Using the CLI

Boldface

Bold text represents commands and keywords that you enter literally as shown.

Italic

Italic text represents arguments that you replace with actual values.

[ ]

Square brackets enclose syntax choices (keywords or arguments) that are optional.

{ x | y | ... }

Braces enclose a set of required syntax choices separated by vertical bars, from which you select one.

[ x | y | ... ]

Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none.

{ x | y | ... } *

Asterisk marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one.

[ x | y | ... ] *

Asterisk marked square brackets enclose optional syntax choices separated by vertical bars, from which you select one choice, multiple choices, or none.

&<1-n>

The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times.

#

A line that starts with a pound (#) sign is comments.

Enter system view from user view.

system-view

Available in user view

Return to the parent view from the current view.

quit

Available in any view.

Return to user view.

return

Available in any view except user view

Common keys

If the edit buffer is not full, pressing a common key inserts the character at the position of the cursor and moves the cursor to the right.

Backspace

Deletes the character to the left of the cursor and moves the cursor back one character.

Left arrow key or Ctrl+B

The cursor moves one character space to the left.

Right arrow key or Ctrl+F

The cursor moves one character space to the right.

Tab

If you press Tab after entering part of a keyword, the system automatically completes the keyword:

·       If finding a unique match, the system substitutes the complete keyword for the incomplete one and displays it in the next line.

·       If there is more than one match, you can press Tab repeatedly to display in cycles all the keywords starting with the character string that you typed.

·       If there is no match, the system does not modify the incomplete keyword and displays it again in the next line.

1.     Enter system view.

system-view

N/A

2.     Enable the command keyword alias function.

command-alias enable

By default, the command keyword alias function is disabled.

3.     Configure a command keyword alias.

command-alias mapping cmdkey alias

Not configured by default.

1.     Enter system view.

system-view

N/A

2.     Configure CLI hotkeys.

hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U } command

Optional.

The Ctrl+G, Ctrl+L and Ctrl+O hotkeys are specified at the CLI by default.

3.     Display hotkeys.

display hotkey [ | { begin | exclude | include } regular-expression ]

Available in any view. See Table 3 for hotkeys reserved by the system.

Ctrl+A

Moves the cursor to the beginning of the current line.

Ctrl+B

Moves the cursor one character to the left.

Ctrl+C

Stops performing a command.

Ctrl+D

Deletes the character at the current cursor position.

Ctrl+E

Moves the cursor to the end of the current line.

Ctrl+F

Moves the cursor one character to the right.

Ctrl+H

Deletes the character to the left of the cursor.

Ctrl+K

Terminates an outgoing connection.

Ctrl+N

Displays the next command in the history command buffer.

Ctrl+P

Displays the previous command in the history command buffer.

Ctrl+R

Redisplays the current line information.

Ctrl+V

Pastes the content in the clipboard.

Ctrl+W

Deletes all the characters in a continuous string to the left of the cursor.

Ctrl+X

Deletes all the characters to the left of the cursor.

Ctrl+Y

Deletes all the characters to the right of the cursor.

Ctrl+Z

Exits to user view.

Ctrl+]

Terminates an incoming connection or a redirect connection.

Esc+B

Moves the cursor to the leading character of the continuous string to the left.

Esc+D

Deletes all the characters of the continuous string at the current cursor position and to the right of the cursor.

Esc+F

Moves the cursor to the front of the next continuous string to the right.

Esc+N

Moves the cursor down by one line (available before you press Enter)

Esc+P

Moves the cursor up by one line (available before you press Enter)

Esc+<

Specifies the cursor as the beginning of the clipboard.

Esc+>

Specifies the cursor as the ending of the clipboard.

1.     Enter system view.

system-view

N/A

2.     Enable redisplaying of entered but not submitted commands.

info-center synchronous

Disabled by default.

% Unrecognized command found at '^' position.

The command was not found.

% Incomplete command found at '^' position.

Incomplete command

% Ambiguous command found at '^' position.

Ambiguous command

Too many parameters

Too many parameters

% Wrong parameter found at '^' position.

Wrong parameters

Display history commands.

display history-command [ | { begin | exclude | include } regular-expression ]

Display the previous history command.

Up arrow key or Ctrl+P

Display the next history command.

Down arrow key or Ctrl+N

1.     Enter system view.

system-view

N/A

2.     Enter user interface view.

user-interface { first-num1 [ last-num1 ] | { aux | console | tty | vty } first-num2 [ last-num2 ] }

N/A

3.     Set the maximum number of commands that can be saved in the history buffer.

history-command max-size size-value

Optional.

By default, the history buffer can save up to 10 commands.

Space

Displays the next screen.

Enter

Displays the next line.

Ctrl+C

Stops the displaying and aborts the command execution.

<PageUp>

Displays the previous page.

<PageDown>

Displays the next page.

Disable pausing between screens of output for the current session.

screen-length disable

By default, a login user uses the settings of the screen-length command. The default settings of the screen-length command are: pausing between screens of output is enabled and up to 24 lines are displayed on the next screen.

