COMMAND
SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry <community-name> snmpCommunityName <community-name> snmpCommunitySecurityName <community-name>
DESCRIPTION Configure an SNMP community.
ARGUMENTS
EXAMPLE
Configure the SNMP community name to be test_community:
syscon-1-active(config)# SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry test_community snmpCommunityName test_community snmpCommunitySecurityName test_community
COMMAND
SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry <vacmSecurityModel> <community_name> vacmGroupName <group-name>
DESCRIPTION Configure SNMP VIEW BASED ACM for the given community. This configuration maps a combination of securityModel and securityName into a groupName, which is used to define an access control policy for a group of principals.
ARGUMENTS
1 for SNMP v1, and the default value is 2 for SNMP v2c.Note: Use group-name as read-access while configuring the SNMP VACM.
EXAMPLES
Configure the SNMP v2c VACM read access group for community test_community:
syscon-1-active(config)# SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry 2 test_community vacmGroupName read-access
Configure the SNMP v1 VACM read access group for community test_community:
syscon-1-active(config)# SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry 1 test_community vacmGroupName read-access
IMPORTANT: To enable SNMP Traps, a DUT is required when configuring with snmpNotifyTable, snmpTargetParamsTable, and snmpTargetAddrTable, as shown below.
COMMAND
SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry <snmpNotifyName> snmpNotifyTag <snmpNotifyName> snmpNotifyType trap
DESCRIPTION Configure the SNMP NOTIFICATION MIB Table. This table is used to select management targets that should receive notifications, as well as the type of notification that should be sent to each selected management target.
ARGUMENTS
EXAMPLE
Configure the SNMP NOTIFICATION MIB entry to be v2_trap for trap notifications:
syscon-1-active(config)# SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry v2_trap snmpNotifyTag v2_trap snmpNotifyType trap
COMMAND
SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry <snmpTargetParamsName> snmpTargetParamsMPModel <snmpTargetParamsMPModel> snmpTargetParamsSecurityModel <snmpTargetParamsSecurityModel> snmpTargetParamsSecurityName <snmpTargetParamsSecurityName> snmpTargetParamsSecurityLevel <snmpTargetParamsSecurityLevel>
DESCRIPTION Configure the SNMP-TARGET-MIB snmpTargetParamsTable. This table is used in the generation of SNMP messages.
ARGUMENTS
**Note:** snmpTargetParamsMPModel = SNMPv1(0), SNMPv2c(1)
**Note:** snmpTargetParamsSecurityModel = ANY(0), SNMPv1(1), SNMPv2c(2)
**Note:** This must be one of the configured SNMP communities.
**Note:** This must be `noAuthNoPriv` for SNMP v1 and v2c.
EXAMPLES
Configure the SNMP snmpTargetParamsTable to be group2 for SNMP v2 model with test_community:
syscon-1-active(config)# SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry group2 snmpTargetParamsMPModel 1 snmpTargetParamsSecurityModel 2 snmpTargetParamsSecurityName test_community snmpTargetParamsSecurityLevel noAuthNoPriv
Configure the SNMP snmpTargetParamsTable to be group1 for SNMP v1 model with test_community:
syscon-1-active(config)# SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry group1 snmpTargetParamsMPModel 0 snmpTargetParamsSecurityModel 1 snmpTargetParamsSecurityName test_community snmpTargetParamsSecurityLevel noAuthNoPriv
COMMAND
SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry <snmpTargetAddrName> snmpTargetAddrTDomain <snmpTargetAddrTDomain> snmpTargetAddrTAddress <snmpTargetAddrTAddress> snmpTargetAddrTagList <snmpTargetAddrTagList> snmpTargetAddrParams <snmpTargetAddrParams>
DESCRIPTION Configure the SNMP-TARGET-MIB snmpTargetAddrTable This table is used to select management targets that should receive notifications, as well as the type of notification that should be sent to each selected management target.
ARGUMENTS
**Note:** Use OID 1.3.6.1.6.1.1 for IPv4 and 1.3.6.1.2.1.100.1.2 for IPv6.
**Note:**
For an IPv4 address, the value should be ipv4 + port (6 dot-separated octets).
For an IPv6 address, the value should be ipv6 + port (18 dot-separated octets).
**Note:** This value must be one of the configured snmpNotifyTable rows (snmpNotifyName).
EXAMPLES
Configure the SNMP snmpTargetAddrTable to be v2_trap with IPv4 address x.x.x.x and port 6011:
Port Octet Conversion:
6011 >> 8 = 23 (1st octet)
6011 & 255 = 123 (2nd octet)
syscon-1-active(config)# SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry v2_trap snmpTargetAddrTDomain 1.3.6.1.6.1.1 snmpTargetAddrTAddress x.x.x.x.23.123 snmpTargetAddrTagList v2_trap snmpTargetAddrParams group2
Configure the SNMP snmpTargetAddrTable to be v1_trap with IPv4 address x.x.x.x and port 6011:
syscon-1-active(config)# SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry v1_trap snmpTargetAddrTDomain 1.3.6.1.6.1.1 snmpTargetAddrTAddress x.x.x.x.23.123 snmpTargetAddrTagList v1_trap snmpTargetAddrParams group1
COMMAND abort
DESCRIPTION Abort a configuration session.
ARGUMENTS This command has no arguments.
COMMAND annotate
DESCRIPTION Associate an annotation (comment) with a given configuration or validation statement or pattern. To remove an annotation, leave the text empty.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND commit
DESCRIPTION Commit the current set of changes to the running configuration.
ARGUMENTS
persist-id <id> argument.commit confirmed command is issued before the timeout expires, then the configuration is reverted to the configuration that was active before the commit confirmed command was issued. If no timeout is given, then the confirming commit has a timeout of 10 minutes. The configuration session will be terminated after this command since no further editing is possible.
The confirming commit will be rolled back if the CLI session is terminated before confirming the commit, unless the persist argument is also given. If the persist command is given, then the CLI session can be terminated and a later session can confirm the pending commit by supplying the persist token as an argument to the commit command using the persist-id argument.persist-id argument.persist-id argument. Include the persist-id option and specify the same persist token id, to modify the ongoing confirming commit process. This enables you to cancel an ongoing persist commit operation or extend the timeout.COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND copy
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND describe
DESCRIPTION Display detailed information about a command.
ARGUMENTS
COMMAND do
DESCRIPTION Run a command in operational (user) mode.
ARGUMENTS
COMMAND end
DESCRIPTION Exit configuration mode. If no changes have been made to the configuration, you are prompted to save before exiting configuration mode.
ARGUMENTS
COMMAND exit
DESCRIPTION Exit from the current mode in the configuration or exit configuration mode completely.
ARGUMENTS
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND insert
DESCRIPTION Insert a parameter or element.
ARGUMENTS
COMMAND move
DESCRIPTION Move an element or parameter.
ARGUMENTS
COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND resolved
DESCRIPTION Indicate that conflicts have been resolved.
ARGUMENTS This command has no arguments.
COMMAND revert
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND rollback
DESCRIPTION Returns the configuration to a previously committed configuration.
ARGUMENTS
EXAMPLES
Return to the configuration changes made in rollback versions 0 and 1:
syscon-1-active# rollback configuration 1
Return to the configuration changes made only in rollback version 1:
syscon-1-active# rollback selective 1
COMMAND show
DESCRIPTION Display a specified parameter.
ARGUMENTS
COMMAND tag
DESCRIPTION Configure statement tags.
ARGUMENTS
COMMAND top
DESCRIPTION Exit to the top level of the configuration hierarchy. You can optionally run a command after exiting to the top level.
ARGUMENTS
COMMAND validate
DESCRIPTION
Verify that the candidate configuration contains no errors. This performs the same operation as commit check.
ARGUMENTS This command has no arguments.
COMMAND components
DESCRIPTION
Configure properties for hardware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
warning. Available options, in decreasing order of severity, are:EXAMPLES
Configure the PSU redundancy mode to be n+n:
syscon-1-active(config)# components component chassis psu config redundancy-mode n+n
Configure the severity level for the n+n PSU redundancy mode to be error:
syscon-1-active(config)# components component chassis psu config severity error redundancy-mode n+n
COMMAND file config concurrent-operations-limit
DESCRIPTION Specify how many concurrent file operations are allowed at a time.
ARGUMENTS
EXAMPLE
Limit the number of concurrent file operations to 10:
syscon-1-active# file config concurrent-operations-limit 10
COMMAND file known-hosts known-host
DESCRIPTION Add the IP address (and therefore, the public key) of a specified remote-host to the system known_hosts file.
ARGUMENTS
COMMAND file import
DESCRIPTION
Transfer a remote file to the system controller. These directories are available for use for file import operations on the system controller:
ARGUMENTS
EXAMPLE
Transfer a file named myfile.iso from the remote host files.company.com on port 443 to the images/staging directory on the system controller:
syscon-1-active# file import local-file images/staging remote-file images/myfile.iso remote-host files.company.com remote-port 443
result File transfer is initiated.(images/staging/myfile.iso)
COMMAND file export
DESCRIPTION
Transfer a file from a system controller to a remote system. These directories are available for use for file export operations on the system controller:
EXAMPLE
Transfer a file named velos.log from the local host to the /home/jdoe/ directory at files.company.com, using the username jdoe:
syscon-1-active# file export local-file log/controller/velos.log remote-host files.company.com remote-file home/jdoe/velos.log username jdoe password
Value for 'password' (<string>): *********
result File transfer is initiated.(log/controller/velos.log)
COMMAND file delete
DESCRIPTION
Delete a specified file from the system controller. You can use file delete only on files in the diags/shared directory.
ARGUMENTS
EXAMPLE
Delete a specified QKView file from the system:
syscon-1-active# file delete file-name diags/shared/qkview/controller-1-76ee7548-786d-11eb-a48b-12345a000007-qkview.tar.gz
result Deleting the file
COMMAND file transfer-status
DESCRIPTION Display the status of file transfer operations.
ARGUMENTS
EXAMPLE
Check the status of file transfers:
syscon-1-active# file transfer-status
result
S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status
1 |Import file|HTTPS |images/staging/myfile.iso |files.company.com |images/myfile.iso |In Progress (15.0%)
COMMAND file list
DESCRIPTION Display a list of directories and files in a specified path.
ARGUMENTS
EXAMPLE
Display a list of files in images/staging:
syscon-1-active# file list path images/staging
entries {
name
F5OS-C-1.2.0-1234.CONTROLLER.CANDIDATE.iso
F5OS-C-1.2.0-1234.PARTITION.CANDIDATE.iso
}
COMMAND file show
DESCRIPTION Display the contents of a specified file.
ARGUMENTS
EXAMPLE
Display the contents of the file log/controller/velos.log:
syscon-1-active# file show log/controller/velos.log
2021-02-26T09:57:57-08:00 localhost.localdomain notice boot_marker: ---==={ BOOT-MARKER }===---
2021-02-26T09:59:04-08:00 controller-1.chassis.local notice boot_marker: ---==={ BOOT-MARKER }===---
2021-02-26T18:08:59.060702+00:00 controller-1 vcc-lacpd[10]: priority="Info" version=1.0 msgid=0x3301000000000040 msg="LACPD starting.".
2021-02-26T18:08:59.061370+00:00 controller-1 alert-service[8]: priority="Notice" version=1.0 msgid=0x2201000000000001 msg="Alert Service Starting..." version="3.4.9" date="Fri Nov 20 00:40:14 2020".
2021-02-26T18:08:59.061371+00:00 controller-1 /usr/bin/authd[8]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
2021-02-26T18:08:59.061401+00:00 controller-1 alert-service[8]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
2021-02-26T18:08:59.061469+00:00 controller-1 alert-service[8]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
2021-02-26T18:08:59.061639+00:00 controller-1 alert-service[8]: priority="Info" version=1.0 msgid=0x6602000000000006 msg="DB state monitor started".
...
COMMAND file tail
DESCRIPTION Display only the last 10 lines of a specified file.
ARGUMENTS
EXAMPLES
Display only the last 10 lines of log/controller/velos.log:
syscon-1-active# file tail log/controller/velos.log
2021-03-15T19:30:06+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:06+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:10+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:12+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:16+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:16+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:20+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:22+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
Display the last 10 lines of log/controller/velos.log and keep appending output as the file grows:
syscon-1-active# file tail -f log/controller/velos.log
2021-03-15T19:30:06+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:06+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:10+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:12+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:16+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:16+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:20+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:22+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
Display only the last five lines of log/controller/velos.log:
syscon-1-active# file tail -n 5 log/controller/velos.log
2021-03-15T19:30:16+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:30:20+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:30:22+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=3 dest="tcp://localhost:1046".
2021-03-15T19:34:54+00:00 controller-1 alert-service[7]: priority="Notice" version=1.0 msgid=0x2201000000000021 msg="Sending POST_LOP_OBJECT_LED_ALARM_SEVERITY." func="postAlertLedSeverity" severity=6 dest="tcp://localhost:1046".
COMMAND image controller remove iso
DESCRIPTION Remove a specified ISO version from the system controller.
ARGUMENTS
EXAMPLE
Remove the ISO named 1.2.0-3456 from the system controller:
syscon-1-active(config)# image controller remove iso 1.2.0-3456
COMMAND image controller remove os
DESCRIPTION Remove a specified OS version from the system controller.
ARGUMENTS
EXAMPLE
Remove the OS version named 1.2.0-3456 from the system controller:
syscon-1-active(config)# image controller remove os 1.2.0-3456
COMMAND image controller remove service
DESCRIPTION Remove a specified service version from the system controller.
ARGUMENTS
EXAMPLE
Remove the service version named 1.2.0-3456 from the system controller:
syscon-1-active(config)# image controller remove service 1.2.0-3456
COMMAND image partition remove iso
DESCRIPTION Remove a specified ISO version from the partition.
ARGUMENTS
EXAMPLE
Remove the ISO version named 1.2.0-3456 from the partition:
syscon-1-active(config)# image partition remove iso 1.2.0-3456
COMMAND image partition remove os
DESCRIPTION Remove a specified OS version from the partition.
ARGUMENTS
EXAMPLE
Remove the OS version named 1.2.0-3456 from the partition:
syscon-1-active(config)# image partition remove os 1.2.0-3456
COMMAND image partition remove service
DESCRIPTION Remove a specified service version from the partition.
ARGUMENTS
EXAMPLE
Remove the service version named 1.2.0-3456 from the partition:
syscon-1-active(config)# image partition remove service 1.2.0-3456
COMMAND interfaces interface
DESCRIPTION Configure chassis network interfaces. This includes options for link aggregation.
ARGUMENTS
The availability of options for this command depends on which interface you are configuring.
COMMAND interfaces interface <interface-name> aggregation config
DESCRIPTION Configure aggregation for an interface.
ARGUMENTS
up.EXAMPLE
Configure aggregation of type LACP on interface 1/1.1:
syscon-1-active(config)# interfaces interface 1/1.1 aggregation config lag-type LACP
COMMAND interfaces interface <interface-name> config
DESCRIPTION Configure aggregation for an interface.
ARGUMENTS
true to enable loopback mode or false to disable it.EXAMPLE
Configure interface 1/1.1 to use the fast aggregation type:
syscon-1-active(config)# interfaces interface 1/1.1
COMMAND interfaces interface <interface-name> ethernet config
DESCRIPTION Configure Ethernet options for an interface.
ARGUMENTS
true to enable auto negotiate or false to disable it.FULL to enable full duplex on an interface or set to HALF to enable half duplex on an interface.true to enable priority flow control or false to disable it.on to enable priority flow control in the receive direction or off to disable it.on to enable priority flow control in the send direction or off to disable it.EXAMPLE
Configure interface 1/1.1 to use the FULL duplex mode:
syscon-1-active(config)# interfaces interface 1/1.1 ethernet config duplex-mode FULL
COMMAND interfaces interface <interface-name> holdtime
DESCRIPTION Configure Ethernet options for an interface.
ARGUMENTS
EXAMPLE
Configure hold-time for interface 1/1.2:
syscon-1-active(config)# interfaces interface 1/1.2 holdtime config up
COMMAND interfaces interface <interface-name> subinterfaces subinterface range
DESCRIPTION This command is not currently supported.
COMMAND lacp config system-priority
DESCRIPTION
System priority and system MAC are combined as system-id which is required by the LACP protocol. Each partition has a system mac which is not configurable. The default system priority is 32768.
ARGUMENTS
EXAMPLE
Configure system priority to be 1000:
syscon-1-active(config)# lacp config system-priority 1000
COMMAND lacp interfaces interface
DESCRIPTION
Configure LACP to manage the LAG interface. To use LACP to manage a LAG interface, the LAG interface must already exist or be created first. LAG interfaces can have multiple interface members, and the LAG interface state is up as long as there is at least one active member. There must be valid VLANs attached to LAG interface to pass user traffic. Be sure that the VLAN exists before attaching it to a LAG interface.
ARGUMENTS
FAST to have packets sent every second. Set the interval to SLOW to have packets sent every 30 seconds.PASSIVE to place a port into a passive negotiating state, in which the port responds to received LACP packets, but does not initiate LACP negotiation. Set to ACTIVE to place a port into an active negotiating state, in which the port initiates negotiations with other ports by sending LACP packets.EXAMPLES
Configure an LACP interface, set it to place the port into an active negotiating state, and set the interval to have packets sent every second:
syscon-1-active(config)# lacp interfaces interface lag1 config lacp-mode ACTIVE interval FAST
Create a LAG interface named lag1 with the type ieee8023adLag:
syscon-1-active(config)# interfaces interface lag1 config type ieee8023adLag; commit
Enable LACP on a LAG interface named lag1:
syscon-1-active(config)# interfaces interface lag1 aggregation config lag-type LACP; commit
#
Create an LACP interface named lag1 with default parameters (internal is set to SLOW, lacp-mode is set to ACTIVE):
syscon-1-active(config)# lacp interfaces interface lag1 config name lag1; commit
Add interface 1/1.0 and 1/2.0 as interface members into a LAG named lag1:
syscon-1-active(config)# interfaces interface 1/1.0 ethernet config aggregate-id lag1
syscon-1-active(config)# interfaces interface 1/2.0 ethernet config aggregate-id lag1
syscon-1-active(config)# commit
Attach VLANs 1000 and 1001 to a LAG interface named lag1:
syscon-1-active(config)# interfaces interface lag1 aggregation switched-vlan config trunk-vlans { 1000 1001 }
COMMAND partitions partition
DESCRIPTION Configure options for partitions.
ARGUMENTS
EXAMPLE
Create a partition named newPartition:
syscon-1-active(config)# partitions partition newPartition
COMMAND partitions partition <partition-name> check-version
DESCRIPTION Check whether a partition is compatible with a specific service version.
ARGUMENTS
EXAMPLE
Verify that the partition is compatible with service version number 1.2.0-2934:
syscon-1-active(config)# partitions partition new check-version service-version 1.2.0-2934
result Partition database upgrade compatibility check succeeded.
COMMAND partitions partition <partition-name> set-version
DESCRIPTION
Trigger an install after verifying software compatibility using check-version. This operation will cause the partition control plane, blades, and tenants to restart, which interrupts both management and data plane traffic.
ARGUMENTS
no to show a confirmation prompt prior to beginning the installation of new partition software. Specify yes to bypass a confirmation prompt.COMMAND partitions partition <partition-name> config
DESCRIPTION Configure a partition.
ARGUMENTS
enabled to enable a specified partition. Specify disabled to disable it.EXAMPLES
Enable a partition named newPartition:
syscon-1-active(config)# partitions partition newPartition config enabled
Disable a partition named newPartition:
syscon-1-active(config)# partitions partition newPartition config disabled
Change the iso-version running on a partition named newPartition to be version 1.2.0-2934:
syscon-1-active(config)# partitions partition newPartition config iso-version 1.2.0-2934
Change the os-version running on a partition named newPartition to be version 1.2.0-2934:
syscon-1-active(config)# partitions partition newPartition config os-version 1.2.0-2934
Change the service-version running on a partition named newPartition to be version 1.2.0-2934:
syscon-1-active(config)# partitions partition newPartition config service-version 1.2.0-2934
COMMAND slots slot
DESCRIPTION Specify a slot to enable, disable, or reassign to a different partition.
ARGUMENTS
default.EXAMPLE
Disable slot 1 and verify that it is disabled:
syscon-1-active(config)# slots slot 1 disabled
syscon-1-active(config-slot-1)# commit
Commit complete.
syscon-1-active(config-slot-1)# exit
syscon-1-active(config)# exit
syscon-1-active# show running-config slots slot 1
slots slot 1
disabled
partition none
!
Enable slot 1 and verify that it is enabled:
syscon-1-active(config)# slots slot 1 enabled
syscon-1-active(config-slot-1)# commit
Commit complete.
syscon-1-active(config-slot-1)# exit
syscon-1-active(config)# exit
syscon-1-active# show running-config slots slot 1
slots slot 1
enabled
partition none
!
Assign slot 1 to a partition named default and verify that it is correctly assigned:
syscon-1-active(config)# slots slot 1 partition default
syscon-1-active(config-slot-1)# commit
Commit complete.
syscon-1-active(config-slot-1)# exit
syscon-1-active(config)# exit
syscon-1-active# show running-config slots slot 1
slots slot 1
enabled
partition default
!
COMMAND
system aaa authentication config authentication-method
DESCRIPTION
Specify which authentication methods can be used to authenticate and authorize users. You can enable all methods and indicate the order in which you'd like the methods to be attempted when a user logs in.
ARGUMENTS
EXAMPLE
Attempt to authenticate in this order: LDAP, then RADIUS, and then local (/etc/password):
syscon-1-active(config)# system aaa authentication config authentication-method { LDAP_ALL RADIUS_ALL LOCAL }
COMMAND system aaa authentication ldap active_directory
DESCRIPTION
Specify whether to enable LDAP Active Directory (AD).
ARGUMENTS
true to enable LDAP AD or false to disable it. The default value is false.EXAMPLE
Enable LDAP AD on the system:
syscon-1-active(config)# system aaa authentication ldap active_directory true
COMMAND
system aaa authentication ldap base
DESCRIPTION
Specify the search base distinguished name (DN) for LDAP authentication. Note that the configuration of base values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters. These must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
syscon-1-active(config)# system aaa authentication ldap base dc=xyz,dc=com
syscon-1-active(config)# system aaa authentication ldap base { dc=xyz,dc=com dc=abc,dc=com }
COMMAND system aaa authentication ldap bind_timelimit
DESCRIPTION
Specify a maximum amount of time to wait for LDAP authentication to return a result.
ARGUMENTS
30.EXAMPLE
Set a maximum bind time limit of 60 seconds:
syscon-1-active(config)# system aaa authentication ldap bind_timelimit 60
COMMAND
system aaa authentication ldap binddn
DESCRIPTION
Specify the distinguished name (DN) of an account that can search the base DN. If no account is specified, the LDAP connection establishes without authentication. Note that the configuration of binddn values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters; these must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
Set the distinguished name of a specified account for searching the base DN:
syscon-1-active(config)# system aaa authentication ldap binddn cn=admin,dc=xyz,dc=com
COMMAND
system aaa authentication ldap bindpw
DESCRIPTION
Specify the password of the search account identified in binddn.
ARGUMENTS
EXAMPLE
Specify a password for the search account on the LDAP server:
syscon-1-active(config)# system aaa authentication ldap bindpw <password>
COMMAND
system aaa authentication ldap idle_timelimit
DESCRIPTION
Configure the maximum amount of time before the LDAP connection can be inactive before it times out.
ARGUMENTS
30.EXAMPLE
Set a maximum idle timeout of 60 seconds:
syscon-1-active(config)# system aaa authentication ldap idle_timelimit 60
COMMAND
system aaa authentication ldap ldap_version
DESCRIPTION
Specify the LDAP protocol version number.
ARGUMENTS
3.EXAMPLE
Specify that LDAPv3 is used for the LDAP server:
syscon-1-active(config)# system aaa authentication ldap ldap_version 3
COMMAND
system aaa authentication ldap ssl
DESCRIPTION
Specify whether to enable Transport Layer Security (TLS) functionality for the LDAP server.
ARGUMENTS
EXAMPLE
Specify that TLS is enabled for all connections:
syscon-1-active(config)# system aaa authentication ldap ssl on
COMMAND
system aaa authentication ldap timelimit
DESCRIPTION
Specify a maximum time limit to use when performing LDAP searches to receive an LDAP response.
ARGUMENTS
EXAMPLE
Specify a maximum time limit of 60 seconds for LDAP searches:
syscon-1-active(config)# system aaa authentication ldap timelimit 60
COMMAND
system aaa authentication ldap tls_cacert
DESCRIPTION
Specify the CA certificate to be used for authenticating the TLS connection with the CA server. Also validates an issued certificate from a CA prior to accepting it into the system.
ARGUMENTS
EXAMPLE
Specify a certificate for authenticating the TLS connection:
syscon-1-active(config)# system aaa authentication ldap tls_cacert <path_to_cacert>.pem
COMMAND
system aaa authentication ldap tls_cert
DESCRIPTION
Specify the file that contains the certificate for the client's key.
ARGUMENTS
EXAMPLE
Specify a file that contains the certificate for a client's key:
syscon-1-active(config)# system aaa authentication ldap tls_cacert <path_to_cacert>.pem
COMMAND
system aaa authentication ldap tls_ciphers
DESCRIPTION
Specify acceptable cipher suites for the TLS library in use. For example, ECDHE-RSAAES256-GCM-SHA384 or ECDHE-RSA-AES128-GCM-SHA256.
The cipher string can take several additional forms. It can consist of a single cipher suite such as RC4-SHA. It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example, SHA1 represents all cipher suites using the digest algorithm SHA1, and SSLv3 represents all SSLv3 algorithms. You can combine lists of cipher suites into a single cipher string using the + character as a logical AND operation. For example, SHA1+DES represents all cipher suites containing the SHA1 and DES algorithms.
ARGUMENTS
EXAMPLE
Specify the cipher suite for the TLS library in use:
syscon-1-active(config)# system aaa authentication ldap tls_cyphers <cipher-suite>
COMMAND
system aaa authentication ldap tls_key
DESCRIPTION
Specify the file that contains the the private key that matches the certificates that you configured with the system aaa authentication ldap tls_cert command.
ARGUMENTS
system aaa authentication ldap tls_cert command.COMMAND
system aaa authentication ldap tls_reqcert
DESCRIPTION
Specify what checks to perform on certificates in a TLS session. The default value is never.
ARGUMENTS
EXAMPLE
Specify that a certificate is not required for a TLS session:
syscon-1-active(config)# system aaa authentication ldap tls_reqcert never
COMMAND
system aaa authentication roles role
DESCRIPTION
Specify the primary role assigned to the user.
ARGUMENTS
EXAMPLE
Configure which rolename and system group ID is used for a specified role:
syscon-1-active(config)# system aaa authentication roles role <rolename> config rolename <rolename> gid <unix-gid>
COMMAND
system aaa authentication users user
DESCRIPTION
Configure options for users.
ARGUMENTS
-1 (no expiration date). Use 1 to indicate expired.0 to force a password change.EXAMPLE
Configure a user named jdoe so that the user must change their password at their next log in and indicate that the account has no expiration date:
syscon-1-active(config)# system aaa authentication users user jdoe config last-change 0 expiry-date -1
COMMAND
system aaa password-policy config apply-to-root
DESCRIPTION
Specify whether to enforce password policies when the user configuring passwords is the root user. If enabled (true), the system returns an error on failed check if the root user changing the password. If disabled (false), the system displays a message about the failed check, but allows the root user to change the password and bypass password policies.
ARGUMENTS
true to enforce password policies even if it is the root user configuring passwords or false to disable it. The default value is false.COMMAND
system aaa password-policy config max-age
DESCRIPTION
Configure the number of days that users can keep using the same password without changing it.
ARGUMENTS
COMMAND
system aaa password-policy config max-login-failures
DESCRIPTION
Configure the maximum number of unsuccessful login attempts that are permitted before a user is locked out.
ARGUMENTS
COMMAND
system aaa password-policy config min-length
DESCRIPTION
Configure a minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default for this parameter is 9. If you want to allow passwords that are as short as 5 characters, you should not use min-length.
ARGUMENTS
COMMAND
system aaa password-policy config reject-username
DESCRIPTION
Check whether the user name is contained in the new password, either in straight or reversed form. If it is found, the new password is rejected.
ARGUMENTS
false to allow the user name in a new password or true to reject new passwords that contain the user name in some form. The default value is false.COMMAND
system aaa password-policy config required-differences
DESCRIPTION
Configure the number of character changes that are required in the new password that differentiate it from the old password.
ARGUMENTS
5.COMMAND
system aaa password-policy config required-lowercase
DESCRIPTION
Configure the minimum number of lowercase character required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-numeric
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-special
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config required-uppercase
DESCRIPTION
Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND
system aaa password-policy config retries
DESCRIPTION
Configure the number of retries allowed when user authentication is unsuccessful.
ARGUMENTS
COMMAND
system aaa password-policy config root-lockout
DESCRIPTION
Configure whether the root account can be locked out after unsuccessful login attempts.
ARGUMENTS
false to disable root lockout after a number of unsuccessful login attempts or true to enable it. The default value is false.COMMAND system aaa password-policy config root-unlock-time
DESCRIPTION
Configure the time in seconds before the root user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts.
ARGUMENTS
COMMAND
system aaa password-policy config unlock-time
DESCRIPTION
Configure the time in seconds before a user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts. If this option is not configured, the account is locked until the lock is removed manually by an administrator.
ARGUMENTS
COMMAND
system aaa primary-key set
DESCRIPTION
Change the system primary encryption key with passphrase and salt. This is useful while migrating configuration from one machine to another.
ARGUMENTS
EXAMPLE
Change the primary key, set a passphrase and salt, and then display the status of the key migration process:
syscon-1-active(config)# system aaa primary-key set
Value for 'passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'confirm-passphrase' (<string, min: 6 chars, max: 255 chars>): ******
Value for 'salt' (<string, min: 6 chars, max: 255 chars>): *********
Value for 'confirm-salt' (<string, min: 6 chars, max: 255 chars>): *********
response description: Key migration is initiated. Use 'show system primary-key state status' to get status
syscon-1-active# show system aaa primary-key state
system aaa primary-key state hash Jt221bA3Xf3V2ClXPY9pdfQzauNUGODq4EseXZbKcD/4G+Dr3u6hyFoahL+r3iIopJm4IzIInSwYsilAGdY08w==
system aaa primary-key state status "COMPLETE Initiated: Fri Jan 29 22:33:02 2021"
[root@controller-1 ~]#
COMMAND
system aaa server-groups server-group
DESCRIPTION
Configure one or more AAA servers of type RADIUS, LDAP, or TACACS+. The first server in the list is always used by default unless it is unavailable, in which case the next server in the list is used. You can configure the order of servers in the server group.
ARGUMENTS
3 (seconds).389.LDAP (LDAP over TCP).EXAMPLES
Create a server group named radius-test of type RADIUS, assign a specific RADIUS server with the group, and then configure a secret key:
syscon-1-active(config)# system aaa server-groups server-group radius-test
syscon-1-active(config-server-group-radius-test)# config type RADIUS
syscon-1-active(config-server-group-radius-test)# config name radius-test
syscon-1-active(config-server-group-radius-test)# commit
Commit complete.
syscon-1-active(config-server-group-radius-test)#
syscon-1-active(config)# system aaa server-groups server-group radius-test servers server 192.0.2.10 config address 192.0.2.10
syscon-1-active(config-server-192.0.2.10)# radius config secret-key radius-key'
syscon-1-active(config-server-192.0.2.10)# commit
Create a server group named ldap-test of type LDAP, assign a specific LDAP server with the group, and then set the LDAP type as LDAP over TCP:
syscon-1-active(config)# system aaa server-groups server-group ldap-test
syscon-1-active(config-server-group-ldap-test)# config type LDAP
syscon-1-active(config-server-group-ldap-test)# config name ldap-test
syscon-1-active(config-server-group-ldap-test)# commit
Commit complete.
syscon-1-active(config-server-group-ldap-test)#
syscon-1-active(config)# system aaa server-groups server-group ldap-test servers server 192.0.2.10 config address 192.0.2.10
syscon-1-active(config-server-192.0.2.10)# ldap config type ldap
syscon-1-active(config-server-192.0.2.10)# commit
COMMAND
system aaa tls config certificate
DESCRIPTION
Configure an SSL server certificate to be used for the webUI (HTTPS) or REST interface of the system.
