- Table of Contents
- Related Documents
-
Title | Size | Download |
---|---|---|
01-Text | 1.24 MB |
Contents
display | { begin | exclude | include }
File system management commands
Configuration file management commands
display current-configuration diff
bootrom-update security-check enable
display cpu-usage configuration
display diagnostic-information
MDC commands for the default MDC
MDC commands for non-default MDCs
license activation-file install
license activation-file uninstall
display provision failed-config
Basic CLI commands
alias
Use alias to configure a command alias.
Use undo alias to remove a command alias.
Syntax
Default
The system defines a set of command aliases, as listed in Table 1.
Table 1 System-defined command aliases
Alias |
Command string |
access-list |
acl |
end |
return |
erase |
delete |
exit |
quit |
hostname |
sysname |
logging |
info-center |
no |
undo |
show |
display |
write |
save |
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
alias: Specifies an alias, a case-sensitive string of 1 to 20 characters. An alias cannot be alias or contain spaces.
command: Specifies a command string. Make sure the command string meets the syntax requirements.
Usage guidelines
For example, if you configure the alias siprt for display ip routing-table, you can enter siprt to execute the display ip routing-table command. If you configure the alias ship for display ip, you can use ship to execute all commands starting with display ip:
· Enter ship routing-table to execute the display ip routing-table command.
· Enter ship interface to execute the display ip interface command.
The command string can include up to nine parameters. Each parameter starts with the dollar sign ($) and a sequence number in the range of 1 to 9. For example, you can configure the alias shinc for the display ip $1 | include $2 command. Then, to execute the display ip interface | include GigabitEthernet0/0/1 command, you only need to enter shinc interface GigabitEthernet0/0/1.
Examples
# Configure the alias shiprt for the display ip routing-table command and verify the configuration.
<Sysname> system-view
[Sysname] alias shiprt display ip routing-table
[Sysname] shiprt
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost NextHop Interface
0.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
3.3.3.3/32 Static 60 0 192.168.1.62 GE0/0
127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0
127.0.0.0/32 Direct 0 0 127.0.0.1 InLoop0
127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0
127.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
169.254.0.0/24 Direct 0 0 169.254.0.188 GE0/0
169.254.0.0/32 Direct 0 0 169.254.0.188 GE0/0
169.254.0.188/32 Direct 0 0 127.0.0.1 InLoop0
169.254.0.255/32 Direct 0 0 169.254.0.188 GE0/0
192.168.57.0/24 RIP 100 1 192.168.1.62 GE0/0
224.0.0.0/4 Direct 0 0 0.0.0.0 NULL0
224.0.0.0/24 Direct 0 0 0.0.0.0 NULL0
255.255.255.255/32 Direct 0 0 127.0.0.1 InLoop0
# Configure the alias shinc for display ip $1 | include $2.
[Sysname] alias shinc display ip $1 | include $2
# Use the alias shinc to display all static routes.
[Sysname] shinc routing-table Static
3.3.3.3/32 Static 60 0 192.168.1.62 GE0/0
# Use the alias shinc to display all RIP routes.
[Sysname] shinc routing-table RIP
192.168.57.0/24 RIP 100 1 192.168.1.62 GE0/0
Related commands
display alias
display | { begin | exclude | include }
Use display | { begin | exclude | include } to filter the output from a display command with a regular expression.
Syntax
display command | { begin | exclude | include } regular-expression
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
command: Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ?.
begin: Displays the first line matching the specified regular expression and all subsequent lines.
exclude: Displays all lines not matching the specified regular expression.
include: Displays all lines matching the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
Use the | { begin | exclude | include } regular-expression option with a display command to filter the command output. For more information about regular expressions, see Fundamentals Configuration Guide.
Examples
# Display the lines that contain "vlan" in the running configuration.
<Sysname> display current-configuration | include vlan
vlan 1
vlan 999
port access vlan 999
display | by-linenum
Use display | by-linenum to number each output line for a display command.
Syntax
display command | by-linenum
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
command: Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ?.
Usage guidelines
By numbering each output line from a display command, you can easily identify the lines of interest.
Each line number is displayed as a 5-character string and might be followed by a colon (:) or hyphen (-). If you specify the | by-linenum option and the | begin regular-expression option for a display command, a hyphen is displayed for all lines that do not match the regular expression.
Examples
# Display VLAN 999 settings, with each output line identified by a number.
<Sysname> display vlan 999 | by-linenum
1: VLAN ID: 999
2: VLAN type: Static
3: Route interface: Configured
4: IP address: 192.168.2.1
5: Subnet mask: 255.255.255.0
6: Description: For LAN Access
7: Name: VLAN 0999
8: Tagged ports: None
9: Untagged ports:
10: FortyGigE1/0/1
# Display the first line that begins with "user-group" in the running configuration and all of the following lines.
<Sysname> display current-configuration | by-linenum begin user-group
114: user-group system
115- #
116- return
display >
Use display > to save the output from a display command to a separate file.
Syntax
display command > filename
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
command: Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ?.
filename: Specifies the name of the file that is used to save the output, a string of 1 to 63 characters.
Usage guidelines
The display commands show the configuration, statistics, and states of the device. You can use the display > command to save the output to a file.
If the specified file does not exist, the system creates the file and saves the output to the file. If the file already exists, the system overwrites the file.
Examples
# Save VLAN 1 settings to a separate file named vlan.txt.
<Sysname> display vlan 1 > vlan.txt
# Verify the content of the vlan.txt file.
<Sysname> more vlan.txt
VLAN ID: 1
VLAN type: Static
Route interface: Not configured
Description: VLAN 0001
Name: VLAN 0001
Tagged ports: None
Untagged ports:
FortyGigE1/0/2
display >>
Use display >> to append the output from a display command to the end of a file.
Syntax
display command >> filename
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
command: Specifies the keywords and arguments of a display command. To display available keywords and arguments, enter display ?.
filename: Specifies the name of the file that is used to save the output, a string of 1 to 63 characters.
Usage guidelines
The display commands show the configuration, statistics, and states of the device. You can use display >> to save the output to a file.
If the specified file does not exist, the system creates the file and saves the output to the file. If the file already exists, the system appends the output to the end of the file.
Examples
# Append the VLAN 999 settings to the end of the vlan.txt file.
<Sysname> display vlan 999 >> vlan.txt
# Check the content of the vlan.txt file.
<Sysname> more vlan.txt
VLAN ID: 1
VLAN type: Static
Route interface: Not configured
Description: VLAN 0001
Name: VLAN 0001
Tagged ports: None
Untagged ports:
FortyGigE1/0/2
VLAN ID: 999
VLAN type: Static
Route interface: Configured
IP address: 192.168.2.1
Subnet mask: 255.255.255.0
Description: For LAN Access
Name: VLAN 0999
Tagged ports: None
Untagged ports:
FortyGigE1/0/1
display alias
Use display alias to display command aliases.
Syntax
Views
Any view
Predefined user roles
Parameters
alias: Specifies a command alias. If you do not specify this argument, the command displays all command aliases.
Examples
# Display all command aliases.
<Sysname> display alias
Index Alias Command key
1 access-list acl
2 end return
3 erase delete
4 exit quit
5 hostname sysname
6 logging info-center
7 no undo
8 shinc display $1 | include $2
9 show display
10 sirt display ip routing-table
11 write save
# Display the command alias shinc.
<Sysname> display alias shinc
Alias Command key
shinc display $1 | include $2
Related commands
alias
display history-command
Use display history-command to display all commands that are saved in the command history buffer for the current CLI session.
Syntax
display history-command
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
The system automatically saves commands you have successfully executed to the command history buffer for the current CLI session. You can view them and execute them again.
By default, the system can save up to 10 commands in the buffer. You can use the history-command max-size command to change the buffer size.
Examples
# Display all commands saved in the command history buffer for the current CLI session.
<Sysname> display history-command
system-view
vlan 2
quit
Related commands
history-command max-size
display history-command all
Use display history-command all to display all commands saved in the command history buffer for all CLI sessions.
Syntax
display history-command all
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
The system automatically saves commands successfully executed by users to the command history buffer for all CLI sessions. Users can view them and execute them again.
Up to 1024 commands can be saved in the command history buffer. When this number is reached, the system deletes the earliest commands to make room for newly executed commands.
Examples
# Display all commands saved in the command history buffer for all CLI sessions.
<Sysname> display history-command all
Date Time Terminal Ip User
03/16/2013 20:03:33 vty0 192.168.1.26 **
Cmd:dis his all
03/16/2013 20:03:29 vty0 192.168.1.26 **
Cmd:sys
Related commands
display hotkey
Use display hotkey to display hotkey information.
Syntax
display hotkey
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display hotkey information.
<Sysname> display hotkey
----------------- Hotkeys -----------------
-Defined command hotkeys-
CTRL_G display current-configuration
CTRL_L display ip routing-table
CTRL_O undo debugging all
-Undefined command hotkeys-
CTRL_T NULL
CTRL_U NULL
-System-reserved hotkeys-
CTRL_A Move the cursor to the beginning of the line.
CTRL_B Move the cursor one character to the left.
CTRL_C Stop the current command.
CTRL_D Erase the character at the cursor.
CTRL_E Move the cursor to the end of the line.
CTRL_F Move the cursor one character to the right.
CTRL_H Erase the character to the left of the cursor.
CTRL_K Abort the connection request.
CTRL_N Display the next command in the history buffer.
CTRL_P Display the previous command in the history buffer.
CTRL_R Redisplay the current line.
CTRL_V Paste text from the clipboard.
CTRL_W Delete the word to the left of the cursor.
CTRL_X Delete all characters from the beginning of the line to the cursor.
CTRL_Y Delete all characters from the cursor to the end of the line.
CTRL_Z Return to the User View.
CTRL_] Kill incoming connection or redirect connection.
ESC_B Move the cursor back one word.
ESC_D Delete all characters from the cursor to the end of the word.
ESC_F Move the cursor forward one word.
Related commands
hotkey
hotkey
Use hotkey to assign a command to a configurable hotkey.
Use undo hotkey to restore the default.
Syntax
hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U } command
undo hotkey { CTRL_G | CTRL_L | CTRL_O | CTRL_T | CTRL_U }
Default
· Ctrl_G: display current-configuration (display the running configuration).
· Ctrl_L: display ip routing-table (display the IPv4 routing table information).
· Ctrl_O: undo debugging all (disable all debugging functions).
· Ctrl_T: No command is assigned to this hotkey.
· Ctrl_U: No command is assigned to this hotkey.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
CTRL_G: Assigns a command to Ctrl+G.
CTRL_L: Assigns a command to Ctrl+L.
CTRL_O: Assigns a command to Ctrl+O.
CTRL_T: Assigns a command to Ctrl+T.
CTRL_U: Assigns a command to Ctrl+U.
command: Specifies the command to be assigned to the hotkey.
Usage guidelines
The system defines some hotkeys and provides five configurable command hotkeys. Pressing a hotkey executes the command assigned to the hotkey.
To display system-defined and configurable hotkeys, use the display hotkey command.
Examples
# Assign the display tcp status command to the hotkey Ctrl+T.
<Sysname> system-view
[Sysname] hotkey ctrl_t display tcp status
Related commands
display hotkey
quit
Use quit to return to the upper-level view.
Syntax
quit
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Executing this command in user view disconnects you from the device.
Examples
# Return from FortyGigE 1/0/1 interface view to system view and then to user view.
[Sysname-FortyGigE1/0/1] quit
[Sysname] quit
<Sysname>
return
Use return to return to user view from any other view.
Syntax
return
Views
Any view except user view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Pressing Ctrl+Z has the same effect as the return command.
Examples
# Return to user view from FortyGigE 1/0/1 interface view.
[Sysname-FortyGigE1/0/1] return
<Sysname>
screen-length disable
Use screen-length disable to disable pausing between screens of output for the current session.
Use undo screen-length disable to enable pausing between screens of output for the current session.
Syntax
screen-length disable
undo screen-length disable
Default
The default depends on the configuration of the screen-length command in user line view.
The following are default settings for the screen-length command:
· Pausing between screens of output.
· Displaying up to 24 lines on a screen.
Views
User view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
If you disable pausing between screens of output, all output is displayed. The screen is refreshed continuously until the final screen is displayed.
This command takes effect only for the current session. When you are logged out, the default is restored.
Examples
# Disable pausing between screens of output for the current session.
<Sysname> screen-length disable
Related commands
screen-length
system-view
Use system-view to enter system view from user view.
Syntax
system-view
Views
User view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Enter system view from user view.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname]
Login management commands
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.
Some login management commands are available in both user line view and user line class view:
· A setting in user line view is applied only to the user line. A setting in user line class view is applied to all user lines of the class.
· A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view.
· A setting in user line view takes effect immediately and affects the online user. A setting in user line class view does not affect online users and takes effect only for users who log in after the configuration is completed.
Some login management commands are not supported in some user line views but can be configured in the corresponding user line class views. However, the commands do not take effect. This chapter provides only remarks about commands that are not supported in user line view.
activation-key
Use activation-key to define a shortcut key for starting a terminal session.
Use undo activation-key to restore the default.
Syntax
activation-key character
undo activation-key
Default
Pressing Enter starts a terminal session.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
character: Specifies the shortcut key. It can be a single character, a key sequence, or the ASCII code value (in the range of 0 to 127) of the character or key sequence.
Usage guidelines
This command is not supported in VTY line view or VTY line class view.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
To display the shortcut key you have defined, use the display current-configuration | include activation-key command.
Examples
# Configure character s as the shortcut key for starting a terminal session on the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] activation-key s
To verify the configuration:
1. Exit the console session.
[Sysname-line-aux0] return
<Sysname> quit
2. Log in again through the AUX line.
The following message appears:
Press ENTER to get started.
3. Press Enter.
Pressing Enter does not start a session.
4. Enter s.
A terminal session is started.
<Sysname>
authentication-mode
Use authentication-mode to set the authentication mode for a user line.
Use undo authentication-mode to restore the default.
Syntax
In non-FIPS mode:
authentication-mode { none | password | scheme }
undo authentication-mode
In FIPS mode:
authentication-mode scheme
undo authentication-mode
Default
In non-FIPS mode, the authentication mode is password for VTY lines, and none for AUX lines.
In FIPS mode, the authentication mode is scheme.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
none: Disables authentication.
password: Performs local password authentication.
scheme: Performs AAA authentication. For more information about AAA, see Security Configuration Guide.
Usage guidelines
When the authentication mode is none, any user can log in without authentication. To improve device security, use the password or scheme authentication mode.
In VTY line view, this command is associated with the protocol inbound command. If you specify a non-default value for only one of the two commands in VTY line view, the other command uses the default setting, regardless of the setting in VTY line class view.
Examples
# Enable the none authentication mode for the user line VTY 0.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] authentication-mode none
# Enable password authentication for the user line VTY 0 and set the password to 321.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] authentication-mode password
[Sysname-line-vty0] set authentication password simple 321
# Enable scheme authentication for the user line VTY 0, set the username to 123 and the password to 321, and authorize the Telnet service and network-admin user role to the user.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] authentication-mode scheme
[Sysname-line-vty0] quit
[Sysname] local-user 123
[Sysname-luser-manage-123] password simple 321
[Sysname-luser-manage-123] service-type telnet
[Sysname-luser-manage-123] authorization-attribute user-role network-admin
Related commands
set authentication password
auto-execute command
CAUTION: After configuring this command for a user line, you might be unable to access the CLI through the user line. Make sure you can access the CLI through a different user line before you configure this command and save the configuration. |
Use auto-execute command to specify the command to be automatically executed for login users.
Use undo auto-execute command to delete the configuration.
Syntax
auto-execute command command
undo auto-execute command
Default
Command auto-execution is disabled.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
command: Specifies the command to be automatically executed.
Usage guidelines
This command is not supported in AUX line view or AUX line class view.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
The device automatically executes the specified command when a user logs in through the user line, and closes the user connection after the command is executed. If the command triggers another task, the device does not close the user connection until the task is completed.
Typically, you configure the auto-execute command telnet X.X.X.X command on the device so the device redirects a Telnet user to the host at X.X.X.X. In this case, the connection to the current device is closed when the user terminates the Telnet connection to X.X.X.X.
Examples
# Configure the device to automatically Telnet to 192.168.1.41 after a user logs in through user line VTY 0.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] auto-execute command telnet 192.168.1.41
% This action will lead to configuration failure through line-vty0. Are you sure?
[Y/N]:y
[Sysname-line-vty0]
# To verify the configuration, Telnet to 192.168.1.40.
The device automatically Telnets to 192.168.1.41, and the following output is displayed:
C:\> telnet 192.168.1.40
******************************************************************************
* * Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
<Sysname>
Trying 192.168.1.41 ...
Press CTRL+K to abort
Connected to 192.168.1.41 ...
******************************************************************************
* Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
<Sysname.41>
This operation is the same as directly logging in to the device at 192.168.1.41 through Telnet. When you close the Telnet connection to 192.168.1.41, the Telnet connection to 192.168.1.40 is closed at the same time.
command accounting
Use command accounting to enable command accounting.
Use undo command accounting to restore the default.
Syntax
command accounting
undo command accounting
Default
Command accounting is disabled. The accounting server does not record executed commands.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When command accounting is enabled but command authorization is not, every executed command is recorded on the HWTACACS server.
When both command accounting and command authorization are enabled, only authorized commands that are executed are recorded on the HWTACACS server.
Invalid commands issued by users are not recorded.
If the command accounting command is configured in user line class view, command accounting is enabled on all user lines in the class, and you cannot configure the undo command accounting command in the view of a user line in the class.
Examples
# Enable command accounting for the user line VTY 0.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] command accounting
Related commands
· accounting command (Security Command Reference)
· command authorization
command authorization
Use command authorization to enable command authorization.
Use undo command authorization to restore the default.
Syntax
command authorization
undo command authorization
Default
Command authorization is disabled. Logged-in users can execute commands without authorization.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When command authorization is enabled, a command is available only if the user has the commensurate user role and is authorized to use the command by the AAA scheme.
If the command authorization command is configured in user line class view:
· Command authorization is enabled on all user lines in the class.
· You cannot configure the undo command authorization command in the view of a user line in the class.
Examples
# Enable command accounting for VTY 0 so its user can execute only authorized commands that are permitted by the user role.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] command authorization
Related commands
authorization command (Security Command Reference)
databits
Use databits to specify the number of data bits for each character.
Use undo databits to restore the default.
Syntax
databits { 5 | 6 | 7 | 8 }
undo databits
Default
Eight data bits are used for each character.
Views
User line view
Predefined user roles
network-admin
mdc-admin
Parameters
5: Uses five data bits for each character.
6: Uses six data bits for each character.
7: Uses seven data bits for each character.
8: Uses eight data bits for each character.
Usage guidelines
This command is not supported in VTY line view.
This setting must be the same as that on the configuration terminal.
Examples
# Configure AUX 0 to use five data bits for each character.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] databits 5
display line
Use display line to display user line information.
Syntax
display line [ number1 | { aux | vty } number2 ] [ summary ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
number1: Specifies the absolute number of a user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
number2: Specifies the relative number of a user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
summary: Displays summary information about user lines. If you do not specify this keyword, the detailed information is displayed.
Examples
# Display user line information.
<Sysname> display line 1
Idx Type Tx/Rx Modem Auth Int
F 1 AUX 1 9600 - N -
+ : Line is active.
F : Line is active and in async mode.
Idx : Absolute index of line.
Type : Type and relative index of line.
Auth : Login authentication mode.
Int : Physical port of the line.
A : Authentication use AAA.
N : No authentication is required.
P : Password authentication.
Table 2 Command output
Field |
Description |
Modem |
Whether the modem allows calling in or out. By default, this attribute is not configured and this field displays a hyphen (-). |
# In IRF mode, display summary information about all user lines.
<Sysname> display line summary
Line type : [AUX]
0:XUXX XXXX
Line type : [VTY]
8:UUXU UUUU UXXX XXXX
24:XXXX XXXX XXXX XXXX
40:XXXX XXXX XXXX XXXX
56:XXXX XXXX XXXX XXXX
9 lines used. (U)
63 lines not used. (X)
Table 3 Command output
Fields |
Description |
number:status |
number: Absolute number of the first user line in the user line class. status: User line status. X is for unused and U is for used. For example, if "0:XUXX XXXX" is displayed, the user line class has eight user lines. The user lines use the absolute numbers 0 through 7. User line 1 is being used, and the others are not. |
display telnet client
Use display telnet client to display the source IPv4 address or source line configured for the device to use for outgoing Telnet packets when serving as a Telnet client.
Syntax
display telnet client
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display the Telnet client configuration of the device when it serves as a Telnet client.
<Sysname> display telnet client
The source IP address is 1.1.1.1.
The output shows that the device uses the source IPv4 address 1.1.1.1 for outgoing Telnet packets when it serves as a Telnet client.
Related commands
telnet client source
display user-interface
Use display user-interface to display user line information.
Syntax
display user-interface [ number1 | { aux | vty } number2 ] [ summary ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
number1: Specifies the absolute number of a user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
number2: Specifies the relative number of a user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
summary: Displays summary information about user lines. If you do not specify this keyword, the detailed information is displayed.
Usage guidelines
This is an older command reserved for backward compatibility purposes. It has the same functionality and output as the display line command. As a best practice, use the display line command.
Examples
# Display user line information.
<Sysname> display user-interface 1
Idx Type Tx/Rx Modem Auth Int
+ 1 VTY 0 - N -
+ : Line is active.
F : Line is active and in async mode.
Idx : Absolute index of line.
Type : Type and relative index of line.
Auth : Login authentication mode.
Int : Physical port of the line.
A : Authentication use AAA.
N : No authentication is required.
P : Password authentication
Table 4 Command output
Field |
Description |
Modem |
Whether the modem allows calling in or out. By default, this attribute is not configured and this field displays a hyphen (-). |
# In IRF mode, display summary information about all user lines.
<Sysname> display user-interface summary
Line type : [AUX]
0:XUXX XXXX
Line type : [VTY]
8:UXXX XXXX XXXX XXXX
24:XXXX XXXX XXXX XXXX
40:XXXX XXXX XXXX XXXX
56:XXXX XXXX XXXX XXXX
1 lines used. (U)
71 lines not used. (X)
Table 5 Command output
Fields |
Description |
number:status |
number: Absolute number of the first user line in the user line class. status: User line status. X is for unused and U is for used. For example, if "0:XUXX XXXX" is displayed, the user line class has eight user lines. The user lines use the absolute numbers 0 through 7. User line 1 is being used, and the others are not. |
display users
Use display users to display online CLI user information.
Syntax
display users [ all ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
all: Displays all user lines supported by the device.
Examples
# Display online user information.
<Sysname> display users
Idx Line Idle Time Pid Type
10 VTY 0 00:10:49 Jun 11 11:27:32 320 TEL
+ 11 VTY 1 00:00:00 Jun 11 11:39:40 334 TEL
Following are more details.
VTY 0 :
Location: 192.168.1.12
VTY 1 :
Location: 192.168.1.26
+ : Current operation user.
F : Current operation user works in async mode.
The output shows that two users have logged in to the device: one is using user line VTY 0 and the other (yourself) is using VTY 1. Your IP address is 192.168.1.26.
Table 6 Command output
Field |
Description |
Idx |
Absolute number of the user line. |
Line |
Type and relative number of the user line. |
Idle |
Time elapsed after the user's most recent input, in the hh:mm:ss format. |
Time |
Login time of the user. |
Pid |
Process ID of the user session. |
Type |
User type, such as Telnet, SSH. |
+ |
Indicates the user line you are using. |
Location |
IP address of the user. |
escape-key
Use escape-key to set the escape key.
Use undo escape-key to disable the escape key.
Syntax
escape-key { character | default }
undo escape-key [ default ]
Default
The escape key is Ctrl+C.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
character: Specifies the shortcut key. It can be a single character, a key sequence, or the ASCII code value (in the range of 0 to 127) of the character or key sequence.
default: Restores the default escape key sequence Ctrl+C.
Usage guidelines
You can use this shortcut key to abort a command that is being executed. For example, you can press this shortcut key to abort a ping or tracert command.
Whether a command can be aborted by Ctrl+C by default depends on the software implementation of the command. For more information, see the description of the command.
As a best practice, use a key sequence as the shortcut key. If you define a single character as the shortcut key, pressing the key while a command is being executed stops the command. If no command is being executed, the result depends on the following:
· If you are managing the local device, pressing the key enters the character as a common character.
· If you Telnet to another device and manage the remote device, pressing the key does nothing.
You can execute this command multiple times, but only the most recent configuration takes effect. To view the current shortcut key definition, use the display current-configuration command.
The undo escape-key command disables the current escape key. After you execute this command, no escape key is available.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
Examples
# Define character a as the shortcut key for terminating a task.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] escape-key a
To verify the configuration:
1. Ping IP address 192.168.1.49, specifying the -c keyword to set the number of ICMP echo request packets to 20.
<Sysname> ping -c 20 192.168.1.49
PING 192.168.1.49: 56 data bytes, press a to break
Reply from 192.168.1.49: bytes=56 Sequence=1 ttl=255 time=3 ms
Reply from 192.168.1.49: bytes=56 Sequence=2 ttl=255 time=3 ms
2. Press a.
The task is terminated, and the system returns to user view.
--- 192.168.1.49 ping statistics ---
2 packet(s) transmitted
2 packet(s) received
0.00% packet loss
round-trip min/avg/max = 3/3/3 ms
<Sysname>
flow-control
Use flow-control to configure the flow control mode.
Use undo flow-control to restore the default.
Syntax
flow-control { hardware | none | software }
undo flow-control
Default
The flow control mode is none.
Views
User line view
Predefined user roles
network-admin
mdc-admin
Parameters
hardware: Performs hardware flow control.
none: Disables flow control.
software: Performs software flow control.
Usage guidelines
This command is not supported in VTY line view.
The device supports flow control in both the inbound and outbound directions:
· For flow control in the inbound direction, the local device listens to flow control information from the remote device.
· For flow control in the outbound direction, the local device sends flow control information to the remote device.
The flow control setting takes effect in both directions.
To communicate, two devices must be configured with the same flow control mode.
Examples
# Configure software flow control in the inbound and outbound directions for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] flow-control software
free line
Use free line to release a user line.
Syntax
free line { number1 | { aux | vty } number2 }
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
number1: Specifies the absolute number of a user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
number2: Specifies the relative number of a user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
Usage guidelines
This command does not release the line you are using.
Examples
# Release the user line VTY 1:
1. Display online users.
<Sysname> display users
Idx Line Idle Time Pid Type
10 VTY 0 00:10:49 Jun 11 11:27:32 320 TEL
+ 11 VTY 1 00:00:00 Jun 11 11:39:40 334 TEL
Following are more details.
VTY 0 :
Location: 192.168.1.12
VTY 1 :
Location: 192.168.1.26
+ : Current operation user.
F : Current operation user works in async mode.
2. If the operations of the user on VTY 1 impact your operations, log out the user.
<Sysname> free line vty 1
Are you sure to free line vty1? [Y/N]:y
[OK]
free user-interface
Use free user-interface to release a user line.
Syntax
free user-interface { number1 | { aux | vty } number2 }
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
number1: Specifies the absolute number of a user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
number2: Specifies the relative number of a user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
Usage guidelines
This command does not release the line you are using.
This is an older command reserved for backward compatibility purposes. It has the same functionality and output as the free line command. As a best practice, use the free line command.
Examples
# Release the user line VTY 1:
1. Display online users.
<Sysname> display users
Idx LINE Idle Time Pid Type
10 VTY 0 00:10:49 Jun 11 11:27:32 320 TEL
+ 11 VTY 1 00:00:00 Jun 11 11:39:40 334 TEL
Following are more details.
VTY 0 :
Location: 192.168.1.12
VTY 1 :
Location: 192.168.1.26
+ : Current operation user.
F : Current operation user works in async mode.
2. If the operations of the user on VTY 1 impact your operations, log out the user.
<Sysname> free user-interface vty 1
Are you sure to free line vty1? [Y/N]:y
[OK]
history-command max-size
Use history-command max-size to set the size of the command history buffer for a user line.
Use undo history-command max-size to restore the default.
Syntax
history-command max-size size-value
undo history-command max-size
Default
The buffer of a user line saves up to 10 history commands.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
size-value: Specifies the maximum number of history commands the buffer can store, in the range of 0 to 256.
Usage guidelines
Each user line uses a separate command history buffer to save commands successfully executed by its user. The size of the buffer determines how many history commands the buffer can store.
To view stored history commands on your user line, press the up arrow key or down arrow key or execute the display history-command command.
Terminating a CLI session clears the commands in the history buffer.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
Examples
# Set the size of the command history buffer to 20 for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] history-command max-size 20
idle-timeout
Use idle-timeout to set the CLI connection idle-timeout timer.
Use undo idle-timeout to restore the default.
Syntax
idle-timeout minutes [ seconds ]
undo idle-timeout
Default
The CLI connection idle-timeout timer is 10 minutes.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
minutes: Specifies the number of minutes for the timer, in the range of 0 to 35791. The default is 10 minutes.
seconds: Specifies the number of seconds for the timer, in the range of 0 to 59. The default is 0 seconds.
Usage guidelines
The system automatically terminates the user connection on the user line if there is no information interaction between the device and the user within the idle-timeout interval.
Setting the CLI connection idle-timeout timer to 0 disables the idle-timeout feature.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
Examples
# Set the CLI connection idle-timeout timer to 1 minute and 30 seconds for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] idle-timeout 1 30
line
Use line to enter one or multiple user line views.
Syntax
line { first-number1 [ last-number1 ] | { aux | vty } first-number2 [ last-number2 ] }
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
first-number1: Specifies the absolute number of the first user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
last-number1: Specifies the absolute number of the last user line. This number cannot be smaller than first-number1.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
first-number2: Specifies the relative number of the first user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
last-number2: Specifies the relative number of the last user line. This number cannot be smaller than first-number2.
Usage guidelines
To configure settings for a single user line, use this command to enter the user line view.
To configure the same settings for multiple user lines, use this command to enter multiple user line views.
Examples
# Enter the view of user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0]
# Enter the views of user lines VTY 0 to VTY 4.
<Sysname> system-view
[Sysname] line vty 0 4
[Sysname-line-vty0-4]
Related commands
line class
line class
Use line class to enter user line class view.
Syntax
line class { aux | vty }
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
aux: Specifies the AUX line class view.
vty: Specifies the VTY line class view.
Usage guidelines
To configure the same settings for all user lines of a line class, use this command to enter the user line class view.
Some login management commands are available in both user line view and user line class view:
· A setting in user line view is applied only to the user line. A setting in user line class view is applied to all user lines of the class.
· A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view.
· A setting in user line view takes effect immediately and affects the online user. A setting in user line class view does not affect online users and takes effect only for users who log in after the configuration is completed.
Examples
# Set the CLI connection idle-timeout timer to 15 minutes in VTY line class view.
<Sysname> system-view
[Sysname] line class vty
[Sysname-line-class-vty] idle-timeout 15
# In AUX line class view, configure character s as the shortcut key for starting a terminal session.
<Sysname> system-view
[Sysname] line class aux
[Sysname-line-class-aux] activation-key s
[Sysname-line-class-aux] quit
# In AUX 0 line view, restore the default shortcut key for starting a terminal session.
[Sysname] line aux 0
[Sysname-line-aux0] undo activation-key
Alternatively:
[Sysname-line-aux0] activation-key 13
To verify the configuration:
1. Exit the console session.
[Sysname-line-aux0] return
<Sysname> quit
2. Log in again through the AUX line.
The following message appears:
Press ENTER to get started.
3. Press Enter.
Pressing Enter does not start a session.
4. Enter s.
A terminal session is started.
<Sysname>
Related commands
line
lock
Use lock to lock the current user line. This method prevents unauthorized users from using the user line.
Syntax
lock
Default
By default, the system does not lock any user line.
Views
User view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command is not supported in FIPS mode.
This command locks the current user line to prevent unauthorized users from using the line. You must set the password for unlocking the line as prompted. The user line is locked after you enter the password and confirm the password.
To unlock the user line, press Enter and enter the password you set.
Examples
# Lock the current user line and set the password for unlocking the line.
<Sysname> lock
Please input password<1 to 16> to lock current line:
Password:
Again:
locked !
// The user line is locked. To unlock it, press Enter and enter the password:
Password:
<Sysname>
parity
Use parity to specify a parity check mode.
Use undo parity to restore the default.
Syntax
parity { even | mark | none | odd | space }
undo parity
Default
The setting is none, and no parity check is performed.
Views
User line view
Predefined user roles
network-admin
mdc-admin
Parameters
even: Performs even parity check.
mark: Performs mark parity check.
none: Disables parity check.
odd: Performs odd parity check.
space: Performs space parity check.
Usage guidelines
This command is not supported in VTY line view.
The configuration terminal and the device must be configured with the same parity check mode to communicate.
Examples
# Configure user line AUX 0 to perform odd parity check.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] parity odd
protocol inbound
Use protocol inbound to enable a user line to support Telnet, SSH, or both protocols.
Use undo protocol inbound to restore the default.
Syntax
In non-FIPS mode:
protocol inbound { all | ssh | telnet }
undo protocol inbound
In FIPS mode:
protocol inbound ssh
undo protocol inbound
Default
In non-FIPS mode, both protocols are supported.
In FIPS mode, SSH is supported.
Views
VTY line view, VTY line class view
Predefined user roles
network-admin
mdc-admin
Parameters
all: Supports both protocols.
ssh: Supports SSH only.
telnet: Supports Telnet only.
Usage guidelines
This configuration is effective only for a user who logs in through the user line after the configuration is completed.
Before configuring a user line to support SSH, set the authentication mode to scheme for the user line. For more information, see authentication-mode.
In VTY line view, this command is associated with the authentication-mode command. If you specify a non-default value for only one of the two commands in VTY line view, the other command uses the default setting, regardless of the setting in VTY line class view.
Examples
# Enable user lines VTY 0 through VTY 4 to support only SSH.
<Sysname> system-view
[Sysname] line vty 0 4
[Sysname-line-vty0-4] authentication-mode scheme
[Sysname-line-vty0-4] protocol inbound ssh
# Enable scheme authentication for the VTY line class and enable the line class to support only SSH. Disable authentication for VTY lines 0 through 4.
<Sysname> system-view
[Sysname] line class vty
[Sysname-line-class-vty] authentication-mode scheme
[Sysname-line-class-vty] protocol inbound ssh
[Sysname-line-class-vty] line vty 0 4
[Sysname-line-vty0-4] authentication-mode none
screen-length
Use screen-length to set the maximum number of lines to be displayed on a screen.
Use undo screen-length to restore the default.
