back
<global>
This command moves the context back one level of the command hierarchy. For example, if the current level is the config router mpls context, the back command moves the cursor to the config router context level.
clear
<global>
This command clears statistics for a specified entity or clears and resets the entity.
reinitializes an I/O module in a specified slot
clears CPM filter
clears CRON history
clears ETH-CFM parameters
accesses external alarms-related clear commands
clears IP filter counters
accesses group encryption-related clear commands
accesses IPSec-related clear commands
accesses LAG-related clear commands
closes and reinitializes the log specified by log-id
reinitializes the specified MDA in a particular slot
reboots managed microwave devices
clears port statistics
clears the RADIUS server state
accesses clear router commands affecting the router instance in which they are entered
clears the SAA test results
clears SCADA statistics
clears the console or Telnet screen
accesses network security-related clear commands
clears service ID and statistical entities
clears (re-enables) a previously failed reference
clears the TACACS+ server state
accesses OAM-related clear statistics commands
accesses test head-related clear commands
clears the trace log
clears and resets the VRRP interface and statistical entities
echo [text-to-echo] [extra-text-to-echo] [more-text]
<global>
This command echoes arguments on the command line. The primary use of this command is to allow messages to be displayed to the screen in files executed with the exec command.
specifies a text string to be echoed, up to 256 characters
specifies more text to be echoed, up to 256 characters
specifies more text to be echoed, up to 256 characters
enable-admin
<global>
This command enables the user to become a system administrator.
The enable-admin command is in the default profile. By default, all users are granted access to this command.
If the admin-password is configured in the config>system>security>password context, any user can enter a special administrative mode by entering the enable-admin command. See the 7705 SAR System Management Guide, ‟Password Commands”, for information about the admin-password command.
After the enable-admin command is entered, the user is prompted for a password. If the password matches, the user is granted unrestricted access to all the commands.
The minimum length of the password is determined by the minimum-length command. The complexity requirements for the password is determined by the complexity command.
The following displays an example of the password command usage.
config>system>security#password
security>password# admin-password test1234 hash
security>password# aging 365
security>password# minimum-length 8
security>password# attempts 5 time 5 lockout 20
security>password# authentication-order radius tacplus local
security>password# enable-admin
Password: test1234
security>password#
The following example displays the password configuration:
ALU-1>config>system>security# info
----------------------------------------------
...
aging 365
minimum-length 8
attempts 5 time 5 lockout 20
admin-password "rUYUz9XMo6I" hash
...
----------------------------------------------
ALU-1>config>system>security#
There are two ways to verify that a user is in the enable-admin mode:
show users – administrator can see which users are in enable-admin mode, as indicated by the "A" on the same line as the username
enter the enable-admin command again at the root prompt and an error message returns
*A:7705:Dut-A# show users
===============================================================================
User Type Login time Idle time
From
===============================================================================
Console -- 0d 01:07:45
--
admin Telnet 23MAR2023 16:08:01 0d 00:01:27
192.168.192.126
bla Telnet 23MAR2023 17:15:11 0d 00:00:00 A
192.168.192.127
-------------------------------------------------------------------------------
Number of users : 2
'A' indicates user is in admin mode
===============================================================================
*A:7705:Dut-A#exec [-echo] [-syntax]{filename| <<[eof-marker-string]}
<global>
This command executes the contents of a text file as if they were CLI commands entered at the console.
Exec commands do not have no versions.
Related commands are:
Use this command to configure a URL for a CLI script to exec following a successful configuration boot.
Use this command to configure a URL for a CLI script to exec following a failed configuration boot.
echoes the contents of the exec file to the session screen as it executes
performs a syntax check of the file without executing the commands. Syntax checking looks for invalid commands and keywords as well as unprintable characters in configured parameters. An error message is displayed if any are found.
the text file with CLI commands to execute
Stdin can be used as the source of commands for the exec command. When stdin is used as the exec command input, the command list is terminated with <Ctrl-c>, ‟EOF<Return>” or ‟eof_string<Return>”.
If an error occurs entering an exec file sourced from stdin, all commands after the command returning the error are silently ignored. The exec command indicates the command error line number when the stdin input is terminated with an end-of-file input.