ARGUMENTS
EXAMPLE
Add a certificate and key to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the certificate/key. After you have added a certificate, you must add a key using system aaa tls config key , commit the changes:
syscon-1-active(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-1-active(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-1-active(config)# commit
Commit complete.
COMMAND
system aaa tls config key
DESCRIPTION
Configure a PEM-encoded private key to be used for the webUI (HTTPS) or REST interface of the system. Key value is encrypted in DB storage.
ARGUMENTS
EXAMPLE
Add a TLS key and certificate to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the key/certificate. After you have added a key, you must add a certificate using system aaa tls config certificate:
syscon-1-active(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-1-active(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-1-active(config)# commit
Commit complete.
COMMAND system aaa tls crls crl
DESCRIPTION Configure a Certificate Revocation List Entry (CRL).
ARGUMENTS
EXAMPLE
Add a new CRL to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the CRL key.
syscon-2-active(config)# system aaa tls crls crl *crl Name*
Value for 'config revocation-key' (<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-2-active(config)# commit
Commit complete.
COMMAND system aaa tls create-self-signed-cert
DESCRIPTION Create an OpenSSL key for use with AAA/TLS.
ARGUMENTS
secp521r1. Available options are:true to store the self-signed certificate pair in the the system-aaa-tls-config or false to specify that it should not be stored.EXAMPLE
Create a private key and self-signed certificate:
syscon-1-active(config)# system aaa tls create-self-signed-cert city Seattle country US days-valid 365 email j.doe@company.com key-type ecdsa name company.com organization "Company" region Washington unit IT version 1 curve-name prime239v2 store-tls false
response
-----BEGIN EC PRIVATE KEY-----
MHECA1d8wiyJEVihDTnVi+v9RjfK3LhZ2Pd4R7B1MJf3lyXaoaAKBggqhkjOPQMB
BaFAAz4ABHFISUTEi8wEdG0iBF3iqTi5m5b62xUSbhOJrXR8d0S6h+anvpo9xrH3
QKbVuacd9H4cMj2tX/wyqVNePg==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICAzCCAa4CCQCR5RKtuBFcxTAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCl1t462pbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAoM
CkY1IE5ldG9ya3MxEDAOBgNVBAsMB1NXRElBR1MxETAPBgNVBAMMCEdvZHppbGxh
MR0wGwYJKoZIhvcNAQkBFg5qLm1vb3JlQGY1LmNvbTAeFw0yMTAzMjcwMjE2NTFa
Fw0yMjAzMjcwMjE2NTFaMIGNMQswCQYDVQQGEwJVUzORBTWGA1UECAwKV2FzaGlu
Z3RvbjEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECgwKRjUgTmV0b3JrczEQMA4G
A1UECwwHU1dESUFHUzERMA8GA1UEAwwIR29kemlsbGExHTAbBgkqhkiG9w0BCQEW
DmoubW9vcmVAZRWPuB9tMFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEcUhJRMSL
zAR0bSIEXeKpOLmblvrbFRJuE4mtdHx3RLqH5qe+mj3GsfdAptW5pwXtlI0yPa1f
/DKpU14+MAoGCCqGSM49BAMCA0MAMEACHh38OAyBB5T9ScBklBXZUIuynHq3/tr4
3VUQsMtYHQIeeP3vCrRm2qjPtK62QwtbkqDA9h2qTvuDj6uYL8EI
-----END CERTIFICATE-----
COMMAND system aaa tls create-csr
DESCRIPTION Create a certificate signing request (CSR).
ARGUMENTS
EXAMPLE
Create a CSR:
system aaa tls create-csr name company.com email j.doe@company.com organization "Company" unit IT
response -----BEGIN CERTIFICATE REQUEST-----
JRISPzCCAbsCAQEwgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
MRAwDgYDVQQHEwdTZWF0dGxlMRQwEgYDVQQKFAtGNVH4TW03b3JrczEUMBIGA1UE
CxMLZGV2ZWxvcG1lbnQxGTAXBgkqhkiG9w0BCQEWCmRldkBmNS5jb20xEDAOBgNV
BAMTB3Rlc3Rjc3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCinnAV
Dv/G6+qbiBVO7zIPmFFatYcrzdUnvpTGXfPuh6VBRqcW90jJy12FwtYOL8P6mED+
gfjpxRWe+PNursjZSIDpyh7Dn+F3MRF3zkgnSKlYKI9qqzlRHRAwi2U7GfujeR5H
CXrJ4uxYK2Wp8WVSa7TWwj6Bnps8Uldnj0kenBJ1eUVUXoQAbUmZQg6l+qhKRiDh
3E/xMOtaGWg0SjD7dEQij5l+8FBEHVhQKEr93GT1ifR62/MZSnPw2MY5OJ69p2Wn
k7Fr7m4I5z9lxJduYDNmiddVilpWdqRaCB2j29XCmpVJduF2v6EsMx693K18IJ1h
iRice6oKL7eoI/NdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAGjWSAqKUPqMY
eLlSDJ9Bc4R+ckia5r/TITqamMN+m8TqQI8Pk0tAnwHCl8HHS+4cI8QuupgS/3aU
ls7OtxceoQZ1VFX2sQFkrDJFe0ewZQLm5diip5kxFrnap0oA0wRy84ks0wxeiCWD
New3hgSXfzyXI0g0auT6KNwsGaO8ZuhOX3ICNnSLbfb9T4zbhfI9jKopXQgZG/LO
pOct33fdpf/U6kQA9Rw/nzs3Hz/nsVleOrl3TH1+9veMMF+6eq8KKPpbYKh9bhA+
pYI3TtbZHuyRyQbq/r4gf4JkIu/PGszzy/rsDWy+b9g9nXMh1oFj+xhTrBjBk8a2
0ov+Osy2iA==
-----END CERTIFICATE REQUEST-----
COMMAND system appliance-mode config
DESCRIPTION Configure whether appliance mode is enabled or disabled on the system controller controller. Appliance mode adds a layer of security by restricting user access to root and the bash shell. When enabled, the root user cannot log in to the device by any means, including from the serial console. You can enable appliance mode at these levels:
system appliance-mode on the system controller.system appliance-mode on the chassis partition.tenants tenant <tenant-name\> config appliance-mode on the chassis partition.ARGUMENTS
enabled to enable appliance mode on the system controller. Specify disabled to disable it.EXAMPLE
Enable appliance mode and then verify that appliance mode is enabled:
syscon-1-active(config)# system appliance-mode config enabled
syscon-1-active(config)# commit
syscon-1-active(config)# exit
syscon-1-active# show system appliance-mode
system appliance-mode state enabled
Disable appliance mode and then verify that appliance mode is disabled:
syscon-1-active(config)# system appliance-mode config disabled
syscon-1-active(config)# commit
syscon-1-active(config)# exit
syscon-1-active# show system appliance-mode
system appliance-mode state disabled
COMMAND system clock config timezone-name
DESCRIPTION Configure the time zone (tz) database name (for example, Europe/Stockholm) to use for the system. For a list of valid timezone names, see www.iana.org/time-zones.
ARGUMENTS
EXAMPLES
Configure the system to use the America/Los_Angeles time zone:
syscon-1-active(config)# system clock config timezone-name America/Los_Angeles
Configure the system to use the Asia/Calcutta time zone:
syscon-1-active(config)# system clock config timezone-name Asia/Calcutta
COMMAND system database config-backup
DESCRIPTION Generate a backup of the system configuration in the form of an XML file.
ARGUMENTS
true to overwrite the file if a file by that name exists or false to disable the file overwrite. The default value is false.EXAMPLE
Create a backup file of the system configuration named backup-march2021 and overwrite it if a file by that name already exists:
syscon-1-active(config)# system database config-backup name backup-march2021 overwrite true
response Succeeded.
COMMAND system database config-restore
DESCRIPTION Restore the system configuration from an XML backup file.
ARGUMENTS
EXAMPLE
Restore the system configuration from a backup file named backup-march2021:
syscon-1-active(config)# system database config-restore name backup-march2021
COMMAND system database config reset-default-config
DESCRIPTION Revert the system to the default configuration and clear any existing configuration information.
IMPORTANT: This deletes all configuration on the system, including IP addresses, passwords, all partition configuration, and tenant images.
ARGUMENTS
true to reset the configuration to the default or false to disable it. The default value is false.EXAMPLE
Revert the system to the default configuration:
syscon-1-active(config)# system database config reset-default-config true
COMMAND system dbvars config debug
DESCRIPTION Set debug variables (dbvars) for various components.
ARGUMENTS
The availability of options for this command depends on which debug variable you are configuring.
COMMAND system diagnostics core-files list
DESCRIPTION List core files for the VELOS system.
EXAMPLE
List all core files on the system:
syscon-1-active# system diagnostics core-files list
files { controller-1:/diags/shared/core/container/authd-1.core.gz controller-1:/diags/shared/core/container/orchestration_m-1.core.gz controller-1:/diags/shared/core/host/test-1.core.gz controller-2:/diags/shared/core/container/test-1.core.gz controller-2:/diags/shared/core/host/test-2.core.gz }
COMMAND system diagnostics core-files delete
DESCRIPTION Delete core files from the VELOS system.
ARGUMENTS
EXAMPLE
Delete selected core files from the system:
syscon-1-active# system diagnostics core-files delete files { controller-1:/diags/shared/core/host/test-1.core.gz }
COMMAND system diagnostics ihealth config authserver
DESCRIPTION Specify a separate endpoint for authenticating and uploading QKView files to the iHealth service. The authserver config element enables you to specify an authentication server URL for the iHealth service. By default, authserver is set to the F5 iHealth authentication server https://api.f5.com/auth/pub/sso/login/ihealth-api.
ARGUMENTS
EXAMPLE
Specify an authentication server for the iHealth service:
syscon-1-active(config)# system diagnostics ihealth config authserver
(<string>) (https://api.f5.com/auth/pub/sso/login/ihealth-api): https://api.f5networks.net/auth/pub/sso/login/ihealth-api
COMMAND system diagnostics ihealth config password
DESCRIPTION Specify the password used to log in to iHealth. This password is given in plain text, but will be encrypted when stored in the system.
ARGUMENTS
EXAMPLE
Specify a password to be used for logging in to iHealth:
syscon-1-active(config)# system diagnostics ihealth config password
(<AES encrypted string>): **********
COMMAND system diagnostics ihealth config server
DESCRIPTION Specify the iHealth service has a separate endpoint for authenticating and uploading QKView files. The server config element enables you to specify an upload server URL for the iHealth service. By default, the server is set to the F5 iHealth upload server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True.
ARGUMENTS
EXAMPLE
Specify an upload server for the iHealth service:
syscon-1-active(config)# system diagnostics ihealth config server
(<string>) (https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True): https://ihealth-api.f5networks.net/qkview-analyzer/api/qkviews?visible_in_gui=True
COMMAND system diagnostics ihealth config username
DESCRIPTION Specify the username used to access the iHealth service.
ARGUMENTS
EXAMPLE
Specify a user name to be used when logging in to iHealth:
syscon-1-active(config)# system diagnostics ihealth config username
(<string>) (user@f5.com): user2@f5.com
COMMAND system diagnostics ihealth upload
DESCRIPTION Initiate a qkview-file upload to iHealth. It returns a upload id, which is needed to check upload status or cancel an upload.
ARGUMENTS
system diagnostics qkview list command to see a list of available files.
Note: Be sure to add /diags/shared/QKView/ as a prefix to the QKView file name.EXAMPLE
Upload a file named /diags/shared/qkview/test.qkview to iHealth:
syscon-1-active(config)# system diagnostics ihealth upload qkview-file /diags/shared/qkview/test.qkview description testing service-request-number C523232
message HTTP/1.1 202 Accepted
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Jun 2020 12:09:08 GMT
Content-Length: 0
COMMAND system diagnostics ihealth cancel
DESCRIPTION Cancel a QKView upload that is in progress. If the upload is already complete, it cannot be cancelled. To remove the QKView, log in to the iHealth server and manually delete the QKView, if needed.
ARGUMENTS
EXAMPLE
Cancel the QKView upload with an upload-id of iuw53AYW.
syscon-1-active(config)# system diagnostics ihealth cancel upload-id iuw53AYW
message HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Jun 2020 12:10:01 GMT
Content-Length: 44
COMMAND system diagnostics proxy config
DESCRIPTION Configure a web proxy to upload QKView files to F5 iHealth. This is useful when the VELOS system does not have internet access to reach f5.com.
ARGUMENTS
EXAMPLE
Configure the system to connect to a web proxy using specified credentials:
syscon-1-active(config)# system diagnostics proxy config proxy-server 192.0.2.111 proxy-username jdoe proxy-password
(<AES encrypted string>): ******
COMMAND system diagnostics qkview capture
DESCRIPTION Generate a system diagnostic snapshot, called a QKView. The system can support only one snapshot collection at a time. QKView files are stored in a single directory, depending on where the QKView file is executed.
If you request a QKView on a system controller or chassis partition, QKView files are stored in the host directory: diags/shared/qkview/.
ARGUMENTS
<system-name>.qkview.0, which indicates no timeout.true if core files should be excluded from QKView. The default value is false.25 MB.500 MB.EXAMPLE
Generate a QKView and name the file client-qkview.tar, exclude core files, set the maximum core size to 500 MB, set the maximum file size to 500 MB, and set a timeout value of 0 (zero), which indicates no timeout:
syscon-1-active# system diagnostics qkview capture filename client-qkview.tar exclude-cores true maxcoresize 500 maxfilesize 500 timeout 0
result Qkview file client-qkview.tar is being collected
return code 200
syscon-1-active# system diagnostics qkview status
result {"Busy":true,"Percent":6,"Status":"collecting","Message":"Collecting Data","Filename":"client-qkview.tar"}
resultint 0
syscon-1-active# system diagnostics qkview capture
result Qkview file controller-1.qkview is being collected
return code 200
resultint 0
syscon-1-active# system diagnostics qkview capture filename tryagain.tar
result Qkview capture can not be initiated. Another Qkview capture is already in progress
return code 429
resultint -10
COMMAND system diagnostics qkview cancel
DESCRIPTION Cancel a QKView that is in progress.
ARGUMENTS This command has no arguments.
EXAMPLE
Cancel the currently running QKView:
syscon-1-active# system diagnostics qkview cancel
result Qkview with filename client-qkview.tar was canceled
return code 200
resultint 0
COMMAND system diagnostics qkview status
DESCRIPTION Get the status of a QKView that is in progress or the status of the last QKView collected.
ARGUMENTS This command has no arguments.
EXAMPLE
View the status of the currently running QKView:
syscon-1-active# system diagnostics qkview status
result {"Busy":true,"Percent":73,"Status":"collecting","Message":"Collecting Data","Filename":"myqkview.tar"}
resultint 0
syscon-1-active# system diagnostics qkview status
result {"Busy":false,"Percent":100,"Status":"canceled","Message":"Collection canceled by user. Partial qkview saved.","Filename":"client-qkview.tar.canceled"}
resultint 0
COMMAND system diagnostics qkview delete
DESCRIPTION Delete a QKView file.
ARGUMENTS
EXAMPLE
Delete the QKView file named client-qkview.tar.canceled.
syscon-1-active# system diagnostics qkview delete filename client-qkview.tar.canceled
result Deleted Qkview file client-qkview.tar.canceled
return code 200
resultint 0
COMMAND system diagnostics qkview list
DESCRIPTION Show a list of QKView files.
ARGUMENTS This command has no arguments.
EXAMPLE
List all QKView files on the system:
syscon-1-active# system diagnostics qkview list
result {"Qkviews":[{"Filename":"client-qkview.tar.canceled","Date":"2020-10-26T23:39:48.783066588Z","Size":131310},{"Filename":"myqkview.tar","Date":"2020-10-26T23:37:43.786269089Z","Size":668708104}]}
resultint 0
COMMAND system dns servers
DESCRIPTION Configure a DNS server for the system controller to use.
ARGUMENTS
53.EXAMPLE
Configure a DNS server and then verify that it was completed:
syscon-1-active(config)# system dns servers server 192.0.2.20 config address 192.0.2.20 port 53
syscon-1-active(config-server-192.0.2.20)# commit
Commit complete.
syscon-1-active(config-server-192.0.2.20)# exit
syscon-1-active(config)# exit
syscon-1-active# show running-config system dns
system dns servers server 192.0.2.20
config address 192.0.2.20
config port 53
!
COMMAND system image check-version
DESCRIPTION Check whether the system is compatible with a specific system image service version upgrade version.
ARGUMENTS
EXAMPLE
Verify that the system is compatible with service version number 1.2.0-3456:
syscon-1-active(config)# system image check-version service-version 1.2.0-3456
COMMAND system image set-version
DESCRIPTION Trigger an install after verifying schema compatibility using check-version. This upgrades software on one system controller at a time, without an interruption to system controller availability.
ARGUMENTS
EXAMPLE
Upgrade the system to iso version 1.2.0-3456:
syscon-1-active(config)# system image set-version iso-version 1.2.0-3456
Upgrade the os version to 1.2.0-3456:
syscon-1-active(config)# system image set-version os-version 1.2.0-3456
Upgrade the service version to 1.2.0-3456:
syscon-1-active(config)# system image set-version service-version 1.2.0-3456
COMMAND system licensing get-dossier
DESCRIPTION Generate an encrypted system dossier that can be used for retrieving a license from the F5 license server. This is used to perform a manual license installation.
ARGUMENTS
EXAMPLE
Get a system licensing dossier from F5:
syscon-1-active(config)# system licensing get-dossier
system-dossier 3446aa94eaa020b4ccb57a495d8589771b03556ffa0fc89fe8ae2e301dba149163ce139fb3a94333b6e8ecd28053bd97f541649c2c61756712c1d105b6d637c472b5642cf87064ba3ce9bee90e97df863876f885c3015ca2d4fb8bd02898f2912a0f5a161025baf42494279291ac4518578b5ce04fd03af1a44b793b13ddaa81552f46e205aee75d0c3f81c19bf7411bb9549f31d3d856f2bda42125113b5a6892fc3858b525016defe1636cdad2020ffd297c53a8acefa1b093d3d5609269f6483896402f800d40b8f3cb571a9ab0ea482707bd6e7b34545feb966c5e33ba8d6519486eba2fbeb15eda6761f9df0c9ac3a597becf272fb468465793fbbdc86b96c7a95ab44d925ec8677b060552a8415d93ed9e947039cc27b5a734b6e29f83b38fd6d49ba2bff5bde9df7e400632e434698ebd5a5b441f6915f1d1c884b2be52638e7f46b0ca880a1e6ecbbc67091b9938b0039c4c3ed80d808543cff5875b7b081058a6a263cfd6d72f08c06a58a4b13060543647a9979694a0db7c8816d96fd5fa233c878fb472915e0c241a0ee0898d959315d0a3e0daa933ce208a5c0444871001c8aca507a537fe0a7625ce026113ce46cc9d22b09993f67c5dc2084775e221c9ba8a47089cb35be094c70de40dfca0726bde9ea3a6b9b8b0f3b5d054464f3357b07c7cba243a70c011ee5d856337e1465adf94b0dafbbe647c9f6d5a
COMMAND system licensing get-eula
DESCRIPTION Retrieve the End User License Agreement (EULA) from the F5 License Server.
ARGUMENTS
EXAMPLE
Gets the contents of the latest F5 EULA:
syscon-1-active(config)# system licensing get-eula
eula-text END USER LICENSE AGREEMENT
DOC-0355-16
IMPORTANT " READ BEFORE INSTALLING OR OPERATING THIS PRODUCT
YOU AGREE TO BE BOUND BY THE TERMS OF THIS LICENSE BY INSTALLING,
HAVING INSTALLED, COPYING, OR OTHERWISE USING THE SOFTWARE. IF YOU
DO NOT AGREE, DO NOT INSTALL OR USE THE SOFTWARE.
This End User License Agreement ("License") applies to the software
product(s) ("Software") you have licensed from us whether on
a stand-alone basis or as part of any hardware ("Hardware") you
purchase from us, (the Hardware and Software together, the "Product").
...
COMMAND system licensing install
DESCRIPTION Perform an automatic system license installation. The system must be connected to the Internet to use the automatic method.
ARGUMENTS
EXAMPLE
Install a base license on the system:
syscon-1(config)# system licensing install registration-key A1234-56789-01234-56789-0123456
result License installed successfully.
COMMAND system licensing manual-install
DESCRIPTION Perform a manual system license installation.
ARGUMENTS
system licensing manual-install, you use system licensing get-dossier to get the system dossier text, and then activate the license at activate.f5.com.EXAMPLE
License the system using license information from activate.f5.com:
syscon-1-active(config)# system licensing manual-install license
Value for 'license' (<string>):
[Multiline mode, exit with ctrl-D.]
> #
> Auth vers : 5b
> #
> #
> # BIG-IP System License Key File
> # DO NOT EDIT THIS FILE!!
> #
> # Install this file as "/config/bigip.license".
> #
> # Contact information in file /CONTACTS
> #
> #
> # Warning: Changing the system time while this system is running
> # with a time-limited license may make the system unusable.
> #
> Usage : F5 Internal Product Development
> #
> #
> # Only the specific use referenced above is allowed. Any other uses are prohibited.
> #
> Vendor : F5 Networks, Inc.
> #
> # Module List
> #
> active module : Local Traffic Manager, CX410|Y123456-7890123|FIPS 140-2 Compliant Mode, CX410|APM-Lite|Rate Shaping|Max Compression, CX410|DNS-GTM, Base|Max SSL, CX410|Anti-Virus Checks|Base Endpoint Security Checks|Firewall Checks|Machine Certificate Checks|Network Access|Protected Workspace|Secure Virtual Keyboard|APM, Web Application|App Tunnel|Remote Desktop
> optional module : Access Policy Manager, Base, CX410
> optional module : Access Policy Manager, Max, CX410
> optional module : Advanced Firewall Manager, CX410
...
COMMAND system logging remote-servers remote-server
DESCRIPTION Configure information about remote logging servers.
ARGUMENTS
udp.514.EXAMPLE
Create a logging destination:
syscon-1-active(config)# system logging remote-servers remote-server 192.0.2.240 config proto tcp
syscon-1-active(config-remote-server-192.0.2.240)# commit
Commit complete.
Delete a logging destination:
syscon-1-active(config)# no system logging remote-servers remote-server 192.0.2.240
syscon-1-active(config)# commit
Commit complete.
COMMAND system logging host-logs
DESCRIPTION Configure settings for sending host logs to remote logging servers.
ARGUMENTS
enabled to enable remote forwarding of active node host logs. Specify disabled to disable it.host-logs is enabled and a remote server configuration is present. Available options are:EXAMPLE
Enable remote forwarding:
syscon-1-active(config)# system logging host-logs config remote-forwarding enabled
COMMAND system logging sw-components sw-component
DESCRIPTION Configure logging for platform software components. Available options are:
ARGUMENTS
COMMAND system mgmt-ip config dhcp-enabled
DESCRIPTION Enable or disable DHCP for controller management IP address.
ARGUMENTS
true to enable DHCP for the management IP address or false to disable it. The default value is false.EXAMPLE
Enable DCHP for the management IP address:
syscon-1-active(config)# system mgmt-ip config dhcp-enabled true
COMMAND system mgmt-ip config ipv4 controller-1
DESCRIPTION Configure the IPv4 management IP address for system controller 1.
ARGUMENTS
EXAMPLE
Configure the IPv4 management IP address for controller-1 to be 192.0.2.2:
syscon-1-active(config)# system mgmt-ip config ipv4 controller-1 address 192.0.2.2
COMMAND system mgmt-ip config ipv4 controller-2
DESCRIPTION Configure the IPv4 management IP address for system controller 2.
ARGUMENTS
EXAMPLE
Configure the IPv4 management IP address for controller-2 to be 192.0.2.3:
syscon-1-active(config)# system mgmt-ip config ipv4 controller-2 address 192.0.2.3
COMMAND system mgmt-ip config ipv4 floating
DESCRIPTION Configure the floating IPv4 management address.
ARGUMENTS
EXAMPLE
Configure the floating IPv4 management IP address to be 192.0.2.4:
syscon-1-active(config)# system mgmt-ip config ipv4 floating address 192.0.2.4
COMMAND system mgmt-ip config ipv4 gateway
DESCRIPTION Configure the gateway IPv4 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv4 address to be 192.0.2.1:
syscon-1-active(config)# system mgmt-ip config ipv4 gateway 192.0.2.1
COMMAND system mgmt-ip config ipv4 prefix-length
DESCRIPTION Configure the IPv4 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv4 prefix length to be 24:
syscon-1-active(config)# system mgmt-ip config ipv4 prefix-length 24
COMMAND system mgmt-ip config ipv6 controller-1
DESCRIPTION Configure the IPv6 management IP address for system controller 1.
ARGUMENTS
EXAMPLE
Configure the IPv6 management IP address for controller-1 to be ::2:
syscon-1-active(config)# system mgmt-ip config ipv6 controller-1 address ::2
COMMAND system mgmt-ip config ipv6 controller-2
DESCRIPTION Configure the IPv6 management IP address for system controller 2.
ARGUMENTS
EXAMPLE
Configure the IPv6 management IP address for controller-2 to be ::3:
syscon-1-active(config)# system mgmt-ip config ipv6 controller-2 address ::3
COMMAND system mgmt-ip config ipv6 floating
DESCRIPTION Configure the floating IPv6 management address.
ARGUMENTS
EXAMPLE
Configure the floating IPv6 management IP address to be ::4:
syscon-1-active(config)# system mgmt-ip config ipv6 floating address ::4
COMMAND system mgmt-ip config ipv6 gateway
DESCRIPTION Configure gateway IPv6 address.
ARGUMENTS
EXAMPLE
Configure the gateway IPv6 address to be ::1:
syscon-1-active(config)# system mgmt-ip config ipv6 gateway ::1
COMMAND system mgmt-ip config ipv6 prefix-length
DESCRIPTION Configure IPv6 prefix length.
ARGUMENTS
EXAMPLE
Configure the IPv6 prefix length to be 64:
syscon-1-active(config)# system mgmt-ip config ipv6 prefix-length 64
DESCRIPTION Set the chassis ID that is used to determine internal address ranges.
IMPORTANT: F5 strongly recommends that you do not change this setting.
ARGUMENTS
1.DESCRIPTION Configure the internal address range.
ARGUMENTS
prefix. This is the default value.EXAMPLE
Configure the range type to be RFC6598:
syscon-1-active(config)# system network config network-range-type RFC6598
COMMAND system ntp config enable-ntp-auth
DESCRIPTION
Enable Network Time Protocol (NTP) protocol authentication for the system. NTP authentication enhances security by ensuring that the system sends time-of-day requests only to trusted NTP servers. Use the system ntp ntp-keys ntp-key command to add the key associated with your server.
ARGUMENTS
true to enable using NTP authentication. Specify false to disable it.EXAMPLE
Enable the use of NTP authentication:
syscon-1-active(config)# system ntp config enable-ntp-auth true
COMMAND system ntp config
DESCRIPTION Enable the Network Time Protocol (NTP) protocol and indicate that the system should synchronize the system clock with an NTP server from a serves defined in the 'ntp/server' list.
ARGUMENTS
enabled to enable using NTP. Specify disabled to disable it.EXAMPLE
Disable the use of NTP:
syscon-1-active(config)# system ntp config disabled
COMMAND system ntp ntp-keys ntp-key
DESCRIPTION Configure the list of Network Time Protocol (NTP) authentication keys.
ARGUMENTS
COMMAND system ntp servers server
DESCRIPTION
Configure which NTP servers can be used for system clock synchronization. If system ntp is enabled, then the system will attempt to contact and use the specified NTP servers.
ARGUMENTS
SERVER.true to enable iburst for the NTP service. Specify false to disable it.123.true to indicate that this server should be the preferred one. Specify false if not.key-id value must match the key-type and key-value values provided in system ntp ntp-keys ntp-key on this client system, and all values must also match the server exactly. EXAMPLES
Configure an NTP server with the address pool.ntp.org, where the association type is POOL, and it is the preferred server:
syscon-1-active(config)# system ntp servers server pool.ntp.org config address pool.ntp.org association-type POOL prefer true
syscon-1-active(config-server-pool.ntp.org)# top
syscon-1-active(config)# system ntp config enabled
syscon-1-active(config)# commit
Commit complete.
Configure an NTP server with the address time.f5net.com, where the association type is SERVER, iburst is enabled, port is 123, it is the preferred server, and version number is 4:
syscon-1-active(config)# system ntp servers server time.f5net.com
syscon-1-active(config-server-time.f5net.com)# config address time.f5net.com
syscon-1-active(config-server-time.f5net.com)# config association-type SERVER
syscon-1-active(config-server-time.f5net.com)# config iburst true
syscon-1-active(config-server-time.f5net.com)# config port 123
syscon-1-active(config-server-time.f5net.com)# config prefer true
syscon-1-active(config-server-time.f5net.com)# config version 4
syscon-1-active(config-server-time.f5net.com)# commit
Commit complete.
COMMAND system redundancy config mode
DESCRIPTION Change the system controller redundancy mode.
ARGUMENTS
EXAMPLE
Set system controller 2 as the preferred controller:
syscon-1-active(config)# system redundancy config mode prefer-2
COMMAND system redundancy go-standby
DESCRIPTION Cause currently active system controller to switch to standby.
EXAMPLE
Set the currently active system controller switch so that it is the standby controller:
syscon-1-active(config)# system redundancy go-standby
COMMAND system config hostname
DESCRIPTION Configure a hostname for the system.
ARGUMENTS
EXAMPLE
Configure the hostname to be test.company.com:
syscon-1-active(config)# system config hostname test.company.com
COMMAND system config login-banner
DESCRIPTION
Configure a banner message to be displayed before users log in to the system.
ARGUMENTS
EXAMPLE
Configure a banner message:
syscon-1-active(config)# system config login-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
COMMAND system config motd-banner
DESCRIPTION
Configure a message of the day (MOTD) banner to display after users log in to the system.
EXAMPLE
Configure a MOTD banner message:
syscon-1-active(config)# system config motd-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
ATTENTION!
This system is scheduled for maintenance in two days.
COMMAND system reboot controllers
DESCRIPTION Trigger a restart of a specified system controller. This resets the management IP connection.
ARGUMENTS
active to restart the active system controller. Specify standby to restart the standby system controller.EXAMPLE
Reboot the standby system controller:
syscon-1-active(config)# system reboot controllers controller standby
COMMAND system set-datetime
DESCRIPTION Configure the date and time for the system.
ARGUMENTS
EXAMPLES
Configure the system date to be 2021-01-01:
syscon-1-active(config)# system set-datetime date 2021-01-01
Configure the system time to be 12:01:00:
syscon-1-active(config)# system set-datetime date 12:01:00
COMMAND autowizard
DESCRIPTION Specify whether to query automatically for mandatory elements.
ARGUMENTS
true to query automatically for mandatory elements. Specify false to disable it.COMMAND cd
DESCRIPTION Change the working directory to a specific folder.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
COMMAND commit
DESCRIPTION Commit the current set of changes to the running configuration.
ARGUMENTS
persist-id <id> argument.commit confirm command is issued before the timeout expires, then the configuration is reverted to the configuration that was active before the commit confirmed command was issued. If no timeout is given, then the confirming commit has a timeout of 10 minutes. The configuration session will be terminated after this command since no further editing is possible.
The confirming commit will be rolled back if the CLI session is terminated before confirming the commit, unless the persist argument is also given. If the persist command is given, then the CLI session can be terminated and a later session can confirm the pending commit by supplying the persist token as an argument to the commit command using the persist-id argument.persist-id argument. Include the persist-id option and specify the same persist token id, to modify the ongoing confirming commit process. This enables you to cancel an ongoing persist commit operation or extend the timeout.COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND complete-on-space
DESCRIPTION Specify whether to have the CLI complete a command name automatically when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.
ARGUMENTS
true to enable the ability to have the CLI complete a command name automatically when you press the space bar. Specify false to disable it.COMMAND config
DESCRIPTION
Enter configuration mode. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.
ARGUMENTS
COMMAND describe
DESCRIPTION Display internal information about how a command is implemented.
ARGUMENTS
COMMAND display-level
DESCRIPTION Set the depth of the configuration shown for show commands.
ARGUMENTS
<depth> can be a value from 1 through 64.COMMAND exit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND file
DESCRIPTION Perform file operations.
ARGUMENTS
For detailed information about these arguments, see the file page under System Controller / config-mode-commands.
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND history
DESCRIPTION Configure the command history cache size.
ARGUMENTS
<size> can be a value from 0 through 1000.COMMAND id
DESCRIPTION Display information about the current user, including user, gid, group, and gids.
