Command Line Reference

This reference is better understood if you know the basics of how to operate the PCLI. If you have not used the PCLI before, it is beneficial to first read the basics about the PCLI and the basics of the configuration management.

clear arp

Usage

clear arp [device-interface <device-interface>] [vlan <vlan>] [ip <ip>] [force] [router <router>] [node <node>]
Keyword Arguments
  • device-interface the device interface on which to clear the ARP cache
  • force Skip confirmation prompt
  • ip the IP address for which to clear an ARP entry (must specify 'device-interface') [type: IP address]
  • node The name of the node
  • router The name of the router
  • vlan the VLAN on which to clear the ARP cache (must specify 'device-interface') [type: int]

Description

The clear arp command is typically used during troubleshooting, to remove ARP (Address Resolution Protocol) entries from a 128T router or node's ARP cache. The command has multiple filters, allowing administrators to specify which specific entry to remove.

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.2.0This feature was introduced

See Also

  • show arp Shows current arps from the highway manager at the specified node

clear bgp

Usage

clear bgp [{in | out | soft}] [force] [router <router>] <neighbor>
Keyword Arguments
  • force Skip confirmation prompt
  • in soft reset received BGP updates
  • out soft reset transmitted BGP updates
  • router The name of the router for which to clear BGP neighbors
  • soft soft reset received and transmitted BGP updates
Positional Arguments
  • neighbor neighbor ip-address [type: IP address or 'all']

Description

Clear routes associated with one or all BGP neighbors.

See Also

  • show bgp Show the current BGP routes from the routing manager

clear context node

Usage

clear context node

Description

Clear only the node context.

See Also

clear context router

Usage

clear context router

Description

Clear both the router context and node context.

See Also

clear context stats start-time

Usage

clear context stats start-time

Description

Clears the start time for show stats commands.

clear events admin

Usage

clear events admin

Description

Clears admin event records.

clear events alarm

Usage

clear events alarm

Description

Clears alarm event records.

clear events all

Usage

clear events all

Description

Clears all event records.

clear events system

Usage

clear events system

Description

Clears system event records.

clear events traffic

Usage

clear events traffic

Description

Clears traffic event records.

clear history

Usage

clear history

Description

Clear the PCLI's command history.

See Also

commit

Usage

commit [force] [validate-local]
Keyword Arguments
  • force Skip confirmation prompt
  • validate-local Only validate the configuration on the Conductor

Description

The commit command causes the 128T router to validate the candidate configuration, and then replace the running configuration with the candidate configuration (assuming it passes the validation step). It is used once a series of configuration changes have been made, and an administrator wishes to "activate" those configuration changes.

When run from a 128T conductor, the conductor will first validate the configuration itself before distributing configuration to all of its managed routers for each of them to validate the configuration. After the managed routers have all reported the results of their validation, the commit activity takes place (assuming a successful validation). This distributed validation can be skipped by using the validate-local keyword argument.

The commit command will prompt a user for confirmation, as this is a (potentially) service affecting command. By supplying the optional force keyword, the confirmation step is skipped:

*admin@labsystem1.fiedler# commit
Are you sure you want to commit the candidate config? [y/N]: y
Configuration committed
*admin@labsystem1.fiedler# commit force
Configuration committed
admin@labsystem1.fiedler#

If the validation step fails, the administrator will be notified, the commit step is not executed, and the existing running configuration will remain in place. The validator will get a list of all errors that must be addressed before the commit can be completed. There may also be warnings displayed in the event that the candidate configuration contains elements that are deprecated.

Example

*admin@burl-corp-primary.burl-corp# commit
✖ Validating, then committing...
% Error: Failed to commit:
1. Service name "bar" does not exist
config
authority
router burl-corp
service-route foo
service-name
2. A service route must have at least one next-hop, peer,
nat-target, use-learned-routes, routing-stack or host configured. It cannot have both
the peer and nat-target configured.
config
authority
router burl-corp
service-route foo
3. Service-route foo for service '' is not allowed on router burl-corp. Please check the applies-to config
on the service.
config
authority
router burl-corp
service-route foo

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0force feature was added

compare

Usage

compare config <old> <new>
Positional Arguments
  • old The original configuration against which differences should be computed
  • new The updated configuration for which differences should be computed

Description

The compare command presents a list of differences between the two configurations specified as arguments on the command line. The one listed first influences the output in a very important way: the 128T router will return a list of configuration commands that will cause the configuration to be listed first to be brought to parity with the one listed second. (Note: since the only editable configuration is the "candidate" configuration, the changes outlined by the compare command cannot be directly applied to the "running" configuration.)

In the example below, the candidate and running configurations are identical save for a single service-route that has been added to the candidate configuration.

*admin@labsystem1.fiedler# compare config running candidate
config
authority
router Fabric128
name Fabric128
service-route myRoute
name myRoute
service-name myService
destination 10.10.10.10
exit
exit
exit
exit

This shows that the running configuration is missing the candidate's service-route. By reversing the order of the arguments, the output changes:

*admin@labsystem1.fiedler# compare config candidate running
config
authority
router Fabric128
name Fabric128
delete service-route force myRoute
exit
exit
exit

Note here that the output shows that the running configuration has deleted the candidate configuration's service-route via the delete service-route force myRoute statement. Cutting and pasting this configuration into the PCLI will affect the candidate configuration – and make it match the running configuration.

When two configurations are identical, comparing them will return that there are no changes to display:

admin@labsystem1.fiedler# compare config candidate running
# No differences
admin@labsystem1.fiedler#

Privileges Required

Available to admin and user accounts.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

configure

Usage

configure [authority [ ... ] ]

Description

The configure command places administrators into the configuration tree (hierarchy), where they will be making changes to the candidate configuration. When entered as a standalone command (i.e., configure by itself), the administrator is placed at the top of the configuration tree.

admin@labsystem1.fiedler# configure
admin@labsystem.beacon (config)#

Alternatively, administrators may execute the configure command with optional arguments to enter into configuration mode "deeper" in the configuration tree. For example:

admin@labsystem1.fiedler# configure authority router Fabric128
admin@labsystem1.fiedler (router[name=Fabric128])#

By supplying optional arguments to the configure command as in the above example, the administrator has entered into the configuration tree at the "router" tier, within the router element named "Fabric128". Not only can administrators enter into the configuration tree at any point through this technique, but new configuration can also applied directly in this same way.

admin@labsystem1.fiedler# configure auth router Fabric128 description "sample description"
admin@labsystem1.fiedler# show config candidate
config
authority
name Authority128
router Fabric128
name Fabric128
location usa
description "sample description"
...

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0command was renamed to configure from config

connect

Usage

connect [force] [router <router>] [node <node>] [username <username>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node to connect to
  • router router to connect to
  • username Username to use for login to the Managed Router (default: <current user&rt;a)

Description

Connect to a Managed Router. For more information, read Connecting to 128T Routers from Conductor.

create capture-filter

Usage

create capture-filter [node <node>] device-interface <device-interface> router <router> <capture-filter>
Keyword Arguments
  • device-interface The device interface on which to create the capture filter
  • node The node on which to remove the capture filter
  • router The router on which to remove the capture filter
Positional Arguments
  • capture-filter The capture-filter to remove (Uses BPF syntax)

Description

Creates a capture-filter using BPF syntax (as used in wireshark) on the target interface.

Example

admin@tp-colo-primary.tp-colo# create capture-filter device-interface blended-5 "host 172.18.5.4"
Successfully created capture-filter

Version History

ReleaseModification
4.4.0This feature was introduced

See Also

create certificate request webserver

Usage

create certificate request webserver

Description

The create certificate request webserver generates a certificate-request, which is then sent to a Certificate Authority. The 128T router will, through a series of interactive prompts, request information from the administrator to generate either the request or certificate, as appropriate.

The certificate created by the create certificate command stores its output file at /etc/128technology/pki/.

See Also

create certificate self-signed webserver

Usage

create certificate self-signed webserver

Description

The create certificate self-signed webserver generates a self-signed certificate which is used for the local webserver. The 128T router will, through a series of interactive prompts, request information from the administrator to generate either the request or certificate, as appropriate.

Example

admin@labsystem1.fiedler# create certificate self-signed webserver
Certificate common name: test.128technology.com
Country name (2 char): US
State name: MA
Organization name: 128Technology
RSA key size (2048/4096) [4096]: 4096
Certificate validity in days (1 - 7300) [365]: 365
Self-signed certificate successfully
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 31228 (0x79fc)
...

See Also

create user

Usage

create user <username>
Positional Arguments
  • username the name of the account to create

Description

The create user command allows administrators to create user accounts for user and/or administrative access to the 128T router's management port. Issuing the create user <username> launches an interactive session that prompts for the new user's full name, password, whether they are an administrative or basic user, and the enabled/disabled state of that user account.

note

The password must be at least eight characters long, with at least one uppercase letter, one lowercase letter, one digit, and cannot contain any characters that repeat more than three times.

Example

admin@labsystem1.fiedler# create user jdeveloper
Creating account "jdeveloper"...
Full Name: Joe Developer
Password: <not echoed to screen>
Confirm: <not echoed to screen>
Role (user | admin) [user]: admin
Enabled: true
Account "jdeveloper" successfully created

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

delete capture-filter

Usage

delete capture-filter [node <node>] device-interface <device-interface> router <router> <capture-filter>
Keyword Arguments
  • device-interface The device interface on which to delete the capture filter
  • node The node on which to remove the capture filter
  • router The router on which to remove the capture filter
Positional Arguments
  • capture-filter The capture-filter to remove (Uses BPF syntax)

Description

Deletes a capture-filter created using create capture-filter. (It will not delete filters committed as part of the configuration.)

Example

admin@tp-colo-primary.tp-colo# delete capture-filter device-interface blended-5 "host 172.18.5.4"
Successfully deleted capture-filter

Version History

ReleaseModification
4.4.0This feature was introduced

See Also

delete (in config)

Usage

delete { <configuration> } [ force ]

Description

The delete command, when issued within the configuration hierarchy, lets administrators delete portions of the candidate configuration. This can be used to delete specific fields within a configuration element, or entire elements.

The command will prompt you for confirmation before deleting the configuration, unless the optional keyword force is included.

Example

admin@labsystem1.fiedler# config authority router burlington
admin@labsystem1.fiedler (router[name=burlington])# delete node combo1
Are you sure you want to delete item "[name=combo1]" [y/N]: N
Operation canceled

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced

delete certificate webserver

Usage

delete certificate webserver [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

The delete certificate webserver command allows administrators to delete certificates that are stored on the 128T router. Note that the 128T router will always prompt the administrator to confirm deletion (the "force" keyword is not allowed).

Example

admin@labsystem1.fiedler# delete certificate webserver
Are you sure you want to delete certificate 'webserver'? [y/N]: y
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced

See Also

delete config exported

Usage

delete config exported [force] <name>

Description

The delete config command allows administrators to delete configurations from the 128T's filesystem that had previously been exported with the export config command. The force flag will skip the confirmation check without prompting the user.

Example

admin@cnd1.conductor# delete config exported 20180115_export.gz
Are you sure that you want to delete exported config '20180115_export.gz'? [y/N]: y
Successfully deleted exported configuration: '20180115_export.gz'
admin@cnd1.conductor#

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.2.0This feature was introduced

See Also

delete flows

Syntax

delete flows [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to delete flow entries
  • router the router from which to delete flow entries

Description

The delete flows command clears all active flow data from this node. Administrators can specify which node to clear flow data from by adding the node name as an optional argument to the command.

This command has been maintained for backward compatibility to older versions of software. The delete sessions command is preferred in versions newer than 3.2.0.

warning

This may be a service impacting operation.

Example

admin@labsystem1.fiedler# delete flows linecard-test
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced

delete sessions

Usage

delete sessions [force] [session-id <session-id>] [service-name <service-name>] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to delete sessions
  • router the router from which to delete sessions
  • service-name the name of the service for which to delete all sessions
  • session-id the identifier of the session to be deleted

Description

The delete sessions command removes all current sessions or a subset if arguments are provided.

warning

This may be a service impacting operation.

Privileges Required

Available to admin only.

delete user

Syntax

delete user [force] <username>
Keyword Arguments
  • force Skip confirmation prompt
Positional Arguments
  • username the name of the account to delete

Description

The delete user command deletes a user account that had previously been created via the create user command.

Example

admin@labsystem1.fiedler# delete user jdeveloper
Delete account 'jdeveloper'? [y/N]: y
Account 'jdeveloper' successfully deleted

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

edit prompt

Usage

edit prompt <format-string>
Positional Arguments
  • format format string for the prompt display

Description

The edit prompt command lets administrators change the display of the PCLI prompt, and includes a flexible array of options for customizability. In addition to various variables, the prompt string can include conditional statements, to affect the display of the prompt under different operating modes. All of this is accomplished by supplying a format string, which contains the syntax of the desired PCLI prompt.

The format string can accept the following special variables and patterns:

Variable NameVariable Contents
{user}Name of the currently logged in user (e.g., "admin")
{address}Full name (node.router) of the current system
{node}The name of the current node
{router}The name of the router
{context}Currently set context if one is set; empty otherwise. See set context for more information.
{path}Full path to the current PCLI menu, separated by '/'
{location}Name of current PCLI menu
{privilege}"#" if the current user has administrator privileges, else ">"

The set prompt format also supports conditional content, by using a conditional statement with the following

The conditional is broken into three parts; the conditionalVariable is one of the following types, and will evaluate to true or false based on the current PCLI state. The trueFormat value is in "prompt format" syntax, and will be included in the prompt if the conditional variable evaluates to true; likewise, the falseFormat is included if the conditional variable evaluates to false.

ConditionalEvaluation
{top-level}Evaluates to true if the PCLI is at the top level, evaluates to false otherwise.

For example:

edit prompt 'This prompt is [top-level?definitely:not] top level'

The edit prompt format string also supports various timestamp codes as described by strftime format codes.2

For example:

edit prompt '(%x %H:%M) {user}@{address}$'

Also, there are various special/reserved characters, as well as character that must be escaped if you use them in a format string. This includes:

CharacterFormat String Representation
newline\n
tab\t
[[
]]
{{{
}}}
%%%
!!

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.1.0This feature was introduced

See Also

edit user

Usage

edit user [<username>]
Positional Arguments
  • username the name of the account to modify (default: <current user&rt;)

Description

The edit user command enters a configuration subtree specific to administering user accounts. From within this subtree, administrators can change any of the attributes associated with a user account (full name, password, role, and enabled state). This is done in a "configuration-like" way, where commands are issued as attribute value.

As with standard configuration, using the "?" command will list the options available for editing.

Example

admin@labsystem1.fiedler# edit user jdeveloper
admin@labsystem1.fiedler (user[name=jdeveloper])# ?
User Attributes
---------------
enabled Enable or disable this user.
full-name The user's full name, for display purposes only.
password No help available
role A list of roles assigned to the user.
General Commands
----------------
delete Delete an attribute from a user account
do Execute a top-level command
exit Exit this menu (You can also press Ctrl+D)
quit Quit the PCLI
top Return to the root menu
up Exit this menu and navigate up the hierarchy the given number of levels
where Display the current location in the CLI hierarchy
admin@labsystem1.fiedler (user[name=jdeveloper])#

Modifying these attributes is done as follows:

admin@labsystem1.fiedler (user[name=jdeveloper])# full-name "Joseph Developer"
Account 'jdeveloper' updated successfully
admin@labsystem1.fiedler (user[name=jdeveloper])# top
admin@labsystem1.fiedler# show user jdeveloper
=============================
Information for jdeveloper:
=============================
Enabled: true
Full Name: Joseph Developer
Role: admin
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

exit (in config)

Usage

exit

Description

The exit command moves your focus to the PCLI home.

Example

admin@labsystem1.fiedler# config authority router beacon
admin@labsystem1.fiedler (router[name=beacon])# where
configure authority router beacon
admin@labsystem1.fiedler (router[name=beacon])# exit
admin@labsystem1.fiedler# where
admin@labsystem1.fiedler#

Privileges Required

Available to admin only; exit is only available within configuration mode.

Version History

ReleaseModification
1.0.0This feature was introduced

export config

Usage

export config <datastore> <export-name>
Positional Arguments
  • datastore running | candidate
  • export-name a name consisting of alphanumeric characters or any of the following: . - _

Description

The export command takes a configuration from a previously created backup (via create config backup), from the candidate configuration, or from the 128T router's running configuration, and stores it as a file on the local filesystem. It can then be taken off, moved onto other systems, archived, etc.

Exported files are stored in /etc/128technology/config-backups/ and are stored as GZIP compressed files.

The export command's complement, import is used to reverse the process, taking a configuration archive and restoring it onto a system.

Example

admin@labsystem1.fiedler# export config candidate myCandidate
Successfully exported configuration: /etc/128technology/config-exports/myCandidate.gz
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced
3.1.0The location of the exported configuration changed

See Also

import certificate webserver

Usage

import certificate webserver

Description

This command allows administrators to load certificates into their 128T router by pasting them into their active PCLI session. By issuing the import certificate command, the PCLI prompts the user for the name of the certificate they plan to import, then asks whether it is a CA (certificate authority) certificate or not. Once these questions are answered, administrators can paste the certificate, and is reminded to press CTRL-D once the pasting is complete. Pressing CTRL-D causes the 128T router to validate the configuration to ensure it is a valid X.509 certificate before loading it into persistent storage. If the X.509 validation fails, the user is informed as follows:

Example

admin@labsystem1.fiedler# import certificate webserver
Enter the CA certificate in PEM format (Press CTRL-D to finish):
Certificate is not in valid X509 format
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced

See Also

import config

Usage

import config [force] <name>
Keyword Arguments
  • force Skip confirmation prompt
Positional Arguments
  • name name of the configuration file to import

Description

This command takes a backup configuration (one that has been stored with the export command) and overwrites the current candidate configuration with its contents. Inclusion of the optional "force" keyword will skip the prompt for confirmation.

Example

admin@labsystem1.fiedler# import config myCandidate.gz
Replace the existing candidate configuration with the contents of backup _myCandidate.gz_? [y/N]: y
Backup configuration _myCandidate.gz_ successfully written to the candidate config
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

import iso

Usage

import iso [force] [verbose] {hunt | filepath <filepath>}
Keyword Arguments
  • filepath The absolute filepath to the ISO
  • force Skip confirmation prompt
  • hunt Find and import all ISOs from the filesystem
  • verbose Increase log level verbosity

Description

Imports a 128T ISO to the local repository.

Example

admin@conductor.Conductor# import iso hunt
This command is resource intensive and can take a while. Are you sure? [y/N]: y
Current Installer version: 2.5.0-0.20200326163206.snapshot
Installer will run in non-interactive mode
Refreshing DNF cache (this may take a few minutes)
Cleaning DNF data: expire-cache
Making the DNF cache
Cleaning legacy local repos (this may take a few minutes)
Installer will hunt for ISOs to import
Importing packages for 128T-4.4.0-0.202004021313.release.el7.x86_64.rpm
Installer complete
Import success

Version History

ReleaseModification
4.4.0This feature was introduced

migrate

Usage

migrate [skip-validation] [force] [router <router>] conductor <address> [<address>]
Keyword Arguments
  • conductor the address(es) of the conductor node(s) to migrate to
  • force Skip confirmation prompt
  • router router to migrate
  • skip-validation attempt to migrate the router without checking if migration is possible

Description

Migrate a 128T router to a new conductor. For more details on the 128T rotuer migration read the How to: Conductor Migration.

See Also

ping

Usage

ping [count <count>] [size <size>] [timeout <timeout>] [set-df-bit] [egress-interface <egress-interface>] [gateway-ip <gateway-ip>] [force] [router <router>] [node <node>] <destination-ip>
Keyword Arguments
  • count number of ping requests to send [type: int] (default: 4)
  • egress-interface network interface from which to ping
  • force Skip confirmation prompt
  • gateway-ip gateway IP address from which to ping [type: IP address]
  • node the node from which to send the ping request
  • router the router from which to send the ping request
  • set-df-bit set the IPv4 'Don't Fragment' bit on the request packet
  • size number of data bytes to send [type: int] (default: 56)
  • timeout time to wait for a response, in seconds [max: 10 seconds][type: int] (default: 1)
Positional Arguments
  • destination-ip destination IP of the ping request [type: IP address]

Description

This issues ICMP requests to the specified destination-ip merely as a connectivity test, and bypasses the typical packet processing logic that would potentially restrict access to various tenants and destined for service addresses. The count modifier will affect the number of pings that are issued. The interface modifier lets administrators specify the egress interface for issuing the pings. The timeout modifier will set the waiting period for a reply before declaring the ping as a failure. The set-df-bit and record-route options enable the respective flags in the outgoing ICMP request.

Example

admin@gouda.novigrad# ping egress-interface wan-interface 8.8.8.8
PING 8.8.8.8 56 bytes of data.
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=0 ttl=57 time=12.97ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=1 ttl=57 time=10.597ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=2 ttl=57 time=10.643ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=3 ttl=57 time=10.444ms

Privileges Required

Available to admin.

Version History

ReleaseModification
3.2.0This feature was introduced. The previous behavior of the ping command is now realized as service-ping

quit

Usage

quit

Description

This command logs the user out, and quits the PCLI.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

refresh dns resolutions

Usage

refresh dns resolutions [hostname <hostname>] [force] [router <router>]

Description

Refreshes all DNS resolutions configured on the platform.

Keyword Arguments
  • force Skip confirmation prompt
  • hostname the DNS hostname belonging to a node
  • router The name of the router

See Also

release dhcp lease

Usage

release dhcp lease [force] [router <router>] [node <node>] network-interface <network-interface>
Keyword Arguments

force Skip confirmation prompt network-interface the network interface on which to release the current DHCP lease node The name of the node (default: all) router The name of the router

Description

Releases the current DHCP lease for a specified network-interface.

See Also

repeat

Usage

repeat [beep] [exit-on-failure] [interval <interval>] <command> [<command> ...]
Keyword Arguments
  • beep beep if the command fails to execute
  • exit-on-failure exit if the command fails to execute
  • interval seconds to wait between updates [type: int] (default: 2)
Positional Arguments
  • command command to repeat

Description

Repeat any command multiple times. This command can be used to "watch" statistics over a specified period. In order to stop the repeat command, the user must issue a CTRL-C.

Example

admin@gouda.novigrad# repeat show stats device-interface
Running "show stats device-interface" every 2 seconds
Wed 2020-04-22 17:42:04 UTC
Retrieving statistics...
Device Interface Management Stats
---------------------------------
================= ======= =======
Metric Node Value
================= ======= =======
message-failure gouda 0
message-success gouda 2
Completed in 1.66 seconds

replace config

Usage

replace config [case-sensitive] [regex] [whole-word] [all] <query> <replacement>
Keyword Arguments
  • all replace all matching data without prompts
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string
  • replacement a string with which to replace patterns that match the query; in regex mode, numbered group-matching variables can be used for more complex replacement

Description

The replace command is a powerful tool for making sweeping configuration changes, similar to a "find and replace" operation in a word processor. The replace command has several optional arguments that affect how the replacement occurs; case-sensitive will only match elements within the configuration that match the case supplied with the query string. The regex argument treats the query string as a regular expression. The whole-word argument requires that the match be an entire word, rather than just a substring or partial match.

The user-supplied query string and replacement string are the matching text, and the replacement text, respectively.

Example

admin@labsystem1.fiedler# replace config all internal newInternal
Replacing 'config authority router RTR_EAST_CONDUCTOR inter-node-security internal' with 'newInternal'...
Replacing 'config authority router RTR_EAST_COMBO inter-node-security internal' with 'newInternal'...
Replacing 'config authority router RTR_WEST_COMBO inter-node-security internal' with 'newInternal'...
Replacing 'config authority router RTR_CENTRAL_COMBO inter-node-security internal' with 'newInternal'...
Replacing 'config authority security internal name internal' with 'newInternal'...
Replace completed successfully
admin@labsystem1.fiedler#

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.1.0This feature was introduced

restore config factory-default

Usage

restore config factory-default [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

This command removes all administrator-added configuration, and restores the basic configuration to all of the 128T router's factory default settings. The PCLI will prompt for confirmation before resetting the configuration, unless the optional force modifier is added.

Example

admin@labsystem1.fiedler# restore config factory-default
Are you sure you want to restore the candidate config to factory defaults? [y/N]: n
Operation canceled

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.1.0This feature was introduced. Replaces the deprecated reset-factory-default-config

See Also

restore config running

Usage

restore config running [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

This command removes all administrator-added configuration since the last commit, effectively bringing the running configuration and the candidate configuration back to parity. The PCLI will prompt for confirmation before resetting the configuration, unless the optional force modifier is added.

Example

*admin@node1.bernstein# restore config running
Are you sure you want to discard uncommitted changes from the candidate config? [y/N]: y
Candidate configuration changes successfully discarded
*admin@node1.bernstein#

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.1.0This feature was introduced
2.0.0previously named restore config candidate

See Also

restore prompt

Usage

restore prompt [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

The restore prompt command returns the PCLI's prompt to its factory default, in the event that an administrator has modified it.

Example

(04/10/2020 19:56) admin@gouda.novigrad$restore prompt
Restore the default prompt? [y/N]: y
PCLI prompt successfully updated
admin@gouda.novigrad#

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.1.0This feature was introduced

See Also

restore users factory-default

Usage

restore users factory-default [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

The restore users factory-default command deletes all administratively created user accounts (i.e., all but the ones that are installed with the 128T routing software natively) and leaves the system with just the admin and user accounts.