The ASCII printable string used to indicate the end of the exec file when stdin is used as the exec file source. <Ctrl-c> and ‟EOF” can always be used to terminate an exec file sourced from stdin.
exit [all]
<global>
This command returns to the context from which the current level was entered. For example, if you navigated to the current level on a context by context basis, then the exit command only moves the cursor back one level.
ALU-1# configure
ALU-1>config# router
ALU-1>config>router# mpls
ALU-1>config>router>mpls# exit
ALU-1>config>router# exit
ALU-1>config# exit
If you navigated to the current level by entering a command string, then the exit command returns the cursor to the context in which the command was initially entered.
ALU-1# configure router mpls
ALU-1>config>router>mpls# exit
ALU-1#
The exit all command moves the cursor all the way back to the root level.
ALU-1# configure
ALU-1>config# router
ALU-1>config>router# mpls
ALU-1>config>router>mpls# exit all
ALU-1#
exits back to the root CLI context
help
help edit
help globals
help special-characters
<global>
This command provides a brief description of the help system. The following information is displayed:
Help may be requested at any point by hitting a question mark '?'.
In case of an executable node, the syntax for that node will be displayed with an
explanation of all parameters.
In case of sub-commands, a brief description is provided.
Global Commands:
Help on global commands can be observed by issuing "help globals" at any time.
Editing Commands:
Help on editing commands can be observed by issuing "help edit" at any time.
displays a brief description of the help system
displays help on editing
Available editing keystrokes:
Delete current character.....................Ctrl-d
Delete text up to cursor.....................Ctrl-u
Delete text after cursor.....................Ctrl-k
Move to beginning of line....................Ctrl-a
Move to end of line..........................Ctrl-e
Get prior command from history...............Ctrl-p
Get next command from history................Ctrl-n
Move cursor left.............................Ctrl-b
Move cursor right............................Ctrl-f
Move back one word...........................Esc-b
Move forward one word........................Esc-f
Convert rest of word to uppercase............Esc-c
Convert rest of word to lowercase............Esc-l
Delete remainder of word.....................Esc-d
Delete word up to cursor.....................Ctrl-w
Transpose current and previous character.....Ctrl-t
Enter command and return to root prompt......Ctrl-z
Refresh input line...........................Ctrl-l
displays help on global commands
Available global commands:
back - Go back a level in the command tree
candidate + Commands used for editing candidate configurations
echo - Echo the text that is typed in
enable-admin - Enable the user to become a system administrator
exec - Execute a file - use -echo to show the commands and
prompts on the screen
exit - Exit to intermediate mode - use option all to exit to
root prompt
help - Display help
history - Show command history
logout - Log off this system
mrinfo - Request multicast router information
mstat - Trace multicast path from a source to a receiver and
display multicast packet rate and loss information
mtrace - Trace multicast path from a source to a receiver
oam + OAM Test Suite
ping - Verify the reachability of a remote host
pwc - Show the present working context
sleep - Sleep for specified number of seconds
ssh - SSH to a host
telnet - Telnet to a host
traceroute - Determine the route to a destination address
tree - Display command tree structure from the context of
execution
write - Write text to another user
displays help on special characters
Use the following CLI commands to display more information about commands and command syntax:
lists all commands in the current context
lists all commands available in the current context that start with the string
displays command syntax and associated keywords
completes a partial command name (auto-completion) or lists available commands that match the string
history
<global>
This command lists the last 30 commands entered in this session.
Re-execute a command in the history with the !n command, where n is the line number associated with the command in the history output.
For example:
ALU-1# history
68 info
69 exit
70 info
71 filter
72 exit all
73 configure
74 router
75 info
76 interface "test"
77 exit
79 info
80 interface "test"
81 exit all
82 configure router
83 interface
84 info
85 interface "test"
86 info
87 exit all
88 configure
89 card 1
91 exit
92 router
93 exit
94 history
ALU-1# !88
ALU-1# configure
ALU-1>config#
info [detail] [operational]
configure
This command displays the running configuration for the configuration context. It can be used at any level under configure but not at the top configure level.
The output of this command is similar to the output of a show config command. This command, however, lists the configuration of the context where it is entered and all branches below that context level.
For example:
ALU-1>config>router>mpls# info
------------------------------------------
mpls
interface "system"
exit
interface "to_1/2/1"
label-map 131
pop
no shutdown
exit
exit
static-lsp "to121"
to 10.8.8.8
push 121 nexthop 10.1.3.1
no shutdown
exit
no shutdown
exit
exit
----------------------------------------------
ALU-1>config>router>mpls#
By default, the command only enters the configuration parameters that vary from the default values. The detail keyword causes all configuration parameters to be displayed.