ARGUMENTS This command has no arguments.
COMMAND idle-timeout
DESCRIPTION Set how long the CLI is inactive before a user is logged out of the system. If a user is connected using an SSH connection, the SSH connection is closed after this time expires.
ARGUMENTS
1800 seconds (30 minutes).COMMAND ignore-leading-space
DESCRIPTION Specify whether to consider or ignore leading whitespace at the beginning of a command.
ARGUMENTS
false to ignore leading whitespace or true to consider it.COMMAND leaf-prompting
DESCRIPTION Specify whether to enable or disable automatic querying for leaf values.
ARGUMENTS
false to disable leaf prompting and specify true to enable it.COMMAND logout
DESCRIPTION Log out a specific session or user from all sessions.
ARGUMENTS
<session-id>.<user-name>.COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND output-file
DESCRIPTION Copy command output to a file or terminal.
ARGUMENTS
COMMAND paginate
DESCRIPTION Specify whether to control the pagination of CLI command output.
ARGUMENTS
false to display command output continuously, regardless of the CLI screen height. Specify true to display all command output one screen at a time. To display the next screen of output, press the space bar. This is the default setting.COMMAND prompt1
DESCRIPTION Set the operational mode prompt.
ARGUMENTS
COMMAND prompt2
DESCRIPTION Set the configuration mode prompt.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND quit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND screen-length
DESCRIPTION Configure the length of the terminal window.
ARGUMENTS
<number-of-rows> can be from 0 through 256. When you set the screen length to 0 (zero), the CLI does not paginate command output.COMMAND screen-width
DESCRIPTION Configure the width of the terminal window.
ARGUMENTS
<number-of-rows> can be from 200 through 256.COMMAND send
DESCRIPTION Send a message to the terminal of a specified user or all users.
ARGUMENTS
all to send a message to all users. Specify username <username> to send a message only to a specified user.COMMAND show
DESCRIPTION Show information about the system.
ARGUMENTS
COMMAND show-defaults
DESCRIPTION Specify whether to display the default configuration.
ARGUMENTS
true to display the default values. Specify false to hide the default values.COMMAND terminal
DESCRIPTION Set the terminal type.
ARGUMENTS
COMMAND timestamp
DESCRIPTION Configure whether to display the timestamp.
ARGUMENTS
enable to show the timestamp. Specify disable to hide the timestamp.COMMAND who
DESCRIPTION Display information on currently-logged on users. The command output displays the session ID, user name, context, from (IP address), protocol, date, and mode (operational or configuration).
ARGUMENTS This command has no arguments.
COMMAND write
DESCRIPTION
Display the running configuration of the system on the terminal. This command is equivalent to the show running-config command.
ARGUMENTS
COMMAND annotation
DESCRIPTION Display only statements whose annotation matches a provided configuration statement or pattern.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND append
DESCRIPTION Append command output text to a file.
ARGUMENTS
COMMAND begin
DESCRIPTION Display the command output starting at the first match of a specified string.
ARGUMENTS
COMMAND best-effort
DESCRIPTION Display command output or continue loading a file, even if a failure has occurred that might interfere with this process.
ARGUMENTS This command has no arguments.
COMMAND context-match
DESCRIPTION Display the upper hierarchy in which a pattern appears in the configuration.
ARGUMENTS
COMMAND count
DESCRIPTION Count the number of lines in the command output.
ARGUMENTS This command has no arguments.
COMMAND csv
DESCRIPTION Display table output in CSV format.
ARGUMENTS This command has no arguments.
COMMAND de-select
DESCRIPTION Do not show a specified field in the command output.
ARGUMENTS
COMMAND debug
DESCRIPTION Display debug information.
ARGUMENTS This command has no arguments.
COMMAND details
DESCRIPTION Display the default values for commands in the running configuration.
ARGUMENTS This command has no arguments.
COMMAND display
DESCRIPTION Display options.
ARGUMENTS This command has no arguments.
COMMAND exclude
DESCRIPTION Exclude lines from the command output that match a string defined by a specified regular expression.
ARGUMENTS
COMMAND extended
DESCRIPTION Display referring entries or elements.
ARGUMENTS This command has no arguments.
COMMAND force
DESCRIPTION Log out any users who are locking the configuration.
ARGUMENTS This command has no arguments.
COMMAND hide
DESCRIPTION Hide display options.
ARGUMENTS This command has no arguments.
COMMAND include
DESCRIPTION Include only lines in the command output that contain the string defined by a specified regular expression.
ARGUMENTS
COMMAND linnum
DESCRIPTION Display a line number at the beginning of each line in the displayed output.
ARGUMENTS This command has no arguments.
COMMAND match-all
DESCRIPTION Display the command output that matches all command output filters.
ARGUMENTS This command has no arguments.
COMMAND match-any
DESCRIPTION Display the command output that matches any one of the the command output filters. This is the default behavior when matching command output.
ARGUMENTS This command has no arguments.
COMMAND more
DESCRIPTION Paginate the command output. This is the default behavior.
ARGUMENTS This command has no arguments.
COMMAND nomore
DESCRIPTION Do not paginate command output.
ARGUMENTS This command has no arguments.
COMMAND notab
DESCRIPTION Display tabular command output in a list instead of in a table. If the tabular command output is wider than the screen width, the output automatically displays in a list.
ARGUMENTS This command has no arguments.
COMMAND repeat
DESCRIPTION
Repeat the output of a show command periodically.
ARGUMENTS
COMMAND save
DESCRIPTION Save the command output text to a file.
ARGUMENTS
COMMAND select
DESCRIPTION Display selected fields in the command output.
ARGUMENTS
COMMAND sort-by
DESCRIPTION Display command output with values sorted in a specified field.
ARGUMENTS
COMMAND suppress-validate-warning-prompt
DESCRIPTION Suppress the validation warning prompt.
ARGUMENTS This command has no arguments.
COMMAND tab
DESCRIPTION Display tabular command output in table, even if the table is wider than the screen width. If the command output is wider than the screen width, wrap the output onto two or more lines.
ARGUMENTS This command has no arguments.
COMMAND tags
DESCRIPTION Display only statements with tags that match a pattern.
ARGUMENTS
COMMAND trace
DESCRIPTION Display trace information.
ARGUMENTS This command has no arguments.
COMMAND until
DESCRIPTION Display the command output, ending with the line that matches a specified string.
ARGUMENTS
COMMAND show SNMP-FRAMEWORK-MIB
DESCRIPTION Display information about the SNMP Management Architecture MIB.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the SNMP Engine information:
syscon-1-active# show SNMP-FRAMEWORK-MIB
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineID 80:00:61:81:05:01
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineBoots 1
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineTime 1632463
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineMaxMessageSize 50000
COMMAND show cli
DESCRIPTION Display the default CLI session settings.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the current default CLI session settings:
syscon-1-active# show cli
autowizard true
complete-on-space true
devtools false
display-level 99999999
history 100
idle-timeout 1800
ignore-leading-space false
leaf-prompting true
output-file terminal
paginate true
prompt1 \h\M#
prompt2 \h(\m)#
screen-length 57
screen-width 120
service prompt config true
show-defaults false
terminal xterm-256color
timestamp disable
COMMAND show cluster
DESCRIPTION Display the current state of the OpenShift cluster and the last 25 OpenShift events that have occurred during installation and during normal operation.
EXAMPLE
Display the current cluster state:
syscon-1-active# show cluster
NAME STATUS TIME CREATED ROLES CPU PODS MEMORY HUGEPAGES
--------------------------------------------------------------------------------------------
blade-1 Ready 2021-01-26T07:05:29Z compute 28 250 26112336Ki 102890Mi
blade-2 Ready 2021-01-26T07:05:29Z compute 28 250 26112336Ki 102890Mi
controller-1 Ready 2021-01-26T06:36:50Z infra,master - - - -
controller-2 Ready 2021-01-26T06:36:50Z infra,master - - - -
STAGE NAME STATUS
---------------------------------
AddingBlade Done
HealthCheck Done
HostedInstall Done
MasterAdditionalInstall Done
MasterInstall Done
NodeBootstrap Done
NodeJoin Done
Prerequisites Done
ServiceCatalogInstall Done
etcdInstall Done
cluster cluster-status summary-status "Openshift cluster is healthy, and all controllers and blades are ready."
INDEX STATUS
-----------------------------------------------------------------------------------------------------------------------
0 2021-01-26 06:12:18.325648 - Performing network-validations before installing cluster into openshift cluster.
1 2021-01-26 06:12:41.236284 - Installing controllers into openshift cluster.
2 2021-01-26 06:26:41.835981 - Cannot ping blade blade-1.chassis.local (192.0.2.1) [1].
3 2021-01-26 06:27:28.002906 - Cannot ping blade blade-2.chassis.local (192.0.2.2) [1].
4 2021-01-26 06:33:19.463460 - Can now ping blade blade-1.chassis.local (192.0.2.1).
5 2021-01-26 06:33:19.775967 - Can now ping blade blade-2.chassis.local (192.0.2.2).
6 2021-01-26 06:33:41.891690 - Successfully SSH'd to blade blade-2.chassis.local.
7 2021-01-26 06:33:52.639644 - Successfully SSH'd to blade blade-1.chassis.local.
8 2021-01-26 06:56:46.673298 - Controller 1 is ready in openshift cluster.
9 2021-01-26 06:56:46.673409 - Controller 2 is ready in openshift cluster.
10 2021-01-26 06:56:46.673439 - Openshift cluster is ready.
11 2021-01-26 06:57:10.948596 - Installation of controllers into openshift cluster succeeded.
12 2021-01-26 06:57:59.873283 - Blade 1 is being added to the openshift cluster.
13 2021-01-26 06:58:09.992015 - Blade 2 is being added to the openshift cluster.
14 2021-01-26 06:58:12.432213 - New blade(s) are ready join the cluster.
15 2021-01-26 06:58:13.191941 - Adding new blades into the Openshift cluster.
16 2021-01-26 07:06:09.967325 - Blade 1 is ready in openshift cluster.
17 2021-01-26 07:06:09.967406 - Blade 2 is ready in openshift cluster.
18 2021-01-26 07:12:22.252472 - Success adding new blades into the Openshift cluster,
19 2021-01-26 07:19:06.812622 - Orchestration manager transitioning to standby.
20 2021-01-26 07:20:35.970843 - Orchestration manager transitioning to active.
21 2021-01-26 07:24:26.013076 - Blade 1 is NOT ready in openshift cluster.
22 2021-01-26 07:24:50.259240 - Blade 1 is ready in openshift cluster.
23 2021-01-26 09:09:12.465617 - Invalid DNS server configured on controller-1.chassis.local.
24 2021-01-26 09:09:29.959390 - Found valid DNS configuration on controller-1.chassis.local.
COMMAND show cluster cluster-status
DESCRIPTION Display the current state of a specific OpenShift event that has occurred during installation and during normal operation.Nodes in the cluster.
ARGUMENTS
EXAMPLE
Display cluster event number 2:
syscon-1-active# show cluster cluster-status cluster-status 2
INDEX STATUS
-----------------------------------------------------------------------------
2 2021-03-02 00:03:44.551587 - Blade 7 is ready in openshift cluster.
COMMAND show cluster install-progress
DESCRIPTION Display the status of the OpenShift cluster installation, including the state of the various stages of the OpenShift installation.
ARGUMENTS
EXAMPLE
Display the installation progress of only the AddingBlade stage:
syscon-1-active# show cluster install-progress install-progress AddingBlade
STAGE NAME STATUS
---------------------
AddingBlade Done
Display the installation progress of the whole cluster:
syscon-1-active# show cluster install-progress
STAGE NAME STATUS
---------------------------------
AddingBlade Done
HealthCheck Done
HostedInstall Done
MasterAdditionalInstall Done
MasterInstall Done
NodeBootstrap Done
NodeJoin Done
Prerequisites Done
ServiceCatalogInstall Done
etcdInstall Done
COMMAND show cluster nodes
DESCRIPTION Display the status of nodes in the cluster, including the current state of the OpenShift cluster and the individual system controller or blade nodes within the cluster.
ARGUMENTS
EXAMPLES
Display only the status of blade-2:
syscon-1-active# show cluster nodes node blade-2
NAME STATUS TIME CREATED ROLES CPU PODS MEMORY HUGEPAGES
----------------------------------------------------------------------------------
blade-2 Ready 2021-02-26T19:20:15Z compute 28 250 26112340Ki 102890Mi
Display the status of all nodes:
syscon-1-active# show cluster nodes
NAME STATUS TIME CREATED ROLES CPU PODS MEMORY HUGEPAGES
--------------------------------------------------------------------------------------------
blade-1 Ready 2021-01-26T07:05:29Z compute 28 250 26112336Ki 102890Mi
blade-2 Ready 2021-01-26T07:05:29Z compute 28 250 26112336Ki 102890Mi
controller-1 Ready 2021-01-26T06:36:50Z infra,master - - - -
controller-2 Ready 2021-01-26T06:36:50Z infra,master - - - -
COMMAND show cluster orchestration-manager
DESCRIPTION Display the status of orchestration manager components in the cluster.
ARGUMENTS
true, the cluster is initialized. If the output is false, the cluster is not initialized.true, the cluster is ready. If the output is false, the cluster is not ready.true, HA is initialized. If the output is false, HA is not initialized.true, HA is ready. If the output is false, HA is not ready.EXAMPLE
Display the status of all orchestration manager components:
syscon-1-active# show cluster orchestration-manager
cluster orchestration-manager cluster-initialized true
cluster orchestration-manager cluster-ready true
cluster orchestration-manager active-node controller-1.chassis.local
cluster orchestration-manager etcd-ha-initialized true
cluster orchestration-manager etcd-ha-running true
ABLE ABLE
IN READY TO TO
INDEX NAME INSERTED CLUSTER CLUSTER PING SSH STATE
---------------------------------------------------------------------------------------
1 controller-1.chassis.local true true true true true In Cluster
2 controller-2.chassis.local true true true true true In Cluster
ABLE ABLE
IN READY TO TO PARTITION
INDEX NAME INSERTED CLUSTER CLUSTER PING SSH STATE LABEL
-----------------------------------------------------------------------------------------------
1 blade-1.chassis.local true true true true true In Cluster partition-1
2 blade-2.chassis.local true true true true true In Cluster partition-1
COMMAND show components
DESCRIPTION Display information about hardware inventory and firmware components.
ARGUMENTS
The availability of options for this command depends on which hardware component you are configuring.
running, and it changes to complete when the update completes. You can either leave off a specific firmware property to see all properties or specify one of these available options:EXAMPLES
Display details about psu-1:
syscon-1-active# show components component psu-1
components component psu-1
state serial-no 20003BPK0135
state part-no SPDFFIV-08
state empty false
Display software information on blade-1:
syscon-1# show components component blade-1 software
SOFTWARE INDEX VERSION
--------------------------------
blade-os 1.2.0-3019
partition-services 1.2.0-3019
Display all information about blade-1:
syscon-1# show components component blade-1
components component blade-1
state serial-no bld123456s
state part-no "400-0086-02 REV 2"
state empty false
state tpm-integrity-status Valid
state memory available 22674624512
state memory free 20161323008
state memory used-percent 83
state temperature current 31.0
state temperature average 31.0
state temperature minimum 30.0
state temperature maximum 32.0
UPDATE
NAME NAME VALUE CONFIGURABLE STATUS
------------------------------------------------------------------------------------------
QAT0 - Lewisburg C62X Crypto/Compression false -
QAT1 - Lewisburg C62X Crypto/Compression false -
QAT2 - Lewisburg C62X Crypto/Compression false -
fw-version-bios - 2.03.008.1 false -
fw-version-bios-me - 4.0.4.128 false -
fw-version-cpld - 05.04.00 false -
fw-version-lop-app - 1.00.928.0.1 false -
fw-version-lop-bootloader - 1.02.868.0.1 false -
storage state disks disk nvme0n1
state model "INTEL SSDPELKX010T8"
state vendor Intel
state version VCV10301
...
Show information about all firmware for blade-1 and verify that the fw-version-lop-app firmware has updated successfully:
syscon-1-active# show components component blade-1 properties
UPDATE
NAME NAME VALUE CONFIGURABLE STATUS
-----------------------------------------------------------------------
fw-version-bios - 1.21.168.1 - none
fw-version-bios-me - 4.0.4.112 false none
fw-version-cpld - 04.03.01 false none
fw-version-drive-nvme0n1 - unknown false none
fw-version-fpga-atse0 - 7.6.59.0 false none
fw-version-fpga-vqf0 - 8.6.63.33 false none
fw-version-lop-app - 1.00.928.0.1 - complete
fw-version-lop-bootloader - 1.02.868.0.1 false none
fw-version-sirr - 1.1.8 false none
COMMAND show configuration commit changes
DESCRIPTION Display changes that were made to the running configuration by previous configuration commits, including changes committed for a specified commit ID.
ARGUMENTS
EXAMPLES
Display information about the last commit:
syscon-1-active# show configuration commit changes
!
! Created by: admin
! Date: 2021-02-09 18:37:47
! Client: system
!
partitions partition default
config os-version 1.2.0-3019
config service-version 1.2.0-3019
!
Display information about commit ID 28:
syscon-1-active# show configuration commit changes 28
!
! Created by: admin
! Date: 2021-02-05 21:57:52
! Client: cli
!
partitions partition ConfdUpgradePartition
!
Display information about concurrent operations:
COMMAND show configuration commit list
DESCRIPTION Display information about the configuration commits stored in the commit database.
ARGUMENTS
EXAMPLE
Display information about the five most recent configuration commits:
syscon-1-active# show configuration commit list 5
2021-02-10 00:30:06
SNo. ID User Client Time Stamp Label Comment
~~~~ ~~ ~~~~ ~~~~~~ ~~~~~~~~~~ ~~~~~ ~~~~~~~
0 10001 admin system 2021-02-09 18:37:47
1 10026 admin system 2021-02-09 18:29:31
2 10025 system system 2021-02-09 18:24:40
3 10024 system system 2021-02-09 18:24:39
4 10023 system system 2021-02-09 18:24:39
COMMAND show configuration rollback changes
DESCRIPTION Display changes that would be made by the rollback configuration command or to display the list of commit IDs.
ARGUMENTS
EXAMPLE
Display changes that would be made by rolling back to the most recent configuration commit:
syscon-1-active# show configuration rollback changes
partitions partition default
config os-version 1.2.0-2954
config service-version 1.2.0-2954
!
COMMAND show ctrlr_status
DESCRIPTION Display the status of the current system controller.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the status of the current system controller:
syscon-1-active# show ctrlr_status
ctrlr_status chassis_num 1
COMMAND show file
DESCRIPTION Display information about the status of current file transfer operations and known hosts for file transfers.
ARGUMENTS
% No entries found. Every uploaded file includes a status. Available options include, but are not limited to, these statuses:EXAMPLES
Display information about an in-progress file transfer operation:
syscon-1-active# show file transfer-operations
file transfer-operations transfer-operation images/BIGIP-bigip15.1.x-15.1.5.ALL-VELOS.qcow2.zip 192.0.02.11 build/bigip/v15.1.x/daily/build146.0/VM/BIGIP-bigip15.1.x-15.1.5.ALL-VELOS.qcow2.zip "Import file" "HTTPS "
status "In Progress (12.0%)"
timestamp "Fri Jun 11 21:56:06 2021"
COMMAND show history
DESCRIPTION Display a history of commands run on the system controller.
ARGUMENTS
EXAMPLE
Display the last five commands that were run on the system controller:
syscon-1-active# show history
02-18 16:47:28 -- show cluster
02-18 16:47:43 -- show running-config partitions partition default
02-18 16:47:50 -- show cluster
02-18 16:51:31 -- show running-config partitions partition default
02-18 19:25:59 -- file transfer-status
COMMAND show image controller
DESCRIPTION Display information about the images on the system controllers, including their versions, dates, and whether they are in use.
ARGUMENTS
This command has no arguments.
EXAMPLE
Show all images on the system controllers:
syscon-1-active# show image controller
VERSION OS IN
CONTROLLER CONTROLLER STATUS DATE USE
---------------------------------------------------
1.2.0-3498 1 ready 2021-02-21 true
1.2.0-3414 1 ready 2021-02-17 false
VERSION
SERVICE IN
CONTROLLER CONTROLLER STATUS DATE USE
---------------------------------------------------
1.2.0-3498 1 ready 2021-02-21 true
1.2.0-3414 1 ready 2021-02-17 false
VERSION
ISO IN
CONTROLLER CONTROLLER STATUS DATE USE
---------------------------------------------------
1.2.0-3498 1 ready 2021-02-21 false
1.2.0-3414 1 ready 2021-02-17 false
COMMAND show image partition
DESCRIPTION Display information about the images on the partition.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display all images on the partitions:
syscon-1-active# show image partition
VERSION OS IN
PARTITION CONTROLLER STATUS DATE USE NAME ID
-----------------------------------------------------------------
1.2.0-3498 1 ready 2021-02-21 true default 1
1.2.0-3494 1 ready 2021-02-21 false
1.2.0-3414 1 ready 2021-02-17 true second 2
third 3
1.2.0-3354 1 ready 2021-02-16 false
1.0.0-12251 1 ready 2020-11-05 false
VERSION
SERVICE IN
PARTITION CONTROLLER STATUS DATE USE NAME ID
-----------------------------------------------------------------
1.2.0-3498 1 ready 2021-02-21 true default 1
1.2.0-3494 1 ready 2021-02-21 false
1.2.0-3414 1 ready 2021-02-17 true second 2
third 3
1.2.0-3354 1 ready 2021-02-16 false
1.0.0-12251 1 ready 2020-11-05 false
COMMAND show interfaces interface
DESCRIPTION Display information about chassis network interfaces. This includes options for link aggregation.
ARGUMENTS
The availability of options for this command depends on which interface you specify.
EXAMPLE
Display information about interface 1/1.1:
syscon-1-active# show interfaces interface lag1
interfaces interface 1/1.1
state name 1/1.1
state type ethernetCsmacd
state loopback-mode false
state enabled
state ifindex 10
state admin-status UP
state oper-status UP
state last-change 65986699140
state counters in-octets 7411812584
state counters in-pkts 17018405
state counters in-unicast-pkts 16294087
state counters in-broadcast-pkts 211701
state counters in-multicast-pkts 512617
state counters in-discards 1898
state counters in-errors 0
state counters in-unknown-protos 0
state counters in-fcs-errors 0
state counters out-octets 8311367596
state counters out-pkts 16766991
state counters out-unicast-pkts 8275243
state counters out-broadcast-pkts 3936076
state counters out-multicast-pkts 4555672
state counters out-discards 0
state counters out-errors 0
hold-time state up 0
hold-time state down 0
ethernet state mac-address 5a:a5:5a:01:01:01
ethernet state auto-negotiate true
ethernet state duplex-mode FULL
ethernet state port-speed SPEED_10GB
ethernet state enable-flow-control false
ethernet state hw-mac-address 5a:a5:5a:01:01:01
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 2582667
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
COMMAND show interfaces interface <interface-name> aggregation state
DESCRIPTION Show the aggregation state for an interface.
ARGUMENTS
These options are available:
COMMAND show interfaces interface <interface-name> ethernet state
DESCRIPTION Show the ethernet state for an interface.
ARGUMENTS
These options are available:
COMMAND show interfaces interface <interface-name> hold-time state
DESCRIPTION Show the hold-time state for an interface.
ARGUMENTS
These options are available:
COMMAND show interfaces interface <interface-name> state
DESCRIPTION Show the hold-time state for an interface.
ARGUMENTS
These options are available:
COMMAND show interfaces interface <interface-name> subinterfaces subinterface
DESCRIPTION Show configured subinterfaces for a specified interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND
show lacp
DESCRIPTION
Display the current LACP configuration and state information for global and all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display one level of information about LACP interfaces:
syscon-1-active# show lacp displaylevel 1
lacp interfaces interface cplagg_1.1
lacp interfaces interface cplagg_1.10
lacp interfaces interface cplagg_1.11
lacp interfaces interface cplagg_1.12
COMMAND
show lacp interfaces
DESCRIPTION
Display the current LACP state for all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND
show lacp interfaces interface
DESCRIPTION
Display the current LACP config and state information for an LACP interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display information about the cplagg_1.1 interface:
syscon-1-active# show lacp interfaces interface cplagg_1.1
lacp interfaces interface cplagg_1.1
state name cplagg_1.1
state interval FAST
state lacp-mode ACTIVE
PARTNER LACP LACP LACP LACP LACP
SYSTEM OPER PARTNER PORT PORT IN OUT RX TX UNKNOWN LACP
INTERFACE INTERFACE ACTIVITY TIMEOUT SYNCHRONIZATION AGGREGATABLE COLLECTING DISTRIBUTING ID KEY PARTNER ID KEY NUM NUM PKTS PKTS ERRORS ERRORS ERRORS ERRORS
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1/1.1 - ACTIVE SHORT IN_SYNC true true true - 2 0:a:49:ff:80:12 - 4225 2 774811 774113 0 - - -
2/1.1 - ACTIVE SHORT IN_SYNC true true true - 2 0:a:49:ff:80:12 - 8321 4 774810 774111 0 - - -
COMMAND
show lacp state
DESCRIPTION
Display global LACP state information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND show parser
DESCRIPTION Display information about available commands and their syntax.
ARGUMENTS
EXAMPLES
Display information about all commands:
syscon-1-active# show parser dump
autowizard [false/true]
cd <Dir>
cd
clear history
commit [confirm/abort]
commit [confirm/abort] persist-id <id>
commit
commit persist-id <id>
compare file <File> [brief]
compare file <File> [brief] SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry
compare file <File> [brief] SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry
compare file <File> [brief] SNMP-USER-BASED-SM-MIB usmUserTable usmUserEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmAccessTable vacmAccessEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmViewTreeFamilyTable vacmViewTreeFamilyEntry
compare file <File> [brief] SNMPv2-MIB snmp snmpEnableAuthenTraps
compare file <File> [brief] SNMPv2-MIB system sysContact
compare file <File> [brief] SNMPv2-MIB system sysLocation
compare file <File> [brief] SNMPv2-MIB system sysName
compare file <File> [brief] components component
compare file <File> [brief] image controller config iso iso
compare file <File> [brief] image controller config os os
compare file <File> [brief] image controller config services service
compare file <File> [brief] image partition config iso iso
compare file <File> [brief] image partition config os os
compare file <File> [brief] image partition config services service
compare file <File> [brief] interfaces interface
compare file <File> [brief] lacp config
compare file <File> [brief] lacp interfaces interface
compare file <File> [brief] partitions partition
compare file <File> [brief] slots slot
compare file <File> [brief] system aaa authentication config
compare file <File> [brief] system aaa authentication ldap bind_timelimit
compare file <File> [brief] system aaa authentication ldap idle_timelimit
compare file <File> [brief] system aaa authentication ldap ldap_version
compare file <File> [brief] system aaa authentication ldap ssl
compare file <File> [brief] system aaa authentication ldap timelimit
compare file <File> [brief] system aaa authentication ldap tls_reqcert
compare file <File> [brief] system aaa authentication roles role
compare file <File> [brief] system aaa authentication users user
compare file <File> [brief] system aaa password-policy config apply-to-root
compare file <File> [brief] system aaa password-policy config max-age
compare file <File> [brief] system aaa password-policy config max-login-failures
compare file <File> [brief] system aaa password-policy config min-length
compare file <File> [brief] system aaa password-policy config reject-username
compare file <File> [brief] system aaa password-policy config required-differences
compare file <File> [brief] system aaa password-policy config required-lowercase
compare file <File> [brief] system aaa password-policy config required-numeric
compare file <File> [brief] system aaa password-policy config required-special
compare file <File> [brief] system aaa password-policy config required-uppercase
compare file <File> [brief] system aaa password-policy config retries
compare file <File> [brief] system aaa password-policy config root-lockout
compare file <File> [brief] system aaa password-policy config root-unlock-time
compare file <File> [brief] system aaa password-policy config unlock-time
--More--
Display information only about the commit command:
syscon-1-active# show parser dump commit
commit [confirm/abort]
commit [confirm/abort] persist-id <id>
commit
commit persist-id <id>
COMMAND show partitions partition
DESCRIPTION Display information about partitions.
ARGUMENTS
true to enable a partition. The default is false.EXAMPLE
Display information about the default partition:
syscon-1-active# show partitions partition default
RUNNING
BLADE OS SERVICE PARTITION SERVICE STATUS
NAME ID VERSION VERSION CONTROLLER STATUS VERSION AGE
----------------------------------------------------------------------------------------
default 1 1.2.0-7507 1.2.0-7507 1 running-active 1.2.0-7507 19h
2 running-standby 1.2.0-7507 19h
test 2 1.2.0-7091 1.2.0-7091 1 running-active 1.2.0-7091 19h
2 running-standby 1.2.0-7091 19h
COMMAND show restconf-state
DESCRIPTION Display capabilities supported by the RESTCONF server.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display all supported capabilities:
syscon-1-active# show restconf-state
restconf-state capabilities capability urn:ietf:params:restconf:capability:defaults:1.0?basic-mode=explicit
restconf-state capabilities capability urn:ietf:params:restconf:capability:depth:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:fields:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:with-defaults:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:filter:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:replay:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:yang-patch:1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/collection/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/query-api/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/unhide/1.0
COMMAND show running-config
DESCRIPTION Display the current configuration. By default, the whole configuration is displayed. You can limit what is shown by supplying a pathfilter. The pathfilter may be either a path pointing to a specific instance, or if an instance id is omitted, the part following the omitted instance is treated as a filter.
ARGUMENTS
For information about these arguments, see these sections on the controller show-SNMP-FRAMEWORK-MIB page.
EXAMPLE
Display the current running configuration for partitions:
syscon-1-active# show running-config partitions
partitions partition ConfdUpgradePartition
!
partitions partition default
config enabled
config os-version 1.2.0-3019
config service-version 1.2.0-3019
config pxe-server internal
config mgmt-ip ipv4 address 192.0.2.57
config mgmt-ip ipv4 prefix-length 24
config mgmt-ip ipv4 gateway 192.0.2.254
!
partitions partition new
!
partitions partition none
config disabled
!
partitions partition second
config enabled
config iso-version 1.2.0-2954
config pxe-server internal
config mgmt-ip ipv4 address 192.0.2.50
config mgmt-ip ipv4 prefix-length 24
config mgmt-ip ipv4 gateway 192.0.2.254
!
partitions partition third
config enabled
config iso-version 1.2.0-2954
config pxe-server internal
config mgmt-ip ipv4 address 192.0.2.48
config mgmt-ip ipv4 prefix-length 24
config mgmt-ip ipv4 gateway 192.0.2.254
!
COMMAND show system aaa
DESCRIPTION Display system user authentication information, including information about roles, users, primary key, server groups, and TLS.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the default system accounts:
syscon-1-active# show system aaa authentication
LAST TALLY EXPIRY
USERNAME CHANGE COUNT DATE ROLE
----------------------------------------
admin 18000 0 -1 admin
root 18000 0 -1 root
ROLENAME GID USERS
--------------------------
admin 9000 -
limited 9999 -
operator 9001 -
partition_1 9101 -
partition_2 9102 -
partition_3 9103 -
partition_4 9104 -
partition_5 9105 -
partition_6 9106 -
partition_7 9107 -
partition_8 9108 -
root 0 -
ts_admin 9100 -
user 9002 -
Display information for the primary key:
syscon-1-active# show system aaa primary-key
system aaa primary-key state hash gzkudf6usf73hstFja9bltIkd895y6SuxG4IW8VjDoykCjQCToezcifAE/Ro96Kyd7G/MCwIfreuU7wYrqcxxg==
system aaa primary-key state status None
Show the TLS certificate:
syscon-1-active# show system aaa tls state certificate
Show the current CRLs in the system:
syscon-1-active# show system aaa tls crls crl
COMMAND show system alarms
DESCRIPTION Display information about system alarms.
EXAMPLE
Display active alarm conditions:
syscon-1-active# show system alarms
ID RESOURCE SEVERITY TEXT TIME CREATED
--------------------------------------------------------------------------------------------------
65793 psu-1 ERROR PSU fault detected 2020-08-31 10:39:12.113796318 UTC
65536 controller-1 CRITICAL Hardware device fault detected 2020-08-31 11:37:44.190637453 UTC
COMMAND show system appliance-mode
DESCRIPTION Check the current state of appliance mode. It can be either enabled or disabled.
EXAMPLE
Display the current state of appliance mode:
syscon-1-active# show system appliance-mode
system appliance-mode state disabled
COMMAND show system blade-power
DESCRIPTION Display power requested and allocated for each blade in the chassis.