Syntax
screen-length screen-length
undo screen-length
Default
Up to 24 lines are displayed on a screen.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
screen-length: Specifies the maximum number of lines to be displayed on a screen, in the range of 0 to 512. Setting this argument to 0 disables pausing between screens of output.
Usage guidelines
This command sets the maximum number of lines that can be displayed on one screen when the screen pause feature is enabled. If the screen pause feature is disabled, the system displays command output without any pause.
The actual number of lines that can be displayed on a screen is restricted by the display specification of the configuration terminal. For example, if you set the maximum number of lines for a screen to 40 when the display specification is 24 lines, the device sends 40 lines to the screen at a time, but only the last 24 lines are displayed on the screen. To view the previous 16 lines, you must press PgUp.
The screen pause feature is enabled by default. To disable this feature, use the screen-length 0 or screen-length disable command. The screen-length disable command is available in user view.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
Examples
# Set the maximum number of lines to be displayed on a screen to 30 for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] screen-length 30
screen-length disable
send
Use send to send messages to user lines.
Syntax
send { all | number1 | { aux | vty } number2 }
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
all: Specifies all user lines.
number1: Specifies the absolute number of a user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
number2: Specifies the relative number of a user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
Usage guidelines
To end a message, press Enter. To cancel a message and return to user view, press Ctrl+C.
Examples
# Before you restart the device, send a notification to VTY 1 to inform the user.
<Sysname> send vty 1
Input message, end with Enter; abort with CTRL+C:
Your attention, please. I will reboot the system in 3 minutes.
Send message? [Y/N]:y
The message should appear on the screen of the user's configuration terminal, as shown in the following example:
[Sysname]
***
***
***Message from vty0 to vty1
***
Your attention, please. I will reboot the system in 3 minutes.
set authentication password
Use set authentication password to set a password for password authentication.
Use undo set authentication password to delete the password.
Syntax
set authentication password { hash | simple } password
undo set authentication password
Default
No password is set for password authentication.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
hash: Sets a hashed password.
simple: Sets a plaintext password.
password: Specifies the password string. This argument is case sensitive. If simple is specified, it must be a string of 1 to 16 characters. If hash is specified, it must be a string of 1 to 110 characters.
Usage guidelines
This command is not supported in FIPS mode.
For security purposes, the password is hashed before being saved, whether you specify the hash or simple keyword.
This command is available in both user line view and user line class view:
· If the setting in user line view is not the default setting, the setting in user line view takes effect.
· If the setting in user line view is the default setting but the setting in user line class view is not, the setting in user line class view takes effect.
Examples
# Set the password for password authentication on the user line AUX 0 to hello.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] authentication-mode password
[Sysname-line-aux0] set authentication password simple hello
When you log in again through user line AUX 0, you must enter the password hello to pass authentication.
Related commands
authentication-mode
shell
Use shell to enable the terminal service for a user line.
Use undo shell to disable the terminal service for a user line.
Syntax
shell
undo shell
Default
The terminal service is enabled on all user lines.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
The undo shell command is not supported in AUX line view or AUX line class view.
You cannot disable the terminal service on the user line you are using.
When the device acts as a Telnet or SSH server, you cannot configure the undo shell command.
If the undo shell command is configured in user line class view, you cannot configure the shell command in the view of a user line in the class.
Examples
# Disable the terminal service for the user line VTY 0 through VTY 4 so no user can log in to the device through the user lines.
<Sysname> system-view
[Sysname] line vty 0 4
[Sysname-line-vty0-4] undo shell
Disable line-vty0-4 , are you sure? [Y/N]:y
[Sysname-line-vty0-4]
speed
Use speed to set the transmission rate (also called the "baud rate") on a user line.
Use undo speed to restore the default.
Syntax
speed speed-value
undo speed
Default
The transmission rate is 9600 bps on a user line.
Views
User line view
Predefined user roles
network-admin
mdc-admin
Parameters
speed-value: Transmission rate in bps. The transmission rates available for asynchronous serial interfaces include: 300 bps, 600 bps, 1200 bps, 2400 bps, 4800 bps, 9600 bps, 19200 bps, 38400 bps, 57600 bps, and 115200 bps. The transmission rate varies with devices and configuration environments.
Usage guidelines
This command is not supported in VTY line view.
The configuration terminal and the device must be configured with the same transmission rate to communicate.
Examples
# Set the transmission rate to 19200 bps for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] speed 19200
stopbits
Use stopbits to specify the number of stop bits for a character.
Use undo stopbits to restore the default.
Syntax
stopbits { 1 | 1.5 | 2 }
undo stopbits
Default
One stop bit is used.
Views
User line view
Predefined user roles
network-admin
mdc-admin
Parameters
1: Uses one stop bit.
1.5: Uses one and a half stop bits. The device does not support using one and a half stop bits. If you specify this keyword, two stop bits are used.
2: Uses two stop bits.
Usage guidelines
This command is not supported in VTY line view.
The configuration terminal and the device must be configured to use the same number of stop bits to communicate.
Examples
# Set the number of stop bits to 1 for the user line AUX 0.
<Sysname> system-view
[Sysname] line aux 0
[Sysname-line-aux0] stopbits 1
telnet
Use telnet to Telnet to a host in an IPv4 network.
Syntax
telnet remote-host [ service-port ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number | ip ip-address } ] [ dscp dscp-value ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
remote-host: Specifies the IPv4 address or host name of a remote host. A host name can be a case-insensitive string of 1 to 253 characters. Valid characters for a host name include letters, digits, hyphens (-), underscores (_), and dots (.).
service-port: Specifies the TCP port number for the Telnet service on the remote host. The value range is 0 to 65535 and the default is 23.
vpn-instance vpn-instance-name: Specifies the VPN instance to which the remote host belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the remote host belongs to the public network, do not specify this option.
source: Specifies a source IPv4 address or source interface for outgoing Telnet packets.
interface interface-type interface-number: Specifies the source interface. The primary IPv4 address of the interface will be used as the source IPv4 address for outgoing Telnet packets.
ip ip-address: Specifies the source IPv4 address for outgoing Telnet packets.
dscp dscp-value: Specifies the DSCP value for IP to use in outgoing Telnet packets to indicate the packet transmission priority, in the range of 0 to 63. The default is 48.
Usage guidelines
This command is not supported in FIPS mode.
To terminate the current Telnet connection, press Ctrl+K or execute the quit command.
The source IPv4 address or source interface that is specified by this command is only applicable to the current Telnet connection.
Examples
# Telnet to host 1.1.1.2, using 1.1.1.1 as the source IP address for outgoing Telnet packets.
<Sysname> telnet 1.1.1.2 source ip 1.1.1.1
Related commands
telnet client source
telnet client source
Use telnet client source to specify a source IPv4 address or source interface for outgoing Telnet packets when the device serves as a Telnet client.
Use undo telnet client source to delete the configuration.
Syntax
telnet client source { interface interface-type interface-number | ip ip-address }
undo telnet client source
Default
No source IPv4 address or source interface is specified for outgoing Telnet packets. The source IPv4 address is the primary IPv4 address of the outbound interface.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-type interface-number: Specifies a source interface. The primary IPv4 address of the interface will be used as the source IPv4 address for outgoing Telnet packets.
ip ip-address: Specifies a source IPv4 address.
Usage guidelines
This command is not supported in FIPS mode.
The setting configured by this command applies to all Telnet connections but has a lower precedence than the source setting specified for the telnet command.
Examples
# Set the source IPv4 address for outgoing Telnet packets to 1.1.1.1 when the device serves as a Telnet client.
<Sysname> system-view
[Sysname] telnet client source ip 1.1.1.1
Related commands
display telnet client configuration
telnet server acl
Use telnet server acl to apply an ACL to filter Telnet logins.
Use undo telnet server acl to restore the default.
Syntax
telnet server acl acl-number
undo telnet server acl
Default
No ACL is used to filter Telnet logins.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl-number: Specifies an ACL by its number:
· Basic ACL—2000 to 2999.
· Advanced ACL—3000 to 3999.
· Ethernet frame header ACL—4000 to 4999.
Usage guidelines
This command is not supported in FIPS mode.
Only one ACL can be used to filter Telnet logins, and only users permitted by the ACL can Telnet to the device.
This command does not take effect on existing Telnet connections.
You can specify an ACL that has not been created yet in this command. The command takes effect after the ACL is created.
For more information about ACL, see ACL and QoS Configuration Guide.
Examples
# Permit only the user at 1.1.1.1 to Telnet to the device.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2001] quit
[Sysname] telnet server acl 2001
telnet server dscp
Use telnet server dscp to set the DSCP value for IPv4 to use for outgoing Telnet packets on a Telnet server.
Use undo telnet server dscp to restore the default.
Syntax
telnet server dscp dscp-value
undo telnet server dscp
Default
IPv4 uses the DSCP value 48 for outgoing Telnet packets on a Telnet server.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
dscp-value: Specifies a DSCP value in the range of 0 to 63.
Usage guidelines
This command is not supported in FIPS mode.
The DSCP value is carried in the ToS field of an IP packet, and it indicates the transmission priority of the packet.
Examples
# Set the DSCP value for IPv4 to use for outgoing Telnet packets to 30 on a Telnet server.
<Sysname> system-view
[Sysname] telnet server dscp 30
telnet server enable
Use telnet server enable to enable the Telnet server feature.
Use undo telnet server enable to disable the Telnet server feature.
Syntax
telnet server enable
undo telnet server enable
Default
The Telnet server feature is disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
This command is not supported in FIPS mode.
Administrators can Telnet to the device only when the Telnet server feature is enabled.
Examples
# Enable the Telnet server feature.
<Sysname> system-view
[Sysname] telnet server enable
terminal type
Use terminal type to specify the terminal display type.
Use undo terminal type to restore the default.
Syntax
terminal type { ansi | vt100 }
undo terminal type
Default
The terminal display type is ANSI.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
ansi: Specifies the terminal display type ANSI.
vt100: Specifies the terminal display type VT100.
Usage guidelines
The device supports two terminal display types: ANSI and VT100. As a best practice, set the display type to VT100 on both the device and the configuration terminal. If either side uses the ANSI type, a display problem such as cursor positioning error might occur when a command line has more than 80 characters.
Examples
# Set the terminal display type to VT100.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] terminal type vt100
user-interface
Use user-interface to enter one or multiple user line views.
Syntax
user-interface { first-number1 [ last-number1 ] | { aux | vty } first-number2 [ last-number2 ] }
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
first-number1: Specifies the absolute number of the first user line. The value range is 0 to 65 in standalone mode and 0 to 71 in IRF mode.
last-number1: Specifies the absolute number of the last user line. This number cannot be smaller than first-number1.
aux: Specifies the AUX line.
vty: Specifies the VTY line.
first-number2: Specifies the relative number of the first user line. The value ranges are as follows:
· AUX line—0 to 1 in standalone mode and 0 to 7 in IRF mode.
· VTY line—0 to 63.
last-number2: Specifies the relative number of the last user line. This number cannot be smaller than first-number2.
Usage guidelines
To configure settings for a single user line, use this command to enter the user line view.
To configure the same settings for multiple user lines, use this command to enter multiple user line views.
This command is an older version reserved for backward compatibility purposes. It has the same functionality and output as the line command. As a best practice, use the line command.
Examples
# Enter the view of user line AUX 0.
<Sysname> system-view
[Sysname] user-interface aux 0
[Sysname-line-aux0]
# Enter the views of user lines VTY 0 to VTY 4.
<Sysname> system-view
[Sysname] user-interface vty 0 4
[Sysname-line-vty0-4]
user-interface class
user-interface class
Use user-interface class to enter user line class view.
Syntax
user-interface class { aux | vty }
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
aux: Specifies the AUX line class view.
vty: Specifies the VTY line class view.
Usage guidelines
To configure the same settings for all user lines of a line class, use this command to enter the user line class view.
Some login management commands are available in both user line view and user line class view:
· A setting in user line view is applied only to the user line. A setting in user line class view is applied to all user lines of the class.
· A non-default setting in either view takes precedence over a default setting in the other view. A non-default setting in user line view takes precedence over a non-default setting in user line class view.
· A setting in user line view takes effect immediately and affects the online user. A setting in user line class view does not affect online users and takes effect only for users who log in after the configuration is completed.
This command is an older version reserved for backward compatibility purposes. It has the same functionality and output as the line class command. As a best practice, use the line class command.
Examples
# Set the CLI connection idle-timeout timer to 15 minutes in VTY line class view.
<Sysname> system-view
[Sysname] user-interface class vty
[Sysname-line-class-vty] idle-timeout 15
# In AUX line class view, configure character s as the shortcut key for starting a terminal session.
<Sysname> system-view
[Sysname] user-interface class aux
[Sysname-line-class-aux] activation-key s
[Sysname-line-class-aux] quit
# In AUX 0 line view, restore the default shortcut key for starting a terminal session.
[Sysname] user-interface aux 0
[Sysname-line-aux0] undo activation-key
Alternatively:
[Sysname-line-aux0] activation-key 13
To verify the configuration:
1. Exit the console session.
[Sysname-line-aux0] return
<Sysname> quit
2. Log in again through the AUX line.
The following message appears:
Press ENTER to get started.
3. Press Enter.
Pressing Enter does not start a session.
4. Enter s.
A terminal session is started.
<Sysname>
Related commands
user-interface
user-role
Use user-role to assign a user role to a user line so users logged in through the user line get the user role at login.
Use undo user-role to remove a user role or restore the default.
Syntax
user-role role-name
undo user-role [ role-name ]
Default
A console line user of the default MDC is assigned the user role network-admin. Users of other user lines on the default MDC are assigned the user role network-operator.
A non-default MDC user switched from the default device by using the switchto mdc command is assigned the user role mdc-admin. Other non-default MDC users are assigned the user role mdc-operator.
Views
User line view, user line class view
Predefined user roles
network-admin
mdc-admin
Parameters
role-name: Specifies a user role name, a case-sensitive string of 1 to 63 characters. The user role can be user-defined or predefined (network-admin, network-operator, mdc-admin, mdc-operator, or level-0 to level-15). If you do not specify this argument, the undo user-role command restores the default user role.
Usage guidelines
This command is not supported in FIPS mode.
You can assign up to 64 user roles to a user line. A user logged in through the user line gets all the user roles.
For more information about user roles, see "Configuring RBAC."
Examples
# Assign user role network-admin through the user line VTY 0.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] user-role network-admin
RBAC commands
description
Use description to configure a description for a user role.
Use undo description to delete the description of a user role.
Syntax
description text
undo description
Default
A user role does not have a description.
Views
User role view
Predefined user roles
network-admin
mdc-admin
Parameters
text: Specifies a user role description, a case-sensitive string of 1 to 128 characters.
Examples
# Configure the description as labVIP for the user role role1.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] description labVIP
Related commands
· display role
· role
display role
Use display role to display user role information.
Syntax
display role [ name role-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name role-name: Specifies a user role name, a case-sensitive string of 1 to 63 characters. If you do not specify a user role name, the command displays information about all user roles, including the predefined user roles.
Examples
# Display information about the user role 123.
<Sysname> display role name 123
Role: 123
Description: new role
VLAN policy: deny
Permitted VLANs: 1 to 5, 7 to 8
Interface policy: deny
Permitted interfaces: FortyGigE1/0/1 to FortyGigE1/0/3, Vlan-interface1 to Vlan-interface20
VPN instance policy: deny
Permitted VPN instances: vpn, vpn1, vpn2
-------------------------------------------------------------------
Rule Perm Type Scope Entity
-------------------------------------------------------------------
1 permit RWX feature-group abc
2 deny -W- feature ldap
3 permit command system ; radius sc *
4 permit R-- xml-element -
5 permit RW- oid 1.2.1
R:Read W:Write X:Execute
Table 7 Command output
Field |
Description |
Role |
User role name. Predefined user role names include: · network-admin. · network-operator. · mdc-admin. · mdc-operator. · level-n (where n represents an integer in the range of 0 to 15). |
Description |
User role description you have configured for easy identification. |
VLAN policy |
VLAN policy of the user role: · deny—Denies access to any VLAN except permitted VLANs. · permit (default)—Default VLAN policy, which enables the user role to access any VLAN. |
Permitted VLANs |
VLANs accessible to the user role. |
Interface policy |
Interface policy of the user role: · deny—Denies access to any interface except permitted interfaces. · permit (default)—Default interface policy, which enables the user role to access any interface. |
Permitted interfaces |
Interfaces accessible to the user role. |
VPN instance policy |
VPN instance policy of the user role: · deny—Denies access to any VPN except permitted VPNs. · permit (default)—Default VPN instance policy, which enables the user role to access any VPN instance. |
Permitted VPN instances |
VPNs accessible to the user role. |
Rule |
User role rule number. A user role rule specifies the access permission for items, including commands, feature-specific commands, XML elements, and MIB nodes. Predefined user role rules are identified by sys-n, where n represents an integer. |
Perm |
Access control criterion: · permit—User role has access to the specified items. · deny—User role does not have access to the specified items. |
Type |
Item category: · R—Read-only. · W—Write. · X—Execute. |
Scope |
Rule control scope: · command—Controls access to the command or commands, as specified in the Entity field. · feature—Controls access to the commands of the feature, as specified in the Entity field. · feature-group—Controls access to the commands of the features in the feature group, as specified in the Entity field. · xml-element—Controls access to XML elements. · oid—Controls access to MIB nodes. |
Entity |
Command string, feature name, feature group, XML element, or OID specified in the user role rule: · An en dash (–) represents any feature. · An asterisk (*) represents zero or more characters. |
Related commands
role
display role feature
Use display role feature to display features available in the system.
Syntax
display role feature [ name feature-name | verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name feature-name: Displays the commands of a feature. The feature-name argument specifies the feature name, and all letters must be in lower case.
verbose: Displays the commands of each feature.
Usage guidelines
If you specify neither name feature-name nor verbose, the display role feature command displays only the list of features available in the system.
Examples
# Display the list of feature names.
<Sysname> display role feature
Feature: device (Device configuration related commands)
Feature: interface (Interface related commands)
Feature: syslog (Syslog related commands)
Feature: process (Process related commands)
…
# Display the commands of each feature.
<Sysname> display role feature verbose
Feature: device (Device configuration related commands)
display clock (R)
debugging dev (W)
display debugging dev (R)
display device * (R)
display diagnostic-information * (R)
display environment * (R)
display fan * (R)
display alarm * (R)
display power * (R)
display system-working-mode (R)
display current-configuration * (R)
display saved-configuration * (R)
display default-configuration * (R)
display startup (R)
display this * (R)
display archive configuration (R)
display bootrom-access (R)
clock datetime * (W)
reboot * (W)
save * (W)
archive configuration (W)
backup startup-configuration to * (W)
restore startup-configuration from * (W)
reset saved-configuration * (W)
startup saved-configuration * (W)
display transceiver * (R)
bootrom * (W)
bootrom-access * (W)
system-view ; temperature-limit * (W)
system-view ; sysname * (W)
system-view ; clock timezone * (W)
system-view ; clock summer-time * (W)
system-view ; configuration replace file * (W)
system-view ; transceiver * (W)
system-view ; system-working-mode * (W)
system-view ; archive configuration * (W)
system-view ; configuration encrypt * (W)
system-view ; version check ignore (W)
system-view ; version auto-update enable (W)
system-view ; bootrom-update security-check enable (W)
system-view ; clock protocol * (W)
system-view ; password-recovery * (W)
system-view ; switch-fabric removal-signal-suppression (W)
system-view ; rtm * (W)
system-view ; rtm * ; action * (W)
system-view ; rtm * ; running-time * (W)
system-view ; rtm * ; commit (W)
system-view ; rtm * ; user-role * (W)
display rtm * (R)
system-view ; probe ; (W)
system-view ; probe ; display system internal startup cache (R)
system-view ; probe ; view * (R)
system-view ; probe ; list * (R)
system-view ; probe ; display system internal lipc * (R)
system-view ; probe ; lipc * (W)
debugging lipc * (W)
display debugging lipc (R)
system-view ; probe ; display system internal dbm * (R)
system-view ; probe ; display hardware internal transceiver * (R)
Feature: interface (Interface related commands)
reset counters interface * (W)
reset packet-drop * (W)
debugging ifmgr * (W)
display debugging ifmgr (R)
debugging system-event * (W)
display debugging system-event (R)
display interface * (R)
…
# Display the commands of the aaa feature.
<Sysname> display role feature name aaa
Feature: aaa (AAA related commands)
system-view ; domain * (W)
system-view ; header * (W)
system-view ; aaa * (W)
display domain * (R)
system-view ; user-group * (W)
system-view ; local-user * (W)
display local-user * (R)
display user-group * (R)
display debugging local-server (R)
debugging local-server * (W)
super * (X)
display password-control * (R)
reset password-control * (W)
system-view ; password-control * (W)
Table 8 Command output (display role feature name aaa)
Field |
Description |
Feature |
Displays the name and brief function description of the feature. |
system-view ; domain * |
All the commands that start with domain in system view and all the commands in ISP domain view. |
system-view ; header * |
All the commands that start with header in system view. |
system-view ; aaa * |
All the commands that start with aaa in system view. |
display domain * |
All the commands that start with display domain in user view. |
system-view ; user-group * |
All the commands that start with user-group in system view, and all the commands in user group view. |
system-view ; local-user * |
All the commands that start with local-user in system view, and all the commands in local user view. |
display user-group * |
All the commands that start with display user-group in user view. |
display debugging local-server |
All the commands that start with display debugging local-server in user view. |
debugging local-server * |
All the commands that start with debugging local-server in user view. |
super * |
All the commands that start with super in user view. |
display password-control * |
All the commands that start with display password-control in user view. |
reset password-control * |
All the commands that start with reset password-control in user view. |
system-view ; password-control * |
All the commands that start with password-control in system view. |
(W) |
Command type is Write. A write command configures the system. |
(R) |
Command type is Read. A read command displays configuration or maintenance information. |
(X) |
Command type is Execute. An execute command executes a specific function. |
Related commands
feature
display role feature-group
Use display role feature-group to display feature group information.
Syntax
display role feature-group [ name feature-group-name ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name feature-group-name: Specifies a feature group. The feature-group-name argument represents the feature group name, a case-sensitive string of 1 to 31 characters. If you do not specify a feature group, the command displays information about all feature groups.
verbose: Displays the commands of each feature in the specified feature group. If you do not specify a feature group, this keyword enables displaying the commands of each feature in every feature group. If you do not specify this keyword, the command displays only the feature lists of feature groups.
Usage guidelines
Feature groups L2 and L3 are predefined feature groups.
Examples
# Display the feature list of the feature group L3.
<Sysname> display role feature-group name L3
Feature group: L3
Feature: route (Route management related commands)
Feature: usr (Unicast static route related commands)
Feature: ospf (Open Shortest Path First protocol related commands)
Feature: rip (Routing Information Protocol related commands)
Feature: isis (ISIS protocol related commands)
Feature: bgp (Border Gateway Protocol related commands)
…
Related commands
· feature
· role feature-group
feature
Use feature to add a feature to a feature group.
Use undo feature to remove a feature from a feature group.
Syntax
feature feature-name
undo feature feature-name
Default
A user-defined feature group does not have any features.
Views
Feature group view
Predefined user roles
network-admin
mdc-admin
Parameters
feature-name: Specifies a feature name. You must enter the feature name as the feature name is displayed, including the case.
Usage guidelines
Repeat the feature command to add multiple features to a feature group.
Examples
# Add the security features AAA and ACL to the security group security-features.
<Sysname> system-view
[Sysname] role feature-group name security-features
[Sysname-featuregrp-security-features] feature aaa
[Sysname-featuregrp-security-features] feature acl
Related commands
· display role feature
· display role feature-group
· role feature-group
interface policy deny
Use interface policy deny to enter user role interface policy view.
Use undo interface policy deny to restore the default user role interface policy.
Syntax
interface policy deny
undo interface policy deny
Default
A user role has access to any interface.
Views
User role view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To restrict the interface access of a user role to a set of interfaces, perform the following tasks:
1. Use interface policy deny to enter user role interface policy view.
2. Use permit interface to specify accessible interfaces.
|
NOTE: The interface policy deny command denies the access of the user role to all interfaces if the permit interface command is not configured. |
To configure an interface, make sure the interface is permitted by the user role interface policy in use. You can perform the following tasks on an accessible interface:
· Create, remove, or configure the interface.
· Enter the interface view.
· Specify the interface in feature commands.
The create and remove operations are available only for logical interfaces.
Any change to a user role interface policy takes effect only on users who log in with the user role after the change.
Examples
# Enter user role interface policy view of role1, and deny role1 to access any interface.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] interface policy deny
[Sysname-role-role1-ifpolicy] quit
# Enter user role interface policy view of role1, and deny role1 to access any interface except FortyGigE 1/0/1 to FortyGigE 1/0/5.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] interface policy deny
[Sysname-role-role1-ifpolicy] permit interface fortygige 1/0/1 to fortygige 1/0/5
Related commands
· display role
· permit interface
· role
permit interface
Use permit interface to configure a list of interfaces accessible to a user role.
Use undo permit interface to disable the access of a user role to specific interfaces.
Syntax
permit interface interface-list
undo permit interface [ interface-list ]
Default
No permitted interfaces are configured in user role interface policy view.
Views
User role interface policy view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-list: Specifies a space-separated list of up to 10 interface items. Each interface item specifies one interface in the interface-type interface-number form or a range of interfaces in the interface-type interface-number to interface-type interface-number form. If you specify an interface range, the end interface must meet the following requirements:
· Be the same type as the start interface.
· Have a higher interface number than the start interface.
Usage guidelines
To permit a user role to access an interface after you configure the interface policy deny command, you must add the interface to the permitted interface list of the policy. With the user role, you can perform the following operations to the interfaces in the permitted interface list:
· Create, remove, or configure the interfaces.
· Enter the interface views.
· Specify the interfaces in feature commands.
The create and remove operations are available only for logical interfaces.
You can repeat the permit interface command to add permitted interfaces to a user role interface policy.
The undo permit interface command removes the entire list of permitted interfaces if you do not specify any interfaces.
Any change to a user role interface policy takes effect only on users who log in with the user role after the change.
Examples
1. Configure user role role1:
# Permit the user role to execute all commands available in interface view and VLAN view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] rule 1 permit command system-view ; interface *
[Sysname-role-role1] rule 2 permit command system-view ; vlan *
# Permit the user role to access FortyGigE 1/0/1, and FortyGigE 1/0/5 to FortyGigE 1/0/7.
[Sysname-role-role1] interface policy deny
[Sysname-role-role1-ifpolicy] permit interface fortygige 1/0/1 fortygige 1/0/5 to fortygige 1/0/7
[Sysname-role-role1-ifpolicy] quit
[Sysname-role-role1] quit
2. Verify that you cannot use the user role to work on any interfaces except FortyGigE 1/0/1 and FortyGigE 1/0/5 to FortyGigE 1/0/7:
# Verify that you can enter FortyGigE 1/0/1 interface view.
[Sysname] interface fortygige 1/0/1
[Sysname-FortyGigE1/0/1] quit
# Verify that you can assign FortyGigE 1/0/5 to VLAN 10. In this example, the user role can access any VLAN because the default VLAN policy of the user role is used.
[Sysname] vlan 10
[Sysname-vlan10] port fortygige 1/0/5
[Sysname-vlan10] quit
# Verify that you cannot enter FortyGigE 1/0/2 interface view.
[Sysname] interface fortygige 1/0/2
Permission denied.
Related commands
· display role
· interface policy deny
· role
permit vlan
Use permit vlan to configure a list of VLANs accessible to a user role.
Use undo permit vlan to remove the permission for a user role to access specific VLANs.
Syntax
permit vlan vlan-id-list
undo permit vlan [ vlan-id-list ]
Default
No permitted VLANs are configured in user role VLAN policy view.
Views
User role VLAN policy view
Predefined user roles
network-admin
mdc-admin
Parameters
vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each VLAN item specifies a VLAN by VLAN ID or specifies a range of VLANs in the form of vlan-id1 to vlan-id2. The value range for the VLAN IDs is 1 to 4094. If you specify a VLAN range, vlan-id2 must be greater than vlan-id1.
Usage guidelines
To permit a user role to access a VLAN after you configure the vlan policy deny command, you must add the VLAN to the permitted VLAN list of the policy. With the user role, you can perform the following tasks on the VLANs in the permitted VLAN list:
· Create, remove, or configure the VLANs.
· Enter the VLAN views.
· Specify the VLANs in feature commands.
You can repeat the permit vlan command to add permitted VLANs to a user role VLAN policy.
The undo permit vlan command removes the entire list of permitted VLANs if you do not specify any VLANs.
Any change to a user role VLAN policy takes effect only on users who log in with the user role after the change.
Examples
1. Configure user role role1:
# Permit the user role to execute all commands available in interface view and VLAN view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] rule 1 permit command system-view ; interface *
[Sysname-role-role1] rule 2 permit command system-view ; vlan *
# Permit the user role to access VLANs 2, 4, and 50 to 100.
[Sysname-role-role1] vlan policy deny
[Sysname-role-role1-vlanpolicy] permit vlan 2 4 50 to 100
[Sysname-role-role1-vlanpolicy] quit
[Sysname-role-role1] quit
2. Verify that you cannot use the user role to work on any VLAN except VLANs 2, 4, and 50 to 100:
# Verify that you can create VLAN 100 and enter the VLAN view.
[Sysname] vlan 100
[Sysname-vlan100] quit
# Verify that you can add port FortyGigE 1/0/1 to VLAN 100 as an access port.
[Sysname] interface fortygige 1/0/1
[Sysname-FortyGigE1/0/1] port access vlan 100
[Sysname-FortyGigE1/0/1] quit
# Verify that you cannot create VLAN 101 or enter the VLAN view.
[Sysname] vlan 101
Permission denied.
Related commands
· display role
· role
· vlan policy deny
permit vpn-instance
Use permit vpn-instance to configure a list of VPNs accessible to a user role.
Use undo permit vpn-instance to disable the access of a user role to specific VPNs.
Syntax
permit vpn-instance vpn-instance-name&<1-10>
undo permit vpn-instance [ vpn-instance-name&<1-10> ]
Default
No permitted VPNs are configured in user role VPN instance policy.
Views
User role VPN instance policy view
Predefined user roles
network-admin
mdc-admin
Parameters
vpn-instance-name&<1-10>: Specifies a space-separated list of up to 10 MPLS L3VPN names. Each name is a case-sensitive string of 1 to 31 characters.
Usage guidelines
To permit a user role to access an MPLS L3VPN after you configure the vpn-instance policy deny command, you must add the VPN to the permitted VPN list of the policy. With the user role, you can perform the following tasks on the VPNs in the permitted VPN list:
· Create, remove, or configure the VPNs.
· Enter the VPN instance views.
· Specify the VPNs in feature commands.
You can repeat the permit vpn-instance command to add permitted MPLS L3VPNs to a user role VPN instance policy.
The undo permit vpn-instance command removes the entire list of permitted VPNs if you do not specify any VPNs.
Any change to a user role VPN instance policy takes effect only on users who log in with the user role after the change.
Examples
1. Configure user role role1:
# Permit the user role to execute all commands available in system view and in the child views of system view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] rule 1 permit command system-view ; *
# Permit the user role to access VPN vpn1.
[Sysname-role-role1] vpn policy deny
[Sysname-role-role1-vpnpolicy] permit vpn-instance vpn1
[Sysname-role-role1-vpnpolicy] quit
[Sysname-role-role1] quit
2. Verify that you cannot use the user role to work on any VPN except vpn1:
# Verify that you can enter the view of vpn1.
[Sysname] ip vpn-instance vpn1
[Sysname-vpn-instance-vpn1] quit
# Verify that you can assign the primary accounting server at 10.110.1.2 to the VPN in the RADIUS scheme radius1.
[Sysname] radius scheme radius1
[Sysname-radius-radius1] primary accounting 10.110.1.2 vpn-instance vpn1
[Sysname-radius-radius1] quit
# Verify that you cannot create the VPN vpn2 or enter its view.
[Sysname] ip vpn-instance vpn2
Permission denied.
Related commands
· display role
· role
· vpn-instance policy deny
role
Use role to create a user role and enter user role view. If the user role has been created, you directly enter the user role view.
Use undo role to delete a user role.
Syntax
role name role-name
undo role name role-name
Default
The system has the following predefined user roles: network-admin, network-operator, mdc-admin, mdc-operator, and level-n (where n represents an integer in the range of 0 to 15).
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
name role-name: Specifies a username. The role-name argument is a case-sensitive string of 1 to 63 characters.
Usage guidelines
You can create a maximum of 64 user roles in addition to the predefined user roles.
To change the permissions assigned to a user role, you must first enter the user role view.
You cannot delete the predefined user roles or change the permissions assigned to network-admin, network-operator, mdc-admin, mdc-operator, or level-15.
Level-0 to level-14 users can modify their own permissions for any commands except for the display history-command all command.
Examples
# Create the user role role1 and enter the user role view.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1]
Related commands
· display role
· interface policy deny
· rule
· vlan policy deny
· vpn-instance policy deny
role default-role enable
Use role default-role enable to enable the default user role feature for remote AAA users.
Use undo role default-role enable to restore the default.
Syntax
role default-role enable [ role-name ]
undo role default-role enable
Default
The default user role feature is disabled. AAA users who do not have a user role cannot log in to the device.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
role-name: Specifies a user role by its name for the default user role. The user role must already exist. The argument is a case-sensitive string of 1 to 63 characters. If you do not specify a user role, the following default user role settings apply:
· For login to the default MDC, the default user role is network-operator.
· For login to a non-default MDC, the default user role is mdc-operator.
Usage guidelines
The default user role feature assigns the default user role to AAA-authenticated users if the authentication server does not assign any user roles to the users. These users are allowed to access the system with the default user role.
If AAA users have been assigned user roles, they log in with the user roles.
Examples
# Enable the default user role feature.
<Sysname> system-view
[Sysname] role default-role enable
Related commands
role
role feature-group
Use role feature-group to create a user role feature group and enter user role feature group view.
Use undo role feature-group to delete a user role feature group.
Syntax
role feature-group name feature-group-name
undo role feature-group name feature-group-name
Default
Two user role feature groups, L2 and L3, are created.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
name feature-group-name: Specifies a feature group name. The feature-group-name argument is a case-sensitive string of 1 to 31 characters.
Usage guidelines
The L2 feature group includes all Layer 2 feature commands, and the L3 feature group includes all Layer 3 feature commands. These predefined feature groups are not user configurable.
In addition to the predefined feature groups L2 and L3, you can create a maximum of 64 user role feature groups.
After you create a user role feature group, you can use the display role feature command to display the features available in the system. Then you can use the feature command to add features to the feature group.