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

rotate log

Usage

rotate log [force] [router <router>] [node <node>] [<process-name>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node for which to rotate logfiles
  • router the router for which to rotate logfiles
Positional Arguments
  • process-name the process for which to rotate logfiles (the logfiles for all processes will rotate when no process is specified) (default: all)

Description

This command is used to rotate log files (i.e., close the current log file and open a new one) generated by the various processes that comprise the 128T router to rotate. The 128T router's log files, stored in /var/log/128technology, keep 25 prior logs for each process, space permitting. Files are rotated such that, for instance, pcli.log becomes pcli.1.log while pcli.1.log becomes pcli.2.log, and so on. The oldest log file for each process is removed.

The rotate log command is useful prior to engaging in troubleshooting exercises, to help narrow down which files may contain items of interest. It is particularly useful when used in conjunction with the write command, described elsewhere in this document.

Without any arguments, the rotate log command will rotate all log files on all nodes.

For more information about 128T logging read Understanding Logs on the 128T

Example

admin@labsystem1.fiedler# rotate log
Logs successfully rotated
admin@labsystem1.fiedler#

The optional arguments process-name and node-name let administrators specify which processes should rotate their logs, and on which nodes.

admin@labsystem1.fiedler# shell ls -ltr /var/log/128technology/ | grep highwayManager
-rw-r--r-- 1 root root 14964 Oct 8 05:34 highwayManager.4.log
-rw-r--r-- 1 root root 35908 Oct 8 05:42 highwayManager.3.log
-rw-r--r-- 1 root root 10653 Oct 11 11:12 highwayManager.2.log
-rw-r--r-- 1 root root 146057 Oct 11 11:42 highwayManager.1.log
-rw-r--r-- 1 root root 117673 Oct 11 14:48 highwayManager.log
admin@labsystem1.fiedler# rotate log highwayManager labsystem1
Logs successfully rotated
admin@labsystem1.fiedler# shell ls -ltr /var/log/128technology/ | grep highwayManager
-rw-r--r-- 1 root root 14964 Oct 8 05:34 highwayManager.5.log
-rw-r--r-- 1 root root 35908 Oct 8 05:42 highwayManager.4.log
-rw-r--r-- 1 root root 10653 Oct 11 11:12 highwayManager.3.log
-rw-r--r-- 1 root root 146057 Oct 11 11:42 highwayManager.2.log
-rw-r--r-- 1 root root 117673 Oct 11 14:48 highwayManager.1.log
-rw-r--r-- 1 root root 0 Oct 12 09:45 highwayManager.log

In this example you can see that what was previously named highwayManager.4.log has been rotated to highwayManager.5.log; likewise, all other logs were incremented. What was highwayManager.log is now highwayManager.1.log, and a new highwayManager.log file has been created, and is empty.

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

save runtime-stats

Usage

save runtime-stats [force] [router <router>] [node <node>] <filename> [<process-name>]
Keyword Arguments
  • force Skip confirmation prompt
  • node target node from which to gather runtime stats
  • router target router from which to gather runtime stats
Positional Arguments
  • filename custom filename to store system information
  • process-name target process from which to gather runtime stats (default: all)

Description

Gathers runtime process stats and stores it in a logfile.

Example

admin@gouda.novigrad# save runtime-stats stats.txt
Retrieving Runtime Stats...
Runtime stats saved to /var/log/128technology/stats.txt

save tech-support-info

Usage

save tech-support-info [<filename>]
Positional Arguments
  • filename custom filename to store system information

Description

This command packages statistics, logs and other diagnostic data, to exchange with 128 Technology's support team. The tech-support-info command echoes the location where it stores the file when complete (/var/log/128technology/tech-support-info.tar.gz).

note

This command collect a lot of data, and may take some time to complete.

Example

admin@labsystem1.fiedler# save tech-support-info
Retrieving Tech Support Info...
/var/log/128technology/tech-support-info.tar.gz

search

Usage

search [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string
Subcommands
  • config Search all configuration data

Description

The search command and its various subcommands let users search through the 128T router's PCLI command tree, the configuration tree, and user-supplied configuration data to locate the information specified by the supplied query string.

When omitting the optional filter, the search command will return results for all of the types of information it can locate: commands, configuration attributes, and configuration data.

Example

admin@labsystem1.fiedler# search ntp
Commands:
- show ntp
- show config candidate authority router system ntp
- show config candidate authority router system ntp server
- show config candidate authority router system ntp server ip-address
- show config candidate authority router system services ntp
- show config running authority router system ntp
- show config running authority router system ntp server
- show config running authority router system ntp server ip-address
- show config running authority router system services ntp
Configuration Attributes:
- configure authority router system ntp
- configure authority router system services ntp

search commands

Usage

search commands [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string

Description

The output of search can be filtered by explicitly specifying commands configuration.

Example

admin@gouda.novigrad# search commands reset
Commands:
- show stats highway firewall-detector tcp-reset-received
- show stats packet-processing action success tcp-proxy sessions-reset
- show stats redundancy session-reads tcp-reset-sent
- show stats service-area sent tcp-reset-for-adaptive-encryption-failure

search config

Usage

search config [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string
Subcommands
  • candidate Search candidate configuration data
  • running Search running configuration data

Description

Searches all configuration data

Example

admin@labsystem1.fiedler# search config Newton
Candidate and Running Configuration:
- config authority router Fabric128 node ptcricket location Newton, MA
admin@labsystem1.fiedler#

search config candidate

Usage

search candidate [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string

Description

The output of search config can be filtered by explicitly specifying candidate configuration.

Example

admin@labsystem1.fiedler# search config candidate myRoute
Candidate Configuration:
- config authority router Fabric128 service-route myRoute name myRoute
admin@labsystem1.fiedler#

search config running

Usage

search running [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string

Description

The output of search config can be filtered by explicitly specifying running configuration.

Example

admin@labsystem1.fiedler# search config running Newton
Running Configuration:
- config authority router Fabric128 node ptcricket location Newton, MA
admin@labsystem1.fiedler#

search config-attributes

Usage

search config-attributes [case-sensitive] [regex] [whole-word] <query>
Keyword Arguments
  • case-sensitive interpret the search query as case-sensitive
  • regex process the query as a regular expression
  • whole-word don't allow partial matches of words
Positional Arguments
  • query a query string

Description

The output of search can be filtered by explicitly specifying config-attributes configuration.

Example

admin@gouda.novigrad# search config-attributes name
Configuration Attributes:
- configure authority dscp-map name
- configure authority dynamic-hostname
- configure authority ipfix-collector name
- configure authority ldap-server name
- configure authority name
- configure authority router name
- configure authority router nat-pool address-pool tenant-name
- configure authority router nat-pool name
- configure authority router node device-interface name
- configure authority router node device-interface network-interface hostname
- configure authority router node device-interface network-interface management-vector name
- configure authority router node device-interface network-interface name
- configure authority router node device-interface network-interface neighborhood name
- configure authority router node name
- configure authority router peer authority-name
- configure authority router peer name
- configure authority router peer router-name
- configure authority router redundancy-group name
- configure authority router routing interface name
- configure authority router service-route host node-name
- configure authority router service-route name
- configure authority router service-route next-hop node-name
- configure authority router service-route service-name
- configure authority router service-route-policy name
- configure authority router system log-category name
- configure authority router system services snmp-server access-control name
- configure authority router system services webserver server node-name
- configure authority routing filter name
- configure authority routing filter rule name
- configure authority routing policy name
- configure authority routing policy statement name
- configure authority security name
- configure authority service application-name
- configure authority service name
- configure authority service-class name
- configure authority service-policy name
- configure authority service-policy vector name
- configure authority session-type name
- configure authority tenant name
- configure authority traffic-profile name

send command download

Usage

send command download [dry-run] [force] [router <router>] [<version>]
Keyword Arguments
  • dry-run view version changes without command execution
  • force Skip confirmation prompt
  • router router on which to download software
Positional Arguments
  • version the version of 128T as semantic version and optionally a release identifier (e.g. "3.0.0" or "3.0.1-snapshot1"); if not provided, the latest is assumed

Description

Attempt to reconnect an asset

send command is only available within the PCLI of a 128T Conductor.

See Also

send command reconnect

Usage

send command reconnect [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node The name of the node
  • router The name of the router
Subcommands
  • disconnected Attempt to reconnect all disconnected assets

Description

Attempt to reconnect an asset

send command is only available within the PCLI of a 128T Conductor.

See Also

send command reconnect disconnected

Usage

send command reconnect disconnected [force]
Keyword Arguments
  • force Skip confirmation prompt

Description

Attempt to reconnect all disconnected assets.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command restart

Usage

send command restart [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node to restart
  • router router to restart

Description

Restart a 128T node.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command rollback

Usage

send command rollback [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router router to rollback

Description

Rollback a 128T router to the previously installed version.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command start

Usage

send command start [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node to start
  • router router to start

Description

Start a 128T node.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command stop

Usage

send command stop [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node to stop
  • router router to stop

Description

Stop a 128T node.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command upgrade

Usage

send command upgrade [dry-run] [force] [router <router>] <version>
Keyword Arguments
  • dry-run view version changes without command execution
  • force Skip confirmation prompt
  • router router to upgrade
Positional Arguments
  • version the version of 128T as semantic version and optionally a release identifier (e.g. "3.0.0" or "3.0.1-snapshot1"); if not provided, the latest is assumed

Description

Upgrade a 128T node.

send command is only available within the PCLI of a 128T Conductor.

See Also

send command yum-cache-refresh

Usage

send command yum-cache-refresh [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router router to refresh

Description

Refresh the yum cache as well as the 128T software versions available for download and upgrade.

send command is only available within the PCLI of a 128T Conductor.

See Also

service-ping

Usage

service-ping [count <count>] [size <size>] [timeout <timeout>] [set-df-bit] [service-name <service-name>] [tenant <tenant>] [source-ip <source-ip>] [force] [router <router>] [node <node>] <destination-ip>
Keyword Arguments
  • count number of ping requests to send [type: int] (default: 4)
  • force Skip confirmation prompt
  • node the node from which to send the ping request
  • router the router from which to send the ping request
  • service-name name of service which includes the destination trying to be reached; only required if service is ambiguous
  • set-df-bit set the IPv4 'Don't Fragment' bit on the request packet
  • size number of data bytes to send [type: int] (default: 56)
  • source-ip IP from which to test whether traffic is allowed [type: IP address]
  • tenant name of source tenant for ICMP request (default is the global tenant)
  • timeout time to wait for a response, in seconds [max: 10 seconds][type: int] (default: 1)
Positional Arguments
  • destination-ip destination IP of the ping request [type: IP address]

Description

This issues ICMP requests to the specified destination-ip, and offers the administrators a variety of ways to formulate the request. The tenant and service-name modifiers specify which "source tenant" to use for the request, and the name of the service for which the destination-ip applies. The count modifier will affect the number of pings that are issued. The interface modifier lets administrators specify the egress interface for issuing the pings. The timeout modifier will set the waiting period for a reply before declaring the ping as a failure. The set-df-bit and record-route options enable the respective flags in the outgoing ICMP request.

Example

admin@gouda.novigrad# service-ping service-name Internet tenant lanSubnet source-ip 192.168.0.5 8.8.8.8
PING 8.8.8.8 56 bytes of data.
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=0 ttl=57 time=22.296ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=1 ttl=57 time=11.303ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=2 ttl=57 time=10.516ms
Ping from 8.8.8.8 (8.8.8.8): icmp_seq=3 ttl=57 time=10.428ms

Privileges Required

Available to admin.

Version History

ReleaseModification
2.0.0This feature was introduced
3.0.0Included tenant, service, and node information
3.2.0Previously named ping

set context node

Usage

set context node <node>
Positional Arguments
  • node the name of the node

Description

The set context node command puts the PCLI into a mode where every subsequent command that is issued that can take a node (in the case of a 128T router) as an argument will default to the context's values.

set context router

Usage

set context router <router>
Description

The set context router command can be used to set the PCLI into a mode where every subsequent command that is issued that can take a router (in the case of the 128T Conductor) or a node (in the case of a 128T router) as an argument will default to the context's values.

note

This does not "remote shell" into the router/node specified by the context's values, it merely uses these as default values for commands that (generally) display value. E.g., show stats, show flows, etc.

When a context is set, the prompt changes to indicate the context as a parenthetical label at the beginning of each PCLI command.

Setting the context to a router is only available within the PCLI of a 128T Conductor.

Positional Arguments
  • router the name of the router

Example

admin@conductor1.labconductor# set context router beacon
(beacon) admin@conductor1.labconductor#

See Also

set context stats start-time

Usage

set context start-time [<start-time>]
Positional Arguments
  • start-time A timestamp string that can include date, time, or both. Special value "now" sets the start time point to the current time [type: timestamp or 'now'] (default: now)

Description

set context stats start-time lets administrators set a "zero time" for all statistics that the 128T has accumulated. While this stats start-time context is set, all of the output for show stats commands will reflect the accumulation of statistics since that time. This is very useful when troubleshooting issues, or after making configuration changes, to only show data relevant to the exercise at hand.

The set context stats start-time has a flexible parser and can accept many different forms of "time" strings that include date information, time information, or both. There's also a keyword "now" that sets the stats start-time to the current 128T system clock. (The "now" behavior is the default, and thus the 128T will set the stats start-time to the current clock time when no argument is supplied.)

Example

admin@cnd1.conductor# set context stats start-time
Stats start time set to: 2018-02-07 10:41:58
admin@cnd1.conductor# set context stats start-time "December 25, 2017"
Stats start time set to: 2017-12-25 00:00:00

See Also

set log level

Usage

set log level [category <category>] [force] [router <router>] [node <node>] <level> [<process-name>]
Keyword Arguments
  • category The log category for which to set the level. Default is all categories.
  • force Skip confirmation prompt
  • node the node on which to set the corresponding process log level
  • router the router on which to set the corresponding process log level
Positional Arguments
  • level the log level
  • process-name the process for which to set the log level (the log level will change for all processes when no process is specified) (default: all)
Subcommands
  • configured Reset the process log level to the configured system log level

Description

The set log level command adjusts the degree to which the 128T router writes information into its log files. This is used to selectively turn up and down log verbosity for troubleshooting purposes.

The optional <processName> and <nodeName> arguments, can selectively change only a specific 128T router's software process on a given node.

The level must be one of: fatal, error, warning, info, debug, and trace. These are listed in order of increasing verbosity. 128 Technology, Inc. generally recommends that systems be set to info level by default under normal operating circumstances.

As of software version 3.1, a new subcommand set log level category, allows administrators to collectively adjust groups of related functionality for specific troubleshooting exercises – instead of blindly adjusting the entire system's log level and potentially impacting performance.

The category can be any of the following:

CategoryNameLong NameDescription
ATCSAnalyticsComponents related to the 128T Analytics Engine
PLATPlatformComponents related to the underlying platform management.
RDBRedundancy DatabaseThe subsystem responsible for synchronizing data between nodes.
IPCInterprocess CommunicationsThe subsystem responsible for messaging between components within the 128T product.
DATAMetadata DatabaseComponents related to the configuration and state databases.
RTGRoutingComponents related to the routing engine.
HWMC"HighwayManager Control"Control system for packet processing.
FLC"FastLane Control"Control system for packet forwarding.
FPPFirst Packet ProcessingSystem for processing the initial packet of each new session.
DISCDiscoveryDiscovery-based components (except BFD). Today this is DHCP and ARP.
LINKInternode Link DetectionThe subsystem for inter-node communication (today, BFD).
USERUserUser-created log messages, generated via the write command.

Privileges Required

Available to admin only.

Version History

ReleaseModification
2.0.0This feature was introduced
3.1.0Log categories introduced

See Also

set log level configured

Usage

set log level configured [category <category>] [force] [router <router>] [node <node>] [<process-name>]
Keyword Arguments
  • category The log category for which to reset the level. Default is all categories.
  • force Skip confirmation prompt
  • node node on which to set the corresponding process log level
  • router router on which to set the corresponding process log level
Positional Arguments
  • process-name the process for which to set the log level (the log level will change for all processes when no process is specified) (default: all)

Description

Will return the 128T router's logging behavior to the verbosity specified within the configuration, located at: authority > router > system > log-level. Alternatively, administrators can specify a log level to dynamically change all system processes to use.

set password

Usage

set password

Description

The set password command allows a PCLI user to change their password. As is typical with most password changing routines, as a security precaution the user must enter their current password before they're permitted to change it.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

See Also

shell

Usage

shell [<command> ...]
Positional Arguments
  • command Shell command to execute

Description

The shell command allows administrators to execute a bash shell, or to execute a command within the context of a bash shell (specified as a series of optional parameters to the shell command).

Example

admin@cnd1.conductor# shell ls -la /var/log/128technology/ | head
Piping output...
total 134600
drwxrwxr-x+ 2 root root 12288 Feb 7 10:13 .
drwxr-xr-x. 14 root root 4096 Feb 5 03:40 ..
-rw-rwxr--+ 1 root root 6885 Feb 7 10:12 128-server.log
-rw-rwxr--+ 1 root root 5613 Jan 15 09:41 accessManager.10.log
-rw-rwxr--+ 1 root root 3640 Feb 7 10:10 accessManager.1.log
-rw-rwxr--+ 1 root root 3640 Feb 4 07:35 accessManager.2.log
-rw-rwxr--+ 1 root root 3640 Feb 1 16:36 accessManager.3.log
-rw-rwxr--+ 1 root root 3640 Jan 29 09:50 accessManager.4.log
-rw-rwxr--+ 1 root root 3640 Jan 26 10:23 accessManager.5.log
admin@cnd1.conductor#

Privileges Required

Available to admin only.

Version History

ReleaseModification
1.0.0This feature was introduced

show alarms

Usage

show alarms [shelved] [id <id>] [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • id ID for which to display alarm information
  • router router for which to display alarms (default: all)
  • shelved Display shelved alarms

Description

The show alarms subcommand shows all of the active alarms on your 128T router.

A list of all alarms your 128T router is capable of generating and details about them can be found in the Alarm Guide.

Example

admin@cnd1.conductor# show alarms
Wed 2018-01-17 15:14:03 EST
================== ===================== ========== ============= ========== ===================================
ID Time Severity Source Category Message
================== ===================== ========== ============= ========== ===================================
cnd1.conductor:4 2018-01-17 13:22:38 major unavailable system No connectivity to b1.branch1
cnd1.conductor:5 2018-01-17 13:22:38 major unavailable system No connectivity to dc1.datacenter
cnd1.conductor:6 2018-01-17 13:22:38 major unavailable system No connectivity to dc2.datacenter
There are 0 shelved alarms
Completed in 0.35 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced
3.1.0previously allowed filtering by node, now the command shows all alarms.

See Also

show application names

Usage

show application names [rows <rows>] [router <routername>] [node <nodename>]
Keyword Arguments
  • force Skip confirmation prompt
  • node The name of the node
  • router The name of the router
  • rows the number of application name entries to display at once [type: int or 'all'] (default: 50)

Description

The show application names subcommand shows all of the "application" names that the 128T has learned, or been configured to recognize, as part of its Application Classification feature.

Example

admin@gouda.novigrad# show application names
Wed 2020-04-22 16:06:43 UTC
Node: gouda
========================= =============== ================ ===================== =====================
Application Name Session Count Ip Tuple Count Date Discovered Last Updated
========================= =============== ================ ===================== =====================
*.1.nflxso.net 0 18 2020-04-11 15:35:01 2020-04-22 01:38:15
*.128technology.com 0 1 2020-04-12 15:11:09 2020-04-12 15:11:12
*.adcolony.com 0 199 2020-04-11 15:05:44 2020-04-22 13:15:27
*.adobe.com 0 6 2020-04-11 18:36:26 2020-04-20 20:09:57

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show arp

Usage

show arp [rows <rows>] [force] [router <router>] [node <node>]

Description

The show arp subcommand displays the ARP table (MAC address to IP address binding) for a given node. The number of lines of output may be controlled through the use of the optional rows attribute. When not present, the 128T router will default to displaying the first 50 rows of the specified node's ARP table.

Example

admin@gouda.novigrad# show arp
Wed 2020-04-22 16:01:05 UTC
Node: gouda
========== ====== ================= =================== ========
Dev Name VLAN IP Dest MAC State
========== ====== ================= =================== ========
kni254 0 169.254.127.127 1a:f1:bd:a4:ae:6e Valid
lan 0 192.168.0.34 b1:7b:c1:04:0b:ba Valid
lan 0 192.168.0.35 01:0e:58:b1:94:bf Valid
lan 0 192.168.0.146 a4:83:e7:0b:d7:e1 Valid
wan 0 1.2.3.4 21:41:71:c1:99:c1 Valid
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0added requirement for use of 'node' keyword when specifying a node name.

show arp proxy

Usage

proxy [name <name>] [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • name Network interface to display (if omitted, all will be displayed)
  • node node for which to display proxy ARP info
  • router router for which to display proxy ARP info

Description

Displays a list of all configured proxies, grouped by network interface.

Example

admin@test1.Fabric128# show arp proxy
Mon 2020-01-27 18:35:24 UTC
Node: test1
======== ======== ====== =================== ===================
Device Name VLAN MAC Prefix
======== ======== ====== =================== ===================
10 intf10 None fa:16:3e:3b:b7:ee 172.16.100.100/30
10 intf10 None fa:16:3e:3b:b7:ee 172.16.1.100/32
Completed in 0.08 seconds

show assets

Usage

show assets [force] [router <router>] [node <node>] [<id>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node for which to display assets
  • router router for which to display assets (default: all)
Positional Arguments
  • id the asset id of the 128T node from which to retrieve the status

Description

The show assets command displays the automated provisioning status of the 128T nodes within an Authority. With 128T's automated provisioning feature set, each "asset" represents a platform into which the 128T software is installed, updated, managed, etc. The show assets command allows administrators to see, at a glance, the state of all assets – including which software versions have been installed on which nodes, what their router and node identifiers are, etc.

Example

admin@labsystem1.fiedler# show assets
Fri 2017-07-21 11:12:49 EDT
========== ================ ============== ============== =============
Asset Id Router Node 128T Version Status
========== ================ ============== ============== =============
T10_DUT2 none none unknown pending
T10_DUT3 RTR_WEST_COMBO combo-west-1 3.1 running
T10_DUT4 none none unknown pending
Completed in 0.03 seconds

The optional id argument allows administrators to retrieve more detailed information about a specific asset:

admin@labsystem1.fiedler# show assets T10_DUT3
Fri 2017-07-21 15:41:54 UTC
========================
T10_DUT3
========================
Router: RTR_WEST_COMBO
Node: combo-west-1
128T Version: 3.1
Status: running
Completed in 0.19 seconds

Privileges Required

Available to admin only.

Version History

ReleaseModification
3.1.0This feature was introduced

See Also

show assets errors

Usage

show assets errors [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt. Only required when targeting all routers
  • router router for which to display assets summary (default: all)

Description

show assets errors will display all assets with at least one automated provisioner related error.

Example

admin@labsystem1.fiedler# show assets errors
Fri 2017-07-21 15:41:54 UTC
======== ========== =============== ========
Router Node Asset Id Errors
======== ========== =============== ========
Boston Aquarium Aquarium-1234 1
NYC nyc asset-10 2

Version History

ReleaseModification
4.4.0This feature was introduced

show assets software

Usage

show assets software [force] [router <router>] [node <node>]
Keyword arguments:
  • force Skip confirmation prompt. Only required when targeting all routers
  • node node for which to display available software
  • router router for which to display available software (default: all)

Description

Displays software related information for each managed asset. In particular, it displays the current running version of software, any versions available for download, software versions that are currently being downloaded and those that have been downloaded which can be used to upgrade the platform.

Example

admin@tp-cond-primary.tp-cond# show assets software
Fri 2020-04-24 13:25:52 UTC
=========== ===================== ================================== ========================================== ============= ============
Router Node Installed Available Downloading Downloaded
=========== ===================== ================================== ========================================== ============= ============
burl-corp burl-corp-primary 4.2.6-1.el7 4.3.0-1.el7
4.3.1-1.el7
4.3.2-1.el7
4.3.3-1.el7
burl-corp-secondary 4.2.6-1.el7 4.3.0-1.el7
4.3.1-1.el7
4.3.2-1.el7
4.3.3-1.el7
tp-colo tp-colo-primary 4.4.0-1.el7
tp-colo-secondary 4.4.0-1.el7
tp-cond tp-cond-primary 4.4.0-1.el7
tp-cond-secondary 4.4.0-1.el7
tp-lab tp-lab-primary 4.3.3-1.el7 4.4.0-1.el7
tp-lab-secondary 4.3.3-1.el7 4.4.0-1.el7
Completed in 0.65 seconds

Version History

ReleaseModification
3.2.0This feature was introduced

See Also

show assets summary

Usage

show assets summary [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt. Only required when targeting all routers
  • router router for which to display assets summary (default: all)

Description

show assets summary will display a total of all assets in each state.

Example

admin@labsystem1.fiedler# show assets summary
Fri 2017-07-21 15:41:54 UTC
=====================================
Summary of Assets
=====================================
total: 5
pending: 2
not-installed: 1
installed: 2
assets with errors: 2

Version History

ReleaseModification
4.4.0This feature was introduced

See Also

show bgp

Usage

show bgp [force] [router <router>] [<route>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display BGP routes
Positional Arguments
  • route route ip-prefix [type: IP prefix]
Subcommands
  • neighbors Show the current BGP neighbors from the routing manager
  • summary Show the current BGP summary from the routing manager

Description

The show bgp command and associated subcommands display information about the state of the BGP process on the 128T router. Each of these subcommands will be described in more detail in the sections that follow.