EXAMPLES
Display the requested and allocated power only for blade 1:
syscon-1-active# show system blade-power allocation 1
SLOT REQUESTED ALLOCATED
NUM POWER POWER
----------------------------
1 390 390
Display the requested and allocated power for all blades in the chassis:
syscon-1-active# show system blade-power
system blade-power total available 4555
system blade-power total requested 3120
system blade-power total allocated 3120
SLOT REQUESTED ALLOCATED
NUM POWER POWER
----------------------------
1 390 390
2 390 390
3 390 390
4 390 390
5 390 390
6 390 390
7 390 390
8 390 390
COMMAND show system chassis-macs
DESCRIPTION Display assigned MAC addresses for system components, such as physical front panel ports, LAGs, tenants, networking usage, and partition management.
EXAMPLES
Display the base chassis MAC address:
syscon-1-active# show system chassis-macs base
system chassis-macs base 0014a28e5c01
Display MAC addresses for partitions:
syscon-1-active# show system chassis-macs partitions
IDENTIFIER OFFSET MAC ADDRESS
---------------------------------------
1 8 00:11:b2:c3:4d:08
9 00:11:b2:c3:4d:09
10 00:11:b2:c3:4d:0a
11 00:11:b2:c3:4d:0b
12 00:11:b2:c3:4d:0c
13 00:11:b2:c3:4d:0d
14 00:11:b2:c3:4d:0e
15 00:11:b2:c3:4d:0f
16 00:11:b2:c3:4d:10
17 00:11:b2:c3:4d:11
18 00:11:b2:c3:4d:12
19 00:11:b2:c3:4d:13
20 00:11:b2:c3:4d:14
21 00:11:b2:c3:4d:15
22 00:11:b2:c3:4d:16
23 00:11:b2:c3:4d:17
2 24 00:11:b2:c3:4d:18
25 00:11:b2:c3:4d:19
26 00:11:b2:c3:4d:1a
27 00:11:b2:c3:4d:1b
28 00:11:b2:c3:4d:1c
29 00:11:b2:c3:4d:1d
30 00:11:b2:c3:4d:1e
31 00:11:b2:c3:4d:1f
32 00:11:b2:c3:4d:20
33 00:11:b2:c3:4d:21
34 00:11:b2:c3:4d:22
35 00:11:b2:c3:4d:23
36 00:11:b2:c3:4d:24
37 00:11:b2:c3:4d:25
38 00:11:b2:c3:4d:26
39 00:11:b2:c3:4d:27
COMMAND show system clock
DESCRIPTION Display the current time zone name configured for the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display the currently-configured time zone name:
syscon-1-active# show system clock
system clock state timezone-name Pacific
COMMAND show system clock state controllers controller
DESCRIPTION Display the current time zone name configured for the system controllers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the current time for all system controllers:
syscon-1-active# show system clock state controllers controller
CONTROLLER DATE TIME
-----------------------------------------
1 2021-07-11 04:22:48 Etc/UTC
2 2021-07-11 04:22:48 Etc/UTC
Display the current time only for system controller 2:
syscon-1-active# show system clock state controllers controller 2
CONTROLLER DATE TIME
-----------------------------------------
2 2021-07-11 04:23:01 Etc/UTC
COMMAND show system database state reset-default-config
DESCRIPTION
Display whether the reset-default-config flag is enabled in the system configuration.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the status of the reset-default-config flag in the system configuration:
syscon-1-active# show system database state reset-default-config
system database state reset-default-config false
COMMAND show system diagnostics
DESCRIPTION Display iHealth information.
EXAMPLE
Display the iHealth configuration for the system:
syscon-1-active# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system dns
DESCRIPTION Display information about DNS servers configured for the system controller to use.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display all configured DNS servers:
syscon-1-active# show system dns
ADDRESS ADDRESS PORT
-----------------------------
192.0.2.100 - 53
192.0.2.100 - 53
COMMAND show system events
DESCRIPTION Display information about system events.
EXAMPLE
Display system events and do not paginate command output:
syscon-1-active# show system events | nomore
LOG
----------------------------------------------------------------------------------------------------------------------------------------
66048 controller-2 arbitration-state EVENT NA "Deasserted: peer arbitration health state" "2020-08-30 06:19:03.868597381 UTC"
66048 controller-2 arbitration-state EVENT NA "Deasserted: peer arbitration request-active state" "2020-08-30 06:19:03.880859476 UTC"
66048 controller-2 arbitration-state EVENT NA "Deasserted: peer arbitration grant-active state" "2020-08-30 06:19:03.892291984 UTC"
66048 controller-2 arbitration-state EVENT NA "Asserted: local arbitration health state" "2020-08-30 06:19:03.903104866 UTC"
66048 controller-2 arbitration-state EVENT NA "Asserted: local arbitration grant-active state" "2020-08-30 06:19:49.863635400 UTC"
66048 controller-2 arbitration-state EVENT NA "Asserted: local arbitration request-active state" "2020-08-30 06:19:53.619701519 UTC"
65793 psu-3 psu-fault EVENT NA "Deasserted: PSU 3 input OK" "2020-08-30 06:19:53.916775247 UTC"
65793 psu-3 psu-fault EVENT NA "Deasserted: PSU 3 output OK" "2020-08-30 06:19:53.977790694 UTC"
65793 psu-4 psu-fault EVENT NA "Deasserted: PSU 4 input OK" "2020-08-30 06:19:54.036836768 UTC"
65793 psu-4 psu-fault EVENT NA "Deasserted: PSU 4 output OK" "2020-08-30 06:19:54.097780931 UTC"
65792 lcd lcd-fault ASSERT ERROR "Fault detected in LCD module" "2020-08-30 06:20:01.867643203 UTC"
65792 lcd lcd-fault EVENT NA "LCD is in fault state" "2020-08-30 06:20:01.867670273 UTC"
65792 lcd lcd-fault CLEAR ERROR "Fault detected in LCD module" "2020-08-30 06:21:27.989430027 UTC"
66048 controller-2 arbitration-state EVENT NA "Asserted: peer arbitration request-active state" "2020-08-30 06:21:37.864662916 UTC"
66048 controller-2 arbitration-state EVENT NA "Asserted: peer arbitration health state" "2020-08-30 06:21:37.875784916 UTC"
66048 controller-1 arbitration-state EVENT NA "Deasserted: local arbitration health state" "2020-08-30 06:21:34.082963396 UTC"
66048 controller-1 arbitration-state EVENT NA "Deasserted: local arbitration request-active state" "2020-08-30 06:21:34.088761802 UTC"
66048 controller-1 arbitration-state EVENT NA "Deasserted: local arbitration grant-active state" "2020-08-30 06:21:36.016797509 UTC"
66048 controller-1 arbitration-state EVENT NA "Asserted: peer arbitration health state" "2020-08-30 06:21:36.022922816 UTC"
66048 controller-1 arbitration-state EVENT NA "Asserted: local arbitration health state" "2020-08-30 06:21:36.028852414 UTC"
66048 controller-1 arbitration-state EVENT NA "Asserted: local arbitration request-active state" "2020-08-30 06:21:36.035580745 UTC"
66048 controller-1 arbitration-state EVENT NA "Asserted: peer arbitration request-active state" "2020-08-30 06:21:38.025136766 UTC"
66048 controller-1 arbitration-state EVENT NA "Asserted: peer arbitration grant-active state" "2020-08-30 06:21:38.032655297 UTC"
66048 controller-2 arbitration-state EVENT NA "Deasserted: peer arbitration request-active state" "2020-08-30 06:21:41.864925695 UTC"
66048 controller-1 arbitration-state EVENT NA "Deasserted: local arbitration request-active state" "2020-08-30 06:21:42.018737589 UTC"
COMMAND show system health
DESCRIPTION Display health information about system components.
ARGUMENTS
The availability of options for this command depends on the hardware component for which you want to view health information.
EXAMPLES
Display high-level hardware health state for controller-1:
syscon-1-active# show system health components component controller-1 hardware state | nomore
KEY NAME HEALTH SEVERITY
-----------------------------------------------------------------------------------------------
controller/hardware/cpu cpu-1 ok info
controller/hardware/cpu/pcie PCIe BUS ok info
controller/hardware/drives Storage Subsystem ok info
controller/hardware/drives/nvme0n1 drive-1 ok info
controller/hardware/lop Controller LOP ok info
controller/hardware/memory Memory ok info
controller/hardware/switch Controller Switch Subsystem ok notice
controller/hardware/switch/switch0 Control Plane Switch 0 ok info
controller/hardware/switch/switch0/hg0 Port hg0 --> Peer Controller ok info
controller/hardware/switch/switch0/hg1 Port hg1 --> Peer Controller ok info
controller/hardware/switch/switch0/xe0 Port xe0 --> slot3 ok info
controller/hardware/switch/switch0/xe1 Port xe1 --> slot4 ok info
controller/hardware/switch/switch0/xe10 Port xe10 --> CPU control plane 01 ok info
controller/hardware/switch/switch0/xe11 Port xe11 --> CPU control plane 02 ok info
controller/hardware/switch/switch0/xe2 Port xe2 --> slot7 ok info
controller/hardware/switch/switch0/xe3 Port xe3 --> slot8 ok info
controller/hardware/switch/switch0/xe4 Port xe4 --> slot1 ok info
controller/hardware/switch/switch0/xe5 Port xe5 --> slot2 ok info
controller/hardware/switch/switch0/xe6 Port xe6 --> slot5 ok info
controller/hardware/switch/switch0/xe7 Port xe7 --> slot6 ok info
controller/hardware/switch/switch0/xe8 Port xe8 --> front-panel mgmt ok info
controller/hardware/switch/switch0/xe9 Port xe9 --> CPU control plane 00 ok info
controller/hardware/switch/switch1 Data Plane Switch 1 ok notice
controller/hardware/switch/switch1/hg0 Port hg0 --> slot1 ok info
controller/hardware/switch/switch1/hg1 Port hg1 --> slot1 ok notice
controller/hardware/switch/switch1/hg10 Port hg10 --> slot3 ok notice
controller/hardware/switch/switch1/hg11 Port hg11 --> slot3 ok info
controller/hardware/switch/switch1/hg12 Port hg12 --> slot6 ok info
controller/hardware/switch/switch1/hg13 Port hg13 --> slot6 ok notice
controller/hardware/switch/switch1/hg14 Port hg14 --> slot2 ok info
controller/hardware/switch/switch1/hg15 Port hg15 --> slot2 ok notice
controller/hardware/switch/switch1/hg2 Port hg2 --> slot5 ok info
controller/hardware/switch/switch1/hg3 Port hg3 --> slot5 ok notice
controller/hardware/switch/switch1/hg4 Port hg4 --> slot8 ok notice
controller/hardware/switch/switch1/hg5 Port hg5 --> slot8 ok info
controller/hardware/switch/switch1/hg6 Port hg6 --> slot4 ok notice
controller/hardware/switch/switch1/hg7 Port hg7 --> slot4 ok info
controller/hardware/switch/switch1/hg8 Port hg8 --> slot7 ok notice
controller/hardware/switch/switch1/hg9 Port hg9 --> slot7 ok info
controller/hardware/switch/switch1/xe0 Port xe0 --> CPU data plane 00 ok info
Display health information about system memory:
syscon-1-active# show system health components component controller-1 hardware controller/hardware/memory
hardware controller/hardware/memory
state name Memory
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------
memory:sensor:temperature Memory temperature (C) ok info 32.75 2021-06-11T10:34:26Z
rasdaemon:mc:corrected:event RAS Daemon MC corrected event ok info 2021-06-11T10:24:21Z
rasdaemon:mc:fatal:event RAS Daemon MC fatal event ok info 2021-06-11T10:24:21Z
rasdaemon:mc:uncorrected:event RAS Daemon MC uncorrected event ok info 2021-06-11T10:24:21Z
Display the status of the tcpdump service on the blades:
syscon-1-active# show system health components component services blade/services/tcpdumpd
system health components component blade-1
services blade/services/tcpdumpd
state name tcpdumpd
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2021-06-17T07:13:48Z
container:event:die Container die event ok info 0 2021-07-12T17:43:23Z
container:event:exec-create Container exec create event ok info 0 2021-07-12T15:56:52Z
container:event:exec-detach Container exec detach event ok info 0 2021-06-17T07:13:48Z
container:event:exec-die Container exec die event ok info 0 2021-06-17T07:13:48Z
container:event:exec-start Container exec start event ok info 0 2021-07-12T15:56:52Z
container:event:kill Container kill event ok info 0 2021-07-12T17:43:23Z
container:event:restart Container restart event ok info 0 2021-07-12T17:48:26Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2021-06-17T07:13:48Z
container:event:start Container start event ok info 0 2021-06-17T07:13:48Z
container:event:stop Container stop event ok info 0 2021-07-12T17:43:23Z
container:running Container running ok info true 2021-07-13T14:24:26Z
system health components component blade-2
services blade/services/tcpdumpd
state name tcpdumpd
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2021-06-17T07:13:47Z
container:event:die Container die event ok info 0 2021-07-13T14:24:52Z
container:event:exec-create Container exec create event ok info 0 2021-07-12T15:56:55Z
container:event:exec-detach Container exec detach event ok info 0 2021-06-17T07:13:47Z
container:event:exec-die Container exec die event ok info 0 2021-06-17T07:13:47Z
container:event:exec-start Container exec start event ok info 0 2021-07-12T15:56:55Z
container:event:kill Container kill event ok info 0 2021-07-13T14:24:52Z
container:event:restart Container restart event ok info 0 2021-07-12T17:47:13Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2021-06-17T07:13:47Z
container:event:start Container start event ok info 0 2021-06-17T07:13:47Z
container:event:stop Container stop event ok info 0 2021-07-13T14:24:52Z
container:running Container running ok info true 2021-07-13T14:24:52Z
...
Display a brief summary of health information for blade-1:
syscon-1-active# show system health summary components component blade-1
COMPONENT COMPONENT COMPONENT ATTRIBUTE ATTRIBUTE ATTRIBUTE ATTRIBUTE ATTRIBUTE UPDATED
NAME NAME HEALTH SEVERITY NAME DESCRIPTION HEALTH SEVERITY VALUE AT
---------------------------------------------------------------------------------------------------------
blade-1 - ok notice
COMMAND show system image
DESCRIPTION Display information about the installed image on the system controllers.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the currently-installed image on the system controllers:
syscon-1-active# show system image
SERVICE ISO INSTALL
NUMBER OS VERSION VERSION VERSION STATUS
--------------------------------------------------
1 1.2.0-3498 1.2.0-3456 - none
2 1.2.0-3498 1.2.0-3456 - none
COMMAND show system licensing
DESCRIPTION Display information about system license.
EXAMPLE
Display information about the license activated on the system (Note that actual license key values are not shown below):
syscon-1-active# show system licensing
system licensing license
Licensed version 7.4.0
Registration Key XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX
Licensed date 2020/08/29
License start 2020/05/05
License end 2020/09/29
Service check date 2020/08/30
Platform ID F101
Appliance SN chs600103s
Active Modules
Local Traffic Manager, CX410 (XXXXXXX-XXXXXXX)
Best Bundle, CX410
APM-Lite
Advanced Routing
Carrier Grade NAT (AFM ONLY)
Max Compression, CX410
Rate Shaping
Max SSL, CX410
Anti-Virus Checks
Base Endpoint Security Checks
Firewall Checks
Machine Certificate Checks
Network Access
Protected Workspace
Secure Virtual Keyboard
APM, Web Application
App Tunnel
Remote Desktop
COMMAND show system logging
DESCRIPTION Display information about remote logging.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND show system mgmt-ip
DESCRIPTION Display information about all configured management IP addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about all configured management IP addresses:
syscon-1-active# show system mgmt-ip state floating
system mgmt-ip state floating ipv4-address 192.0.2.131
system mgmt-ip state floating ipv6-address ::
syscon-1-active# show system mgmt-ip
system mgmt-ip state floating ipv4-address 192.0.2.131
system mgmt-ip state floating ipv6-address ::
IPV4 IPV6
PREFIX IPV6 PREFIX IPV6
CONTROLLER IPV4 ADDRESS LENGTH IPV4 GATEWAY ADDRESS LENGTH GATEWAY
------------------------------------------------------------------------------
1 192.0.2.239 24 192.0.2.254 :: 0 ::
2 192.0.2.226 24 192.0.2.254 :: 0 ::
COMMAND system mgmt-ip state fixed-addresses
DESCRIPTION Display information about all fixed management IP addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about the fixed management IP addresses:
syscon-1-active# show system mgmt-ip state fixed-addresses
IPV4 IPV6
PREFIX IPV6 PREFIX IPV6
CONTROLLER IPV4 ADDRESS LENGTH IPV4 GATEWAY ADDRESS LENGTH GATEWAY
------------------------------------------------------------------------------
1 192.0.2.239 24 192.0.2.254 :: 0 ::
2 192.0.2.226 24 192.0.2.254 :: 0 ::
COMMAND system mgmt-ip state floating
DESCRIPTION Display information about the floating management IP addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about the floating management IP addresses:
syscon-1-active# show system mgmt-ip state floating
system mgmt-ip state floating ipv4-address 192.0.2.131
system mgmt-ip state floating ipv6-address ::
COMMAND show system network
DESCRIPTION Display information about the configured and active internal network addresses.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display information about the currently-configured internal network:
syscon-1-active# show system network
system network state configured-network-range-type RFC6598
system network state configured-network-range 100.64.0.0/12
system network state configured-chassis-id 1
system network state active-network-range-type RFC6598
system network state active-network-range 100.64.0.0/12
system network state active-chassis-id 1
COMMAND show system ntp
DESCRIPTION Display the current state of the Network Time Protocol (NTP) service.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display the current state of NTP on the system:
syscon-1-active# show system ntp
system ntp state disabled
COMMAND show system ntp ntp-keys
DESCRIPTION Display a list of configured NTP authentication keys.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND show system ntp servers
DESCRIPTION Displays a list of configured NTP servers.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display configured NTP servers:
syscon-1-active# show system ntp servers
ASSOCIATION ROOT ROOT POLL
ADDRESS ADDRESS PORT VERSION TYPE IBURST PREFER STRATUM DELAY DISPERSION OFFSET INTERVAL
--------------------------------------------------------------------------------------------------------------------------
time.f5net.com time.f5net.com 123 4 SERVER true true - - - - -
COMMAND show system redundancy
DESCRIPTION Display information about system controller redundancy.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the currently-configured redundancy mode for the system controllers:
syscon-1-active# show system redundancy
system redundancy state mode auto
system redundancy state current-active controller-2
NAME NAME
--------------------
controller-1 -
controller-2 -
COMMAND show system remote-console
DESCRIPTION Display information about active console sessions.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display active console sessions:
syscon-1-active# show system remote-console
SLOT SLOT CONNECTED
NUM DESCRIPTION CONNECTED VIA AS
-------------------------------------------------------
1 Blade in slot 1 System Controller 1 admin
COMMAND show system
DESCRIPTION Display information about the system, such as domain name, login banner, and hostname.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the current date and time:
syscon-1-active# show system state current-datetime
Display the domain name for the system:
syscon-1-active# show system state domain-name
Display the hostname for the system:
syscon-1-active# show system state hostname
Display the login banner for the system:
syscon-1-active# show system state login-banner
Display the message of the day banner for the system:
syscon-1-active# show system state motd-banner
COMMAND
SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry <community-name> snmpCommunityName <community-name> snmpCommunitySecurityName <community-name>
DESCRIPTION Configure an SNMP community.
ARGUMENTS
EXAMPLE
Configure the SNMP community name to be test_community:
default-1(config)# SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry test_community snmpCommunityName test_community snmpCommunitySecurityName test_community
COMMAND
SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry <vacmSecurityModel> <community_name> vacmGroupName <group-name>
DESCRIPTION Configure SNMP VIEW BASED ACM for the given community. This configuration maps a combination of securityModel and securityName into a groupName that is used to define an access control policy for a group of principals.
ARGUMENTS
1 for SNMP v1, and the default value is 2 for SNMP v2c.Note: Use group-name as read-access while configuring the SNMP VACM.
EXAMPLE
Configure the SNMP v2c VACM read access group for community test_community:
default-1(config)# SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry 2 test_community vacmGroupName read-access
EXAMPLE
Configure the SNMP v1 VACM read access group for community test_community:
default-1(config)# SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry 1 test_community vacmGroupName read-access
IMPORTANT: To enable SNMP Traps, a DUT is required when configuring with snmpNotifyTable, snmpTargetParamsTable, and snmpTargetAddrTable, as shown below.
COMMAND
SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry <snmpNotifyName> snmpNotifyTag <snmpNotifyName> snmpNotifyType trap
DESCRIPTION Configure the SNMP NOTIFICATION MIB Table. This table is used to select management targets that should receive notifications, as well as the type of notification that should be sent to each selected management target.
ARGUMENTS
EXAMPLE
Configure the SNMP NOTIFICATION MIB entry to be v2_trap for trap notifications:
default-1(config)# SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry v2_trap snmpNotifyTag v2_trap snmpNotifyType trap
COMMAND
SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry <snmpTargetParamsName> snmpTargetParamsMPModel <snmpTargetParamsMPModel> snmpTargetParamsSecurityModel <snmpTargetParamsSecurityModel> snmpTargetParamsSecurityName <snmpTargetParamsSecurityName> snmpTargetParamsSecurityLevel <snmpTargetParamsSecurityLevel>
DESCRIPTION Configure the SNMP-TARGET-MIB snmpTargetParamsTable. This table is used in the generation of SNMP messages.
ARGUMENTS
**Note:** snmpTargetParamsMPModel = SNMPv1(0), SNMPv2c(1)
**Note:** snmpTargetParamsSecurityModel = ANY(0), SNMPv1(1), SNMPv2c(2)
**Note:** This must be one of the configured SNMP communities.
**Note:** This must be `noAuthNoPriv` for SNMP v1 and v2c.
EXAMPLES
Configure the SNMP snmpTargetParamsTable to be group2 for SNMP v2 model with test_community:
default-1(config)# SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry group2 snmpTargetParamsMPModel 1 snmpTargetParamsSecurityModel 2 snmpTargetParamsSecurityName test_community snmpTargetParamsSecurityLevel noAuthNoPriv
Configure the SNMP snmpTargetParamsTable to be group1 for SNMP v1 model with test_community:
default-1(config)# SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry group1 snmpTargetParamsMPModel 0 snmpTargetParamsSecurityModel 1 snmpTargetParamsSecurityName test_community snmpTargetParamsSecurityLevel noAuthNoPriv
COMMAND
SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry <snmpTargetAddrName> snmpTargetAddrTDomain <snmpTargetAddrTDomain> snmpTargetAddrTAddress <snmpTargetAddrTAddress> snmpTargetAddrTagList <snmpTargetAddrTagList> snmpTargetAddrParams <snmpTargetAddrParams>
DESCRIPTION Configure the SNMP-TARGET-MIB snmpTargetAddrTable. This table is used to select management targets that should receive notifications, as well as the type of notification that should be sent to each selected management target.
ARGUMENTS
**Note:** Use OID 1.3.6.1.6.1.1 for IPv4 and 1.3.6.1.2.1.100.1.2 for IPv6.
**Note:**
For an IPv4 address, the value should be ipv4 + port (6 dot-separated octets).
For an IPv6 address, the value should be ipv6 + port (18 dot-separated octets).
**Note:** This value must be one of the configured snmpNotifyTable rows (snmpNotifyName).
EXAMPLES
Configure the SNMP snmpTargetAddrTable to be v2_trap with ipv4 address x.x.x.x and port 6011:
Port Octet Conversion:
6011 >> 8 = 23 (1st octet)
6011 & 255 = 123 (2nd octet)
default-1(config)# SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry v2_trap snmpTargetAddrTDomain 1.3.6.1.6.1.1 snmpTargetAddrTAddress x.x.x.x.23.123 snmpTargetAddrTagList v2_trap snmpTargetAddrParams group2
Configure the SNMP snmpTargetAddrTable to be v1_trap with ipv4 address x.x.x.x and port 6011:
default-1(config)# SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry v1_trap snmpTargetAddrTDomain 1.3.6.1.6.1.1 snmpTargetAddrTAddress x.x.x.x.23.123 snmpTargetAddrTagList v1_trap snmpTargetAddrParams group1
COMMAND abort
DESCRIPTION Abort a configuration session.
ARGUMENTS This command has no arguments.
COMMAND annotate
DESCRIPTION Associate an annotation (comment) with a given configuration or validation statement or pattern. To remove an annotation, leave the text empty.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND commit
DESCRIPTION Commit the current set of changes.
ARGUMENTS
persist-id argument.COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND copy
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND describe
DESCRIPTION Display detailed information about a command.
ARGUMENTS
COMMAND do
DESCRIPTION Run a command in operational (user) mode.
ARGUMENTS
COMMAND end
DESCRIPTION Exit configuration mode. If no changes have been made, you are prompted to save the changes before exiting configuration mode.
ARGUMENTS
COMMAND exit
DESCRIPTION Exit from the current mode in the configuration or exit configuration mode completely.
ARGUMENTS
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND insert
DESCRIPTION Insert a parameter or element.
ARGUMENTS
COMMAND move
DESCRIPTION Move an element or parameter.
ARGUMENTS
COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND resolved
DESCRIPTION Indicate that conflicts have been resolved.
ARGUMENTS This command has no arguments.
COMMAND revert
DESCRIPTION Copy the running configuration.
ARGUMENTS
COMMAND rollback
DESCRIPTION Roll back database to last committed version
ARGUMENTS
current running configuration. The oldest configuration is the one with highest number. <number> Select rollback version
COMMAND show
DESCRIPTION Display a specified parameter.
ARGUMENTS
COMMAND tag
DESCRIPTION Configure statement tags.
ARGUMENTS
COMMAND top
DESCRIPTION Exit to the top level of the configuration hierarchy. You can optionally run a command after exiting to the top level.
ARGUMENTS
COMMAND validate
DESCRIPTION
Verify that the candidate configuration contains no errors. This performs the same operation as commit check.
ARGUMENTS This command has no arguments.
COMMAND cluster nodes node <blade-num> config
DESCRIPTION Configure whether a node is enabled or disabled in a partition.
ARGUMENTS
EXAMPLE
Disable blade-1 in the partition:
default-1(config)# cluster nodes node blade-1 config disabled
COMMAND cluster nodes node <blade-num> reboot
DESCRIPTION Reboot a node in the partition.
ARGUMENTS
This command has no arguments.
EXAMPLE
Reboot blade-1:
default-1(config)# cluster nodes node blade-1 reboot
COMMAND cluster disk-usage-threshold config critical-limit
DESCRIPTION Configure the percentage of disk usage allowed before triggering a critical alarm.
ARGUMENTS
COMMAND cluster disk-usage-threshold config error-limit
DESCRIPTION Configure the percentage of disk usage allowed before triggering an error alarm.
ARGUMENTS
COMMAND cluster disk-usage-threshold config growth-rate-limit
DESCRIPTION Configure the percentage of disk usage growth rate allowed.
ARGUMENTS
COMMAND cluster disk-usage-threshold config interval
DESCRIPTION Configure the interval measured, in minutes, at which disk usage is monitored.
ARGUMENTS
COMMAND cluster disk-usage-threshold config warning-limit
DESCRIPTION Configure the percentage of disk usage allowed before triggering a warning alarm.
ARGUMENTS
COMMAND fdb mac-table entries entry
DESCRIPTION Configure a Layer 2 forwarding database (FDB) entry in the system.
IMPORTANT: The FDB table is managed by the system, and manual configuration requires intricate knowledge of the hardware data path. You should configure an FDB object only under the guidance of F5 Technical Support. Manually configuring FDB objects can potentially impact the flow of network traffic through the system.
ARGUMENTS
xx:xx:xx:xx:xx:xx.COMMAND file config concurrent-operations-limit
DESCRIPTION Specify how many concurrent file operations are allowed at a time.
ARGUMENTS
COMMAND file known-hosts known-host
DESCRIPTION Add the IP address (and therefore, the public key) of a specified remote-host to the system known_hosts file.
ARGUMENTS
COMMAND file import
DESCRIPTION
Transfer a file from a chassis partition to a remote system. These directories are available for use for file import operations on the chassis partition:
ARGUMENTS
EXAMPLE
Transfer a file named myfile.iso from the remote host files.company.com on port 443 to the images directory on the chassis partition:
default-1# file import local-file images remote-file images/myfile.iso remote-host files.company.com remote-port 443
result File transfer is initiated.(images/myfile.iso)
COMMAND file export
DESCRIPTION
Transfer a file from a chassis partition to a remote system. These directories are available for use for file export operations on the chassis partition:
ARGUMENTS
EXAMPLE
Transfer a file named velos.log from the local host to the /home/jdoe/ directory at files.company.com, using the username jdoe:
default-1# file export local-file log/velos.log remote-host files.company.com remote-file home/jdoe/velos.log username jdoe password
Value for 'password' (<string>): *********
result File transfer is initiated.(log/velos.log)
COMMAND file delete
DESCRIPTION
Delete a specified file from the chassis partition. You can use file delete only on files in the diags/shared directory.
ARGUMENTS
EXAMPLE
Delete a specified QKView file from the system:
default-1# file delete file-name diags/shared/qkview/default-76ee4321-786d-11eb-a48b-12345a000007-qkview.tar.gz
result Deleting the file
COMMAND file transfer-status
DESCRIPTION Display the status of file transfer operations.
ARGUMENTS
EXAMPLE
Check the status of file transfers:
default-1-active# file transfer-status
result
S.No.|Operation |Protocol|Local File Path |Remote Host |Remote File Path |Status
1 |Import file|HTTPS |/images/myfile.iso |files.company.com |images/myfile.iso |In Progress (15.0%)
COMMAND file list
DESCRIPTION Display a list of directories and files in a specified path.
ARGUMENTS
EXAMPLE
Display a list of files in /images:
default-1# file list path images
entries {
name
BIGIP-15.1.5-0.0.11.ALL-VELOS.qcow2.zip.bundle
}
COMMAND file show
DESCRIPTION Display the contents of a specified file.
ARGUMENTS
EXAMPLE
Display the contents of the file log/velos.log:
default-1# file show log/velos.log
2021-02-26T18:23:05.160009+00:00 controller-1(p1) partition-bladesd[7]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
2021-02-26T18:23:05.161038+00:00 controller-1(p1) tcpdumpd-master[10]: priority="Notice" version=1.0 msgid=0x5402000000000002 msg="tcpdumpd-master starting" VERSION="1.3.18" DATE="Wed Feb 10 17:04:45 2021".
2021-02-26T18:23:05.161047+00:00 controller-1(p1) tcpdumpd-master[10]: priority="Notice" version=1.0 msgid=0x5402000000000004 msg="tcpdumpd-master args." ARGS="/usr/bin/tcpdumpd_master".
2021-02-26T18:23:05.161053+00:00 controller-1(p1) tcpdumpd-master[10]: priority="Notice" version=1.0 msgid=0x5402000000000004 msg="tcpdumpd-master args." ARGS="-r".
2021-02-26T18:23:05.161057+00:00 controller-1(p1) tcpdumpd-master[10]: priority="Notice" version=1.0 msgid=0x5402000000000004 msg="tcpdumpd-master args." ARGS="1".
2021-02-26T18:23:05.161062+00:00 controller-1(p1) tcpdumpd-master[10]: priority="Notice" version=1.0 msgid=0x5402000000000004 msg="tcpdumpd-master args." ARGS="-l".
2021-02-26T18:23:05.161067+00:00 controller-1(p1) partition-bladesd[7]: priority="Info" version=1.0 msgid=0x6602000000000005 msg="DB is not ready".
...
COMMAND file tail
DESCRIPTION Display only the last 10 lines of a specified file.
ARGUMENTS
EXAMPLES
Display only the last 10 lines of log/velos.log:
default-1# file tail log/velos.log
2021-03-16T00:39:49+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:39:49+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:39:49+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:39:49+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
Display the last 10 lines of log/velos.log and keep appending output as the file grows:
default-1# file tail -f log/velos.log
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:40:48+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:41:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
Display only the last five lines of log/velos.log:
default-1# file tail -n 5 log/velos.log
2021-03-16T00:42:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:42:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_0.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:42:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.1'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:42:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.2'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
2021-03-16T00:42:53+00:00 100.65.17.7 blade-7(p1) diag-agent[1]: priority="Err" msg="Event: 'Task OnEvent 'tmstat:atse-gbx-stat' Error: 'unable to find ATSE Gearbox component for name='portgroup_1.3'''", severity="Error", area="Task", task="ATSE Monitor", profile="Functional FPGA Monitoring" container="diag-agent" level="Error" interface="psf-diag-agent"
COMMAND images remove
DESCRIPTION Remove tenant image.