Examples
# Create the feature group security-features.
<Sysname> system-view
[Sysname] role feature-group name security-features
[Sysname-featuregrp-security-features]
Related commands
· display role feature-group
· display role feature
· feature
rule
Use rule to create or change a user role rule for controlling command, XML element, or MIB node access.
Use undo rule to delete a user role rule.
Syntax
rule number { deny | permit } { command command-string | { execute | read | write } * { feature [ feature-name ] | feature-group feature-group-name | oid oid-string | xml-element [ xml-string ] } }
undo rule { number | all }
Default
A user-defined user role does not have any rules and cannot use any command, XML element, or MIB node.
Views
User role view
Predefined user roles
network-admin
mdc-admin
Parameters
number: Specifies a rule number in the range of 1 to 256.
deny: Denies access to any specified command, XML element, or MIB node.
permit: Permits access to any specified command, XML element, or MIB node.
command command-string: Specifies a command string. The command-string argument is a case-sensitive string of 1 to 128 characters, including the following characters:
· The wildcard asterisk (*).
· The delimiters space and tab.
· All printable characters.
execute: Specifies the execute commands, XML elements, or MIB nodes. An execute command (for example, ping) , XML element, or MIB node executes a specific function or program.
read: Specifies the read commands, XML elements, or MIB nodes. A read command (for example, display, dir, more, or pwd), XML element, or MIB node displays configuration or maintenance information.
write: Specifies the write commands, XML elements, or MIB nodes. A write command (for example, ssh server enable), XML element, or MIB node configures the system.
feature [ feature-name ]: Specifies one or all features. The feature-name argument specifies a feature name. If you do not specify a feature name, you specify all the features in the system. When you specify a feature, you must enter the feature name as the name is displayed by display role feature, including the case.
feature-group feature-group-name: Specifies a user-defined or predefined feature group. The feature-group-name argument represents the feature group name, a case-sensitive string of 1 to 31 characters. If the feature group has not been created, the rule takes effect after the group is created. To display the feature groups that have been created, use the display role feature-group command.
oid oid-string: Specifies an OID of a MIB node. The oid-string argument represents the OID, a case-insensitive string of 1 to 512 characters. The OID is a dotted numeric string that uniquely identifies the path from the root node to this node. For example, 1.3.6.1.4.1.25506.8.35.14.19.1.1.
xml-element [ xml-string ]: Specifies an XML element. The xml-string argument represents the XPath of the XML element, a case-insensitive string of 1 to 512 characters. Use the forward slash (/) to separate Xpath items, for example, Interfaces/Index/Name. If you do not specify an XML element, the rule applies to all XML elements.
all: Deletes all the user role rules.
Usage guidelines
You can define the following types of rules for different access control granularities:
· Command rule—Controls access to a command or a set of commands that match a regular expression.
· Feature rule—Controls access to the commands of a feature by command type.
· Feature group rule—Controls access to the commands of a group of features by command type.
· XML element rule—Controls access to XML elements by element type.
· OID rule—Controls access to the specified MIB node and its child nodes by node type.
A user role can access the set of permitted commands, XML elements, and MIB nodes specified in the user role rules. User role rules include predefined (identified by sys-n) and user-defined rules.
The following guidelines apply to non-OID rules:
· If two user-defined rules of the same type conflict, the rule with the higher ID takes effect. For example, a user role can use the tracert command but not the ping command if the user role contains rules configured by using the following commands:
¡ rule 1 permit command ping
¡ rule 2 permit command tracert
¡ rule 3 deny command ping
· If a predefined user role rule and a user-defined user role rule conflict, the user-defined user role rule takes effect.
The following guidelines apply to OID rules:
· The system compares an OID with the OIDs specified in rules, and it uses the longest match principle to select a rule for the OID. For example, a user role cannot access the MIB node with OID 1.3.6.1.4.1.25506.141.3.0.1 if the user role contains rules configured by using the following commands:
¡ rule 1 permit read write oid 1.3.6
¡ rule 2 deny read write oid 1.3.6.1.4.1
¡ rule 3 permit read write oid 1.3.6.1.4
· If the same OID is specified in multiple rules, the rule with the higher ID takes effect. For example, a user role can access the MIB node with OID 1.3.6.1.4.1.25506.141.3.0.1 if the user role contains rules configured by using the following commands:
¡ rule 1 permit read write oid 1.3.6
¡ rule 2 deny read write oid 1.3.6.1.4.1
¡ rule 3 permit read write oid 1.3.6.1.4.1
You can configure a maximum of 256 user-defined rules for a user role. The total number of user-defined user role rules cannot exceed 1024.
Any rule modification, addition, or removal for a user role takes effect only on the users who log in with the user role after the change.
Access to the file system commands is controlled by both the file system command rules and the file system feature rule.
A command with output redirection to the file system is permitted only when the command type write is assigned to the file system feature.
When you specify a command string, follow the guidelines in Table 9.
Table 9 Command string configuration rules
Rule |
Guidelines |
Semicolon (;) is the delimiter. |
Use a semicolon to separate the command of each view that you must enter before you access a command or a set of commands. However, do not use a semicolon to separate commands available in user view or any view, for example, display and dir. Each semicolon-separated segment must have a minimum of one printable character. To specify the commands in a view but not the commands in the view's subviews, use a semicolon as the last printable character in the last segment. To specify the commands in a view and the view's subviews, the last printable character in the last segment must not be a semicolon. For example, you must enter system view before you enter interface view. To specify all commands starting with ip in any interface view, you must use the "system ; interface * ; ip * ;" command string. For another example, the "system ; radius scheme * ;" command string represents all the commands that start with radius scheme in system view. The "system ; radius scheme *" command string represents all the commands that start with radius scheme in system view and all the commands in RADIUS scheme view. |
Asterisk (*) is the wildcard. |
An asterisk represents zero or multiple characters. In a non-last segment, you can use an asterisk only at the end of the segment. In the last segment, you can use an asterisk in any position of the segment. If the asterisk appears at the beginning, you cannot specify any printable characters behind the asterisk. For example, the "system ; *" command string represents all commands available in system view and all subviews of the system view. The "debugging * event" command string represents all event debugging commands available in user view. |
Keyword abbreviation is allowed. |
You can specify a keyword by entering the first few characters of the keyword. Any command that starts with this character string matches the rule. For example, "rule 1 deny command dis arp source *" denies access to the commands display arp source-mac interface and display arp source-suppression. |
To control the access to a command, you must specify the command immediately after the view that has the command. |
To control access to a command, you must specify the command immediately behind the view to which the command is assigned. The rules that control command access for any subview do not apply to the command. For example, the "rule 1 deny command system ; interface * ; *" command string disables access to any command that is assigned to interface view. However, you can still execute the acl number command in interface view, because this command is assigned to system view rather than interface view. To disable access to this command, use "rule 1 deny command system ; acl *;". |
Do not include the vertical bar (|), greater-than sign (>), or double greater-than sign (>>) when you specify display commands in a user role command rule. |
The system does not treat the redirect signs and the parameters that follow the signs as part of command lines. However, in user role command rules, these redirect signs and parameters are handled as part of command lines. As a result, no rule that includes any of these signs can find a match. For example, "rule 1 permit command display debugging > log" can never find a match. This is because the system has a display debugging command but not a display debugging > log command. |
Examples
# Permit the user role role1 to execute the display acl command.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] rule 1 permit command display acl
# Permit the user role role1 to execute all commands that start with display.
[Sysname-role-role1] rule 2 permit command display *
# Permit the user role role1 to execute the radius scheme aaa command in system view and use all commands assigned to RADIUS scheme view.
[Sysname-role-role1] rule 3 permit command system ; radius scheme aaa
# Deny the access of role1 to any read or write command of any feature.
[Sysname-role-role1] rule 4 deny read write feature
# Deny the access of role1 to any read command of the feature aaa.
[Sysname-role-role1] rule 5 deny read feature aaa
# Permit role1 to access all read, write, and execute commands of the feature group security-features.
[Sysname-role-role1] rule 6 permit read write execute feature-group security-features
# Permit role1 to access all read and write MIB nodes starting from the node with OID 1.1.2.
[Sysname-role-role1] rule 7 permit read write oid 1.1.2
Related commands
· display role
· display role feature
· display role feature-group
· role
super
Use super to obtain another user role without reconnecting to the device.
Syntax
super [ rolename ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
rolename: Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system. If you do not specify a user role, you obtain the default target user role.
Usage guidelines
The obtained user role is a temporary user role, because this command is effective only on the current login. The next time you are logged in with the user account, the original user role settings take effect.
To enable users to obtain another user roles without reconnecting to the device, you must configure user role authentication.
· If no local password is configured in the local password authentication (local), an AUX user can obtain the user role by either entering a string or not entering anything.
· If no local password is configured in the local-then-remote authentication (local scheme):
¡ A VTY user performs remote authentication.
¡ An AUX user can obtain user role authorization by either entering a string or not entering anything.
Examples
# Obtain the user role network-operator.
<Sysname> super network-operator
Password:
User privilege role is network-operator, and only those commands can be used that authorized to the role.
Related commands
· authentication super (Security Command Reference)
· super authentication-mode
· super password
super authentication-mode
Use super authentication-mode to set an authentication mode for temporary user role authorization.
Use undo super authentication-mode to restore the default.
Syntax
super authentication-mode { local | scheme } *
undo super authentication-mode
Default
Local password authentication applies.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
local: Enables local password authentication.
scheme: Enables remote AAA authentication.
Usage guidelines
For local password authentication, use the super password command to set a password.
For remote AAA authentication, set the username and password on the RADIUS or HWTACACS server.
If you specify both local and scheme keywords, the keyword first entered in the command takes precedence, as follows:
· scheme local—Enables remote-then-local authentication mode. The device first performs AAA authentication for temporary user role authorization. If the remote HWTACACS or RADIUS server does not respond, or if the AAA configuration on the device is invalid, local password authentication is performed.
· local scheme—Enables local-then-remote authentication mode. The device first performs local password authentication. If no password is configured for the user role, the device performs remote authentication.
For more information about AAA, see Security Configuration Guide.
Examples
# Enable local-only authentication for temporary user role authorization.
<Sysname> system-view
[Sysname] super authentication-mode local
# Enable remote-then-local authentication for temporary user role authorization.
<Sysname> system-view
[Sysname] super authentication-mode scheme local
Related commands
· authentication super (Security Command Reference)
· super password
super default role
Use super default role to specify the default target user role for temporary user role authorization.
Use undo super default role to restore the default.
Syntax
super default role rolename
undo super default role
Default
If you log in to the default MDC, the default target user role is network-admin.
If you log in to a non-default MDC, the default target user role is mdc-admin.
Views
System view
Predefined user roles
mdc-admin
Parameters
rolename: Specifies the name of the default target user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system.
Usage guidelines
The default target user role is applied to the super or super password command when you do not specify a user role for the command.
Examples
# Specify the default target user role as network-operator for temporary user role authorization.
[Sysname] super default role network-operator
Related commands
· super
· super password
super password
Use super password to set a password for a user role.
Use undo super password to restore the default.
Syntax
In non-FIPS mode:
super password [ role rolename ] [ { hash | simple } password ]
undo super password [ role rolename ]
In FIPS mode:
super password [ role rolename ]
undo super password [ role rolename ]
Default
No password is set for a user role.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
role rolename: Specifies a user role, a case-sensitive string of 1 to 63 characters. The user role must exist in the system. If you do not specify a user role, this command sets a password for the default target user role.
hash: Sets a hashed password.
simple: Sets a plaintext password. This password will be saved in hashed text for security purpose.
password: Specifies the password string. This argument is case sensitive.
· In non-FIPS mode:
¡ If simple is specified, the password must be a string of 1 to 63 characters.
¡ If hash is specified, the password must be a string of 1 to 110 characters.
· In FIPS mode, the password must be a string of 15 to 63 characters. The string must contain four character types including digits, uppercase letters, lowercase letters, and special characters.
Usage guidelines
If you do not specify any parameters, you specify a plaintext password in the interactive mode.
The FIPS mode supports only the interactive mode for setting a password.
Set a password if you configure local password authentication for temporary user role authorization.
It is a good practice to specify different passwords for different user roles.
Examples
# Set the password to 123456TESTplat&! for the user role network-operator.
<Sysname> system-view
[Sysname] super password role network-operator simple 123456TESTplat&!
# Set the password to 123456TESTplat&! in the interactive mode for the user role network-operator.
<Sysname> system-view
[Sysname] super password role network-operator
Password:
Confirm :
Related commands
· super authentication-mode
· super default role
vlan policy deny
Use vlan policy deny to enter the user role VLAN policy view.
Use undo vlan policy deny to restore the default user role VLAN policy.
Syntax
vlan policy deny
undo vlan policy deny
Default
A user role has access to any VLAN.
Views
User role view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To restrict the VLAN access of a user role to a set of VLANs, perform the following tasks:
1. Use vlan policy deny to enter user role VLAN policy view.
2. Use permit vlan to specify accessible VLANs.
|
NOTE: The vlan policy deny command denies the access of the user role to all VLANs if the permit vlan command is not configured. |
To configure a VLAN, make sure the VLAN is permitted by the user role VLAN policy in use. You can perform the following tasks on an accessible VLAN:
· Create, remove, or configure the VLAN.
· Enter the VLAN view.
· Specify the VLAN in feature commands.
Any change to a user role VLAN policy takes effect only on users who log in with the user role after the change.
Examples
# Enter user role VLAN policy view of role1, and deny the access of role1 to any VLAN.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vlan policy deny
[Sysname-role-role1-vlanpolicy] quit
# Enter user role VLAN policy view of role1, and deny the access of role1 to any VLAN except VLANs 50 to 100.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vlan policy deny
[Sysname-role-role1-vlanpolicy] permit vlan 50 to 100
Related commands
· display role
· permit vlan
· role
vpn-instance policy deny
Use vpn-instance policy deny to enter user role VPN instance policy view.
Use undo vpn-instance policy deny to restore the default user role VPN instance policy.
Syntax
vpn-instance policy deny
undo vpn-instance policy deny
Default
A user role has access to any VPN.
Views
User role view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To restrict the VPN access of a user role to a set of VPNs, perform the following tasks:
1. Use vpn-instance policy deny to enter user role VPN instance policy view.
2. Use permit vpn-instance to specify accessible VPNs.
|
NOTE: The vpn-instance policy deny command denies the access of the user role to all VPNs if the permit vpn-instance command is not configured. |
To configure a VPN, make sure the VPN is permitted by the user role VPN instance policy in use. You can perform the following tasks on an accessible VPN:
· Create, remove, or configure the VPN.
· Enter the VPN instance view.
· Specify the VPN in feature commands.
Any change to a user role VPN instance policy takes effect only on users who log in with the user role after the change.
Examples
# Enter user role VPN instance policy view of role1, and deny the access of role1 to any VPN.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] quit
# Enter user role VPN instance policy view of role1, and deny the access of role1 to any VPN except vpn2.
<Sysname> system-view
[Sysname] role name role1
[Sysname-role-role1] vpn-instance policy deny
[Sysname-role-role1-vpnpolicy] permit vpn-instance vpn2
Related commands
· display role
· permit vpn-instance
· role
FTP commands
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.
FTP is not supported in FIPS mode.
FTP server commands
display ftp-server
Use display ftp-server to display FTP server configuration and status information.
Syntax
display ftp-server
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display FTP server configuration and status information.
User count: 1
Idle-timeout timer (in minutes): 30
Table 10 Command output
Field |
Description |
User count |
Number of the current logged-in users. |
Idle-timeout timer (in minutes) |
If no packet is exchanged between the FTP server and client during this period, the FTP connection is closed. |
Related commands
· ftp server enable
· ftp timeout
display ftp-user
Use display ftp-user to display detailed information about logged-in FTP users.
Syntax
display ftp-user
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display detailed information about logged-in FTP users.
<Sysname> display ftp-user
UserName HostIP Port HomeDir
root 192.168.20.184 46539 flash:
If a username exceeds 10 characters, a host IP address exceeds 15 bits, or a directory name exceeds 37 bits, the exceeded part is displayed in the next line and right justified, as shown below.
<Sysname> display ftp-user
UserName HostIP Port HomeDir
user2 2000:2000:2000: 1499 flash:/user2
2000:2000:2000:
2000:2000
administra 100.100.100.100 10001 flash:/123456789/123456789/123456789/
tor 123456789/123456789/123456789/1234567
89/123456789
Table 11 Command output
Field |
Description |
UserName |
Name of the user. |
HostIP |
IP address of the user. |
Port |
Port number of the user. |
HomeDir |
Authorized directory for the user. |
free ftp user
Use free ftp user to manually release the FTP connections established by using a specific user account.
Syntax
free ftp user username
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
username: Specifies a username. You can use the display ftp-user command to display FTP user information.
Examples
# Release the FTP connections established by using the user account ftpuser.
<Sysname> free ftp user ftpuser
Are you sure to free FTP connection? [Y/N]:y
<Sysname>
free ftp user-ip
Use free ftp user-ip to manually release the FTP connections established from a specific IPv4 address.
Syntax
free ftp user-ip ipv4-address [ port port ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
ipv4-address: Specifies the source IP address of an FTP connection. You can use the display ftp-user command to view the source IP addresses of FTP connections.
port port: Specifies the source port of an FTP connection. You can use the display ftp-user command to view the source ports of FTP connections.
Examples
# Release the FTP connections established from IP address 192.168.20.184.
<Sysname> free ftp user-ip 192.168.20.184
Are you sure to free FTP connection? [Y/N]:y
<Sysname>
ftp server acl
Use ftp server acl to use an ACL to control FTP clients' access to the FTP server.
Use undo ftp server acl to restore the default.
Syntax
ftp server acl { acl-number }
undo ftp server acl
Default
No ACL is used to control FTP clients' access to the FTP server.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl-number: Specifies an IPv4 ACL number in the range of 2000 to 3999.
Usage guidelines
You can use this command to permit only FTP requests from specific FTP clients. This configuration takes effect only for FTP connections to be established. It does not impact existing FTP connections. If you execute the command multiple times, the most recently specified ACL takes effect.
Examples
# Use ACL 2001 to allow only client 1.1.1.1 to access the FTP server.
<Sysname> system-view
[Sysname] acl number 2001
[Sysname-acl-basic-2001] rule 0 permit source 1.1.1.1 0
[Sysname-acl-basic-2001] rule 1 deny source any
[Sysname-acl-basic-2001] quit
[Sysname] ftp server acl 2001
ftp server dscp
Use ftp server dscp to set the DSCP value for IPv4 to use for outgoing FTP packets on an FTP server.
Use undo ftp server dscp to restore the default.
Syntax
ftp server dscp dscp-value
undo ftp server dscp
Default
IPv4 uses the DSCP value 0 for outgoing FTP packets on an FTP server.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
dscp-value: Specifies a DSCP value in the range of 0 to 63.
Usage guidelines
The DSCP value is carried in the ToS field of an IP packet, and it indicates the transmission priority of the packet.
Examples
# Set the DSCP value for IPv4 to use for outgoing FTP packets to 30 on an FTP server.
<Sysname> system-view
[Sysname] ftp server dscp 30
ftp server enable
Use ftp server enable to enable the FTP server.
Use undo ftp server enable to disable the FTP server.
Syntax
ftp server enable
undo ftp server enable
Default
The FTP server is disabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Examples
# Enable the FTP server.
<Sysname> system-view
[Sysname] ftp server enable
ftp timeout
Use ftp timeout to set the FTP connection idle-timeout timer.
Use undo ftp timeout to restore the default.
Syntax
ftp timeout minute
undo ftp timeout
Default
The FTP connection idle-timeout timer is 30 minutes.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
minute: Specifies an idle-timeout interval in the range of 1 to 35791 minutes.
Usage guidelines
If no data transfer occurs on an FTP connection within the idle-timeout interval, the FTP server closes the FTP connection to release resources.
Examples
# Set the FTP connection idle-timeout timer to 36 minutes.
<Sysname> system-view
FTP client commands
Before executing FTP client configuration commands, make sure you have configured authorization settings for users on the FTP server. Authorized operations include viewing the files in the working directory, reading/downloading/uploading/renaming/removing files, and creating directories.
The FTP client commands in this section are supported by the device, but whether they can be executed successfully depends on the FTP server.
The output in the examples of this section varies with FTP server types.
append
Use append to add the content of a file on the FTP client to a file on the FTP server.
Syntax
append localfile [ remotefile ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
localfile: Specifies a local file on the FTP client.
remotefile: Specifies a remote file on the FTP server.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Append the content of the local a.txt file to the b.txt file on the FTP server.
ftp> append a.txt b.txt
227 Entering Passive Mode (10,153,116,114,10,184)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\b.txt" file ready to
receive in IMAGE / Binary mode
226 Transfer finished successfully.
4987 bytes sent in 0.00104 seconds (4.56 Mbyte/s)
ascii
Use ascii to set the file transfer mode to ASCII.
Syntax
ascii
Default
The file transfer mode is binary.
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
The carriage return characters vary with operating systems. For example, H3C and Windows use /r/n, and Linux uses /n. To transfer files between two systems that use different carriage return characters, select the FTP transfer mode according to the file type.
FTP transfers files in either of the following modes:
· Binary mode—Transfers image files or pictures. This mode is also called "flow mode."
· ASCII mode—Transfers text files.
Examples
# Set the file transfer mode to ASCII.
ftp> ascii
200 TYPE is now ASCII
Related commands
binary
binary
Use binary to set the file transfer mode to binary, which is also called the "flow mode."
Syntax
binary
Default
The file transfer mode is binary.
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
The carriage return characters vary with operating systems. For example, H3C and Windows use /r/n, and Linux uses /n. To transfer files between two systems that use different carriage return characters, determine FTP transfer mode according to the file type.
FTP transfers files in the following modes:
· Binary mode—Transfers program file or pictures. This mode is also called "flow mode."
· ASCII mode—Transfers text files.
Examples
# Set the file transfer mode to binary.
ftp> binary
200 TYPE is now 8-bit binary
Related commands
ascii
bye
Use bye to terminate the connection to the FTP server and return to user view.
If no connection is established between the device and the FTP server, use this command to return to user view.
Syntax
bye
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Examples
# Terminate the connection to the FTP server and return to user view.
ftp> bye
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye
<Sysname>
Related commands
quit
cd
Use cd to change the current working directory to another directory on the FTP server.
Syntax
cd { directory | .. | / }
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the name of the target directory in the [drive:][/]path format, where drive represents the storage medium name, typically flash or cf. If the target directory does not exist, the cd command does not change the current working directory. If no drive information is provided, the argument represents a folder or subfolder in the current directory. For more information about the drive and path arguments, see Fundamentals Configuration Guide.
..: Returns to the upper directory. Executing the cd .. command is the same as executing the cdup command. If the current working directory is the FTP root directory, the cd .. command does not change the current working directory.
/: Returns to the FTP root directory.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
The directory that can be accessed must be authorized by the FTP server.
Examples
# Change the working directory to the subdirectory logfile of the current directory.
ftp> cd logfile
250 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\logfile " is current directory
# Change the working directory to the subdirectory diagfile in the FTP root directory.
ftp> cd /diagfile
250 "C:\diagfile " is current directory
# Change the working directory to the upper directory of the current directory.
ftp> cd ..
250 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X" is current directory
# Change the working directory to the FTP root directory.
ftp> cd /
250 "C:\" is current directory
Related commands
· cdup
· pwd
cdup
Use cdup to enter the upper directory of the FTP server.
This command does not change the working directory if the current directory is the FTP root directory.
Syntax
cdup
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Change the working directory to the upper directory.
ftp> pwd
257 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X" is current directory
ftp> cdup
250 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk" is current directory
ftp> pwd
257 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk" is current directory
Related commands
· cd
· pwd
close
Use close to terminate the connection to the FTP server without exiting FTP client view.
Syntax
close
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Terminate the connection to the FTP server without exiting the FTP client view.
ftp> close
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye.
ftp>
Related commands
disconnect
debug
Use debug to enable or disable FTP client debugging.
Syntax
debug
Default
FTP client debugging is disabled.
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
When FTP client debugging is enabled, executing this command disables FTP client debugging.
When FTP client debugging is disabled, executing this command enables FTP client debugging.
Examples
# Enable and then disable FTP client debugging.
ftp> debug
Debugging on (debug=1).
ftp> debug
Debugging off (debug=0).
delete
Use delete to permanently delete a file on the FTP server.
Syntax
delete remotefile
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies the name of a file on the FTP server.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
To perform this operation, you must have delete permission on the FTP server.
Examples
# Delete file b.txt.
ftp> delete b.txt
250 File deleted from remote host.
dir
Use dir to display detailed information about the files and subdirectories in the current directory on the FTP server.
Use dir remotefile to display detailed information about a specific file or directory on the FTP server.
Use dir remotefile localfile to save detailed information about a specific file or directory on the FTP server to a local file.
Syntax
dir [ remotefile [ localfile ] ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies the name of a file or directory on the FTP server.
localfile: Specifies the name of the local file used for saving the displayed information.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
In FTP client view, executing the dir command is the same as executing the ls command.
Examples
# Display detailed information about the files and subdirectories in the current directory on the FTP server.
ftp> dir
227 Entering Passive Mode (10,153,116,114,11,9)
150 File Listing Follows in ASCII mode
drwxrwxrwx 1 noone nogroup 0 Apr 8 15:15 .
drwxrwxrwx 1 noone nogroup 0 Apr 8 15:15 ..
-rwxrwxrwx 1 noone nogroup 6324 Apr 8 14:48 1.txt
-rwxrwxrwx 1 noone nogroup 97401856 Feb 27 12:28 125X.ipe
drwxrwxrwx 1 noone nogroup 0 Mar 26 14:30 Compatiable
drwxrwxrwx 1 noone nogroup 0 Mar 26 14:30 Incompatiable
drwxrwxrwx 1 noone nogroup 0 Apr 1 15:34 aa
226 Transfer finished successfully.
# Save detailed information about file a.txt to s.txt.
ftp> dir a.txt s.txt
output to local-file: s.txt ? [Y/N]y
227 Entering Passive Mode (10,153,116,114,11,34)
150 File Listing Follows in ASCII mode
226 Transfer finished successfully.
# Display the content of file s.txt.
ftp> bye
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye
<Sysname> more s.txt
-rwxr-xr-x 1 0 0 1481 Jul 7 12:34 a.txt
Related commands
ls
disconnect
Use disconnect to terminate the connection to the FTP server without exiting FTP client view.
Syntax
disconnect
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Terminate the connection to the FTP server without exiting the FTP client view.
ftp> disconnect
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye
ftp>
Related commands
close
display ftp client source
Use display ftp client source to display the source address settings on the FTP client.
Syntax
display ftp client source
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display the source address settings on the FTP client.
<Sysname> display ftp client source
The source IP address of the FTP client is 1.1.1.1.
ftp
Use ftp to log in to an FTP server and enter FTP client view.
Syntax
ftp [ ftp-server [ service-port ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type interface-number | ip source-ip-address } ] ] *
Views
User view
Parameters
ftp-server: Specifies the IPv4 address or host name of an FTP server. A host name can be a case-insensitive string of 1 to 253 characters. Valid characters for a host name include letters, digits, hyphens (-), underscores (_), and dots (.).
service-port: Specifies the TCP port number of the FTP server, in the range of 0 to 65535. The default value is 21.
vpn-instance vpn-instance-name: Specifies the VPN instance to which the remote host belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the remote host belongs to the public network, do not specify this option.
dscp dscp-value: Specifies the DSCP value for IPv4 to use in outgoing FTP packets to indicate the packet transmission priority, in the range of 0 to 63. The default is 0.
source { interface interface-type interface-number | ip source-ip-address }: Specifies the source address used to establish the FTP connection.
· interface interface-type interface-number: Specifies an interface by its type and number. The primary IPv4 address of this interface will be used as the source address for outgoing FTP packets. If no primary IPv4 address is configured on the source interface, the connection cannot be established.
· ip source-ip-address: Specifies an IPv4 address. This address must have been configured on the device.
Usage guidelines
This command is only applicable to IPv4 networks.
If no parameters are specified, this command enters the FTP client view without logging in to the FTP server.
If the server parameters are specified, you are prompted to enter the username and password for logging in to the FTP server.
Examples
# Log in to the FTP server 10.153.86.57, and specify the source IPv4 address for outgoing FTP packets as 10.153.116.114.
<Sysname>ftp 10.153.116.114 source ip 10.153.86.57
Press CTRL+C to abort.
Connected to 10.153.116.114 (10.153.116.114).
220-
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User (10.153.116.114:(none)): cs
331 Give me your password, please
Password:
230 Logged in successfully
Remote system type is MSDOS.
200 Type is Image (Binary)
ftp>
ftp client source
Use ftp client source to specify the source IPv4 address for outgoing FTP packets.
Use undo ftp client source to restore the default.
Syntax
ftp client source { interface interface-type interface-number | ip source-ip-address }
undo ftp client source
Default
No source IPv4 address is configured for outgoing FTP packets. The device uses the primary IPv4 address of the output interface for the route to the server as the source IP address.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-type interface-number: Specifies the source interface for establishing FTP connections. The primary IPv4 address of the source interface is used as the source IP address of packets sent to a FTP server. Make sure the interface is up and has the primary IPv4 address configured. Otherwise, the transmission fails.
ip source-ip-address: Specifies the source IP address for outgoing FTP packets. It must be the IPv4 address of an interface in up state. Otherwise, the transmission fails.
Usages guidelines
If you execute this command multiple times, the most recent configuration takes effect.
The source address specified with the ftp command takes precedence over the source address specified with the ftp client source command.
The source address specified with the ftp client source command applies to all FTP connections. The source address specified with the ftp command applies only to the current FTP connection.
Examples
# Specify the source IPv4 address for outgoing FTP packets as 192.168.20.222.
<Sysname> system-view
[Sysname] ftp client source ip 192.168.20.222
Related commands
ftp
get
Use get to download a file from the FTP server and save the file.
Syntax
get remotefile [ localfile ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies the name of the file to be downloaded.
localfile: Specifies a name for the downloaded file.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
To save the downloaded file to the working directory accessed by the ftp command, the localfile argument must specify a file name such as a.cfg. If you do not provide the localfile argument, the downloaded file uses its original name.
To save the downloaded file to some other directory, the localfile argument must specify the target directory plus the file name such as flash:/subdirectory/a.cfg. Otherwise, the command fails to take effect.
Examples
# Download file a.txt and save it as b.txt in the working directory accessed by the ftp command.
ftp> get a.txt b.txt
227 Entering Passive Mode (10,153,116,114,11,126)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\a.txt" file ready to send
(1 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
1 bytes received in 0.00325 seconds (308 byte/s)
# Download file a.txt to the folder test from the working directory accessed by the ftp command.
ftp> get a.txt flash:/test/b.txt
227 Entering Passive Mode (10,153,116,114,11,151)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\a.txt" file ready to send
(6324 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
6324 bytes received in 0.0237 seconds (260.6 kbyte/s)
# In IRF mode, download file a.txt to the Flash root directory of the MPU that resides in slot 17 of member device 1. Save the file as c.txt.
ftp> get a.txt chassis1#slot17#flash:/c.txt
227 Entering Passive Mode (10,153,116,114,11,151)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\a.txt" file ready to send
(6324 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
6324 bytes received in 0.0237 seconds (260.6 kbyte/s)
Related commands
put
help
Use help to display all commands supported by an FTP client.
Use help command-name to display the help information of a specific command.
Syntax
help [ command-name ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
command-name: Specifies a command supported by the FTP client.
Usage guidelines
In FTP client view, executing the help command is the same as entering?.
Examples
# Display all commands supported by the FTP client.
ftp> help
Commands may be abbreviated. Commands are:
append delete ls quit rmdir
ascii debug mkdir reget status
binary dir newer rstatus system
bye disconnect open rhelp user
cd get passive rename verbose
cdup help put reset ?
close lcd pwd restart
# Display the help information for the dir command.
ftp> help dir
dir list contents of remote directory
Related commands
?
lcd
Use lcd to display the local working directory of the FTP client.
Use lcd directory to change the local working directory of the FTP client to the specified directory.
Use lcd / to change the local working directory of the FTP client to the local root directory.
Syntax
lcd [ directory | / ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies a local directory of the FTP client. There must be a slash sign (/) before the name of the storage medium, for example, /flash:/logfile.
/: Specifies the root directory of the FTP client.
Examples
# Display the local working directory.
ftp> lcd
Local directory now /flash:
# Change the local working directory to flash:/logfile.
ftp> lcd /flash:/logfile
Local directory now /flash:/logfile
ls
Use ls to display detailed information about the files and subdirectories under the current directory on the FTP server.
Use ls remotefile to display detailed information about a specific file or directory on the FTP server.
Use ls remotefile localfile to save detailed information about a specific file or directory on the FTP server to a local file.
Syntax
ls [ remotefile [ localfile ] ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies the file name or directory on the FTP server.
localfile: Specifies the local file used to save the displayed information.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
In FTP client view, executing the ls command is the same as executing the dir command.
Examples
# Display detailed information about the files and subdirectories under the current directory on the FTP server.
ftp> ls
227 Entering Passive Mode (10,153,116,114,11,181)
150 File Listing Follows in ASCII mode
drwxrwxrwx 1 noone nogroup 0 Apr 8 15:19 .
drwxrwxrwx 1 noone nogroup 0 Apr 8 15:19 ..
-rwxrwxrwx 1 noone nogroup 6324 Apr 8 14:48 1.txt
-rwxrwxrwx 1 noone nogroup 97401856 Feb 27 12:28 10500.ipe
-rwxrwxrwx 1 noone nogroup 1 Apr 8 15:20 3.txt
-rwxrwxrwx 1 noone nogroup 1 Apr 8 15:20 4.txt
drwxrwxrwx 1 noone nogroup 0 Mar 26 14:30 Compatiable
drwxrwxrwx 1 noone nogroup 0 Mar 26 14:30 Incompatiable
drwxrwxrwx 1 noone nogroup 0 Apr 1 15:34 aa
226 Transfer finished successfully
Related commands
dir
mkdir
Use mkdir to create a subdirectory in the current directory on the FTP server.
Syntax
mkdir directory
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the name of the directory to be created.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
You must have permission to perform this operation on the FTP server.
Examples
# Create subdirectory newdir in the current directory of the remote FTP server.
ftp> mkdir newdir
257 "newdir" directory created
newer
Use newer to update a local file by using a remote file on the FTP server.
Syntax
newer remotefile [ localfile ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies the name of the remote file on the FTP server.
localfile: Specifies the name of the local file to be updated.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
If the local file does not exist, this command downloads the file from the FTP server and saves it locally.
If the remote file on the FTP server is not newer than the local file, this command does not update the local file.
