3.6. SNMP Show Command Reference
3.6.1. Command Hierarchies
3.6.2. Command Descriptions
The command outputs in the following section are examples only; actual displays may differ depending on supported functionality and user configuration.
3.6.2.1. Show Commands
counters
Syntax
Context
Description
This command displays SNMP counters information. SNMP counters will continue to increase even when SNMP is shut down. Some internal modules communicate using SNMP packets.
Output
The following example displays SNMP counter information.
Table 43 describes the SNMP counters output fields.
Table 43: Show Counters Output Fields
Label | Description |
in packets | Displays the total number of messages delivered to SNMP from the transport service. |
in gets | Displays the number of SNMP get request PDUs accepted and processed by SNMP. |
in getnexts | Displays the number of SNMP get next PDUs accepted and processed by SNMP. |
in sets | Displays the number of SNMP set request PDUs accepted and processed by SNMP. |
out packets | Displays the total number of SNMP messages passed from SNMP to the transport service. |
out get responses | Displays the number of SNMP get response PDUs generated by SNMP. |
out traps | Displays the number of SNMP Trap PDUs generated by SNMP. |
variables requested | Displays the number of MIB objects requested by SNMP. |
variables set | Displays the number of MIB objects set by SNMP as the result of receiving valid SNMP set request PDUs. |
streaming
Syntax
Context
Description
This command enables the context to display streaming counters information.
counters
Syntax
Context
Description
This command displays counters information for the proprietary SNMP streaming protocol.
Output
The following is an example of SNMP streaming counters information.
Table 44 describes the SNMP streaming counters output fields.
Table 44: Show Streaming Counters Output Fields
Label | Description |
in getTables | Displays the number of GetTable request packets received. |
in getManys | Displays the number of GetMany request packets received. |
out responses | Displays the number of response packets sent. |
information
Syntax
Context
Description
This command lists the SNMP configuration and statistics.
Output
The following displays an example of system information.
Table 45 describes system information output fields.
The following is an output example of the 7950 XRS:
Table 45: Show System Information Output Fields
Label | Description |
System Name | Displays the name configured for the device. |
System Type | Indicates the SR OS platform type (for example, 7750 SR-12). |
Chassis Topology | Indicates the inter-chassis topology mode in which the system is operating. Standalone indicates that the system is comprised of a single physical router chassis. Extended (XRS-40) on a 7950 XRS-based system indicates that two router chassis are connected together in a back-to-back topology with no additional switch fabric chassis. An extended chassis topology is comprised of two XRS-20 chassis and is also known as an XRS-40 system. |
System Contact | Displays the text string that identifies the contact name for the device. |
System Location | Displays the text string that identifies the location of the device. |
System Coordinates | Displays the text string that identifies the system coordinates for the device location. For example, “37.390 -122.0550" is read as latitude 37.390 north and longitude 122.0550 west. |
System Up Time | Displays the time since the last reboot. |
SNMP Port | Displays the port which SNMP sends responses to management requests. |
SNMP Engine ID | Displays the ID for either the local or remote SNMP engine to uniquely identify the SNMPv3 node. |
SNMP Max Message Size | Displays the maximum size SNMP packet generated by this node. |
SNMP Admin State | Enabled — Indicates that SNMP is administratively enabled. |
Disabled — Indicates that administratively disabled. | |
SNMP Oper State | Enabled — Indicates that operationally enabled. |
Disabled — Indicates that operationally disabled. | |
SNMP Index Boot Status | Persistent — Indicates that persistent indexes at the last system reboot was enabled. |
Disabled — Indicates that persistent indexes at the last system reboot was disabled. | |
SNMP Sync State | Displays the state when the synchronization of configuration files between the primary and secondary CPMs finish. |
Telnet/SSH/FTP Admin | Displays the administrative state of the Telnet, SSH, and FTP sessions. |
Telnet/SSH/FTP Oper | Displays the operational state of the Telnet, SSH, and FTP sessions. |
BOF Source | Displays the boot location of the BOF. |
Image Source | primary — Specifies whether the image was loaded from the primary location specified in the BOF. secondary — Specifies whether the image was loaded from the secondary location specified in the BOF. tertiary — Specifies whether the image was loaded from the tertiary location specified in the BOF. |
Config Source | primary — Specifies whether the configuration was loaded from the primary location specified in the BOF. secondary — Specifies whether the configuration was loaded from the secondary location specified in the BOF. tertiary — Specifies whether the configuration was loaded from the tertiary location specified in the BOF. |
Last Booted Config File | Displays the URL and filename of the configuration file used for the most recent boot. |
Last Boot Cfg Version | Displays the version of the configuration file used for the most recent boot. |
Last Boot Config Header | Displays header information of the configuration file used for the most recent boot. |
Last Boot Index Version | Displays the index version used in the most recent boot. |
Last Boot Index Header | Displays the header information of the index used in the most recent boot. |
Last Saved Config | Displays the filename of the last saved configuration. |
Time Last Saved | Displays the time the configuration was most recently saved. |
Changes Since Last Save | Yes — Indicates that the configuration changed since the last save. No — Indicates that the configuration has not changed since the last save. |
Time Last Modified | Displays the time of the last modification. |
Max Cfg/BOF Backup Rev | Indicates the maximum number of backup revisions maintained for a configuration file. This value also applies to the number of revisions maintained for the BOF file. |
Cfg-OK Script | URL — Indicates the location and name of the CLI script file executed following successful completion of the boot-up configuration file execution. N/A — Indicates that no CLI script file is executed. |
Cfg-OK Script Status | Successful/Failed — Indicates the results from the execution of the CLI script file specified in the Cfg-OK Script location. Not used — Indicates that no CLI script file was executed. |
Cfg-Fail Script | URL — Displays the location and name of the CLI script file executed following a failed boot-up configuration file execution. Not used — Indicates that no CLI script file was executed. |
Cfg-Fail Script Status | Successful/Failed — Displays the results from the execution of the CLI script file specified in the Cfg-Fail Script location. Not used — Indicates that the CLI script file was executed. |
Management IP address | Displays the Management IP address of the node. |
DNS Server | Displays the DNS address of the node. |
DNS Domain | Displays the DNS domain name of the node. |
BOF Static Routes | To — Displays the static route destination. Next Hop — Displays the next hop IP address used to reach the destination. Metric — Displays the priority of this static route versus other static routes. None — Indicates that no static routes are configured. |
access-group
Syntax
Context
Description
This command displays access-group information.