ARGUMENTS
EXAMPLE
Remove the .bundle file named BIGIP-15.1.5-0.0.11.ALL-VELOS.qcow2.zip.bundle:
partition1(config)# images remove name BIGIP-15.1.5-0.0.11.ALL-VELOS.qcow2.zip.bundle
result Successful.
COMMAND interfaces interface
DESCRIPTION Configure network interface attributes.
ARGUMENTS
ieee8023adLag when creating LAG interfaces.EXAMPLE
Configure a description for interface 1.0 on blade-1 and verify that it was configured correctly:
default-1(config)# interfaces interface 1/1.0 config description "40G Link"
default-1(config-interface-1/1.0)# commit
Commit complete.
default-1(config-interface-1/1.0)# exit
default-1(config)# exit
default-1# show running-config interfaces interface 1/1.0 config
interfaces interface 1/1.0
config name 1/1.0
config type ethernetCsmacd
config description "40G Link"
config enabled
!
COMMAND interfaces interface <lag-name> aggregation config
DESCRIPTION Configure LAGs and their attributes.
ARGUMENTS
EXAMPLE
Create a LAG named test-lag that uses dst-mac for the hash, assign trunk VLAN IDs 99 and 101, and then verify that it was configured correctly:
default-1(config)# interfaces interface test-lag aggregation config distribution-hash dst-mac
default-1(config)# commit
default-1(config)# interfaces interface test-lag aggregation switched-vlan config trunk-vlans { 99 101 }
default-1(config)# commit
default-1# show running-config interfaces interface test-lag aggregation switched-vlan config
interfaces interface test-lag
aggregation switched-vlan config trunk-vlans { 99 101 }
!
COMMAND interfaces interface ethernet
DESCRIPTION Configure physical interfaces attributes.
ARGUMENTS
COMMAND lacp config system-priority
DESCRIPTION
System priority and system MAC are combined as system-id, which is required by the LACP protocol. Each partition has a system mac which is not configurable. The default system priority is 32768.
ARGUMENTS
EXAMPLES
Configure system priority to be 1000:
default-1(config)# lacp config system-priority 1000
COMMAND lacp interfaces interface
DESCRIPTION
Configure LACP to manage the LAG interface. To use LACP to manage a LAG interface, the LAG interface must already exist or be created first. LAG interfaces can have multiple interface members, and the LAG interface state is up as long as there is at least one active member. There must be valid VLANs attached to LAG interface to pass user traffic. Be sure that the VLAN exists before attaching it to a LAG interface.
ARGUMENTS
FAST to have packets sent every second. Set the interval to SLOW to have packets sent every 30 seconds.PASSIVE to place a port into a passive negotiating state, in which the port responds to received LACP packets, but does not initiate LACP negotiation. Set to ACTIVE to place a port into an active negotiating state, in which the port initiates negotiations with other ports by sending LACP packets.EXAMPLES
Configure an LACP interface, set it to place the port into an active negotiating state, and set the interval to have packets sent every second:
default-1(config)# lacp interfaces interface lag1 config lacp-mode ACTIVE interval FAST
Create a LAG interface named lag1 with the type ieee8023adLag:
default-1(config)# interfaces interface lag1 config type ieee8023adLag; commit
Enable LACP on a LAG interface named lag1:
default-1(config)# interfaces interface lag1 aggregation config lag-type LACP; commit
Create an LACP interface named lag1 with default parameters (internal is set to SLOW, lacp-mode is set to ACTIVE):
default-1(config)# lacp interfaces interface lag1 config name lag1; commit
Add interface 1/1.0 and 1/2.0 as interface members into a LAG named lag1:
default-1(config)# interfaces interface 1/1.0 ethernet config aggregate-id lag1
default-1(config)# interfaces interface 1/2.0 ethernet config aggregate-id lag1
default-1(config)# commit
Attach VLANs 1000 and 1001 to a LAG interface named lag1:
default-1(config)# interfaces interface lag1 aggregation switched-vlan config trunk-vlans { 1000 1001 }
default-1(config)# commit
COMMAND lldp config
DESCRIPTION Configure Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
10.2.2.4.30.EXAMPLE
Configure a system-description for LLDP and verify that it was configured correctly:
default-1(config)# lldp config system-description "Test system description"
default-1(config)# commit
Commit complete.
default-1(config)# exit
default-1# show running-config lldp config
lldp config enabled
lldp config system-description "Test system description"
lldp config tx-interval 30
lldp config tx-hold 4
lldp config reinit-delay 2
lldp config tx-delay 2
lldp config max-neighbors-per-port 10
COMMAND lldp interfaces interface
DESCRIPTION Configure Link Layer Discovery Protocol (LLDP) for an interface.
ARGUMENTS
type: string description: The name of the interface. The minimum length is 1 character, and the maximum length is 63 characters.
EXAMPLE
Create an LLDP interface:
default-1(config)# lldp interfaces interface 1/1.0 config name 1/1.0
COMMAND lldp interfaces interface <interface-name> config
DESCRIPTION Configure LLDP attributes for an interface.
ARGUMENTS
EXAMPLE
Configure a tlv-advertisement-state for LLDP interface 1.0 on blade-1 and verify that it was configured correctly:
default-1(config)# lldp interfaces interface 1/1.0 config tlv-advertisement-state txrx
default-1(config-interface-1/1.0)# commit
Commit complete.
default-1(config-interface-1/1.0)# top
default-1(config)# exit
default-1# show running-config lldp interfaces interface 1/1.0
lldp interfaces interface 1/1.0
config name 1/1.0
config enabled
config tlv-advertisement-state txrx
config tlvmap chassis-id,port-id,ttl,port-description,system-name,system-description,system-capabilities,pvid,ppvid,vlan-name,protocol-identity,macphy,link-aggregation,power-mdi,mfs,product-model
!
COMMAND portgroups portgroup
DESCRIPTION Configure port group attributes.
ARGUMENTS
EXAMPLE
Configure a port group on blade-1 to use a DDM polling frequency of 20 seconds:
default-1(config)# portgroups portgroup 1/1 config ddm ddm-poll-frequency 20
---
Configure the port mode on blade 1 to be MODE_40GB:
---
default-1(config-portgroup-1/1)# portgroups portgroup 1/2 config mode MODE_40GB
default-1(config-portgroup-1/2)# commit
The following warnings were generated:
'portgroups portgroup': Blade(s) 1 will reboot
Proceed? [yes,no] no
COMMAND qos global-setting
DESCRIPTION Configure whether Quality of Service (QOS) is disabled or enabled for either 802.1p or DSCP.
ARGUMENTS
EXAMPLE
Enable QOS for DSCP:
default-1(config)# qos global-setting config status DSCP-enabled
COMMAND qos global-setting config mapping-8021p
DESCRIPTION Configure traffic priorities for 802.1p values.
ARGUMENTS
EXAMPLE
Create a traffic priority for VOIP traffic to numeric priority 7:
default-1(config)# qos global-setting config mapping-8021p traffic-priority VOIP value 7
COMMAND qos global-setting config mapping-DSCP
DESCRIPTION Configure traffic priorities for DSCP values.
ARGUMENTS
COMMAND qos global-setting config traffic-priorities traffic-priority
DESCRIPTION Create traffic priorities
ARGUMENTS
EXAMPLE
Create a traffic priority named VOIP:
default-1(config)# qos global-setting config traffic-priorities traffic-priority VOIP
COMMAND qos meter-setting config interfaces interface
DESCRIPTION Map a meter group for a selected interface.
ARGUMENTS
EXAMPLE
Assign port 1/1.0 to a meter group named mg1:
default-1(config)# qos meter-setting config interfaces interface 1/1.0 meter-group mg1
COMMAND qos meter-setting config meter-groups meter-group
DESCRIPTION Create a meter group.
ARGUMENTS
EXAMPLE
Create a meter group named mg1 and assign weights to a traffic priority named VOIP:
default-1(config)# qos meter-setting config meter-groups meter-group mg1 meters traffic-priority VOIP weight 120
COMMAND stp
DESCRIPTION Configure Spanning Tree Protocol (STP) on the system.
COMMAND stp global config enabled-protocol
DESCRIPTION
Configures whether Spanning Tree Protocol (STP) is enabled on the partition. If empty, STP is disabled. There can be only one spanning tree protocol enabled at a time. When configuring anything for stp stp, stp rstp, or stp mstp, ensure that the respective protocol has been configured as the global enabled-protocol.
When any spanning-tree protocol is configured, all interfaces in the partition not configured for the respective spanning-tree protocol will be blocked to avoid broadcast storms. Deleting the enabled-protocol removes the blocking state.
ARGUMENTS
EXAMPLE
Enable STP as the as the global STP protocol and verify that it was configured correctly:
default-1(config)# stp global config enabled-protocol { STP } ; commit
Commit complete.
default-1(config)# show full-configuration stp global
stp global config enabled-protocol { STP }
Enable RSTP as the as the global STP protocol and verify that it was configured correctly:
default-1(config)# stp global config enabled-protocol { RSTP } ; commit
Commit complete.
default-1(config)# show full-configuration stp global
stp global config enabled-protocol { RSTP }
Enable MSTP as the as the global STP protocol and verify that it was configured correctly:
default-1(config)# stp global config enabled-protocol { MSTP } ; commit
Commit complete.
default-1(config)# show full-configuration stp global
stp global config enabled-protocol { MSTP }
Disable STP on the partition:
default-1(config)# no stp global config enabled-protocol ; commit
Commit complete.
default-1(config)# show full-configuration stp global
% No entries found.
COMMAND stp interfaces interface
DESCRIPTION Configure specific STP features for an interface.
ARGUMENTS
COMMAND stp mstp config
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the MSTP protocol.
ARGUMENTS
EXAMPLES
Configure MSTP named my-region with a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds, a hold count of 7 BPDUs per second, a revision level of 1, and a maximum hop of 21 hops, and then verify that it was configured correctly:
default-1(config)# stp mstp config forwarding-delay 16 hello-time 3 max-age 21 hold-count 7 name my-region revision 1 max-hop 21 ; commit
Commit complete.
default-1(config)# show full-configuration stp mstp config
stp mstp config name my-region
stp mstp config revision 1
stp mstp config max-hop 21
stp mstp config hello-time 3
stp mstp config max-age 21
stp mstp config forwarding-delay 16
stp mstp config hold-count 7
COMMAND stp mstp mst-instances mst-instance
DESCRIPTION Configure a specific MST instance.
ARGUMENTS
EXAMPLE
Configure MST instance 5 with a bridge priority of 36864, MST identifier of 5, and mapped to VLANs 100 and 101, and then verify that it was configured correctly:
default-1(config)# stp mstp mst-instances mst-instance 5 config bridge-priority 36864 mst-id 5 vlan { 100 101 }
default-1(config-mst-instance-5)# commit
Commit complete.
default-1(config-mst-instance-5)# show full
stp mstp mst-instances mst-instance 5
config mst-id 5
config vlan { 100 101 }
config bridge-priority 36864
!
COMMAND stp mstp mst-instances mst-instance {mst-id} interfaces interface
DESCRIPTION Configure data for MSTP on each interface. Must be configured in conjunction with an STP interface
ARGUMENTS
EXAMPLE
Configure MST instance 5 with interface 1.0 on blade-1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
default-1(config)# show full-configuration stp interfaces
stp interfaces interface 1/1.0
config name 1/1.0
config edge-port EDGE_AUTO
config link-type P2P
!
default-1(config)# stp mstp mst-instances mst-instance 5 interfaces interface 1/1.0 config name 1/1.0 cost 100 port-priority 128 ; commit
Commit complete.
default-1(config-interface-1/1.0)# top
default-1(config)# show full-configuration stp mstp mst-instances mst-instance 5
stp mstp mst-instances mst-instance 5
config mst-id 5
config vlan { 100 101 }
config bridge-priority 36864
interfaces interface 1/1.0
config name 1/1.0
config cost 100
config port-priority 128
!
COMMAND stp rstp config
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the RSTP protocol.
ARGUMENTS
EXAMPLES
Configure RSTP with a bridge priority of 36864, a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds,and a hold count of 7 BPDUs per seconds, and then verify that it was configured correctly:
default-1(config)# stp rstp config bridge-priority 36864 forwarding-delay 16 hello-time 3 max-age 21 hold-count 7 ; commit
Commit complete.
default-1(config)# show full-configuration stp rstp config
stp rstp config hello-time 3
stp rstp config max-age 21
stp rstp config forwarding-delay 16
stp rstp config hold-count 7
stp rstp config bridge-priority 36864
COMMAND stp rstp interfaces interface
DESCRIPTION Configuration data for MSTP on each interface. Must be configured in conjunction with an STP interface.
ARGUMENTS
EXAMPLE
Configure RSTP instance 1/1.0 with interface 1.0 on blade-1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
default-1(config)# show full-configuration stp interfaces
stp interfaces interface 1/1.0
config name 1/1.0
config edge-port EDGE_AUTO
config link-type P2P
!
default-1(config)# stp rstp interfaces interface 1/1.0 config name 1/1.0 cost 100 port-priority 128 ; commit
Commit complete.
default-1(config-interface-1/1.0)# show full
stp rstp interfaces interface 1/1.0
config name 1/1.0
config cost 100
config port-priority 128
!
COMMAND stp stp config bridge-priority
DESCRIPTION Configure the system to handle spanning tree frames (BPDUs) in accordance with the MSTP protocol.
ARGUMENTS
EXAMPLES
Configure STP with a bridge priority of 36864, a forwarding delay of 16 seconds, a hello time of 3 seconds, a maximum age of 21 seconds,and a hold count of 7 BPDUs per seconds, and then verify that it was configured correctly:
default-1(config)# stp stp config bridge-priority 36864 forwarding-delay 16 hello-time 3 hold-count 7 max-age 21 ; commit
Commit complete.
default-1(config)# show full-configuration stp stp config
stp stp config hello-time 3
stp stp config max-age 21
stp stp config forwarding-delay 16
stp stp config hold-count 7
stp stp config bridge-priority 36864
COMMAND stp stp interfaces interface
DESCRIPTION Configuration data for MSTP on each interface. Must be configured in conjunction with an STP interface.
ARGUMENTS
EXAMPLE
Configure STP instance 1/1.0 with interface 1.0 on blade-1, with a cost of 100 and a port priority of 128, and then verify that it was configured correctly:
default-1(config)# show full-configuration stp interfaces
stp interfaces interface 1/1.0
config name 1/1.0
config edge-port EDGE_AUTO
config link-type P2P
!
default-1(config)# stp stp interfaces interface 1/1.0 config name 1/1.0 cost 100 port-priority 128 ; commit
Commit complete.
default-1(config-interface-1/1.0)# show full
stp stp interfaces interface 1/1.0
config name 1/1.0
config cost 100
config port-priority 128
!
COMMAND system aaa authentication config authentication-method
DESCRIPTION Specify which authentication methods can be used to authenticate and authorize users. You can enable all methods and indicate the order in which you'd like the methods to be attempted when a user logs in.
ARGUMENTS
EXAMPLE
Attempt to authenticate in this order: LDAP, then RADIUS, and then local (/etc/password):
default-1(config)# system aaa authentication config authentication-method { LDAP_ALL RADIUS_ALL LOCAL }
COMMAND system aaa authentication ldap active_directory
DESCRIPTION Specify whether to enable LDAP Active Directory (AD) on the chassis partition.
ARGUMENTS
true to enable LDAP AD or false to disable it. The default value is false.EXAMPLE
Enable LDAP AD on the system:
default-1-active(config)# system aaa authentication ldap active_directory true
COMMAND system aaa authentication ldap base
DESCRIPTION Specify the search base distinguished name (DN) for LDAP authentication. Note that the configuration of base values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters. These must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
Search for a specified distinguished name:
default-1(config)# system aaa authentication ldap base dc=xyz,dc=com
default-1(config)# system aaa authentication ldap base { dc=xyz,dc=com dc=abc,dc=com }
COMMAND system aaa authentication ldap bind_timelimit
DESCRIPTION Specify a maximum amount of time to wait for LDAP authentication to return a result.
ARGUMENTS
30.EXAMPLE
Set a maximum bind time limit of 60 seconds:
default-1(config)# system aaa authentication ldap bind_timelimit 60
COMMAND system aaa authentication ldap binddn
DESCRIPTION Specify the distinguished name (DN) of an account that can search the base DN. If no account is specified, the LDAP connection establishes without authentication. Note that the configuration of binddn values are case-sensitive and must be a full DN path. This includes spaces, commas, and other characters; these must be the same as what is configured in the LDAP server.
ARGUMENTS
EXAMPLE
Set the distinguished name of a specified account for searching the base DN:
default-1(config)# system aaa authentication ldap binddn cn=admin,dc=xyz,dc=com
COMMAND system aaa authentication ldap bindpw
DESCRIPTION Specify the password of the search account identified in binddn.
ARGUMENTS
EXAMPLE
Specify a password for the search account on the LDAP server:
default-1(config)# system aaa authentication ldap bindpw <password\>
COMMAND system aaa authentication ldap idle_timelimit
DESCRIPTION Configure the maximum amount of time before the LDAP connection can be inactive before it times out.
ARGUMENTS
30.EXAMPLE
Set a maximum idle timeout of 60 seconds:
default-1(config)# system aaa authentication ldap idle_timelimit 60
COMMAND system aaa authentication ldap ldap_version
DESCRIPTION Specify the LDAP protocol version number.
ARGUMENTS
3.EXAMPLE
Specify that LDAPv3 is used for the LDAP server:
default-1(config)# system aaa authentication ldap ldap_version 3
COMMAND system aaa authentication ldap ssl
DESCRIPTION Specify whether to enable Transport Layer Security (TLS) functionality for the LDAP server.
ARGUMENTS
EXAMPLE
Specify that TLS is enabled for all connections:
default-1(config)# system aaa authentication ldap ssl on
COMMAND system aaa authentication ldap timelimit
DESCRIPTION Specify a maximum time limit to use when performing LDAP searches to receive an LDAP response.
ARGUMENTS
EXAMPLE
Specify a maximum time limit of 60 seconds for LDAP searches.
default-1(config)# system aaa authentication ldap timelimit 60
COMMAND system aaa authentication ldap tls_cacert
DESCRIPTION Specify the CA certificate to be used for authenticating the TLS connection with the CA server. Also validates an issued certificate from a CA prior to accepting it into the system.
ARGUMENTS
EXAMPLE
Specify a certificate for authenticating the TLS connection:
default-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND system aaa authentication ldap tls_cert
DESCRIPTION Specify the file that contains the certificate for the client's key.
ARGUMENTS
EXAMPLE
Specify a file that contains the certificate for a client's key:
default-1(config)# system aaa authentication ldap tls_cacert <path-to-cacert>.pem
COMMAND system aaa authentication ldap tls_ciphers
DESCRIPTION Specify acceptable cipher suites for the TLS library in use. For example, ECDHE-RSAAES256-GCM-SHA384 or ECDHE-RSA-AES128-GCM-SHA256.
The cipher string can take several additional forms. It can consist of a single cipher suite such as RC4-SHA. It can represent a list of cipher suites containing a certain algorithm, or cipher suites of a certain type. For example, SHA1 represents all cipher suites using the digest algorithm SHA1, and SSLv3 represents all SSLv3 algorithms. You can combine lists of cipher suites into a single cipher string using the + character as a logical AND operation. For example, SHA1+DES represents all cipher suites containing the SHA1 and DES algorithms.
ARGUMENTS
EXAMPLE
Specify the cipher suite for the TLS library in use:
default-1(config)# system aaa authentication ldap tls_cyphers <cipher-suite>
COMMAND system aaa authentication ldap tls_key
DESCRIPTION
Specify the file that contains the the private key that matches the certificates that you configured with the system aaa authentication ldap tls_cert command.
ARGUMENTS
system aaa authentication ldap tls_cert command.COMMAND system aaa authentication ldap tls_reqcert
DESCRIPTION
Specify what checks to perform on certificates in a TLS session. The default value is never.
ARGUMENTS
EXAMPLE
Specify that a certificate is not required for a TLS session:
default-1(config)# system aaa authentication ldap tls_reqcert never
COMMAND system aaa authentication roles role
DESCRIPTION Specify the primary role assigned to the user.
ARGUMENTS
EXAMPLE
Configure which rolename and system group ID is used for a specified role:
default-1(config)# system aaa authentication roles role <rolename> config rolename <rolename> gid <unix-gid>
COMMAND system aaa authentication users user
DESCRIPTION Configure options for users.
ARGUMENTS
-1 (no expiration date). Use 1 to indicate expired.0 to force a password change.EXAMPLE
Configure a user named jdoe so that the user must change their password at their next log in and indicated that the account has no expiration date:
default-1(config)# system aaa authentication users user jdoe config last-change 0 expiry-date -1
COMMAND system aaa password-policy config apply-to-root
DESCRIPTION
Specify whether to enforce password policies when the user configuring passwords is the root user. If enabled (true), the system returns an error on failed check if the root user changing the password. If disabled (false), the system displays a message about the failed check, but allows the root user to change the password and bypass password policies.
ARGUMENTS
true to enforce password policies even if it is the root user configuring passwords or false to disable it. The default value is false.COMMAND system aaa password-policy config max-age
DESCRIPTION Configure the number of days that users can keep using the same password without changing it.
ARGUMENTS
COMMAND system aaa password-policy config max-login-failures
DESCRIPTION Configure the maximum number of unsuccessful login attempts that are permitted before a user is locked out.
ARGUMENTS
COMMAND system aaa password-policy config min-length
DESCRIPTION
Configure a minimum acceptable size for the new password (plus one if credits are not disabled which is the default). In addition to the number of characters in the new password, credit (of +1 in length) is given for each different kind of character (other, upper, lower and digit). The default for this parameter is 9. If you want to allow passwords that are as short as 5 characters, you should not use min-length.
ARGUMENTS
COMMAND system aaa password-policy config reject-username
DESCRIPTION Check whether the user name is contained in the new password, either in straight or reversed form. If it is found, the new password is rejected.
ARGUMENTS
false to allow the user name in a new password or true to reject new passwords that contain the user name in some form. The default value is false.COMMAND system aaa password-policy config required-differences
DESCRIPTION Configure the number of character changes that are required in the new password that differentiate it from the old password.
ARGUMENTS
5.COMMAND system aaa password-policy config required-lowercase
DESCRIPTION Configure the minimum number of lowercase character required for a password.
ARGUMENTS
COMMAND system aaa password-policy config required-numeric
DESCRIPTION Configure the minimum number of numeric characters required for a password.
ARGUMENTS
COMMAND system aaa password-policy config required-special
DESCRIPTION Configure the minimum number of numeric characters required for a password. minimum number of special characters required for a password.
ARGUMENTS
COMMAND system aaa password-policy config required-uppercase
DESCRIPTION Configure the minimum number of numeric characters required for a password. minimum number of uppercase characters required for a password.
ARGUMENTS
COMMAND system aaa password-policy config retries
DESCRIPTION Configure the number of retries allowed when user authentication is unsuccessful.
ARGUMENTS
COMMAND system aaa password-policy config root-lockout
DESCRIPTION Configure whether the root account can be locked out after unsuccessful login attempts.
ARGUMENTS
false to disable root lockout after a number of unsuccessful login attempts or true to enable it. The default value is false.COMMAND system aaa password-policy config root-unlock-time
DESCRIPTION Configure the time in seconds before the root user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts.
ARGUMENTS
COMMAND system aaa password-policy config unlock-time
DESCRIPTION Configure the time in seconds before a user can retry logging in after exceeding the maximum number of allowed unsuccessful authentication attempts. If this option is not configured, the account is locked until the lock is removed manually by an administrator.
ARGUMENTS
COMMAND system aaa server-groups server-group
DESCRIPTION Configure one or more AAA servers of type RADIUS, LDAP, or TACACS+. The first server in the list is always used by default unless it is unavailable, in which case the next server in the list is used. You can configure the order of servers in the server group.
ARGUMENTS
3 (seconds).389.LDAP (LDAP over TCP).EXAMPLE
Create a server group named radius-test of type RADIUS, assign a specific RADIUS server with the group, and then configure a secret key:
default-1(config)# system aaa server-groups server-group radius-test
default-1(config-server-group-radius-test)# config type RADIUS
default-1(config-server-group-radius-test)# config name radius-test
default-1(config-server-group-radius-test)# commit
Commit complete.
default-1(config-server-group-radius-test)#
default-1(config)# system aaa server-groups server-group radius-test servers server 192.0.2.10 config address 192.0.2.10
default-1(config-server-192.0.2.10)# radius config <tab>
Possible completions:
auth-port secret-key timeout
default-1(config-server-192.0.2.10)# radius config secret-key radius-key'
default-1(config-server-192.0.2.10)# commit
Create a server group named ldap-test of type LDAP, assign a specific LDAP server with the group, and then set the LDAP type as LDAP over TCP:
default-1(config)# system aaa server-groups server-group ldap-test
default-1(config-server-group-ldap-test)# config type LDAP
default-1(config-server-group-ldap-test)# config name ldap-test
default-1(config-server-group-ldap-test)# commit
Commit complete.
default-1(config-server-group-ldap-test)#
default-1(config)# system aaa server-groups server-group ldap-test servers server 192.0.2.10 config address 192.0.2.10
default-1(config-server-192.0.2.10)# ldap config type ldap
default-1(config-server-192.0.2.10)# commit
COMMAND
system aaa tls config certificate
DESCRIPTION
Configure an SSL server certificate to be used for the webUI (HTTPS) or REST interface of the system.
ARGUMENTS
EXAMPLE
Add a certificate and key to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the certificate/key. After you have added a certificate, you must add a key using system aaa tls config key , commit the changes:
default-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
default-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
default-1(config)# commit
Commit complete.
COMMAND
system aaa tls config key
DESCRIPTION
Configure a PEM-encoded private key to be used for the webUI (HTTPS) or REST interface of the system. Key value is encrypted in DB storage.
ARGUMENTS
EXAMPLE
Add a TLS key and certificate to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the key/certificate. After you have added a key, you must add a certificate using system aaa tls config certificate:
default-1(config)# system aaa tls config key
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
default-1(config)# system aaa tls config certificate
(<string>):
[Multiline mode, exit with ctrl-D.]
> ...
default-1(config)# commit
Commit complete.
COMMAND system aaa tls crls crl
DESCRIPTION Configure a Certificate Revocation List Entry (CRL).
ARGUMENTS
string
EXAMPLE
Add a new CRL to the system. When you press Enter, you will enter multi-line mode, at which point you can copy in the CRL key.
syscon-2-active(config)# system aaa tls crls crl *crl Name*
Value for 'config revocation-key' (<string>):
[Multiline mode, exit with ctrl-D.]
> ...
syscon-2-active(config)# commit
Commit complete.
COMMAND system aaa tls create-self-signed-cert
DESCRIPTION Create an OpenSSL key for use with AAA/TLS.
ARGUMENTS
secp521r1. Available options are:true to store the self-signed certificate pair in the the system-aaa-tls-config or false to specify that it should not be stored.EXAMPLE
Create a private key and self-signed certificate:
default-1(config)# system aaa tls create-self-signed-cert city Seattle country US days-valid 365 email j.doe@company.com key-type ecdsa name company.com organization "Company" region Washington unit IT version 1 curve-name prime239v2 store-tls false
response
-----BEGIN EC PRIVATE KEY-----
MHECA1d8wiyJEVihDTnVi+v9RjfK3LhZ2Pd4R7B1MJf3lyXaoaAKBggqhkjOPQMB
BaFAAz4ABHFISUTEi8wEdG0iBF3iqTi5m5b62xUSbhOJrXR8d0S6h+anvpo9xrH3
QKbVuacd9H4cMj2tX/wyqVNePg==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICAzCCAa4CCQCR5RKtuBFcxTAKBggqhkjOPQQDAjCBjTELMAkGA1UEBhMCVVMx
EzARBgNVBAgMCl1t462pbmd0b24xEDAOBgNVBAcMB1NlYXR0bGUxEzARBgNVBAoM
CkY1IE5ldG9ya3MxEDAOBgNVBAsMB1NXRElBR1MxETAPBgNVBAMMCEdvZHppbGxh
MR0wGwYJKoZIhvcNAQkBFg5qLm1vb3JlQGY1LmNvbTAeFw0yMTAzMjcwMjE2NTFa
Fw0yMjAzMjcwMjE2NTFaMIGNMQswCQYDVQQGEwJVUzORBTWGA1UECAwKV2FzaGlu
Z3RvbjEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECgwKRjUgTmV0b3JrczEQMA4G
A1UECwwHU1dESUFHUzERMA8GA1UEAwwIR29kemlsbGExHTAbBgkqhkiG9w0BCQEW
DmoubW9vcmVAZRWPuB9tMFUwEwYHKoZIzj0CAQYIKoZIzj0DAQUDPgAEcUhJRMSL
zAR0bSIEXeKpOLmblvrbFRJuE4mtdHx3RLqH5qe+mj3GsfdAptW5pwXtlI0yPa1f
/DKpU14+MAoGCCqGSM49BAMCA0MAMEACHh38OAyBB5T9ScBklBXZUIuynHq3/tr4
3VUQsMtYHQIeeP3vCrRm2qjPtK62QwtbkqDA9h2qTvuDj6uYL8EI
-----END CERTIFICATE-----
COMMAND system aaa tls create-csr
DESCRIPTION Create a certificate signing request (CSR).
ARGUMENTS
EXAMPLE
Create a CSR:
system aaa tls create-csr name company.com email j.doe@company.com organization "Company" unit IT
response -----BEGIN CERTIFICATE REQUEST-----
JRISPzCCAbsCAQEwgY0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9u
MRAwDgYDVQQHEwdTZWF0dGxlMRQwEgYDVQQKFAtGNVH4TW03b3JrczEUMBIGA1UE
CxMLZGV2ZWxvcG1lbnQxGTAXBgkqhkiG9w0BCQEWCmRldkBmNS5jb20xEDAOBgNV
BAMTB3Rlc3Rjc3IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCinnAV
Dv/G6+qbiBVO7zIPmFFatYcrzdUnvpTGXfPuh6VBRqcW90jJy12FwtYOL8P6mED+
gfjpxRWe+PNursjZSIDpyh7Dn+F3MRF3zkgnSKlYKI9qqzlRHRAwi2U7GfujeR5H
CXrJ4uxYK2Wp8WVSa7TWwj6Bnps8Uldnj0kenBJ1eUVUXoQAbUmZQg6l+qhKRiDh
3E/xMOtaGWg0SjD7dEQij5l+8FBEHVhQKEr93GT1ifR62/MZSnPw2MY5OJ69p2Wn
k7Fr7m4I5z9lxJduYDNmiddVilpWdqRaCB2j29XCmpVJduF2v6EsMx693K18IJ1h
iRice6oKL7eoI/NdAgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAGjWSAqKUPqMY
eLlSDJ9Bc4R+ckia5r/TITqamMN+m8TqQI8Pk0tAnwHCl8HHS+4cI8QuupgS/3aU
ls7OtxceoQZ1VFX2sQFkrDJFe0ewZQLm5diip5kxFrnap0oA0wRy84ks0wxeiCWD
New3hgSXfzyXI0g0auT6KNwsGaO8ZuhOX3ICNnSLbfb9T4zbhfI9jKopXQgZG/LO
pOct33fdpf/U6kQA9Rw/nzs3Hz/nsVleOrl3TH1+9veMMF+6eq8KKPpbYKh9bhA+
pYI3TtbZHuyRyQbq/r4gf4JkIu/PGszzy/rsDWy+b9g9nXMh1oFj+xhTrBjBk8a2
0ov+Osy2iA==
-----END CERTIFICATE REQUEST-----
COMMAND system appliance-mode config
DESCRIPTION Configure whether appliance mode is enabled or disabled on the chassis partition. Appliance mode adds a layer of security by restricting user access to root and the bash shell. When enabled, the root user cannot log in to the device by any means, including from the serial console. You can enable appliance mode at these levels:
system appliance-mode on the system controller.system appliance-mode on the chassis partition.tenants tenant <tenant-name\> config appliance-mode on the chassis partition.ARGUMENTS
enabled to enable appliance mode on the chassis partition. Specify disabled to disable it.EXAMPLE
Enable appliance mode on the chassis partition and then verify that appliance mode is enabled:
default-1(config)# system appliance-mode config enabled
default-1(config)# commit
default-1(config)# exit
default-1# show system appliance-mode
system appliance-mode state enabled
Disable appliance mode on the chassis partition and then verify that appliance mode is disabled:
default-1(config)# system appliance-mode config disabled
default-1(config)# commit
default-1(config)# exit
default-1# show system appliance-mode state
system appliance-mode state disabled
COMMAND system database config-backup
DESCRIPTION Generate a backup of the chassis partition configuration database as an XML file.