This command is executed in user view, and takes effect for the current session only. When you relogs into the switch, the default configuration is restored.

^string

Starting sign. string appears only at the beginning of a line.

For example, regular expression “^user” only matches a string beginning with “user”, not “Auser”.

string$

Ending sign. string appears only at the end of a line.

For example, regular expression "user$” only matches a string ending with “user”, not “userA”.

.

Matches any single character, such as a single character, a special character, and a blank.

For example, “s” matches both “as” and “bs”.

*

Matches the preceding character or character group zero or multiple times.

For example, “zo*” matches “z” and “zoo”; “(zo)*” matches “zo” and “zozo”.

+

Matches the preceding character or character group one or multiple times

 For example, “zo+” matches “zo” and “zoo”, but not “z”.

|

Matches the preceding or succeeding character string

For example, “def|int” only matches a character string containing “def” or “int”.

_

If it is at the beginning or the end of a regular expression, it equals ^ or $. In other cases, it equals comma, space, round bracket, or curly bracket.

For example, “a_b” matches “a b” or “a(b”; “_ab” only matches a line starting with “ab”; “ab_” only matches a line ending with “ab”.

-

It connects two values (the smaller one before it and the bigger one after it) to indicate a range together with [ ].

For example, “1-9” means 1 to 9 (inclusive); “a-h” means a to h (inclusive).

[ ]

Matches a single character contained within the brackets.

For example, [16A] matches a string containing any character among 1, 6, and A; [1-36A] matches a string containing any character among 1, 2, 3, 6, and A (- is a hyphen).

“]” can be matched as a common character only when it is put at the beginning of characters within the brackets, for example [ ]string]. There is no such limit on “[”.

( )

A character group. It is usually used with “+” or “*”.

For example, (123A) means a character group “123A”; “408(12)+” matches 40812 or 408121212. But it does not match 408.

\index

Repeats the character string specified by the index. A character string refers to the string within () before \. index refers to the sequence number (starting from 1 from left to right) of the character group before \. If only one character group appears before \, index can only be 1; if n character groups appear before index, index can be any integer from 1 to n.

For example, (string)\1 repeats string, and a matching string must contain stringstring. (string1)(string2)\2 repeats string2, and a matching string must contain string1string2string2. (string1)(string2)\1\2 repeats string1 and string2 respectively, and a matching string must contain string1string2string1string2.

[^]

Matches a single character not contained within the brackets.

For example, [^16A] means to match a string containing any character except 1, 6 or A, and the matching string can also contain 1, 6 or A, but cannot contain these three characters only. For example, [^16A] matches “abc” and “m16”, but not 1, 16, or 16A.

\<string

Matches a character string starting with string.

For example, “\<do” matches word “domain” and string “doa”.

string\>

Matches a character string ending with string.

For example, “do\>” matches word “undo” and string “abcdo”.

\bcharacter2

Matches character1character2. character1 can be any character except number, letter or underline, and \b equals [^A-Za-z0-9_].

For example, “\ba” matches “-a” with “-“ being character1, and “a” being character2, but it does not match “2a” or “ba”.

\Bcharacter

Matches a string containing character, and no space is allowed before character.

For example, “\Bt” matches “t” in “install”, but not “t” in “big top”.

character1\w

Matches character1character2. character2 must be a number, letter, or underline, and \w equals [^A-Za-z0-9_].

For example, “v\w” matches “vlan”, with “v” being character1, and “l” being character2. v\w also matches “service”, with “i” being character2.

\W

Equals \b.

For example, “\Wa” matches “-a”, with “-” being character1, and “a” being character2, but does not match “2a” or “ba”.

\

Escape character. If a special character listed in this table follows \, the specific meaning of the character is removed.

For example, “\\” matches a string containing “\”, “\^” matches a string containing “^”, and “\\b” matches a string containing “\b”.

0

Visit

Involves commands for network diagnosis and commands for accessing an external device. Configuration of commands at this level cannot survive a device restart. Upon device restart, the commands at this level will be restored to the default settings.

Commands at this level include ping, tracert, telnet and ssh2.

1

Monitor

Involves commands for system maintenance and service fault diagnosis. Commands at this level are not saved after being configured. After the switch is restarted, the commands at this level will be restored to the default settings.

Commands at this level include debugging, terminal, refresh, and send.

2

System

Provides service configuration commands, including routing configuration commands and commands for configuring services at different network levels.

By default, commands at this level include all configuration commands except for those at manage level.

3

Manage

Involves commands that influence the basic operation of the system and commands for configuring system support modules.

By default, commands at this level involve the configuration commands of file system, FTP, TFTP, Xmodem download, user management, level setting, and parameter settings within a system (which are not defined by any protocols or  RFCs).

1.     Enter system view.

system-view

N/A

2.     Enter user interface view.

user-interface { first-num1 [ last-num1 ] | { aux | console | vty } first-num2 [ last-num2 ] }

N/A

3.     Specify the scheme authentication mode.

authentication-mode scheme

By default, the authentication mode for VTY and AUX users is password, and no authentication is needed for console and TTY login users.