Example

When the show bgp command is issued with no command line arguments, the system returns the general status of the BGP process:

admin@labsystem1.fiedler# show bgp
BGP table version is 0, local router ID is 128.128.128.128
Status codes: s suppressed, d damped, h history, \* valid, > best, =
multipath,
i internal, r RIB-failure, S Stale, R Removed
Origin codes: i - IGP, e - EGP, ? – incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.18.11.0/24 172.18.1.2 0 0 4200000001 i
*> 172.18.22.0/24 172.18.2.2 0 0 4200000002 i
*> 172.31.255.10/32 172.18.3.2 0 4200000003 i
*> 192.168.128.0 0.0.0.0 0 32768 i
Total number of prefixes 4

The <route> argument is given as an IP prefix (CIDR). The show bgp <route> command gives detailed information on the specified route, if it exists in the 128T router's Routing Information Base (RIB).

admin@labsystem1.fiedler# show bgp 172.18.11.0/24
BGP routing table entry for 172.18.11.0/24
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Advertised to non peer-group peers:
172.18.2.2 172.18.3.2
4200000001
172.18.1.2 from 172.18.1.2 (1.1.1.1)
Origin IGP, metric 0, localpref 100, valid, external, best
Last update: Wed Feb 10 19:08:49 2016

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show bgp neighbors

Usage

show bgp neighbors [force] [router <router>] [<neighbor-ip>] [<option>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display BGP neighbors
Positional Arguments
  • neighbor-ip The IP address of the neighbor [type: IP address]
  • option advertised-routes | received-routes

Description

The show bgp neighbors command displays detailed information about each of the 128T router's BGP peers. By specifying a specific peer (through the optional argument <neighbor-ip>), administrators can view state information about one peer at a time. When specifying a specific neighbor, the output may include the routes shared with that peer by appending advertised-route or received from that peer by appending received-routes.

admin@labsystem1.fiedler# show bgp neighbors
BGP neighbor is 172.18.1.2, remote AS 4200000001, local AS 4200000128, external
link
BGP version 4, remote router ID 1.1.1.1
BGP state = Established, up for 00:27:25
Last read 00:00:25, hold time is 90, keepalive interval is 30 seconds
Configured hold time is 90, keepalive interval is 30 seconds
Neighbor capabilities:
4 Byte AS: advertised and received
Route refresh: advertised and received(old &amp; new)
Address family IPv4 Unicast: advertised and received
Graceful Restart Capabilty: advertised and received
Remote Restart timer is 120 seconds
Address families by peer:
none
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show bgp summary

Usage

show bgp summary [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the BGP summary

Description

The show bgp summary gives administrators a high-level summary table of the state of all of the 128T router's BGP peers.

It includes information on each BGP neighbor, including the version (V) of BGP that they are using (generally v4), the Autonomous System number (AS), the number of BGP messages sent and received (MsgSent, MsgRcvd), the table version (TblVer), etc.

Example

admin@labsystem1.fiedler# show bgp summary
BGP router identifier 128.128.128.128, local AS number 4200000128
RIB entries 7, using 784 bytes of memory
Peers 3, using 13 KiB of memory
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
172.18.1.2 4 4200000001 62 73 0 0 0 00:29:07 1
172.18.2.2 4 4200000002 62 73 0 0 0 00:29:10 1
172.18.3.2 4 4200000003 88 84 0 0 0 00:09:53 1
Total number of neighbors 3

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show capacity

Usage

show capacity [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to retrieve capacities
  • router the router from which to retrieve capacities

Description

Shows current fib/flow/arp/action usage and capacities at the specified node

Example

admin@gouda.novigrad# show capacity
Wed 2020-04-22 15:17:55 UTC
Node: gouda
===================== ========= ========== =======
Resource Entries Capacity Usage
===================== ========= ========== =======
access-policy-table 17 5402 0.3%
action-pool 2274 301210 0.8%
arp-table 23 65535 0.0%
fib-table 176 19051 0.9%
flow-table 1882 131554 1.4%
source-tenant-table 54 2736 2.0%
Completed in 0.09 seconds

show capture-filters

Usage

show capture-filters [device-interface <device-interface>] [force] [router <router>] [node <node>]
Keyword Arguments
  • device-interface Device interface on which to show capture-filters (default: all)
  • force Skip confirmation prompt. Only required when targeting all routers
  • node The node on which to show capture-filters
  • router The router on which to show capture-filters (default: all)

Description

Shows all configured capture-filters, including static capture-filters that exist as part of the configuration as well as dynamic capture-filters (i.e., those created using the create capture-filter command).

Example

admin@tp-colo-primary.tp-colo# show capture-filters device-interface blended-5
Thu 2020-04-23 20:28:05 UTC
========= ================= ================ =================
Router Node Interface Name Capture Filters
========= ================= ================ =================
tp-colo tp-colo-primary blended-5 host 172.18.5.4
Completed in 0.01 seconds

Version History

ReleaseModification
4.4.0This feature was introduced

See Also

show certificate webserver

Usage

show certificate webserver

Description

This command displays the contents of the webserver certificate.

Example

admin@labsystem1.fiedler# show certificate webserver
Certificate:
​ Data:
​ Version: 3 (0x2)
​ Serial Number: 17087 (0x42bf)
​ Signature Algorithm: sha256WithRSAEncryption
​ Issuer: C=US, ST=MA, O=a, CN=a
​ Validity
​ Not Before: May 5 04:49:02 2016 GMT
​ Not After : May 6 04:49:02 2017 GMT
​ Subject: C=US, ST=MA, O=a, CN=a
​ Subject Public Key Info:
​ Public Key Algorithm: rsaEncryption
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

See Also

show config candidate

Syntax

show config candidate [authority [router [ ...] ][verbose] [flat]

Description

This command returns the current candidate configuration on the 128T router (i.e., the configuration that is currently being edited, not the configuration that is actively running). The output from show config candidate will only show fields and values within the configuration that are set to non-default values, for brevity.

The show config candidate command has two optional flags: verbose and flat. Adding the verbose flag will show the entire configuration, including items that are part of the system's default configuration (normally hidden when using show config candidate by itself). Adding the flat flag will output the configuration as a series of individual, fully qualified configuration statements, which can singularly affect each component of the configuration discretely. That is, any of the lines can be used without any context to configure a single attribute, object, etc.

Note that the output from show config candidate is formatted in such a way so as to allow the text to be cut and pasted into a CLI session to configure a separate 128T router.

admin@labsystem1.fiedler# show config candidate
config
​ authority
​ router Fabric128
​ name Fabric128
​ node labsystem1
​ name labsystem1
​ id 1
​ description "Primary lab system"
​ location "Newton, MA"
​ role combo
​ device-interface 1
​ id 1
​ description "external network"
​ type ethernet
​ pci-address 0000:02:00.0
...

The same configuration using the flat flag is displayed quite differently:

admin@labsystem1.fiedler# show config candidate flat
config authority router Fabric128 name Fabric128
config authority router Fabric128 node labsystem1 name labsystem1
config authority router Fabric128 node labsystem1 id 1
config authority router Fabric128 node labsystem1 description "Primary lab system"
config authority router Fabric128 node labsystem1 location "Newton, MA"
config authority router Fabric128 node labsystem1 role combo
config authority router Fabric128 node labsystem1 device-interface 1 id 1
config authority router Fabric128 node labsystem1 device-interface 1 description "external network"
config authority router Fabric128 node labsystem1 device-interface 1 type ethernet
config authority router Fabric128 node labsystem1 device-interface 1 pci-address 0000:02:00.0

The show config candidate command also lets users show specific portions of the configuration by specifying the path to the areas of interest. For multiple instance items, such as node, service, etc., a keyword all will display all items of the specified type:

admin@labsystem1.fiedler# show config candidate authority session-type verbose all
config
​ authority
​ session-type HTTP
​ name HTTP
​ service-class Standard
​ timeout 7200000
​ transport tcp
​ protocol tcp
​ port-range 80
​ start-port 80
​ exit
​ port-range 8080
​ start-port 8080
​ exit
​ exit
​ exit
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced as "show candidate-config"
2.0.0Renamed and reorganized as "show config candidate". flat, verbose, and configuration branch arguments added

show config exports

Usage

show config exports

Description

This command lists the set of exported configurations that are stored on your 128T router. (Exported configurations are created with the export config command, described in more detail later in this document.)

Example

admin@labsystem1.fiedler# export config candidate 201703021024am
Successfully exported configuration: /etc/128technology/config-exports/201703021024am.gz
admin@labsystem1.fiedler# show config exports
Thu 2017-03-02 10:24:43 EST
201703021024am.gz
Completed in 0.22 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced

show config running

Usage

show config running [authority [router [...] ][verbose] [flat]

Description

This command returns the current running configuration on the 128T router (i.e., the configuration that is active and processing traffic). The output from show config running will only show fields and values within the configuration that are set to non-default values, for brevity.

The show config running command has two optional flags: verbose and flat. Adding the verbose flag will show the entire configuration, including items that are part of the system's default configuration (normally hidden when using show config running by itself). Adding the flat flag will output the configuration as a series of individual, fully qualified configuration statements, which can singularly affect each component of the configuration discretely. That is, any of the lines can be used without any context to configure a single attribute, object, etc.

Note that the output from show config running is formatted in such a way so as to allow the text to be cut and pasted into a CLI session to configure a separate 128T router.

admin@labsystem1.fiedler# show config running
config
​ authority
​ name Authority128
​ router Fabric128
​ name Fabric128
​ description "Default router"
​ inter-node-security internal
...

The show config running command also lets users show specific portions of the configuration by specifying the path to the areas of interest. For multiple instance items, such as node, service, etc., a keyword all will display all items of the specified type:

admin@labsystem1.fiedler# show config running authority service-class verbose all
config
​ authority
​ service-class Standard
​ name Standard
​ dscp 0
​ priority 0
​ rate-limit false
​ max-flow-rate 0
​ max-flow-burst 0
​ exit
​ service-class NetworkControl
​ name NetworkControl
​ dscp 48
​ priority 0
​ rate-limit false
​ max-flow-rate 0
​ max-flow-burst 0
​ exit
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced as "show running-config"
2.0.0Renamed and reorganized as "show config running"

show config version

Usage

show config version

Description

This command displays the version number of the running configuration on the 128T router. This version number is auto-generated, and is the UNIX timestamp when the configuration is committed. (As a consequence, you should expect that successive commits to the same configuration will increment the version by more than one. This is a change in behavior from pre-2.0 software, which used a monotonically incrementing integer to represent the configuration version.)

Example

admin@labsystem1.fiedler# show config version
Fri 2017-02-24 09:34:43 EST
Version 1487780689 committed at: Wed 2017-02-22 11:24:49
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0The behavior changed as described in the Description text above
3.0.0Updated to display the timestamp of the configuration change in human readable form

show context stats start-time

Usage

show context stats start-time

Description

The show context stats start-time subcommand shows the stats start-time (if set), or indicates that there is no start-time currently set. For more information on setting stats start-time, please refer to set context in this manual.

Example

admin@cnd1.conductor# show context stats start-time
No stats start time set, show stats will be relative to launch time
admin@cnd1.conductor# set context stats start-time "December 25, 2017"
Stats start time set to: 2017-12-25 00:00:00
admin@cnd1.conductor# show context stats start-time
Stats start time set to: 2017-12-25 00:00:00
admin@cnd1.conductor# clear context stats start-time
Success
admin@cnd1.conductor# show context stats start-time
No stats start time set, show stats will be relative to launch time

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show device-interface

Usage

show device-interface [name <name>] [force] [router <router>] [node <node>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • name device interface to display (if omitted, all will be displayed)
  • node node for which to display device interfaces
  • router router for which to display device interfaces
Positional Arguments
  • verbosity detail | summary (default: detail)

Description

This command displays detailed information about device interface(s) (i.e., physical ports) on a 128T router node. The optional command line arguments allow a user to reduce the set of information to a specific set of interfaces on a given node, or a specific interface on a specific node.

Omitting all optional arguments will display detailed information on all device interfaces defined within the 128T router.

Example

admin@labsystem1.myRouter# show device-interface
Fri 2016-12-09 11:14:58 EST
========================================
labsystem1.1
========================================
Type: ethernet
PCI Address: 0000:02:00.0
MAC Address: unavailable
Admin Status: up
Operational Status: up
Redundancy Status: not-redundant
in-octets: 21234570
in-unicast-pkts: 112463
in-errors: 0
out-octets: 8991876
out-unicast-pkts: 27786
out-errors: 0
Completed in 0.18 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced
3.0.0Added requirement for prepending keywords to the device-interface-id and node arguments to avoid command line ambiguity
3.2.0Device-interface is keyed by name rather than id

show dhcp mappings

Usage

show dhcp mappings [rows <rows>] [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to identify DHCP mappings
  • router the name of the router to show
  • rows the number of mappings to display at once [type: int or 'all'] (default: 50)

Description

Show each DHCP mapping from an interface to mapping/IP family/config types

Example

admin@gouda.novigrad# show dhcp mappings
Wed 2020-04-22 15:05:25 UTC
Node: gouda
================= ================== ====== ============== ================ =============
Src Device Port Dest Device Port VLAN Mapping Type IP Family Type Config Type
================= ================== ====== ============== ================ =============
1 252 0 originating ipv4 server
2 0 0 originating ipv4 client
252 1 0 derived ipv4 server
Completed in 0.05 seconds

See Also

show dhcp prefix-delegation

Usage

show dhcp prefix-delegation [group <group>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • group prefix-delegation group to display (if omitted, all will be displayed)
  • router The name of the router to show
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show the prefix learned for prefix-delegation

Example

admin@gouda.novigrad# show dhcp prefix-delegation
Wed 2020-04-22 14:47:05 UTC
========== ============ ================ ========== ============== ===============
Router Group Name Interface Name Status Prefix Prefix Length
========== ============ ================ ========== ============== ===============
novigrad pd-group-1 t128tuntap1 resolved 2001:db2:1:: 56
Completed in 0.08 seconds

See Also

show dhcp v4

Usage

show dhcp v4 [name <name>] [force] [router <router>] [node <node>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • name Network interface to display (if omitted, all will be displayed)
  • node node for which to display dhcp lease info
  • router router for which to display dhcp lease info
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Display dhcp lease info for network-interfaces

Example

admin@gouda.novigrad# show dhcp v4
Wed 2020-04-22 14:47:05 UTC
========== ======= ================== =================== ============ ================ =============== ==============
Router Node Device Interface Network Interface Dhcp State Address Prefix Length Gateway
========== ======= ================== =================== ============ ================ =============== ==============
novigrad gouda wan wan-interface Resolved 1.2.3.4 24 1.2.3.1
Completed in 0.20 seconds

Specifying the argument detail provides additional information

admin@gouda.novigrad# show dhcp v4 detail
Wed 2020-04-22 14:55:43 UTC
============================================================
Router
============================================================
Node: gouda
Device Interface: wan
Network Interface: wan-interface
Dhcp State: Resolved
State Machine State: Bound
Lease Start Time: Wed Apr 22 14:13:09 2020
Lease Renewal Time: Wed Apr 22 15:13:09 2020
Lease Rebinding Time: Wed Apr 22 15:43:09 2020
Lease Expiration Time: Wed Apr 22 16:13:09 2020
Learned MTU: 0 bytes
Server Address: 1.2.3.1
Dns Server Address:
- 8.8.8.8
- 1.1.1.1
Addresses:
Address: 1.2.3.4
Prefix Length: 24
Gateway: 1.2.3.1
Completed in 0.30 seconds

See Also

show dhcp v6

Usage

show dhcp v6 [name <name>] [force] [router <router>] [node <node>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • name Network interface to display (if omitted, all will be displayed)
  • node node for which to display dhcp lease info
  • router router for which to display dhcp lease info
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Display DHCP lease info for network-interfaces

Example

admin@gouda.novigrad# show dhcp v6
Wed 2020-04-22 14:47:05 UTC
========== ======= ================== =================== ============ ================================= =============== =================================
Router Node Device Interface Network Interface Dhcp State Address Prefix Length Gateway
========== ======= ================== =================== ============ ================================= =============== =================================
novigrad gouda wan wan-interface Resolved 2001:db8:85a3:0:0:8a2e:370:7334 96 2001:db8:85a3:0:0:8a2e:370:7330
Completed in 0.20 seconds

See Also

show dns resolutions

Usage

show dns resolutions [hostname <hostname>] [rows <rows>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • hostname The DNS hostname belonging to a node
  • router The name of the router holding the node with the DNS resolutions
  • rows The number of dns resolutions to display at once [type: int or 'all'] (default: 50)
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Shows all hostnames that require DNS resolution. Hostnames can be specified throughout the configuration; commonly defined on the network-interface and within a service.

Example

admin@gouda.novigrad# show dns resolutions
Wed 2020-04-22 14:31:54 UTC
========== ======= ========================= ========== ====================== ======================
Router Node Hostname Resolved Last Resolved Expiration
========== ======= ========================= ========== ====================== ======================
novigrad gouda my.host.name Y 2020-04-22T14:30:43Z 2020-04-22T14:34:43Z
Completed in 0.02 seconds

Specifying the argument detail provides additional information

admin@gouda.novigrad# show dns resolutions detail
Wed 2020-04-22 14:43:43 UTC
=============================================
Node: gouda.novigrad
=============================================
Router: novigrad
Node: gouda
DNS Resolution:
Hostname: my.host.name
Resolved: Y
IPv4 Address: 1.2.3.4
Last Resolved: 2020-04-22T14:42:44Z
Expiration: 2020-04-22T14:46:44Z
Completed in 0.10 seconds

See Also

show entitlement

Usage

show entitlement [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display entitlement utilized. Conductor routers will show the entitlement utilized per project of all conducted routers.

Description

This command displays the bandwidth entitlement for your 128T router.

The 128T Networking Platform calculates the Peak Router Bandwidth Capacity; this is the highest router bandwidth value of any 5 second interval over the specific license period. The Router Bandwidth is calculated based on the aggregate of sessions traversing the router. For more information on the specifics of the 128T entitlement, visit the 128 Technology website.

Example

admin@gouda.novigrad# show entitlement
Tue 2020-04-21 18:56:30 UTC
============= =========== ======================
Project Month Entitlement Utilized
============= =========== ======================
Lab Router *Apr 2020 11.94 Mbps
Mar 2020 14.23 Mbps
Completed in 0.63 seconds

The asterisk next to the date indicates the current month and therefore a partial entitlement calcuation.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show events alarm

Usage

show events alarm [from <from>] [to <to>] [rows <rows>] [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • from Only show events after the provided time. [type: timestamp]
  • router the name of the router for which to display alarm events
  • rows the number of alarm events to display [type: int or 'all']
  • to Only show events before the provided time. [type: timestamp]

Description

The show events alarm command displays various event records that the 128T collects during operation. As of software version 3.1, the only event type that is capable of being shown is the alarm history.

The output can be optionally restricted to specific time windows using the from and to qualifiers. Because this command can generate a lot of output, the rows limiter is particularly useful on busy systems.

Example

user@labsystem1.fiedler> show events alarm
Fri 2017-07-21 11:59:51 EDT
=================== ============ ====================== ==========
Node Event Type Time Severity ...
=================== ============ ====================== ==========
labsystem1 clear 2017-07-21T15:24:04Z major
labsystem1 clear 2017-07-21T15:24:04Z major
labsystem1 add 2017-07-21T15:23:59Z major
labsystem2 add 2017-07-21T15:23:59Z major
labsystem2 clear 2017-07-21T15:23:19Z major
labsystem1 clear 2017-07-21T15:23:19Z major
labsystem1 clear 2017-07-21T15:23:19Z major
labsystem1 clear 2017-07-21T15:23:19Z major
labsystem1 add 2017-07-21T15:23:14Z major
Completed in 0.11 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.1.0This feature was introduced

See Also

show fib

Usage

show fib [rows <rows>] [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to retrieve fib entries
  • router the router from which to retrieve fib entries
  • rows the number of fib nodes to display at once [type: int or 'all'] (default: 50)

Description

This command shows the Forwarding Information Base (FIB) entries on the node that is specified by the <node-name> argument. The output may be limited to a specified number of rows by adding the optional <rows> modifier at the end of the command.

This command can generate a large quantity of output on a busy system, and it is advised that administrators exercise caution when issuing this command without the <rows> modifier.

Example

admin@gouda.novigrad# show fib
Tue 2020-04-21 17:48:39 UTC
Node: gouda
Entry Count: 176
Capacity: 19051
==================== ======= ======= ==================== ========================= ==============
IP Prefix Port Proto Tenant Service Next Hops
==================== ======= ======= ==================== ========================= ==============
0.0.0.0/0 <any> <any> lanSubnet Internet 1.2.3.4
0.0.0.0/0 <any> <any> _internal_ Internet 1.2.3.4
0.0.0.0/0 <any> <any> MBP.lanSubnet Internet 1.2.3.4
96.230.191.0/24 <any> <any> lanSubnet Internet 1.2.3.4
96.230.191.0/24 <any> <any> _internal_ Internet 1.2.3.4
1.2.3.430/32 <any> igmp <global> <ControlMessageService> <none>
1.2.3.4/32 179 tcp <global> <ControlMessageService> <none>
1.2.3.4/32 179 tcp blacklist <ControlMessageService> <none>
1.2.3.4/32 500 udp <global> VPN 192.168.0.3
1.2.3.4/32 500 udp blacklist VPN 192.168.0.3
127.0.0.0/8 <any> <any> <global> <ControlMessageService> <none>
127.0.0.0/8 <any> <any> untrustedLanSubnet <ControlMessageService> <none>
169.254.127.126/31 <any> <any> lanSubnet Internet 1.2.3.4
169.254.127.126/31 <any> <any> _internal_ Internet 1.2.3.4
169.254.127.126/32 53 udp _internal_ LanDnsProxy 1.2.3.4
1.2.3.4
169.254.127.126/32 53 udp MBP.lanSubnet LanDnsProxy 1.2.3.4
1.2.3.4
169.254.127.126/32 179 tcp _internal_ <ControlMessageService> <none>
169.254.128.132/32 <any> <any> lanSubnet Internet 1.2.3.4
169.254.128.132/32 <any> <any> _internal_ Internet 1.2.3.4
169.254.128.132/32 <any> <any> MBP.lanSubnet Internet 1.2.3.4
169.254.128.132/32 <any> <any> untrustedLanSubnet Internet 1.2.3.4
169.254.128.132/32 <any> igmp <global> <ControlMessageService> <none>
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword to enforce PCLI consistency

show history

Usage

show history [rows <rows>]
Keyword Arguments
  • rows the number of recent commands to show [type: int or 'all']

Description

Show the PCLI command history for the current user.

Example

admin@gouda.novigrad# show history
1 show run
2 show config running
3 quit
4 shell
...
465 show ntp
466 show network-interface
467 show network-interface wan-interface
468 show network-interface name wan-interface
469 show network-interface application
470 show history

See Also

show load-balancer

Usage

show load-balancer [service <service>] [agent <agent>] [force] [router <router>] [node <node>]
Keyword Arguments
  • agent Agent name to show. If unspecified, shows all agents.
  • force Skip confirmation prompt
  • node The name of the node
  • router The name of the router
  • service Service name to show. If unspecified, shows all services.

Description

The show load-balancer command provides feedback on the 128T router's load balancing behavior, when configured to balance traffic (via a service-policy).

This command, when issued without any filters (agent, node, or service) will display all agents, nodes, and services that are subject to load balancing. (The output can be quite verbose.) These filters may be combined to "hone in" on specific agents/nodes/services selectively.

This command is extremely helpful for identifying why the 128T router selected specific destinations for its session-oriented traffic.

Example

admin@labsystem1.fiedler# show load-balancer
===============================================================================
Service: web
Strategy: proportional
+-----------+--------+-----------+
| Agent | Node | Service |
|-----------+--------+-----------|
| agent_2_a | test1 | web |
+-----------+--------+-----------+
Capacity:
====== ===== ====== ======
Used Max Util Rate
====== ===== ====== ======
0 2000 0.0% 0/s
====== ===== ====== ======
Paths (count 1):
intf10.0 gateway 172.16.12.1
====== ========= ======= ======= ========= ========
Type Quality State Loss Latency Jitter
====== ========= ======= ======= ========= ========
local 30 unknown unknown unknown unknown
====== ========= ======= ======= ========= ========
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show network-interface

Usage

show network-interface [name <name>] [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • name Network interface to display (if omitted, all will be displayed)
  • node node for which to display network-interface data
  • router router for which to display network-interface data
Subcommands
  • application Display application data for network-interfaces

Description

The show network-interface, a counterpart to show device-interface, shows information and statistics relevant to the logical interfaces configured on your 128T networking platform.

The show network-interface command will show router, node, and device names, as well as the network-interface name and basic information about each interface.