ARGUMENTS
yes to overwrite the file if a file by that name exists or no to disable the file overwrite. The default value is no.EXAMPLE
Create a backup file of the chassis partition configuration named backup-march2022 and overwrite it if a file by that name already exists:
default-1(config)# system database config-backup name backup-march2021 proceed yes
response Succeeded.
COMMAND system database config-restore
DESCRIPTION Restore the chassis partition configuration from an XML backup file.
ARGUMENTS
yes to overwrite the file if a file by that name exists or no to disable the file overwrite. The default value is no.EXAMPLE
Restore the chassis partition configuration from a backup file named backup-march2021:
default-1(config)# system database config-restore name backup-march2021
COMMAND system database config reset-default-config
DESCRIPTION Revert the chassis partition to the default configuration and clear any existing configuration information.
ARGUMENTS
true to reset the configuration to the default or false to disable it. The default value is false.EXAMPLE
Revert the chassis partition to the default configuration:
default-1(config)# system database config reset-default-config true
COMMAND system diagnostics core-files list
DESCRIPTION List core files for the VELOS system.
EXAMPLE
List all core files on the system:
syscon-1-active# system diagnostics core-files list
files { controller-1:/var/shared/core/container/authd-1.core.gz controller-1:/var/shared/core/container/orchestration_m-1.core.gz controller-1:/var/shared/core/host/test-1.core.gz controller-2:/var/shared/core/container/test-1.core.gz controller-2:/var/shared/core/host/test-2.core.gz }
COMMAND system diagnostics core-files delete
DESCRIPTION Delete core files from the VELOS system.
ARGUMENTS
EXAMPLE
Delete selected core files from the system:
syscon-1-active# system diagnostics core-files delete files { controller-1:/var/shared/core/host/test-1.core.gz }
COMMAND system diagnostics ihealth config authserver
DESCRIPTION Specify a separate endpoint for authenticating and uploading QKView files to the iHealth service. The authserver config element enables you to specify an authentication server URL for the iHealth service. By default, authserver is set to the F5 iHealth authentication server https://api.f5.com/auth/pub/sso/login/ihealth-api.
ARGUMENTS
EXAMPLE
Specify an authentication server for the iHealth service:
default-1(config)# system diagnostics ihealth config authserver
(<string>) (https://api.f5.com/auth/pub/sso/login/ihealth-api): https://api.f5networks.net/auth/pub/sso/login/ihealth-api
COMMAND system diagnostics ihealth config password
DESCRIPTION Specify the password used to log in to iHealth. This password is given in plain text, but will be encrypted when stored in the system.
ARGUMENTS
EXAMPLE
Specify a password to be used for logging in to iHealth:
default-1(config)# system diagnostics ihealth config password
(<AES encrypted string>): **********
COMMAND system diagnostics ihealth config server
DESCRIPTION Specify the iHealth service has a separate endpoint for authenticating and uploading QKView files. The server config element enables you to specify an upload server URL for the iHealth service. By default, the server is set to the F5 iHealth upload server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True.
ARGUMENTS
EXAMPLE
Specify an upload server for the iHealth service:
default-1(config)# system diagnostics ihealth config server
(<string>) (https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True): https://ihealth-api.f5networks.net/qkview-analyzer/api/qkviews?visible_in_gui=True
COMMAND system diagnostics ihealth config username
DESCRIPTION Specify the username used to access the iHealth service.
ARGUMENTS
EXAMPLE
Specify a user name to be used when logging in to iHealth:
default-1(config)# system diagnostics ihealth config username
(<string>) (user@company.com): user2@company.com
COMMAND system diagnostics ihealth upload
DESCRIPTION Initiate a qkview-file upload to iHealth. It returns a upload id, which is needed to check upload status or cancel an upload.
ARGUMENTS
system diagnostics qkview list command to see a list of available files.Note: Be sure to add diags/shared/QKView/ as a prefix to the QKView file name.
EXAMPLE
Upload a file named diags/shared/qkview/test.qkview to iHealth:
default-1# config
default-1# system diagnostics ihealth upload qkview-file diags/shared/qkview/test.qkview description testing service-request-number C523232
message HTTP/1.1 202 Accepted
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Jun 2020 12:09:08 GMT
Content-Length: 0
COMMAND system diagnostics ihealth cancel
DESCRIPTION Cancel a QKView upload that is in progress. If the upload is already complete, it cannot be cancelled. To remove the QKView, log in to the iHealth server and manually delete the QKView, if needed.
ARGUMENTS
EXAMPLE
Cancel the QKView upload with an upload-id of iuw53AYW.
default-1# config
default-1# system diagnostics ihealth cancel upload-id iuw53AYW
message HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Location: /support/ihealth/status/iuw53AYW
Date: Tue, 30 Jun 2020 12:10:01 GMT
Content-Length: 44
COMMAND system diagnostics qkview capture
DESCRIPTION
Generate a system diagnostic snapshot, called a QKView. The system can support only one snapshot collection at a time. QKView files are stored in a single directory, depending on where the QKView file is executed.
If you request a QKView on a system controller or chassis partition, QKView files are stored in the host directory: diags/shared/qkview/.
ARGUMENTS
*machine-name*.qkview.0, which indicates no timeout.true if core files should be excluded from QKView. The default value is false.EXAMPLE
Generate a QKView and name the file client-qkview.tar, exclude core files, set the maximum core size to 500 MB, set the maximum file size to 500 MB, and set a timeout value of 0 (zero), which indicates no timeout:
default-1# system diagnostics qkview capture filename client-qkview.tar exclude-cores true maxcoresize 500 maxfilesize 500 timeout 0
result Qkview file client-qkview.tar is being collected
return code 200
default-1# system diagnostics qkview status
result {"Busy":true,"Percent":6,"Status":"collecting","Message":"Collecting Data","Filename":"client-qkview.tar"}
resultint 0
default-1# system diagnostics qkview capture
result Qkview file controller-1.qkview is being collected
return code 200
resultint 0
default-1# system diagnostics qkview capture filename tryagain.tar
result Qkview capture can not be initiated. Another Qkview capture is already in progress
return code 429
resultint -10
COMMAND system diagnostics qkview cancel
DESCRIPTION Cancel a QKView that is in progress.
ARGUMENTS This command has no arguments.
EXAMPLE
Cancel the currently running QKView:
default-1# system diagnostics qkview cancel
result Qkview with filename client-qkview.tar was canceled
return code 200
resultint 0
COMMAND system diagnostics qkview status
DESCRIPTION Get the status of a QKView that is in progress or the status of the last QKView collected.
ARGUMENTS This command has no arguments.
EXAMPLE
View the status of the currently running QKView:
default-1# system diagnostics qkview status
result {"Busy":true,"Percent":73,"Status":"collecting","Message":"Collecting Data","Filename":"myqkview.tar"}
resultint 0
default-1# system diagnostics qkview status
result {"Busy":false,"Percent":100,"Status":"canceled","Message":"Collection canceled by user. Partial qkview saved.","Filename":"client-qkview.tar.canceled"}
resultint 0
COMMAND system diagnostics qkview delete
DESCRIPTION Delete a QKView file.
ARGUMENTS
EXAMPLE
Delete the QKView file named client-qkview.tar.canceled.
default-1# system diagnostics qkview delete filename client-qkview.tar.canceled
result Deleted Qkview file client-qkview.tar.canceled
return code 200
resultint 0
COMMAND system diagnostics qkview list
DESCRIPTION Show a list of QKView files.
ARGUMENTS This command has no arguments.
EXAMPLE
List all QKView files on the system:
default-1# system diagnostics qkview list
result {"Qkviews":[{"Filename":"client-qkview.tar.canceled","Date":"2020-10-26T23:39:48.783066588Z","Size":131310},{"Filename":"myqkview.tar","Date":"2020-10-26T23:37:43.786269089Z","Size":668708104}]}
resultint 0
COMMAND system logging host-logs
DESCRIPTION Configure settings for sending host logs to remote logging servers.
ARGUMENTS
enabled to enable remote forwarding of active node host logs. Specify disabled to disable it.host-logs is enabled and a remote server configuration is present. Available options are:EXAMPLES
Enable remote forwarding:
default-1-active(config)# system logging host-logs config remote-forwarding enabled
Include non-active nodes (blade 1 and blade 2) when forwarding logs:
default-1-active(config)# system logging host-logs config remote-forwarding include-blades { 1 2 }
COMMAND system logging remote-servers remote-server
DESCRIPTION Configure information about remote logging servers.
ARGUMENTS
udp.514.COMMAND system logging sw-components sw-component
DESCRIPTION Configure logging for platform software components. Available options are:
ARGUMENTS
INFORMATIONAL. Available options, in decreasing order of severity, are:COMMAND system redundancy config auto-failback
DESCRIPTION Configure whether the active location should switch (failback) from a non-preferred location to the preferred location.
ARGUMENTS
enabled to enable auto-failback. Specify disabled to disable it. The default value is disabled, which means that the active location only changes when a failure occurs.EXAMPLES
Enable auto-failback:
partition(config)# system redundancy config auto-failback enabled
Configure auto-failback with a failback-delay of 60 seconds:
partition1(config)# system redundancy config auto-failback failback-delay 60
COMMAND system redundancy config mode
DESCRIPTION Configure the redundancy mode to be used by the system controllers.
ARGUMENTS
EXAMPLE
Configure the redundancy mode to be active-controller:
partition(config)# system redundancy config mode active-controller
COMMAND system redundancy go-standby
DESCRIPTION Request that the active system controller relinquish control and allow the standby controller to become active. This action has no effect if the standby is not ready to take over. If the current active does relinquish control, the SSH sessions to the management IP will be disconnected, and any outstanding, but uncommitted configuration changes will be discarded.
ARGUMENTS This command has no arguments.
EXAMPLE
Make the currently-active system controller the standby controller:
partition(config)# system redundancy go-standby
COMMAND system config login-banner
DESCRIPTION
Configure a banner message to be displayed before users log in to the system.
ARGUMENTS
EXAMPLE
Configure a banner message:
default-1(config)# system config login-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
COMMAND system config motd-banner
DESCRIPTION
Configure a message of the day (MOTD) banner to display after users log in to the system.
EXAMPLE
Configure a MOTD banner message:
default-1(config)# system config motd-banner
(<string>):
[Multiline mode, exit with ctrl-D.]
ATTENTION!
This system is scheduled for maintenance in two days.
COMMAND tenants tenant
DESCRIPTION Provision and deploy a tenant within the partition.
ARGUMENTS
enabled to enable appliance node at the tenant level. Specify disabled to disable it.enabled to enable crypto devices for the tenant level. Specify disabled to disable it.deployed state.76 GB. The range is from 22 to 700 GB.EXAMPLE
Configure a tenant named bigip-vm of type BIG-IP, using a specific image file, assigned to blade-1, using port 22, a management IP address of 192.0.2.61, a netmask of 255.255.255.0, a gateway of 192.0.2.1, using VLAN 100, and a running state of deployed.
default-1(config)# tenants tenant bigip-vm config type BIG-IP image BIGIP-bigip15.1.x-15.1.2.8-0.0.496.ALL-VELOS.qcow2.zip.bundle nodes 1 port 22 mgmt-ip 192.0.2.71 netmask 255.255.255.0 gateway 192.0.2.254 vlans 100 running-state deployed
Configure a tenant to have appliance mode enabled by first setting the tenant's running-state to provisioned and then enabling appliance mode:
default-1# tenants tenant bigip-vm config running-state provisioned
default-1(config)# commit
// NOTE: Wait until the tenant's `running-state` is `provisioned`.
default-1# show tenants tenant bigip-vm state running-state
state running-state provisioned
default-1# tenants tenant bigip-vm config appliance-mode enabled
default-1# tenants tenant bigip-vm config running-state deployed
default-1(config)# commit
default-1# show tenants tenant bigip-vm
tenants tenant bigip-vm
state type BIG-IP
state mgmt-ip 192.0.2.71
state prefix-length 24
state gateway 192.0.2.254
state vlans { 1040 1041 }
state cryptos enabled
state vcpu-cores-per-node 2
state memory 7680
state running-state deployed
state mac-data base-mac 00:1a:2b:3c:4d:5e
state mac-data mac-pool-size 1
state appliance-mode enabled
state status Running
state primary-slot 1
state image-version "BIG-IP 15.1.5 0.0.11"
NDI MAC
----------------------------
default 00:1a:2b:3c:4d:0e
state instances instance 1
instance-id 1
phase Running
image-name BIGIP-15.1.5-0.0.11.ALL-VELOS.qcow2.zip.bundle
creation-time 2021-03-12T04:29:47Z
ready-time 2021-03-12T04:29:44Z
status "Started tenant instance"
mgmt-mac ea:45:15:37:e7:22
COMMAND vlan-listeners vlan-listener
DESCRIPTION A vlan-listener is a system-generated object and should only be configured manually under the guidance of F5 Technical Support. Manually configuring a vlan-listener object could potentially impact the flow of network traffic through the system.
ARGUMENTS
COMMAND vlans vlan
DESCRIPTION Creates a VLAN object that can be referenced by other configuration commands. This command is intended to be expanded for future use and is currently not necessary for proper configuration of the system.
ARGUMENTS
EXAMPLE
Configure VLAN 100, with the name 100 and a vlan-id of 100:
default-1(config)# vlans vlan 100 config name 100 vlan-id 100
COMMAND autowizard
DESCRIPTION Specify whether to query automatically for mandatory elements.
ARGUMENTS
true to query automatically for mandatory elements or false to disable it.COMMAND cd
DESCRIPTION Change the working directory to a specific folder.
ARGUMENTS
COMMAND clear
DESCRIPTION Remove all configuration changes.
ARGUMENTS
COMMAND compare
DESCRIPTION Compare two configuration subtrees.
ARGUMENTS
COMMAND complete-on-space
DESCRIPTION Specify whether to have the CLI complete a command name automatically when you type an unambiguous string and then press the space bar, or have the CLI list all possible completions when you type an ambiguous string and then press the space bar.
ARGUMENTS
true to enable the ability to have the CLI complete a command name automatically when you press the space bar or false to disable it.COMMAND config
DESCRIPTION
Enter configuration mode. In configuration mode, you are editing a copy of the running configuration, called the candidate configuration, not the actual running configuration. Your changes take effect only when you issue a commit command.
ARGUMENTS
COMMAND describe
DESCRIPTION Display internal information about how a command is implemented.
ARGUMENTS
COMMAND display-level
DESCRIPTION Set the depth of the configuration shown for show commands.
ARGUMENTS
<depth> can be a value from 1 through 64.COMMAND exit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND file
DESCRIPTION Perform file operations.
ARGUMENTS
For detailed information about these arguments, see the file page under partition config-mode-commands.
COMMAND help
DESCRIPTION Display help information about a specified command.
ARGUMENTS
COMMAND history
DESCRIPTION Configure the command history cache size.
ARGUMENTS
<size> can be a value from 0 through 1000.COMMAND id
DESCRIPTION Display information about the current user, including user, gid, group, and gids.
ARGUMENTS This command has no arguments.
COMMAND idle-timeout
DESCRIPTION Set how long the CLI is inactive before a user is logged out of the system. If a user is connected using an SSH connection, the SSH connection is closed after this time expires.
ARGUMENTS
1800 seconds (30 minutes).COMMAND ignore-leading-space
DESCRIPTION Specify whether to consider or ignore leading whitespace at the beginning of a command.
ARGUMENTS
false to ignore leading whitespace or true to consider it.COMMAND leaf-prompting
DESCRIPTION Specify whether to enable or disable automatic querying for leaf values.
ARGUMENTS
false to disable leaf prompting or true to enable it.COMMAND logout
DESCRIPTION Log out a specific session or user from all sessions.
ARGUMENTS
<session-id>.<user-name>.COMMAND no
DESCRIPTION Delete or unset a configuration command.
ARGUMENTS
COMMAND output-file
DESCRIPTION Copy command output to a file or terminal.
ARGUMENTS
COMMAND paginate
DESCRIPTION Specify whether to control the pagination of CLI command output.
ARGUMENTS
false to display command output continuously, regardless of the CLI screen height. Specify true to display all command output one screen at a time. To display the next screen of output, press the space bar. This is the default setting.COMMAND prompt1
DESCRIPTION Set the operational mode prompt.
ARGUMENTS
COMMAND prompt2
DESCRIPTION Set the configuration mode prompt.
ARGUMENTS
COMMAND pwd
DESCRIPTION Display the current path in the configuration hierarchy.
ARGUMENTS This command has no arguments.
COMMAND rollback
DESCRIPTION Returns the configuration to a previously committed configuration.
ARGUMENTS
COMMAND quit
DESCRIPTION Exit the CLI session.
ARGUMENTS This command has no arguments.
COMMAND screen-length
DESCRIPTION Configure the length of the terminal window.
ARGUMENTS
<number-of-rows> can be from 0 through 256. When you set the screen length to 0 (zero), the CLI does not paginate command output.COMMAND screen-width
DESCRIPTION Configure the width of the terminal window.
ARGUMENTS
<number-of-rows> can be from 200 through 256.COMMAND send
DESCRIPTION Send a message to the terminal of a specified user or all users.
ARGUMENTS
all to send a message to all users. Specify username <username> to send a message only to a specified user.COMMAND show
DESCRIPTION Show information about the system.
ARGUMENTS
COMMAND show-defaults
DESCRIPTION Specify whether to display the default configuration.
ARGUMENTS
true to display the default values or false to hide the default values.COMMAND system
DESCRIPTION Perform system operations for aaa, database, diagnostics, or events.
ARGUMENTS
For information about applicable arguments, see these pages under config-mode-commands:
system aaa-authenticationsystem-aaa-password-policysystem-aaa-server-groupssystem-aaa-tlssystem-databasesystem-diagnostics-core-filessystem-diagnostics-ihealthsystem-diagnostics-qkviewCOMMAND system diagnostics tcpdump
DESCRIPTION
ARGUMENTS
"0/0.0".host, port, tcp.flags, and so on.EXAMPLES
Generate a tcpdump using bpf that only captures packets that go in or go out of blade 7's interface 1.0, are to/from 40.40.40.4, and the source or destination port is `80.n:
default-1# system diagnostics tcpdump bpf "host 40.40.40.4 and port 80"
running /usr/sbin/tcpdump -ni velo "host 40.40.40.4 and port 80"
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on velo, link-type EN10MB (Ethernet), capture size 262144 bytes
Generate a tcpdump that redirects the output to a PCAP file named capture.pcap:
default-1# system diagnostics tcpdump outfile capture.pcap
running /usr/sbin/tcpdump -ni velo "-w" "/var/F5/partition/capture.pcap"
tcpdump: listening on velo, link-type EN10MB (Ethernet), capture size 262144 bytes
COMMAND terminal
DESCRIPTION Set the terminal type.
ARGUMENTS
COMMAND timestamp
DESCRIPTION Configure whether to display the timestamp.
ARGUMENTS
enable to show the timestamp or disable to hide the timestamp.COMMAND who
DESCRIPTION Display information on currently-logged on users. The command output displays the session ID, user name, context, from (IP address), protocol, date, and mode (operational or configuration).
ARGUMENTS This command has no arguments.
COMMAND write
DESCRIPTION
Display the running configuration of the system on the terminal. This command is equivalent to the show running-config command.
ARGUMENTS
COMMAND annotation
DESCRIPTION Show only statements whose annotation matches a provided configuration statement or pattern.
Note: Only available when the system has been configured with attributes enabled.
ARGUMENTS
COMMAND append
DESCRIPTION Append command output text to a file.
ARGUMENTS
COMMAND begin
DESCRIPTION Display the command output starting at the first match of a specified string.
ARGUMENTS
COMMAND best-effort
DESCRIPTION Display command output or continue loading a file, even if a failure has occurred that might interfere with this process.
ARGUMENTS This command has no arguments.
COMMAND context-match
DESCRIPTION Display the upper hierarchy in which a pattern appears in the configuration.
ARGUMENTS
COMMAND count
DESCRIPTION Count the number of lines in the command output.
ARGUMENTS This command has no arguments.
COMMAND csv
DESCRIPTION Show table output in CSV format.
ARGUMENTS This command has no arguments.
COMMAND de-select
DESCRIPTION Do not show a specified field in the command output.
ARGUMENTS
COMMAND debug
DESCRIPTION Display debug information.
ARGUMENTS This command has no arguments.
COMMAND details
DESCRIPTION Display the default values for commands in the running configuration.
ARGUMENTS This command has no arguments.
COMMAND display
DESCRIPTION Display options.
ARGUMENTS This command has no arguments.
COMMAND exclude
DESCRIPTION Exclude lines from the command output that match a string defined by a specified regular expression.
ARGUMENTS
COMMAND extended
DESCRIPTION Display referring entries or elements.
ARGUMENTS
COMMAND force
DESCRIPTION Log out any users who are locking the configuration.
ARGUMENTS This command has no arguments.
COMMAND hide
DESCRIPTION Hide display options.
ARGUMENTS This command has no arguments.
COMMAND include
DESCRIPTION Include only lines in the command output that contain the string defined by a specified regular expression.
ARGUMENTS
COMMAND linnum
DESCRIPTION Display a line number at the beginning of each line in the displayed output.
ARGUMENTS This command has no arguments.
COMMAND match-all
DESCRIPTION Display the command output that matches all command output filters.
ARGUMENTS This command has no arguments.
COMMAND match-any
DESCRIPTION Display the command output that matches any one of the the command output filters. This is the default behavior when matching command output.
ARGUMENTS This command has no arguments.
COMMAND more
DESCRIPTION Paginate the command output. This is the default behavior.
ARGUMENTS This command has no arguments.
COMMAND nomore
DESCRIPTION Do not paginate command output.
ARGUMENTS This command has no arguments.
COMMAND notab
DESCRIPTION Display tabular command output in a list instead of in a table. If the tabular command output is wider than the screen width, the output automatically displays in a list.
ARGUMENTS This command has no arguments.
COMMAND repeat
DESCRIPTION
Repeat the output of a show command periodically.
ARGUMENTS
COMMAND save
DESCRIPTION Save the command output text to a file.
ARGUMENTS
COMMAND select
DESCRIPTION Display selected fields in the command output.
ARGUMENTS
COMMAND sort-by
DESCRIPTION Display command output with values sorted in a specified field.
ARGUMENTS
DESCRIPTION Suppress validation warning prompt
ARGUMENTS This command has no arguments.
COMMAND tab
DESCRIPTION Display tabular command output in table, even if the table is wider than the screen width. If the command output is wider than the screen width, wrap the output onto two or more lines.
ARGUMENTS This command has no arguments.
COMMAND tags
DESCRIPTION Show only statements with tags that match a pattern.
ARGUMENTS
COMMAND trace
DESCRIPTION Display trace information.
ARGUMENTS
COMMAND until
DESCRIPTION Display the command output, ending with the line that matches a specified string.
ARGUMENTS
COMMAND show SNMP-FRAMEWORK-MIB
DESCRIPTION Display information about the SNMP Management Architecture MIB.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the SNMP Engine information:
default-1# show SNMP-FRAMEWORK-MIB
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineID 80:00:61:81:05:01
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineBoots 1
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineTime 1632463
SNMP-FRAMEWORK-MIB snmpEngine snmpEngineMaxMessageSize 50000
COMMAND show cli
DESCRIPTION Display the default CLI session settings.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the current default CLI session settings:
default-1# show cli
autowizard true
complete-on-space false
devtools false
display-level 99999999
history 100
idle-timeout 1800
ignore-leading-space false
leaf-prompting true
output-file terminal
paginate true
prompt1 \h\M#
prompt2 \h(\m)#
screen-length 57
screen-width 120
service prompt config true
show-defaults false
terminal xterm-256color
timestamp disable
COMMAND show cluster
DESCRIPTION Display the state of all the nodes in the partition, including some data related to OpenShift nodes and the state of the FPGA and DMA devices.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the current state of nodes in the partition:
default-1# show cluster
cluster state
cluster nodes node blade-1
state enabled true
state node-running-state running
state assigned true
state platform fpga-state FPGA_RDY
state platform dma-agent-state DMA_AGENT_RDY
state slot-number 1
state node-info creation-time 2021-01-26T07:05:29Z
state node-info cpu 28
state node-info pods 250
state node-info memory 131574096Ki
state ready-info ready true
state ready-info last-transition-time 2021-01-26T19:16:25Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info out-of-disk false
state out-of-disk-info last-transition-time 2021-01-26T19:16:25Z
state out-of-disk-info message "kubelet has sufficient disk space available"
state disk-pressure-info disk-pressure false
state disk-pressure-info last-transition-time 2021-01-26T19:16:25Z
state disk-pressure-info message "kubelet has no disk pressure"
DISK DATA DISK DATA
NAME VALUE
-------------------------
capacity 979105116160
totalused 5975360
images 5956980
cluster nodes node blade-2
state enabled true
state node-running-state running
state assigned true
state platform fpga-state FPGA_RDY
state platform dma-agent-state DMA_AGENT_RDY
state slot-number 2
state node-info creation-time 2021-01-26T07:05:29Z
state node-info cpu 28
state node-info pods 250
state node-info memory 131574096Ki
state ready-info ready true
state ready-info last-transition-time 2021-01-26T07:05:51Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info out-of-disk false
state out-of-disk-info last-transition-time 2021-01-26T07:05:29Z
state out-of-disk-info message "kubelet has sufficient disk space available"
state disk-pressure-info disk-pressure false
state disk-pressure-info last-transition-time 2021-01-26T07:05:29Z
state disk-pressure-info message "kubelet has no disk pressure"
DISK DATA DISK DATA
NAME VALUE
-------------------------
capacity 979105116160
totalused 5975360
images 5956980
cluster nodes node blade-3
state enabled true
state node-running-state running
state assigned true
state slot-number 3
cluster nodes node blade-4
state enabled true
state node-running-state running
state assigned true
state slot-number 4
cluster nodes node blade-5
state enabled true
state node-running-state running
state assigned true
state slot-number 5
cluster nodes node blade-6
state enabled true
state node-running-state running
state assigned true
state slot-number 6
cluster nodes node blade-7
state enabled true
state node-running-state running
state assigned true
state slot-number 7
cluster nodes node blade-8
state enabled true
state node-running-state running
state assigned true
state slot-number 8
controller-2(config)# system licensing install registration-key I2305-08956-40368-99166-2099884
result License installed successfully.
COMMAND show cluster disk-usage-threshold
DESCRIPTION Display the current configuration of disk usage threshold.
ARGUMENTS
EXAMPLE
Display the current configuration for all disk usage threshold options:
default-2# show cluster disk-usage-threshold
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
COMMAND
show cluster nodes node
DESCRIPTION Display the state of a specific node in the partition, including some data about OpenShift nodes and the state of the FPGA and DMA devices.
ARGUMENTS
EXAMPLE
Display the state of the node blade-1:
default-1# show cluster nodes node blade-1 state
state enabled true
state node-running-state running
state assigned true
state platform fpga-state FPGA_RDY
state platform dma-agent-state DMA_AGENT_RDY
state slot-number 1
state node-info creation-time 2021-01-26T07:05:29Z
state node-info cpu 28
state node-info pods 250
state node-info memory 131574096Ki
state ready-info ready true
state ready-info last-transition-time 2021-01-26T19:16:25Z
state ready-info message "kubelet is posting ready status"
state out-of-disk-info out-of-disk false
state out-of-disk-info last-transition-time 2021-01-26T19:16:25Z
state out-of-disk-info message "kubelet has sufficient disk space available"
state disk-pressure-info disk-pressure false
state disk-pressure-info last-transition-time 2021-01-26T19:16:25Z
state disk-pressure-info message "kubelet has no disk pressure"
DISK DATA DISK DATA
NAME VALUE
---
capacity 979105116160
totalused 5975420
images 5957032
COMMAND show cluster disk-usage-threshold
DESCRIPTION Display current threshold settings for disk usage.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the current disk usage threshold:
default-1# show cluster disk-usage-threshold
cluster disk-usage-threshold state warning-limit 85
cluster disk-usage-threshold state error-limit 90
cluster disk-usage-threshold state critical-limit 97
cluster disk-usage-threshold state growth-rate-limit 10
cluster disk-usage-threshold state interval 60
COMMAND show components
DESCRIPTION Show information about hardware inventory and firmware, including:
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the FPGAs and their firmware version present on blade-1:
default-1# show components component blade-1 integrated-circuit
FPGA
INDEX VERSION
-----------------
atse_0 7.6.10
vqf_0 8.6.13
Display the serial numbers of blades in a partition:
default-1# show components component state serial-no
NAME SERIAL NO
---------------------
blade-1 bld424267s
blade-2 bld424373s
blade-3 bld421633s
Display storage information about the disks from all components:
default-1# show components component storage |tab
READ WRITE
DISK PERCENT TOTAL READ READ READ LATENCY WRITE WRITE WRITE LATENCY
NAME NAME MODEL VENDOR VERSION SERIAL NO SIZE TYPE USED IOPS IOPS MERGED BYTES MS IOPS MERGED BYTES MS
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------
blade-1 nvme0n1 INTEL SSDPELKX010T8 Intel VCV10301 BTLJ832408PV1P0I 1000.00GB nvme - - - - - - - - - -
blade-2 nvme0n1 INTEL SSDPELKX010T8 Intel VCV10301 BTLJ8343039N1P0I 1000.00GB nvme - - - - - - - - - -
blade-3 nvme0n1 INTEL SSDPELKX010T8 Intel VCV10301 BTLJ832408HP1P0I 1000.00GB nvme - - - - - - - - - -
COMMAND
show dag-states
DESCRIPTION
Display blade level packet disaggregation (DAG) state on the system. This table is populated by the system with a row per running tenant. The data shows the blades that a packet can be distributed to when received by an interface.
EXAMPLE
Display the current disaggregation state:
default-1# show dag-states
COMMIT TENANT SDAG
PUBLISHER PUBLISH TENANT COMMIT DAG INSTANCE TABLE
TENANT NAME PUBLISHER INSTANCE TIME INSTANCE TIME VERSION IDS SDAG TABLE HASH
-------------------------------------------------------------------------------------------------------------------------------------------------
defaultbip-1 dagd 1 1614908520 1 1614908520 16 { 1 } 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0
defaultbip-2 dagd 1 1615231250 1 1615231250 16 { 1 2 } 1 2 1 1 1 2 2 2 1 1 2 1 2 2 2 1 1 2 2 2 1 1 2 1 36876
default-1#
COMMAND
show dag-states dag-state
DESCRIPTION
Display only a specific dag-state for a given tenant name.
