This command creates or edits the boot options file (BOF) for the specified local storage device.
A BOF specifies where the system searches for runtime images, configuration files, and other operational parameters during system initialization.
BOF parameters can be modified. Changes can be saved to a specified compact flash. The BOF must be located in the root directory of either an internal or external compact flash local to the system and have the mandatory filename of bof.cfg.
When modifications are made to in-memory parameters that are currently in use or operating, the changes are effective immediately. For example, if the IP address of the CSM Management port is changed, the change takes place immediately.
Only one entry of the BOF configuration command statement can be saved once the statement has been found to be syntactically correct.
When opening an existing BOF that is not the BOF used in the most recent boot, a message is issued notifying the user that the parameters will not affect the operation of the node.
The pound (#) sign is used at the beginning of the File syntax. Using the command file type bof.cfg displays the # character as a comment delimiter at the top of the raw file. No default BOF exists. The router boots with the factory default boot sequence and options.
n/a
This command enables or disables encryption of the BOF (bof.cfg) using the AES256 cipher algorithm.
After the BOF is encrypted, it can still be modified using the BOF interactive menu. Access to the BOF interactive menu is controlled by a password set with the password command.
After BOF encryption is configured, use the bof save command to save the encrypted file.
encrypt off
This command configures a password to access the BOF interactive menu at startup.
After the password is configured, the BOF interactive menu is accessible only when the correct password is entered. If the correct password is not entered within 30 s, the node reboots.
The no form of this command removes the configured password.
no password
If the hash or hash2 parameter is not configured, the password is entered in plaintext and the password length must be between 8 and 32 characters. A plaintext password cannot contain embedded nulls or end with “hash” or “hash2”.
If the hash or hash2 parameter is configured, the password is hashed and the password length must be between 1 and 64 characters.
This command uses the boot option parameters currently in memory and writes them from the BOF to the specified compact flash.
The BOF must be located in the directory of the compact flash drives local to the system and have the mandatory filename of bof.cfg.
The BOF is saved to the compact flash drive associated with the active CSM. The slot name is not case-sensitive. You can use uppercase or lowercase “A” or “B”.
Command usage:
To save the BOF to a compact flash drive associated with the standby CSM (for example, the redundant (standby) CSM is installed in slot B), specify the -A or -B option.
Command usage:
The slot name is not case-sensitive. You can use uppercase or lowercase “A” or “B”.
The bof save and show bof commands allow you to save to or read from the compact flash of the standby CSM. Use the show card command to determine the active and standby CSM (A or B).
saves must be explicitly executed; the BOF is saved to cf3: if a location is not specified
This command configures a pause, in seconds, at the start of the boot process, which allows system initialization to be interrupted at the console.
When system initialization is interrupted, the operator is allowed to manually override the parameters defined in the BOF.
Only one wait command can be defined in the BOF.
3
This command configures the console port baud rate.
When this command is issued while editing the BOF file used for the most recent boot, both the BOF file and the active configuration are changed immediately.
The no form of the command reverts to the default value.
115200 — console configured for 115 200 b/s operation
This command creates a key for configuration file encryption and hashing using the AES256 cipher algorithm. This key is used for all configuration files (primary, secondary, and tertiary).
After creating the encryption key, use the admin save command to save the encrypted file.
Note: If the admin rollback save command is used, the rollback files are also encrypted. |
The no form of this command deletes the configured encryption key.
no encryption-key
If the hash or hash2 parameter is not configured, the key is entered in plaintext and the key length must be between 8 and 32 characters. A plaintext key cannot contain embedded nulls or end with “hash” or “hash2”.
If the hash or hash2 parameter is configured, the key is hashed and the key length must be between 1 and 64 characters.
This command specifies whether the system will preserve system indexes when a save command is executed. During a subsequent boot, the index file is read along with the configuration file. As a result, a number of system indexes are preserved between reboots, including the interface index, LSP IDs, and path IDs. This reduces resynchronizations of the Network Management System (NMS) with the affected network element.
If persist is on and the reboot with the appropriate index file fails, SNMP is operationally shut down to prevent the management system from accessing and possibly synchronizing with a partially booted or incomplete network element. To enable SNMP access, enter the config>system>snmp>no shutdown command.
If persist is enabled and the admin save <url> command is executed with an FTP path used as the <url> parameter, two FTP sessions simultaneously open to the FTP server. The FTP server must be configured to allow multiple sessions from the same login; otherwise, the configuration and index files will not be saved correctly.