Example

admin@gouda.novigrad# show network-interface
Tue 2020-04-21 15:19:25 UTC
========== ======= ======== ================ ============ ====== ============= ========== ========== =================== ============== ========================= ======== ======== ======
Router Node Device Name Forwarding VLAN Device Type Type DHCP Address Gateway Hostname Admin Oper GIID
Status Status
========== ======= ======== ================ ============ ====== ============= ========== ========== =================== ============== ========================= ======== ======== ======
novigrad gouda wan wan-interface true 0 ethernet external v4 1.2.3.4/24 2.3.4.5 my.host.name up up 1
novigrad gouda lan lan-interface true 0 ethernet external disabled 192.168.0.1/24 -- -- up up 2
novigrad gouda lan lan-untrusted true 3000 ethernet external disabled 172.16.0.1/24 -- -- up up 4
novigrad gouda mgmt mgmt-interface false 0 ethernet external disabled 192.168.0.2/24 -- -- n/a n/a 3
Completed in 0.33 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show network-interface application

Usage

show network-interface application [name <name>] [node <node>]
Keyword Arguments
  • name Network interface to display (if omitted, all will be displayed)
  • node node for which to display network-interface data

Description

The command show network-interface application can be used to display information regarding DHCP client reservations when running a DHCP server on the respective network-interface.

Example

admin@gouda.novigrad# show network-interface application
Tue 2020-04-21 15:26:19 UTC
====================================================================================================
Application Data
====================================================================================================
Interface: gouda:wan-interface
state: Interface not configured for any managed application
Interface: gouda:lan-interface
dhcp-server:
kea-status:
active (running/success) since Sat 2020-04-11 12:57:23 UTC
kea-ctrl-status:
active (running/success) since Sat 2020-04-11 12:57:23 UTC
metrics:
declined-addresses: 0
pkt4-ack-sent: 1900
pkt4-discover-received: 403
pkt4-inform-received: 469
pkt4-offer-sent: 403
pkt4-received: 2317
pkt4-release-received: 2
pkt4-request-received: 1443
pkt4-sent: 2303
reclaimed-declined-addresses: 0
reclaimed-leases: 13
subnet[1].assigned-addresses: 24
subnet[1].declined-addresses: 0
subnet[1].reclaimed-declined-addresses:0
subnet[1].reclaimed-leases: 13
subnet[1].total-addresses: 181
subnets:
subnet:
current-lease-count: 24
current-leases:
lease:
client-last-transaction-time: 2020-04-21 15:26:12
hostname: homecomtsiphone
hw-address: 70:3c:69:58:01:28
ip-address: 192.168.0.36
valid-lifetime: 86400
subnet: 192.168.0.1/24
...
ha-heartbeat:
role: primary
state: standalone
Interface: gouda:lan-untrusted
state: Interface not configured for any managed application
Interface: gouda:mgmt-interface
state: Interface not configured for any managed application
Completed in 0.76 seconds

show ntp

Usage

show ntp [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node the node from which to retrieve ntp status
  • router the router from which to retrieve ntp status

Description

The show ntp subcommand displays properties of the NTP (Network Time Protocol) process running on the local node, or on the node specified as the optional <node‑name> parameter passed on the command line.

Example

admin@gouda.novigrad# show ntp
Tue 2020-04-21 15:17:26 UTC
Node: gouda
======== ================== ================= ========= ====== ====== ====== ======= ========= ======== ======== ============
Status Time Source Ref. ID Stratum Type When Poll Reach Delay Offset Jitter Tally Code
======== ================== ================= ========= ====== ====== ====== ======= ========= ======== ======== ============
active *time-a-g.nist.g .NIST. 1 u 628 1024 377 22.968 -0.239 1.700 syspeer
active +time-a-wwv.nist .NIST. 1 u 18 1024 377 50.919 0.959 1.524 candidate
active +voipmonitor.wci 216.218.254.202 2 u 659 1024 377 71.502 -2.721 8.596 candidate
active +ec2-52-6-191-28 128.138.140.44 2 u 85 1024 377 19.926 -1.250 2.324 candidate
active -time.cloudflare 10.11.8.211 3 u 334 1024 375 45.860 -9.908 10.247 outlyer
active +electrode.felix 77.37.6.59 3 u 124 1024 377 115.003 -0.834 2.565 candidate
active +ntp1.as34288.ne 85.158.25.74 2 u 183 1024 377 114.938 -5.516 4.387 candidate
active +time-b-b.nist.g .NIST. 1 u 971 1024 377 48.929 -0.438 3.269 candidate
active -acheron.bitsrc. 120.251.163.32 3 u 588 1024 377 77.970 3.562 3.732 outlyer
Completed in 1.30 seconds

The "Ref. ID" field is a four letter ASCII string assigned to the reference clock, and refers to the identifiers defined in RFC 5905.

Privileges Required

Available to admin and user accounts. Updated in 3.0, added node keyword to enforce PCLI consistency.

Version History

ReleaseModification
2.0.0This feature was introduced

show ospf

Usage

show ospf [area <area-id>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • area the area to filter OSPF information for
  • force Skip confirmation prompt
  • router the router to request OSPF information from
Positional Arguments
  • verbosity detail | summary (default: summary)
Subcommands
  • border-routers Show information about the OSPF border routers
  • database Show OSPF database information
  • interfaces Show information about the OSPF interfaces
  • neighbors Show information about OSPF neighbors
  • routes Show information about the OSPF routes

Description

Show general information about OSPF

Example

admin@combo-east.ComboEast# show ospf
Fri 2020-04-17 19:11:06 UTC
=========== ============ ========== ============= ==================== ========= =========== =============
Router Router ID ABR Type ASBR Router External LSA Count Area ID Area Type Area Border
Router
=========== ============ ========== ============= ==================== ========= =========== =============
ComboEast 172.16.4.2 cisco true 1 0.0.0.0
ComboEast 172.16.4.2 cisco true 1 0.0.0.1 normal
Completed in 0.35 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf detail
Fri 2020-04-17 19:11:14 UTC
====================================================
Router: ComboEast
====================================================
Router ID: 172.16.4.2
Deferred Shutdown: 0.0 s
RFC1583 Compatible: false
Stub Advertisement Enabled: false
Opaque Capable: false
Post-Start Enabled: 0.0 s
Pre-Shutdown Enabled: 0.0 s
SPF Schedule Delay: 0.0 s
Holdtime Minimum: 50 ms
Holdtime Maximum: 5000 ms
Holdtime Multiplier: 1
SPF Last Executed: 4m 16s ago
SPF Last Duration: 0 ms
SPF Has Not Run: false
SPF Timer Due: 0.0 s
LSA Minimum Interval: 5.0 s
LSA Minimum Arrival: 1.0 s
Write Multiplier: 20
Refresh Timer: 10.0 s
ABR Type: cisco
ASBR Router: true
External LSA Count: 1
External LSA Checksum: 0x00004aa4
Opaque AS LSA Count: 0
Opaque AS LSA Checksum: 0x00000000
Attached Area Count: 2
Adjacency Changes Logged: false
Adjacency Changes Logged (all): false
Area:
Area ID: 0.0.0.0
Backbone: true
Interface Total Count: 1
Interface Active Count: 1
Fully Adjacent Neighbor Count: 1
Authentication: none
Passing Fully Virtual Adjacencies: 0
SPF Executed Count: 8
LSA Count: 5
LSA Router Count: 2
LSA Router Checksum: 0x00019ad4
LSA Network Count: 1
LSA Network Checksum: 0x0000f755
LSA Summary Count: 2
LSA Summary Checksum: 0x0000f3ad
LSA ASBR Count: 0
LSA ASBR Checksum: 0x00000000
LSA NSSA Count: 0
LSA NSSA Checksum: 0x00000000
LSA Opaque Link Count: 0
LSA Opaque Link Checksum: 0x00000000
LSA Opaque Area Count: 0
LSA Opaque Area Checksum: 0x00000000
Area:
Area ID: 0.0.0.1
Area Type: normal
Backbone: false
No Summaries: false
Shortcutting Mode: default
S-bit Concensus: true
Interface Total Count: 1
Interface Active Count: 1
Fully Adjacent Neighbor Count: 0
Authentication: none
Passing Fully Virtual Adjacencies: 0
SPF Executed Count: 3
LSA Count: 3
LSA Router Count: 1
LSA Router Checksum: 0x000042bc
LSA Network Count: 0
LSA Network Checksum: 0x00000000
LSA Summary Count: 2
LSA Summary Checksum: 0x00014c4b
LSA ASBR Count: 0
LSA ASBR Checksum: 0x00000000
LSA NSSA Count: 0
LSA NSSA Checksum: 0x00000000
LSA Opaque Link Count: 0
LSA Opaque Link Checksum: 0x00000000
LSA Opaque Area Count: 0
LSA Opaque Area Checksum: 0x00000000
Completed in 0.29 seconds

show ospf border-routers

Usage

show ospf border-routers [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • router the router to request OSPF information from
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show information about the OSPF border routers

Example

admin@combo-east.ComboEast# show ospf border-routers
Fri 2020-04-17 19:12:20 UTC
============= ================== ================
Router Name Border Router ID Routes (count)
============= ================== ================
ComboEast 172.16.4.3 1
Completed in 0.29 seconds

Specifying the argument detail provides additional information

dmin@combo-east.ComboEast# show ospf border-routers detail
Fri 2020-04-17 19:12:30 UTC
========================================
Router: ComboEast
========================================
Border Router:
Border Router ID: 172.16.4.3
Route:
Area ID: 0.0.0.0
Cost: 10
Inter-Area: false
ABR: true
ASBR: false
Path:
Via: 172.16.3.3
Device Interface: 11
Network Interface: intf11
Completed in 0.33 seconds

show ospf database

show ospf database [self-originate] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • router the router to request OSPF information from
  • self-originate retrieve only self-originated LSA information
Positional Arguments
  • verbosity detail | summary (default: summary)
Subcommands
  • lsa Show OSPF database LSA information
  • max-age Show OSPF LSAs which have reached maximum age

Description

Show OSPF database information

Example

admin@combo-east.ComboEast# show ospf database
Fri 2020-04-17 19:13:24 UTC
=========== ============= ============= ============ ==================== ====== =================
Router Area ID Type LSA ID Advertising Router Age Sequence Number
=========== ============= ============= ============ ==================== ====== =================
ComboEast 0.0.0.0 Router 172.16.4.2 172.16.4.2 386 0x80000006
ComboEast 0.0.0.0 Router 172.16.4.3 172.16.4.3 1120 0x80000005
ComboEast 0.0.0.0 Network 172.16.3.3 172.16.4.3 1121 0x80000001
ComboEast 0.0.0.0 Summary 172.16.1.0 172.16.4.2 421 0x80000002
ComboEast 0.0.0.0 Summary 172.16.2.0 172.16.4.3 1289 0x80000002
ComboEast 0.0.0.1 Router 172.16.4.2 172.16.4.2 381 0x80000005
ComboEast 0.0.0.1 Summary 172.16.2.0 172.16.4.2 421 0x80000001
ComboEast 0.0.0.1 Summary 172.16.3.0 172.16.4.2 421 0x80000001
ComboEast unavailable AS_External 12.0.0.1 172.16.4.2 386 0x80000001
Completed in 0.39 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf database detail
Fri 2020-04-17 19:13:37 UTC
==============================================
Router: ComboEast
==============================================
Area:
Area ID: 0.0.0.0
LSA Type:
Type: Router
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
Age: 398
Sequence Number: 0x80000006
Checksum: 0x0000d067
Link Count: 1
LSA:
LSA ID: 172.16.4.3
Advertising Router: 172.16.4.3
Age: 1133
Sequence Number: 0x80000005
Checksum: 0x0000ca6d
Link Count: 1
LSA Type:
Type: Network
LSA:
LSA ID: 172.16.3.3
Advertising Router: 172.16.4.3
Age: 1133
Sequence Number: 0x80000001
Checksum: 0x0000f755
LSA Type:
Type: Summary
LSA:
LSA ID: 172.16.1.0
Advertising Router: 172.16.4.2
(self)
Age: 433
Sequence Number: 0x80000002
Checksum: 0x0000824f
Route IP Prefix: 172.16.1.0/24
LSA:
LSA ID: 172.16.2.0
Advertising Router: 172.16.4.3
Age: 1301
Sequence Number: 0x80000002
Checksum: 0x0000715e
Route IP Prefix: 172.16.2.0/24
Area:
Area ID: 0.0.0.1
LSA Type:
Type: Router
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
Age: 393
Sequence Number: 0x80000005
Checksum: 0x000042bc
Link Count: 1
LSA Type:
Type: Summary
LSA:
LSA ID: 172.16.2.0
Advertising Router: 172.16.4.2
(self)
Age: 433
Sequence Number: 0x80000001
Checksum: 0x0000dde9
Route IP Prefix: 172.16.2.0/24
LSA:
LSA ID: 172.16.3.0
Advertising Router: 172.16.4.2
(self)
Age: 433
Sequence Number: 0x80000001
Checksum: 0x00006e62
Route IP Prefix: 172.16.3.0/24
Area:
Area ID: unavailable
LSA Type:
Type: AS_External
LSA:
LSA ID: 12.0.0.1
Advertising Router: 172.16.4.2
(self)
Age: 398
Sequence Number: 0x80000001
Checksum: 0x00004aa4
Route IP Prefix: 12.0.0.1/32
External Metric Type: type-2
Route Tag: 0
Completed in 0.34 seconds

show ospf database lsa

Usage

show ospf database lsa [{origin <ip> | self-originate}] [lsa-id <id>] [force] [router <router>] lsa-type <type> [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • lsa-id the Link State ID to retrieve
  • lsa-type the LSA type to retrieve
  • origin retrieve LSAs from this advertising router IP
  • router the router to request OSPF information from
  • self-originate retrieve only self-originated LSA information
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show OSPF database LSA information

Example

admin@combo-east.ComboEast# show ospf database lsa lsa-type router
Fri 2020-04-17 19:15:01 UTC
=========== ========= ============ ========== =========== ============= ============
Router Area ID LSA ID LSA Type Flags Metric Link Count
=========== ========= ============ ========== =========== ============= ============
ComboEast 0.0.0.0 172.16.4.2 Router ABR, ASBR unavailable 1
ComboEast 0.0.0.0 172.16.4.3 Router ABR unavailable 1
ComboEast 0.0.0.1 172.16.4.2 Router ABR, ASBR unavailable 1
Completed in 0.33 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf database lsa lsa-type router detail
Fri 2020-04-17 19:15:24 UTC
====================================================
Router: ComboEast
====================================================
Router ID: 172.16.4.2
Area:
Area ID: 0.0.0.0
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
LSA Type: Router
Age: 506
Sequence Number: 0x80000006
Checksum: 0x0000d067
Length: 36 bytes
Translated: false
Options:
- E
Flags:
- ABR
- ASBR
Metric: unavailable
Link Count: 1
Link:
Link Type: Transit
Link ID Type: DesignatedRouterAddress
Link ID: 172.16.3.3
Data Type: RouterInterfaceAddress
Data: 172.16.3.2
Metric: 10
LSA:
LSA ID: 172.16.4.3
Advertising Router: 172.16.4.3
LSA Type: Router
Age: 1240
Sequence Number: 0x80000005
Checksum: 0x0000ca6d
Length: 36 bytes
Translated: false
Options:
- E
Flags:
- ABR
Metric: unavailable
Link Count: 1
Link:
Link Type: Transit
Link ID Type: DesignatedRouterAddress
Link ID: 172.16.3.3
Data Type: RouterInterfaceAddress
Data: 172.16.3.3
Metric: 10
Area:
Area ID: 0.0.0.1
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
LSA Type: Router
Age: 501
Sequence Number: 0x80000005
Checksum: 0x000042bc
Length: 36 bytes
Translated: false
Options:
- E
Flags:
- ABR
- ASBR
Metric: unavailable
Link Count: 1
Link:
Link Type: Stub
Link ID Type: Net
Link ID: 172.16.1.0
Data Type: NetworkMask
Data: 255.255.255.0
Metric: 10
Completed in 0.40 seconds
admin@combo-east.ComboEast# show ospf database lsa lsa-id 172.16.4.3 lsa-type router
Fri 2020-04-17 19:16:25 UTC
=========== ========= ============ ========== ======= ============= ============
Router Area ID LSA ID LSA Type Flags Metric Link Count
=========== ========= ============ ========== ======= ============= ============
ComboEast 0.0.0.0 172.16.4.3 Router ABR unavailable 1
Completed in 0.35 seconds
admin@combo-east.ComboEast# show ospf database lsa lsa-id 172.16.4.3 lsa-type router detail
Fri 2020-04-17 19:17:24 UTC
====================================================
Router: ComboEast
====================================================
Router ID: 172.16.4.2
Area:
Area ID: 0.0.0.0
LSA:
LSA ID: 172.16.4.3
Advertising Router: 172.16.4.3
LSA Type: Router
Age: 1359
Sequence Number: 0x80000005
Checksum: 0x0000ca6d
Length: 36 bytes
Translated: false
Options:
- E
Flags:
- ABR
Metric: unavailable
Link Count: 1
Link:
Link Type: Transit
Link ID Type: DesignatedRouterAddress
Link ID: 172.16.3.3
Data Type: RouterInterfaceAddress
Data: 172.16.3.3
Metric: 10
Completed in 0.26 seconds

show ospf database max-age

Usage

show ospf database max-age [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router the router to request OSPF information from

Description

Show OSPF LSAs which have reached maximum age

Example

admin@combo-east.ComboEast# show ospf database max-age
Fri 2020-04-17 19:19:15 UTC
=========== ========== ============= ======================= =================
Router LSA ID LSA Type Advertising Router IP Reference Count
=========== ========== ============= ======================= =================
ComboEast 12.0.0.1 AS_External 172.16.4.2 4
Completed in 0.34 seconds
admin@combo-east.ComboEast# show ospf database self-originate
Fri 2020-04-17 19:21:29 UTC
=========== ========= ========= ============ ==================== ===== =================
Router Area ID Type LSA ID Advertising Router Age Sequence Number
=========== ========= ========= ============ ==================== ===== =================
ComboEast 0.0.0.0 Router 172.16.4.2 172.16.4.2 148 0x80000007
ComboEast 0.0.0.0 Summary 172.16.1.0 172.16.4.2 906 0x80000002
ComboEast 0.0.0.1 Router 172.16.4.2 172.16.4.2 148 0x80000006
ComboEast 0.0.0.1 Summary 172.16.2.0 172.16.4.2 906 0x80000001
ComboEast 0.0.0.1 Summary 172.16.3.0 172.16.4.2 906 0x80000001
Completed in 0.33 seconds
admin@combo-east.ComboEast# show ospf database self-originate detail
Fri 2020-04-17 19:21:39 UTC
============================================
Router: ComboEast
============================================
Area:
Area ID: 0.0.0.0
LSA Type:
Type: Router
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
Age: 158
Sequence Number: 0x80000007
Checksum: 0x0000c870
Link Count: 1
LSA Type:
Type: Summary
LSA:
LSA ID: 172.16.1.0
Advertising Router: 172.16.4.2
(self)
Age: 915
Sequence Number: 0x80000002
Checksum: 0x0000824f
Route IP Prefix: 172.16.1.0/24
Area:
Area ID: 0.0.0.1
LSA Type:
Type: Router
LSA:
LSA ID: 172.16.4.2
Advertising Router: 172.16.4.2
(self)
Age: 158
Sequence Number: 0x80000006
Checksum: 0x00003ac5
Link Count: 1
LSA Type:
Type: Summary
LSA:
LSA ID: 172.16.2.0
Advertising Router: 172.16.4.2
(self)
Age: 916
Sequence Number: 0x80000001
Checksum: 0x0000dde9
Route IP Prefix: 172.16.2.0/24
LSA:
LSA ID: 172.16.3.0
Advertising Router: 172.16.4.2
(self)
Age: 916
Sequence Number: 0x80000001
Checksum: 0x00006e62
Route IP Prefix: 172.16.3.0/24
Completed in 0.32 seconds
admin@combo-east.ComboEast# show ospf database lsa lsa-type router origin 172.16.4.3
Fri 2020-04-17 19:25:03 UTC
=========== ========= ============ ========== ======= ============= ============
Router Area ID LSA ID LSA Type Flags Metric Link Count
=========== ========= ============ ========== ======= ============= ============
ComboEast 0.0.0.0 172.16.4.3 Router ABR unavailable 1
Completed in 0.38 seconds
admin@combo-east.ComboEast# show ospf database lsa lsa-type router origin 172.16.4.3 detail
Fri 2020-04-17 19:25:12 UTC
====================================================
Router: ComboEast
====================================================
Router ID: 172.16.4.2
Area:
Area ID: 0.0.0.0
LSA:
LSA ID: 172.16.4.3
Advertising Router: 172.16.4.3
LSA Type: Router
Age: 144
Sequence Number: 0x80000006
Checksum: 0x0000c86e
Length: 36 bytes
Translated: false
Options:
- E
Flags:
- ABR
Metric: unavailable
Link Count: 1
Link:
Link Type: Transit
Link ID Type: DesignatedRouterAddress
Link ID: 172.16.3.3
Data Type: RouterInterfaceAddress
Data: 172.16.3.3
Metric: 10
Completed in 0.37 seconds

show ospf interfaces

Usage

show ospf interfaces [network-interface <name>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • network-interface the network interface to fetch OSPF information for
  • router the router to request OSPF information from
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show information about the OSPF interfaces

Example

admin@combo-east.ComboEast# show ospf interfaces
Fri 2020-04-17 19:29:52 UTC
============= ================== =========== ======== ============ =========== ========= ===========
Router Name Device Interface Network Status IP Address OSPF Type Area ID Area Type
Interface
============= ================== =========== ======== ============ =========== ========= ===========
ComboEast 10 intf10 up 172.16.1.2 Peer 0.0.0.1 normal
/24
ComboEast 11 intf11 up 172.16.3.2 Peer 0.0.0.0 normal
/24
Completed in 0.37 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf interfaces detail
Fri 2020-04-17 19:30:06 UTC
===============================================
Router: ComboEast
===============================================
Interface:
Device Interface: 10
Network Interface: intf10
Interface Index: 3
Status: up
MTU Size: 1500 bytes
Bandwidth: 10 Mbps
OSPF Enabled: true
OSPF Running: false
Flags:
- UP
- BROADCAST
- RUNNING
- MULTICAST
Address:
IP Address: 172.16.1.2/24
Broadcast IP Address: unavailable
Unnumbered Interface: false
V-Link Peer: unavailable
MTU Mismatch Detection: false
Router ID: 172.16.4.2
OSPF Type: Peer
OSPF State: DR
Area ID: 0.0.0.1
Area Type: normal
Network Type: BROADCAST
Cost: 10
Transmit Delay: 1.0 s
Priority: 1
BDR ID: unavailable
BDR Address: unavailable
LSA Sequence: 0x00000000
Multicast Member (All): true
Multicast Member (DR): true
Timer Hello: 0.1 s
Timer Dead: 0.025 s
Timer Wait: 0.025 s
Timer Retransmit: 0.2 s
Timer Hello Due: 6.981 s
Timer Passive: false
Neighbor Count: 0
Adjacent Neighbor Count: 0
Interface:
Device Interface: 11
Network Interface: intf11
Interface Index: 4
Status: up
MTU Size: 1500 bytes
Bandwidth: 10 Mbps
OSPF Enabled: true
OSPF Running: false
Flags:
- UP
- BROADCAST
- RUNNING
- MULTICAST
Address:
IP Address: 172.16.3.2/24
Broadcast IP Address: unavailable
Unnumbered Interface: false
V-Link Peer: unavailable
MTU Mismatch Detection: false
Router ID: 172.16.4.2
OSPF Type: Peer
OSPF State: Backup
Area ID: 0.0.0.0
Area Type: normal
Network Type: BROADCAST
Cost: 10
Transmit Delay: 1.0 s
Priority: 1
BDR ID: 172.16.4.2
BDR Address: 172.16.3.2
LSA Sequence: 0x00000000
Multicast Member (All): true
Multicast Member (DR): true
Timer Hello: 0.1 s
Timer Dead: 0.025 s
Timer Wait: 0.025 s
Timer Retransmit: 0.2 s
Timer Hello Due: 1.85 s
Timer Passive: false
Neighbor Count: 1
Adjacent Neighbor Count: 1
Completed in 0.32 seconds

show ospf neighbors

Usage

show ospf neighbors [network-interface <name>] [neighbor <ip>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • neighbor the neighbor IP address for which to fetch OSPF information
  • network-interface the network interface to fetch OSPF neighbor information for
  • router the router to request OSPF information from
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show information about OSPF neighbors

Example

admin@combo-east.ComboEast# show ospf neighbors
Fri 2020-04-17 19:30:22 UTC
============= ==================== ========== ======= ==================== =================== ===========
Router Name Neighbor Router ID Priority State Dead Timer Due (s) Interface Address Interface
State
============= ==================== ========== ======= ==================== =================== ===========
ComboEast 172.16.4.3 1 Full 31.302 172.16.3.2 DR
Completed in 0.32 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf neighbors detail
Fri 2020-04-17 19:30:36 UTC
==============================================================
Router: ComboEast
==============================================================
Neighbor:
Neighbor Router ID: 172.16.4.3
Priority: 1
State: Full
Dead Timer Due: 37.832 s
Interface Address: 172.16.3.2
Device Interface: 11
Network Interface: intf11
Interface State: DR
Area ID: 0.0.0.0
Area Type: normal
Database Summary List Count: 0
LSA Request List Count: 0
LSA Retransmission List Count: 0
State Change Count: 6 changes
Last Progressive Change: 35m 52s ago
Last Regressive Change: never
Last Regressive Change Reason: NoEvent
Designated Router ID: 172.16.3.3
Backup Designated Router ID: 172.16.3.2
Options:
- E
Thread Inactivity Timer: true
Thread Database Description Retransmission: false
Thread LSA Request Retransmission: true
Thread LSA Update Retransmission: true
Completed in 0.30 seconds

show ospf routes

Usage

show ospf routes [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • router the router to request OSPF information from
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

Show information about the OSPF routes

Example

admin@combo-east.ComboEast# show ospf routes
Fri 2020-04-17 19:33:20 UTC
============= =============== ============ ========= ====== ========= =======
Router Name Route Prefix Route Type Area ID Cost Discard Paths
============= =============== ============ ========= ====== ========= =======
ComboEast 172.16.1.0/24 Network 0.0.0.1 10 1
ComboEast 172.16.2.0/24 Network 0.0.0.0 20 1
ComboEast 172.16.3.0/24 Network 0.0.0.0 10 1
Completed in 0.40 seconds

Specifying the argument detail provides additional information

admin@combo-east.ComboEast# show ospf routes detail
Fri 2020-04-17 19:33:29 UTC
===========================================
Router: ComboEast
===========================================
Network Route:
Route Prefix: 172.16.1.0/24
Area ID: 0.0.0.1
Cost: 10
Inter-Area: false
Intra-Area: true
Path:
Device Interface: 10
Network Interface: intf10
Network Route:
Route Prefix: 172.16.2.0/24
Area ID: 0.0.0.0
Cost: 20
Inter-Area: true
Intra-Area: false
Path:
Via: 172.16.3.3
Device Interface: 11
Network Interface: intf11
Network Route:
Route Prefix: 172.16.3.0/24
Area ID: 0.0.0.0
Cost: 10
Inter-Area: false
Intra-Area: true
Path:
Device Interface: 11
Network Interface: intf11
No External Routes
Router:
Router ID: 172.16.4.3
Route:
Area ID: 0.0.0.0
Cost: 10
Inter-Area: false
ABR: true
ASBR: false
Path:
Via: 172.16.3.3
Device Interface: 11
Network Interface: intf11
Completed in 0.35 seconds

show peers

Usage

show peers [name <name>] [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • name peer to display (if omitted, all will be displayed)
  • router router on which to display peers
Positional Arguments
  • verbosity detail | summary (default: summary)
Subcommands
  • hostnames Display resolved hostnames of peers

Description

The show peers command displays properties of each of the "neighboring" 128T routers that the router in question has a peering association with.