ARGUMENTS
Available options are:
EXAMPLE
default-1# show dag-states dag-state defaultbip-2
COMMIT TENANT SDAG
PUBLISHER PUBLISH TENANT COMMIT DAG INSTANCE TABLE
TENANT NAME PUBLISHER INSTANCE TIME INSTANCE TIME VERSION IDS SDAG TABLE HASH
-------------------------------------------------------------------------------------------------------------------------------------------------
defaultbip-2 dagd 1 1615231250 1 1615231250 16 { 1 2 } 1 2 1 1 1 2 2 2 1 1 2 1 2 2 2 1 1 2 2 2 1 1 2 1 36876
COMMAND show dma-states
DESCRIPTION Display statistics pertaining to software DMA transfers to and from blade hardware. These stats include packets transmitted, received, and dropped at the software/hardware boundary of each blade. Also included are PVA acceleration operations sent to and from the hardware on each blade. The statistics are kept per-blade, but are global/shared over all partitions.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display statistics for active ePVAs on blade-1:
default-1# show dma-states dma-state blade-1 state active-sep-epvas
RX
TX SYN TX SYN FSD RX
TX L4 TX L4 VIP VIP DROPS RX SYN
SVC SEP SNOOP SNOOP SNOOP SNOOP NO L4 VIP
ID ID QOS INSERTS EVICTS INSERTS EVICTS ROOM FSD FSD
-------------------------------------------------------------------
2 0 0 0 0 0 0 0 0 0
2 0 1 0 0 0 0 0 0 0
2 0 2 0 0 0 0 0 0 0
2 0 3 0 0 0 0 0 0 0
5 0 0 0 0 0 0 0 0 0
5 0 1 0 0 0 0 0 0 0
5 0 2 0 0 0 0 0 0 0
5 0 3 0 0 0 0 0 0 0
8 0 0 0 0 0 0 0 0 0
8 0 1 0 0 0 0 0 0 0
8 0 2 0 0 0 0 0 0 0
8 0 3 0 0 0 0 0 0 0
COMMAND show fdb
DESCRIPTION Show Layer 2 forwarding database (FDB) entries in the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display all FDB information using table output:
default-1# show fdb | tab
show fdb | tab
NDI
MAC ADDRESS VLAN TAG TYPE VLAN TAG TYPE VID ENTRY TYPE OWNER AGE ID SVC VTC SEP DMS DID CMDS MIRRORING INTERFACE
-----------------------------------------------------------------------------------------------------------------------------------------------------
00:94:a1:8e:4c:09 1040 tag_type_vid 1040 tag_type_vid 1040 L2-LISTENER - - 4095 8 - - - - 1 - -
00:94:a1:8e:4c:09 1041 tag_type_vid 1041 tag_type_vid 1041 L2-LISTENER - - 4095 8 - - - - 1 - -
Show FDB MAC table information:
default-1# show fdb mac-table
fdb mac-table entries entry 00:94:a1:8e:4c:09 100 tag_type_vid
state vlan 100
state tag-type tag_type_vid
state vid 100
state entry-type L2-LISTENER
state owner defaultbip-1
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
fdb mac-table entries entry 00:94:a1:8e:4c:09 101 tag_type_vid
state vlan 101
state tag-type tag_type_vid
state vid 101
state entry-type L2-LISTENER
state owner defaultbip-1
state ifh-fields ndi-id 4095
state ifh-fields svc 8
state ifh-fields cmds 1
COMMAND show file
DESCRIPTION Display current configuration for known hosts and state of file transfers.
ARGUMENTS
This command has no arguments.
EXAMPLES
Display the status of a current file transfer
default-1# show file transfer-operations
file transfer-operations transfer-operation images/BIGIP-bigip15.1.x.ALL-VELOS.qcow2.zip 192.0.2.11 build/bigip/v15.1.x/BIGIP-bigip15.1.x.ALL-VELOS.qcow2.zip "Import file" "HTTPS "
status "In Progress (12.0%)"
timestamp "Fri Jun 11 21:56:06 2021"
COMMAND show history
DESCRIPTION Display a history of commands run on the partition.
ARGUMENTS
EXAMPLE
Display the last five commands that were run on the partition:
default-1# show history 5
02:22:41 -- show running-config stp
02:22:57 -- show running-config system
02:23:05 -- show running-config cluster
02:24:13 -- show running-config vlans
02:28:39 -- show history
COMMAND show images
DESCRIPTION Display all images in the partition. Also shows which image is currently in use and which have been replicated to the other system controller.
ARGUMENTS This command has no arguments.
EXAMPLE
Display all images on the current partition:
default-1# show images
IN
NAME USE STATUS
--------------------------------------------------------------------------------------
BIGIP-bigip15.1.x-15.1.2.8-0.0.496.ALL-VELOS.qcow2.zip.bundle true replicated
COMMAND show interfaces
DESCRIPTION Display information about blade network interfaces. This includes options for link aggregation.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display only the first level of interface information:
default-1# show interfaces displaylevel 1
interfaces interface 1/1.0
interfaces interface 1/2.0
interfaces interface 2/1.0
interfaces interface 2/2.0
Display information two levels deep for all interfaces:
default-1# show interfaces displaylevel 2
interfaces interface 1/1.0
state name 1/1.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status DOWN
state counters in-octets 0
state counters in-unicast-pkts 0
state counters in-broadcast-pkts 0
state counters in-multicast-pkts 0
state counters in-discards 0
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:00
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
interfaces interface 1/2.0
state name 1/2.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status UP
state counters in-octets 12912213797284
state counters in-unicast-pkts 522514104
state counters in-broadcast-pkts 200979372285
state counters in-multicast-pkts 17092141
state counters in-discards 3949892934
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:01
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
interfaces interface 2/1.0
state name 2/1.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status UP
state counters in-octets 35352746791704
state counters in-unicast-pkts 128530545045
state counters in-broadcast-pkts 16241112162
state counters in-multicast-pkts 137385018018
state counters in-discards 2984046990
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:80
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
interfaces interface 2/2.0
state name 2/2.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status UP
state counters in-octets 35352746816000
state counters in-unicast-pkts 128530545045
state counters in-broadcast-pkts 16241112170
state counters in-multicast-pkts 137385018209
state counters in-discards 2984047014
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:81
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
Display information only about interface 1/1.0:
default-1# show interfaces interface 1/1.0
interfaces interface 1/1.0
state name 1/1.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status DOWN
state counters in-octets 0
state counters in-unicast-pkts 0
state counters in-broadcast-pkts 0
state counters in-multicast-pkts 0
state counters in-discards 0
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:00
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
Display state information for interface 1/1.0:
default-1# show interfaces interface 1/1.0 state
state name 1/1.0
state type ethernetCsmacd
state mtu 9600
state enabled true
state oper-status DOWN
state counters in-octets 0
state counters in-unicast-pkts 0
state counters in-broadcast-pkts 0
state counters in-multicast-pkts 0
state counters in-discards 0
state counters in-errors 0
state counters in-fcs-errors 0
state counters out-octets 0
state counters out-unicast-pkts 0
state counters out-broadcast-pkts 0
state counters out-multicast-pkts 0
state counters out-discards 0
state counters out-errors 0
state forward-error-correction auto
state lacp_state LACP_DEFAULTED
Display Ethernet information for interface 1/1.0:
default-1# show interfaces interface 1/1.0 ethernet
ethernet state port-speed SPEED_100GB
ethernet state hw-mac-address 00:94:a1:8e:f8:00
ethernet state counters in-mac-control-frames 0
ethernet state counters in-mac-pause-frames 0
ethernet state counters in-oversize-frames 0
ethernet state counters in-jabber-frames 0
ethernet state counters in-fragment-frames 0
ethernet state counters in-8021q-frames 0
ethernet state counters in-crc-errors 0
ethernet state counters out-mac-control-frames 0
ethernet state counters out-mac-pause-frames 0
ethernet state counters out-8021q-frames 0
ethernet state flow-control rx on
Display information about interface 1/1.0 using table output:
default-1# show interfaces interface 1/1.0 | tab
OUT
IN IN IN OUT OUT OUT FORWARD IN MAC IN MAC IN IN IN IN OUT MAC MAC OUT
OPER IN UNICAST BROADCAST MULTICAST IN IN IN FCS OUT UNICAST BROADCAST MULTICAST OUT OUT ERROR LAG LAG DISTRIBUTION MAC CONTROL PAUSE OVERSIZE JABBER FRAGMENT 8021Q IN CRC CONTROL PAUSE 8021Q MEMBER MEMBER
NAME NAME TYPE MTU ENABLED STATUS OCTETS PKTS PKTS PKTS DISCARDS ERRORS ERRORS OCTETS PKTS PKTS PKTS DISCARDS ERRORS CORRECTION LACP STATE TYPE SPEED HASH ADDRESS LAGID PORT SPEED HW MAC ADDRESS FRAMES FRAMES FRAMES FRAMES FRAMES FRAMES ERRORS FRAMES FRAMES FRAMES RX VLAN NAME STATUS
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
1/1.0 1/1.0 ethernetCsmacd 9600 true DOWN 0 0 0 0 0 0 0 0 0 0 0 0 0 auto LACP_DEFAULTED - - - - - SPEED_100GB 00:94:a1:8e:f8:00 0 0 0 0 0 0 0 0 0 0 on -
Display aggregation-specific output for a LAG named test-lag:
default-1# show interfaces interface test-lag aggregation
aggregation state lag-type STATIC
aggregation state lag-speed 200
aggregation state distribution-hash src-dst-ipport
aggregation state mac-address 00:0a:49:ff:48:0c
aggregation state lagid 2
MEMBER MEMBER
NAME STATUS
----------------
4/1.0 UP
4/2.0 UP
Display information about a LAG interface named lag1:
default-1# show interfaces interface lag1
interfaces interface lag1
aggregation state lag-type STATIC
aggregation state lag-speed 0
aggregation state mac-address 00:94:a1:8d:18:0a
COMMAND
show lacp
DESCRIPTION
Display the current LACP configuration and state information for global and all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display information about configured LACP interfaces:
default-1# show lacp
lacp state system-id-mac 00:94:a1:8e:4c:08
lacp interfaces interface testLAG
state name testLAG
state interval FAST
state lacp-mode ACTIVE
state system-id-mac 0:94:a1:8e:4c:8
Display one level of information about configured LACP interfaces:
default-1# show lacp displaylevel 1
lacp state system-id-mac 00:94:a1:8e:4c:08
lacp interfaces interface testLAG
COMMAND
show lacp interfaces
DESCRIPTION
Show current LACP state for all LACP interfaces.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.system-priority and the stack MAC address.COMMAND
show lacp interfaces interface
DESCRIPTION
Show current LACP config and state information for an LACP interface.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display information about the testLAG interface:
default-1# show lacp interfaces interface testLAG
lacp interfaces interface testLAG
state name testLAG
state interval FAST
state lacp-mode ACTIVE
state system-id-mac 0:94:a1:8e:4c:8
COMMAND
show lacp state
DESCRIPTION
Display global LACP state information.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.system-priority and the stack MAC address.EXAMPLE
Display the global state of LACP:
default-1# show lacp state
lacp state system-id-mac 00:94:a1:66:e0:08
COMMAND show lldp
DESCRIPTION Display the information about Link Layer Discovery Protocol (LLDP) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display all LLDP information:
default-1# show lldp
lldp state enabled
lldp state chassis-id "Temporary ChassisId"
lldp state chassis-id-type LOCAL
lldp interfaces interface 1/1.0
state name 1/1.0
state enabled
state counters frame-in 0
state counters frame-out 8
neighbors neighbor DL?U?uEthernet16/1
config
state system-name SDSW-100gb
state system-description "Arista Networks EOS version 4.16.7FX-7060X running on an Arista Networks DCS-7060CX-32S"
state chassis-id 44:4c:a8:55:82:75
state chassis-id-type MAC_ADDRESS
state ttl 120
state port-id Ethernet16/1
state port-id-type INTERFACE_NAME
state management-address 192.0.2.4
TYPE OUI OUI SUBTYPE CONFIG TYPE OUI OUI SUBTYPE VALUE
-------------------------------------------------------------------------------------------------------------------
127 IEEE802.1 PVID - 127 IEEE802.1 PVID 1
127 IEEE802.3 Aggregation Port Id - 127 IEEE802.3 Aggregation Port Id 0
127 IEEE802.3 Aggregation Status - 127 IEEE802.3 Aggregation Status 1
127 IEEE802.3 MAC/PHY Auto-negotiation Status - 127 IEEE802.3 MAC/PHY Auto-negotiation Status 0
127 IEEE802.3 MAC/PHY MAU Type - 127 IEEE802.3 MAC/PHY MAU Type 0
127 IEEE802.3 MAC/PHY PMD Capability - 127 IEEE802.3 MAC/PHY PMD Capability 0
127 IEEE802.3 Maximum Frame Size - 127 IEEE802.3 Maximum Frame Size 9236
Display only the first level of LLDP information:
default-1# show lldp displaylevel 1
lldp state enabled
lldp state chassis-id "Temporary ChassisId"
lldp state chassis-id-type LOCAL
lldp interfaces interface 1/1.0
Display only the interface level LLDP information:
default-1# show lldp interfaces interface 1/1.0
state name 1/1.0
state enabled
state counters frame-in 0
state counters frame-out 8
neighbors neighbor DL?U?uEthernet16/1
config
state system-name SDSW-100gb
state system-description "Arista Networks EOS version 4.16.7FX-7060X running on an Arista Networks DCS-7060CX-32S"
state chassis-id 44:4c:a8:55:82:75
state chassis-id-type MAC_ADDRESS
state ttl 120
state port-id Ethernet16/1
state port-id-type INTERFACE_NAME
state management-address 192.0.2.4
TYPE OUI OUI SUBTYPE CONFIG TYPE OUI OUI SUBTYPE VALUE
-------------------------------------------------------------------------------------------------------------------
127 IEEE802.1 PVID - 127 IEEE802.1 PVID 1
127 IEEE802.3 Aggregation Port Id - 127 IEEE802.3 Aggregation Port Id 0
127 IEEE802.3 Aggregation Status - 127 IEEE802.3 Aggregation Status 1
127 IEEE802.3 MAC/PHY Auto-negotiation Status - 127 IEEE802.3 MAC/PHY Auto-negotiation Status 0
127 IEEE802.3 MAC/PHY MAU Type - 127 IEEE802.3 MAC/PHY MAU Type 0
127 IEEE802.3 MAC/PHY PMD Capability - 127 IEEE802.3 MAC/PHY PMD Capability 0
127 IEEE802.3 Maximum Frame Size - 127 IEEE802.3 Maximum Frame Size 9236
Display only the interface neighbor information:
default-1# show lldp interfaces interface 1/1.0 neighbors neighbor
neighbors neighbor DL?U?uEthernet16/1
config
state system-name SDSW-100gb
state system-description "Arista Networks EOS version 4.16.7FX-7060X running on an Arista Networks DCS-7060CX-32S"
state chassis-id 44:4c:a8:55:82:75
state chassis-id-type MAC_ADDRESS
state ttl 120
state port-id Ethernet16/1
state port-id-type INTERFACE_NAME
state management-address 192.0.2.4
TYPE OUI OUI SUBTYPE CONFIG TYPE OUI OUI SUBTYPE VALUE
-------------------------------------------------------------------------------------------------------------------
127 IEEE802.1 PVID - 127 IEEE802.1 PVID 1
127 IEEE802.3 Aggregation Port Id - 127 IEEE802.3 Aggregation Port Id 0
127 IEEE802.3 Aggregation Status - 127 IEEE802.3 Aggregation Status 1
127 IEEE802.3 MAC/PHY Auto-negotiation Status - 127 IEEE802.3 MAC/PHY Auto-negotiation Status 0
127 IEEE802.3 MAC/PHY MAU Type - 127 IEEE802.3 MAC/PHY MAU Type 0
127 IEEE802.3 MAC/PHY PMD Capability - 127 IEEE802.3 MAC/PHY PMD Capability 0
127 IEEE802.3 Maximum Frame Size - 127 IEEE802.3 Maximum Frame Size 9236
COMMAND show parser
DESCRIPTION Display information about available commands and their syntax.
ARGUMENTS
EXAMPLE
Display information about all commands:
default-1# show parser dump
autowizard [false/true]
cd <Dir>
cd
clear history
compare file <File> [brief]
compare file <File> [brief] SNMP-COMMUNITY-MIB snmpCommunityTable snmpCommunityEntry
compare file <File> [brief] SNMP-NOTIFICATION-MIB snmpNotifyTable snmpNotifyEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetAddrTable snmpTargetAddrEntry
compare file <File> [brief] SNMP-TARGET-MIB snmpTargetParamsTable snmpTargetParamsEntry
compare file <File> [brief] SNMP-USER-BASED-SM-MIB usmUserTable usmUserEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmAccessTable vacmAccessEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmSecurityToGroupTable vacmSecurityToGroupEntry
compare file <File> [brief] SNMP-VIEW-BASED-ACM-MIB vacmViewTreeFamilyTable vacmViewTreeFamilyEntry
compare file <File> [brief] SNMPv2-MIB snmp snmpEnableAuthenTraps
compare file <File> [brief] SNMPv2-MIB system sysContact
compare file <File> [brief] SNMPv2-MIB system sysLocation
compare file <File> [brief] SNMPv2-MIB system sysName
compare file <File> [brief] cluster nodes node
compare file <File> [brief] components component
compare file <File> [brief] fdb mac-table entries entry
compare file <File> [brief] interfaces interface
compare file <File> [brief] lacp config system-priority
compare file <File> [brief] lacp interfaces interface
compare file <File> [brief] lldp config disabled
compare file <File> [brief] lldp interfaces interface
compare file <File> [brief] portgroups portgroup
compare file <File> [brief] stp global config
compare file <File> [brief] stp interfaces interface
compare file <File> [brief] stp mstp config hold-count
compare file <File> [brief] stp mstp mst-instances mst-instance
compare file <File> [brief] stp rstp config hold-count
compare file <File> [brief] stp rstp interfaces interface
compare file <File> [brief] stp stp config hold-count
compare file <File> [brief] stp stp interfaces interface
compare file <File> [brief] system aaa authentication config
compare file <File> [brief] system aaa authentication ldap bind_timelimit
compare file <File> [brief] system aaa authentication ldap idle_timelimit
compare file <File> [brief] system aaa authentication ldap ldap_version
compare file <File> [brief] system aaa authentication ldap ssl
compare file <File> [brief] system aaa authentication ldap timelimit
compare file <File> [brief] system aaa authentication ldap tls_reqcert
compare file <File> [brief] system aaa authentication roles role
compare file <File> [brief] system aaa authentication users user
compare file <File> [brief] system aaa password-policy config apply-to-root
compare file <File> [brief] system aaa password-policy config max-age
compare file <File> [brief] system aaa password-policy config max-login-failures
compare file <File> [brief] system aaa password-policy config min-length
compare file <File> [brief] system aaa password-policy config reject-username
compare file <File> [brief] system aaa password-policy config required-differences
compare file <File> [brief] system aaa password-policy config required-lowercase
compare file <File> [brief] system aaa password-policy config required-numeric
compare file <File> [brief] system aaa password-policy config required-special
compare file <File> [brief] system aaa password-policy config required-uppercase
compare file <File> [brief] system aaa password-policy config retries
compare file <File> [brief] system aaa password-policy config root-lockout
compare file <File> [brief] system aaa password-policy config root-unlock-time
--More--
COMMAND show partition
DESCRIPTION Display information about the partition, including the chassis base MAC address. All MAC addresses in the partition are offset of the base MAC address.
ARGUMENTS This command has no arguments.
EXAMPLE
Display information about the current partition:
default-1# show partition
partition chassis-base-mac 00:94:a1:8e:e8:00
COMMAND show portgroups
DESCRIPTION Display information about portgroups.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the first level of information for portgroup 1/1:
default-1# show portgroups portgroup 1/1 state displaylevel 1
state vendor-name "F5 NETWORKS INC."
state vendor-oui 009065
state vendor-partnum "OPT-0031 "
state vendor-revision A0
state vendor-serialnum "X1KA007 "
state transmitter-technology "850 nm VCSEL"
state media 100GBASE-SR4
state optic-state QUALIFIED
state ddm rx-pwr low-threshold alarm -14.0
state ddm rx-pwr low-threshold warn -11.0
state ddm rx-pwr instant val-lane1 -2.93
state ddm rx-pwr instant val-lane2 -2.81
state ddm rx-pwr instant val-lane3 -2.77
state ddm rx-pwr instant val-lane4 -2.9
state ddm rx-pwr high-threshold alarm 3.4
state ddm rx-pwr high-threshold warn 2.4
state ddm tx-pwr low-threshold alarm -10.0
state ddm tx-pwr low-threshold warn -8.0
state ddm tx-pwr instant val-lane1 -1.2
state ddm tx-pwr instant val-lane2 -1.01
state ddm tx-pwr instant val-lane3 -1.03
state ddm tx-pwr instant val-lane4 -1.13
state ddm tx-pwr high-threshold alarm 5.0
state ddm tx-pwr high-threshold warn 3.0
state ddm temp low-threshold alarm -5.0
state ddm temp low-threshold warn 0.0
state ddm temp instant val 33.3007
state ddm temp high-threshold alarm 75.0
state ddm temp high-threshold warn 70.0
state ddm bias low-threshold alarm 0.003
state ddm bias low-threshold warn 0.005
state ddm bias instant val-lane1 0.00754
state ddm bias instant val-lane2 0.00752
state ddm bias instant val-lane3 0.00747
state ddm bias instant val-lane4 0.007526
state ddm bias high-threshold alarm 0.013
state ddm bias high-threshold warn 0.011
state ddm vcc low-threshold alarm 2.97
state ddm vcc low-threshold warn 3.135
state ddm vcc instant val 3.2288
state ddm vcc high-threshold alarm 3.63
state ddm vcc high-threshold warn 3.465
Display all information about portgroup 1/1:
default-1# show portgroups portgroup 1/1
portgroups portgroup 1/1
state vendor-name "F5 NETWORKS INC."
state vendor-oui 009065
state vendor-partnum "OPT-0031 "
state vendor-revision A0
state vendor-serialnum "X1KA007 "
state transmitter-technology "850 nm VCSEL"
state media 100GBASE-SR4
state optic-state QUALIFIED
state ddm rx-pwr low-threshold alarm -14.0
state ddm rx-pwr low-threshold warn -11.0
state ddm rx-pwr instant val-lane1 -2.9
state ddm rx-pwr instant val-lane2 -2.8
state ddm rx-pwr instant val-lane3 -2.76
state ddm rx-pwr instant val-lane4 -2.92
state ddm rx-pwr high-threshold alarm 3.4
state ddm rx-pwr high-threshold warn 2.4
state ddm tx-pwr low-threshold alarm -10.0
state ddm tx-pwr low-threshold warn -8.0
state ddm tx-pwr instant val-lane1 -1.19
state ddm tx-pwr instant val-lane2 -0.98
state ddm tx-pwr instant val-lane3 -0.98
state ddm tx-pwr instant val-lane4 -1.1
state ddm tx-pwr high-threshold alarm 5.0
state ddm tx-pwr high-threshold warn 3.0
state ddm temp low-threshold alarm -5.0
state ddm temp low-threshold warn 0.0
state ddm temp instant val 33.3359
state ddm temp high-threshold alarm 75.0
state ddm temp high-threshold warn 70.0
state ddm bias low-threshold alarm 0.003
state ddm bias low-threshold warn 0.005
state ddm bias instant val-lane1 0.00746
state ddm bias instant val-lane2 0.00754
state ddm bias instant val-lane3 0.00753
state ddm bias instant val-lane4 0.007516
state ddm bias high-threshold alarm 0.013
state ddm bias high-threshold warn 0.011
state ddm vcc low-threshold alarm 2.97
state ddm vcc low-threshold warn 3.135
state ddm vcc instant val 3.2288
state ddm vcc high-threshold alarm 3.63
state ddm vcc high-threshold warn 3.465
Display the optic-state of portgroup 1/1:
default-1# show portgroups portgroup 1/1 state optic-state
state optic-state QUALIFIED
Display the vendor-name of portgroup 1/1:
default-1# show portgroups portgroup 1/1 state vendor-name
state vendor-name "F5 NETWORKS INC."
default-1#
COMMAND
show qos
DESCRIPTION
Display the state of Quality of Service (QOS) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display the current state of QOS on the system:
default-1# show qos
qos global-setting state status 8021P-enabled
TRAFFIC PRIORITIES
NAME VTC
-----------
BE 0
BRZ 1
CTRL 2
GOLD 3
SIG 4
SIX 5
SVL 6
VOIP 7
qos global-setting state mapping-8021p default-traffic-priority BE
802.1p TRAFFIC PRIORITY MAPPING
NAME VALUE
-------------
BRZ 1
CTRL 3
GOLD 4
SIG 5-6
SVL 2
VOIP 7
NAME NAME WEIGHT
--------------------
mg1 BE 12
BRZ 1
CTRL 5
GOLD 5
SIG 10
SVL 5
VOIP 60
METER
NAME GROUP
------------------------
single-port-lag mg1
qos pmq-table type 8021P-enabled
VTC VALUE
--------------
0 { 0 }
1 { 1 }
2 { 3 }
3 { 4 }
4 { 5 6 }
6 { 2 }
7 { 7 }
BLADE MG
ID DID ID
----------------
1 20 1
2 20 1
DID NAME STATUS TYPE
------------------------------
20 2/1.0 UP IN_TRUNK
BLADE MG
ID ID VTC CIR CBS
-------------------------------------
1 1 0 2629571813 30612
1 219130984 2551
2 1095654922 12755
3 1095654922 12755
4 2191309844 25510
6 1095654922 12755
7 13147859069 153061
2 1 0 2629571813 30612
1 219130984 2551
2 1095654922 12755
3 1095654922 12755
4 2191309844 25510
6 1095654922 12755
7 13147859069 153061
YELLOW RED RED
TRAFFIC FORWARD BYTES FORWARD BYTES BYTES YELLOW BYTES BYTES BYTES
INTERFACE PRIORITY IN OUT IN OUT IN OUT
-----------------------------------------------------------------------------------------------
2/1.0 BE 2110864454001191 131307771322650 0 103916809262888 0 0
2/1.0 BRZ 0 131312895910348 0 129030133658924 0 0
2/1.0 CTRL 0 131317575236946 0 119903658605678 0 0
2/1.0 GOLD 0 131323436227602 0 119908472120928 0 0
2/1.0 SIG 0 262645909350346 0 239815984025754 0 0
2/1.0 SVL 0 131317514644604 0 119903604393560 0 0
2/1.0 VOIP 0 131326550473990 0 145599086 0 0
COMMAND
show qos state
DESCRIPTION
Display statistics for the Quality of Service (QOS) on the system.
ARGUMENTS
EXAMPLE
default-1# show qos state
YELLOW RED RED
TRAFFIC FORWARD BYTES FORWARD BYTES BYTES YELLOW BYTES BYTES BYTES
INTERFACE PRIORITY IN OUT IN OUT IN OUT
-----------------------------------------------------------------------------------------------
2/1.0 BE 2114664587148973 131544148433582 0 104103869411150 0 0
2/1.0 BRZ 0 131549277022618 0 129262405053096 0 0
2/1.0 CTRL 0 131553956091998 0 120119490686078 0 0
2/1.0 GOLD 0 131559803979756 0 120124291107562 0 0
2/1.0 SIG 0 263118645760244 0 240247622890914 0 0
2/1.0 SVL 0 131553892928998 0 120119433915478 0 0
2/1.0 VOIP 0 131562922186388 0 145599086 0 0
COMMAND show restconf-state
DESCRIPTION Display capabilities supported by the RESTCONF server.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLE
Display all supported capabilities:
default-1# show restconf-state
restconf-state capabilities capability urn:ietf:params:restconf:capability:defaults:1.0?basic-mode=report-all
restconf-state capabilities capability urn:ietf:params:restconf:capability:depth:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:fields:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:with-defaults:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:filter:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:replay:1.0
restconf-state capabilities capability urn:ietf:params:restconf:capability:yang-patch:1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/collection/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/query-api/1.0
restconf-state capabilities capability http://tail-f.com/ns/restconf/unhide/1.0
COMMAND show running-config
DESCRIPTION Display the current configuration for a partition. By default, the whole configuration is displayed. You can limit what is shown by supplying a pathfilter. The pathfilter may be either a path pointing to a specific instance, or if an instance id is omitted, the part following the omitted instance is treated as a filter.
ARGUMENTS
For information about these arguments, see these sections on the partition show-SNMP-FRAMEWORK-MIB page.
EXAMPLE
Display the current running configuration for VLANs:
default-1# show running-config vlans
vlans vlan 1
!
vlans vlan 2
!
vlans vlan 3
!
vlans vlan 4
!
vlans vlan 5
!
vlans vlan 7
!
vlans vlan 100
!
vlans vlan 101
!
vlans vlan 1004
!
vlans vlan 1005
!
vlans vlan 1025
!
vlans vlan 1028
!
vlans vlan 1029
!
vlans vlan 1037
!
vlans vlan 1038
!
Display information about configured portgroups:
default-1# show running-config portgroups portgroup 1/1 config
portgroups portgroup 1/1
config name 1/1
config mode MODE_100GB
config ddm ddm-poll-frequency 30
Display information about interface 1.0 on blade-1:
default-1# show running-config interfaces interface 1/1.0 config
interfaces interface 1/1.0
config name 1/1.0
config type ethernetCsmacd
config enabled
Display information about a LAG named test-lag:
default-1# show running-config interfaces interface test-lag aggregation config
interfaces interface test-lag
aggregation config lag-type STATIC
aggregation config distribution-hash src-dst-ipport
Display information about the LAG assigned to interface 1.0 on blade-4:
default-1# show running-config interfaces interface 4/1.0 ethernet config
interfaces interface 4/1.0
ethernet config aggregate-id test-lag
!
COMMAND show service-instances
DESCRIPTION
Services are deployed for system features such as the Link Aggregation Control Protocol, Spanning Tree Protocol, etc., as well as for tenants deployed on the system. A service may have multiple instances. A system service is deployed in a Pod.
This command displays all the service instances in a partition.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the service-type value for each service-instance:
default-1# show service-instances service-instance service-type| tab
SLOT
TENANT NAME ID SERVICE TYPE
---------------------------------------
L2FwdSvc-1 1 ST_SYSTEM_SERVICE
L2FwdSvc-2 2 ST_SYSTEM_SERVICE
L2FwdSvc-3 3 ST_SYSTEM_SERVICE
L2FwdSvc-4 4 ST_SYSTEM_SERVICE
L2FwdSvc-5 5 ST_SYSTEM_SERVICE
L2FwdSvc-6 6 ST_SYSTEM_SERVICE
L2FwdSvc-7 7 ST_SYSTEM_SERVICE
L2FwdSvc-8 8 ST_SYSTEM_SERVICE
SwRbcaster-1 1 ST_SYSTEM_SERVICE
SwRbcaster-2 2 ST_SYSTEM_SERVICE
SwRbcaster-3 3 ST_SYSTEM_SERVICE
SwRbcaster-4 4 ST_SYSTEM_SERVICE
SwRbcaster-5 5 ST_SYSTEM_SERVICE
SwRbcaster-6 6 ST_SYSTEM_SERVICE
SwRbcaster-7 7 ST_SYSTEM_SERVICE
SwRbcaster-8 8 ST_SYSTEM_SERVICE
defaultbip-1 1 ST_TENANT_SERVICE
defaultbip-1 2 ST_TENANT_SERVICE
defaultbip-1 3 ST_TENANT_SERVICE
endtraffic 7 ST_TENANT_SERVICE
samit109s 1 ST_TENANT_SERVICE
Display the tenant-id value for each service-instance:
default-1# show service-instances service-instance tenant-id
SLOT TENANT
TENANT NAME ID ID
----------------------------
L2FwdSvc-1 1 0
L2FwdSvc-2 2 0
L2FwdSvc-3 3 0
L2FwdSvc-4 4 0
L2FwdSvc-5 5 0
L2FwdSvc-6 6 0
L2FwdSvc-7 7 0
L2FwdSvc-8 8 0
SwRbcaster-1 1 0
SwRbcaster-2 2 0
SwRbcaster-3 3 0
SwRbcaster-4 4 0
SwRbcaster-5 5 0
SwRbcaster-6 6 0
SwRbcaster-7 7 0
SwRbcaster-8 8 0
defaultbip-1 1 1
defaultbip-1 2 1
defaultbip-1 3 1
endtraffic 7 9
samit109s 1 8
COMMAND show service-pods
DESCRIPTION
Services are deployed for system features such as the Link Aggregation Control Protocol, Spanning Tree Protocol, etc., as well as for tenants deployed on the system. A service may have multiple instances. A system service is deployed in a Pod.
This command displays all the system service pods in a partition.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display all service pods:
default-1# show service-pods
SERVICE POD POD
SERVICE CLUSTER SLOT POD RESTART POD
SERVICE NAME CLUSTER IP PORT ID STATUS COUNT STATE POD MESSAGE
--------------------------------------------------------------------------------------------
lacpd 192.0.2.162 80 6 true 0 Running Running Successfully
lldpd 192.0.2.119 80 2 true 0 Running Running Successfully
stpd 192.0.2.161 80 2 true 0 Running Running Successfully
tmstat-rsync 192.0.2.96 1069 4 true 0 Running Running Successfully
Display pod messages for service pods:
default-1# show service-pods service-pod pod-message
SERVICE NAME POD MESSAGE
------------------------------------
lacpd Running Successfully
lldpd Running Successfully
stpd Running Successfully
tmstat-rsync Running Successfully
COMMAND show service-table
DESCRIPTION Display service tables for a partition.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.COMMAND show services
DESCRIPTION
Services are deployed for system features such as the Link Aggregation Control Protocol, Spanning Tree Protocol, etc., as well as for tenants deployed on the system. A service may have multiple instances. A system service is deployed in a Pod.
This command displays the internal configuration of services in a partition.