Examples
# Update the local file with the file a.txt on the FTP server.
ftp> newer a.txt
227 Entering Passive Mode (10,153,116,114,11,190)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\a.txt" file ready to send
(1 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
1 bytes received in 0.00268 seconds (374 byte/s)
open
Use open to log in to the FTP server in FTP client view.
Syntax
open server-address [ service-port ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
server-address: Specifies the IP address or host name of the FTP server.
service-port: Specifies the TCP port number of the FTP server, in the range of 0 to 65535. The default value is 21.
Usage guidelines
After you issue this command, the system will prompt you to enter the username and password.
After you log in to one FTP server, you must disconnect from the server before you can use the open command to log in to another server.
Examples
# In FTP client view, log in to the FTP server 192.168.40.7.
<Sysname>ftp
ftp: No control connection for command.
ftp> open 10.153.116.114
Press CTRL+C to abort.
Connected to 10.153.116.114 (10.153.116.114).
220-
220 WFTPD 2.0 service (by Texas Imperial Software) ready for new user
User (10.153.116.114:(none)): cs
331 Give me your password, please
Password:
230 Logged in successfully
Remote system type is MSDOS.
ftp>
passive
Use passive to set the FTP operation mode to passive.
Syntax
passive
Default
The FTP operation mode is passive.
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
FTP can operate in either of the following modes:
· Active mode—The FTP server initiates the TCP connection.
· Passive mode—The FTP client initiates the TCP connection.
You can use this command multiple times to change between active and passive modes.
This command is mainly used together with a firewall to control FTP session establishment between private network users and public network users.
Examples
# Set the FTP operation mode to passive.
ftp> passive
Passive mode on.
ftp> passive
Passive mode off.
put
Use put to upload a file on the client to the remote FTP server.
Syntax
put localfile [ remotefile ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
localfile: Specifies the name of the local file to be uploaded.
remotefile: Specifies the file name for saving the uploaded file on the FTP server.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
To upload a file in the working directory accessed by the ftp command, the localfile argument must specify a file name such as a.cfg.
To upload a file in some other directory, the localfile argument must specify the target directory plus the file name such as flash:/subdirectory/a.cfg. Otherwise, the command fails to take effect.
Examples
# Upload the file a.txt in the working directory accessed by the ftp command and save the file as b.txt on the FTP server.
ftp> put a.txt b.txt
227 Entering Passive Mode (10,153,116,114,11,196)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\b.txt" file ready to receive
in ASCII mode
226 Transfer finished successfully.
45925 bytes sent in 0.00714 seconds (6.13 Mbyte/s)
# Upload the file a.txt in the folder test from the working directory accessed by the ftp command. Save the file as b.txt on the FTP server.
ftp> put flash:/test/a.txt b.txt
227 Entering Passive Mode (10,153,116,114,11,201)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\b.txt" file ready to receive
in ASCII mode
226 Transfer finished successfully.
1 bytes sent in 0.000522 seconds (1.9 kbyte/s)
# In IRF mode, upload the file a.txt in the Flash root directory of the MPU that resides in slot 17 of member device 1. Save the file as b.txt on the FTP server.
ftp> put chassis1#slot17#flash:/test/a.txt b.txt
227 Entering Passive Mode (10,153,116,114,11,201)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\b.txt" file ready to receive
in ASCII mode
226 Transfer finished successfully.
1 bytes sent in 0.000522 seconds (1.9 kbyte/s)
Related commands
get
pwd
Use pwd to display the currently accessed directory on the FTP server.
Syntax
pwd
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Display the currently accessed directory on the remote FTP server.
ftp> cd subdir
250 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\subdir" is current directory
ftp> pwd
257 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\subdir" is current directory
quit
Use quit to terminate the connection to the FTP server and return to user view.
Syntax
quit
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Examples
# Terminate the connection to the FTP server and return to user view
ftp> quit
221 Windows FTP Server (WFTPD, by Texas Imperial Software) says goodbye
<Sysname>
Related commands
bye
reget
Use reget to get the missing part of a file from the FTP server.
Syntax
reget remotefile [ localfile ]
Views
FTP client view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
remotefile: Specifies the name of the file on the FTP server.
localfile: Specifies the name of the local file.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
If a file download is not completed due to network problems or insufficient storage space, you can use the reget command to get the missing part of the file from the FTP server after you solve the problem.
Examples
# Get the part of the s.bin file that is missing due to transmission interruption.
ftp> reget s.bin
local: s.bin remote: s.bin
350 Restarting at 1749706
150-Connecting to port 47429
150 38143.3 kbytes to download
226 File successfully transferred
39058742 bytes received in 66.2 seconds (576.1 kbyte/s)
rename
Use rename to rename a file.
Syntax
rename [ oldfilename [ newfilename ] ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
oldfilename: Specifies the original file name.
newfilename: Specifies the new file name.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Rename the file a.txt as b.txt:
· Method 1
ftp> rename
(from-name) a.txt
(to-name) b.txt
350 Enter the name to rename it to...
250 File renamed successfully
· Method 2
ftp> rename a.txt
(to-name) b.txt
350 Enter the name to rename it to...
250 File renamed successfully
· Method 3
ftp> rename a.txt b.txt
350 Enter the name to rename it to...
250 File renamed successfully
reset
Use reset to clear the reply information received from the FTP server in the buffer.
Syntax
reset
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Examples
# Clear the reply information received from the FTP server.
ftp> reset
restart
Use restart to specify the marker to retransmit a file.
Syntax
restart marker
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
marker: Specifies the retransmit marker.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Support for this command varies with FTP servers.
Examples
# Retransmit the file h.c (82 bytes) from 2 bytes.
ftp> restart 2
restarting at 2. execute get, put or append to initiate transfer
ftp> put h.c h.c
local: h.c remote: h.c
350 Restart position accepted (2).
150 Ok to send data.
226 File receive OK.
80 bytes sent in 0.000445 seconds (175.6 kbyte/s)
ftp> dir
150 Here comes the directory listing.
-rw-r--r-- 1 0 0 80 Jul 18 02:58 h.c
rhelp
Use rhelp to display the FTP-related commands supported by the FTP server.
Use rhelp protocol-command to display the help information of an FTP-related command supported by the FTP server.
Syntax
rhelp [ protocol-command ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
protocol-command: Specifies an FTP-related command.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Display the FTP-related commands supported by the FTP.
ftp> rhelp
214-The following FTP commands are recognized
USER PASS NOOP QUIT SYST TYPE
HELP CWD XCWD PWD CDUP XCUP
XPWD LIST NLST MLSD PORT EPRT
PASV EPSV REST RETR STOR APPE
DELE MKD XMKD RMD XRMD ABOR
SIZE RNFR RNTO
4 UNIX Type: L8
Table 12 Command output
Field |
Description |
USER |
Username, corresponding to the xx command in FTP client view. |
PASS |
Password. |
NOOP |
Null operation. |
SYST |
System parameters. |
TYPE |
Request type. |
CWD |
Changes the current working directory. |
XCWD |
Extended command with the meaning of CWD. |
PWD |
Prints the working directory. |
CDUP |
Changes the directory to the upper directory. |
XCUP |
Extended command with the meaning of CDUP. |
XPWD |
Extended command with the meaning of PWD. |
LIST |
Lists files. |
NLST |
Lists brief file description. |
MLSD |
Lists file content. |
PORT |
Active mode. |
PASV |
Passive mode. |
REST |
Restarts. |
RETR |
Downloads files. |
STOR |
Uploads files. |
APPE |
Appends uploading. |
DELE |
Deletes files. |
MKD |
Creates folders. |
XMKD |
Extended command with the meaning of MKD. |
RMD |
Deletes folders. |
XRMD |
Extended command with the meaning of RMD. |
ABOR |
Aborts the transmission. |
SIZE |
Size of the transmission file. |
RNFR |
Original name. |
RNTO |
New name. |
rmdir
Use rmdir to permanently delete a directory from the FTP server.
Syntax
rmdir directory
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the name of a directory on the remote FTP server.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
To perform this operation, you must have delete permission on the FTP server.
Delete all files and subdirectories in a directory before you delete the directory. For more information about how to delete files, see the delete command.
Executing the rmdir command also deletes the files in the recycle bin of the specified directory.
Examples
# Delete the empty directory subdir1.
ftp>rmdir subdir1
200 Directory subdir1 removed
Related commands
delete
rstatus
Use rstatus to display FTP server status.
Use rstatus remotefile to display detailed information about a specific directory or file on the FTP server.
Syntax
rstatus [ remotefile ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
remotefile: Specifies a directory or file on the FTP server.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Support for this command varies with FTP servers.
Examples
# Display FTP server status.
ftp> rstatus
211-FTP server status:
Connected to 192.168.20.177
Logged in as root
TYPE: ASCII
No session bandwidth limit
Session timeout in seconds is 300
Control connection is plain text
Data connections will be plain text
At session startup, client count was 1
vsFTPd 2.0.6 - secure, fast, stable
211 End of status
Table 13 Command output
Filed |
Description |
211-FTP server status: |
Beginning of the display of FTP server status, where 211 specifies the FTP command. |
Connected to 192.168.20.177 |
IP address of the FTP client. |
Logged in as root |
Login username root. |
TYPE: ASCII |
File transfer mode ASCII. |
Session timeout in seconds is 300 |
Timeout interval is 300 seconds. |
Control connection is plain text |
Control connection type is plain text. |
Data connections will be plain text |
Data connection type is plain text. |
At session startup, client count was 1 |
FTP connection number is 1. |
vsFTPd 2.0.6 - secure, fast, stable |
FTP version is 2.0.6. |
211 End of status |
End of the display of FTP server status. |
# Display file a.txt.
ftp> rstatus a.txt
213-Status follows:
-rw-r--r-- 1 0 0 80 Jul 18 02:58 a.txt
213 End of status
Table 14 Command output
Field |
Description |
213-Status follows: |
Beginning of the display of the file, where 213 specifies the FTP command. |
-rw-r--r-- |
The first bit specifies the file type: · -—Common. · B—Block. · c—Character. · d—Directory. · l—Symbol connection file. · p—Pipe. · s—socket. The second bit through the tenth bit are divided into three groups. Each group contains three characters, representing the access permission of the owner, group, and other users. · -—No permission. · r—Read permission. · w—Write permission. · x—Execution permission. |
1 |
Number of connections. |
0 |
Name of the file owner. |
0 |
Group number of the file owner. |
80 |
File size, in bytes. |
Jul 18 02:58 |
Date and time when the file was most recently modified. |
a.txt |
File name. |
213 End of status |
End of the display of the file information. |
status
Use status to display FTP status.
Syntax
status
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Examples
# Display FTP status.
ftp> status
Connected to 192.168.1.56.
No proxy connection.
Not using any security mechanism.
Mode: stream; Type: ascii; Form: non-print; Structure: file
Verbose: on; Bell: off; Prompting: on; Globbing: off
Store unique: off; Receive unique: off
Case: off; CR stripping: on
Ntrans: off
Nmap: off
Hash mark printing: off; Use of PORT cmds: on
Table 15 Command output
Field |
Description |
Connected to 192.168.1.56. |
IP address of the FTP server that is connected to the FTP client. |
Verbose: on; Bell: off; Prompting: on; Globbing: off |
Displays debugging information. |
Store unique: off; Receive unique: off |
The name of the file on the FTP server is unique and the name of the local file is unique. |
Case: off; CR stripping: on |
Does not support obtaining multiple files once and deletes "\r" when downloading text files. |
Ntrans: off |
Does not use the input-output transmission table. |
Nmap: off |
The file name does not use the input-to-output mapping template. |
Hash mark printing: off; Use of PORT cmds: on |
Does not end with a pound sign (#) and uses "PORT" data transmission. |
system
Use system to display the system information of the FTP server.
Syntax
system
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
You can perform this operation only after you log in to the FTP server.
Examples
# Display the system information of the FTP server.
ftp> system
5 UNIX Type: L8
user
Use user to change to another user account after login.
Syntax
user username [ password ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
username: Specifies the username of the target user account.
password: Specifies the password of the target user account.
Usage guidelines
You can perform this operation only after you log in to the FTP server.
The username and password of the target user account must have been configured. Otherwise, the user account change operation fails and the FTP connection is closed.
Examples
# After logging in to the FTP server, use the username ftp and password 123456 to re-log in to the FTP server (the output might vary by the FTP server):
· Method 1
ftp> user ftp 123456
331 Password required for ftp.
230 User logged in.
· Method 2
ftp> user ftp
331 Give me your password, please
Password:
230 Logged in successfully
verbose
Use verbose to enable or disable the device to display detailed information about FTP operations.
Syntax
verbose
Default
The device displays detailed information about FTP operations.
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
The verbose command takes effect only for the current FTP session. It is lost after the session is disconnected.
Examples
# Disable the device from displaying detailed information about FTP operations.
ftp> verbose
Verbose mode off.
# Execute the get command.
ftp> verbose
Verbose mode off.
ftp> get a.txt
# Enable the device to display detailed information about FTP operations.
ftp> verbose
Verbose mode on.
# Execute the get command.
ftp> get a.txt
227 Entering Passive Mode (10,153,116,114,12,17)
150 "C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\desk\125X\a.txt" file ready to
send (6324 bytes) in IMAGE / Binary mode
226 Transfer finished successfully.
6324 bytes received in 0.0104 seconds (594.7 kbyte/s)ftp> get a.cfg 2.cfg
227 Entering Passive Mode (192,168,1,58,68,14)
150-Accepted data connection
150 The computer is your friend. Trust the computer
226 File successfully transferred
3796 bytes received in 0.00762 seconds (486.5 kbyte/s)
?
Use ? to display all commands supported by an FTP client.
Use ? command-name to display the help information for a specific command.
Syntax
? [ command-name ]
Views
FTP client view
Predefined user roles
network-admin
mdc-admin
Parameters
command-name: Specifies a command supported by the FTP client.
Usage guidelines
In FTP client view, entering ? is the same as executing the help command.
Examples
# Display all commands supported by the FTP client.
ftp> ?
Commands may be abbreviated. Commands are:
append delete ls quit rmdir
ascii debug mkdir reget status
binary dir newer rstatus system
bye disconnect open rhelp user
cd get passive rename verbose
cdup help put reset ?
close lcd pwd restart
# Display the help information for the dir command.
ftp> ? dir
dir list contents of remote directory
Related commands
help
TFTP commands
The device supports the FIPS mode that complies with NIST FIPS 140-2 requirements. Support for features, commands, and parameters might differ in FIPS mode and non-FIPS mode. For more information about FIPS mode, see Security Configuration Guide.
TFTP is not supported in FIPS mode.
tftp
Use tftp to download a file from the TFTP server to the local device or upload a local file to the TFTP server in an IPv4 network.
Syntax
tftp tftp-server { get | put | sget } source-filename [ destination-filename ] [ vpn-instance vpn-instance-name ] [ dscp dscp-value | source { interface interface-type interface-number | ip source-ip-address } ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
tftp-server: Specifies the IPv4 address or host name of a TFTP server. The host name can be a case-insensitive string of 1 to 253 characters and can contain only letters, digits, hyphens (-), underscores (_), and dots (.).
get: Downloads a file and writes the file directly to the destination folder. If the destination folder already has a file using the same name, the system deletes the existing file before starting the download operation. The existing file is permanently deleted even if the download operation fails.
put: Uploads a file.
sget: Downloads a file and saves the file to memory before writing it to the destination folder. The system starts to write the file to the destination folder only after the file is downloaded and saved to memory successfully. If the destination folder already has a file using the same name, the system overwrites the existing file. If the download or save-to-memory operation fails, the existing file in the destination folder is not overwritten.
source-filename: Specifies the source file name, a case-insensitive string of 1 to 1 to 255 characters.
destination-filename: Specifies the destination file name, a case-insensitive string of 1 to 255 characters. If this argument is not specified, the file uses the source file name.
vpn-instance vpn-instance-name: Specifies the VPN instance to which the remote host belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the remote host belongs to the public network, do not specify this option.
dscp dscp-value: Specifies the DSCP value for IPv4 to use for outgoing TFTP packets to indicate the packet transmission priority, in the range of 0 to 63. The default is 0.
source { interface interface-type interface-number | ip source-ip-address }: Specifies the source address for outgoing TFTP packets. If this keyword is not specified, the device uses the primary IPv4 address of the output interface for the route to the server as the source IPv4 address of outgoing TFTP packets.
· interface interface-type interface-number: Specifies an interface by its type and number. The primary IPv4 address of this interface will be used as the source IPv4 address for outgoing TFTP packets. Make sure the interface is up and has the primary IPv4 address configured. Otherwise, the transmission fails.
· ip source-ip-address: Specifies an IPv4 address. This address must be the IPv4 address of an interface in up state. Otherwise, the transmission fails.
Usages guidelines
The source address specified with the tftp command takes precedence over the source address specified with the tftp client source command.
The source address specified with the tftp client source command applies to all TFTP connections. The source address specified with the tftp command applies only to the current TFTP connection.
Examples
# Download the new.bin file from the TFTP server at 192.168.1.1 and save it as new.bin.
<Sysname> tftp 192.168.1.1 get new.bin
Press CTRL+C to abort.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 13.9M 100 13.9M 0 0 1206k 0 0:00:11 0:00:11 --:--:-- 1206k
<System>
Field |
Description |
% |
Percentage of file transmission progress. |
Total |
Size of files to be transmitted, in bytes. |
% |
Percentage of received file size to total file size. |
Received |
Received file size, in bytes. |
% |
Percentage of sent file size to total file size. |
Xferd |
Sent file size, in bytes. |
Average Dload |
Average download speed, in bps. |
Speed Upload |
Average upload speed, in bps. |
Related commands
tftp client source
tftp client source
Use tftp client source to specify the source IPv4 address for TFTP packets sent by the TFTP client.
Use undo tftp client source to restore the default.
Syntax
tftp client source { interface interface-type interface-number | ip source-ip-address }
undo tftp client source
Default
No source IPv4 address is specified for outgoing TFTP packets. The device uses the primary IPv4 address of the output interface for the route to the server as the source IP address.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
interface interface-type interface-number: Specifies the source interface for establishing TFTP connections. The primary IPv4 address of the source interface is used as the source IPv4 address for packets sent to a TFTP server. Make sure the interface is up and has the primary IPv4 address configured. Otherwise, the transmission fails.
ip source-ip-address: Specifies the source IPv4 address for outgoing TFTP packets. It must be the IPv4 address of an interface in up state. Otherwise, the transmission fails.
Usages guidelines
If you execute this command multiple times, the most recent configuration takes effect.
The source address specified with the tftp command takes precedence over the source address specified with the tftp client source command.
The source address specified with the tftp client source command applies to all TFTP connections. The source address specified with the tftp command applies only to the current TFTP connection.
Examples
# Specify the source IP address of sent TFTP packets as 192.168.20.222.
<Sysname> system-view
[Sysname] tftp client source ip 192.168.20.222
Related commands
tftp
tftp-server acl
Use tftp-server acl to use an ACL to control the device's access to TFTP servers in an IPv4 network.
Use undo tftp-server acl to restore the default.
Syntax
tftp-server acl acl-number
undo tftp-server acl
Default
No ACL is used to control the device's access to TFTP servers.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl-number: Specifies the number of a basic ACL, in the range of 2000 to 2999.
Usages guidelines
You can use an ACL to deny or permit the device's access to specific TFTP servers.
Examples
# Allow the device to access only the TFTP server at 1.1.1.1.
<Sysname> system-view
[Sysname] acl number 2000
[Sysname-acl-basic-2000] rule permit source 1.1.1.1 0
[Sysname-acl-basic-2000] quit
[Sysname] tftp-server acl 2000
File system management commands
IMPORTANT: · Before managing storage media, files, and directories, make sure you know the possible impacts. · A file or directory whose name starts with a period (.) is considered a hidden file or directory. Do not give a common file or directory a name that starts with a period. · Some system files and directories are hidden. |
A file name must be specified in one of the file name formats allowed. For more information, see Fundamentals Configuration Guide.
Before you use the copy, delete, fixdisk, format, gunzip, gzip, mkdir, move, rename, rmdir, or undelete command on a USB disk, make sure the disk is not write protected.
cd
Use cd to change the current working directory.
Syntax
cd { directory | .. }
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the name of the destination directory, in the format [drive:/]path. For more information about how to enter the drive and path arguments, see Fundamentals Configuration Guide. If no drive information is provided, the argument represents a folder or subfolder in the current directory.
..: Specifies the parent directory. If the current working directory is the root directory, or if no upper directory exists, the system displays an error message when you execute the cd .. command. No online help information is available for this keyword.
Examples
# Access the test folder after logging in to the device.
<Sysname> cd test
# Return to the upper directory.
<Sysname> cd ..
# In standalone mode, change the current working directory:
1. View the slot number of the standby MPU.
<Sysname> display device
Slot No. Brd Type Brd Status Subslot Num Sft Ver Patch Ver
0 NONE Absent 0 NONE None
1 NONE Absent 0 NONE None
2 NONE Absent 0 NONE None
3 NONE Absent 0 NONE None
4 NONE Absent 0 NONE None
5 NONE Absent 0 NONE None
6 NONE Absent 0 NONE None
7 NONE Absent 0 NONE None
8 NONE Absent 0 NONE None
9 LSX1TGS48FC1 Normal 0 S12510-X-1105 None
10 LSX1FAB10B1 Normal 0 S12510-X-1105 None
11 LSX1FAB10B1 Normal 0 S12510-X-1105 None
12 NONE Absent 0 NONE None
13 NONE Absent 0 NONE None
14 NONE Absent 0 NONE None
15 NONE Absent 0 NONE None
16 LSX1SUP10B1 Standby 0 S12510-X-1105 None
17 LSX1SUP10B1 Master 0 S12510-X-1105 None
The output shows that the standby MPU is in slot 16.
2. Change to the root directory of the standby MPU's flash memory.
<Sysname> cd slot16#flash:/
3. Change back to the test folder of the active MPU's flash memory.
<Sysname> cd flash:/test
# In IRF mode, change the current working directory:
4. View the chassis numbers and slot numbers of MPUs.
<Sysname> display irf
Member Slot Role Priority CPU-Mac
2 0 Standby 20 00e0-fc0f-8c0f
2 1 Standby 20 00e0-fc0f-8c1f
*+3 5 Master 20 00e0-fc0f-8c22
3 6 Standby 20 00e0-fc0f-8c32
--------------------------------------------------
* indicates the device is the master.
+ indicates the device through which the user logs in.
The Bridge MAC of the IRF is: 00e0-fc00-0a00
Auto upgrade : yes
Mac persistent : 6 min
The output shows that the IRF fabric has two members:
¡ The global active MPU is in slot 5 of member device 3.
¡ The global standby MPUs are in slots 0 and 1 of member device 2, and slot 6 of member device 3.
5. Change to the test folder of the global active MPU's flash memory.
<Sysname> cd flash:/test
6. Change to the root directory of the flash memory on the global standby MPU that resides in slot 16 of member device 2.
<Sysname> cd chassis2#slot16#flash:/
7. Change back to the root directory of the global active MPU's flash memory.
<Sysname> cd flash:/
copy
Use copy to copy a file.
Syntax
copy fileurl-source fileurl-dest
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
fileurl-source: Specifies the name or URL of the file to be copied. If the file resides on an FTP or TFTP server rather than on the device, specify the URL of the file. Whether a URL is case sensitive depends on the server.
fileurl-dest: Specifies the name or URL of the destination file or directory. To copy the source file to an FTP or TFTP server, specify a URL. If you specify a directory, the device copies the specified file to the directory and saves it with its original file name. Whether a URL is case sensitive depends on the server.
Usage guidelines
You can use the copy command to perform the following operations:
· Copy a local file and save it locally.
· Copy a local file and save it to an IPv4 FTP or TFTP server.
· Copy a file on an IPv4 FTP or TFTP server and save it locally.
To specify a file or directory, use the following guidelines:
Location |
Name format |
Remarks |
On the device |
Use the file name guidelines in Fundamentals Configuration Guide. |
N/A |
On an FTP server |
Enter the URL in the format ftp://FTP username[:password]@server address[:port number]/file path[/file name]. |
The username and password must be the same as those configured on the FTP server. If the server authenticates users only by the username, you are not required to enter the password. For example, to use the username 1 and password 1 and specify the startup.cfg file in the authorized working directory on FTP server 1.1.1.1, enter the URL ftp://1:1@1.1.1.1/startup.cfg. |
On a TFTP server |
Enter the URL in the format tftp://server address[:port number]/file path[/file name]. |
For example, to specify the startup.cfg file in the working directory on TFTP server 1.1.1.1, enter the URL tftp://1.1.1.1/startup.cfg. |
Examples
# Copy the test.cfg file in the current folder and save it to the current folder as testbackup.cfg.
<Sysname> copy test.cfg testbackup.cfg
Copy flash:/test.cfg to flash:/testbackup.cfg?[Y/N]:y
Copying file flash:/test.cfg to flash:/testbackup.cfg...Done.
# Copy 1.cfg from the Flash's test folder to the USB disk's first partition, and save it to the testbackup folder as 1backup.cfg.
<Sysname> copy flash:/test/1.cfg usb0:/testbackup/1backup.cfg
Copy flash:/test/1.cfg to usb0:/testbackup/1backup.cfg?[Y/N]:y
Copying file flash:/test/1.cfg to usb0:/testbackup/1backup.cfg...Done.
# Copy test.cfg from the working directory on FTP server 1.1.1.1 and save it to the local current folder as testbackup.cfg. In this example, the FTP username and password are user and private.
<Sysname> copy ftp://user:private@1.1.1.1/test.cfg testbackup.cfg
Copy ftp://user:private@1.1.1.1/test.cfg to flash:/testbackup.cfg?[Y/N]:y
Copying file ftp://user:private@1.1.1.1/test.cfg to flash:/testbackup.cfg... Done.
# Copy test.cfg from the current folder and save it to the working directory on FTP server 1.1.1.1 as testbackup.cfg. In this example, the FTP username and password are user and private.
<Sysname> copy test.cfg ftp://user:private@1.1.1.1/testbackup.cfg
Copy flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg?[Y/N]:y
Copying file flash:/test.cfg to ftp://user:private@1.1.1.1/testbackup.cfg... Done.
# Copy test.cfg from the working directory on TFTP server 1.1.1.1 and save it to the local current folder as testbackup.cfg.
<Sysname> copy tftp://1.1.1.1/test.cfg testbackup.cfg
Copy tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg?[Y/N]:y
Copying file tftp://1.1.1.1/test.cfg to flash:/testbackup.cfg... Done.
# Copy test.cfg from the current folder and save it to the working directory on TFTP server 1.1.1.1 as testbackup.cfg.
<Sysname> copy test.cfg tftp://1.1.1.1/testbackup.cfg
Copy flash:/test.cfg to tftp://1.1.1.1/testbackup.cfg?[Y/N]:y
Copying file flash:/test.cfg to tftp://1.1.1.1/testbackup.cfg... Done.
# In standalone mode, copy the active MPU's configuration file test.cfg to the root directory of the standby MPU's flash memory.
<Sysname> copy test.cfg slot16#flash:/
Copy flash:/test.cfg to slot16#flash:/test.cfg?[Y/N]:y
Copying file flash:/test.cfg to slot16#flash:/test.cfg...Done.
# In IRF mode, copy the global active MPU's configuration file test.cfg to the root directory of a global standby MPU's flash memory. The global standby MPU resides in slot 16 of member device 2.
<Sysname> copy chassis1#slot16#flash:/test.cfg chassis2#slot16#flash:/
Copy chassis1#slot16#flash:/test.cfg to chassis2#slot16#flash:/test.cfg?[Y/N]:y
Copying file chassis1#slot16#flash:/test.cfg to chassis2#slot16#flash:/test.cfg...Done.
delete
Use delete to delete a file.
Syntax
delete [ /unreserved ] file-url
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
/unreserved: Permanently deletes the specified file. If you do not specify this keyword, the command moves the file to the recycle bin.
file-url: Specifies the name of the file to be deleted. Asterisks (*) are acceptable as wildcards. For example, to remove files with the .txt extension in the current directory, enter delete *.txt.
Usage guidelines
Use the delete /unreserved file-url command with caution. You cannot restore a file that was deleted with this command.
The delete file-url command (without the /unreserved option) moves the specified file to the recycle bin unless the device is running out of storage space. If the device is running out of storage space, the file is permanently deleted.
A file moved to the recycle bin can be restored by using the undelete command.
Do not use the delete command to delete files from the recycle bin. To delete files from the recycle bin, use the reset recycle-bin command.
If you delete two files that have the same name but reside in different directories, both files are retained in the recycle bin. If you successively delete two files that have the same name from the same directory, only the file deleted last is retained in the recycle bin.
Examples
# In standalone mode, remove file 1.cfg from the active MPU's flash root directory.
<Sysname> delete 1.cfg
Delete flash:/1.cfg? [Y/N]:y
Deleting file flash:/1.cfg...Done.
# In standalone mode, permanently delete file 1.cfg from the active MPU's flash root directory.
<Sysname> delete /unreserved 1.cfg
The file cannot be restored. Delete flash:/1.cfg?[Y/N]:y
Deleting the file permanently will take a long time. Please wait...
Deleting file flash:/1.cfg...Done.
# In standalone mode, remove file 1.cfg from the flash root directory of the standby MPU (in slot 17):
· Method 1
<Sysname> delete slot17#flash:/1.cfg
Delete slot17#flash:/1.cfg?[Y/N]:y
Deleting file slot17#flash:/1.cfg...Done.
· Method 2
<Sysname> cd slot17#flash:/
<Sysname> delete 1.cfg
Delete slot17#flash:/1.cfg?[Y/N]:y
Deleting file slot17#flash:/1.cfg...Done.
# In IRF mode, remove file 1.cfg from the global active MPU's flash root directory.
<Sysname> delete 1.cfg
Delete flash:/1.cfg?[Y/N]:y
Deleting file flash:/1.cfg...Done.
# In IRF mode, permanently delete file 1.cfg from the global active MPU's flash root directory.
<Sysname> delete /unreserved 1.cfg
The file cannot be restored. Delete flash:/1.cfg?[Y/N]:y
Deleting the file permanently will take a long time. Please wait...
# In IRF mode, remove file 1.cfg from the flash root directory of the global standby MPU that resides in slot 16 of member device 1:
· Method 1
<Sysname> delete chassis1#slot16#flash:/1.cfg
Delete chassis1#slot16#flash:/1.cfg?[Y/N]:y
Deleting file chassis1#slot16#flash:/1.cfg...Done.
· Method 2
<Sysname> cd chassis1#slot16#flash:/
<Sysname> delete 1.cfg
Delete chassis1#slot16#flash:/1.cfg?[Y/N]:y
Deleting file chassis1#slot16#flash:/1.cfg...Done.
Related commands
· reset recycle-bin
· undelete
dir
Use dir to display files or folders.
Syntax
dir [ /all ] [ file-url | /all-filesystems ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
/all: Displays all files and folders in the current directory, visible or hidden. If you do not specify this option, only visible files and folders are displayed.
file-url: Displays a specific file or folder. The file-url argument can use the asterisk (*) as a wildcard. For example, to display files with the .txt extension in the current directory, enter dir *.txt.
/all-filesystems: Displays files and folders in the root directory of all storage media on the device.
Usage guidelines
If no option is specified, the command displays all visible files and folders in the current directory.
The folder name of the recycle bin is .trash. To display files in the recycle bin, use either of the following methods:
· Execute the dir /all .trash command.
· Execute the cd .trash command and then the dir command.
Examples
# In standalone mode, display all files and folders in the current directory.
<Sysname> dir /all
Directory of flash:/
...
# In standalone mode, display files and folders in the root directories of all storage media on the device.
<Sysname> dir /all-filesystems
Directory of flash:/
...
Directory of usb0:/
...
Directory of slot7#flash:/
...
Directory of slot7#usb0:/
...
# In standalone mode, display files and folders in the root directory of the flash memory on the standby MPU (in slot 16).
<Sysname> cd slot16#flash:/
<Sysname> dir /all
...
# In IRF mode, display information about all files and folders on the global active MPU's storage media.
<Sysname> dir /all
Directory of flash:/
...
# In IRF mode, display files and folders in the root directories of every storage medium in the IRF fabric.
<Sysname> dir /all-filesystems
Directory of flash:/
...
Directory of chassis1#slot1#flash:/
...
# In IRF mode, display information about all files and folders in the storage medium of the global standby MPU that resides in slot 16 of member device 1:
· Method 1
<Sysname> dir /all chassis1#slot16#flash:/
Directory of chassis1#slot16#flash:/
...
· Method 2
<Sysname> cd chassis1#slot16#flash:/
<Sysname> dir /all
...
Table 17 Command output
Field |
Description |
Directory of |
Current directory. |
0 -rwh 3144 Apr 26 2008 13:45:28 xx.xx |
File or folder information: · 0—File or folder number, which is automatically allocated by the system. · -rwh—Attributes of the file or folder. The first character is the folder indicator (d for folder and – for file). The second character indicates whether the file or folder is readable (r for readable). The third character indicates whether the file or directory is writable (w for writable). The fourth character indicates whether the file or directory is hidden (h for hidden, - for visible). Modifying, renaming, or deleting hidden files might affect functions. · 3144—File size in bytes. For a folder, a hyphen (-) is displayed. · Apr 26 2008 13:45:28—Last date and time when the file or folder was modified. · xx.xx—File or folder name. |
fdisk
Use fdisk to partition a storage medium.
Syntax
fdisk medium-name [ partition-number ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
medium-name: Specifies the name of the storage medium to be partitioned.
partition-number: Specifies the number of partitions, in the range of 1 to 4.
Usage guidelines
The Flash cannot be partitioned.
If the partition-number argument is specified, the storage medium is divided into the specified number of partitions. Otherwise, partitioning is performed in an interactive way.
It is normal that the specified partition size and the actual partition size have an error less than 5% of the total memory.
A partition cannot be partitioned.
Before partitioning a USB disk:
· Back up the files in the storage medium. The partition operation clears all data in the medium.
· If you are partitioning a USB disk, make sure the disk is not write protected. Otherwise, the partition operation will fail, and you must remount or reinstall the disk to restore access to the USB disk.
· Make sure no other users are accessing the medium. Otherwise, the partition operation fails.
Examples
# Divide the USB disk on the device evenly into three partitions in simple mode.
<Sysname> fdisk usb: 3
Capacity of usb: : 256M bytes
usb: will be divided into the following partitions:
DeviceName Capacity
usb0: 85MB
usb1: 85MB
usb2: 86MB
All data on usb: will be lost, continue? [Y/N]:y
Partitioning usb:...Done.
# Divide the USB disk on the device into one partition in an interactive way.
<Sysname> fdisk usb:
The capacity of usb: : 256M bytes
Partition 1 (32MB~224MB, 256MB. Press CTRL+C to quit or Enter to use all available space):
// Press Enter or enter 256.
usb: will be divided into the following partition(s):
DeviceName Capacity
usb0: 256MB
All data on usb: will be lost, continue? [Y/N]:y
Partitioning usb:...Done.
