slot_number/MDA_number/port_number format. For example, 1/2/3 specifies port 3 on MDA 2 in slot 1.
The port-id must reference a valid port type. When the port-id parameter represents TDM channels, the port ID must include the channel ID. A period “.” separates the physical port from the channel-id. The port must be configured as an access port.
bridge-id value range: 1 to 16
branch-id value range: 1 to 32
bundle-id: bundle-type-slot/mda.bundle-num
type: ima, ppp
bundle-num: 1 to 32
For example:
Port Type | Encap-Type | Allowed Values | Comments |
Ethernet | Null | — | The SAP is identified by the port. |
Ethernet | Dot1q | *, 0 to 4094 | The SAP is identified by the 802.1Q tag on the port. Note that a 0 qtag1 value also accepts untagged packets on the dot1q port, and that a * qtag1 value accepts any VLAN ID that is not specifically configured on the port. 1 |
Ethernet | QinQ | *, 0 to 4094 | The SAP is identified by the two 802.1Q tags on the port. Note that a 0 qtag1 or qtag 2 value also accepts untagged packets on the qinq port, and that a * qtag1 or qtag2 value accepts any VLAN ID that is not specifically configured on the port. 1 |
Note:
This command displays the statistics for the specified SAP aggregation group that is associated with the service.
The following output is an example of statistics for a SAP aggregation group.
This command displays statistics for an SDP binding associated with this service.
The following output is an example of statistics for the SDP binding associated with the service.
This command displays a list of existing aliases.
The following output is an example of alias information, and Table 13 describes the fields.
Label | Description |
Alias-Name | Displays the name of the alias |
Alias-command-name | The command and parameter syntax that define the alias |
Number of aliases | The total number of aliases configured on the router |