This command shows information on peering associations between 128T routers, not peering associations with BGP peers. For information on BGP peering statistics, refer to "show bgp" in this document.

For each peer it shows which interface the peer is reachable via, the destination IP address for which the peer is reached, the VLAN to use to reach it, and whether the peer is currently "up", "down", or "initializing".

Example

admin@tp-cond-primary.tp-cond# show peers router all
Fri 2020-04-17 19:07:42 UTC
============================== ===================== ==================== ================ ========= ============= =============
Peer Node Network Interface Destination Status Hostname Path MTU
============================== ===================== ==================== ================ ========= ============= =============
burl-corp -> brawny burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable
burl-corp -> seattle-site burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable
burl-corp -> tp-colo burl-corp-primary comcast 1.2.3.4 up unavailable unavailable
burl-corp -> tp-colo burl-corp-primary comcast 1.2.3.4 up unavailable unavailable
burl-corp -> tp-colo burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable
burl-corp -> tp-colo burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable
burl-corp -> tpn_router burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable
tp-colo -> imjustarouter tp-colo-primary public-lab-dmz-pri 1.2.3.4 up unavailable unavailable
tp-colo -> imjustarouter tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable
tp-colo -> mobile128T tp-colo-primary public-lab-dmz-pri 1.2.3.4 up unavailable unavailable
tp-colo -> mobile128T tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable
tp-colo -> brawny tp-colo-primary public-lab-dmz-pri 1.2.3.4 up unavailable unavailable
tp-colo -> brawny tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable
tp-colo -> burl-corp tp-colo-primary public-blended 1.2.3.4 up unavailable unavailable
tp-colo -> burl-corp tp-colo-primary public-blended 1.2.3.4 up unavailable unavailable
tp-colo -> burl-corp tp-colo-secondary public-comcast 1.2.3.4 up unavailable unavailable
tp-colo -> burl-corp tp-colo-secondary public-comcast 1.2.3.4 up unavailable unavailable
tp-colo -> tp-lab tp-colo-primary colo-lab-pri 1.2.3.4 up unavailable unavailable
tp-colo -> tp-lab tp-colo-secondary colo-lab-sec 1.2.3.4 standby unavailable unavailable
tp-lab -> tp-colo tp-lab-primary lab-colo-pri 1.2.3.4 standby unavailable unavailable
tp-lab -> tp-colo tp-lab-secondary lab-colo-sec 1.2.3.4 up unavailable unavailable
Completed in 1.25 seconds

The detail option will show peer path statistics (loss, latency, jitter, calculated MOS, uptime) for each peer path.

admin@tp-cond-primary.tp-cond# show peers router all detail
Wed 2020-04-22 20:58:38 UTC
WARNING: Targeting router 'all' may take a long time. Continue anyway? [y/N]: y
============================== ===================== ==================== ============= ========= ============= ============= ============= ============ ========= ======= =============
Peer Node Network Interface Destination Status Hostname Path MTU Latency(ms) Jitter(ms) Loss(%) MOS Uptime
============================== ===================== ==================== ============= ========= ============= ============= ============= ============ ========= ======= =============
burl-corp -> brawny burl-corp-secondary lighttower 1.2.3.4 down unavailable unavailable 22 1 0 0.439 unavailable
burl-corp -> seattle-site burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable 88 0 0 0.436 12d4h31m
burl-corp -> tp-colo burl-corp-primary comcast 1.2.3.4 up unavailable unavailable 8 0 0 0.44 12d4h31m
burl-corp -> tp-colo burl-corp-primary comcast 1.2.3.4 up unavailable unavailable 1 0 0 0.44 12d4h31m
burl-corp -> tp-colo burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable 7 0 0 0.44 12d4h31m
burl-corp -> tp-colo burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable 3 0 0 0.44 12d4h31m
burl-corp -> tpn_router burl-corp-secondary lighttower 1.2.3.4 up unavailable unavailable 1 0 0 0.44 12d4h31m
tp-colo -> imjustarouter tp-colo-primary public-lab-dmz-pri 1.2.3.4 up unavailable unavailable 19 1 0 0.439 1d0h46m
tp-colo -> imjustarouter tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable 17 0 0 0.44 unavailable
tp-colo -> mobile128T tp-colo-primary public-lab-dmz-pri 1.2.3.4 up unavailable unavailable 18 0 0 0.44 1d0h46m
tp-colo -> mobile128T tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable 19 0 0 0.439 unavailable
tp-colo -> brawny tp-colo-primary public-lab-dmz-pri 1.2.3.4 down unavailable unavailable 33 0 0 0.439 unavailable
tp-colo -> brawny tp-colo-secondary public-lab-dmz-sec 1.2.3.4 standby unavailable unavailable 22 0 0 0.439 unavailable
tp-colo -> burl-corp tp-colo-primary public-blended 1.2.3.4 up unavailable unavailable 8 0 0 0.44 0d12h41m
tp-colo -> burl-corp tp-colo-primary public-blended 1.2.3.4 up unavailable unavailable 7 0 0 0.44 1d0h46m
tp-colo -> burl-corp tp-colo-secondary public-comcast 1.2.3.4 up unavailable unavailable 1 0 0 0.44 1d0h57m
tp-colo -> burl-corp tp-colo-secondary public-comcast 1.2.3.4 up unavailable unavailable 2 0 0 0.44 0d10h2m
tp-colo -> tp-lab tp-colo-primary colo-lab-pri 1.2.3.4 up unavailable unavailable 0 0 0 0.44 1d0h46m
tp-colo -> tp-lab tp-colo-secondary colo-lab-sec 1.2.3.4 standby unavailable unavailable 0 0 0 0.44 unavailable
tp-lab -> tp-colo tp-lab-primary lab-colo-pri 1.2.3.4 standby unavailable unavailable - - - - unavailable
tp-lab -> tp-colo tp-lab-secondary lab-colo-sec 1.2.3.4 up unavailable unavailable 0 0 0 0.44 1d0h46m
Completed in 1.34 seconds

Privileges Required

Available to admin and user accounts.

Version History

ReleaseModification
3.0.0This feature was introduced

show peers hostnames

Usage

show peers hostnames [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router router on which to display peer hostnames (default: all)

Description

Display resolved hostnames of peers

admin@tp-cond-primary.tp-cond# show peers hostnames router tp-lab
Fri 2020-04-17 19:16:15 UTC
=================== ======== ======================== ============
Peer Router Hostname IP Address
=================== ======== ======================== ============
tp-lab -> tp-colo tp-lab nodea.router1.128t.com 1.2.3.4
tp-lab -> tp-colo tp-lab nodea.router1.128t.com 1.2.3.4
Completed in 0.24 seconds

show platform

Usage

show platform [force] [router <router>] [node <node>] [<category>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node for which platform info will be displayed
  • router router for which platform info will be displayed
Positional Arguments
  • category all | cpu | device-interfaces | disk | memory | operating-system | vendor (default: all)

Description

The show platform command displays properties of the underlying platform upon which the 128T software is running. This can assist in finding PCI addresses and MAC addresses for the hardware in the system, as well as disk information, OS information, etc.

Example

admin@labsystem1.fiedler# show platform
Mon 2017-02-27 16:00:20 EST
========================================================
labsystem1
========================================================
------------------
Memory Information
------------------
Memory:
---------------
CPU Information
---------------
Type: Pentium (Fill By OEM)
Speed: 1.60
Cores: 4
...

Privileges Required

Available to admin and user accounts.

Version History

ReleaseModification
3.0.0This feature was introduced

show rib

Usage

show rib [force] [router <router>] [<route>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display RIB routes
Positional Arguments
  • route route ip-prefix [type: IP prefix]
Subcommands
  • bgp Show the BGP RIB routes from the routing manager
  • connected Show the connected RIB routes from the routing manager
  • ospf Show the OSPF RIB routes from the routing manager
  • static Show the static RIB routes from the routing manager
  • summary Show the current RIB summary from the routing manager

Description

The show rib subcommand displays the contents of the 128T router's Routing Information Base (RIB). This is the complete list of connected, direct, and learned routes on the system. (Note that the output may be quite verbose.)

When issuing the command without any arguments, the entire RIB is displayed.

Example

admin@labsystem1.fiedler# show rib
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, P - PIM, A - Babel,
> - selected route, * - FIB route
C>* 10.0.0.0/16 is directly connected, eth0
C>* 127.0.0.0/8 is directly connected, lo
C>* 172.16.1.0/24 is directly connected, 1-10.0
C>* 172.16.2.0/24 is directly connected, 1-11.0
C>* 172.16.3.0/24 is directly connected, dpdk3

When a specific route is given as an argument to the command, more detail is shown for that route:

admin@labsystem1.fiedler# show rib 10.0.0.0/16 summary
Routing entry for 10.0.0.0/16
Known via "connected", distance 0, metric 0, vrf 0, best
* directly connected, eth0
admin@labsystem1.fiedler#

show rib bgp

Usage

show rib bgp [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the RIB summary

Description

The show rib bgp subcommand displays the contents of the 128T router's Routing Information Base (RIB) filtered to show only those learned from BGP

Example

admin@labsystem1.fiedler# show rib bgp
Fri 2020-04-17 17:23:28 UTC
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
B> 0.0.0.0/0 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.23/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.24/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.25/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.26/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.27/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.28/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 85.12.94.202/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 64.112.104.111/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 64.112.104.112/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 64.112.104.113/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
B> 64.112.104.114/32 [20/0] via 172.2.34.23 (recursive), 2d10h30m
* via 172.2.34.23, g684 onlink, 2d10h30m
...

show rib connected

Usage

show rib connected [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the RIB summary

Description

The show rib connected subcommand displays the contents of the 128T router's Routing Information Base (RIB) filtered to show only the connected routes

Example

admin@gouda.novigrad# show rib connected
Fri 2020-04-17 18:35:34 UTC
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
C>* 96.230.191.0/24 is directly connected, g1, 6d05h38m
C>* 169.254.127.126/31 is directly connected, g4294967294, 6d05h38m
C>* 169.254.128.132/32 is directly connected, g5, 6d05h38m
C>* 172.16.0.0/24 is directly connected, g4, 6d05h38m
C>* 192.168.0.0/24 is directly connected, g2, 6d05h38m
Completed in 0.22 seconds

show rib ospf

Usage

show rib ospf [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the RIB summary

Description

The show rib ospf subcommand displays the contents of the 128T router's Routing Information Base (RIB) filtered to show only those learned from OSPF

Example

@combo-east.ComboEast# show rib ospf
Fri 2020-04-17 19:10:07 UTC
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
O 172.16.1.0/24 [110/10] is directly connected, g1, 00:03:46
O>* 172.16.2.0/24 [110/20] via 172.16.3.3, g2, 00:15:15
O 172.16.3.0/24 [110/10] is directly connected, g2, 00:15:25

show rib static

Usage

show rib static [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the RIB summary

Description

The show rib static subcommand displays the contents of the 128T router's Routing Information Base (RIB) filtered to show only static routes

Example

admin@gouda.novigrad# show rib static
Fri 2020-04-17 18:54:38 UTC
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, D - SHARP,
F - PBR,
> - selected route, * - FIB route
S>* 1.1.1.1/32 [10/0] is directly connected, g1, 00:00:07
S>* 10.10.10.10/32 [5/0] unreachable (blackhole), 00:01:24
Completed in 0.31 seconds

show rib summary

Usage

show rib sumary [force] [router <router>]
Keyword Arguments
  • force Skip confirmation prompt
  • router The name of the router for which to display the RIB summary

Description

The show rib summary command outputs a concise table with statistics on the RIB.

Example

admin@gouda.novigrad# show rib summary
Fri 2020-04-17 18:40:02 UTC
IP Address Family
Route Source Routes FIB (vrf Default-IP-Routing-Table)
kernel 9 9
connected 5 5
------
Totals 14 14
IPv6 Address Family
Route Source Routes FIB (vrf Default-IP-Routing-Table)
------
Totals 0 0
Completed in 0.29 seconds

show security key-status

Usage

show security key-status [force] [router <router>] [node <node>]
Keyword Arguments
  • force Skip confirmation prompt
  • node node for which to display security key status
  • router router for which to display security key status

Description

The show security key-status subcommand displays information and statistics related to the 128T's security rekeying feature. It will indicate the current key index (which will be common among all routers managed by a 128T conductor) and relevant statistics on when the last rekey event occurred, when the next will occur, etc.

Example

admin@cnd1.conductor# show security key-status
Wed 2018-02-07 12:46:20 EST
=========================================
cnd1.conductor
=========================================
Key manager state: active_leader
Rekey index: 1
Last rekey: n/a
Next rekey: n/a
Key change count: 1
Config key change count: 0
Key change error: n/a
Config key change error: n/a
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show sessions

Usage

show sessions [{service-name <name> | hierarchy-service-name <name> | contains-service-name <name>}] [rows <rows>] [force] [router <router>] [node <node>]
Keyword Arguments
  • contains-service-name The partial substring match to show sessions for
  • force Skip confirmation prompt
  • hierarchy-service-name The hierarchy root to show sessions for
  • node The node from which to retrieve session flows
  • router The router from which to retrieve session flows
  • rows The number of session flows to display at once [type: int or 'all'] (default: 50)
  • service-name The exact service name to show sessions for
Subcommands
  • top <bandwidth>

Description

The show sessions command displays active sessions passing through the 128T router (or the node specified by the optional node-name argument. The output from the command shows the sessions internal ID (useful for searching through log files), the service, tenant, and source/destination IP information for each active session.

The NAT IP and Port fields will be populated whenever a session is subject to source NAT (see source-nat later in this reference guide for more information). It also shows the timeout value that will cause the session to expire if it remains idle for that number of seconds.

Various services and tenants may display with surrounding braces to indicate that these are internally-generated services and tenants. These internal services and tenants are created when peering between adjacent nodes, establishing BGP sessions, BFD sessions, etc.

info

The contents of the table will vary based upon the software version in use. This applies when, for example, a conductor running a new software version requests session table data from routers running older software versions.

Example

admin@gouda.novigrad# show sessions
Fri 2020-04-17 16:55:34 UTC
Node: gouda
====================================== ===== ============= =========== ========== ====== ======= ================= ========== ================= =========== ================= ========== =================== ========= =================
Session Id Dir Service Tenant Dev Name VLAN Proto Src IP Src Port Dest IP Dest Port NAT IP NAT Port Payload Encrypted Timeout Uptime
====================================== ===== ============= =========== ========== ====== ======= ================= ========== ================= =========== ================= ========== =================== ========= =================
01187fb8-765a-45e5-ae90-37d77f15e292 fwd Internet lanSubnet lan 0 udp 192.168.0.28 44674 35.166.173.18 9930 96.230.191.130 19569 false 154 0 days 0:00:28
01187fb8-765a-45e5-ae90-37d77f15e292 rev Internet lanSubnet wan 0 udp 35.166.173.18 9930 96.230.191.130 19569 0.0.0.0 0 false 154 0 days 0:00:28
0859a4ae-bcff-4aa6-b812-79a5236a6c13 fwd Internet lanSubnet lan 0 tcp 192.168.0.41 60843 17.249.171.246 443 96.230.191.130 51941 false 2 0 days 0:00:10
0859a4ae-bcff-4aa6-b812-79a5236a6c13 rev Internet lanSubnet wan 0 tcp 17.249.171.246 443 96.230.191.130 51941 0.0.0.0 0 false 2 0 days 0:00:10
146ebae5-822b-49e3-a0bf-b5329181b9d5 fwd Internet lanSubnet lan 0 tcp 192.168.0.41 60838 17.248.185.112 443 96.230.191.130 53054 false 1879 0 days 0:00:24
146ebae5-822b-49e3-a0bf-b5329181b9d5 rev Internet lanSubnet wan 0 tcp 17.248.185.112 443 96.230.191.130 53054 0.0.0.0 0 false 1879 0 days 0:00:24
1ee1761c-a193-413c-889f-41fd61fe5242 fwd Internet lanSubnet lan 0 udp 192.168.0.72 55723 208.67.222.222 443 96.230.191.130 22918 false 1891 0 days 0:00:11
1ee1761c-a193-413c-889f-41fd61fe5242 rev Internet lanSubnet wan 0 udp 208.67.222.222 443 96.230.191.130 22918 0.0.0.0 0 false 1891 0 days 0:00:11

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword to enforce PCLI consistency
3.1.0Was show flows - Substantially reformatted output

show sessions top bandwidth

Usage

show sessions top bandwidth [force] [router <router>] [<verbosity>]
Keyword Arguments
  • force Skip confirmation prompt
  • router router for which to display top sessions by bandwidth
Positional Arguments
  • verbosity detail | summary (default: summary)

Description

The top bandwidth subcommand will list, in order, the top ten highest consumers of bandwidth among all active sessions. This is useful to understand the current utilization on your 128T network resources.

Example

admin@gouda.novigrad# show sessions top bandwidth
Fri 2020-04-17 16:59:01 UTC
Node: gouda
============= ==================== ==================== ========== ========== ===================
Bandwidth Source Destination Protocol Service Tenant
============= ==================== ==================== ========== ========== ===================
695.50 kbps 192.168.0.32:59066 3.21.226.121:8801 udp Internet MikeMBP.lanSubnet
343.72 kbps 192.168.0.72:61321 52.207.7.190:443 tcp Internet lanSubnet
151.55 kbps 192.168.0.32:51109 3.21.226.121:8801 udp Internet MikeMBP.lanSubnet
130.15 kbps 192.168.0.72:61320 54.174.137.247:443 tcp Internet lanSubnet
8.42 kbps 192.168.0.32:51417 3.21.226.121:8801 udp Internet MikeMBP.lanSubnet
7.74 kbps 192.168.0.72:51018 208.67.222.222:443 udp Internet lanSubnet
6.72 kbps 192.168.0.72:51015 208.67.222.222:443 udp Internet lanSubnet
6.49 kbps 192.168.0.32:55306 35.174.127.31:443 tcp Internet MikeMBP.lanSubnet
5.94 kbps 192.168.0.32:56504 3.21.226.121:443 tcp Internet MikeMBP.lanSubnet
3.27 kbps 192.168.0.68:64345 17.167.192.225:443 tcp Internet lanSubnet
Completed in 0.10 seconds

show stats

Syntax

show stats [since [ <timestamp> | launch] ] [<verbosity>] ...

Description

The show stats command, and its myriad of subcommands, retrieve statistical data from various functions within the 128T router and return them to the user. Used for troubleshooting, debugging configuration, or just to monitor the health and well-being of the 128T router, these show commands provide a wealth of information and insight to users of the software.

Below is a representative sample of one of the show stats commands.

note

The number and types of columns displayed may vary from software release to software release, as new statistics become available.

admin@corp2-primary.corp2# show stats packet-processing lookup access-policy-table
Mon 2017-02-27 10:29:48 EST
Retrieving statistics...
Access Policy Table Stats
-------------------------
========= =============== ====== =======
Metric Node Port Value
========= =============== ====== =======
allow corp2-primary 10 37177
​ corp2-primary 11 0
​ corp2-primary 12 84
​ corp2-primary 13 305
​ corp2-primary 255 0
deny corp2-primary 10 0
​ corp2-primary 11 0
​ corp2-primary 12 0
​ corp2-primary 13 0
​ corp2-primary 255 0
failure corp2-primary 10 0
​ corp2-primary 11 0
​ corp2-primary 12 0
​ corp2-primary 13 0
​ corp2-primary 255 0
miss corp2-primary 10 0
​ corp2-primary 11 0
​ corp2-primary 12 0
​ corp2-primary 13 0
​ corp2-primary 255 0
Completed in 0.48 seconds
note

In this example the Port value of 255 represents packets that are being sent to the CPU on the receiving 128T for additional processing – namely, the first packet of a new session. Many of the show stats commands will reference port 255, and in all cases this value 255 represents an "internal" port created by the 128T router for interprocess communication purposes.

Each table of output can be displayed in three different modes of verbosity: debug, detail, and summary. The default is detail, which consolidates all traffic from various CPU cores that have been allocated to packet processing into a single value.

The value debug shows a breakdown of all statistics into their most granular constituent components. For the access-policy-table, this will show how many access-policy-table hits have occurred by CPU core.

admin@labsystem1.fiedler# show stats packet-processing lookup access-policy-table allow debug
Wed 2016-11-02 09:22:12 EDT
Retrieving statistics...
Access Policy Table Allow
-------------------------
====== ============ ====== =======
Core Node Port Value
====== ============ ====== =======
​ 0 labsystem1 2 0
​ 0 labsystem1 255 0
​ 1 labsystem1 2 0
​ 1 labsystem1 255 0
​ 2 labsystem1 2 0
​ 2 labsystem1 255 0
Completed in 0.13 seconds

The value summary, the least verbose, summarizes all of the statistics system-wide.

admin@labsystem1.fiedler# show stats packet-processing lookup access-policy-table allow summary
Wed 2016-11-02 09:22:32 EDT
Retrieving statistics...
Access Policy Table Allow
-------------------------
============ =======
Node Value
============ =======
labsystem1 0
Completed in 0.17 seconds

As of software version 3.1, the show stats command provides an additional feature, the ability to set a "zero point" for displaying statistical output using the since command. The since command takes either a timestamp as its argument (in ISO 8601 format), or the keyword launch, which shows statistics accumulated since the 128T routing software was launched. For more information on the zero point, refer to the section of this guide on set context stats.

admin@labsystem1.fiedler# show stats packet-processing lookup access-policy-table allow since 2017-07-26T12:00:00Z
Thu 2017-07-27 11:22:32 EDT
Retrieving statistics...
Access Policy Table Allow
-------------------------
============ ====== =======
Node Port Value
============ ====== =======
labsystem1 10 0
labsystem1 11 0
labsystem1 254 0
labsystem1 255 0
Completed in 0.16 seconds

Generally speaking, the statistical data available via the 128T router's PCLI is organized into a tree-like hierarchy, with each subcommand having (potentially) its own series of subcommands. By omitting the (optional) subcommands, the 128T router will summarize all data from all possible subcommands and present it in a summary table (this is new behavior as of our 1.1 software release); while this is very convenient to show a lot of potential data at a glance, it does incur additional processing overhead, and the retrieval of statistics may take an inordinately long time.

Each of the various show stats subcommands will be described in sections that follow.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
1.1.0Made significant improvements to the ability to filter the data, summarize the data. Improved the output format for all stats tables.

show stats aggregate-session

Syntax

show stats aggregate-session [by-device-interface | by-network-interface | by-node | by-project | by-service | by-service-class | by-service-group | by-service-route | by-tenant ] [<data specifier>] [<additional filter criteria>] [<verbosity>]

Description

The show stats aggregate-session command and its various subcommands show aggregate data about session traffic traversing the 128T router, through a variety of different aggregation lenses. Each of the subcommands lets users show different "cuts" of the session data; e.g., the by-service-route subcommand will show all traffic associated with the configured service-route elements on a given system.