# Divide the USB disk on the device into three partitions and specify the size for each partition:
<Sysname> fdisk usb:
The capacity of usb: : 256M bytes
Partition 1 (32MB~224MB, 256MB, Press CTRL+C to quit or Enter to use all available space):128
// Enter 128 to set the size of the first partition to 128 MB.
Partition 2 (32MB~96MB, 128MB, Press CTRL+C to quit or Enter to use all available space):31
// Enter 31 to set the size of the second partition to 31 MB.
The partition size must be greater than or equal to 32MB.
Partition 2 (32MB~96MB, 128MB, Press CTRL+C to quit or Enter to use all available space):1000
// Enter 1000 to set the size of the second partition to 1000 MB.
The partition size must be less than or equal to 128MB.
Partition 2 (32MB~96MB, 128MB, Press CTRL+C to quit or Enter to use all available space):127
// Enter 127 to set the size of the second partition to 127 MB.
The remaining space is less than 32MB. Please enter the size of partition 2 again.
Partition 2 (32MB~96MB, 128MB, Press CTRL+C to quit or Enter to use all available space):
// Enter 56 to set the size of the second partition to 56 MB.
Partition 3 (32MB~40MB, 72MB, Press CTRL+C to quit or Enter to use all available space):
// Press Enter to assign the remaining space to the third partition.
usb: will be divided into the following partition(s):
DeviceName Capacity
usb0: 128MB
usb1: 56MB
usb2: 72MB
All data on usb: will be lost, continue? [Y/N]:y
Partitioning usb:...Done.
file prompt
Use file prompt to set the operation mode for files and folders.
Use undo file prompt to restore the default.
Syntax
file prompt { alert | quiet }
undo file prompt
Default
The alert mode is activated and the system prompts for confirmation when you perform a destructive file or folder operation.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
alert: Prompts for confirmation when a destructive file or folder operation is being performed.
quiet: Gives no confirmation prompt for file or folder operations.
Usage guidelines
In quiet mode, the system does not prompt for confirmation when a user performs a file or folder operation. The alert mode provides an opportunity to cancel a disruptive operation.
Examples
# Set the file and folder operation mode to alert.
<Sysname> system-view
[Sysname] file prompt alert
fixdisk
Use fixdisk to check a storage medium for damage and repair any damage.
Syntax
fixdisk medium-name
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
medium-name: Specifies the name of a storage medium name.
Usage guidelines
Use this command to fix a storage medium when space on the medium cannot be used or released due to abnormal operations.
Before you repair a storage medium, make sure no other users are accessing the medium. Otherwise, the repair operation fails.
Examples
# Restore the space of the Flash.
<Sysname> fixdisk flash:
Restoring flash: may take some time...
Restoring flash:...Done.
format
Use format to format a storage medium.
Syntax
format medium-name
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
medium-name: Specifies the name of a storage medium.
Usage guidelines
Formatting a storage medium permanently deletes all files on the storage medium. If a startup configuration file exists on the storage medium, back it up if necessary.
To format a partitioned storage medium, you must format the partitions individually. You cannot use the format usb command to format the medium as a whole.
You can format a storage medium only when no one is accessing the medium.
Examples
# Format the Flash.
<Sysname> format flash:
All data on flash: will be lost, continue? [Y/N]:y
Formatting flash:... Done.
# Format the third partition of the USB disk.
<Sysname> format usb2:
All data on usb2: will be lost, continue? [Y/N]:y
Formatting usb2:... Done.
gunzip
Use gunzip to decompress a file.
Syntax
gunzip filename
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
filename: Specifies the name of the file to be decompressed. This argument must have .gz as the extension.
Usage guidelines
This command deletes the specified file after decompressing it.
Examples
# Decompress the file system.bin.gz.
1. Before decompressing the file, you can display files whose names start with the system. string.
<Sysname> dir system.*
Directory of flash:
1 -rw- 20 Jun 14 2012 10:18:53 system.bin.gz
472972 KB total (472840 KB free)
2. Decompress the file system.bin.gz.
<Sysname> gunzip system.bin.gz
Decompressing file system.bin.gz... Done.
3. Verify the decompress operation.
<Sysname> dir system.*
Directory of flash:
1 -rw- 0 May 30 2012 11:42:25 system.bin
472972 KB total (472844 KB free)
gzip
Use gzip to compress a file.
Syntax
gzip filename
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
filename: Specifies the name of the file to be compressed. The compressed file will be saved to file filename.gz.
Usage guidelines
This command deletes the specified file after compressing it.
Examples
# Compress the file system.bin.
1. Before compressing the file, you can display files whose names start with system.
<Sysname> dir system.*
Directory of flash:
1 -rw- 0 May 30 2012 11:42:24 system.bin
472972 KB total (472844 KB free)
2. Compress the file system.bin.
<Sysname> gzip system.bin
Compressing file system.bin... Done.
3. Verify the compress operation.
<Sysname> dir system.*
Directory of flash:
1 -rw- 20 Jun 14 2012 10:18:53 system.bin.gz
472972 KB total (472840 KB free)
md5sum
Use md5sum to use the MD5 algorithm to calculate the digest of a file.
Syntax
md5sum file-url
Views
User view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
file-url: Specifies the name of a file.
Usage guidelines
The digest can be used to verify the integrity of the file. For example, you can use this command to calculate the digest of a software image file and compare it with that provided on the H3C website to identify whether the file has been tampered with.
Examples
# Use the MD5 algorithm to calculate the digest of file system.bin.
<Sysname> md5sum system.bin
MD5 digest:
4f22b6190d151a167105df61c35f0917
Related commands
sha256sum
mkdir
Use mkdir to create a folder in the current directory.
Syntax
mkdir directory
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the name of a folder.
Usage guidelines
The name of the folder to be created must be unique in the specified directory.
To use this command to create a folder, the specified directory must exist. For example, to create the flash:/test/mytest folder, the test folder must exist. Otherwise, the mytest folder is not created.
Examples
# Create the test folder in the current directory.
<Sysname> mkdir test
Creating directory flash:/test... Done.
# Create the test/subtest folder in the current directory.
<Sysname> mkdir test/subtest
Creating directory flash:/test/subtest... Done.
# In standalone mode, create the test folder on the flash memory of the standby MPU (in slot 16).
<Sysname> mkdir slot16#flash:/test
Creating directory slot16#flash:/test... Done.
# In IRF mode, create the test folder on the global active MPU.
<Sysname> mkdir test
Creating directory flash:/test... Done.
# In IRF mode, create the test folder on the flash memory of the global standby MPU that resides in slot 16 of member device 2.
<Sysname> mkdir chassis2#slot16#flash:/test
Creating directory chassis2#slot16#flash:/test... Done.
more
Use more to display the contents of a text file.
Syntax
more file-url
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
file-url: Specifies a file name.
Examples
# Display the contents of the test.txt file.
<Sysname> more test.txt
Have a nice day.
# Display the contents of the testcfg.cfg file.
<Sysname> more testcfg.cfg
#
version 7.1.045, Ess 1105
#
sysname Sysname
#
telnet server enable
#
---- More ----
# In standalone mode, display the contents of the testcfg.cfg file on the standby MPU (in slot 16).
<Sysname> more slot16#flash:/testcfg.cfg
#
version 7.1.045, Ess 1105
#
sysname Sysname
#
telnet server enable
#
---- More ----
# In IRF mode, display the contents of the testcfg.cfg file on the global active MPU.
<Sysname> more testcfg.cfg
#
version 7.1.045, Ess 1105
#
sysname Sysname
#
telnet server enable
#
---- More ----
# In IRF mode, display the contents of the testcfg.cfg file on a global standby MPU.
<Sysname> more chassis2#slot16#flash:/testcfg.cfg
#
version 7.1.045, Ess 1105
#
sysname Sysname
#
telnet server enable
#
---- More ----
mount
Use mount to mount a hot swappable storage medium.
Syntax
mount medium-name
Default
A storage medium is automatically mounted and in mounted state after being connected to the device, and you can use it without mounting it.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
medium-name: Specifies the name of a storage medium.
Usage guidelines
To avoid file system corruption, do not perform the following operations while the system is mounting a storage medium:
· Installing or removing storage media or cards.
· Performing an active/standby switchover in standalone mode.
· Performing a switchover between the global active MPU and a global standby MPU in IRF mode.
To mount a partitioned storage medium, you must mount all the partitions individually, instead of mounting the storage medium as a whole.
Examples
# In standalone mode, mount a USB disk on the active MPU.
<Sysname> mount usb0:
# In standalone mode, mount a USB disk on the standby MPU (in slot 16).
<Sysname> mount slot16#usb0:
# In IRF mode, mount a USB disk on the global active MPU.
<Sysname> mount usb0:
# In IRF mode, mount a USB disk on the global standby MPU that resides in slot 17 of member device 2.
<Sysname> mount chassis2#slot17#usb0:
Related commands
umount
move
Use move to move a file.
Syntax
move fileurl-source fileurl-dest
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
fileurl-source: Specifies the name of the source file.
fileurl-dest: Specifies the name of the destination file or folder.
Usage guidelines
If you specify a destination folder, the system moves the source file to the specified folder without changing the file name.
Examples
# Move the flash:/test/sample.txt file to flash:/, and save it as 1.txt.
<Sysname> move test/sample.txt 1.txt
Move flash:/test/sample.txt to flash:/1.txt?[Y/N]:y
Moving file flash:/test/sample.txt to flash:/1.txt ...Done.
# Move the b.cfg file to the folder test2.
<Sysname> move b.cfg test2
Move flash:/b.cfg to flash:/test2/b.cfg?[Y/N]:y
Moving file flash:/b.cfg to flash:/test2/b.cfg... Done.
pwd
Use pwd to display the current working directory.
Syntax
pwd
Views
User view
Predefined user roles
network-admin
mdc-admin
Examples
# Display the current working directory.
<Sysname> pwd
flash:
rename
Use rename to rename a file or folder.
Syntax
rename fileurl-source fileurl-dest
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
fileurl-source: Specifies the name of the source file or folder.
fileurl-dest: Specifies the name of the destination file or folder.
Usage guidelines
If the destination file or folder name is the same as the name of an existing file or folder in the current working directory, this command is not executed.
Examples
# Rename the copy.cfg file as test.cfg.
<Sysname> rename copy.cfg test.cfg
Rename flash:/copy.cfg as flash:/test.cfg?[Y/N]:y
Renaming flash:/copy.cfg as flash:/test.cfg... Done.
reset recycle-bin
Use reset recycle-bin to delete files from the recycle bin.
Syntax
reset recycle-bin [ /force ]
Views
User view
Parameters
/force: Deletes all files in the recycle bin without prompting for confirmation. If you do not specify this option, the command prompts you to confirm the deletion.
Usage guidelines
The delete file-url command only moves a file to the recycle bin. To permanently delete the file, use the reset recycle-bin command to clear the recycle bin.
If a file is corrupted, you might not be able to delete the file by using the reset recycle-bin command. In this case, use the reset recycle-bin /force command.
Examples
# Empty the recycle bin. (In this example there are two files in the recycle bin.)
<Sysname> reset recycle-bin
Clear flash:/a.cfg?[Y/N]:y
Clearing file flash:/a.cfg... Done.
Clear flash:/b.cfg?[Y/N]:y
Clearing file flash:/b.cfg... Done.
# Delete the b.cfg file from the recycle bin. (In this example there are two files in the recycle bin.)
<Sysname> reset recycle-bin
Clear flash:/a.cfg?[Y/N]:n
Clear flash:/b.cfg?[Y/N]:y
Clearing file flash:/b.cfg... Done.
Related commands
delete
rmdir
Use rmdir to delete a folder.
Syntax
rmdir directory
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies a folder name.
Usage guidelines
To delete a directory, you must delete all files and subfolders in the directory permanently or move them to the recycle bin. If you move them to the recycle bin, executing the rmdir command permanently deletes them.
Examples
# Delete the subtest folder.
<Sysname>rmdir subtest/
Remove directory flash:/test/subtest and the files in the recycle-bin under this directory will be deleted permanently. Continue?[Y/N]:y
Removing directory flash:/test/subtest... Done.
sha256sum
Use sha256sum to use the SHA-256 algorithm to calculate the digest of a file.
Syntax
sha256sum file-url
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
file-url: Specifies the name of a file.
Usage guidelines
The digest can be used to verify the integrity of the file. For example, you can use this command to calculate the digest of a software image file and compare it with that provided on the H3C website to identify whether the file has been tampered with.
Examples
# Use the SHA-256 algorithm to calculate the digest of file system.bin.
<Sysname> sha256sum system.bin
SHA256 digest:
0851e0139f2770e87d01ee8c2995ca9e59a8f5f4062e99af14b141b1a36ca152
md5sum
tar create
Use tar create to archive files and folders.
Syntax
tar create [ gz ] archive-file fileurl-dest [ verbose ] source fileurl-source-list&<1-5>
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
gz: Uses gzip to compress the files and folders before archiving them.
archive-file fileurl-dest: Specifies the archive file name. If you specified the gz keyword, the suffix of this argument must be .tar.gz. If you did not specify the gz keyword, the suffix of this argument must be .tar.
verbose: Displays the names of the successfully archived files and folders.
source fileurl-source-list&<1-5>: Specifies the files and folders to be archived. The fileurl-source-list argument can be a space-separated list of up to five items. Each item can be a file or folder name.
Examples
# Archive file a.cfg to file a.tar.
<Sysname> tar create archive-file a.tar source a.cfg
Creating archive a.tar …… Done.
# Compress file a.cfg and archive the file to a.tar.gz.
<Sysname> tar create gz archive-file a.tar.gz source a.cfg
Creating archive a.tar.gz Done.
# Compress and archive files and folders, and display the successfully archived files and folders.
<Sysname> tar create gz archive-file a.tar.gz verbose source a.cfg a.dbm ./core
a.cfg
a.dbm
./core
Related commands
· tar extract
· tar list
tar extract
Use tar extract to extract files and folders.
Syntax
tar extract archive-file fileurl-dest [ verbose ] [ screen | to directory-name ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
archive-file fileurl-dest: Specifies the archive file name. The suffix can be .tar or .tar.gz.
verbose: Displays the names of the successfully extracted files and folders.
screen: Displays the content of the extracted files and folders on the screen. The extracted files are not saved.
to directory-name: Saves the extracted files and folders to a path.
Usage guidelines
If you do not specify the screen keyword or the to directory-name option, the command extracts the archived files and folders and saves them to the same folder as the archive file.
Examples
# Extract files and folders, and save them to the same folder as the archive file.
<Sysname> tar extract archive-file a.tar.gz
Extracting archive a.tar.gz …… Done.
# Extract files and folders, and display their content on the screen.
<Sysname> tar extract archive-file a.tar.gz verbose screen
a.cfg
#
version 7.1.045, Ess 1105
#
sysname H3C
#
# Extract files and folders, save them to the same folder as the archive file, and display the names of the archived files and folders.
<Sysname> tar extract archive-file a.tar.gz verbose
a.txt
# Extract files and folders, and save them to the path flash:/a.
<Sysname> tar extract archive-file a.tar.gz to flash:/a
Extracting archive a.tar.gz ......Done.
Related commands
· tar create
· tar list
tar list
Use tar list to display the names of archived files and folders.
Syntax
tar list archive-file fileurl-dest
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
archive-file fileurl-dest: Specifies the archive file name. The suffix can be .tar or .tar.gz.
Examples
# Display the names of archived files and folders.
<Sysname> tar list archive-file a.tar.gz
a.cfg
Related commands
· tar create
· tar extract
umount
Use umount to unmount a hot swappable storage medium.
Syntax
umount medium-name
Default
A storage medium is automatically mounted and placed in mounted state.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
medium-name: Specifies the name of a storage medium.
Usage guidelines
Before you remove a mounted storage medium from the system, first unmount it to avoid damaging the medium.
Before you unmount a storage medium, make sure no other users are accessing the medium. Otherwise, the unmount operation fails.
When a storage medium is connected to a lower version system, the system might not be able to automatically recognize the device. In this case, you must first execute the mount command for the storage medium to operate correctly.
To avoid file system corruption, do not perform the following operations while the system is unmounting a storage medium:
· Installing or removing storage media or cards.
· Performing an active/standby switchover in standalone mode.
· Performing a switchover between the global active MPU and a global standby MPU in IRF mode.
Examples
# In standalone mode, unmount a USB disk from the active MPU.
<Sysname> umount usb0:
# In standalone mode, unmount a USB disk from the standby MPU (in slot 16).
<Sysname> umount slot16#usb0:
# In IRF mode, unmount a USB disk from the global active MPU.
<Sysname> umount usb0:
# In IRF mode, unmount a USB disk from the global standby MPU that resides in slot 17 of member device 2.
<Sysname> umount chassis2#slot17# usb0:
Related commands
mount
undelete
Use undelete to restore a file from the recycle bin.
Syntax
undelete file-url
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
file-url: Specifies the name of the file to be restored.
Usage guidelines
If another file that has the same name exists in the directory, the system prompts you about whether to overwrite the existing file. If you enter Y, the existing file is overwritten. If you enter N, the command is not executed.
Examples
# Restore the copy.cfg file, which was moved from the flash: directory to the recycle bin.
<Sysname>undelete copy.cfg
Undelete flash:/copy.cfg?[Y/N]:y
Undeleting file flash:/copy.cfg... Done.
# Restore the startup.cfg file, which was moved from the flash:/seclog directory to the recycle bin:
· Method 1
<Sysname>undelete seclog/startup.cfg
Undelete flash:/seclog/startup.cfg?[Y/N]:y
Undeleting file flash:/seclog/startup.cfg... Done.
· Method 2
<Sysname> cd seclog
<Sysname> undelete startup.cfg
Undelete flash:/seclog/startup.cfg?[Y/N]:y
Undeleting file flash:/seclog/startup.cfg... Done.
Configuration file management commands
backup startup-configuration
Use backup startup-configuration to back up the main next-startup configuration file to a TFTP server.
Syntax
backup startup-configuration to tftp-server [ dest-filename ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
tftp-server: Specifies a TFTP server by its IPv4 address or host name. The host name is a case-insensitive string of 1 to 253 characters. Valid characters include letters, digits, hyphens (-), underscores (_), and dots (.).
dest-filename: Specifies the target file name used for saving the file on the server. The file name must use the .cfg extension. If you do not specify a target file name, the source file name is used.
Usage guidelines
This command is not supported in FIPS mode.
Examples
# Back up the main next-startup configuration file to the TFTP server at 2.2.2.2, and set the target file name to 192-168-1-26.cfg.
<Sysname> backup startup-configuration to 2.2.2.2 192-168-1-26.cfg
Backup next startup-configuration file to 2.2.2.2, please wait…finished
Related commands
restore startup-configuration
configuration commit
Use configuration commit to commit the settings configured after the configuration commit delay command was executed.
Syntax
configuration commit
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command is available in Release 1138P01 and later versions.
You must execute the configuration commit delay command before executing this command.
As a best practice, enable the information center and configure the information center to output logs to the console. Determine whether to commit the settings depending on the logs. For more information about the information center, see Network Management and Monitoring Configuration Guide.
Examples
# Set the allowed delay time to 10 minutes for a manual commit to keep the settings configured subsequently in effect.
<Sysname> system-view
[Sysname] configuration commit delay 10
# Commit the settings configured after the configuration commit delay command was executed.
[Sysname] configuration commit
# Commit the settings configured after the configuration commit delay command was executed. In this example, the commit operation fails, because the allowed delay time has expired. The device is rolling back the configuration to the settings before the configuration commit delay command was executed.
[Sysname] configuration commit
The system is rolling back configuration. Please wait…
configuration commit delay
Use configuration commit delay to set the allowed delay time for a manual commit to keep the settings configured subsequently in effect.
Syntax
configuration commit delay delay-time
Views
System view
Predefined user roles
network-admin
Parameters
delay-time: Sets the allowed delay time in the range of 1 to 65535 minutes.
Usage guidelines
This command is available in Release 1138P01 and later versions.
Configure this command in a single-user environment.
If you do not execute the configuration commit command within the delay time, the device rolls back the configuration to the settings before the configuration commit delay command was executed. The device outputs logs to notify the user of the rollback operation. The user cannot perform other operations before the rollback is finished.
As a best practice, set the allowed delay time in the following situations:
· The user configures the device remotely. The user might be disconnected from the device because of a setting. If the configuration commit delay command is configured and the setting is not committed, the user can reconnect to the device after the delay time expires.
· The user is not familiar with the device configuration. If any parameters are configured incorrectly, the rollback mechanism can remove the incorrect settings after the delay time expires.
You can change the allowed delay time before the previous configured delay time expires. The new delay time configuration overwrites the previous delay time configuration after you enter Y to confirm the change. The allowed delay time is re-set.
Examples
# Set the allowed delay time to 10 minutes for a manual commit to keep the settings configured subsequently in effect.
<Sysname> system-view
[Sysname] configuration commit delay 10
# Re-set the allowed delay time to 60 minutes for a manual commit to keep the settings configured subsequently in effect.
[Sysname] configuration commit delay 60
The commit delay already set 10 minutes, overwrite it? [Y/N]:y
# Re-set the allowed delay time to 20 minutes for a manual commit to keep the settings configured subsequently in effect. In this example, the configuration fails, because the previous configured delay time has expired. The device is rolling back the configuration to the settings before the configuration commit delay command was executed the previous time.
[Sysname] configuration commit delay 20
The system is rolling back configuration. Please wait…
configuration encrypt
Use configuration encrypt to enable configuration encryption.
Use undo configuration encrypt to restore the default.
Syntax
configuration encrypt { private-key | public-key }
undo configuration encrypt
Default
Configuration encryption is disabled. The running configuration is saved to a configuration file without encryption.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
private-key: Encrypts configuration with a private key. All H3C devices running Comware V7 software use the same private key.
public-key: Encrypts configuration with a public key. All H3C devices running Comware V7 software use the same public key.
Usage guidelines
Configuration encryption enables the device to automatically encrypt a configuration file when saving the running configuration to the file.
Examples
# Enable the public-key method for configuration encryption.
<Sysname> system-view
[Sysname] configuration encrypt public-key
display current-configuration
Use display current-configuration to display the running configuration.
Syntax
display current-configuration [ configuration [ module-name ] | interface [ interface-type [ interface-number ] ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
configuration [ module-name ]: Displays feature configuration. The module-name argument specifies a feature module. If no feature module is specified, this command displays all feature settings you have made. Available feature modules depend on your configuration.
interface [ interface-type [ interface-number ] ]: Displays interface configuration, where the interface-type argument represents the interface type and the interface-number argument represents the interface number.
Usage guidelines
Use this command to verify the running configuration you have made.
If the system has automatically changed the setting you have made for a parameter, this command displays the effective setting instead of the configured one. An automatic change typically occurs because of system restrictions.
Typically, this command does not display parameters that are using the default settings.
Examples
# Display local user configuration.
<Sysname> display current-configuration configuration local-user
#
local-user root class manage
password hash $h$6$Twd73mLrN8O2vvD5$Cz1vgdpR4KoTiRQNE9pg33gU14Br2p1VguczLSVyJLO2huV5Syx/LfDIf8ROLtVErJ/C31oq2rFtmNuyZf4STw==
service-type ssh telnet terminal
authorization-attribute user-role network-admin
authorization-attribute user-role network-operator
#
return
# Display Ethernet interface configuration.
<Sysname> display current-configuration interface fortygige 1/0/1
#
interface FortyGigE1/0/1
port link-mode route
#
return
display current-configuration diff
Use display current-configuration diff to display the configuration differences between the running configuration and the next-startup configuration file.
Syntax
display current-configuration diff
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
This command compares the running configuration with the settings in the next-startup configuration file in the following steps:
1. Compares the running configuration with the settings in the main next-startup configuration file.
2. If the main next-startup configuration file is unavailable or corrupt, this command compares the running configuration with the settings in the backup next-startup configuration file.
If both the main and backup next-startup configuration files are unavailable or corrupt, the system displays a message indicating that the next-startup configuration file does not exist.
Examples
# Display the configuration differences between the running configuration and the next-startup configuration file.
<TEST1>display current-configuration diff
--- Startup configuration
+++ Current configuration
@@ -6,7 +6,7 @@
#
stp global enable
#
- sysname TEST
+ sysname TEST1
#
telnet server enable
#
Field |
Description |
- - - A +++ B |
· A displays Startup configuration, Current configuration, or the name of the source configuration file with its directory information. · B displays Current configuration, Startup configuration, or the name of the target configuration file with its directory information. |
@@ -linenumber1,number1 +linenumber2,number2 @@ |
Location summary for a command line difference: · -linenumber1,number1—A total number of number1 lines are excerpted from line number linenumber1 in A. These lines contain a command line difference. · +linenumber2,number2—A total number of number2 lines are excerpted from line number linenumber2 in B. These lines contain a command line difference. |
cmd1 - cmd2 + cmd3 cmd4 |
Command line difference: · cmd1 and cmd4 provide a context for locating the different command lines. · - cmd2 represents the different command line in A. · + cmd3 represents the different command line in B. |
Related commands
· display current-configuration
· display diff
· display saved-configuration
display default-configuration
Use display default-configuration to display the factory defaults.
Syntax
display default-configuration
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
The device does not have factory defaults. When you execute this command, the device displays nothing.
Examples
# Display the factory defaults.
<Sysname> display default-configuration
display diff
Use display diff to display the configuration differences between two configuration files or between a configuration file and the running configuration.
Syntax
display diff current-configuration { configfile file-name-d | startup-configuration }
display diff startup-configuration { configfile file-name-d | current-configuration }
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
configfile file-name-s: Specifies the source configuration file for comparison.
configfile file-name-d: Specifies the target configuration file for comparison.
current-configuration: Specifies the running configuration. In the display diff current-configuration command, this keyword specifies the source configuration for comparison. In the display diff configfile file-name-s and display diff startup-configuration commands, this keyword specifies the target configuration.
startup-configuration: Specifies the next-startup configuration file. In the display diff startup-configuration command, this keyword specifies the source configuration file for comparison. In the display diff configfile file-name-s and display diff current-configuration commands, this keyword specifies the target configuration file.
Usage guidelines
If you specify the startup-configuration keyword, the system searches for the next-startup configuration file for comparison in the following order:
1. The main next-startup configuration file.
2. The backup next-startup configuration file if the main next-startup configuration file is unavailable or corrupt.
If both the main and backup next-startup configuration files are unavailable or corrupt, the system displays a message indicating that the next-startup configuration file does not exist.
Examples
# Display the configuration differences between test.cfg and testsys.cfg.
<Sysname> display diff configfile test.cfg configfile testsys.cfg
--- flash:/test.cfg
+++ flash:/testsys.cfg
@@ -6,7 +6,7 @@
#
stp global enable
#
- sysname test
+ sysname test1
#
telnet server enable
#
# Display the configuration differences between test.cfg and testsys.cfg on the master and subordinate devices in an IRF fabric.
<Sysname>display diff configfile chassis1#slot17#flash:/test.cfg configfile chassis2#slot17#flash:/testsys.cfg
+++ chassis2#slot17#flash:/testsys.cfg
@@ -6,7 +6,7 @@
#
stp global enable
#
- sysname TEST
+ sysname TEST1
#
telnet server enable
#
# Display the configuration differences between the running configuration and the next-startup configuration file.
<TEST> display diff current-configuration startup-configuration
--- Current configuration
+++ Startup configuration
@@ -6,7 +6,7 @@
#
stp global enable
#
- sysname TEST
+ sysname TEST1
#
telnet server enable
#
For command output, see Table 18.
Related commands
· display current-configuration
· display current-configuration diff
display saved-configuration
Use display saved-configuration to display the contents of the configuration file for the next system startup.
Syntax
display saved-configuration
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Use this command to verify that important settings have been saved to the configuration file for the next system startup.
This command selects the configuration file to display in the following order:
1. If the main startup configuration file is available, this command displays the contents of the main startup configuration file.
2. If the main startup configuration file is not available but the backup startup configuration file is available, this command displays the contents of the backup file.
3. If both the main and backup startup configuration files are not available, this command does not display anything.
Examples
# Display the contents of the configuration file for the next system startup.
<Sysname> display saved-configuration
#
Version 7.1.045, Ess 1105
#
sysname Sysname
#
telnet server enable
#
---- More ----
Related commands
· reset saved-configuration
· save
display startup
Use display startup to display the current startup configuration file and the next-startup configuration files.
Syntax
display startup
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Current startup configuration file is the configuration file that has been loaded. Next-startup configuration file is the configuration file used at the next startup.
In standalone mode:
The standby MPU always uses the same current startup configuration file as the active MPU. After an active/standby switchover, it is normal that the current startup configuration files on them are displayed as NULL, because the new active MPU continues to run with the running configuration rather than rebooting with the previous current startup configuration file.
In IRF mode:
The standby MPUs in the IRF fabric always use the same current startup configuration file as the global active MPU. After an active/standby switchover, it is normal that the current startup configuration files on them are displayed as NULL, because the new global active MPU continues to run with the running configuration rather than rebooting with the previous current startup configuration file.
Examples
# (In standalone mode.) Display startup configuration files.
<Sysname> display startup
MainBoard:
Current startup saved-configuration file: flash:/startup.cfg
Next main startup saved-configuration file: flash:/startup.cfg
Next backup startup saved-configuration file: NULL
Slot 16:
Current startup saved-configuration file: flash:/startup.cfg
Next main startup saved-configuration file: flash:/startup.cfg
Next backup startup saved-configuration file: NULL
Table 19 Command output
Field |
Description |
MainBoard |
Displays the startup configuration files on the active MPU. |
Current startup saved-configuration file |
Configuration file that the active MPU has started up with. |
Next main startup saved-configuration file |
Primary startup configuration file to be used at the next startup. |
Next backup startup saved-configuration file |
Backup startup configuration file to be used at the next startup. |
Slot n |
Displays the startup configuration files on the standby MPU in slot n. |
# (In IRF mode.) Display startup configuration files.
<Sysname> display startup
MainBoard:
Current startup saved-configuration file: NULL
Next main startup saved-configuration file: flash:/startup.cfg
Next backup startup saved-configuration file: flash:/startup2.cfg
Chassis 2 Slot 16:
Current startup saved-configuration file: NULL
Next main startup saved-configuration file: flash:/startup.cfg
Next backup startup saved-configuration file: flash:/startup2.cfg
Table 20 Command output
Field |
Description |
MainBoard |
Displays the startup configuration files on the global active MPU. |
Current startup saved-configuration file |
Configuration file that the global active MPU has started up with. |
Next main startup saved-configuration file |
Primary configuration file to be used at the next startup. |
Next backup startup saved-configuration file |
Backup configuration file to be used at the next startup. |
(This file does not exist.) |
If the specified next-startup configuration file has been deleted, this comment appears next to the file name. |
Chassis x Slot n |
Displays the startup configuration files on the MPU in slot n of IRF member x. |
Related commands
startup saved-configuration
display this
Use display this to display the running configuration in the current view.
Syntax
display this
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Use this command to verify the configuration you have made in a certain view.
Typically, this command does not display parameters that are set to their default settings.
For some parameters that can be successfully set even if their dependent features are not enabled, this command displays their settings after the dependent features are enabled.
This command can be executed in any user line view to display the running configuration of all user lines.
Examples
# Display the running configuration on interface FortyGigE 1/0/1.
<Sysname> system-view
[Sysname] interface fortygige 1/0/1
[Sysname-FortyGigE1/0/1] display this
#
interface FortyGigE1/0/1
port link-mode route
#
return
# Display the running configuration on user lines.
<Sysname> system-view
[Sysname] line vty 0
[Sysname-line-vty0] display this
#
line aux 0
user-role network-admin
#
line vty 0 63
authentication-mode none
user-role network-admin
user-role network-operator
#
return
reset saved-configuration
Use reset saved-configuration to delete next-startup configuration files.
Syntax
reset saved-configuration [ backup | main ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
backup: Deletes the backup next-startup configuration file.
main: Deletes the main next-startup configuration file.
Usage guidelines
CAUTION: Use this command with caution. In standalone mode, this command permanently deletes the next-startup configuration files from both MPUs. In IRF mode, this command permanently deletes the next-startup configuration files on all MPUs in the IRF fabric. |
Delete a next-startup configuration file if it is corrupted or does not match the software version.
You can delete the main, the backup, or both.
To delete a file that is set as both main and backup next-startup configuration files, you must execute both the reset saved-configuration backup command and the reset saved-configuration main command. Using only one of the commands removes the specified file attribute instead of deleting the file.
For example, if the reset saved-configuration backup command is executed, the backup next-startup configuration file setting is set to NULL, but the file is still used as the main file. To delete the file, you must also execute the reset saved-configuration main command.
If no configuration file attribute is specified, the reset saved-configuration command deletes the main next-startup configuration file.
Examples
# (In standalone mode.) Delete the main next-startup configuration file.
<Sysname> reset saved-configuration
The saved configuration file will be erased. Are you sure? [Y/N]:y
Configuration file in flash is being cleared.
Please wait ...
..
MainBoard:
Configuration file is cleared.
Slot 16:
Erase next configuration file successfully
# (In IRF mode.) Delete the backup next-startup configuration file.
<Sysname> reset saved-configuration backup
The saved configuration file will be erased. Are you sure? [Y/N]:y
Configuration file in flash is being cleared.
Please wait ...
..
MainBoard:
Configuration file is cleared.
Chassis 2 Slot 16:
Erase next configuration file successfully
Related commands
display saved-configuration
restore startup-configuration
Use restore startup-configuration to download a configuration file from a TFTP server and specify it as the main next-startup configuration file.
Syntax
restore startup-configuration from tftp-server src-filename
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
tftp-server: Specifies a TFTP server's IPv4 address or host name. The host name is a case-insensitive string of 1 to 253 characters. Valid characters include letters, digits, hyphens (-), underscores (_), and dots (.).
src-filename: Specifies the file name of the configuration file to be downloaded.
Usage guidelines
This command is not supported in FIPS mode.
Before restoring the configuration file for the next startup, make sure the following requirements are met:
· The server is reachable.
· The server is enabled with TFTP service.
· You have read and write permissions to the server.
This command provides an easy method for configuration file restoration by automatically performing all operations required for restoring the main next-startup configuration file.
This command downloads the configuration file to the root directory of the default storage medium on each MPU and specifies the file as the main next-startup configuration file.
If the USB disk is used and partitioned, the configuration file is saved on the first partition.