Output
The following is an example of access group information.
Table 46 describes the access-group output fields.
Table 46: Show System Security Access-Group Output Fields
Label | Description |
Group name | The access group name. |
Security model | The security model required to access the views configured in this node. |
Security level | Specifies the required authentication and privacy levels to access the views configured in this node. |
Read view | Specifies the view to read the MIB objects. |
Write view | Specifies the view to configure the contents of the agent. |
Notify view | Specifies the view to send a trap about MIB objects. |
No. of access groups | The total number of configured access groups. |
authentication
Syntax
Context
Description
This command displays authentication information.
Output
The following displays an example of authentication information.
Table 47 describes the authentication output fields.
Table 47: Show Authentication Output Fields
Label | Description |
sequence | Displays the authentication order in which password authentication, authorization, and accounting is attempted among RADIUS, TACACS+, and local passwords. |
server address | Displays the address of the RADIUS, TACACS+, or local server. |
status | Displays the status of the server. |
type | Displays the type of server. |
timeout (secs) | Displays the number of seconds the server will wait before timing out. |
retry count | Displays the number of attempts to retry contacting the server. |
radius admin status | Displays the administrative status of the RADIUS protocol operation. |
tacplus admin status | Displays the administrative status of the TACACS+ protocol operation. |
health check | Specifies whether the RADIUS and TACACS+ servers will be periodically monitored. Each server will be contacted every 30 seconds. If in this process a server is found to be unreachable, or a previously unreachable server starts responding, based on the type of the server, a trap will be sent. |
No. of Servers | Displays the total number of servers configured. |
password-options
Syntax
Context
Description
This command displays password options.
Output
The following displays password option information.
Table 48 describes password-options output fields.
Table 48: Show Password-Options Output Fields
Label | Description |
Password aging in days | Number of days a user password is valid before the user must change his password. |
Number of invalid attempts permitted per login | Displays the maximum number of unsuccessful login attempts allowed for a user. |
Time in minutes per login attempt | Displays the time in minutes that user is to be locked out. |
Lockout period (when threshold breached) | Displays the number of minutes the user is locked out if the threshold of unsuccessful login attempts has exceeded. |
Authentication order | Displays the most preferred method to authenticate and authorize a user. |
Configured complexity options | Displays the complexity requirements of locally administered passwords, HMAC-MD5-96, HMAC-SHA-96 and DES-keys configured in the authentication section. |
Minimum password length | Displays the minimum number of characters required in the password. |
per-peer-queuing
Syntax
Context
Description
This command displays the number of queues in use by the Qchip, which in turn is used by PPQ, CPM filter, SAP, and so on.
Output
The following displays per peer queuing information.
Table 49 describes the per-peer-queuing output fields.
Table 49: Show per-peer-queuing Output Fields
Label | Description |
Per Peer Queuing | Displays whether per-peer-queuing is enabled or disabled. When enabled, a peering session is established and the router will automatically allocate a separate CPM hardware queue for that peer. When disabled, no hardware queuing per peer occurs. |
Total Num of Queues | Displays the total number of CPM hardware queues. |
Num of Queues In Use | Displays the number of CPM hardware queues that are in use. |
profile
Syntax
Context
Description
This command displays user profiles for CLI command tree permissions.
Parameters
Output
The following displays an example of profile information.
Table 50 describes the profile output fields.