Each of the subcommands includes the following data:

Data SpecifierDescription
bandwidthThe amount of bandwidth in bytes/second.
rx-dataThe amount of data received in bytes.
rx-packetsThe number of packets received.
rx-tcp-dataThe amount of data received over TCP.
rx-tcp-packetsThe number of TCP packets received.
rx-tcp-retransmissionsThe number of duplicate TCP packets received.
rx-udp-dataThe amount of data received over UDP.
rx-udp-packetsThe number of UDP packets received.
session-arrival-rateThe arrival rate (in new sessions per second) for traffic.
session-countThe number of active sessions.
session-departure-rateThe number of sessions terminated per second.
total-dataThe total amount of data for all sessions.
total-packetsThe total number of packets received and sent.
total-tcp-dataThe total amount of data received and sent over TCP.
total-tcp-packetsThe total number of TCP packets sent and received.
total-tcp-retransmissionsThe total number of TCP retransmissions sent and received.
total-udp-dataThe total amount of data received and sent over UDP.
total-udp-packetsThe total number of UDP packets sent and received over UDP.
tx-dataThe total amount of data transmitted.
tx-packetsThe total number of packets transmitted.
tx-tcp-dataThe total amount of data transmitted over TCP.
tx-tcp-packetsThe total number of packets transmitted over TCP.
tx-tcp-retransmissionsThe total number of TCP retranmissions sent.
tx-udp-dataThe total amount of UDP data sent.
tx-udp-packetsThe total number of packets sent using UDP.

Within each of the various lenses, the output can be filtered down to an constituent element of that type; for example, the show stats aggregate-session by-device-interface can filter the output to display the statistics for a single device-interface. This is done after the data specifier, as follows:

user@labsystem1.fiedler> show stats aggregate-session by-device-interface bandwidth device-interface labsystem1.10
Fri 2017-07-21 14:51:56 EDT
Retrieving statistics...
Session Bandwidth
-----------------
====================== =========
Device-interface Value
====================== =========
labsystem1.10 5301328
Completed in 0.05 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced

show stats arp

Syntax

show stats arp [{ encapsulation | entries | queued | received | sent }] [node <node-name>] [<verbosity>]

Description

The show stats arp command has a variety of subcommands to display statistical information on various aspects of the 128T router's handling of sent and received ARP messages. Each of those will be described in the sections that follow.

Omitting the subcommand will cause the 128T router to aggregate statistics from all of the subcommands and present them in tabular view; as there are a lot of subcommands, this command may take a very long time to accumulate – particularly on a busy system.

admin@labsystem1.fiedler# show stats arp
Wed 2016-11-02 09:22:51 EDT
Retrieving statistics...
ARP + ICMPv6 Management Stats
-----------------------------
================================================= ============ =======
Metric Node Value
================================================= ============ =======
encapsulation sent failure labsystem1 0
encapsulation sent success labsystem1 0
entries labsystem1 0
queued failure drop labsystem1 0
queued failure queue-full labsystem1 0
queued packets labsystem1 0
received arp-reply labsystem1 0
received arp-request labsystem1 321
received errors arp-reply labsystem1 0
received errors arp-request labsystem1 321
received errors neighbor-advertisement labsystem1 0
received errors neighbor-solicit labsystem1 0
received errors processing labsystem1 0
received errors unknown-type labsystem1 0
received neighbor-advertisement labsystem1 0
received neighbor-solicit labsystem1 0
sent failure allocation labsystem1 0
sent failure arp-reply labsystem1 0
sent failure arp-request labsystem1 0
sent failure gratuitous-arp labsystem1 0
sent failure neighbor-advertisement labsystem1 0
sent failure neighbor-solicit labsystem1 0
sent failure standby labsystem1 0
sent failure unsolicited-neighbor-advertisement labsystem1 0
sent success arp-reply labsystem1 0
sent success arp-request labsystem1 0
sent success gratuitous-arp labsystem1 0
sent success neighbor-advertisement labsystem1 0
sent success neighbor-solicit labsystem1 0
sent success unsolicited-neighbor-advertisement labsystem1 0
Completed in 0.32 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats arp encapsulation

Syntax

show stats arp encapsulation sent [{ failure | success }] [node <node-name>] [<verbosity>]

Description

The show stats arp encapsulation command has a variety of command-line modifiers that show statistics related to the transmission of Layer 2 encapsulation of IP packets.

When no subcommand is specified, the 128T router will return statistics on all subcommands and present them in a summary table:

admin@labsystem1.fiedler# show stats arp encapsulation sent
Wed 2016-11-02 09:23:23 EDT
Retrieving statistics...
IP Packet Sent Stats
--------------------
========= ============ =======
Metric Node Value
========= ============ =======
failure labsystem1 0
success labsystem1 0
Completed in 0.08 seconds

Each of the two commands beneath show stats arp encapsulation display a similar table, one example of which is shown below:

admin@labsystem1.fiedler# show stats arp encapsulation sent success
Wed 2016-11-02 09:23:41 EDT
Retrieving statistics...
IP Packets sent after successful ARP resolution
-----------------------------------------------
============ =======
Node Value
============ =======
labsystem1 0
Completed in 0.04 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats arp entries

Syntax

show stats arp entries [node <node-name>] [<verbosity>]

Description

The show stats arp entries command displays tabular data regarding the number of ARP entries that the 128T router has in its ARP cache. Sample output is below:

admin@labsystem1.fiedler# show stats arp entries
Retrieving statistics...
The number of active ARP entries
--------------------------------
============= =======
Node Value
============= =======
linecard-test 2
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats arp queued

Syntax

show stats arp queued [{ failure { drop | queue-full } | packets }] [node <node-name>] [<verbosity>]

Description

The show stats arp queued command has three modes, depending on the command line arguments used when it is invoked. The two failure modes (drop and queue full) will display counts for the number of packets that are dropped due to the failure to receive a response to an ARP request issued by the 128T router, and the number of packets that failed to enqueue due to a failed ARP request, respectively.

The show stats arp queued packets command shows the number of packets waiting in queues for a pending ARP transation.

All three of these commands will display tabular data such as the following:

admin@labsystem1.fiedler# show stats arp queued failure queue-full
Retrieving statistics...
The number of packets that failed to enqueue
--------------------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats arp received

Syntax

show stats arp received [{ arp-reply | arp-request | errors { arp-reply | arp-request | neighbor-advertisement | neighbor-solicit | processing | unknown-type } | neighbor-advertisement | neighbor-solicit }] [node <node-name>] [<verbosity>]

Description

The show stats arp received command has a variety of command line modifiers to show various sets of statistics regarding the ARP traffic that this system has received. The arp-reply and arp-request modifiers show the number of ARP replies and requests that the 128T router has received, respectively. Each of these commands outputs its data in a table that looks like the following:

admin@labsystem1.fiedler# show stats arp received arp-reply
Retrieving statistics...
The number of ARP replies received
----------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

The show stats arp received errors command has a list of modifiers to allow users to see the statistics regarding to the number of invalid or ignored ARP/ICMPv6 packets in various forms. These statistics are particularly useful during troubleshooting exercises; large numbers of ARP receive errors may be emblematic of larger network issues.

The ARP reply and ARP request modifiers show statistics related to the number of errors related to the receipt of ARP replies and requests. The neighbor-advertisement and neighbor-solicit modifiers show errors related to the receipt of ICMPv6 errors. When the 128T router has difficulties with processing ARP or ICMPv6 packets, they will increment the values in the processing table. Unclassified (or unclassifiable) ARP/ICMPv6 packets received will increment the values in the unknown-type table.

All of the modifiers (arp-reply, arp-request, neighbor-advertisement, neighbor-solicit, processing, unknown-type) show their data in a similar format:

admin@labsystem1.fiedler# show stats arp received errors unknown-type
Retrieving statistics...
The number of Packets received of an unknown type
-------------------------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

The show stats arp received neighbor-advertisement and neighbor-solicit modifiers are used to show statistics regarding the number of ICMPv6 packets received. Note that at this time the 128T router can classify ICMPv6 packets, even in the absence of full IPv6 support.

admin@labsystem1.fiedler# show stats arp received neighbor-advertisement
Retrieving statistics...
The number of ICMPv6 Neighbor Advertisements received
-----------------------------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======
admin@labsystem1.fiedler# show stats arp received neighbor-solicit
Retrieving statistics...
The number of ICMPv6 Neighbor Solicits received
-----------------------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats arp sent

Syntax

show stats arp sent [{ failure { allocation | arp-reply | arp-request | gratuitous-arp | neighbor-advertisement | neighbor-solicit | standby | unsolicited-neighbor-advertisement} | success { arp-reply | arp-request | gratuitous-arp | neighbor-advertisement | neighbor-solicit | unsolicited-neighbor-advertisement } }] [node <node-name>] [<verbosity>]

Description

The show stats arp sent command has two modes: success and failure. Each of these modes shows tabular data relating to successful or failed ARP events, and outputs its counters in tabular format such as the following:

admin@labsystem1.fiedler# show stats arp sent success arp-reply
Retrieving statistics...
The number of ARP replies sent
------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

The success modifier tallies the number of ARP transmission events for requests, replies, and gratuitous ARPs. The failure modifier increments when various ARP transmission events occur; allocation shows the number of allocation failures when the 128T router fails to send an ARP packet, arp-request and arp-reply show the number of errors when sending requests and replies, and gratuitous-arp shows the number of failed gratuitous ARP transmission attempts. The various modifiers associated with ICMPv6 are not in use at this time.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats bfd

Syntax

show stats bfd [{ by-peer-path | neighbor | received [{ invalid | processed | total | valid }] } ] [<verbosity>]

Description

The show stats bfd command is used for determining the health of the 128T router's (BFD) Bidirectional Forwarding Detection processing. The various modifiers associated with show stats bfd are enumerated in the sections that follow.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added by-peer-path statistics, and verbosity modifier

show stats bfd by-peer-path

Syntax

show stats bfd by-peer-path [jitter | latency | loss] [<verbosity>]

Description

The show stats bfd by-peer-path command shows the values for jitter, latency, and packet loss as measured and reported by the BFD processing between this 128T router and one of its configured peers. This is helpful for troubleshooting connectivity issues and/or understanding why a particular path has been deprioritized over another, when link quality measurements are factored into a routing decision.

admin@labsystem1.fiedler # show stats bfd by-peer-path
Mon 2017-02-27 10:38:23 EST
Retrieving statistics...
by-peer-path
------------
========= ==================================== =======
Metric Peer-path Value
========= ==================================== =======
jitter peer_corp/10.0.1.1/labsystem1/10/0 0
latency peer_corp/10.0.1.1/labsystem1/10/0 0
loss peer_corp/10.0.1.1/labsystem1/10/0 0
mos peer_corp/10.0.1.1/labsystem1/10/0 0
Completed in 0.17 seconds

The peer-path is displayed in the following format:

  • peerName/adjacencyAddress/nodeName/nodeInterface/nodeVLAN

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced

show stats bfd neighbor

Syntax

show stats bfd neighbor [num-failover-events | num-source-nat-changes] [node <nodename>] [<verbosity>]

Description

The show stats bfd neighbor counts the number of times that a neighbor has had a failover (a switchover where a pair of devices has exchanged active control of packet processing) or a NAT address has changed, as detected by BFD.

admin@labsystem1.fiedler# show stats bfd neighbor num-failover-events
Mon 2017-02-27 10:44:32 EST
Retrieving statistics...
Number of failover events in neighbors
--------------------------------------
================== =======
Node Value
================== =======
labsystem1 3
Completed in 0.12 seconds

Generally speaking, devices behind dynamic NATs will be accessible via a specific IP:port in perpetuity as long as the port is refreshed frequently enough to keep that NAT's binding alive. However, NATs can be rebooted and pinholes can close; this statistic will let you know if the 128T router detected its neighbor has changed NAT ports over time.

admin@test1.Fabric128# show stats bfd neighbor num-source-nat-changes
Fri 2016-10-28 14:18:52 EDT
Retrieving statistics...
Number of source NAT changes in neighbors
-----------------------------------------
======= =======
Node Value
======= =======
test1 0
Completed in 1.72 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced
3.0.0added statistics to count failover events (via num-failover-events)

show stats bfd received invalid

Syntax

show stats bfd received invalid { authentication-field | detect-multiple | discriminator | header-large | header-small | header-version | length-packets | packets | payload-small } [node <node-name>] [<verbosity>]

Description

The show stats bfd received invalid command, with its modifiers, shows the administrator the count for all BFD packets that were deemed invalid, broken down into categories for which the 128T router failed to handle them. The authentication-field modifier counts the number of BFD packets that had an invalid authorization field, the detect-multiple packets had an invalid multiplier value, and the discriminator had an invalid discriminator. The various header- modifiers count whether or not the header of the BFD packet was too large, too small, or had the wrong version information within it. The length-packets modifier counts the number of packets marked invalid due to an incorrect length. Packets that arrive under the minimum size threshold for BFD packets are invalidated and shown in the payload-small counter. The total of all invalid packets is captured in the table shown by the packets modifier.

All of the modifiers will display a table similar to the following:

admin@labsystem1.fiedler# show stats bfd received invalid packets
Retrieving statistics...
The number of invalid BFD packets received
------------------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats bfd received processed

Syntax

show stats bfd received processed [node <node-name>] [<verbosity>]

Description

The show stats bfd received processed command shows the current count of the number of BFD packets that the 128T router has received and successfully processed.

admin@labsystem1.fiedler# show stats bfd received processed
Retrieving statistics...
The number of BFD packets processed
-----------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats bfd received total

Syntax

show stats bfd received total [node <node-name>] [<verbosity>]

Description

The show stats bfd received total counter displays the number of BFD packets that the 128T router has received (valid and invalid).

admin@labsystem1.fiedler# show stats bfd received total
Retrieving statistics...
The number of BFD packets received
----------------------------------
============= =======
Node Value
============= =======
linecard-test 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats bfd received valid

Syntax

show stats bfd received valid packets [node <node-name>] [<verbosity>]

Description

The show stats bfd received valid counter shows the number of valid BFD packets that the 128T router has received.

admin@labsystem1.fiedler# show stats bfd received valid packets
Retrieving statistics...
The number of valid BFD packets received
----------------------------------------
============= =======
Node Value
============= =======
labsystem1 0
============= =======

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
3.0.0Added node keyword and verbosity specifiers

show stats cpu

Syntax

show stats cpu utilization [core <core-number>] [<verbosity>]

Description

The show stats cpu statistic shows the utilization value for each CPU core on the system that is being leveraged by the 128T networking software:

user@dc1.datacenter> show stats cpu
Wed 2018-02-07 13:04:47 EST
Retrieving statistics...
CPU utilization
---------------
============= =================== ====== =======
Metric Node Core Value
============= =================== ====== =======
utilization dc1 0 48
​ dc1 1 43
​ dc1 2 31
​ dc1 3 100
Completed in 0.04 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show stats database

Syntax

show stats database memory-utilization [node <node>] [<verbosity>]

Description

The show stats database statistic displays details about the 128T router's on-board database activity. As of software version 3.1, this is limited to the amount of memory that the database has allocated:

user@labsystem1.fiedler> show stats database
Mon 2017-07-24 10:36:10 EDT
Retrieving statistics...
Database Tracking Metrics
-------------------------
================= =================== =============
Metric Node Value
================= =================== =============
memory-consumed labsystem1 13243043840
Completed in 0.06 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.1.0This feature was introduced

show stats device-interface

Syntax

show stats device-interface [{ message-failure | message-success }] [node <node>] [<verbosity>]

Description

The show stats device-interface statistics count the number of device-interface configuration (interface management) events, and tally both successes (shown under message-success) and failures (shown under message-failure).

As with most statistical output, omitting the message-failure/message-success parameter will show a table containing both items:

admin@labsystem1.fiedler# show stats device-interface
Wed 2016-11-02 09:24:53 EDT
Retrieving statistics...
Device Interface Management Stats
---------------------------------
================= ============ =======
Metric Node Value
================= ============ =======
message-failure labsystem1 0
message-success labsystem1 5
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show stats disk

Syntax

show stats disk [{ capacity | component | used }] [node <node-name>] [<verbosity>]

Description

The show stats disk statistics displays information about the capacity of the fixed disk(s) associated with the nodes that comprise the 128T router, as well as the free space/used space on those disks.

admin@labsystem1.fiedler# show stats disk
Mon 2016-10-31 10:23:52 EDT
Retrieving statistics...
Disk usage
----------
=========== =================== ===============
Metric Node Value
=========== =================== ===============
capacity t128_corp_primary 1787980414976
component t128_corp_primary 98257735680
used t128_corp_primary 196037148672
Completed in 0.18 seconds

Added in software version 3.1 is show stats disk component, which highlights the most common consumers of disk space by the 128T software (core dumps, system files, log files, and historical data).

user@labsystem1.fiedler> show stats disk component
Mon 2017-07-24 10:39:22 EDT
Retrieving statistics...
Component disk usage
--------------------
============ ================== =============
Node Component Value
============ ================== =============
labsystem1 Core Dumps 6
labsystem1 System 89358360915
labsystem1 T128 Logs 10089514
labsystem1 Time Series Data 8888420989
Completed in 0.09 seconds

Privileges Required

Available to admin and user. Updated in 3.0 to add node keyword and verbosity specifiers.

Version History

ReleaseModification
1.1.0This feature was introduced
3.0.0Added show stats disk component

show stats dpi

Syntax

show stats dpi [{ parsed | received }] [router <router-name>] [node <node-name>] [<verbosity>]

Description

Introduced with the application classification feature in software version 3.2, this command shows the statistics pertaining to the 128T's Deep Packet Inspection (DPI) function, which looks into the contents of X.509 certificates to find Common Name attributes, to associate with applications.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show stats dynamic-peer-update

Syntax

show stats dynamic-peer-update [{ connection | leadership | requests | responses }] [router <router-name>] [node <node-name>] [<verbosity>]

Description

The 128T networking platform's dynamic peer update feature is what allows 128T devices that obtain IP addresses via a dynamic protocol (e.g., DHCP, LTE, PPPoE, etc.) to establish permanent peering relationships with other 128T devices. Introduced in our 3.2 software, the show stats dynamic-peer-update subcommand will enumerate the various stages and states of behavior associated with this new feature.

admin@cnd1.conductor# show stats dynamic-peer-update
Wed 2018-02-07 13:51:38 EST
Retrieving statistics...
Dynamic Peer Update Stats
-------------------------
======================================= =========== ====== =======
Metric Router Node Value
======================================= =========== ====== =======
connection first-conductor-connect conductor cnd1 0
connection first-server-connect conductor cnd1 1
connection last-conductor-disconnect conductor cnd1 0
leadership lost conductor cnd1 0
leadership won conductor cnd1 1
requests received push conductor cnd1 0
requests received sync conductor cnd1 0
requests received sync-peer-addresses conductor cnd1 0
requests sent push conductor cnd1 0
requests sent sync conductor cnd1 0
responses received not-found conductor cnd1 0
responses received other-failure conductor cnd1 0
responses received success conductor cnd1 0
responses received time-out conductor cnd1 0
Completed in 0.54 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show stats external-protocols

Syntax

show stats external-protocols [{ agent | manager } [ { channel-messages | errors | packets }] [node <node>] [<verbosity>]

Description

Each 128T router has a set of processes known as the External Protocol Manager (EPM) and External Protocol Agent (EPA) that communicate with each other to report on various types of environmental issues. The show stats external-protocols tables represent a breakdown of the different types of messaging that the EPM and EPA exchange. The table can be broken down further into the EPM statistics (with the optional argument manager, or the EPA statistics with the optional argument agent.

This command is usually only run at the request of 128 Technology's support organization to diagnose a specific problem.

admin@labsystem1.fiedler# show stats external-protocols
Wed 2016-11-02 09:25:15 EDT
Retrieving statistics...
External Protocol's Stats
-------------------------
========================================================= ============ =======
Metric Node Value
========================================================= ============ =======
agent channel-messages received labsystem1 9
agent channel-messages sent labsystem1 5
agent errors classify-drop labsystem1 0
agent errors early-inbound labsystem1 0
agent errors early-outbound labsystem1 0
agent errors fastlane-not-ready-drop labsystem1 0
agent errors global-interface-lookup-drop labsystem1 0
agent errors illegal-ethernet-drop labsystem1 0
agent errors illegal-external-protocols-channel-message labsystem1 4
agent errors illegal-ip-drop labsystem1 0
agent errors inbound-drop labsystem1 0
agent errors outbound-drop labsystem1 0
agent errors outbound-l2-resolution-reply-drop labsystem1 0
agent errors session-collision labsystem1 0
agent packets inbound labsystem1 0
agent packets outbound labsystem1 0
manager channel-messages received labsystem1 5
manager errors early-inbound labsystem1 4
manager packets inbound labsystem1 0
manager packets outbound labsystem1 8
Completed in 0.32 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show stats external-protocols agent

Syntax

show stats external-protocols agent [{ channel-messages | errors | packets }] [node <node>] [<verbosity>]

Description

This external-protocols subcommand displays statistical output for the messaging send and received by the External Protocols Agent (EPA) – to and from the EPM.

This command is usually only run at the request of 128 Technology's support organization to diagnose a specific problem.

admin@labsystem1.fiedler# show stats external-protocols agent
Wed 2016-11-02 09:30:54 EDT
Retrieving statistics...
agent
-----
=================================================== ============ =======
Metric Node Value
=================================================== ============ =======
channel-messages received labsystem1 9
channel-messages sent labsystem1 5
errors classify-drop labsystem1 0
errors early-inbound labsystem1 0
errors early-outbound labsystem1 0
errors fastlane-not-ready-drop labsystem1 0
errors global-interface-lookup-drop labsystem1 0
errors illegal-ethernet-drop labsystem1 0
errors illegal-external-protocols-channel-message labsystem1 4
errors illegal-ip-drop labsystem1 0
errors inbound-drop labsystem1 0
errors outbound-drop labsystem1 0
errors outbound-l2-resolution-reply-drop labsystem1 0
errors session-collision labsystem1 0
packets inbound labsystem1 0
packets outbound labsystem1 0
Completed in 0.19 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats external-protocols manager

Syntax

show stats external-protocols manager [{ channel-messages | errors | packets }] [node <node>] [<verbosity>]

Description

This external-protocols subcommand displays statistical output for the messaging send and received by the External Protocols Agent (EPM) – to and from the EPA.

This command is usually only run at the request of 128 Technology's support organization to diagnose a specific problem.

admin@labsystem1.fiedler# show stats external-protocols manager
Wed 2016-11-02 09:32:17 EDT
Retrieving statistics...
manager
-------
=========================== ============ =======
Metric Node Value
=========================== ============ =======
channel-messages received labsystem1 5
errors early-inbound labsystem1 4
packets inbound labsystem1 0
packets outbound labsystem1 8
Completed in 0.18 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats highway

Syntax

show stats highway [{ action-event | actions | firewall-detector }] [node <node>] [<verbosity>]

Description

The "highway manager" (or "highwayManager") is a 128T router software process that governs the packet forwarding behavior of a Slice (including the packet-forwarding component of a Combo). The show stats highway command shows statistics regarding the operation of the highway manager.

admin@labsystem1.fiedler# show stats highway
Wed 2016-11-02 09:34:54 EDT
Retrieving statistics...
Global Highway Manager Stats
----------------------------
====================================== ============ =======
Metric Node Value
====================================== ============ =======
actions action-meter labsystem1 2
firewall-detector discovery-timeout labsystem1 0
firewall-detector reply-received labsystem1 0
firewall-detector reply-sent labsystem1 0
firewall-detector request-received labsystem1 0
firewall-detector request-sent labsystem1 0
firewall-detector tcp-reset-received labsystem1 0
firewall-detector unknown-received labsystem1 0
Completed in 0.23 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show stats highway action-event

Syntax

show stats highway action-event [{ dequeue | enqueue | enqueue-failure | send-retry | send-success | send-timeout }] [node <node>] [<verbosity>]

Description

Each flow within a 128T router's flow table may have various actions associated with it, to describe the operations that the 128T router may apply to packets that match the flow entry. Examples of actions are encryption, decryption, add metadata, perform DPI, etc.

The show stats highway action-event subcommands tabulate different actions associated with the 128T router's internal action processing; i.e., how many action events have been enqueued, dequeued, etc.

This command is generally only run at the specific request of the support team from 128 Technology, Inc.

admin@labsystem1.fiedler# show stats highway action-event
Mon 2017-02-27 11:20:16 EST
Retrieving statistics...
Action Event Stats
------------------
================= ============ =======
Metric Node Value
================= ============ =======
dequeue labsystem1 0
enqueue labsystem1 0
enqueue-failure labsystem1 0
send-retry labsystem1 0
send-success labsystem1 0
send-timeout labsystem1 0
Completed in 0.03 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced

show stats highway actions

Syntax

show stats highway actions action-meter [node <node>] [<verbosity>]

Description

Each flow within a 128T router's flow table may have various actions associated with it, to describe the operations that the 128T router may apply to packets that match the flow entry. Examples of actions are encryption, decryption, add metadata, perform DPI, etc.