This command assumes that all MPUs use the same type of default storage medium. If a standby MPU uses a different type of default storage medium than the active MPU, the command cannot propagate the configuration file to the standby MPU. For example, the standby MPU uses a USB disk, but the active MPU uses a flash memory. In this situation, you must manually restore the next-startup configuration file on the standby MPU.
Examples
# (In standalone mode.) Download the configuration file config.cfg from the TFTP server at 2.2.2.2, and specify the file as the main next-startup configuration file.
<Sysname> restore startup-configuration from 2.2.2.2 config.cfg
Restoring the next startup-configuration file from 2.2.2.2. Please wait...finished.
Now restoring the next startup-configuration file from main board to backup board. Please wait...finished.
# (In IRF mode.) Download the configuration file config.cfg from the TFTP server at 2.2.2.2 and specify the file as the main next-startup configuration file.
<Sysname> restore startup-configuration from 2.2.2.2 config.cfg
Restoring the next startup-configuration file from 2.2.2.2. Please wait...finished.
Now restoring the next startup-configuration file from main board to backup board. Please wait...finished.
Related commands
backup startup-configuration
save
In standalone mode:
Use save file-url [ all | slot slot-number ] to save the running configuration to a configuration file, without specifying the file as a next-startup configuration file.
Use save [ safely ] [ backup | main ] [ force ] to save the running configuration to a file in the root directory of the default storage medium. This command applies to both the active and standby MPUs. It specifies the file as a next-startup configuration file at the same time.
In IRF mode:
Use save file-url [ all | chassis chassis-number slot slot-number ] to save the running configuration to a configuration file, without specifying the file as a next-startup configuration file.
Use save [ safely ] [ backup | main ] [ force ] to save the running configuration to a file in the root directory of the default storage medium. This command applies to each MPU in the IRF fabric. It specifies the file as a next-startup configuration file at the same time.
Syntax
In standalone mode:
save file-url [ all | slot slot-number ]
save [ safely ] [ backup | main ] [ force ]
In IRF mode:
save file-url [ all | chassis chassis-number slot slot-number ]
save [ safely ] [ backup | main ] [ force ]
Views
Any view
Predefined user roles
network-admin
mdc-admin
Parameters
file-url: Saves the running configuration to the specified file, without specifying the file as a next-startup configuration file. The file name must use the extension .cfg and can include path information. If the keyword all or an MPU is specified, the file path cannot include any chassis number or slot number. If the file path includes a folder name, the folder must already exist.
all: Saves the running configuration to both MPUs. If you do not specify this keyword or the slot slot-number option, the command saves the running configuration only to the active MPU. (In standalone mode.)
all: Saves the running configuration to all MPUs. If you do not specify this keyword or the chassis chassis-number slot slot-number option, the command saves the running configuration only to the global active MPU in the IRF fabric. (In IRF mode.)
slot slot-number: Saves the running configuration to the standby MPU. If you do not specify this option or the all keyword, the command saves the running configuration only to the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Saves the running configuration to an MPU. If you do not specify this option or the all keyword, the command saves the running configuration only to the global active MPU. (In IRF mode.)
safely: Saves the configuration file in safe mode. If this keyword is not specified, the device saves the configuration file in fast mode. Safe mode is slower than fast mode, but more secure. In safe mode, the system saves configuration in a temporary file and starts overwriting the target next-startup configuration file after the save operation is complete. If a reboot, power failure, or out of memory event occurs during the save operation, the next-startup configuration file is retained. In fast mode, the device directly overwrites the target next-startup configuration file. If a reboot, power failure, or out of memory event occurs during this process, the next-startup configuration file is lost. As a best practice, specify the safely keyword for the command.
backup: Saves the running configuration to a configuration file, and specifies the file as the backup next-startup configuration file. If you do not specify this keyword or the main keyword, the command specifies the saved file as the main next-startup configuration file.
main: Saves the running configuration to a configuration file, and specifies the file as the main next-startup configuration file. If you do not specify this keyword or the backup keyword, the command specifies the saved file as the main next-startup configuration file.
force: Saves the running configuration without prompting for confirmation. Without this keyword, the system prompts you to confirm the operation. If you do not confirm the operation within 30 seconds, the system automatically aborts the operation. If you enter Y within the time limit, you can continue the save process and change the next-startup configuration file during this process.
Usage guidelines
If the file specified for the command does not exist, the system creates the file before saving the configuration. If the file already exists, the system prompts you to confirm whether to overwrite the file. If you choose to not overwrite the file, the system cancels the save operation.
If you do not specify the file-url option for the command, the command saves the running configuration to an .mdb binary file as well as a .cfg text file. The two files use the same file name. An .mdb file takes less time to load than a .cfg file.
If you specify the file-url option for the command, the command only saves the running configuration to the specified .cfg file.
Examples
# Save the running configuration to the configuration file backup.cfg, without specifying the file as the next-startup configuration file.
<Sysname> save backup.cfg
The current configuration will be saved to flash:/backup.cfg. Continue? [Y/N]:y
Now saving current configuration to the device.
Saving configuration
flash:/backup.cfg. Please wait...
Configuration is saved to flash successfully.
# Save the running configuration to the main next-startup configuration file without any confirmation required.
<Sysname> save force
Validating file. Please wait....
Configuration is saved to device successfully.
# (In standalone mode.) Save the running configuration to a file in the root directory of the default storage medium on each MPU, and specify the file as the main next-startup configuration file.
<Sysname> save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
Slot 16:
Save next configuration file successfully.
# (In IRF mode.) Save the running configuration to a file in the root directory of the default storage medium on each MPU, and specify the file as the main next-startup configuration file.
<Sysname> save
The current configuration will be written to the device. Are you sure? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
Chassis 1 Slot 16:
Save next configuration file successfully.
Related commands
· display current-configuration
· display saved-configuration
startup saved-configuration
Use startup saved-configuration to specify a file as a next-startup configuration file for both active and standby MPUs.
Use undo startup saved-configuration to set the active and standby MPUs to start up with initial settings at the next startup.
In IRF mode:
Use startup saved-configuration to specify a file as a next-startup configuration file for all MPUs in the IRF fabric.
Use undo startup saved-configuration to set all MPUs to start up with initial settings at the next startup.
Syntax
startup saved-configuration cfgfile [ backup | main ]
undo startup saved-configuration
No configuration file is specified for the next startup.
Views
Predefined user roles
network-admin
mdc-admin
Parameters
cfgfile: Specifies the name of a .cfg file. This .cfg file must already exist in the root directory of the default storage medium.
backup: Specifies the configuration file as the backup next-startup configuration file.
main: Specifies the configuration file as the main next-startup configuration file. This is the primary configuration file that the device attempts to load at startup. If the loading attempt fails, the device tries the backup next-startup configuration file.
Usage guidelines
CAUTION: In an IRF fabric, use the undo startup saved-configuration command with caution. This command can cause an IRF split after the IRF fabric or an IRF member reboots. |
The startup saved-configuration command applies to each MPU. To successfully configure the command, follow these guidelines:
· Make sure the specified configuration file is valid and saved to the root directory of the default storage medium on each MPU.
· Make sure all MPUs use the same type of storage medium as the default storage medium. You can access the BootWare menus to specify the built-in flash memory or the USB disk as the default storage medium.
If the USB disk is used to store the startup configuration files, make sure the specified file is saved to the root directory of the first partition on the USB disk. Do not remove the USB disk during the startup process. If you remove the USB disk on a device, one of the following consequences occurs:
· In standalone mode, the device starts up with the initial settings.
· In an IRF fabric, the device leaves the IRF fabric at startup and runs the initial settings.
If neither backup nor main is specified, the startup saved-configuration command specifies the main next-startup configuration file.
Even though the main and backup next-startup configuration files can be the same one, specify them as separate files for high availability.
The undo startup saved-configuration command changes the file attribute of the main and backup next-startup configuration files to NULL, but it does not delete the two configuration files.
You can also specify a configuration file as a next startup file when you use the save command to save the running configuration to it.
Examples
# Specify the main next-startup configuration file.
<Sysname> startup saved-configuration testcfg.cfg
Please wait ....
... Done!
Related commands
display startup
Software upgrade commands
boot-loader file
Use boot-loader file to specify startup software image files.
Syntax
In standalone mode:
boot-loader file boot boot-package system system-package [ feature feature-package&<1-30> ] { all | slot slot-number } { backup | main }
boot-loader file ipe-filename { all | slot slot-number } { backup | main }
In IRF mode:
boot-loader file boot boot-package system system-package [ feature feature-package&<1-30> ] { all | chassis chassis-number slot slot-number } { backup | main }
boot-loader file ipe-filename { all | chassis chassis-number slot slot-number } { backup | main }
Views
User view
Predefined user roles
network-admin
Parameters
boot boot-package: Specifies the file path of a .bin boot image file, a case-insensitive string. The file path specified for the boot-package argument uses the flash:/base-filename.bin format. The file path must not include the chassis ID or slot ID.
system system-package: Specifies the file path of a .bin system image file, a case-insensitive string. The file path specified for the system-package argument uses the flash:/base-filename.bin format. The file path must not include the chassis ID or slot ID.
feature feature-package: Specifies a space-separated list of up to 30 .bin feature image files. Each feature image file name must be a case-insensitive string. The file names must use the flash:/base-filename.bin format. The file path must not include the chassis ID or slot ID.
ipe-filename: Specifies an .ipe Comware image file name, a case-insensitive. The file path must use the flash:/base-filename.ipe format. The file path must not include the chassis ID or slot ID.
all: Specifies startup images for all cards. If you specify this keyword, the system copies the card-specific images automatically to the root directory of the storage medium on each card. For a successful upgrade, make sure the specified files include the upgrade images for all cards.
slot slot-number: Specifies the slot number of the MPU for which the startup images are specified. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies the MPU for which the startup images are specified in the IRF fabric. The chassis-number argument represents the IRF member ID of the device that holds the card, and the slot-number argument represents the slot number of the card. (In IRF mode.)
backup: Specifies the files as backup startup files. Backup startup images are used only when main images are not available.
main: Specifies the files as main startup files. The device always first attempts to start up with main startup files.
Usage guidelines
Use this command to upgrade startup software images for all MPUs. To upgrade only standby MPUs, you can also use the boot-loader update command.
Before specifying startup software images, you can save the upgrade file to the switch.
· In standalone mode, save the file to the root directory of the flash memory on the active MPU.
· In IRF mode, save the file to the root directory of the flash memory on the global active MPU.
Alternatively, you can save the upgrade file to a USB disk.
If the storage medium is partitioned, save the files to the root directory of the first partition. The flash memory allows file paths or names of up to 56 characters. A USB disk allows file paths or names of up to 57 characters.
If a standby MPU is specified, the system automatically copies the upgrade file to the flash memory on the specified MPU, and sets images in the file as startup images. If a file with the same name as the upgrade file already exists, you must choose whether to overwrite the existing file.
The boot-loader file command overwrites the entire startup software image list. To add new startup feature images, specify all feature image files, including feature image files in the old startup software image list. The new startup software image list will contain only the feature image files that are specified in the command.
Examples
# In standalone mode, specify flash:/all.ipe as the backup startup image file for the MPU in slot 17.
<Sysname> boot-loader file flash:/all.ipe slot 17 backup
Verifying image file......Done.
Images in IPE:
boot.bin
system.bin
ssh.bin
This command will set the backup startup software images. Continue? [Y/N]:Y
Add images to target slot.
flash:/boot.bin already exists on slot 17.
flash:/system.bin already exists on slot 17.
flash:/ssh.bin already exists on slot 17.
Overwrite it? [Y/N]:y
Decompressing file boot.bin to flash:/boot.bin....................................Done.
Decompressing file system.bin to flash:/system.bin................................Done.
The images that have passed all examinations will be used as the backup startup software images at the next reboot on slot 17.
# In IRF mode, specify flash:/all.ipe as the backup startup image file for the MPU in slot 17 on IRF member device 1.
<Sysname> boot-loader file flash:/all.ipe chassis 1 slot 17 backup
Verifying image file......Done.
Images in IPE:
boot.bin
system.bin
ssh.bin
This command will set the backup startup software images. Continue? [Y/N]:Y
Add images to target slot.
flash:/boot.bin already exists on chassis 1 slot 17.
flash:/system.bin already exists on chassis 1 slot 17.
flash:/ssh.bin already exists on chassis 1 slot 17.
Overwrite it? [Y/N]:y
Decompressing file boot.bin to flash:/boot.bin....................................Done.
Decompressing file system.bin to flash:/system.bin................................Done.
The images that have passed all examinations will be used as the backup startup software images at the next reboot on chassis 1 slot 17.
display boot-loader
boot-loader update
In standalone mode:
Use boot-loader update to synchronize startup images from the active MPU to the standby MPU.
In IRF mode:
Use boot-loader update to synchronize startup images from the global active MPU to a standby MPU.
Syntax
In standalone mode:
boot-loader update { all | slot slot-number }
In IRF mode:
boot-loader update { all | chassis chassis-number slot slot-number }
Views
User view
Predefined user roles
network-admin
Parameters
all: Upgrades the standby MPU. (In standalone mode.)
all: Upgrades all standby MPUs in the IRF fabric. (In IRF mode.)
slot slot-number: Specifies the slot number of the standby MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a standby MPU. The chassis-number argument represents the IRF member ID of the device that holds the standby MPU. The slot-number argument represents the slot number of the standby MPU. (In IRF mode.)
Usage guidelines
You can use this command to synchronize startup images after adding new MPUs.
The images used for synchronization are in the main or backup startup software images list instead of the current software images list (see the display boot-loader command).
· The main images list is used if the active MPU or global active MPU started up with the main startup images.
· The backup image list is used if the active MPU or global active MPU started up with the main startup images.
The startup images synchronized to the standby MPU are set as main startup images, regardless of whether the source startup images are main or backup.
To avoid problems, make sure the image list used for synchronization is the same as the current software images list.
Startup image synchronization fails if any software image being synchronized is not available or is corrupted.
Examples
# In standalone mode, synchronize startup images from the active MPU to the standby MPU in slot 16.
<Sysname> boot-loader update slot 16
This command will update the specified standby MPU. Continue? [Y/N]:y
Updating. Please wait...
Copying main startup software images to slot 16. Please wait...
Done.
Setting copied images as main startup software images for slot 16...
Done.
Successfully updated the startup software images of slot 16.
# In IRF mode, synchronize startup images from the global active MPU to the MPU in slot 16 on IRF member device 1.
<Sysname> boot-loader update chassis 1 slot 16
This command will update the specified standby MPU. Continue? [Y/N]:y
Updating. Please wait...
Copying main startup software images to chassis 1 slot 16. Please wait...
Done.
Setting copied images as main startup software images for chassis 1 slot 16...
Done.
Successfully updated the startup software images of chassis 1 slot 16.
display boot-loader
bootrom backup
Use bootrom backup to back up the BootWare image in the Normal area to the Backup area on a BootWare.
Syntax
In standalone mode:
bootrom backup slot slot-number-list
In IRF mode:
bootrom backup chassis chassis-number slot slot-number-list
Views
User view
Predefined user roles
network-admin
Parameters
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number. For example, slot 0 to 1 2. (In standalone mode.)
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number on the specified IRF member device. For example, slot 0 to 1 2. (In IRF mode.)
Usage guidelines
A BootWare is divided into a Normal area and a Backup area. The BootWare image is stored in the Normal area and backed up to the Backup area. At startup, the system reads the BootWare image automatically from the Normal area. If the image is inaccessible, the system reads the BootWare image from the Backup area.
If the BootWare image in the Normal area is corrupted or requires a version rollback, use the bootrom restore command to copy the BootWare image in the Backup area to the Normal area.
Examples
# Back up the entire BootWare image from the Normal area to the Backup area.
<Sysname> bootrom backup chassis 1 slot 16
Now backuping the Boot ROM, please wait...
......Done.
Related commands
bootrom restore
bootrom restore
Use bootrom restore to replace the BootWare image in the Normal area with the BootWare image in the Backup area for image restoration or version rollback.
Syntax
In standalone mode:
bootrom restore slot slot-number-list
In IRF mode:
bootrom restore chassis chassis-number slot slot-number-list
Views
User view
Predefined user roles
network-admin
Parameters
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number. For example, slot 0 to 1 2. (In standalone mode.)
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number on the specified IRF member device. For example, slot 0 to 1 2. (In IRF mode.)
Examples
# In standalone mode, restore the entire BootWare image.
<Sysname> bootrom restore slot 17
This command will restore the Boot ROM file, Continue? [Y/N]:y
Now restoring the Boot ROM, please wait...
......Done.
# In IRF mode, restore the entire BootWare image.
<Sysname> bootrom restore chassis 1 slot 17
This command will restore the Boot ROM file, Continue? [Y/N]:y
Now restoring the Boot ROM, please wait...
......Done.
Related commands
bootrom backup
bootrom update
Use bootrom update to load the BootWare image in a storage medium to the Normal area of BootWare.
Syntax
In standalone mode:
bootrom update file file-url slot slot-number-list
In IRF mode:
bootrom update file file-url chassis chassis-number slot slot-number-list
Views
User view
Predefined user roles
network-admin
Parameters
file file-url: Specifies the file path of a .bin BootWare image file, a case-insensitive string of 1 to 256 characters. The file path uses the flash:/base-filename.bin format. The file path must not include the chassis ID or slot ID.
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number. For example, slot 0 to 1 2. (In standalone mode.)
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number-list: Specifies a space-separated list of up to seven slot number items. Each item specifies a card by its slot number or a range of cards in the form of start-slot-number to end-slot-number on the specified IRF member device. For example, slot 0 to 1 2. (In IRF mode.)
Usage guidelines
If a software upgrade requires upgrading the BootWare image, you can use this command to preload the new BootWare image to the BootWare before upgrading Comware images. This command helps shorten the subsequent upgrade time, reducing the risk of upgrade failure caused by unexpected electricity failure.
To complete the upgrade, reboot the device.
To save space, you can delete the BootWare image in the storage medium after completing the BootWare image upgrade.
Examples
# In standalone mode, use the file a.bin to upgrade the BootWare image.
<Sysname> bootrom update file flash:/a.bin slot 17
This command will update the Boot ROM file on the specified board(s), Continue? [Y/N]:y
Now updating the Boot ROM, please wait...
.............Done.
# In IRF mode, use the file a.bin to upgrade the BootWare image.
<Sysname> bootrom update file flash:/a.bin chassis 1 slot 17
This command will update the Boot ROM file on the specified board(s), Continue? [Y/N]:y
Now updating the Boot ROM, please wait...
.............Done.
Related commands
boot-loader file
bootrom-update security-check enable
Use bootrom-update security-check enable to enable BootWare image validity check.
Use undo bootrom-update security-check enable to disable BootWare image validity check.
Syntax
bootrom-update security-check enable
undo bootrom-update security-check enable
Default
BootWare image validity check is enabled.
Views
System view
Predefined user roles
network-admin
Usage guidelines
Before a BootWare image upgrade starts, this feature examines the upgrade BootWare image for file validity and incompatibility with hardware. If the BootWare image passes the check, the upgrade process starts. If the check fails, the system does not perform the upgrade.
Examples
# Enable BootWare image validity check.
<Sysname> system-view
[Sysname] bootrom-update security-check enable
display boot-loader
Use display boot-loader to display current software images and startup software images.
Syntax
In standalone mode:
display boot-loader [ slot slot-number ]
In IRF mode:
display boot-loader [ chassis chassis-number [ slot slot-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
slot slot-number: Specifies the slot number of an MPU. If you do not specify an MPU, this command displays the software images on each MPU. (In standalone mode.)
chassis chassis-number [slot slot-number ]: Specifies an IRF member device or an MPU in an IRF member device. The chassis-number argument represents the IRF member ID of the device. The slot-number argument represents the slot number of the MPU on the device. If you do not specify an IRF member device, this command displays the software images on each MPU in the IRF fabric. If you specify an IRF member device without specifying an MPU, this command displays the software images on each MPU on the specified member device. (In IRF mode.)
Examples
# In standalone mode, display current software images and startup software images.
<Sysname> display boot-loader
Software images on slot 17:
Current software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
Main startup software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
flash:/S12500X-CMW710-SSH.bin
Backup startup software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
# In IRF mode, displays current software images and startup software images.
<Sysname> display boot-loader
Software images on chassis 0 slot 16:
Current software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
Main startup software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
flash:/S12500X-CMW710-SSH.bin
Backup startup software images:
flash:/S12500X-CMW710-BOOT.bin
flash:/S12500X-CMW710-SYSTEM.bin
Table 21 Command output
Field |
Description |
Software images on slot slot-number |
In standalone mode, this field displays the Comware images on the MPU in a specific slot. |
Software images on chassis chassis-id slot slot-number |
In IRF mode, this field displays the Comware images on a specific MPU. The chassis ID represents the IRF member ID, and the slot number represents the MPU's slot number. |
Current software images |
Comware images that have been loaded. |
Main startup software images |
Main Comware images for the next startup. |
Backup startup software images |
Backup Comware images for the next startup. |
Related commands
boot-loader file
version auto-update enable
Use version auto-update enable to enable software synchronization from the active MPU to the standby MPU at startup.
Use undo version auto-update enable to disable this feature.
Syntax
version auto-update enable
undo version auto-update enable
Default
If software inconsistency is detected at startup, the standby MPU loads the current software images of the active MPU.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command is available in standalone mode.
To make sure the standby MPU always runs the same software images as the active MPU, configure both the version auto-update enable command and the undo version check ignore command.
The startup software version check function examines the standby MPU's startup software images for version inconsistency with the active MPU's current software images at startup. If their software versions are different, the standby MPU copies the current software images of the active MPU, specifies them as main startup software images, and reboots with these images.
To ensure a successful synchronization in a multi-user environment, make sure no one reboots or swaps MPUs during the software synchronization process. You can configure the information center to output the synchronization status to configuration terminals (see Network Management and Monitoring Configuration Guide).
Examples
# Enable software auto-update for the standby MPU.
<Sysname> system-view
[Sysname] version auto-update enable
Related commands
version check ignore
version check ignore
Use version check ignore to disable startup software version check for the standby MPU at startup.
Use undo version check ignore to enable this feature.
Syntax
version check ignore
undo version check ignore
Default
The startup software images on the standby MPU are checked for version inconsistency with the current software images on the active MPU.
Views
System view
Predefined user roles
network-admin
Usage guidelines
This command is available in standalone mode.
When the standby MPU starts up, this command disables the system to examine the standby MPU's startup software images for version inconsistency with the active MPU's current software images. The standby MPU can start up with a different software version than the active MPU.
The startup software version check function might fail to work because the software versions of the MPUs are incompatible.
To avoid problems, do not disable startup software version check for the standby MPU unless for software upgrade.
To make sure the standby MPU always runs the same software images as the active MPU, configure both the version auto-update enable command and the undo version check ignore command.
Examples
# Enable startup software version check for the standby MPU.
<Sysname> system-view
[Sysname] undo version check ignore
Related commands
version auto-update enable
ISSU commands
display install active
Use display install active to display active software images.
Syntax
display install active [ chassis chassis-number slot slot-number ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
chassis chassis-number slot slot-number: Specifies a card on an IRF member. If you do not specify this option, the command is applied to all cards in the IRF fabric.
verbose: Displays detailed information. If you do not specify this keyword, the command displays only the names of the active software images.
Examples
# Display active software images.
<Sysname> display install active
Active packages on chassis 1 slot 17:
flash:/boot.bin
flash:/system.bin
# Display detailed information about active software images.
<Sysname> display install active verbose
Active packages on chassis 1 slot 17:
flash:/BOOT-E1133.bin
[Package]
Vendor: H3C
Product: S12500
Service name: boot
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu lpu
[Component]
Component: boot
Description: boot package
flash:/SYSTEM-E1133.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu lpu
[Component]
Component: system
Description: system package
flash:/SYSTEM-Feature-E1133.bin.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system-patch
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu lpu
[Component]
Component: system-patch
Description: system-patch package
Field |
Description |
Active packages on chassis m slot n |
Active software images on the card in the specified slot of the specified member. |
[Package] |
Detailed information about the software image. |
Service name |
Image type: · boot—Boot image. · system—System image. · boot-patch—Patch image for the boot image. · system-patch—Patch image for the system image. |
Supported board |
Cards supported by the software image (the values vary with device models): · mpu—MPU. · lpu—Service card. |
[Component] |
Information about components included in the image file. |
Related commands
install active
display install committed
Use display install committed to display main startup software images.
Syntax
display install committed [ chassis chassis-number slot slot-number ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
chassis chassis-number slot slot-number: Specifies a card on an IRF member. If you do not specify this option, the command is applied to all cards in the IRF fabric.
verbose: Displays detailed information. If you do not specify this keyword, the command displays only the names of the software images.
Usage guidelines
The boot-loader file command can also change the main startup software image set.
For more information about main and backup startup software images and image sets, see Fundamental Configuration Guide.
Examples
# Display the main startup software images.
<Sysname> display install committed
Committed packages on chassis 1 slot 17:
flash:/boot-E1133.bin
flash:/system-E1133.bin
# Display detailed information about main startup software images.
<Sysname> display install committed verbose
Committed packages on chassis 1 slot 17:
flash:/boot-E1133.bin
[Package]
Vendor: H3C
Product: S12500
Service name: boot
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mr, lc, sfc
Version type: debug
[Component]
Component: boot
Description: boot package
flash:/system-E1133.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mr, lc, sfc
Version type: debug
[Component]
Component: system
Description: system package
flash:/SYSTEM-Feature-E1133.bin.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system-patch
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu lpu
[Component]
Component: system-patch
Description: system-patch package
For more information about the command output, see Table 22.
Related commands
boot-loader file
display install ipe-info
Use display install ipe-info to display the software images included in an .ipe file.
Syntax
display install ipe-info ipe-filename
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
ipe-filename: Specifies the name of an .ipe file in the global active MPU's Flash root directory in the format flash:/xxx.ipe or the name of an .ipe file in a global standby MPU's Flash root directory in the format chassismslotn#flash:/xxx.ipe, for example, chassis1slot17#flash:/a.ipe. It can be a case-insensitive string of 1 to 63 characters.
Usage guidelines
An .ipe file contains one or more software images. You can use the software images for a software upgrade.
Examples
# Display information about the .ipe file flash:/test.ipe.
<Sysname> display install ipe-info flash:/test.ipe
Verifying image file...Done.
Images in IPE:
boot.bin
system.bin
Related commands
display install package
display install package
Use display install package to display software image file information.
Syntax
display install package { filename | all } [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
filename: Specifies the name of a software image file in the global MPU's Flash root directory in the format flash:/xxx.bin or the name of a software image file in a global standby MPU's Flash root directory in the format chassismslotn#flash:/xxx.bin, for example, chassis1slot17#flash:/a.bin. It can be a case-insensitive string of 1 to 63 characters.
all: Specifies all software image files in the root directories of the storage media on the master's active MPU.
verbose: Displays detailed information. If you do not specify this keyword, the command displays only basic software image information.
Examples
# Display information about software image file system.bin.
<Sysname> display install package flash:/system.bin
flash:/system.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu
Version type: debug
# Display detailed information about software image file system.bin.
<Sysname> display install package flash:/system.bin verbose
flash:/system.bin
[Package]
Vendor: H3C
Product: S12500
Service name: system
Platform version: 7.1.045
Product version: ESS 1133
Supported board: mpu
Version type: debug
[Component]
Component: system
Description: system package
For more information about the command output, see Table 22.
display issu rollback-timer
Use display issu rollback-timer to display automatic rollback timer information.
Syntax
display issu rollback-timer
Views
Any view
Predefined user roles
network-admin
network-operator
Usage guidelines
Change to the automatic rollback interval does not take effect on the ongoing ISSU process. The current remaining rollback time might be greater than the configured automatic rollback interval.
Examples
# Display automatic rollback timer information after the issu run switchover command is executed.
<Sysname> display issu rollback-timer
Rollback timer: Working
Rollback interval: 45 minutes
Rollback time remaining : 40 minutes
# Display automatic rollback timer information after the issu accept command is executed.
<Sysname> display issu rollback-timer
Rollback timer: Not working
Rollback interval: 30 minutes
# Display automatic rollback timer information when no ISSU process is taking place.
<Sysname> display issu rollback-timer
Rollback timer: Not working
Rollback interval: 45 minutes
Related commands
issu rollback-timer
display issu state
Use display issu state to display ISSU status information.
Syntax
display issu state
Views
Any view
Predefined user roles
network-admin
network-operator
Usage guidelines
The key to an ISSU is to follow the correct upgrade procedure. By using this command to view the ISSU status, you can determine what to do next.
Examples
# Display ISSU status information when no upgrade is going on.
<Sysname> display issu state
ISSU state: Init
Compatibility: Unknown
Work state: Normal
Upgrade method: Card by card
Upgraded slot: None
Current upgrading slot: None
Current version list:
boot: 7.1.045, E1133
system: 7.1.045, E1133
Current software images:
flash:/boot.bin
flash:/system.bin
Table 23 Command output
Field |
Description |
ISSU state |
ISSU status: · Init—The ISSU process has not started or has finished. · Loading—The system is executing the issu load command. · Loaded—The issu load command is completed. · Switching—The system is executing the issu run switchover command. · Switchover—The issu run switchover command is completed. · Accepted—The issu accept command is completed. · Committing—The system is executing the issu commit command. · Rollbacking—A rollback is going on. · Unknown—An upgrade is going on. This field might appear when you execute the command on an original standby MPU. |
Compatibility |
Version compatibility: · Incompatible. · compatible. · Unknown—No upgrade is going on. |
Work state |
Operating state of the device: · Normal—The device is operating correctly. · Independent active—When you perform an ISSU, the standby MPU that is upgraded first enters this mode. |
Upgrade method |
Upgrade mode: · Chassis by chassis—One subordinate member is upgraded first, and then the original master is upgraded. This mode is available only for a multichassis IRF fabric. |
Upgraded slot |
Upgraded cards. |
Upgraded chassis |
Upgraded members. |
Current upgrading chassis |
Members that are being upgraded. |
Previous version list |
Software versions running on the device before the ISSU. If you execute this command on an original standby MPU during an ISSU for an incompatible version, the value of this field is Unknown. |
Previous software images |
Software images running on the device before the ISSU. If you execute this command on an original standby MPU during an ISSU for an incompatible version, the value of this field is Unknown. |
Upgrade version list |
Software versions to upgrade to. If you execute this command on an original standby MPU during an ISSU for an incompatible version, the value of this field is Unknown. |
Upgrade software images |
Software images used for the upgrade. If you execute this command on an original standby MPU during an ISSU for an incompatible version, the value of this field is Unknown. |
Related commands
· issu load
· issu run switchover
display version comp-matrix
Use display version comp-matrix to display version compatibility information.
Syntax
display version comp-matrix
display version comp-matrix file { boot filename | system filename } *
display version comp-matrix file ipe ipe-filename
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
boot: Specifies a boot image file.
system: Specifies a system image file.
filename: Specifies the name of a software image file in the root directory of the global active MPU's Flash, in the format flash:/xxx.bin. It can be a case-insensitive string of 1 to 63 characters and cannot contain slot or chassis information.
ipe-filename: Specifies the name of an .ipe file in the root directory of the global active MPU's Flash, in the format flash:/xxx.ipe. It can be a case-insensitive string of 1 to 63 characters and cannot contain slot or chassis information.
Usage guidelines
If you do not specify any file, the command displays the compatibility information of the running software versions.
If you specify one or more file names, the command displays the compatibility information of the specified software images.
Examples
# Display the compatibility information of flash:/boot-e1133.bin, flash:/system-e1133.bin.
<Sysname> display version comp-matrix file boot flash:/boot-e1133.bin system flash:/system-e1133.bin feature flash:/feature-e1133.bin
Verifying the file flash:/boot-e1133.bin on chassis 1 slot 16.....Done.
Verifying the file flash:/system-e1133.bin on chassis 1 slot 16.............Done.
Boot image: flash:/boot-e1133.bin
Version:
7.1.045
System image: flash:/system-e1133.bin
Version:
7.1.045-ESS 1133
Version compatibility list:
7.1.045-1132
Version dependency boot list:
7.1.045
Chassis Slot Upgrade Way
1 16 Reboot
1 17 Reboot
Feature image: flash:/feature-e1133.bin
Version:
7.1.045-ESS 1133
Version compatibility list:
7.1.045-1132
Version dependency system list:
7.1.045
Chassis Slot Upgrade Way
1 16 Reboot
1 17 Reboot
Field |
Description |
Verifying the file |
The system was verifying the validity of the file. |
Version compatibility list |
· Under a system image, this field shows all system image versions that are compatible with the system image. · Under a feature image, this field shows all feature image versions that are compatible with the feature image. |
Version dependency boot list |
Boot image versions that support the system image. To install the system image, you must install one of the boot image versions that are in the list. |
Version dependency system list |
System image versions that support the feature image. To install the feature image, you must install one of the system image versions that is in the list. |
Chassis |
Member ID of the device in the IRF fabric. This field is displayed only for compatible versions in IRF mode. |
Slot |
Slot number of the card. This field is displayed only for compatible versions. |
Upgrade Way |
ISSU method to be used for a compatible version: · Service Upgrade—Service-level incremental upgrade. · File Upgrade—File-level incremental upgrade. · ISSU Reboot—Reboots CPUs to complete the upgrade. · Reboot—Reboots the entire device to complete the upgrade. · Sequence Reboot—Upgrades the switching fabric modules one by one. This method is available only for switching fabric modules. Support for this value depends on the switching fabric module model. This field is displayed only for compatible versions. For more information about ISSU methods, see Fundamentals Configuration Guide. |
Related commands
issu load
install activate
Use install activate to activate patch images.
Syntax
In standalone mode:
install activate patch filename { all | slot slot-number }
In IRF mode:
install activate patch filename { all | chassis chassis-number slot slot-number }
Views
User view
Predefined user roles
network-admin
Parameters
patch: Specifies a patch image file.
filename: Specifies the file path of a .bin patch image file, a case-insensitive string. The file must be stored in the root directory of a storage medium on an MPU. The maximum length is 63 characters for the storage-medium:/base-filename.bin segments of the file path. For more information about specifying a file path, see "Managing the file system."
all: Specifies all MPUs.
slot slot-number: Specifies an MPU by its slot number. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Usage guidelines
An image runs in memory immediately after it is activated. For an activated image to run after a reboot, you must commit the software change by using the install commit command.
After activating patch images, you must terminate your connection to the device and log in again.
If the specified files are not saved on the MPU to be upgraded, the command copies the images to the MPU automatically. If the specified files are not saved on the security engine to be upgraded, the command copies the images to the security engine automatically.
In standalone mode, follow these guidelines:
· If you specify the active MPU, the command takes effect on the active MPU and all LPUs.
· If you specify the standby MPU, the command takes effect only on the standby MPU.