The operational keyword is used to display the operational configuration of the current configuration context when the user is in candidate edit mode. The operational keyword is mandatory when using the info command while in candidate edit mode.
displays all configuration parameters, including parameters at their default values
displays the operational configuration of the current configuration context
logout
<global>
This command logs out of the router session.
When the logout command is issued from the console, the login prompt is displayed and any log IDs directed to the console are discarded. When the console session resumes (regardless of the user), the log output to the console resumes.
When a Telnet session is terminated from a logout command, all log IDs directed to the session are removed. When a user logs back in, the log IDs must be recreated.
password
<ROOT>
This command changes a user CLI login password.
When a user logs in after the administrator forces a new-password-at-login, or the password has expired (aging), then this command is automatically invoked.
When invoked, the user is prompted to enter the old password, the new password, and then the new password again to verify the correct input.
If a user fails to create a new password after the administrator forces a new-password-at-login or after the password has expired, the user is not allowed access to the CLI.
ping {ip-address | dns-name} [rapid | detail] [ttl time-to-live] [tos type-of-service] [size bytes] [pattern pattern] [source ip-address] [interval seconds] [{next-hop ip-address} | {interface interface-name} | bypass-routing] [count requests] [do-not-fragment] [router router-instance | service-name service-name] [timeout timeout] [fc fc-name]
<global>
This command is the TCP/IP utility to verify IP reachability.
the IP address of the remote host to ping
the source IP address to use in the ping requests
this option disregards the routing table and sends this packet to the specified next hop address. This address must be on an adjacent router that is attached to a subnet that is common between this and the next-hop router.
the DNS name (if DNS name resolution is configured) of the remote host to ping
the rapid parameter specifies to send ping requests rapidly. The results are reported in a single message, not in individual messages for each ping request. By default, five ping requests are sent before the results are reported. To change the number of requests, include the count option.
The detail parameter includes in the output the interface on which the ping reply was received.
ALU-1# ping 192.168.xx.xx4 detail
PING 192.168.xx.xx4: 56 data bytes
64 bytes from 192.168.xx.xx4 via fei0: icmp_seq=0 ttl=64 time=0.000 ms.
64 bytes from 192.168.xx.xx4 via fei0: icmp_seq=1 ttl=64 time=0.000 ms.
64 bytes from 192.168.xx.xx4 via fei0: icmp_seq=2 ttl=64 time=0.000 ms.
64 bytes from 192.168.xx.xx4 via fei0: icmp_seq=3 ttl=64 time=0.000 ms.
64 bytes from 192.168.xx.xx4 via fei0: icmp_seq=4 ttl=64 time=0.000 ms.
---- 192.168.xx.xx4 PING Statistics ----
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min/avg/max/stddev = 0.000/0.000/0.000/0.000 ms
ALU-1#
the IP Time To Live (TTL) value to include in the ping request, expressed as a decimal integer
the type-of-service (ToS) bits in the IP header of the ping packets, expressed as a decimal integer
the size in bytes of the ping request packets
16-bit pattern string to include in the ping packet, expressed as a decimal integer
the interval in seconds between consecutive ping requests, expressed as a decimal integer
specifies the interface name
sends the ping request to a host on a directly attached network bypassing the routing table. The host must be on a directly attached network or an error is returned.
the number of ping requests to send to the remote host, expressed as a decimal integer
specifies that the request frame should not be fragmented. This option is particularly useful in combination with the size parameter for maximum MTU determination.
specifies the router name or service ID
specifies the service name, 64 characters maximum
specifies the timeout in seconds
specifies the forwarding class
pwc [previous]
<global>
This command displays the present or previous working context of the CLI session.
The pwc command provides a user who is in the process of dynamically configuring a chassis a way to display the current or previous working context of the CLI session. The pwc command displays a list of the CLI nodes that hierarchically define the current context of the CLI instance of the user.