The show stats highway action action-meter returns the number of active "actions" that are allocated.

admin@labsystem1.fiedler# show stats highway actions action-meter
Wed 2016-11-02 09:35:35 EDT
Retrieving statistics...
Active Action Entries
---------------------
============ =======
Node Value
============ =======
labsystem1 2
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show stats highway firewall-detector

Syntax

show stats highway firewall-detector [{ discovery-timeout | reply-received | reply-sent | request-received | request-sent | tcp-reset-received | unknown-received }] [node <node>] [<verbosity>]

Description

Occasionally, 128T nodes are deployed with firewalls between them. The 128T router's built-in "firewall detector" uses a purpose-built testing algorithm and associated state machine to learn the type and nature of the firewall, so that it can accommodate it and send packets between the divided nodes successfully. The various show stats highway firewall-detector subcommands show the various states within this state machine.

admin@labsystem1.fiedler# show stats highway firewall-detector
Wed 2016-11-02 09:36:00 EDT
Retrieving statistics...
Firewall Detector Stats
-----------------------
==================== ============ =======
Metric Node Value
==================== ============ =======
discovery-timeout labsystem1 0
reply-received labsystem1 0
reply-sent labsystem1 0
request-received labsystem1 0
request-sent labsystem1 0
tcp-reset-received labsystem1 0
unknown-received labsystem1 0
Completed in 0.18 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats icmp

Syntax

show stats icmp [sent [ failure | success] ] [<verbosity>]

Description

The show stats icmp shows information on the ICMP activity (sent and received) by the 128T router. The optional sent filter will show ICMP packets sent.

As with many other show stats commands, show stats icmp has options to change the verbosity of the output using the detail/debug/summary flags.

admin@labsystem1.fiedler# show stats icmp
Wed 2016-11-02 09:37:13 EDT
Retrieving statistics...
ICMP Manager Stats
------------------
========================= ============ =======
Metric Node Value
========================= ============ =======
sent failure echo-reply labsystem1 0
sent success echo-reply labsystem1 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats interface

Syntax

show stats interface [{ received [ { buffer-allocation-failures | bytes | error | missed | packets | utilization }] | sent [{ bytes | error | packets | utilization }] ]

Description

The show stats interface command displays interface-based statistics broken down into two main categories: receive statistics and transmit statistics (the received and sent subcommands, respectively). Each will be shown individually in the two sections that follow.

Executing the standalone command show stats interface displays a comprehensive set of all interface-based statistics available on the 128T router. Note that this command will execute a lot of queries, and may take as long as 60 seconds to return data to the PCLI.

admin@labsystem1.fiedler# show stats interface
Wed 2016-11-02 09:41:29 EDT
Retrieving statistics...
Ethernet Interface Statistics
-----------------------------
==================================== ============ ====== ========
Metric Node Port Value
==================================== ============ ====== ========
received buffer-allocation-failure labsystem1 2 0
received bytes labsystem1 2 530496
received error labsystem1 2 0
received missed labsystem1 2 0
received packets labsystem1 2 2657
received utilization labsystem1 2 0
sent bytes labsystem1 2 260426
sent error labsystem1 2 0
sent packets labsystem1 2 805
sent utilization labsystem1 2 0
Completed in 0.19 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
1.1.0Changed from "show stats interface-packets-received" and "show stats interface-packets-sent" to the "show stats interface" hierarchy.
3.2.0Added missed to show stats interface received

show stats interface received

Syntax

show stats interface received

Description

The show stats interface received command displays information about the interfaces on a packet-forwarding element of the 128T router (i.e., a Slice or Combo).

admin@labsystem1.fiedler# show stats interface received
Wed 2016-11-02 09:42:16 EDT
Retrieving statistics...
received
--------
=========================== ============ ====== ========
Metric Node Port Value
=========================== ============ ====== ========
buffer-allocation-failure labsystem1 2 0
bytes labsystem1 2 533184
error labsystem1 2 0
missed labsystem1 2 0
packets labsystem1 2 2671
utilization labsystem1 2 0
Completed in 0.13 seconds

The categorization of metrics is as follows: buffer-allocation-failure counts the number of times that the 128T router could not allocate a buffer to receive a packet that had arrived on the interface (this is generally due to a resource exhaustion on your 128T node and will be requested of you by 128 Technology's support department); bytes counts the number of bytes received on the interface; error counts the number of receive errors (malformed packets) on the interface; missed counts the number of packets that were dropped or discarded by the interface; packets counts the raw number of packets that have arrived; utilization measures the receive bandwidth per interface.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show stats interface sent

Syntax

show stats interface received

Description

The show stats interface sent command displays information about the interfaces on a packet-forwarding element of the 128T router (i.e., a Slice or Combo).

admin@labsystem1.fiedler# show stats interface sent
Wed 2016-11-02 09:42:39 EDT
Retrieving statistics...
sent
----
============= ============ ====== ========
Metric Node Port Value
============= ============ ====== ========
bytes labsystem1 2 263602
error labsystem1 2 0
packets labsystem1 2 815
utilization labsystem1 2 0
Completed in 0.12 seconds

The categorization of metrics is as follows: bytes counts the number of bytes transmitted on the interface; error counts the number of send errors (malformed packets) on the interface; packets counts the raw number of packets that have been sent; utilization measures the transmit bandwidth per interface.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced

show stats ipfix

Syntax

show stats ipfix [record-export-rate | time-per-export | time-per-session | total-generation-time | total-records] [node <node-name>] [<verbosity>]

Description

The show stats ipfix command shows information about the 128T router's IPFIX (IP Flow Information eXport) record generation and export feature.

The output shows a number of IPFIX stats; the record-export-rate is the number of IPFIX records exported per second. The values for time-per-session and time-per-export, both expressed in microseconds, represent the average time spent by the 128T system to generate and export IPFIX records, respectively. The total-generation-time, also expressed in microseconds, represents the amount of time spent generating IPFIX records since the system was started. Lastly, the total-records is a counter of the number of IPFIX records generated in total.

user@labsystem1.fiedler> show stats ipfix
Mon 2017-07-24 11:21:59 EDT
Retrieving statistics...
IPFIX Stats
-----------
======================= =================== =======
Metric Node Value
======================= =================== =======
record-export-rate labsystem1 0
time-per-export labsystem1 0
time-per-session labsystem1 0
total-generation-time labsystem1 0
total-records labsystem1 0
Completed in 0.10 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.1.0This feature was introduced

show stats memory

Syntax

show stats memory [{ capacity | used }] [node <node-name>] [<verbosity>]

Description

The show stats memory command shows information about the total memory (the capacity subcommand) and the used memory (the used subcommand) on each node within the 128T router.

admin@labsystem1.fiedler# show stats memory
Wed 2016-11-02 09:43:00 EDT
Retrieving statistics...
Memory usage
------------
========== ============ ============
Metric Node Value
========== ============ ============
capacity labsystem1 8216723456
used labsystem1 5796524032
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced
3.0.0Added verbosity argument

show stats metrics

Syntax

show stats metrics [{ active-metrics | collections-pending | collections-skipped | per-collection-latency | per-metric-latency | read-metric-latency }] [process <process>] [node <node>]

Description

The show stats metrics commands display information about metrics (statistical data) collected by the 128T router for rendering to the user.

admin@labsystem1.fiedler# show stats metrics
Thu 2018-02-08 09:48:40 EST
Retrieving statistics...
Metrics Library Performance Measurements
----------------------------------------
======================== ========= ============ =========================== =======
Metric Router Node Process Value
======================== ========= ============ =========================== =======
active-metrics beacon labsystem1 databaseQueryCoordinator 6
​ labsystem1 dynamicPeerUpdateManager 19
​ labsystem1 nodeMonitor 88
​ labsystem1 systemServicesCoordinator 526
collections-pending beacon labsystem1 databaseQueryCoordinator 1
​ labsystem1 dynamicPeerUpdateManager 1
​ labsystem1 nodeMonitor 1
​ labsystem1 systemServicesCoordinator 1
collections-skipped beacon labsystem1 databaseQueryCoordinator 0
​ labsystem1 dynamicPeerUpdateManager 0
​ labsystem1 nodeMonitor 0
​ labsystem1 systemServicesCoordinator 0
per-collection-latency beacon labsystem1 databaseQueryCoordinator 494
​ labsystem1 dynamicPeerUpdateManager 710
​ labsystem1 nodeMonitor 3954
​ labsystem1 systemServicesCoordinator 21583
per-metric-latency beacon labsystem1 databaseQueryCoordinator 82
​ labsystem1 dynamicPeerUpdateManager 37
​ labsystem1 nodeMonitor 44
​ labsystem1 systemServicesCoordinator 41
read-metric-latency beacon labsystem1 databaseQueryCoordinator 0
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced
3.2.0pending-aggregations renamed to collections-pending; collections-skipped added

show stats packet-capture

Syntax

show stats packet-capture { success | write-failure } [core <core>] [node <node>] [port <port>]

Description

The show stats packet-capture commands display information about any ongoing packet capture activity that an administrator has initiated. The success statistics show the number of packets that have been captured to date, the write-failure statistics show the number of packets that failed to be written to a file (likely due to disk space issues).

Both the success and write-failure modifiers show their information in the standard, tabular format:

admin@labsystem1.fiedler# show stats packet-capture success
Wed 2016-11-02 09:43:24 EDT
Retrieving statistics...
Packets send to be captured
---------------------------
============ ====== =======
Node Port Value
============ ====== =======
labsystem1 2 0
labsystem1 255 0
Completed in 0.08 seconds

As with most commands that display their information in this format, the show stats packet-capture command can be filtered by core, node and/or port with optional command-line arguments.

admin@labsystem1.fiedler# show stats packet-capture success port 2
Wed 2016-11-02 09:43:41 EDT
Retrieving statistics...
Packets send to be captured
---------------------------
============ ====== =======
Node Port Value
============ ====== =======
labsystem1 2 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show stats packet-processing

Syntax

show stats packet-processing { action | classifier | enqueue | fib-action | flow-action | fragmentation | lookup | received | sent } [core <core>] [node <node>] [<verbosity>]

Description

The show stats packet-processing is a top-level category that is the umbrella category for various statistics pertaining to the 128T router's packet processing. See the following sections for details on each of the subordinate commands.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced as a top-level category for many statistics that had been maintained elsewhere in earlier releases

show stats packet-processing action

Syntax

show stats packet-processing action [{ failure | success }]

Description

The show stats packet-processing-action command displays information for the various flow actions within the 128T router. Each flow, as it is instantiated by the 128T router, may have various "actions" associated with it based upon either the nature of the traffic, the configuration of the 128T router, or both.

The subcommands associated with packet-processing-action are grouped into success conditions and failure conditions, then broken down by action type, each one showing tabular data for the notable events associated with that flow action.

The various sections that follow illustrate all of the show stats packet-processing action subcommands.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.1.0This feature was introduced. Replaces the "show packet-processing-actions" command hierarchy in 1.0.
2.0.0Formally "show packet-processing-action"

show stats packet-processing action failure

Syntax

show stats packet-processing action failure [{ aes | bfd | ethernet-header-transform | hmac | metadata | rate-limit-check | tcp-state | ttl-validate }]

Description

The show stats packet-processing-action failure command enumerates all of the different failure cases for action processing within the 128T router. As mentioned earlier, actions are applied to packets received, and can perform a wide variety of functions: encryption, transformations, rate limiting, TCP state machine validation, etc. When these actions are applied to a packet and that action fails, the stats within this table are incremented.

admin@labsystem1.fiedler# show stats packet-processing action failure summary
Wed 2016-11-02 09:47:51 EDT
Retrieving statistics...
Failure Processing of Packet Action Stats
-----------------------------------------
============================================ ============ =======
Metric Node Value
============================================ ============ =======
aes data-normalization labsystem1 0
aes decryption-exception labsystem1 0
aes encryption-exception labsystem1 0
aes get-data-length labsystem1 0
aes iv-append labsystem1 0
aes iv-generation labsystem1 0
aes iv-seed labsystem1 0
aes metadata-decryption labsystem1 0
aes metadata-encryption labsystem1 0
aes no-context-found labsystem1 0
aes payload-decryption labsystem1 0
aes payload-encryption labsystem1 0
aes set-data-length labsystem1 0
bfd decode labsystem1 0
bfd echo-init labsystem1 0
bfd empty-metadata labsystem1 0
bfd empty-payload labsystem1 0
bfd invalid-header labsystem1 0
bfd metadata-parse labsystem1 0
ethernet-header-transform arp-table-misses labsystem1 0
ethernet-header-transform packet-expansion labsystem1 0
hmac allocation labsystem1 0
hmac cannot-find-digest labsystem1 0
hmac digest-calculation labsystem1 0
hmac digest-compare labsystem1 0
metadata add labsystem1 0
metadata get-length labsystem1 0
metadata invalid-type labsystem1 0
metadata not-present labsystem1 0
rate-limit-check labsystem1 0
tcp-state illegal-flag-combination labsystem1 0
tcp-state invalid-state-transition labsystem1 0
ttl-validate labsystem1 0
Completed in 0.42 seconds
Action CategoryDescription
aesThese actions are related to the encryption and/or decryption of packets.
bfdThe BFD actions (Bidirectional Forwarding Detection) are associated with the inter-node and/or inter-router BFD exchanges that 128T routers use to determine health, aliveness, and utilization.
ethernet-header-transformEthernet headers are transformed (rewritten) as packets are sent to next hop gateways or hosts. (The source and destination MAC addresses.)
hmacHMAC (Hash-based Message Authentication Code) is used to authenticate that the sender of a message is who it says that it is. 128T routers optionally use HMAC to authenticate one another – essentially "signing" packets to validate the authenticity of the source.
ip-header-transformIP headers are transformed to change one protocol into another; notably, ICMP is transformed to UDP when sent via SVR to another 128T peer.
metadata128T routers use metadata to exchange state with one another. The insertion and removal of metadata are common actions at the outset of a new session.
rate-limit-checkRate limiting (in bytes per second) is a flow-based action.
tcp-stateThe 128T router will "follow" the TCP state machine for TCP-based flows (ensuring that the three-way handshake is completed within a set amount of time, for example). Checking the validity of the TCP state is a flow action.
ttl-validateTTL (Time To Live) validation is used within IP networks as a last resort for loop prevention.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing action success

Syntax

show stats packet-processing action success [{ aes | bfd | detour | dpi | drop | forward | hmac | metadata | rate-limit-check | tcp-state | ttl-validate }]

Description

Like the show stats packet-processing action failure command, the show stats packet-processing-action success command enumerates all of the different cases for action processing within the 128T router, but in this case ones that have completed successfully. When these actions are applied to a packet and that action succeeds, the stats within this table are incremented.

admin@labsystem1.fiedler# show stats packet-processing action success summary
Wed 2016-11-02 09:57:03 EDT
Retrieving statistics...
Successful Processing of Packet Action Stats
--------------------------------------------
=========================================== ============ =======
Metric Node Value
=========================================== ============ =======
aes metadata-decryption labsystem1 0
aes metadata-encryption labsystem1 0
aes metadata-false-positive-detected labsystem1 0
aes no-metadata labsystem1 0
aes no-payload labsystem1 0
aes payload-decryption labsystem1 0
aes payload-encryption labsystem1 0
bfd async-processed labsystem1 0
bfd echo-processed labsystem1 0
detour labsystem1 0
dpi encryption detected labsystem1 0
dpi encryption enqueue labsystem1 0
drop labsystem1 0
ethernet-header-transform labsystem1 0
forward to-wire labsystem1 0
hmac append-no-payload labsystem1 0
hmac digest-added labsystem1 0
hmac digest-removed labsystem1 0
hmac not-required labsystem1 0
hmac validate-no-payload labsystem1 0
metadata add-false-positive-correction labsystem1 0
metadata add-not-required labsystem1 0
metadata added labsystem1 0
metadata propagate-not-required labsystem1 0
metadata remove-false-positive-correction labsystem1 0
metadata remove-not-required labsystem1 0
metadata removed labsystem1 0
metadata right-lane-sent labsystem1 0
metadata updated labsystem1 0
rate-limit-check labsystem1 0
tcp-state labsystem1 0
ttl-validate labsystem1 0
Completed in 0.40 seconds
Action CategoryDescription
aesThese actions are related to the encryption and/or decryption of packets.
bfdThe BFD actions (Bidirectional Forwarding Detection) are associated with the inter-node and/or inter-router BFD exchanges that 128T routers use to determine health, aliveness, and utilization.
detourThe detour action diverts packets from the "fast lane" (switching fabric) to the control path for further processing.
dpiDPI, or Deep Packet Inspection, is used to peer into the payload of a packet for various patterns to perform more granular classification.
dropAs its name implies, this action causes a packet to be dropped.
ethernet-header-transformEthernet headers are transformed (rewritten) as packets are sent to next hop gateways or hosts. (The source and destination MAC addresses.)
forwardThis action is used to indicate that a packet should be forwarded out of the 128T router and onto its next hop.
hmacHMAC (Hash-based Message Authentication Code) is used to authenticate that the sender of a message is who it says that it is. 128T routers optionally use HMAC to authenticate one another – essentially "signing" packets to validate the authenticity of the source.
ip-header-transformIP headers are transformed to change one protocol into another; notably, ICMP is transformed to UDP when sent via SVR to another 128T peer.
metadata128T routers use metadata to exchange state with one another. The insertion and removal of metadata are common actions at the outset of a new session.
rate-limit-checkRate limiting (in bytes per second) is a flow-based action.
tcp-stateThe 128T router will "follow" the TCP state machine for TCP-based flows (ensuring that the three-way handshake is completed within a set amount of time, for example). Checking the validity of the TCP state is a flow action.
ttl-validateTTL (Time To Live) validation is used within IP networks as a last resort for loop prevention.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing classifier

Syntax

show stats packet-processing classifier [{ received ... | sent ... }] [node <node>] [port <port>]

Description

As packets are received by a 128T router, an initial classification is done to determine further treatment and processing. Most basic Layer 2 through Layer 4 types are classified and categorized, and reflected in the show stats packet-processing classifier received tables.

The show stats packet-processing classifier sent tables likewise return statistics regarding the number of packets of various L2-L4 types that the 128T router transmits.

The received and sent options are enumerated in the sections that follow.

Both the received and sent options are displayed in tabular format that breaks down the quantities by node and device port; the output for these tables may optionally be filtered to specific nodes and/or device ports by supplying them as arguments to the command line.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced

show stats packet-processing classifier received

Syntax

show stats packet-processing classifier received ... [node <node>] [port <port>]

Description

This command displays the current tally of the various types of packets that the 128T router has received. The table below enumerates that various statistics that are accumulated and a brief description for each.

ClassificationDescription
arpIncremented for each ARP packet received (both requests and replies).
broadcast-mac-discardsIncremented when packets are discarded due to the presence of a broadcast MAC address (FF:FF:FF:FF:FF:FF).
dhcpIncremented with each received DHCP packet.
discardsIncremented when packets are discarded because the classifier did not recognize them as a known type.
exceptionThe number of software exceptions encountered when classifying packets.
icmpThe count of all received ICMP (IPv4) packets.
icmp-ttl-discardsThe number of ICMP packets discarded due to its time to live reaching zero (0).
icmpv6The count of all received ICMPv6 packets.
icmpv6-hop-limit-discardsThe number of ICMPv6 packets discarded due to their hop limit being reached.
icmpv6-link-local-discardsThe number of link-local ICMPv6 packets discarded.
invalid-header-lengthThe number of received packets that had an invalid IP header length.
invalid-ipv6The number of invalid IPv6 packets received.
invalid-lengthThe number of received packets that had an invalid length (mismatch between received size and advertised size).
ipv4The total number of IPv4 packets that the 128T router has classified.
ipv4-fabric-fragmentedThe number of IPv4 "fabric fragments" (packets that are fragmented between two 128T devices) received.
ipv4-fragmentedThe total number of fragmented IPv4 packets that the 128T router has classified. (Including all fragments.)
ipv6The total number of IPv6 packets that the 128T router has classified.
ipv6-fabric-fragmentedThe number of IPv6 "fabric fragments" (packets that are fragmented between two 128T devices) received.
ipv6-fragmentedThe total number of fragmented IPv6 packets that the 128T router has classified. (Including all fragments.)
is-isThe total number of IS-IS (Intermediate System to Intermediate System) packets classified on receipt.
lacpThe total number of LACP (Link Aggregation Control Protocol) packets that have been classified on receipt.
ndpThe total number of NDP (Neighbor Discovery Protocol) packets that have been received and classified.
ospfThe total number of OSPF (Open Shortest Path First) routing packets that have been received and classified.
other-layer-4-protocolThis statistic counts the number of packets that have been received that do not fall into a known type (TCP, UDP, SCTP).
sctpThe total number of SCTP (Stream Control Transport Protocol) packets that have been received.
tcpThe total number of TCP (Transmission Control Protocol) packets that have been received.
totalThe total number of packets that have been received, irrespective of type.
tunnelThe number of packets that have been received that were tunneled.
udpThe total number of UDP (User Datagram Protocol) packets that have been received.
unknown-layer-3-protocol-discardsThe number of packets received that had a Layer 3 type that the classifier does not recognize.
vlanThe number of packets received that had a VLAN tag.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0was "show stats packet-classifier received"
3.2.0added several more categories of classified packets

show stats packet-processing classifier sent

Syntax

show stats packet-processing classifier sent ... [node <node>] [port <port>]

Description

This command displays the current tally of the various types of packets that the 128T router has transmitted. The table below enumerates that various statistics that are accumulated and a brief description for each.

ClassificationDescription
arpThis statistic counts the number of ARP packets (requests and replies) that the 128T router has sent.
dhcpThis counts the number of DHCP packets that the 128T router has sent.
icmpThis statistic counts the number of IPv4 ICMP packets that the 128T router has sent.
icmpv6This statistic counts the number of IPv6 ICMP packets that the 128T router has sent. (Note: IPv6 is not currently available.)
ipv4This statistic counts the total number of IPv4 packets that the 128T router has sent.
ipv4-fabric-fragmentedThe number of IPv4 "fabric fragments" (packets that are fragmented between two 128T devices) that have been sent.
ipv4-fragmentedThis statistic counts the total number of fragmented IPv4 packets that the 128T router has sent.
ipv6This statistic counts the number of IPv6 packets that the 128T router has sent. (Note: IPv6 is not currently available.)
ipv6-fabric-fragmentedThe number of IPv6 "fabric fragments" (packets that are fragmented between two 128T devices) that have been sent.
ipv6-fragmentedThis statistic counts the number of fragmented IPv6 packets that the 128T router has sent. (Note: IPv6 is not currently available.)
is-isThis statistic counts the number of IS-IS packets that the 128T router has sent. (Note: IS-IS is not currently supported.)
lacpThis statistic counts the number of LACP packets that the 128T router has sent. (Note: LACP is not currently available.)
ndpThis statistic counts the number of NDP packets that the 128T router has sent. (Note: IPv6 is not currently available.)
ospfThis statistic counts the number of OSPF packets that the 128T router has sent.
other-layer-3-protocolThis statistic counts the number of packets that the 128T router has sent that do not fall into one of the other, counted network-layer categories.
other-layer-4-protocolThis statistic counts the number of packets that the 128T router has sent that do not fall into one of the other, counted transport-layer categories. (I.e., TCP, UDP, SCTP.)
sctpThis statistic counts the number of SCTP packets that the 128T router has sent.
tcpThis statistic counts the number of TCP packets that the 128T router has sent.
totalThis shows the total number of packets that the 128T router has transmitted.
tunnelThis shows the number of packets that have been transmitted that are encapsulated in a tunnel.
udpThis statistic counts the number of UDP packets that the 128T router has sent.
vlanThis statistic reflects the number of packets that the 128T router has sent that include a VLAN tag.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0was "show stats packet-classifier sent"
3.2.0added several more categories of classified packets

show stats packet-processing enqueue

Syntax

show stats packet-processing enqueue ... [node <node >] [port <port>] [<verbosity>]

Description

This command displays information about the various queues within the 128T router's traffic management and packet processing subsystems. At various points in a packet's lifecycle through the 128T router it is enqueued for processing; the subcommands associated with show stats packet-processing enqueue give tallies for the successful, and unsuccessful enqueue events.

Generally speaking, the various failure modes listed below are typically incremented when a queue is full – not draining as fast as packets are arriving. This is usually due to an unexpected flood of inbound packets.

The various subcommands are listed below:

SubcommandDescription
to-controller-failureThis statistic counts the number of failure events when a control packet is unable to be enqueued when destined for the "fast lane controller". (Generally, the first packet of a new session.)
to-controller-successThis counts the number of successfully enqueued packets destined for the fast lane controller.
to-deferred-ring-failureThis statistic counts the number of failure events when a packet is unable to be enqueued when destined for the traffic engineering subsystem (e.g., for scheduling).
to-deferred-ring-successThis counts the number of successfully enqueued packets destined for the traffic engineering subsystem.
to-worker-core-failureThis statistic counts the number of failure events when a packet is unable to be enqueued back into the fast lane from the controller (generally, the first packet of a new session that has been processed by the controller).
to-worker-core-successThis counts the number of successfully enqueued packets destined for egress processing.

A representative sample command is given here:

admin@labsystem1.fiedler# show stats packet-processing enqueue to-controller-success
Tue 2016-11-01 10:23:46 EDT
Retrieving statistics...
Enqueued Control Packets
------------------------
============ =======
Node Value
============ =======
labsystem1 5
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced. Replaces (deprecates) show stats fast-lane-enqueue from pre-2.0 software releases.
3.2.0Reorganized statistics and renamed several categories

show stats packet-processing fib-action

Syntax

show stats packet-processing fib-action ... [node <node>] [port <port>] [ <verbosity>]

Description

FIB entries in the 128T router may have associated "actions", which affect the packet's processing logic upon entry into the router. (Note: FIB lookups happen logically later than flow table lookups; for statistics related to flow table action events, refer to the section on show stats packet-processing flow-action).