Table 50: Show Profile Output Fields
Label | Description |
User Profile | default — Displays the action to be given to the user profile if none of the entries match the command. administrative — Specifies the administrative state for this profile. |
Def. Action | none — No action is given to the user profile when none of the entries match the command. permit-all — The action to be taken when an entry matches the command. |
Entry | 10 - 80 — Displays an entry which represents the configuration for a system user. |
Description | A text string describing the entry. |
Match Command | administrative — Enables the user to execute all commands. configure system security — Enables the user to execute the config system security command. enable-admin — Enables the user to enter a special administrative mode by entering the enable-admin command. exec — Enables the user to execute (exec) the contents of a text file as if they were CLI commands entered at the console. exit — Enables the user to execute the exit command. help — Enables the user to execute the help command. logout — Enables the user to execute the logout command. password — Enables the user to execute the password command. show config — Enables the user to execute the show config command. show — Enables the user to execute the show command. show system security — Enables the user to execute the show system security command. |
Action | permit — Enables the user access to all commands. deny-all — Denies the user access to all commands. |
snmp
Syntax
Context
Description
This command enables the context to show SNMP information.
community
Syntax
Context
Description
This command lists SNMP communities and characteristics. Including the community-name parameter modifies the output to include all details for the specified community, including the source IP address list and validation failure counters.
Output
Table 51 describes the community output fields.
 | Note: The system-created communities that begin with “cli-” are only used for internal CLI management purposes and are not exposed to external SNMP access. |
Table 51: Show Community Output Fields
Label | Description |
Community | Displays the community string name for SNMPv1 and SNMPv2c access only. |
Access | Displays access information. r — The community string allows read-only access. rw — The community string allows read-write access. rwa — The community string allows read-write access. mgmt — The unique SNMP community string assigned to the management router. vpls-mgmt — The unique SNMP community string assigned for vpls management. |
View | Displays the view name. |
Version | Displays the SNMP version. |
Group Name | Displays the access group name. |
src-access-list | Displays the name of the list of source IP addresses that are allowed to use the community, as configured using the community configuration command. |
authFailures | Displays the number of SNMP requests that have failed validation using this community. |
No of Communities | Displays the total number of configured community strings. |
src-access-list
Syntax
Context
Description
This command displays source access lists and the hosts for each. Including the list-name parameter modifies the output show only the specified src-access-list.
Output
The following example displays SR access list information.
Table 52 describes the source access list output fields.
Table 52: Show Source Access List Output Fields
Label | Description |
List Name | Displays the name of the src-access-list. |
Host Name | Displays the name of the src-host. |
Host Address | Displays the IP address of the src-host. |
Total Access Lists | Displays the total number of source access lists. |
ssh
Syntax
Context
Description
This command displays all the SSH sessions as well as the SSH status and fingerprint.
Output
The following shows an example of SSH information.
Table 53 describes SSH output fields.
Table 53: Show SSH Output Fields
Label | Description |
SSH status | SSH is enabled — Displays that SSH server is enabled. SSH is disabled — Displays that SSH server is disabled. |
Key fingerprint | The key fingerprint is the server’s identity. Clients trying to connect to the server verify the server's fingerprint. If the server fingerprint is not known, the client may not continue with the SSH session since the server might be spoofed. |
Connection | The IP address of the connected router(s) (remote client). |
Encryption | des — Data encryption using a private (secret) key. 3des — An encryption method that allows proprietary information to be transmitted over untrusted networks. |
Username | The name of the user. |
Number of SSH sessions | The total number of SSH sessions. |
user
Syntax
Context
Description
This command displays user information.
Output
The following shows an example of user information.
Table 54 describes user information output fields.
Table 54: Show User Output Fields
Label | Description |
User ID | Displays the name of a system user. |
Need New PWD | Yes — Specifies that the user must change his password at the next login. No — Specifies that the user is not forced to change his password at the next login. |
User Permission | Console — Specifies whether the user is permitted console or Telnet access. FTP — Specifies whether the user is permitted FTP access. SNMP — Specifies whether the user is permitted SNMP access. |
Password expires | Displays the date on which the current password expires. |
Attempted logins | Displays the number of times the user has attempted to login irrespective of whether the login succeeded or failed. |
Failed logins | Displays the number of unsuccessful login attempts. |
Local Conf. | Y — Indicates that password authentication is based on the local password database. N — Indicates that password authentication is not based on the local password database. |
view
Syntax
Context
Description
This command lists one or all views and permissions in the MIB-OID tree.
Output
The following displays an example of system security views.
Table 55 describes system security view output fields.
Table 55: Show System Security View Output Fields
Label | Description |
View name | Displays the name of the view. Views control the accessibility of a MIB object within the configured MIB view and subtree. |
OID tree | Displays the Object Identifier (OID) value. OIDs uniquely identify MIB objects in the subtree. |
Mask | Displays the mask value and the mask type, along with the oid-value configured in the view command, determines the access of each sub-identifier of an object identifier (MIB subtree) in the view. |
Permission | Included — Specifies to include MIB subtree objects. Excluded — Specifies to exclude MIB subtree objects. |
No. of Views | Displays the total number of configured views. |
Group name | Displays the access group name. |