Note:
|
off
This command specifies the name and location of the primary configuration file.
The system attempts to use the configuration specified in primary-config. If the specified file cannot be located, the system automatically attempts to obtain the configuration from the location specified in secondary-config and then in tertiary-config.
If an error in the configuration file is encountered, the boot process aborts.
The no form of the command removes the primary-config configuration.
n/a
This command specifies the primary directory location for runtime image file loading.
The system attempts to load all runtime image files configured in the primary-image first. If this fails, the system attempts to load the runtime images from the location configured in the secondary-image. If the secondary image load fails, the tertiary image specified in tertiary-image is used.
The no form of the command removes the primary-image configuration.
n/a
This command specifies the name and location of the secondary configuration file.
The system attempts to use the configuration as specified in secondary-config if the primary config cannot be located. If the secondary-config file cannot be located, the system attempts to obtain the configuration from the location specified in the tertiary-config.
If an error in the configuration file is encountered, the boot process aborts.
The no form of the command removes the secondary-config configuration.
n/a
This command specifies the secondary directory location for runtime image file loading.
The system attempts to load all runtime image files configured in the primary-image first. If this fails, the system attempts to load the runtime images from the location configured in the secondary-image. If the secondary image load fails, the tertiary image specified in tertiary-image is used.
The no form of the command removes the secondary-image configuration.
n/a
This command specifies the name and location of the tertiary configuration file.
The system attempts to use the configuration specified in tertiary-config if both the primary and secondary config files cannot be located. If this file cannot be located, the system boots with the factory default configuration.
If an error in the configuration file is encountered, the boot process aborts.
The no form of the command removes the tertiary-config configuration.
n/a
This command specifies the tertiary directory location for runtime image file loading.
The system attempts to load all runtime image files configured in the primary-image first. If this fails, the system attempts to load the runtime images from the location configured in the secondary-image. If the secondary image load fails, the tertiary image specified in tertiary-image is used.
All runtime image files (both.tim) must be located in the same directory.
The no form of the command removes the tertiary-image configuration.
n/a
This command assigns an IP address to the CSM Management port in the running configuration and the BOF on the active CSM, or the CSM Management port on the standby CSM for systems using redundant CSMs.
Either an IPv4 or IPv6 address can be assigned to the CSM Management port. If an address already exists, it will be overwritten with the new address. If no address exists, a new one will be created.
Before changing an active IPv4 or IPv6 address, you must ensure that:
In previous releases, if an IPv6 address was assigned to the CSM Management port, an IPv4 address was also required on the port. This setup is no longer required; therefore, for configurations with both IPv4 and IPv6 addresses, the IPv4 address can be deleted from the BOF.
The no form of the command deletes the IP address from the CSM Management port.
If you delete an active IPv4 address from the BOF, or you replace an IPv4 address with an IPv6 address, the following must be considered.
If the IPv4 address is removed before any Telnet sessions can be established, Telnet IPv6 servers must be enabled using the config>system>security>telnet6-server command. Refer to the 7705 SAR System Management Guide for the command description.
Caution:
|
no address — there are no IP addresses assigned to CSM Management ports
ipv4-prefix | a.b.c.d |
ipv4-prefix-length | 0 to 30 |
ipv6-prefix | x:x:x:x:x:x:x:x (eight 16-bit pieces) |
x:x:x:x:x:x:d.d.d.d | |
x: [0 to FFFF]H | |
d: [0 to 255]D | |
ipv6-prefix-length | 0 to 126 |
This command enables ADP as part of the boot-up sequence by adding an ADP keyword to the BOF file. ADP will run the next time the chassis is rebooted. You can also use this command to specify an optional unique identifier to use in the automatic discovery broadcast. You can use any unique identifier of up to 16 characters. If you specify mac, the chassis MAC address is used. If you run ADP with 802.1q encapsulation, you can specify the VLAN ID.
This command enables speed and duplex autonegotiation on the CSM Management port in the running configuration and the BOF.
When autonegotiation is enabled, the link attempts to automatically negotiate the link speed and duplex parameters. If autonegotiation is enabled, then the configured duplex and speed parameters are ignored.
The no form of the command disables the autonegotiate feature on this port.
autonegotiate
This command configures the duplex mode of the CSM Management port when autonegotiation is disabled in the running configuration and the BOF.