The show stats packet-processing fib-action table shows success, failure, and exception events (counters). More detail on success and failure events can be seen in the output from show stats packet-processing action. When the action processing has an exception, this means an internal error has occurred in attempting the action processing.

admin@test1.Fabric128# show stats packet-processing fib-action
Tue 2016-11-01 13:33:38 EDT
Retrieving statistics...
Fib Action Summary Stats
------------------------
=========== ======= ====== =======
Metric Node Port Value
=========== ======= ====== =======
exception test1 10 0
​ test1 11 0
​ test1 255 0
failure test1 10 0
​ test1 11 0
​ test1 255 0
success test1 10 2266
​ test1 11 2266
​ test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced
2.1.0Renamed. Was show stats packet-processing fib-action-summary

show stats packet-processing flow-action

Syntax

show stats packet-processing flow-action ... [node <node>] [port <port>]

Description

Flow entries in the 128T router may have associated "actions", which affect the packet's processing logic upon entry into the router. Flow lookups happen very early in a packet's lifecycle within the 128T router, so it is quite common for these values to be large..

The show stats packet-processing flow-action table shows success, failure, and exception events (counters). More detail on success and failure events can be seen in the output from show stats packet-processing action. When the action processing has an exception, this means an internal error has occurred in attempting the action processing.

admin@test1.Fabric128# show stats packet-processing flow-action
Tue 2016-11-01 13:31:44 EDT
Retrieving statistics...
Flow Action Summary Stats
-------------------------
=========== ======= ====== =========
Metric Node Port Value
=========== ======= ====== =========
exception test1 10 0
​ test1 11 0
​ test1 255 0
failure test1 10 1
​ test1 11 0
​ test1 255 0
success test1 10 2492074
​ test1 11 2492090
​ test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced
2.1.0Renamed. Was show stats packet-processing flow-action-summary

show stats packet-processing fragmentation

Syntax

show stats packet-processing fragmentation [{ received | sent }]

Description

The show stats packet-processing fragmentation statistics capture information about all of the fragmented IP packets that the 128T router processes (both received fragments and transmitted fragments). The received and sent commands are detailed below.

A comprehensive list of all fragmentation-related statistics is available via the command show stats packet-processing fragmentation with no subcommand specified. Be advised, this command can take quite some time to complete due to the number of queries it generates.

admin@test1.Fabric128# show stats packet-processing fragmentation
Tue 2016-11-01 13:41:13 EDT
Retrieving statistics...
Fragmentation and Reassembly Stats
----------------------------------
======================================== ======= ====== =======
Metric Node Port Value
======================================== ======= ====== =======
received duplicate-first-fragment test1 10 0
​ test1 11 0
​ test1 255 0
received duplicate-last-fragment test1 10 0
​ test1 11 0
​ test1 255 0
...

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats fragmentation

show stats packet-processing fragmentation received

Syntax

show stats packet-processing fragmentation received [{ duplicate-first-fragment | duplicate-last-fragment | failure-to-reassemble | fragment-chains-discarded | fragment-chains-exceeded | fragment-chains-timeout | incomplete-fragments | invalid-length-first-fragment | successfully-reassembled }] [node <node>] [port <port>]

Description

Fragmented IP packets, as the name implies, are large packets split into smaller pieces prior to delivery. The fragments may arrive in any order, and must be reassembled by the recipient. If any of the fragments fail to arrive, the remaining fragments are of no value and are discarded. The show stats packet-processing fragmentation received statistics categorize different observed behaviors (one success case and several failure cases) with fragmented packets and increment statistics accordingly.

The duplicate-first-fragment and duplicate-last-fragment modifiers increment when the particular fragment arrives twice. The failure-to-reassemble increments when the 128T router cannot reassemble all of the fragments (usually due to missing fragments).

Fragments are reassembled in what are called "fragment chains". There are three statistics specific to the fragment chains: fragment-chains-discarded counts the number of times a fragment chain is discarded due to an error (not receiving all fragments, errored fragments, etc.); fragment-chains-exceeded is incremented when the 128T router does not have any available fragment chains to queue packets for reassembly; fragment-chain-timeout is when a fragment chain does not receive all fragments for a given reassembly job within ten (10) seconds.

The incomplete-fragments modifier shows the number of reassembly jobs that were missing fragments. The invalid-length-first-fragment modifier increments when a fragment arrives with a misadvertised length.

The successfully-reassembled modifier shows the number of fragment chains that have collected all fragments and completed reassembly with no errors.

All of the commands within show stats packet-processing fragmentation display their information similarly; one such example is below. The output may optionally be filtered by data node and/or port by adding the appropriate modifiers.

admin@test1.Fabric128# show stats packet-processing fragmentation received successfully-reassembled
Tue 2016-11-01 13:49:44 EDT
Retrieving statistics...
Successfully Reassembled
------------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 0
test1 11 0
test1 255 0
Completed in 0.02 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats fragmentation received

show stats packet-processing fragmentation sent

Syntax

show stats packet-processing fragmentation sent { fragmentation-creation-failure | ipv4-dont-fragment-drop | ipv4-fabric-fragments | ipv4-non-fabric-fragments | ipv4-packets-fragmented | ipv6-fabric-fragments | ipv6-mtu-exceeded-drop | ipv6-packets-fragmented | unknown-l2-version } [node <node>] [port <port>]

Description

The complement to the receive statistics are the show stats fragmentation sent statistics, which account for all of the packets that the 128T router performs fragmentation on.

The fragmentation-creation-failure counts all instances where the 128T router cannot fragment a packet (internal error). The ipv4-dont-fragment-drop counts all packets dropped because they exceed the path MTU and have the "don't fragment" bit set (hence the 128T router cannot fragment it). The ipv4-packets-fragmented and ipv6-packets-fragmented counters are a running total of the number of packets (not fragments) that have been fragmented. The ipv4-fabric-fragments and ipv6-fabric-fragments counters are a running total of the number of fragmented packets sent over a "fabric" link (i.e., using Secure Vector Routing) between 128T routers. The unknown-l2-version counts the number of jumbo packets with an unknown (and therefore unhandled) L2 type.

All of the commands within show stats packet-processing fragmentation display their information similarly; one such example is below. The output may optionally be filtered by data node and/or port by adding the appropriate modifiers.

admin@test1.Fabric128# show stats packet-processing fragmentation sent ipv4-packets-fragmented
Tue 2016-11-01 13:52:48 EDT
Retrieving statistics...
Fragmented IPv4 Packets
-----------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 0
test1 11 0
test1 255 0
Completed in 0.17 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats fragmentation sent
3.2.0added ipv4-fabric-fragments, ipv6-fabric-fragments

show stats packet-processing lookup

Syntax

show stats packet-processing lookup ... [node <node>] [core <core>] [port <port>]

Description

This command displays the current tally of various lookup table activity on the 128T router's data path. The various subcommands beneath show stats packet-processing lookup are enumerated in the sections that follow.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing lookup access-policy-table

Syntax

show stats packet-processing lookup access-policy-table ... [node <node>] [core <core>] [port <port>]

Description

The access-policy-table statistics increment as sessions are established based on whether or not the access-policy criteria specified in the services are "hits" (matched) or "misses" (not matched). The "lock-failure" mode is an internal troubleshooting tool for 128 Technology's support team. By omitting the subcommand, a table with data regarding all subcommands (hit, lock-failure, and miss) is shown.

This show command presents the access-policy statistics in tabular format, based on ingress port (as defined in a configured device-interface).

admin@test1.Fabric128# show stats packet-processing lookup access-policy-table
Tue 2016-11-01 13:57:17 EDT
Retrieving statistics...
Access Policy Table Stats
-------------------------
========= ======= ====== =======
Metric Node Port Value
========= ======= ====== =======
allow test1 10 2266
​ test1 11 2268
​ test1 255 0
deny test1 10 0
​ test1 11 0
​ test1 255 0
failure test1 10 0
​ test1 11 0
​ test1 255 0
miss test1 10 0
​ test1 11 0
​ test1 255 0
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. was show stats access-policy-table

show stats packet-processing lookup fib-table

Syntax

show stats packet-processing lookup fib-table ... [node <node>] [core <core>] [port <port>]

Description

Each packet-forwarding component of the 128T router maintains a Forwarding Information Base (FIB) that includes rules for packet processing. When packets arrive that do not match an established flow, the system performs a FIB query to determine their disposition. This table records those events; the hit table is when a match is found, the miss table contains a tally of the times when no match was found.

admin@test1.Fabric128# show stats packet-processing lookup fib-table
Tue 2016-11-01 13:58:15 EDT
Retrieving statistics...
FIB Table Stats
---------------
======== ======= ====== ========
Metric Node Port Value
======== ======= ====== ========
hit test1 10 2266
​ test1 11 2268
​ test1 255 0
miss test1 10 185857
​ test1 11 182505
​ test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. was show stats fib-table

show stats packet-processing lookup flow-table

Syntax

show stats packet-processing lookup flow-table ... [node <node>] [core <core>] [port <port>]

Description

One of the first operations performed by a 128T router for each inbound packet is to check its flow table to see if it belongs to an existing flow. The flow-table statistics show the results of this check, be they successful (flow-table hit) or unsuccessful (flow-table miss).

admin@test1.Fabric128# show stats packet-processing lookup flow-table
Tue 2016-11-01 13:59:24 EDT
Retrieving statistics...
Flow Table Stats
----------------
======== ======= ====== ==========
Metric Node Port Value
======== ======= ====== ==========
hit test1 10 16510515
​ test1 11 16507731
​ test1 255 0
miss test1 10 188123
​ test1 11 184773
​ test1 255 0
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. was show stats flow-table

show stats packet-processing lookup icmp-table

Syntax

show stats packet-processing lookup icmp-table ... [node <node>] [core <core>] [port <port>]

Description

The 128T router's "ICMP blackhole" feature lets administrator selectively decide when to respond to external ICMP packets. The show stats icmp-table statistics show the activity related to this ICMP blackholing – i.e., when a network-interface's icmp is set to drop.

admin@test1.Fabric128# show stats packet-processing lookup icmp-table
Tue 2016-11-01 14:00:59 EDT
Retrieving statistics...
Icmp Blackhole Stats
--------------------
============ ======= ====== =======
Metric Node Port Value
============ ======= ====== =======
ipv4 allow test1 10 0
​ test1 11 0
​ test1 255 0
ipv4 deny test1 10 0
​ test1 11 0
​ test1 255 0
ipv6 allow test1 10 0
​ test1 11 0
​ test1 255 0
ipv6 deny test1 10 0
​ test1 11 0
​ test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing lookup tenant-table

Syntax

show stats packet-processing lookup tenant-table ... [node <node>] [core <core>] [port <port>]

Description

The 128T router's tenant lookup table is used to ascribe inbound packets to configured tenants. The resultant of the lookup is used in a subsequent lookup, the tenant-specific FIB lookup, to decide on the disposition for that packet.

Entries into the tenant table are populated by configuration on the 128T router. Each interface contributes to the source lookup table, with its assigned tenant (or the "global tenant" in the absence of an assigned tenant). Each service-route will create an entry in the tenant table, assigned to the tenant of the service that agent belongs to. Also, each waypoint (for internode "router" traffic) creates an entry into the table.

The hit modifier shows the normal (success) case, when a tenant is found in the lookup. The miss modifier shows the failure case, when no tenant can be found; in this case, the packet will be tallied and dropped. The lock-failure modifier increments when a lookup fails because the fast lane cannot obtain exclusive access to the source lookup table.

admin@labsystem1.fiedler# show stats packet-processing lookup tenant-table
Wed 2016-11-02 10:30:46 EDT
Retrieving statistics...
Tenant Table Stats
------------------
========= ============ ====== =======
Metric Node Port Value
========= ============ ====== =======
failure labsystem1 2 0
​ labsystem1 255 0
hit labsystem1 2 0
​ labsystem1 255 0
miss labsystem1 2 0
​ labsystem1 255 0
Completed in 0.25 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. was show stats source-lookup-table

show stats packet-processing received

Syntax

show stats packet-processing received [{ control-block-alloc-failure | control-success | egress-success | interface-standby-drop | interface-success }] [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

This command displays the current types of events that can transpire upon receipt of packets. The various subcommands are listed in the sections that follow.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing received control-block-alloc-failure

Syntax

show stats packet-processing received control-block-alloc-failure [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

This statistic shows the number of times that the 128T router was unable to allocate a packet control block, a data structure used for each connection. This type of resource exhaustion is an abnormal event; this command is usually only run at the request of 128 Technology's support organization to diagnose a specific problem. As with other show stats commands, this one may be filtered by node and/or port to refine the output.

admin@test1.Fabric128# show stats packet-processing received control-block-alloc-failure
Tue 2016-11-01 14:20:12 EDT
Retrieving statistics...
Packet Control Block Allocation Failures
----------------------------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 0
test1 11 0
test1 255 0
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats control-block-pool-exhausted

show stats packet-processing received control-success

Syntax

show stats packet-processing received control-success [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

Control packets are used within the 128T router to communicate between various software processes. The show stats packet-processing received control-success statistics are incremented when control packets are sent between the fast lane and the Highway Manager process. This occurs when events such as adding an interface occurs, or when AES encryption is enabled or disabled. This command is generally only run at the direct request of 128 Technology's support team, when troubleshooting a reported issue.

admin@test1.Fabric128# show stats packet-processing received control-success
Tue 2016-11-01 14:33:09 EDT
Retrieving statistics...
Control Packets Received
------------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 0
test1 11 0
test1 255 13
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats control-packets-received

show stats packet-processing received injected-success

Syntax

show stats packet-processing received injected-success [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

This statistic shows the number of packets that have been received in the "fast lane" (where fast packet processing occurs) that are destined for an egress interface.

admin@test1.Fabric128# show stats packet-processing received injected-success
Tue 2016-11-01 14:26:37 EDT
Retrieving statistics...
Injected Packets Received
-----------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 25347
test1 11 32270
test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
1.0.0This feature was introduced
2.0.0Renamed. Was show stats control-block-pool-exhausted
3.2.0Renamed. Was show stats packet-processing received egress-success

show stats packet-processing received interface-standby-drop

Syntax

show stats packet-processing received interface-standby-drop [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

This statistic shows the number of times that a packet was received by an interface that is in "standby" – i.e., it is not the active interface in a redundancy group. When a 128T router receives a packet on an interface that is in standby, it drops it and increments these counters.

admin@test1.Fabric128# show stats packet-processing received interface-standby-drop
Tue 2016-11-01 14:24:24 EDT
Retrieving statistics...
Packets Dropped on Standby Interface
------------------------------------
======= ====== =======
Node Port Value
======= ====== =======
test1 10 192
test1 11 0
test1 255 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing received interface-success

Syntax

show stats packet-processing received interface-success [node <node>] [core <core>] [port <port>] [<verbosity>]

Description

This statistic shows the number packets successfully received from an interface.

admin@test1.Fabric128# show stats packet-processing received interface-success
Tue 2016-11-01 14:21:34 EDT
Retrieving statistics...
Packets Received from Interface
-------------------------------
======= ====== ==========
Node Port Value
======= ====== ==========
test1 10 27930555
test1 11 27925830
test1 255 0
Completed in 0.04 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats packet-processing sent

Syntax

show stats packet-processing sent [interface-failure | interface-standby-drop | interface-success] [node <node >] [port <port>] [core <core>] [<verbosity>]

Description

This command displays the current tally of the various types of packets that the 128T router has transmitted (or failed to transmit, as the case may be). The table below enumerates that various statistics that are accumulated and a brief description for each.

SubcommandDescription
interface-failureIncremented for each packet that fails to be transmitted via an egress interface for an unspecified reason.
interface-retryIncremented each time a packet transmission is retried.
interface-standby-dropIncremented for each packet that is dropped because the interface it would use is the standby interface within a redundant pair of interfaces.
interface-successIncremented for each packet that successfully egresses the router.
admin@test1.Fabric128# show stats packet-processing sent summary
Wed 2016-11-02 10:44:22 EDT
Retrieving statistics...
sent
----
============================= ======= ============
Metric Node Value
============================= ======= ============
interface-failure test1 0
interface-retry test1 0
interface-standby-drop test1 0
interface-success test1 1851260123
interface-unconfigured-drop test1 0
Completed in 0.15 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced
3.2.0Added interface-retry statistics

show stats process

Syntax

show stats process [{ cpu | memory }] [pid <value>[,<value>...] ] [process-name <name>[,<name>] ]

Description

The show stats process command shows memory and CPU consumption for various processes on the routers and nodes in your deployment. You can specify which process (via its ID, or PID) if this is known, or by a process's name (if known).

admin@cnd1.conductor# show stats process
Thu 2018-02-08 10:47:02 EST
Retrieving statistics...
Process Stats
-------------
============= =========== ====== ======= ================= =========
Metric Router Node Pid Process-name Value
============= =========== ====== ======= ================= =========
cpu usage conductor cnd1 15165 java 1
cnd1 15197 ssh 1
cnd1 15211 sshd 1
cnd1 15262 java 5
cnd1 15264 systemServicesC 2
cnd1 15276 stateMonitor 1
cnd1 15281 nodeMonitor 7
cnd1 16630 atop 5
memory rss conductor cnd1 11072 salt-master 57380
cnd1 11908 salt-master 57384
cnd1 15165 java 106608
cnd1 15167 persistentDataM 88488
cnd1 15262 java 1049432
cnd1 15283 node 86476
cnd1 15624 _event_publishe 80396
cnd1 15801 salt-master 59452
...

These are used for memory or CPU consumption issues and are unusual events that will generally be requested by 128 Technology's support organization for triage purposes.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.2.0This feature was introduced

show stats redis-server-manager

Syntax

show stats redis-server-manager [{ redis-server-inactives | redis-server-network-flaps | redis-session-expirations }] [node <node>] [<verbosity>]

Description

The show stats redis-server-manager displays information around the database used by the 128T routing software to hold state information for its high availability processing. The redis-server-inactives metric is the number of events where a node could not connect to the database; the redis-server-network-flaps counts the number of network events that caused connectivity problems to the database, and the redis-session-expiration counts the number of connections that were torn down due to detection of a stale connection.

admin@labsystem1.fiedler# show stats redis-server-manager
Mon 2017-02-27 13:00:38 EST
Retrieving statistics...
Redis Server Manager Stats
--------------------------
============================ ============ =======
Metric Node Value
============================ ============ =======
redis-server-inactives labsystem1 0
redis-server-network-flaps labsystem1 0
redis-session-expirations labsystem1 0
Completed in 0.13 seconds

These are used for troubleshooting high availability failures and/or session loss and are unusual events that will generally be requested by 128 Technology's support organization for triage purposes.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
3.0.0This feature was introduced

show stats redundancy

Syntax

show stats redundancy [{ database-connection | port-initialization | port-list-records | session-delete | session-errors | session-reads | session-reconstruction | session-refresh | session-writes }] [node <node>] [<verbosity>]

Description

The show stats redundancy commands show statistics related to the 128T router's behavior when configured in a redundant (highly available) pair of nodes. These commands can be helpful in diagnosing the behavior of a system when an active node has relinquished control to its mated pair, and to check on the resiliency of the active sessions that have been established.

The subcommands within show stats redundancy provide more detail on each of the various counters and are discussed in the sections that follow.

These commands are typically only run at the request of 128 Technology's support team, and to diagnose specific network conditions. This information, when combined with 128T log output, will help the support team to isolate network anomalies.

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats redundancy database-connection

Syntax

show stats redundancy database-connection [{ active-connections | client-disconnect | connect | error-disconnect | errors | failed-connect }] [node <node>] [<verbosity>]

Description

The show stats redundancy database-connection set of commands list the statistics related to the 128T router's internal database used to track and replicate data between two nodes in a mated pair of Controls/Combos.

These commands are typically only run at the request of 128 Technology's support team, and to diagnose specific network conditions. This information, when combined with 128T log output, will help the support team to isolate network anomalies.

The various subcommands within show stats redundancy database-connection are described in the table that follows:

SubcommandDescription
active-connectionsThis tracks the number of active connections to the redundancy database.
client-disconnectThis indicates the number of instances of a client successfully disconnecting from the redundancy database.
connectThis tracks the number of instances when a client connects to the database.
error-disconnectThis tracks the number of instances when a client has been disconnected from the redundancy database due to an internal error.
errorsThis tracks the total number of errors (during client connection and disconnection) by the database.
failed-connectThis counts the number of failed connection attempts by a client to the redundancy database.
admin@labsystem1.fiedler# show stats redundancy database-connection
Tue 2016-11-15 15:17:03 EST
Retrieving statistics...
Client Connection stats
-----------------------
==================== =================== =======
Metric Node Value
==================== =================== =======
active-connections labsystem1 2
client-disconnect labsystem1 0
connect labsystem1 2
error-disconnect labsystem1 0
errors labsystem1 0
failed-connect labsystem1 0
Completed in 0.12 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats redundancy port-initialization

Syntax

show stats redundancy port-initialization [{ marker-query-pending | marker-record-found | marker-record-not-found | marker-record-read-error | marker-record-write | pending-queries }] [node <node>] [<verbosity>]

Description

The show stats redundancy port-initialization tables show statistics related to allocation of "port blocks" from the redundancy database. Various functions on the 128T router require allocation of specific IP:port tuples (e.g., source NAT and waypoint flows) choose ports to uniquely identify sessions as they traverse the node(s). These ports must be preserved during failover, and a newly active system must not inadvertently choose a port selected by a system that had relinquished the active role (i.e., cause what is called a "collision"). The behaviors of the mechanism for ensuring port continuity and uniqueness is reflected in this table.

These commands are typically only run at the request of 128 Technology's support team, and to diagnose specific network conditions. This information, when combined with 128T log output, will help the support team to isolate network anomalies.

SubcommandDescription
marker-query-pendingAt boot or after one of its interfaces has become active, a 128T router will issue a "marker query" to the redundancy database for each interface. This meter reflects the number of outstanding queries that have not yet received a reply. This value should typically be zero (0).
marker-record-foundThis increments when a request for a marker record results in a match. (Generally at failover or restart.)
marker-record-not-foundThis increments when a request for a marker record finds no match. (Generally at cold boot.)
marker-record-read-errorThis value increments when a system cannot read the marker record from the database. This is
marker-record-writeThis indicates the number of marker records tht a 128T router sets in the redundancy database after querying for an existing marker record and not finding one. This typically happens only during initial boot or when a system needs to grow the port range it has in use.
pending-queriesThis meter will increment during boot, and is generally caused by the timing of the various 128T routing processes starting up (i.e., the database queries are attempted before the database is finished initialization or the communication to it is not yet available). During normal operation this should be zero (0).
admin@labsystem1.fiedler# show stats redundancy port-initialization
Tue 2016-11-15 15:17:37 EST
Retrieving statistics...
Port Redundancy Stats
---------------------
========================== ============== =======
Metric Node Value
========================== ============== =======
marker-query-pending labsystem1 0
​ labsystem2 0
marker-record-found labsystem1 7
​ labsystem2 0
marker-record-not-found labsystem1 1
​ labsystem2 8
marker-record-read-error labsystem1 0
​ labsystem2 0
marker-record-write labsystem1 442
​ labsystem2 18
pending-queries labsystem1 0
​ labsystem2 0
Completed in 0.07 seconds

Privileges Required

Available to admin and user.

Version History

ReleaseModification
2.0.0This feature was introduced

show stats redundancy port-list-records

Syntax

show stats redundancy port-list-records [{ list-record-pop-errors | list-record-pop-failures | list-record-pop-pending | list-record-pop-success | list-record-push }] [node <node>] [<verbosity>]

Description

The show stats redundancy port-list tables show statistics related to allocation of "blocks" of ports for 128T applications that require unique ports per use – things such as source NAT and waypoint-to-waypoint communication.

The 128T router will request a block of free ports using a "pop" operation from the redundancy database, use those until they're (mostly) consumed, until it requests another. Meanwhile as it frees ports from previous allocations as sessions are torn down or expire, it aggregates a block of these ports and will "push" it back onto the database for later use. (This manifests as a least recently used, or LRU, algorithm, where ports that are freed wind up at the back of the line for subsequent reuse.)

These commands are typically only run at the request of 128 Technology's support team, and to diagnose specific network conditions. This information, when combined with 128T log output, will help the support team to isolate network anomalies.

SubcommandDescription
list-record-pop-errorsThis indicates the number of errors that occurred when attempting to retrieve a block of free ports from the redundancy database because the database was unreachable.
list-record-pop-failuresThis indicates the number of failures when attempting to retrieve a block of free ports from the redundancy database because no free blocks were available.
list-record-pop-pendingThis indicates the number pending requests that have neither succeeded nor failed, but are still being processed.
list-record-pop-successThis counts the number of blocks of free ports that have been successfully requested from the database.
list-record-pushThis indicates the number of free ports returned to circulation.
admin@labsystem1.fiedler# show stats redundancy port-list-records
Tue 2016-11-15 15:18:25 EST
Retrieving statistics...
Port Redundancy Stats
---------------------
========================== ============== =======
Metric Node Value
========================== ============== =======
list-record-pop-errors labsystem1 0
​ labsystem2 0
list-record-pop-failures labsystem1 0
​ labsystem2 0
list-record-pop-pending labsystem1 0
​ labsystem2 0
list-record-pop-success labsystem1 225
​ labsystem2 6
list-record-push labsystem1 598
​ labsystem2 396
Completed in 0.17 seconds

Privileges Required