IMPORTANT: The detailed information displayed by this command is intended for use by F5 support engineers, rather than by end users.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.id, you can specify a service ID or one of these options: EXAMPLE
Display currently-running services:
default-1# show services
USE USE
SERVICE HASH FIELD FULL TUNNEL IP HASH FIELD FULL TUNNEL IP
ID ALG SELECT MASK MASK SELECT PROTO ALG SELECT MASK MASK SELECT PROTO TENANT NAME
-----------------------------------------------------------------------------------------------------------
8 dagv2 port true outer false dagv2 port true outer false defaultbip-1
11 dagv2 port true outer false dagv2 port true outer false endtraffic
COMMAND
show stp
DESCRIPTION
Displays the state of Spanning Tree Protocol (STP) on the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display all STP information:
default-1# show stp
stp global state enabled-protocol { STP }
stp rstp state hold-count 6
stp mstp state hold-count 6
LINK
NAME NAME EDGE PORT TYPE
----------------------------------
2/1.0 2/1.0 EDGE_DISABLE P2P
2/2.0 2/2.0 - P2P
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:8d:18:8
stp stp state designated-root-priority 8192
stp stp state designated-root-address 2:1c:73:ff:64:bb
stp stp state root-port 3
stp stp state root-cost 2200
stp stp state topology-changes 3
stp stp state time-since-topology-change 102
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 200 100 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 2 24 134
2/2.0 2/2.0 200 100 4 ALTERNATE BLOCKING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 45 1 20 203
default-1#
Display only the first level of STP information:
default-1# show stp stp displaylevel 1
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:8d:18:8
stp stp state designated-root-priority 8192
stp stp state designated-root-address 2:1c:73:ff:64:bb
stp stp state root-port 3
stp stp state root-cost 2200
stp stp state topology-changes 3
stp stp state time-since-topology-change 568
stp stp interfaces interface 2/1.0
stp stp interfaces interface 2/2.0
default-1# show stp stp displaylevel 2
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:8d:18:8
stp stp state designated-root-priority 8192
stp stp state designated-root-address 2:1c:73:ff:64:bb
stp stp state root-port 3
stp stp state root-cost 2200
stp stp state topology-changes 3
stp stp state time-since-topology-change 610
stp stp interfaces interface 2/1.0
state name 2/1.0
state cost 200
state port-priority 100
state port-num 3
state role ROOT
state port-state FORWARDING
state designated-root-priority 8192
state designated-root-address 2:1c:73:ff:64:bb
state designated-cost 2000
state designated-bridge-priority 32768
state designated-bridge-address 0:be:75:ae:1b:31
state designated-port-priority 128
state designated-port-num 37
state forward-transisitions 2
state counters bpdu-sent 40
state counters bpdu-received 455
stp stp interfaces interface 2/2.0
state name 2/2.0
state cost 200
state port-priority 100
state port-num 4
state role ALTERNATE
state port-state BLOCKING
state designated-root-priority 8192
state designated-root-address 2:1c:73:ff:64:bb
state designated-cost 2000
state designated-bridge-priority 32768
state designated-bridge-address 0:be:75:ae:1b:31
state designated-port-priority 128
state designated-port-num 45
state forward-transisitions 1
state counters bpdu-sent 20
state counters bpdu-received 526
default-1#
COMMAND
show stp global state enabled-protocol
DESCRIPTION
Display which STP protocol is currently enabled for the partition. There is either one enabled protocol per partition or None.
EXAMPLE
Display the currently-enabled protocol:
default-1# show stp global state enabled-protocol
stp global state enabled-protocol { STP }
COMMAND
show stp interfaces interface
DESCRIPTION
Display information about configured STP interfaces, including the current link type and edge port status.
ARGUMENTS
EXAMPLE
Display information about all configured STP interfaces:
default-1# show stp interfaces
LINK
NAME NAME EDGE PORT TYPE
----------------------------------
2/1.0 2/1.0 EDGE_DISABLE P2P
default-1#
Display information about STP interface 2/1.0:
default-1# show stp interfaces interface 2/1.0
LINK
NAME NAME EDGE PORT TYPE
----------------------------------
2/1.0 2/1.0 EDGE_DISABLE P2P
default-1#
COMMAND
show stp mstp
DESCRIPTION
Display all system state related to the MSTP protocol. These fields are populated only when the STP global enabled-protocol is MSTP.
EXAMPLE
Display MSTP information:
default-1# show stp mstp
stp mstp state name f5-mstp-test
stp mstp state revision 1
stp mstp state max-hop 20
stp mstp state hello-time 2
stp mstp state max-age 20
stp mstp state forwarding-delay 15
stp mstp state hold-count 6
stp mstp mst-instances mst-instance 555
state mst-id 555
state vlan { 555 }
state bridge-priority 61440
state designated-root-priority 61440
state designated-root-address 0:94:a1:8d:18:8
state root-port 0
state root-cost 0
state topology-changes 1
state time-since-topology-change 136
DESIGNATED DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 3 1 3 70
2/2.0 2/2.0 100 128 4 ALTERNATE BLOCKING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 4 0 2 71
default-1#
COMMAND
show stp mstp mst-instances
DESCRIPTION
Display all configured MST instances and their state.
EXAMPLE
Display information about all configured MST instances:
default-1# show stp mstp mst-instances
stp mstp mst-instances mst-instance 555
state mst-id 555
state vlan { 555 }
state bridge-priority 61440
state designated-root-priority 61440
state designated-root-address 0:94:a1:8d:18:8
state root-port 0
state root-cost 0
state topology-changes 1
state time-since-topology-change 274
DESIGNATED DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 3 1 3 139
2/2.0 2/2.0 100 128 4 ALTERNATE BLOCKING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 4 0 2 140
default-1#
COMMAND
show stp mstp mst-instances mst-instance
DESCRIPTION
Display information about a specific MST instance and its state. You can optionally specify a single attribute. Available options are:
root-port.stp mstp mst-instances mst-instances {mst-id} interfaces interface {name} state port-num.EXAMPLE
Display information about mst-instance 555:
default-1# show stp mstp mst-instances mst-instance 555
stp mstp mst-instances mst-instance 555
state mst-id 555
state vlan { 555 }
state bridge-priority 61440
state designated-root-priority 61440
state designated-root-address 0:94:a1:8d:18:8
state root-port 0
state root-cost 0
state topology-changes 1
state time-since-topology-change 396
DESIGNATED DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 3 1 3 200
2/2.0 2/2.0 100 128 4 ALTERNATE BLOCKING 0 0:0:0:0:0:0 0 61440 0:94:a1:8d:18:8 128 4 0 2 201
default-1#
COMMAND
show stp mstp state
DESCRIPTION
Display the global state for the MSTP protocol. You can optionally specify a single attribute. Available options are:
EXAMPLE
Display information about the global state for MSTP:
default-1# show stp mstp state
stp mstp state name f5-mstp-test
stp mstp state revision 1
stp mstp state max-hop 20
stp mstp state hello-time 2
stp mstp state max-age 20
stp mstp state forwarding-delay 15
stp mstp state hold-count 6
Display the MSTP name:
default-1# show stp mstp state name
stp mstp state name f5-mstp-test
Display the MSTP revision:
default-1# show stp mstp state revision
stp mstp state revision 1
Display the MSTP max-hop:
default-1# show stp mstp state max-hop
stp mstp state max-hop 20
Display the MSTP hello-time:
default-1# show stp mstp state hello-time
stp mstp state hello-time 2
Display the MSTP max-age:
default-1# show stp mstp state max-age
stp mstp state max-age 20
Display the MSTP forwarding-delay:
default-1# show stp mstp state forwarding-delay
stp mstp state forwarding-delay 15
Display the MSTP hold-count:
default-1# show stp mstp state hold-count
stp mstp state hold-count 6
COMMAND
show stp rstp
DESCRIPTION
Display all system state related to the RSTP protocol. These fields are only populated when the stp global enabled-protocol is RSTP.
EXAMPLE
Display RSTP information:
default-1# show stp rstp
stp rstp state hello-time 2
stp rstp state max-age 20
stp rstp state forwarding-delay 15
stp rstp state hold-count 6
stp rstp state bridge-priority 32768
stp rstp state bridge-address 0:94:a1:8d:18:8
stp rstp state designated-root-priority 8192
stp rstp state designated-root-address 2:1c:73:ff:64:bb
stp rstp state root-port 3
stp rstp state root-cost 2100
stp rstp state topology-changes 1
stp rstp state time-since-topology-change 10
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 1 2 7
2/2.0 2/2.0 100 128 4 ALTERNATE BLOCKING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 45 0 2 8
default-1#
COMMAND
show stp rstp interfaces interface
DESCRIPTION
Display information about configured RSTP interfaces
EXAMPLE
Display information about all configured RSTP interfaces:
default-1# show stp rstp interfaces
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 1 2 70
2/2.0 2/2.0 100 128 4 ALTERNATE BLOCKING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 45 0 2 71
default-1#
Display information about RSTP interface 2/1.0:
default-1# show stp rstp interfaces interface 2/1.0
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 100 128 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 1 2 98
default-1#
COMMAND
show stp stp
DESCRIPTION
Display all system state related to the STP protocol. These fields are only populated
when the STP global enabled-protocol is STP.
EXAMPLE
default-1# show stp stp
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:8d:18:8
stp stp state designated-root-priority 8192
stp stp state designated-root-address 2:1c:73:ff:64:bb
stp stp state root-port 3
stp stp state root-cost 2200
stp stp state topology-changes 3
stp stp state time-since-topology-change 1268
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 200 100 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 2 40 784
2/2.0 2/2.0 200 100 4 ALTERNATE BLOCKING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 45 1 20 853
default-1#
COMMAND
show stp stp interfaces
DESCRIPTION
Display all system state related to interfaces configured for the STP protocol.
EXAMPLE
default-1# show stp stp interfaces
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 200 100 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 2 40 841
2/2.0 2/2.0 200 100 4 ALTERNATE BLOCKING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 45 1 20 910
default-1#
COMMAND
show stp stp interfaces interface
DESCRIPTION
Display information about configured STP interfaces.
EXAMPLE
Display information about STP interface 2/1.0:
default-1# show stp stp interfaces interface 2/1.0
DESIGNATED DESIGNATED DESIGNATED
PORT PORT ROOT DESIGNATED ROOT DESIGNATED BRIDGE DESIGNATED PORT DESIGNATED FORWARD BPDU BPDU
NAME NAME COST PRIORITY NUM ROLE PORT STATE PRIORITY ADDRESS COST PRIORITY BRIDGE ADDRESS PRIORITY PORT NUM TRANSISITIONS SENT RECEIVED
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
2/1.0 2/1.0 200 100 3 ROOT FORWARDING 8192 2:1c:73:ff:64:bb 2000 32768 0:be:75:ae:1b:31 128 37 2 40 914
default-1#
COMMAND
show stp stp state
DESCRIPTION
Display any global state specific to the STP protocol. You can optionally specify a single attribute. Available options are:
root-port.stp rstp interfaces interface {name} state port-num.EXAMPLE
Display information about the global state for STP:
default-1# show stp stp state
stp stp state hello-time 2
stp stp state max-age 20
stp stp state forwarding-delay 15
stp stp state hold-count 6
stp stp state bridge-priority 32768
stp stp state bridge-address 0:94:a1:8d:18:8
stp stp state designated-root-priority 8192
stp stp state designated-root-address 2:1c:73:ff:64:bb
stp stp state root-port 3
stp stp state root-cost 2100
stp stp state topology-changes 1
stp stp state time-since-topology-change 418
Display the STP hello-time:
default-1# show stp stp state hello-time
stp stp state hello-time 2
Display the STP max-age:
default-1# show stp stp state max-age
stp stp state max-age 20
Display the STP forwarding-delay:
default-1# show stp stp state forwarding-delay
stp stp state forwarding-delay 15
Display the STP hold-count:
default-1# show stp stp state hold-count
stp stp state hold-count 6
Display the STP bridge-priority:
default-1# show stp stp state bridge-priority
stp stp state bridge-priority 32768
Display the STP bridge-address:
default-1# show stp stp state bridge-address
stp stp state bridge-address 0:94:a1:8d:18:8
Display the STP designated-root-priority:
default-1# show stp stp state designated-root-priority
stp stp state designated-root-priority 8192
Display the STP designated-root-address:
default-1# show stp stp state designated-root-address
stp stp state designated-root-address 2:1c:73:ff:64:bb
Display the STP root-port:
default-1# show stp stp state root-port
stp stp state root-port 3
Display the STP root-cost:
default-1# show stp stp state root-cost
stp stp state root-cost 2100
Display the STP topology-changes:
default-1# show stp stp state topology-changes
stp stp state topology-changes 1
Display the STP time-since-topology-change:
default-1# show stp stp state time-since-topology-change
stp stp state time-since-topology-change 486
COMMAND show system aaa
DESCRIPTION Display system user authentication information, including information about roles, users, primary key, server groups, and TLS.
ARGUMENTS
This command has no arguments.
EXAMPLE
Display the default system accounts:
default-1# show system aaa authentication
LAST TALLY EXPIRY
USERNAME CHANGE COUNT DATE ROLE
----------------------------------------
admin 18000 0 -1 admin
root 18000 0 -1 root
ROLENAME GID USERS
--------------------------
admin 9000 -
limited 9999 -
operator 9001 -
partition_1 9101 -
partition_2 9102 -
partition_3 9103 -
partition_4 9104 -
partition_5 9105 -
partition_6 9106 -
partition_7 9107 -
partition_8 9108 -
root 0 -
ts_admin 9100 -
user 9002 -
Show the TLS certificate:
default-1# show system aaa tls state certificate
Show the current CRLs in the system:
default-1# show system aaa tls crls crl
COMMAND show system alarms
DESCRIPTION Display information about system alarms.
EXAMPLE
Display active alarm conditions:
default-1# show system alarms
ID RESOURCE SEVERITY TEXT TIME CREATED
-------------------------------------------------------------------------------------------------
65545 blade-1 EMERGENCY Power fault detected in hardware 2020-08-31 11:50:24.042169447 UTC
COMMAND
show system appliance-mode
DESCRIPTION
Check the current state of appliance mode. It can be either enabled or disabled.
EXAMPLE
Get the current state of appliance-mode:
default-1# show system appliance-mode
system appliance-mode state disabled
COMMAND show system diagnostics
DESCRIPTION Show iHealth information.
EXAMPLE
Display the iHealth configuration for the system:
default-1# show system diagnostics ihealth
system diagnostics ihealth state username ""
system diagnostics ihealth state server https://ihealth-api.f5.com/qkview-analyzer/api/qkviews?visible_in_gui=True
system diagnostics ihealth state authserver https://api.f5.com/auth/pub/sso/login/ihealth-api
COMMAND show system events
DESCRIPTION Display information about system events.
EXAMPLE
Show a list of system events:
default-1# show system events | nomore
LOG
---------------------------------------------------------------------------------------------------------------------------
65550 blade-4 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:28.733241080 UTC"
65550 blade-3 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:29.902888478 UTC"
65550 blade-5 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:30.046717591 UTC"
65550 blade-8 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:30.051940195 UTC"
65550 blade-7 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:30.142001647 UTC"
65550 blade-1 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:30.374032006 UTC"
65550 blade-2 firmware-update-status EVENT NA "Firmware update is running for vqf 0" "2021-06-07 07:30:30.931862196 UTC"
65546 blade-1 thermal-fault EVENT NA "Deasserted: VQF hot" "2021-06-07 07:30:34.424898975 UTC"
65550 blade-4 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:36.732847474 UTC"
65550 blade-4 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:36.740437691 UTC"
65550 blade-3 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:37.888844718 UTC"
65550 blade-3 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:37.896351348 UTC"
65550 blade-5 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:38.035980475 UTC"
65550 blade-8 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:38.051669894 UTC"
65550 blade-5 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.042799411 UTC"
65550 blade-8 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.058516384 UTC"
65550 blade-7 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:38.141770789 UTC"
65550 blade-7 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.148985854 UTC"
65550 blade-6 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.227215000 UTC"
65550 blade-1 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:38.373658790 UTC"
65550 blade-1 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.380764421 UTC"
65550 blade-2 firmware-update-status EVENT NA "Firmware update completed for vqf 0" "2021-06-07 07:30:38.923931779 UTC"
65550 blade-2 firmware-update-status EVENT NA "Firmware update is running for atse 0" "2021-06-07 07:30:38.930746599 UTC"
65546 blade-1 thermal-fault ASSERT WARNING "Thermal fault detected in hardware" "2021-06-07 07:30:40.371912934 UTC"
...
COMMAND show system health
DESCRIPTION Display health information about system components.
ARGUMENTS
The availability of options for this command depends on the hardware component for which you want to view health information.
EXAMPLES
Display high-level hardware health state for blade-5:
default-1# show system health components component blade-5 hardware state | nomore
KEY NAME HEALTH SEVERITY
--------------------------------------------------------------------------------
blade/hardware/cpu CPU ok info
blade/hardware/cpu/interfaces/ctrlplane00 Control Plane 00 ok info
blade/hardware/cpu/interfaces/ctrlplane01 Control Plane 01 ok info
blade/hardware/cpu/interfaces/ctrlplane02 Control Plane 02 ok info
blade/hardware/cpu/interfaces/ctrlplane03 Control Plane 03 ok info
blade/hardware/cpu/pcie PCIe BUS ok info
blade/hardware/dma/dm0 DMA ok info
blade/hardware/dma/dm1 DMA ok info
blade/hardware/dma/dm2 DMA ok info
blade/hardware/dma/sep SEP ok info
blade/hardware/dma/stream-manager Stream-Manager ok info
blade/hardware/drives Drives ok info
blade/hardware/drives/nvme0n1 Drive NVME 0 ok info
blade/hardware/fpga/atse0 FPGA ATSE-0 ok info
blade/hardware/fpga/atse0/be2 Bandwidth Engine ok info
blade/hardware/fpga/atse0/fp0 FP0<->Optic-0 ok info
blade/hardware/fpga/atse0/fp1 FP1<->Optic-1 ok info
blade/hardware/fpga/atse0/gearbox0 Gearbox-0 ok info
blade/hardware/fpga/atse0/gearbox1 Gearbox-1 ok info
blade/hardware/fpga/atse0/ifh0 ATSE<->VQF Host0 ok info
blade/hardware/fpga/atse0/ifh1 ATSE<->VQF FP1 ok info
blade/hardware/fpga/atse0/ifh2 ATSE<->VQF FP0 ok info
blade/hardware/fpga/atse0/pcie0 ATSE<->CPU PCIe0 ok info
blade/hardware/fpga/atse0/pcie1 ATSE<->CPU PCIe1 ok info
blade/hardware/fpga/atse0/pcie2 ATSE<->CPU PCIe2 ok info
blade/hardware/fpga/vqf VQF FPGA ok info
blade/hardware/fpga/vqf/bp0 VQF<->CC1 BP0 ok info
blade/hardware/fpga/vqf/bp1 VQF<->CC2 BP1 ok info
blade/hardware/fpga/vqf/ifh0 VQF<->ATSE FP0 ok info
blade/hardware/fpga/vqf/ifh1 VQF<->ATSE FP1 ok info
blade/hardware/fpga/vqf/ifh2 VQF<->ATSE Host0 ok info
blade/hardware/fpga/vqf/nse NSE ok info
blade/hardware/fpga/vqf/nse/nse-fp0 NSE FP0 ok info
blade/hardware/fpga/vqf/nse/nse-fp1 NSE FP1 ok info
blade/hardware/fpga/vqf/pcie0 VQF PCIe Config ok info
blade/hardware/fpga/vqf/voq VOQ ok info
blade/hardware/fpga/vqf/voq/blade1.cpu VOQ -> blade1.cpu ok info
blade/hardware/fpga/vqf/voq/blade1.fp0 VOQ -> blade1.fp0 ok info
blade/hardware/fpga/vqf/voq/blade1.fp1 VOQ -> blade1.fp1 ok info
blade/hardware/fpga/vqf/voq/blade2.cpu VOQ -> blade2.cpu ok info
blade/hardware/fpga/vqf/voq/blade2.fp0 VOQ -> blade2.fp0 ok info
blade/hardware/fpga/vqf/voq/blade2.fp1 VOQ -> blade2.fp1 ok info
blade/hardware/fpga/vqf/voq/blade3.cpu VOQ -> blade3.cpu ok info
blade/hardware/fpga/vqf/voq/blade3.fp0 VOQ -> blade3.fp0 ok info
blade/hardware/fpga/vqf/voq/blade3.fp1 VOQ -> blade3.fp1 ok info
blade/hardware/fpga/vqf/voq/blade4.cpu VOQ -> blade4.cpu ok info
blade/hardware/fpga/vqf/voq/blade4.fp0 VOQ -> blade4.fp0 ok info
blade/hardware/fpga/vqf/voq/blade4.fp1 VOQ -> blade4.fp1 ok info
blade/hardware/fpga/vqf/voq/blade5.cpu VOQ -> blade5.cpu ok info
blade/hardware/fpga/vqf/voq/blade5.fp0 VOQ -> blade5.fp0 ok info
blade/hardware/fpga/vqf/voq/blade5.fp1 VOQ -> blade5.fp1 ok info
blade/hardware/fpga/vqf/voq/blade6.cpu VOQ -> blade6.cpu ok info
blade/hardware/fpga/vqf/voq/blade6.fp0 VOQ -> blade6.fp0 ok info
blade/hardware/fpga/vqf/voq/blade6.fp1 VOQ -> blade6.fp1 ok info
blade/hardware/fpga/vqf/voq/blade7.cpu VOQ -> blade7.cpu ok info
blade/hardware/fpga/vqf/voq/blade7.fp0 VOQ -> blade7.fp0 ok info
blade/hardware/fpga/vqf/voq/blade7.fp1 VOQ -> blade7.fp1 ok info
blade/hardware/fpga/vqf/voq/blade8.cpu VOQ -> blade8.cpu ok info
blade/hardware/fpga/vqf/voq/blade8.fp0 VOQ -> blade8.fp0 ok info
blade/hardware/fpga/vqf/voq/blade8.fp1 VOQ -> blade8.fp1 ok info
blade/hardware/lop LOP ok info
blade/hardware/memory Memory ok info
blade/hardware/optic0 optic-0 ok info
blade/hardware/optic1 optic-1 ok info
blade/hardware/qat QAT ok info
blade/hardware/tpm TPM ok info
Display the status of the tcpdump service on the blades:
default-1-active# show system health components component services blade/services/tcpdumpd
system health components component blade-1
services blade/services/tcpdumpd
state name tcpdumpd
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2021-06-17T07:13:48Z
container:event:die Container die event ok info 0 2021-07-12T17:43:23Z
container:event:exec-create Container exec create event ok info 0 2021-07-12T15:56:52Z
container:event:exec-detach Container exec detach event ok info 0 2021-06-17T07:13:48Z
container:event:exec-die Container exec die event ok info 0 2021-06-17T07:13:48Z
container:event:exec-start Container exec start event ok info 0 2021-07-12T15:56:52Z
container:event:kill Container kill event ok info 0 2021-07-12T17:43:23Z
container:event:restart Container restart event ok info 0 2021-07-12T17:48:26Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2021-06-17T07:13:48Z
container:event:start Container start event ok info 0 2021-06-17T07:13:48Z
container:event:stop Container stop event ok info 0 2021-07-12T17:43:23Z
container:running Container running ok info true 2021-07-13T14:24:26Z
system health components component blade-2
services blade/services/tcpdumpd
state name tcpdumpd
state health ok
state severity info
NAME DESCRIPTION HEALTH SEVERITY VALUE UPDATED AT
----------------------------------------------------------------------------------------------------------------------------
container:event:attach Container attach event ok info 0 2021-06-17T07:13:47Z
container:event:die Container die event ok info 0 2021-07-13T14:24:52Z
container:event:exec-create Container exec create event ok info 0 2021-07-12T15:56:55Z
container:event:exec-detach Container exec detach event ok info 0 2021-06-17T07:13:47Z
container:event:exec-die Container exec die event ok info 0 2021-06-17T07:13:47Z
container:event:exec-start Container exec start event ok info 0 2021-07-12T15:56:55Z
container:event:kill Container kill event ok info 0 2021-07-13T14:24:52Z
container:event:restart Container restart event ok info 0 2021-07-12T17:47:13Z
container:event:restart-last-hour Container restart count in the last hour ok info 0 2021-06-17T07:13:47Z
container:event:start Container start event ok info 0 2021-06-17T07:13:47Z
container:event:stop Container stop event ok info 0 2021-07-13T14:24:52Z
container:running Container running ok info true 2021-07-13T14:24:52Z
...
Display a high-level summary of all system components:
default-1# show system health summary
system health summary components component blade-1
state health ok
state severity notice
system health summary components component blade-2
state health unhealthy
state severity error
attributes attribute "blade/firmware/fpga/atse0 - firmware:update-status"
description "Firmware update status"
health unhealthy
severity error
value error
updatedAt 2022-04-21T17:11:52Z
attributes attribute "blade/services/partition_fpga - service:ready"
description "Service ready status"
health ok
severity warning
value false
updatedAt 2022-04-21T07:55:32Z
attributes attribute "blade/services/partition_fpga - service:message-error"
description "Service health monitor error"
health ok
severity warning
value "No response to ready request"
updatedAt 2022-04-21T07:55:32Z
attributes attribute "blade/services/partition_fpga - service:message-error-count"
description "Service health monitor error count"
health ok
severity warning
value 1000
updatedAt 2022-04-21T07:55:34Z
system health summary components component blade-3
system health summary components component blade-4
system health summary components component blade-5
system health summary components component blade-6
system health summary components component blade-7
system health summary components component blade-8
system health summary components component controller-1
state health ok
state severity info
system health summary components component controller-2
state health ok
state severity info
COMMAND show system licensing
DESCRIPTION Display information about partition licence.
EXAMPLE
Display license information for the default partition Note: commented license key values.
default-1# show system licensing
system licensing license
Licensed version 7.4.0
Registration Key XXXXX-XXXXX-XXXXX-XXXXX-XXXXXXX
Licensed date 2020/08/29
License start 2020/05/05
License end 2020/09/29
Service check date 2020/08/30
Platform ID F101
Appliance SN chs600103s
Active Modules
Local Traffic Manager, CX410 (XXXXXXX-XXXXXXX)
Best Bundle, CX410
APM-Lite
Advanced Routing
Carrier Grade NAT (AFM ONLY)
Max Compression, CX410
Rate Shaping
Max SSL, CX410
Anti-Virus Checks
Base Endpoint Security Checks
Firewall Checks
Machine Certificate Checks
Network Access
Protected Workspace
Secure Virtual Keyboard
APM, Web Application
App Tunnel
Remote Desktop
COMMAND show system logging
DESCRIPTION Display information about remote logging.
ARGUMENTS
This command has no arguments.
COMMAND show system redundancy
DESCRIPTION Display the redundancy state of the system; tracks the database synchronization status for both the system cControllers and the blades.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the current redundancy state:
default-1# show system redundancy
system redundancy state mode prefer-1
system redundancy state auto-failback enabled
system redundancy state auto-failback failback-delay 30
system redundancy state current-active controller-1
system redundancy state status redundant
SERVICES
NAME STATUS FAULT STARTUP TIME LAST TRANSITION OS VERSION VERSION
------------------------------------------------------------------------------------------------
blade-1 replica false 2020-09-16 15:31:35 2020-09-16 15:31:37 1.0.0-0000 1.0.0-0000
blade-2 - - - - - -
controller-1 active false 2020-09-16 15:30:41 2020-09-16 15:30:44 1.0.0-0000 1.0.0-0000
controller-2 standby false 2020-09-16 15:31:16 2020-09-16 15:31:16 1.0.0-0000 1.0.0-0000
COMMAND show system redundancy state
DESCRIPTION Display the state of all system redundancy configuration settings.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the state of all redundancy settings:
default-1# show system redundancy state
system redundancy state mode auto
system redundancy state auto-failback disabled
system redundancy state auto-failback failback-delay 30
system redundancy state current-active controller-1
system redundancy state status redundant
COMMAND show system redundancy nodes node
DESCRIPTION Display the redundancy state of a specific node in the partition. The node can be either a system controller or blade.
ARGUMENTS
EXAMPLE
Display the redundancy state of blade-1:
default-1# show system redundancy nodes node blade-1
SERVICES
NAME STATUS FAULT STARTUP TIME LAST TRANSITION OS VERSION VERSION
-------------------------------------------------------------------------------------------
blade-1 replica false 2021-06-15 20:56:51 2021-06-15 20:56:54 1.2.0-7682 1.2.0-7682
COMMAND show system state
DESCRIPTION Display the name of the current partition.
ARGUMENTS
EXAMPLES
Display the current partition:
default-1# show system state
system state partition-name default
Display the current partition:
default-1# show system state partition-name
system state partition-name default
COMMAND show system settings dag
DESCRIPTION Display information about the disaggregator (DAG) state for the system.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at depth 3 below a given element will be displayed, etc. The range is from 1 through 64.EXAMPLES
Display the current DAG state:
default-1# show system settings dag
system settings dag state ipv6-prefix-length 128
COMMAND show system state
DESCRIPTION Display the name of the current partition.
ARGUMENTS
EXAMPLES
Display the current partition:
default-1# show system state
system state partition-name default
Display the current partition:
default-1# show system state partition-name
system state partition-name default
COMMAND show tenants
DESCRIPTION Display the state of all configured tenants in the partition.
ARGUMENTS This command has no arguments.
EXAMPLE
Display the state of configured tenants on the current partition:
default-1# show tenants
tenants tenant bigip-vm
state unit-key-hash mHBqOf9bDlLkKb9erpvjx++nwQBMOk4seGfONpRZ2/30k6ycrUhOEMcSxFSSWRl1qNSIm392m+HUdDUfs3Kn8A==
state type BIG-IP
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.1
state vlans { 100 }
state cryptos disabled
state vcpu-cores-per-node 2
state memory 7680
state running-state deployed
state mac-data base-mac 00:94:a1:8c:e8:09
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Running
state primary-slot 1
state image-version "BIG-IP 15.1.2.8 0.0.496"
NDI MAC
----------------------------
default 00:94:a1:8c:e8:0a
state instances instance 1
instance-id 1
phase Running
image-name BIGIP-bigip15.1.x-15.1.2.8-0.0.496.ALL-VELOS.qcow2.zip.bundle
creation-time 2021-01-26T19:17:19Z
ready-time 2021-01-26T19:17:15Z
status "Started tenant instance"
mgmt-mac ae:ce:3c:8c:df:4e
COMMAND
show tenants tenant
DESCRIPTION Displays the state of a specific configured tenants in the partition.
ARGUMENTS
EXAMPLE
Display the state of a tenant named bigip-vm:
default-1# show tenants tenant bigip-vm
tenants tenant bigip-vm
state unit-key-hash mHBqOf9bDlL5tyerpvjx++nwQBMOk4seGfONpRZ2/30k6ycrUhOEMcSxFSSWRl1qNSIm392m1234DUfs3Kn8A==
state type BIG-IP
state mgmt-ip 192.0.2.61
state prefix-length 24
state gateway 192.0.2.1
state vlans { 100 }
state cryptos disabled
state vcpu-cores-per-node 2
state memory 7680
state running-state deployed
state mac-data base-mac 00:94:a1:8c:e8:09
state mac-data mac-pool-size 1
state appliance-mode disabled
state status Running
state primary-slot 1
state image-version "BIG-IP 15.1.2.8 0.0.496"
NDI MAC
----------------------------
default 00:94:a1:8c:e8:0a
state instances instance 1
instance-id 1
phase Running
image-name BIGIP-bigip15.1.x-15.1.2.8-0.0.496.ALL-VELOS.qcow2.zip.bundle
creation-time 2021-01-26T19:17:19Z
ready-time 2021-01-26T19:17:15Z
status "Started tenant instance"
mgmt-mac ae:ce:3c:8c:df:4e
COMMAND show vlan-listeners
DESCRIPTION
Displays configured vlan-listeners. These objects are system created and available for display for technical support purposes only.
ARGUMENTS
show command. If a display level of 1 is specified, then only the direct children of an element will be shown. If a display level of 3 is specified, then only elements at a depth of three below a given element will be displayed, etc. The range is from 1 through 64.vlan-listener associated with an interface and VLAN pair.EXAMPLE
Display the vlan-listener on interface 1/1.0 with the VLAN ID of 100:
show vlan-listeners vlan-listener 1/1.0 100
NDI SERVICE
INTERFACE VLAN ENTRY TYPE OWNER ID SVC VTC SEP DMS DID CMDS MIRRORING IDS
------------------------------------------------------------------------------------------------
1/1.0 100 VLAN-LISTENER tenant-1 4095 8 - 15 - - - disabled -