4.     Return to system view.

quit

N/A

5.     Configure the authentication mode for SSH users as password.

For more information, see Security Configuration Guide.

Required if users use SSH to log in, and username and password are needed at authentication.

6.     Configure the user privilege level by using AAA authentication parameters.

·       To use local authentication:

a.   Use the local-user command to create a local user and enter local user view.

b.   Use the level keyword in the authorization-attribute command to configure the user privilege level.

·       To use remote authentication (RADIUS, HWTACACS, or LDAP):
Configure the user privilege level on the authentication server

User either approach.

For local authentication, if you do not configure the user privilege level, the user privilege level is 0.

For remote authentication, if you do not configure the user privilege level, the user privilege level depends on the default configuration of the authentication server.

1.     Configure the authentication type for SSH users as publickey.

For more information, see Security Configuration Guide.

Required if the SSH login mode is adopted, and only username is needed during authentication.

After the configuration, the authentication mode of the corresponding user interface must be set to scheme.

2.     Enter system view.

system-view

N/A

3.     Enter user interface view.

user-interface { first-num1 [ last-num1 ] | vty first-num2 [ last-num2 ] }

N/A

4.     Configure the authentication mode for any user that uses the current user interface to log in to the switch.

authentication-mode scheme

By default, the authentication mode for VTY and AUX users is password, and no authentication is needed for console and TTY users.

5.     Configure the privilege level for users that log in through the current user interface.

user privilege level level

Optional.

By default, the user privilege level for users logged in through the console user interface is 3, and that for users logged in through the other user interfaces is 0.

1.     Enter system view.

system-view

N/A

2.     Enter user interface view.

user-interface { first-num1 [ last-num1 ] | { aux | console | tty | vty } first-num2 [ last-num2 ] }

N/A

3.     Configure the authentication mode for any user that uses the current user interface to log in to the switch.

authentication-mode { none | password }

Optional.

By default, the authentication mode for VTY and AUX user interfaces is password, and no authentication is needed for console and TTY login users.

4.     Configure the privilege level of users logged in through the current user interface.

user privilege level level

Optional.

By default, the user privilege level for users logged in through the console user interface is 3, and that for users logged in through the other user interfaces is 0.

local

Local password authentication

The switch authenticates a user by using the privilege level switching password input by the user.

When this mode is applied, you need to set the password for privilege level switching with the super password command.

scheme

Remote AAA authentication through HWTACACS or RADIUS

The switch sends the username and password for privilege level switching to the HWTACACS or RADIUS server for remote authentication.

When this mode is applied, you need to perform the following configurations:

·       Configure HWTACACS or RADIUS scheme and reference the created scheme in the ISP domain. For more information, see Security Configuration Guide.

·       Create the corresponding user and configure password on the HWTACACS or RADIUS server.

local scheme

Performs the local password authentication first and then the remote AAA authentication

The switch authenticates a user by using the local password first, and if no password for privilege level switching is set, for the user logged in from the console port, the privilege level is switched directly; for the user logged in from any of the AUX, TTY, or VTY user interfaces, the AAA authentication is performed.

scheme local

Performs remote AAA authentication first and then the local password authentication

AAA authentication is performed first, and if the remote HWTACACS or RADIUS server does not respond or AAA configuration on the switch is invalid, the local password authentication is performed.

1.     Enter system view.

system-view

N/A

2.     Set the authentication mode for user privilege level switching.

super authentication-mode { local | scheme } *

Optional.

local by default.

3.     Configure the password for user privilege level switching.

super password [ level user-level ] { simple | cipher } password

Required if the authentication mode is set to local (specify the local keyword when setting the authentication mode)

By default, no privilege level switching password is configured.

Switch the user privilege level.

super [ level ]

When logging in to the switch, a user has a user privilege level, which depends on user interface or authentication user level.

Available in user view.

none/password

local

Local user privilege level switching password (configured on the switch).

N/A

local scheme

Local user privilege level switching password.

Username and password for privilege level switching (configured on the AAA server).

scheme

Username and password for privilege level switching.

N/A

scheme local

Username and password for privilege level switching.

Local user privilege level switching password.

scheme

local

Local user privilege level switching password.

N/A

local scheme

Local user privilege level switching password.

Password for privilege level switching (configured on the AAA server). The system uses the username used for logging in as the privilege level switching username.

scheme

Password for privilege level switching (configured on the AAA server). The system uses the username used for logging in as the privilege level switching username.

N/A

scheme local

Password for privilege level switching (configured on the AAA server). The system uses the username used for logging in as the privilege level switching username.

Local user privilege level switching password.

1.     Enter system view.

system-view

N/A

2.     Configure the command level in a specified view.

command-privilege level level view view command

See Table 7 for the default settings.

Display defined command aliases and the corresponding commands.

display command-alias [ | { begin | exclude | include } regular-expression ]

Available in any view

Display the clipboard information.

display clipboard [ | { begin | exclude | include } regular-expression ]

Available in any view