In IRF mode, follow these guidelines:
· If you specify the global active MPU, the command takes effect on the global active MPU and all LPUs.
· If you specify a standby MPU, the command takes effect on the standby MPU.
Examples
# (In standalone mode.) Activate the boot image boot-patch.bin and system patch image system-patch.bin on the active MPU (in slot 17).
<Sysname> install activate boot-patch.bin slot 17
This operation maybe take several minutes, please wait..........................Done.
<Sysname> install activate system-patch.bin slot 17
This operation maybe take several minutes, please wait..........................Done.
# (In IRF mode.) Activate the boot image boot-patch.bin and system patch image system-patch.bin on the global active MPU (in slot 17 of member device 1).
<Sysname> install activate boot-patch.bin chassis 1 slot 17
This operation maybe take several minutes, please wait..........................Done.
<Sysname> install activate system-patch.bin chassis 1 slot 17
This operation maybe take several minutes, please wait..........................Done.
Related commands
· install commit
· install deactivate
install add
Use install add to decompress an .ipe file.
Syntax
install add ipe-filename medium-name:
Views
User view
Predefined user roles
network-admin
Parameters
ipe-filename: Specifies the name of an .ipe file in the root directory of the global active MPU's Flash, in the format flash:/xxx.ipe. It can be a case-insensitive string of 1 to 63 characters and cannot contain slot or chassis information.
medium-name: Specifies the name of a storage medium on the master's active MPU in the format storage medium name: (for example, flash:), or the name of a storage medium on any other MPU in the format chassism#slotn#storage medium name:, (for example, chassis1#slot1#flash:).
Usage guidelines
The software images decompressed from the .ipe file will be saved to the root directory of the specified medium.
To view which software images are included in an .ipe file, use the display install ipe-info command.
Examples
# Decompress the .ipe file version.ipe to the Flash.
<Sysname> install add flash:/version.ipe flash:
install commit
Use install commit to commit software changes.
Syntax
install commit
Views
User view
Predefined user roles
network-admin
Usage guidelines
The install activate or install deactivate command runs patch images or stops patch images from running in memory. For the software change to take effect at the next startup, you must execute the install commit command to change the startup software image list.
For more information about the startup software image list, see Fundamental Configuration Guide.
Examples
# Commit software changes.
<Sysname> install commit
Related commands
· install activate
· install deactivate
install deactivate
Use install deactivate to deactivate patch images.
Syntax
In standalone mode:
install deactivate patch filename { all | slot slot-number }
In IRF mode:
install deactivate patch filename { all | chassis chassis-number slot slot-number }
Views
User view
Predefined user roles
network-admin
Parameters
patch: Specifies a patch image file.
filename: Specifies the file path of a .bin patch image file, a case-insensitive string. The file must be stored in the root directory of a storage medium on an MPU. The maximum length is 63 characters for the storage-medium:/base-filename.bin segments of the file path. For more information about specifying a file path, see "Managing the file system."
all: Specifies all MPUs.
slot slot-number: Specifies an MPU by its slot number. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the MPU. (In IRF mode.)
Usage guidelines
You can deactivate only an active patch image.
Patch images stop running in memory after being deactivated. To prevent a deactivated image from running after a reboot, you must commit the software change by using the install commit command.
Examples
# Deactivate the patch images in route-patch.bin on slot 17.
<Sysname> install deactivate patch flash:/route-patch.bin slot 17
issu accept
Use issu accept to accept the upgrade and delete the automatic rollback timer.
Syntax
issu accept
Views
User view
Predefined user roles
network-admin
Usage guidelines
You can execute the issu commit command to finish the ISSU process without executing this command.
Examples
# Accept the upgrade.
<Sysname> issu accept
Related commands
· issu load
· issu run switchover
issu commit
Use issu commit to complete an ISSU upgrade.
Syntax
issu commit chassis chassis-number
Views
User view
Predefined user roles
network-admin
Parameters
chassis chassis-number: Specifies the member ID of the original master.
Usage guidelines
This command ends the ISSU process. After this command is completed, the ISSU status changes to Init and the ISSU process cannot be rolled back.
Examples
# Upgrade the original active MPU.
<Sysname> issu commit chassis 1
flash:/BOOT-E1133.bin
Running Version New Version
Release 1132 E1133
flash:/SYSTEM-e1133.bin
Running Version New Version
Release 1132 E1133
Chassis Slot Upgrade Way
1 16 Reboot
1 17 Reboot
Upgrading software images to compatible versions. Continue? [Y/N]:y
For information about the command output, see Table 24.
Related commands
· issu accept
· issu load
· issu run switchover
issu load
Use issu load to upgrade the boot and system images of the subordinate member and configure the upgrade images as the main startup software images for the subordinate member.
Syntax
issu load file { boot filename | system filename } * chassis chassis-number
issu load file ipe ipe-filename chassis chassis-number
Views
User view
Predefined user roles
network-admin
Parameters
boot: Specifies a boot image file.
system: Specifies a system image file.
filename: Specifies the name of a software image file in the root directory of the global active MPU's Flash, in the format flash:/xxx.bin. It can be a case-insensitive string of 1 to 63 characters and cannot contain slot or chassis information.
ipe-filename: Specifies the name of an .ipe file in the root directory of the global active MPU's Flash, in the format flash:/xxx.ipe. It can be a case-insensitive string of 1 to 63 characters and cannot contain slot or chassis information.
chassis chassis-number: Specifies the member ID of a subordinate member.
Usage guidelines
To check the synchronization progress, use the display device and display system internal ha service-group commands. The synchronization is completed if the following conditions are met:
· All cards of the subordinate device are in normal state.
· The Action field of the display system internal ha service-group command is 0 for each service.
For more information about ISSU methods, see Fundamentals Configuration Guide.
Examples
# Upgrade member device 2 (a subordinate member) with the .ipe file flash:/version-e1133.ipe.
<Sysname> issu load file ipe flash:/version-e1133.ipe chassis 2
This operation will delete the rollback point information for the previous upgrade and maybe get unsaved configuration lost. Continue? [Y/N]:y
Verifying image file flash:/version-e1133.ipe on slot 16.................Done.
Decompressing file BOOT-E1133.bin to flash:/BOOT-E1133.bin.............Done.
Decompressing file SYSTEM-E1133.bin to flash:/SYSTEM-E1133.bin...........Done.
Decompression completed.
Do you want to delete flash:/version-e1133.ipe now? [Y/N]:n
Upgrade summary according to following table:
flash:/BOOT-E1133.bin
Running Version New Version
Release 1132 E1133
flash:/SYSTEM-e1133.bin
Running Version New Version
Release 1132 E1133
Chassis Slot Upgrade Way
2 16 Reboot
2 17 Reboot
Upgrading software images to compatible versions. Continue? [Y/N]:y
Table 25 Command output
Field |
Description |
Verifying the file |
The system was verifying the validity of the file. |
Chassis |
Member ID of the device in the IRF fabric. |
Slot |
Slot number of the card. |
issu rollback
Use issu rollback to cancel the ISSU and roll back to the original software versions.
Syntax
issu rollback
Views
User view
Predefined user roles
network-admin
Usage guidelines
The device supports automatic rollback and manual rollback. This command performs a manual rollback.
You can perform a manual rollback while an ISSU is in one of the following states:
· Loaded.
· Switching.
· Switchover.
· Accepted.
If you perform a manual rollback while an ISSU is in Loading state, the rollback might fail. After the rollback is completed, use the display version command to examine the rollback result.
If a rollback occurs while an ISSU is in Switching state, the entire system reboots automatically.
When an ISSU is in Committing state, rollback is not supported.
A rollback performed for a multichassis IRF fabric after you execute the issu run switchover command cancels only the upgrades. The master/subordinate switchover operation is not canceled.
Examples
# Roll back to the original software versions.
<Sysname> issu rollback
This command will quit the ISSU process and roll back to the previous version. Continue? [Y/N]:y
Related commands
· issu accept
· issu commit
· issu load
· issu run switchover
issu rollback-timer
Use issu rollback-timer to set the automatic rollback timer.
Use undo issu rollback-timer to restore the default.
Syntax
issu rollback-timer minutes
undo issu rollback-timer
Default
The automatic rollback interval is 45 minutes.
Views
System view
Predefined user roles
network-admin
Parameters
minutes: Specifies the automatic rollback interval in minutes, in the range of 0 to 120. Setting it to 0 disables automatic rollback.
Usage guidelines
The system starts the automatic rollback timer when it executes the issu run switchover command. If you do not execute the issu accept or issu commit command before the timer expires, the system automatically rolls back to the software versions before the ISSU.
Change to the automatic rollback interval does not take effect on the ongoing ISSU process. The current remaining rollback time might be greater than the configured automatic rollback interval.
Examples
# Set the automatic rollback timer to 50 minutes.
<Sysname> system-view
[Sysname] issu rollback-timer 50
Related commands
issu rollback
issu run switchover
Use issu run switchover to perform a master/subordinate switchover.
Syntax
issu run switchover
Views
User view
Predefined user roles
network-admin
Usage guidelines
The issu load command splits the IRF fabric into two fabrics, with the upgraded member forming a new fabric. The issu run switchover command reboots and upgrades the old IRF fabric. After startup, the old fabric's member join the new IRF fabric as the subordinate member and the ISSU process ends.
To check the synchronization progress, use the display device and display system internal ha service-group commands. The synchronization is completed if the following conditions are met:
· All cards of the subordinate device are in normal state.
· The Action field of the display system internal ha service-group command is 0 for each service.
Examples
# Perform a master/subordinate switchover during an ISSU.
<Sysname> issu run switchover
Upgrade summary according to following table:
flash:/BOOT-E1133.bin
Running Version New Version
Release 1132 E1133
flash:/SYSTEM-e1133.bin
Running Version New Version
Release 1132 E1133
Chassis Slot Switchover Way
2 16 Global active standby MPU switchover
Upgrading software images to compatible versions. Continue? [Y/N]:y
Table 26 Command output
Field |
Description |
Switchover Way |
Switchover method: · Active standby process switchover—Switch from the active process to the standby process. · Global active standby MPU switchover—Switch from the global active MPU to a global standby MPU. |
For more information about the command output, see Table 24.
Related commands
issu load
Device management commands
clock datetime
Use clock datetime to set the UTC time.
Syntax
clock datetime time date
Default
The factory default UTC time is used.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies a time in the hh:mm:ss format. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it. If both the minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8.
date: Specifies a date in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range for DD depends on the month value.
Usage guidelines
The UTC time, together with the local time zone and daylight saving time, determines the system time. You can use the display clock command to view the system time.
A correct system time setting is essential to network management and communication. Set the system time correctly or use NTP to synchronize your device with a trusted time source before you run it on the network.
Examples
# Set the UTC time to 08:08:08 01/01/2012.
<Sysname> clock datetime 8:8:8 1/1/2012
# Set the UTC time to 08:10:00 01/01/2012.
<Sysname> clock datetime 8:10 2012/1/1
Related commands
· clock protocol
· clock summer-time
· clock timezone
· display clock
clock protocol
Use clock protocol to specify the system time source.
Use undo clock protocol to restore the default.
Syntax
clock protocol { none | ntp mdc mdc-id }
undo clock protocol
Default
The device uses NTP to get the system time.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
none: Uses the local clock. After you specify this keyword, you can use the clock datetime, clock timezone, or clock summer-time command to change the system time.
ntp: Uses the time protocol NTP. If you specify this keyword, you cannot change the system time at the CLI. You must configure NTP to get the system time. For more information about NTP, see Network Management and Monitoring Configuration Guide.
mdc mdc-id: Specifies the MDC to be used for time synchronization.
Usage guidelines
All MDCs on the device share the same time source and use the same system time. The shared time source can be one of the following items:
· Local system time—The time signal is generated by the local crystal oscillator.
· Remote time source—The time signal is obtained by the specified MDC from another device on the network.
If you configure this command multiple times, the most recent configuration takes effect.
Examples
# Configure the device to use the NTP time source.
<Sysname> system-view
[Sysname] clock protocol ntp
clock summer-time
Use clock summer-time to configure the device to use daylight saving time during a specific period of time.
Use undo clock summer-time to cancel the configuration.
Syntax
clock summer-time name start-time start-date end-time end-date add-time
undo clock summer-time
Default
Daylight saving time is disabled.
Views
System view
Pre-defined user roles
network-admin
mdc-admin
Parameters
name: Specifies a name for the daylight saving time schedule, a case-sensitive string of 1 to 32 characters.
start-time: Specifies the start time in the hh:mm:ss format. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it. If both the minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8.
start-date: Specifies the start date in one of the following formats:
· MM/DD. The MM value is in the range of 1 to 12, and the value range for DD depends on the month value.
· month week date, where:
¡ month—Takes January, February, March, April, May, June, July, August, September, October, November or December.
¡ week—Represents week of the month. It takes first, second, third, fourth, fifth, or last.
¡ day—Takes Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday.
end-time: Specifies the end time in the hh:mm:ss format. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it. If both the minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8.
end-date: Specifies the end date in one of the following formats:
· MM/DD. The MM value is in the range of 1 to 12, and the value range for DD depends on the month value.
· month week date, where:
¡ month—Takes January, February, March, April, May, June, July, August, September, October, November or December.
¡ week—Represents week of the month. It takes first, second, third, fourth, fifth, or last.
¡ day—Takes Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday.
add-time: Specifies the time to be added to the standard time, in the hh:mm:ss format. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it. If both the minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8.
Usage guidelines
The daylight saving time, together with the UTC time and local time zone, determines the system time. You can use the display clock command to view the system time.
A correct system time setting is essential to network management and communication. Set the system time correctly or use NTP to synchronize your device with a trusted time source before you run it on the network.
Examples
# Set the system time ahead 1 hour for the period between 06:00:00 on 08/01 and 06:00:00 on 09/01.
<Sysname> system-view
[Sysname] clock summer-time PDT 6 08/01 6 09/01 1
Related commands
· display clock
clock timezone
Use clock timezone to set the local time zone.
Use undo clock timezone to restore the default.
Syntax
clock timezone zone-name { add | minus } zone-offset
undo clock timezone
Default
The local time zone is the UTC time zone.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
zone-name: Specifies a time zone by its name, a case-sensitive string of 1 to 32 characters.
add: Adds an offset to the UTC time.
minus: Decreases the UTC time by an offset.
zone-offset: Specifies an offset to the UTC time, in the hh:mm:ss format. The hh value is in the range of 0 to 23, the mm value is in the range of 0 to 59, and the ss value is in the range of 0 to 59. The leading zero in a segment can be omitted. If the seconds segment is 0 (hh:mm:00), you can omit it. If both the minutes and seconds segments are 0 (hh:00:00), you can omit both of the segments. For example, to specify 08:00:00, you can enter 8.
Usage guidelines
The local time zone, together with the UTC time and daylight saving time, determines the system time. You can use the display clock command to view the system time.
A correct system time setting is essential to network management and communication. Set the system time correctly or use NTP to synchronize your device with a trusted time source before you run it on the network.
Examples
# Set the name of the local time zone to Z5, and add 5 hours to the UTC time.
<Sysname> system-view
[Sysname] clock timezone Z5 add 5
Related commands
· clock datetime
· clock protocol
· clock summer-time
· display clock
command
Use command to assign a command to a job.
Use undo command to revoke a command.
Syntax
command id command
undo command id
Default
No command is assigned to a job.
Views
Job view
Predefined user roles
network-admin
mdc-admin
Parameters
id: Specifies a command ID in the range of 0 to 4294967295.
command: Specifies the command to be assigned to the job.
Usage guidelines
A job can have multiple commands. Commands in a job are uniquely identified by their IDs. A command with a smaller ID is executed earlier.
If a command uses the ID of an existing command, the existing command is replaced.
A job cannot contain any of these commands: telnet, ftp, ssh2, or monitor process.
The system does not check the validity of the command argument. You must make sure the command is supported by the device, is input in the correct format, and uses valid values. Otherwise, the command cannot be executed automatically.
Examples
# Assign commands to job backupconfig to back up configuration file startup.cfg to the TFTP server at 192.168.100.11.
<Sysname> system-view
[Sysname] scheduler job backupconfig
[Sysname-job-backupconfig] command 2 tftp 192.168.100.11 put flash:/startup.cfg backup.cfg
Related commands
scheduler job
copyright-info enable
Use copyright-info enable to enable displaying the copyright statement.
Use undo copyright-info enable to disable displaying the copyright statement.
Syntax
copyright-info enable
undo copyright-info enable
Default
The copyright statement is displayed.
Views
System view
Predefined user roles
network-admin
mdc-admin
Examples
# Enable displaying the copyright statement.
<Sysname> system-view
[Sysname] copyright-info enable
· When a Telnet user logs in, the following statement appears:
**************************************************************************
* Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
<Sysname>
· When a console user quits user view, the following message appears (the device automatically tries to restart the console session):
**************************************************************************
* Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
****************************************************************************
User interface aux0 is available.
Press ENTER to get started.
# Disable displaying the copyright statement.
<Sysname> system-view
[Sysname] undo copyright-info enable
· When a Telnet user logs in, the user view prompt appears:
<Sysname>
· When a console user quits user view, the following message appears (the device automatically tries to restart the console session):
User interface aux0 is available.
Press ENTER to get started.
diagnostic start test
Use diagnostic start test to run a global on-demand diagnostic test.
Syntax
diagnostic start test test-name
Views
User view
Predefined user roles
network-admin
Parameters
test test-name: Specifies a test by its name, a case-insensitive string of 1 to 31 characters.
Usage guidelines
This command is available only when the device operates in standalone mode.
Before you execute this command, start the device with factory defaults and verify that no service ports are connected to any cables and transceiver modules.
After you execute this command, you must reboot the device.
Examples
# Run a global on-demand diagnostic test.
<Sysname>diagnostic start test EquipSelfCheck
This command requires null configuration and reboot device aferwards. Continue?
[Y/N]:y
=================================================
===============display clock===================
10:55:19 UTC Fri 06/27/2014
===============system-view=====================
System View: return to User View with Ctrl+Z.
===============undo stp enable=====================
===============probe-view=====================
===========undo monitor inner-channel=================
display alarm
Use display alarm to display alarm information.
Syntax
In standalone mode:
display alarm [ slot slot-number ]
In IRF mode:
display alarm [ chassis chassis-number slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays the alarm information of all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command displays the alarm information for all cards in the IRF fabric. (In IRF mode.)
Examples
# (In standalone mode.) Display alarm information.
<Sysname> display alarm
Slot Level Info
- ERROR Fan 1 is absent.
- INFO Power 1 is absent.
Table 27 Command output
Field |
Description |
Slot |
Slot number of the card with an alarm. If the value is a hyphen (-), the alarm was generated by the chassis. (In standalone mode.) |
Level |
Alarm severity. Possible values include ERROR, WARNING, NOTICE, and INFO, in descending order. |
Info |
Detailed alarm information. |
faulty |
The card is starting up or is faulty. |
# In IRF mode, display alarm information.
<Sysname> display alarm
Chassis Slot Level Info
1 - ERROR Chassis 1 fan 1 is faulty
1 - INFO Chassis 1 power 6 is absent.
1 1 ERROR Chassis 1 slot 11 temperature is too high, above the warning limit.
2 - ERROR Chassis 2 fan 1 is faulty
2 - INFO Chassis 2 power 6 is absent.
2 1 ERROR Chassis 2 slot 11 temperature is too high, above the warning limit.
Table 28 Command output
Field |
Description |
Chassis |
ID of the IRF member device with an alarm. |
Slot |
Slot number of the card. |
Level |
Alarm severity. Possible values include ERROR, WARNING, NOTICE, and INFO, in descending order. |
Info |
Detailed alarm information. |
display clock
Use display clock to display the system time, date, local time zone, and daylight saving time.
Syntax
display clock
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display the system time and date when the local time zone is not specified.
<Sysname> display clock
10:09:00 UTC Fri 03/16/2012
# Display the system time and date when the local time zone Z5 is specified.
<Sysname> display clock
15:10:00 Z5 Fri 03/16/2012
Time Zone : Z5 add 05:00:00
# Display the system time and date when the local time zone Z5 and daylight saving time PDT are specified.
<Sysname> display clock
15:11:00 Z5 Fri 03/16/2012
Time Zone : Z5 add 05:00:00
Summer Time : PDT 06:00:00 08/01 06:00:00 09/01 01:00:00
Related commands
· clock datetime
· clock summer-time
· clock timezone
display copyright
Use display copyright to display the copyright statement, including software and hardware copyright statements.
network-admin
network-operator
mdc-admin
mdc-operator
# Display the copyright statement.
display cpu-usage
Use display cpu-usage to display CPU usage statistics.
Syntax
In standalone mode:
display cpu-usage [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display cpu-usage [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays the CPU usage statistics for all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command displays the CPU usage statistics for all cards in the IRF fabric. (In IRF mode.)
cpu cpu-number: Displays the CPU usage statistics. The cpu-number argument can only be 0.
Usage guidelines
The system regularly (typically at 60-second intervals) collects CPU usage statistics and saves the statistical results in the history record area.
Examples
# In standalone mode, display the current CPU usage.
<Sysname> display cpu-usage
Slot 4 CPU 0 CPU usage:
10% in last 5 seconds
10% in last 1 minute
10% in last 5 minutes
Slot 10 CPU 0 CPU usage:
9% in last 5 seconds
9% in last 1 minute
9% in last 5 minutes
Slot 11 CPU 0 CPU usage:
9% in last 5 seconds
9% in last 1 minute
9% in last 5 minutes
Slot 17 CPU 0 CPU usage:
0% in last 5 seconds
0% in last 1 minute
0% in last 5 minutes
# In IRF mode, display the current CPU usage statistics for all cards.
<Sysname> display cpu-usage
Chassis 1 Slot 4 CPU 0 CPU usage:
10% in last 5 seconds
10% in last 1 minute
10% in last 5 minutes
Chassis 1 Slot 10 CPU 0 CPU usage:
9% in last 5 seconds
9% in last 1 minute
9% in last 5 minutes
Chassis 1 Slot 11 CPU 0 CPU usage:
9% in last 5 seconds
9% in last 1 minute
9% in last 5 minutes
Chassis 1 Slot 17 CPU 0 CPU usage:
0% in last 5 seconds
0% in last 1 minute
0% in last 5 minutes
Table 29 Command output
Field |
Description |
10% in last 5 seconds |
Average CPU usage during the last 5 seconds. |
10% in last 1 minute |
Average CPU usage during the last minute. |
10% in last 5 minutes |
Average CPU usage during the last 5 minutes. |
Slot x CPU y CPU usage |
Usage statistics for CPU y of the card in slot x. (In standalone mode.) |
Chassis x Slot y CPU z CPU usage |
Usage statistics for CPU z of the card in slot y on member device x. (In IRF mode.) |
display cpu-usage configuration
Use display cpu-usage configuration to display CPU usage monitoring configuration.
Syntax
In standalone mode:
display cpu-usage configuration [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display cpu-usage configuration [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays the CPU usage monitoring configuration on the active MPU. (In standalone mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument can only be 0.
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. If you do not specify this option, the global active MPU is specified. (In IRF mode.)
Examples
# Display the CPU usage monitoring configuration on the active MPU.
<Sysname> display cpu-usage configuration
CPU usage monitor is enabled.
Current monitor interval is 60 seconds.
Current monitor threshold is 99%.
· monitor cpu-usage enable
· monitor cpu-usage threshold
display cpu-usage history
Use display cpu-usage history to display the historical CPU usage statistics in charts.
Syntax
In standalone mode:
display cpu-usage history [ job job-id ] [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display cpu-usage history [ job job-id ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
job job-id: Specifies a process by its ID. If you do not specify this option, the command displays the historical CPU usage statistics for the entire system, which is the sum of the historical CPU usage statistics for all processes in the system. To view the IDs and names of the running processes, use the display process command. For more information, see Network Management and Monitoring Configuration Guide.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays the historical CPU usage statistics for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, this command displays the historical CPU usage statistics for all cards in the IRF fabric. (In IRF mode.)
cpu cpu-number: Displays the historical CPU usage statistics. The cpu-number argument can only be 0.
Usage guidelines
The system regularly collects CPU usage statistics and saves the statistics in the history record area. This command displays the CPU usage statistics for the last 60 minutes in axes as follows:
· The vertical axis represents the CPU usage. If a statistic is not a multiple of the usage step, it is rounded up or down to the closest multiple of the usage step, whichever is closer. For example, if the CPU usage step is 5%, the statistic 53% is rounded up to 55%, and the statistic 52% is rounded down to 50%.
· The horizontal axis represents the time.
· Consecutive pound signs (#) indicate the CPU usage at a specific time. The value on the vertical axis for the topmost pound sign at a specific time represents the CPU usage at that time.
Examples
# Display the historical CPU usage statistics for the entire system.
<Sysname> display cpu-usage history
100%|
95%|
90%|
85%|
80%|
75%|
70%|
65%|
60%|
55%|
50%|
45%|
40%|
35%|
30%|
25%|
20%|
15%| #
10%| ### #
5%| ########
------------------------------------------------------------
10 20 30 40 50 60 (minutes)
cpu-usage (Slot 6 CPU 0) last 60 minutes (SYSTEM)
---- More ----
The output shows the historical CPU usage statistics for the entire system (with the name SYSTEM) in the last 60 minutes:
· 5%: 12 minutes ago
· 10%: 13 minutes ago
· 15%: 14 minutes ago
· 10%: 15 minutes ago
· 5%: 16 and 17 minutes ago
· 10%: 18 minutes ago
· 5%: 19 minutes ago
· 2% or lower than 2%: Other time
# Display the historical CPU usage statistics for process 1.
<Sysname> display cpu-usage history job 1
100%|
95%|
90%|
85%|
80%|
75%|
70%|
65%|
60%|
55%|
50%|
45%|
40%|
35%|
30%|
25%|
20%|
15%|
10%|
5%| #
------------------------------------------------------------
10 20 30 40 50 60 (minutes)
cpu-usage (Slot 16 CPU 0) last 60 minutes (scmd)
---- More ----
The output shows the historical CPU usage statistics of process 1 (with the process name scmd) in the last 60 minutes. A process name with square brackets ([ ]) means that the process is a kernel process.
· 5%: 20 minutes ago
· 2% or lower than 2%: Other time
display device
Use display device to display device information.
Syntax
In standalone mode:
display device [ flash ] [ slot slot-number [ subslot subslot-number ] | verbose ]
In IRF mode:
display device [ flash ] [ chassis chassis-number [ slot slot-number [ subslot subslot-number ] ] | verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
flash: Specifies a Flash. If you do not specify this keyword, the command displays information about all cards on the device.
slot slot-number: Specifies a card by its slot number. (In standalone mode.)
chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify this option, the command displays hardware information about all IRF member devices in the IRF fabric. (In IRF mode.)
subslot subslot-number: Specifies a subcard by its subslot number. The switch does not support subcards.
verbose: Displays detailed hardware information. If you do not specify this keyword, the command displays brief information.
Examples
# In standalone mode, display device information.
<Sysname> display device
Slot No. Brd Type Brd Status Subslot Sft Ver Patch Ver
0 NONE Absent 0 NONE None
1 NONE Absent 0 NONE None
2 NONE Absent 0 NONE None
3 NONE Absent 0 NONE None
4 LSX1TGS48FC1 Normal 0 S12510-X-1130 None
5 NONE Absent 0 NONE None
6 NONE Absent 0 NONE None
7 NONE Absent 0 NONE None
8 NONE Absent 0 NONE None
9 NONE Absent 0 NONE None
10 LSX1FAB10B1 Normal 0 S12510-X-1130 None
11 LSX1FAB10B1 Normal 0 S12510-X-1130 None
12 NONE Absent 0 NONE None
13 NONE Absent 0 NONE None
14 NONE Absent 0 NONE None
15 NONE Absent 0 NONE None
16 NONE Absent 0 NONE None
17 LSX1SUP10B1 Master 0 S12510-X-1130 None
The output shows that the device has one MPU (in slot 17), one LPU (in slot 4), and two switching fabric modules (in slots 10 and 11).
Table 30 Command output
Field |
Description |
Slot No. |
Slot number of the card. |
Brd Type |
Hardware type of the card. |
Brd State |
Card status: · Standby—The card is the standby MPU. · Master—The card is the active MPU. · Absent—The slot is not installed with a card. · Fault—The card is faulty and cannot start up. · Normal—The card is operating correctly. |
Subslot |
Maximum number of subcards that the card supports. The switch does not support subcards. |
Sft Ver |
Software version of the card. |
Patch Ver |
Patch version of the card. |
# In IRF mode, display device information about all IRF member devices.
<Sysname> display device
Slot Type State Subslot Soft Ver Patch Ver
1/0 NONE Absent 0 NONE None
1/1 NONE Absent 0 NONE None
1/2 NONE Absent 0 NONE None
1/3 NONE Absent 0 NONE None
1/4 LSX1TGS48FC1 Normal 0 S12510-X-1130 None
1/5 NONE Absent 0 NONE None
1/6 NONE Absent 0 NONE None
1/7 NONE Absent 0 NONE None
1/8 NONE Absent 0 NONE None
1/9 NONE Absent 0 NONE None
1/10 LSX1FAB10B1 Normal 0 S12510-X-1130 None
1/11 LSX1FAB10B1 Normal 0 S12510-X-1130 None
1/12 NONE Absent 0 NONE None
1/13 NONE Absent 0 NONE None
1/14 NONE Absent 0 NONE None
1/15 NONE Absent 0 NONE None
1/16 NONE Absent 0 NONE None
1/17 LSX1SUP10B1 Master 0 S12510-X-1130 None
2/0 NONE Absent 0 NONE None
2/1 NONE Absent 0 NONE None
2/2 NONE Absent 0 NONE None
2/3 NONE Absent 0 NONE None
2/4 LSX1TGS48FC1 Normal 0 S12510-X-1130 None
2/5 NONE Absent 0 NONE None
2/6 NONE Absent 0 NONE None
2/7 NONE Absent 0 NONE None
2/8 NONE Absent 0 NONE None
2/9 NONE Absent 0 NONE None
2/10 LSX1FAB10B1 Normal 0 S12510-X-1130 None
2/11 LSX1FAB10B1 Normal 0 S12510-X-1130 None
2/12 NONE Absent 0 NONE None
2/13 NONE Absent 0 NONE None
2/14 NONE Absent 0 NONE None
2/15 NONE Absent 0 NONE None
2/16 NONE Absent 0 NONE None
2/17 LSX1SUP10B1 Standby 0 S12510-X-1130 None
The output shows that the IRF fabric has two member devices. The card in slot 17 on member device 1 is the global active MPU. The card in slot 17 on member device 2 is the global standby MPU.
Table 31 Command output
Field |
Description |
Slot |
Member ID of the device and slot number of the card. |
Type |
Card type. |
State |
Card state: · Absent—No card is inserted in the slot. · Master—The card is the global active MPU. · Standby—The card is a global standby MPU. · Normal—The card is operating correctly. · Fault—The card is faulty. |
Subslot |
Maximum number of subcards that the card supports. |
Soft Ver |
Software version of the card. |
Patch Ver |
Patch version of the card. If no patch is installed, the value of this field is None. |
display device manuinfo
Use display device manuinfo to display electronic label information for the device.
Syntax
In standalone mode:
display device manuinfo [ slot slot-number ]
In IRF mode:
display device manuinfo [ chassis chassis-number [ slot slot-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number: Specifies a card by its slot number.
Usage guidelines
In standalone mode, the command displays electronic label information for all cards if you do not specify the slot slot-number option.
In IRF mode, the command displays electronic label information for all members if you do not specify the chassis chassis-number option. If you specify the chassis chassis-number option but do not specify the slot slot-number option, the command displays electronic label information for all cards on the specified member.
An electronic label is a profile for a device or card and contains the permanent configuration including the serial number, manufacturing date, MAC address, and vendor name. The data is written to the storage component during debugging or testing.
Examples
# In standalone mode, display electronic label information for the device.
<Sysname> display device manuinfo
Chassis self
DEVICE_NAME : S12510-X
DEVICE_SERIAL_NUMBER : 02A0WU0128000055
MAC_ADDRESS : 0004-7679-C101
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
Slot 1 CPU 0:
DEVICE_NAME : LSX1TGS48FC1
DEVICE_SERIAL_NUMBER : 210231A73SA07B000075
MAC_ADDRESS : 000F-E26A-581B
MANUFACTURING_DATE : 2012-11-10
VENDOR_NAME : H3C
Slot 2 CPU 0:
DEVICE_NAME : LSX1TGS48FC1
DEVICE_SERIAL_NUMBER : 210231A76VX081000020
MAC_ADDRESS : 000F-0123-4565
MANUFACTURING_DATE : 2012-12-2
VENDOR_NAME : H3C
Slot 10 CPU 0:
DEVICE_NAME : LSX1FAB10A1
DEVICE_SERIAL_NUMBER : 210231A76VX081000020
MAC_ADDRESS : 1231-2312-3123
MANUFACTURING_DATE : 2012-12-2
VENDOR_NAME : H3C
Slot 16 CPU 0:
DEVICE_NAME : LSX1SUP10B1
DEVICE_SERIAL_NUMBER : 210231S12500XSUP1002
MAC_ADDRESS : 000F-0123-4565
MANUFACTURING_DATE : 2012-12-2
VENDOR_NAME : H3C
Fan 2
DEVICE_NAME : LSXE110FAN
DEVICE_SERIAL_NUMBER : 210231S125X047679F02
MAC_ADDRESS : 0004-7679-0A20
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
Power 1
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : 210231A0HHN128000169
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
Power 3
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : LBLNPW12CS15009116
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
Power 5
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : LBLNPW12CS25012311
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
# In IRF mode, display electronic label information for the IRF fabric.
<Sysname> display device manuinfo
Chassis 1:
Chassis self
DEVICE_NAME : S12510-X
DEVICE_SERIAL_NUMBER : 02A0WU0128000055
MAC_ADDRESS : 0004-7679-C101
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
Slot 1 CPU 0:
DEVICE_NAME : LSX1TGS48FC1
DEVICE_SERIAL_NUMBER : 210231A73SA07B000075
MAC_ADDRESS : 000F-E26A-581B
MANUFACTURING_DATE : 2012-11-10
VENDOR_NAME : H3C
Slot 10 CPU 0:
DEVICE_NAME : LSX1FAB10A1
DEVICE_SERIAL_NUMBER : 210231A76VX081000020
MAC_ADDRESS : 1231-2312-3123
MANUFACTURING_DATE : 2012-12-2
VENDOR_NAME : H3C
Slot 16 CPU 0:
DEVICE_NAME : LSX1SUP10B1
DEVICE_SERIAL_NUMBER : 210231S12500XSUP1002
MAC_ADDRESS : 000F-0123-4565
MANUFACTURING_DATE : 2012-12-2
VENDOR_NAME : H3C
Fan 2
DEVICE_NAME : LSXE110FAN
DEVICE_SERIAL_NUMBER : 210231S125X047679F02
MAC_ADDRESS : 0004-7679-0A20
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
Power 1
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : 210231A0HHN128000169
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
Power 3
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : LBLNPW12CS15009116
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
Power 5
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : LBLNPW12CS25012311
MAC_ADDRESS : 0000-FE91-3456
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
display device manuinfo fan
Use display device manuinfo fan to display the electronic label information for a fan.