This configuration command allows for the configuration of the duplex mode of the CSM Management port. If the port is configured to autonegotiate, this parameter will be ignored.
duplex full — full duplex operation
This command is used to enable the node to support security level 1 of Federal Information Processing Standards 140 series, version 2 (FIPS-140-2). This mode limits the use of cryptographic algorithms on both the CSM and data plane to only those that are in accordance with FIPS-140-2. The node must be rebooted after executing this command in order for the node to begin operating in FIPS-140-2 mode.
Caution: Before using this command, the operator must ensure that no current configuration exists in the configuration file that is not supported in FIPS-140-2 mode. Failing to remove unsupported configurations will result in the node being unable to boot up. |
The no form of the command disables support for security level 1 of FIPS-140-2 on the node.
no fips-140-2
This command configures the speed for the CSM Management port when autonegotiation is disabled in the running configuration and the BOF.
If the port is configured to autonegotiate, this parameter is ignored.
100 — 100 Mb/s operation
This command creates a static route entry for the CSM Management port in the running configuration and the BOF.
This command allows manual configuration of static routing table entries. These static routes are only used by traffic generated by the CSM Management port. To reduce configuration, manual address aggregation should be applied where possible.
A static default route (0.0.0.0/0) cannot be configured on the CSM Management port. A maximum of 10 IPv4 and 10 IPv6 static routes can be configured on the CSM Management port.
Each unique next hop of active static routes configured on both the active and standby CSM Management ports are tested every 60 seconds. If the next hop is unreachable, an alarm is raised. The alarm condition is cleared when the preferred static route becomes reachable.
The no form of the command deletes the static route.
n/a
This command configures the domain name used when performing DNS address resolution.
This is a required parameter if DNS address resolution is required. Only a single domain name can be configured. If multiple domain statements are configured, the last one encountered is used.
The no form of the command removes the domain name from the configuration.
no dns-domain — no DNS domain name is configured
This command configures the primary DNS server used for DNS name resolution.
DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.
The no form of the command removes the primary DNS server from the configuration.
no primary-dns — no primary DNS server is configured
This command configures the secondary DNS server for DNS name resolution.
The secondary DNS server is used only if the primary DNS server does not respond.
DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.
The no form of the command removes the secondary DNS server from the configuration.
no secondary-dns — no secondary DNS server is configured
This command configures the tertiary DNS server for DNS name resolution.
The tertiary DNS server is used only if the primary DNS server and the secondary DNS server do not respond.
DNS name resolution can be used when executing ping, traceroute, and service-ping, and also when defining file URLs. DNS name resolution is not supported when DNS names are embedded in configuration files.
The no form of the command removes the tertiary DNS server from the configuration.
no tertiary-dns — no tertiary DNS server is configured
Note: The following command outputs are examples only; actual displays may differ depending on supported functionality and user configuration. |
This command displays the BOF executed on the last system boot or on the specified device.
If no device is specified, the BOF used in the last system boot displays. If the BOF has been modified since the system boot, a message displays.
The following outputs are examples of BOF information, and Table 24 describes the fields.
Label | Description |
primary-image | The primary location of the directory that contains the runtime images of the CSM |
primary-config | The primary location of the file that contains the configuration |
encryption-key | The encrypted encryption key |
password | The encrypted password |
address | The IP address and mask associated with the CSM Management port or the secondary CSM Management port |
primary-dns | The primary DNS server for resolution of host names to IP addresses |
secondary-dns | The secondary DNS server for resolution of host names to IP addresses |
tertiary-dns | The tertiary DNS server for resolution of host names to IP addresses |
dns-domain | The domain name used when performing DNS address resolution |
static-route | The static route entry for the CSM Management port in the running configuration and the BOF |
autonegotiate | no autonegotiate — autonegotiate is not enabled |
autonegotiate — autonegotiate is enabled | |
duplex | half — specifies that the system uses half duplex |
full — specifies that the system uses full duplex | |
speed | The speed of the CSM Ethernet interface |
wait | The time configured for the boot to pause while waiting for console input |
persist | Indicates whether the system will preserve system indexes when a save command is executed |
fips-140-2 | Indicates whether FIPS-140-2 is enabled on the node |
console speed | The console port baud rate |
encrypt | on — BOF encryption is enabled |
off — BOF encryption is not enabled |
This command displays boot messages generated during the last system boot.
The following output is an example of boot messages.