For example:
A:ALU>config>router>mpls# pwc
----------------------------------------------
Present Working Context :
----------------------------------------------
<root>
configure
router ‟Base”
mpls
----------------------------------------------
A:ALU>config>router>mpls#
When the previous keyword is specified, the previous context is displayed. This is the context entered by the CLI parser upon execution of the exit command. The current context of the CLI is not affected by the pwc command.
displays the previous working context
sleep [seconds]
<global>
This command causes the console session to pause operation (sleep) for 1 second (default) or for the specified number of seconds.
specifies the number of seconds for the console session to sleep, expressed as a decimal integer
ssh host [-l username] [-v ssh-version] [router router-instance | service-name service-name] [re-exchange-min minutes] [re-exchange-mbyte megabytes]
<global>
This command opens a Secure Shell (SSH) session with another host.
This command initiates a client SSH session with the remote host and is independent from the administrative or operational state of the SSH server. However, to be the target of an SSH or SFTP session, the SSH server must be operational.
The command also allows the user to initiate an SSH session with a key re-exchange to occur after a specified number of minutes have passed or a specified number of megabytes have been transmitted. If both parameters are configured, the key re-exchange occurs at whatever limit is reached first. If neither parameter is set, key re-exchange does not occur.
Quitting SSH while in the process of authentication is accomplished by either executing a <Ctrl-c> or "~." (tilde and dot), assuming the ‟~” is the default escape character for the SSH session.
the remote host for an SSH session. The IP address, DNS name (if DNS name resolution is configured), or the username at the IP address can be specified.
For IPv6 addresses, including the ‟-interface” for the link local address is mandatory; otherwise, ‟-interface” is omitted. For example, if the user is alu_admin and the IPv6 hostname consists of 2001:db8:a0b:12f0::1 along with the link local interface ‟ies1_chicago”, the full command would be (note the ‟-” between the ipv6-address and the interface):
ssh -l alu_admin 2001:db8:a0b:12f0::1-ies1_chicago
the username to use when opening the SSH session
the version of the SSH session to use
the router name or service ID
specifies the service name, 64 characters maximum
specifies the time interval after which the SSH client initiates the key re-exchange
specifies the number of megabytes transmitted during an SSH session after which the SSH client initiates the key re-exchange
telnet [ip-address | dns-name] [port] [router router-instance]
telnet [ip-address | dns-name] [port] [service-name service-name]
<global>
This command opens a Telnet session to a remote host.
Telnet servers in 7705 SAR networks limit a Telnet client to three retries to log in. The Telnet server disconnects the Telnet client session after three retries. The number of retry attempts for a Telnet client session is not user-configurable.
the IP address of the remote host
the DNS name (if DNS name resolution is configured) of the remote host
the TCP port number to use to Telnet to the remote host, expressed as a decimal integer
the router name or service ID
specifies the service name, 64 characters maximum
traceroute {ip-address| dns-name} [ttl ttl] [wait milliseconds] [no-dns] [source ip-address] [tos type-of-service] [routerrouter-instance | service-name service-name]
<global>
The TCP/IP traceroute utility determines the route to a destination address. Aborting a traceroute with the <Ctrl-c> command could require issuing a second <Ctrl-c> command before the prompt is returned.
ALU-1# traceroute 192.168.xx.xx4
traceroute to 192.168.xx.xx4, 30 hops max, 40 byte packets
1 192.168.xx.xx4 0.000 ms 0.000 ms 0.000 ms
ALU-1#
the IP address to trace
the DNS name (if DNS name resolution is configured)
the maximum Time-To-Live (TTL) value to include in the traceroute request, expressed as a decimal integer
the time in milliseconds to wait for a response to a probe, expressed as a decimal integer
when the no-dns keyword is specified, a DNS lookup for the specified hostname does not perform
the source IP address to use as the source of the probe packets. If the IP address is not one of the device’s interfaces, an error is returned.
the type-of-service (ToS) bits in the IP header of the probe packets, expressed as a decimal integer
the router name or service ID
specifies the service name, 64 characters maximum
tree [detail] [flat]
<global>
This command displays the command hierarchy structure from the present working context.
includes parameter information for each command displayed in the tree output
displays the command hierarchy on single lines
write {user | broadcast}message-string
<global>
This command sends a console message to a specific user or to all users with active console sessions.
the name of a user with an active console session to which to send a console message
specifies that the message-string is to be sent to all users logged in to the router
the message string to send, up to 250 characters long composed of printable, 7-bit ASCII characters. If the string contains special characters (such as #, $, or spaces), the entire string must be enclosed within double quotes.