Syntax
In standalone mode:
display device manuinfo fan fan-id
In IRF mode:
display device manuinfo chassis chassis-number fan fan-id
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
fan-id: Specifies a fan by its ID. The value range for the ID depends on the device model.
Examples
# In standalone mode, display the electronic label information of fan 2.
<Sysname> display device manuinfo fan 2
Fan 2:
DEVICE_NAME : LSXE110FAN
DEVICE_SERIAL_NUMBER : 210231S125X047679F02
MAC_ADDRESS : 0004-7679-0A20
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
# In IRF mode, display the electronic label information of fan 2 on IRF member device 1.
<Sysname> display device manuinfo chassis 1 fan 2
Chassis 1:
Fan 2:
DEVICE_NAME : LSXE110FAN
DEVICE_SERIAL_NUMBER : 210231S125X047679F02
MAC_ADDRESS : 0004-7679-0A20
MANUFACTURING_DATE : 2013-05-06
VENDOR_NAME : H3C
display device manuinfo power
Use display device manuinfo power to display the electronic label information of a power supply.
Syntax
In standalone mode:
display device manuinfo power power-id
In IRF mode:
display device manuinfo chassis chassis-number power power-id
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
power-id: Specifies a power supply by its ID.
Examples
# In standalone mode, display the electronic label information of power supply 2.
<Sysname> display device manuinfo power 2
Power 2:
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : 210231A0HHN128000169
MANUFACTURING_DATE : 2012-08-14
VENDOR_NAME : H3C
# In IRF mode, display the electronic label information of power supply 2 on IRF member device 1.
<Sysname> display device manuinfo chassis 1 power 2
Chassis 1:
Power 2:
DEVICE_NAME : LSTM2PSRA
DEVICE_SERIAL_NUMBER : 210231A0HHN128000008
MANUFACTURING_DATE : 2012-08-11
VENDOR_NAME : H3C
display diagnostic content
Use display diagnostic content to display global on-demand diagnostic test configuration.
Syntax
In standalone mode:
display diagnostic content [ slot slot-number ] [ verbose ]
In IRF mode:
display diagnostic content [ chassis chassis-number [ slot slot-number ] ] [ verbose ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
slot slot-number-list: Specifies a card by its slot number.
chassis chassis-number: Specifies an IRF member device. (In IRF mode.)
verbose: Displays detailed information. If you do not specify this keyword, the command displays brief information about diagnostic tests.
Usage guidelines
In standalone mode, the command displays the test settings for all cards if you do not specify the slot slot-number option.
In IRF mode, the command displays the test settings for all members if you do not specify the chassis chassis-number option. If you specify the chassis chassis-number option but do not specify the slot slot-number option, the command displays the test settings for all cards on the specified member.
Examples
# In standalone mode, display detailed configuration information for global on-demand diagnostic tests on slot 16.
<sysname> display diagnostic content slot 16 verbose
Diagnostic test suite attributes:
#B/*: Bootup test/NA
#O/*: Ondemand test/NA
#M/*: Monitoring test/NA
#D/*: Disruptive test/Non-disruptive test
#P/*: Per port test/NA
#A/I/*: Monitoring test is active/Monitoring test is inactive/NA
Slot 16:
Test name : IPCMonitor
Test attributes : **M*PA
Test interval : 00:01:00
Min interval : 00:01:00
Correct-action : -NA-
Description : A Real-time test, disabled by default that checks ipc between
switch units.
exec : -NA-
Test name : BoardStatusMonitor
Test attributes : **M*PA
Test interval : 00:00:06
Min interval : 00:00:06
Correct-action : -NA-
Description : A Real-time test, disabled by default that checks board statu
s between local master and other local boards.
---- More ----
# In IRF mode, display brief configuration information for global on-demand diagnostic tests on slot 16 of IRF member device 1.
<sysname> display diagnostic content chassis 1 slot 16
Diagnostic test suite attributes:
#B/*: Bootup test/NA
#O/*: Ondemand test/NA
#M/*: Monitoring test/NA
#D/*: Disruptive test/Non-disruptive test
#P/*: Per port test/NA
#A/I/*: Monitoring test is active/Monitoring test is inactive/NA
Chassis 1 slot 16:
Name Attributes Interval
IPCMonitor **M*PA 00:01:00
BoardStatusMonitor **M*PA 00:00:06
TaskMonitor **M*PA 00:00:10
PortMonitor **M*PA 00:00:10
ComponentMonitor **M*PA 00:00:30
HGMonitor **M*PI 00:00:10
EquipSelfCheck *O**** -NA-
display diagnostic-information
Use display diagnostic-information to display or save operating statistics for features and hardware modules.
Syntax
display diagnostic-information [ hardware | infrastructure | l2 | l3 | service ] [ filename ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
hardware: Displays hardware-related operating statistics.
infrastructure: Displays operating statistics for the fundamental modules.
l2: Displays operating statistics for the Layer 2 features.
l3: Displays operating statistics for the Layer 3 features.
service: Displays operating statistics for upper-layer features.
filename: Specifies a .tar.gz file to save the statistics to the file.
Usage guidelines
You can use one of the following methods to collect operating statistics for diagnostics and troubleshooting:
· Use separate display commands to collect operating information feature by feature or module by module.
· Use the display diagnostic-information command to collect operating information for multiple or all features and hardware modules.
This display command does not support the | by-linenum option, the > filename option, or the >> filename option. However, this command asks you whether you want to save the output to a file or display the output on the screen. The file used to save the output is automatically compressed to save storage space.
To successfully save the statistics to a file, make sure the directory for saving core files on the active MPU or global active MPU is not NULL and is accessible. To display the directory, use the display exception filepath command.
Examples
# Display the operating statistics for multiple feature modules in the system.
<Sysname> display diagnostic-information
Save or display diagnostic information (Y=save, N=display)? [Y/N]:n
===============================================
===============display clock===============
14:03:55 UTC Thu 01/05/2013
=================================================
===============display version===============
...
display exception filepath
display environment
Use display environment to display temperature information, including the temperature thresholds and the current temperature values.
Syntax
In standalone mode:
display environment [ slot slot-number ]
In IRF mode:
display environment [ chassis chassis-number [ slot slot-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number: Specifies a card by its slot number.
Usage guidelines
In standalone mode, the command displays information about all temperature sensors on the device if you do not specify the slot slot-number option.
In IRF mode, the command displays information about all temperature sensors in the IRF fabric if you do not specify the chassis chassis-number option. If you specify the chassis chassis-number option but do not specify the slot slot-number option, the command displays information about all temperature sensors on the specified member.
If the temperature exceeds the high-temperature alarming threshold, verify that the device ventilation system is operating correctly and all empty slots are installed with a blank panel.
Examples
# In standalone mode, display information about all temperature sensors on the device.
<Sysname> display environment
System temperature information (degree centigrade):
----------------------------------------------------------------------
Slot Sensor Temperature Lower Warning Alarm Shutdown
4 hotspot 1 40 0 75 90 95
4 hotspot 2 46 0 75 90 95
4 hotspot 3 43 0 75 90 95
10 hotspot 1 43 0 75 90 95
10 hotspot 2 40 0 75 90 95
10 hotspot 3 42 0 75 90 95
17 inflow 1 42 0 57 72 77
17 hotspot 1 43 0 76 88 93
17 hotspot 2 40 0 76 88 93
# In IRF mode, display information about all temperature sensors in the IRF fabric.
<Sysname> display environment
System temperature information (degree centigrade):
----------------------------------------------------------------------
Chassis Slot Sensor Temperature Lower Warning Alarm Shutdown
1 4 hotspot 1 40 0 75 90 95
1 4 hotspot 2 46 0 75 90 95
1 4 hotspot 3 43 0 75 90 95
1 10 hotspot 1 43 0 75 90 95
1 10 hotspot 2 40 0 75 90 95
1 10 hotspot 3 42 0 75 90 95
1 17 inflow 1 42 0 57 72 77
1 17 hotspot 1 43 0 76 88 93
1 17 hotspot 2 40 0 76 88 93
2 4 hotspot 1 40 0 75 90 95
2 4 hotspot 2 46 0 75 90 95
2 4 hotspot 3 43 0 75 90 95
2 10 hotspot 1 43 0 75 90 95
2 10 hotspot 2 40 0 75 90 95
2 10 hotspot 3 42 0 75 90 95
2 17 inflow 1 42 0 57 72 77
2 17 hotspot 1 43 0 76 88 93
2 17 hotspot 2 40 0 76 88 93
Table 32 Command output
Field |
Description |
Temperature |
Current temperature. |
Lower |
Low-temperature threshold. |
Warning |
High-temperature warning threshold. |
Alarm |
High-temperature alarming threshold. |
Shutdown |
High-temperature shutdown threshold. When the sensor temperature reaches the limit, the system shuts down automatically. |
display exception filepath
Use display exception filepath to display the directory for saving core files on an MPU.
Syntax
In standalone mode:
display exception filepath [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display exception filepath [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies an MPU by its slot number. If you do not specify this option, the command displays the directory for saving core files on the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the MPU. If you do not specify this option, the command displays the directory for saving core files on the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number.
Examples
# In standalone mode, display the directory for saving core files on the active MPU.
<Sysname> display exception filepath
The exception filepath on slot 0 is flash:.
# In standalone mode, display the directory for saving core files on the standby MPU.
<Sysname> display exception filepath slot 1
The exception filepath on slot 1 is flash:.
# In IRF mode, display the directory for saving core files on the global active MPU.
<Sysname> display exception filepath
The exception filepath on chassis 1 slot 1 is flash:.
display fan
Use display fan to display the operating states of fans.
Syntax
In standalone mode:
display fan [ fan-id ]
In IRF mode:
display fan [ chassis chassis-number [ fan-id ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify this option, the command displays the operating states of fans on all IRF member devices. (In IRF mode.)
fan-id: Specifies a fan by its ID.
Examples
# Display the operating states of all fans.
<Sysname> display fan
Fan-tray 1:
Status : Absent
Fan-tray 2:
Status : Normal
Fan number: 5
Fan mode : Auto
Airflow Direction: Back-to-front
Fan Status Speed(rpm)
--- ---------- ----------
1 Normal 7142
2 Fault 3546
3 Normal 1665
4 Fault 3578
5 Normal 1660
display hardware-resource
Use display hardware-resource to display hardware resource mode information.
Syntax
display hardware-resource [ tcam | vxlan ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
tcam: Displays mode information about ternary content addressable memory (TCAM) hardware resources.
vxlan: Displays mode information about VXLAN hardware resources.
Usage guidelines
This command is available in Release 1138P01 and later versions.
If you do not specify the tcam or vxlan keyword, this command displays mode information about TCAM and VXLAN hardware resources.
Examples
# Display hardware resource mode information.
<Sysname> display hardware-resource
Tcam resource(tcam), all supported modes:
routing The routing working mode
normal The normal working mode
acl The acl working mode
-----------------------------------------------
Default Current Next
routing routing routing
Vxlan resource(vxlan), all supported modes:
normal The normal mode
mac The mac mode
-----------------------------------------------
Default Current Next
normal normal normal
Table 33 Command output
Field |
Description |
Default |
Default mode. |
Current |
Current mode. |
Next |
Mode for the next startup. |
Related commands
· hardware-resource tcam
· hardware-resource vxlan (VXLAN Command Reference)
display memory
Use display memory to display memory usage.
Syntax
In standalone mode:
display memory [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display memory [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays memory usage for all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command displays memory usage for all cards in the IRF fabric. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument must be 0.
Examples
# In standalone mode, display memory usage.
<Sysname> display memory
The statistics about memory is measured in KB:
Slot 4:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 3415304 830292 2585012 0 0 13132 75.7%
-/+ Buffers/Cache: 817160 2598144
Swap: 0 0 0
Slot 10:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 1366400 506312 860088 0 0 13132 62.9%
-/+ Buffers/Cache: 493180 873220
Swap: 0 0 0
Slot 17:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 8143312 1168820 6974492 0 68 304148 85.6%
-/+ Buffers/Cache: 864604 7278708
Swap: 0 0 0
# In IRF mode, display memory usage.
<Sysname> display memory
The statistics about memory is measured in KB:
Chassis 1 Slot 4:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 3415304 830292 2585012 0 0 13132 75.7%
-/+ Buffers/Cache: 817160 2598144
Swap: 0 0 0
Chassis 1 Slot 10:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 1366400 506312 860088 0 0 13132 62.9%
-/+ Buffers/Cache: 493180 873220
Swap: 0 0 0
Chassis 1 Slot 17:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 8143312 1168820 6974492 0 68 304148 85.6%
-/+ Buffers/Cache: 864604 7278708
Swap: 0 0 0
Chassis 2 Slot 4:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 3415304 830292 2585012 0 0 13132 75.7%
-/+ Buffers/Cache: 817160 2598144
Swap: 0 0 0
Chassis 2 Slot 10:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 1366400 506312 860088 0 0 13132 62.9%
-/+ Buffers/Cache: 493180 873220
Swap: 0 0 0
Chassis 2 Slot 17:
Total Used Free Shared Buffers Cached FreeRatio
Mem: 8143312 1168820 6974492 0 68 304148 85.6%
-/+ Buffers/Cache: 864604 7278708
Swap: 0 0 0
Table 34 Command output
Field |
Description |
Mem |
Memory usage information. |
Total |
Total size of the physical memory space that can be allocated. The memory space is virtually divided into two parts. Part 1 is solely used for kernel codes, and kernel management. Part 2 can be allocated and used for such tasks as running service modules and storing files. The size of part 2 equals the total size minus the size of part 1. |
Used |
Used physical memory. |
Free |
Free physical memory. |
Shared |
Physical memory shared by processes. |
Buffers |
Physical memory used for buffers. |
Cached |
Physical memory used for caches. |
FreeRatio |
Free memory ratio. |
-/+ Buffers/Cache |
-/+ Buffers/Cache:Used = Mem:Used – Mem:Buffers – Mem:Cached, which indicates the physical memory used by applications. -/+ Buffers/Cache:Free = Mem:Free + Mem:Buffers + Mem:Cached, which indicates the physical memory available for applications. |
Swap |
Swap memory. |
display memory-threshold
Use display memory-threshold to display memory alarm thresholds and statistics.
Syntax
In standalone mode:
display memory-threshold [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display memory-threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command displays the memory alarm thresholds and statistics for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command displays the memory alarm thresholds and statistics for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument must be 0.
Usage guidelines
For more information about memory alarms, see log information containing MEM_EXCEED_THRESHOLD or MEM_BELOW_THRESHOLD.
Examples
# Display memory alarm thresholds and statistics.
<Sysname> display memory-threshold
Memory usage threshold: 100%
Free memory threshold:
Minor: 96M
Severe: 64M
Critical: 48M
Normal: 128M
Current memory state: Normal
Event statistics:
[Back to normal state]
First notification: 0.0
Latest notification: 0.0
Total number of notifications sent: 0
[Enter minor low-memory state]
First notification at: 0.0
Latest notification at: 0.0
Total number of notifications sent: 0
[Back to minor low-memory state]
First notification at: 0.0
Latest notification at: 0.0
Total number of notifications sent: 0
[Enter severe low-memory state]
First notification at: 0.0
Latest notification at: 0.0
Total number of notifications sent: 0
[Back to severe low-memory state]
First notification at: 0.0
Latest notification at: 0.0
Total number of notifications sent: 0
[Enter critical low-memory state]
First notification at: 0.0
Latest notification at: 0.0
Total number of notifications sent: 0
display power
Use display power to display power supply information.
Syntax
In standalone mode:
display power [ power-id ]
In IRF mode:
display power [ chassis chassis-number [ power-id ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. If you do not specify this option, the command displays power supply information on all IRF member devices. (In IRF mode.)
power-id: Specifies a power supply by its ID. If you do not specify this option, the command displays information about all power supplies.
Examples
# Display power supply information.
<Sysname> display power
PowerID State Current(A) Voltage(V) Power(W)
1 Normal 10.40 54.00 561.60
2 Fault -- -- --
3 Absent -- -- --
4 Absent -- -- --
5 Absent -- -- --
6 Absent -- -- --
7 Absent -- -- --
8 Absent -- -- --
display scheduler job
Use display scheduler job to display job configuration information.
Syntax
display scheduler job [ job-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
job-name: Specifies a job by its name, a case-sensitive string of 1 to 47 characters. If you do not specify this option, the command displays the configuration information for all jobs.
Examples
# Display the configuration information for all jobs.
<Sysname> display scheduler job
Job name: saveconfig
copy startup.cfg backup.cfg
Job name: backupconfig
Job name: creat-VLAN100
system-view
vlan 100
// The output shows that the device has three jobs: the first has one command, the second has no command, and the third has two commands. Jobs are separated by blank lines.
display scheduler logfile
Use display scheduler logfile to display job execution log information.
Syntax
display scheduler logfile
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display job execution log information.
<Sysname> display scheduler logfile
Logfile Size: 1902 Bytes.
Job name : shutdown
Schedule name : shutdown
Execution time : Tue Dec 27 10:44:42 2013
Completion time : Tue Dec 27 10:44:47 2013
--------------------------------- Job output -----------------------------------
<Sysname>system-view
System View: return to User View with Ctrl+Z.
[Sysname]interface range fortygige 1/0/1 to fortygige 1/0/3
[Sysname-if-range]shutdown
Table 35 Command output
Field |
Description |
Logfile Size |
Size of the log file, in bytes. |
Schedule name |
Schedule to which the job belongs. |
Execution time |
Time when the job was started. |
Completion time |
Time when the job was completed. If the job has never been executed or the job has no commands, this field is blank. |
Job output |
Commands in the job and their output. |
Related commands
reset scheduler logfile
display scheduler reboot
Use display scheduler reboot to display the automatic reboot schedule.
Syntax
display scheduler reboot
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display the automatic reboot schedule.
<Sysname> display scheduler reboot
System will reboot at 16:32:00 05/23/2013 (in 1 hours and 39 minutes).
· scheduler reboot at
· scheduler reboot delay
display scheduler schedule
Use display scheduler schedule to display schedule information.
Syntax
display scheduler schedule [ schedule-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
schedule-name: Specifies a schedule by its name, a case-sensitive string of 1 to 47 characters. If you do not specify this option, the command displays information about all schedules.
Examples
# Display information about all schedules.
<Sysname> display scheduler schedule
Schedule name : shutdown
Schedule type : Run once after 0 hours 2 minutes
Start time : Tue Dec 27 10:44:42 2011
Last execution time : Tue Dec 27 10:44:42 2011
Last completion time : Tue Dec 27 10:44:47 2011
Execution counts : 1
-----------------------------------------------------------------------
Job name Last execution status
shutdown Successful
Table 36 Command output
Field |
Description |
Schedule type |
Execution time setting of the schedule. If no execution time is specified, this field is not displayed. |
Start time |
Time to execute the schedule for the first time. If no execution time is specified, this field is not displayed. |
Last execution time |
Last time when the schedule was executed. If no execution time is specified, this field is not displayed. If the schedule has never been executed, "Yet to be executed" is displayed for this field. |
Last completion time |
Last time when the schedule was completed. If no execution time is specified, this field is not displayed. |
Execution counts |
Number of times the schedule has been executed. If the schedule has never been executed, this field is not displayed. |
Job name |
Name of a job under the schedule. |
Last execution status |
Result of the most recent execution: · Successful. · Failed. · Waiting—The device is executing the schedule and the job is waiting to be executed. · In process—The job is being executed. · -NA-—The execution time has not arrived yet. To view information about whether the commands in the job has been executed and the execution results, execute the display scheduler logfile command. |
display system stable state
Use display system stable state to display system stability and status information.
Syntax
display system stable state [ mdc { id | all } ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
mdc { id | all }: Specifies an MDC by its ID or specifies all MDCs. If you do not specify this option, the command displays stability information for the system.
Usage guidelines
This command is available in Release 1138P01 and later versions.
Before performing an ISSU or a switchover, execute this command multiple times to identify whether the system is operating stably. If the value of the System State field is not Stable, you cannot perform an ISSU. If the value of the Redundancy Stable field is not Stable, you cannot perform a switchover.
The system takes some time to start up. If the values of the status fields do not change to Stable, execute this command multiple times to identify the device or a card or MDC that is not in Stable state. You can also use other commands to identify the faulty components.
Examples
# (In standalone mode.) Display system stability and status information.
<Sysname> display system stable state
System state : Stable
Redundancy state: Stable
Slot CPU Role State
* 1 0 Active Stable
Table 37 Command output
Field |
Description |
System state |
System status: · Stable—The system is operating stably. · Not ready—The system is not operating stably. You cannot perform an ISSU when the system is in this state. |
Redundancy state |
System redundancy status: · Stable—Both MPUs are operating stably. You can perform a switchover. · No Redundance—The system has only one MPU. You cannot perform a switchover. · Not Ready—The system is not operating stably. You cannot perform a switchover. |
Role |
Role of the card in the system: · Active—The card is the active MPU. · Standby—The card is the standby MPU. · Other—The card is not an MPU. |
State |
Card status: · Stable—The card is operating stably. · Board Inserted—The card has just been installed. · Kernel Init—Card kernel is being initialized. · Service Starting—Services are starting. · Service Stopping—Services are stopping. · HA Batch Backup—An HA batch backup is going on. · Interface Data Batch Backup—An interface data batch backup is in progress. · MDC Starting—MDCs are starting. · MDC Stopping—MDCs are stopping. |
* |
The object is not operating stably. |
Related commands
· display device
· display mdc
display system-working-mode
Use display system-working-mode to display system working mode information.
Syntax
display system-working-mode
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display system working mode information.
<Sysname> display system-working-mode
The current system working mode is standard.
The next system working mode is standard.
display transceiver alarm
Use display transceiver alarm to display transceiver alarms.
Syntax
display transceiver alarm interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface [ interface-type interface-number ]: Specifies an interface by its type and number. If no interface is specified, this command displays the alarms present on every transceiver module.
Usage guidelines
Table 38 describes some common transceiver alarms. If no error occurs, "None" is displayed.
Table 38 Common transceiver alarms
Field |
Remarks |
REFCLK |
Reference clock. |
RX … |
Received … |
TX … |
Transmitted … |
TX bias high |
The transmitted bias current is high. |
TX bias low |
The transmitted bias current is low. |
Temp high |
The temperature is high. |
Temp low |
The temperature is low. |
Transceiver type and port configuration mismatch |
The type of the transceiver module does not match the port configuration. |
Examples
# Display the alarms present on the transceiver module in interface FortyGigE 1/0/1.
<Sysname> display transceiver alarm interface fortygige 1/0/1
FortyGigE1/0/1 transceiver current alarm information:
RX loss of signal(channel 1)
RX loss of signal(channel 2)
RX loss of signal(channel 3)
RX loss of signal(channel 4)
RX power low(channel 1)
RX power low(channel 2)
RX power low(channel 3)
RX power low(channel 4)
Table 39 Command output
Field |
Description |
transceiver current alarm information |
Alarms present on the transceiver module. |
RX loss of signal |
Received signals are lost. |
RX power low |
Received power is low. |
display transceiver diagnosis
Use display transceiver diagnosis to display the current values of the digital diagnosis parameters on transceiver modules.
Syntax
display transceiver diagnosis interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface [ interface-type interface-number ]: Specifies an interface by its type and number. If no interface is specified, this command displays the current values of the digital diagnosis parameters on every transceiver module.
Usage guidelines
This command cannot display information about some transceiver modules.
Examples
# Display the current values of the digital diagnosis parameters on the transceiver module in interface FortyGigE 1/0/1.
<Sysname> display transceiver diagnosis interface fortygige 1/0/1
FortyGigE1/0/1 transceiver diagnostic information:
Current diagnostic parameters:
[module] Temp.(°C) Voltage(V)
33 3.29
[channel] Bias(mA) RX power(dBm) TX power(dBm)
1 7.96 -1.03 -0.64
2 7.69 -0.83 -0.56
3 7.79 -0.42 -0.59
4 8.08 -0.55 -0.47
Alarm thresholds:
Temp.(°C) Voltage(V) Bias(mA) RX power(dBm) TX power(dBm)
High 75 3.63 10.00 3.40 N/A
Low -5 2.97 0.50 -13.51 N/A
Table 40 Command output
Field |
Description |
transceiver diagnostic information |
Digital diagnosis information of the transceiver module in the interface. |
Temp.(°C) |
Temperature in °C, accurate to 1°C. |
Voltage(V) |
Voltage in V, accurate to 0.01 V. |
Bias(mA) |
Bias current in mA, accurate to 0.01 mA. |
RX power(dBm) |
RX power in dBm, accurate to 0.01 dBm. |
TX power(dBm) |
TX power in dBm, accurate to 0.01 dBm. |
display transceiver interface
Use display transceiver interface to display the key parameters of transceiver modules.
Syntax
display transceiver interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface-type interface-number: Specifies an interface by its type and number. If you do not specify this option, the command displays the key parameters of every transceiver module.
Examples
# Display the key parameters of the transceiver module in interface FortyGigE 1/0/1.
<Sysname> display transceiver interface fortygige 1/0/1
FortyGigE1/0/1 transceiver information:
Transceiver Type : 40G_BASE_SR4_QSFP_PLUS
Connector Type : MPO
Wavelength(nm) : 850
Transfer Distance(m) : 100(OM3)
Digital Diagnostic Monitoring : YES
Vendor Name : H3C
Table 41 Command output
Field |
Description |
transceiver information |
Transceiver information. |
Transceiver Type |
Transceiver type. |
Connector Type |
Connector type options: · MPO—Multi-fiber Push On. · RJ-45. |
Wavelength(nm) |
· Fiber transceiver—Central wavelength (in nm) of the transmit laser. If the transceiver supports multiple wavelengths, every two wavelength values are separated by a comma. · Copper cable—Displayed as N/A. |
Transfer Distance(xx) |
Transfer distance, with "xx" representing the distance unit: km (kilometers) for single-mode transceiver modules and m (meters) for other transceiver modules. If the transceiver module supports multiple transfer media, the transfer distances are separated by commas. The transfer medium is included in the bracket following the transfer distance value. The following are the transfer media: · 9 um—9/125 um single-mode fiber. · 50 um—50/125 um multi-mode fiber. · 62.5 um—62.5/125 um multi-mode fiber. · TP—Twisted pair. |
Digital Diagnostic Monitoring |
Support for digital diagnosis: · YES—Supported. · NO—Not supported. |
display transceiver manuinfo
Use display transceiver manuinfo to display the electronic label information for transceiver modules.
Syntax
display transceiver manuinfo interface [ interface-type interface-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface [ interface-type interface-number ]: Specifies an interface by its type and number. If no interface is specified, this command displays the electronic label information for the transceiver modules on all interfaces.
Usage guidelines
This command displays only part of the electronic label information.
Examples
# Display the electronic label information for the transceiver module in interface FortyGigE 1/0/1.
<Sysname> display transceiver manuinfo interface fortygige 1/0/1
FortyGigE1/0/1 transceiver manufacture information:
Manu. Serial Number : 213410A0000054000251
Manufacturing Date : 2012-09-01
Vendor Name : H3C
Table 42 Command output
Field |
Description |
Manu. Serial Number |
Serial number generated during production of the transceiver module. |
Manufacturing Date |
Date when the electronic label information was written to the transceiver module. |
display version
Use display version to display system version information.
Syntax
display version
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Examples
# Display system version information.
<Sysname> display version
display version-update-record
Use display version-update-record to display the startup software image upgrade history records of the active MPU. (In standalone mode.)
Use display version-update-record to display the startup software image upgrade history records of the global active MPU. (In IRF mode.)
Syntax
display version-update-record
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
The device records its current startup software version information and all subsequent version update information. Such information can survive reboots.
A maximum of 10 records can be saved.
Examples
# Display the startup software image upgrade history records.
<Sysname> display version-update-record
Name Version Compile time
Record 1 (updated on Sep 10 2014 at 18:06:28):
* S12500-X-CMW710-BOOT-R1130.bin 7.1.045 Release 1130 Aug 14 2014 16:33:12
* S12500-X-CMW710-SYSTEM-R1130.bin 7.1.045 Release 1130 Aug 14 2014 16:33:12
Table 43 Command output
Field |
Description |
Name |
Software image file name. |
* |
The new software image is different from the old one. |
Related commands
reset version-update-record
exception filepath
Use exception filepath to specify the directory for saving core files on an MPU.
Use undo exception filepath to remove the directory setting (set the directory to NULL) on an MPU.
Syntax
exception filepath directory
undo exception filepath directory
Default
The directory for saving core files is flash: on an MPU.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
directory: Specifies the root directory of a storage medium on an MPU.
Usage guidelines
The system will save core files to the core folder in the core file directory on the active MPU (in standalone mode) or the global active MPU (in IRF mode).
· If the core folder does not exist, the system creates the folder.
· If the specified directory is not accessible or is NULL, the system cannot save core files or the diagnostic information collected by using the display diagnostic-information command.
Examples
# Specify the directory for saving core files as flash:.
<Sysname> exception filepath flash:
Related commands
· display exception filepath
· process core
hardware-resource tcam
Use hardware-resource tcam to set the TCAM hardware resource mode.
Use undo hardware-resource tcam to restore the default.
Syntax
hardware-resource tcam { acl | normal | routing }
undo hardware-resource tcam
Default
The TCAM operating mode is routing.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
acl: Uses the TCAM on the FE card for Layer 2 ACLs and IPv4 ACLs to extend the storage capacity for the ACLs.
normal: Does not use the TCAM on the FE card.
routing: Uses the TCAM on the FE card for ARP entries and IPv4 routing entries to extend the storage capacity for the entries.
Usage guidelines
This command is available in Release 1138P01 and later versions.
This command takes effect only for the FE card.
For a TCAM hardware resource mode change to take effect, perform the following tasks:
· Save the running configuration to the next-startup configuration file.
· Delete the .mdb binary file for the next-startup configuration file.
· Reboot the device.
Examples
# Set the TCAM hardware resource mode to routing.
<Sysname> system-view
[Sysname] hardware-resource tcam routing
Do you want to change the specified hardware resource working mode? [Y/N]:y
The hardware resource working mode is changed, please save the configuration and reboot the system to make it effective.
Related commands
display hardware-resource
header
Use header to create a banner.
Use undo header to delete a banner.
Syntax
header { legal | login | motd | shell } text
undo header { legal | login | motd | shell }
Default
The default settings depend on the device model.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
legal: Configures the banner to be displayed before a user inputs the username and password to access the CLI.
login: Configures the banner to be displayed before password or scheme authentication is performed for a login user.
motd: Configures the greeting banner to be displayed before the legal banner appears. Support for the keyword depends on the device model.
shell: Configures the banner to be displayed before a non-modem dial-in user accesses user view.
text: Specifies the banner message, which can be entered in two formats. For more information, see Fundamentals Configuration Guide.
Examples
# Create the legal banner, login banner, MOTD banner, and shell banner.
<Sysname> system-view
[Sysname] header legal
Please input banner content, and quit with the character '%'.
Welcome to legal (header legal)%
[Sysname] header login
Please input banner content, and quit with the character '%'.
Welcome to login(header login)%
[Sysname] header motd
Please input banner content, and quit with the character '%'.
Welcome to motd(header motd)%
[Sysname] header shell
Please input banner content, and quit with the character '%'.
Welcome to shell(header shell)%
In this example, the percentage sign (%) is the starting and ending character of the text argument. Entering the percentage sign after the text quits the header command. Because it is the starting and ending character, the percentage sign is not included in the banner.
# Test the configuration by using Telnet. The login banner appears only when password or scheme login authentication has been configured.
******************************************************************************
* Copyright (c) 2004-2014 Hangzhou H3C Tech. Co., Ltd. All rights reserved.*
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
Welcome to legal (header legal)
Press Y or ENTER to continue, N to exit.
Welcome to login(header login)
Password:
Welcome to motd(header motd)
Welcome to shell(header shell)
job
Use job to assign a job to a schedule.
Use undo job to revoke a job.
Syntax
job job-name
undo job job-name
Default
No job is assigned to a schedule.
Views
Schedule view
Predefined user roles
network-admin
mdc-admin
Parameters
job-name: Specifies the job name, a case-sensitive string of 1 to 47 characters.
Usage guidelines
You can assign multiple jobs to a schedule. The jobs in a schedule are executed concurrently.
The jobs to be assigned to a schedule must already exist. To create a job, use the scheduler job command.
Examples
# Assign job save-job to schedule saveconfig.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] job save-job
Related commands
· scheduler job
· scheduler schedule
memory-threshold
Use memory-threshold to set free-memory thresholds.
Use undo memory-threshold to restore the defaults.
Syntax
In standalone mode:
memory-threshold [ slot slot-number [ cpu cpu-number ] ] minor minor-value severe severe-value critical critical-value normal normal-value
undo memory-threshold [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
memory-threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] minor minor-value severe severe-value critical critical-value normal normal-value
undo memory-threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Default
· Minor alarm threshold—96 MB.
· Severe alarm threshold—64 MB.
· Critical alarm threshold—48 MB.
· Normal state threshold—128 MB.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
minor minor-value: Specifies the minor alarm threshold. This threshold must be equal to or less than the memory size of the specified card. Setting this threshold to 0 disables the minor alarm feature.
severe severe-value: Specifies the severe alarm threshold. This threshold must be equal to or less than the minor alarm threshold. Setting this threshold to 0 disables the severe alarm feature.
critical critical-value: Specifies the critical alarm threshold. This threshold must be equal to or less than the severe alarm threshold. Setting this threshold to 0 disables the critical alarm feature.
normal normal-value: Specifies the normal state threshold. This threshold must be equal to or greater than the minor alarm threshold.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command sets thresholds for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command sets thresholds for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument must be 0.
Usage guidelines
To ensure correct operation and improve memory efficiency, the system monitors the amount of free memory space in real time. When a free-memory threshold is exceeded, the system sends an alarm notification or an alarm-removed notification to affected feature modules or processes so they can take countermeasures. For more information about the conditions and rules for generating alarm notifications and alarm-removed notifications, see Fundamentals Configuration Guide.
# Set the minor alarm, severe alarm, critical alarm, and normal state thresholds to 64 MB, 48 MB, 32 MB, and 96 MB, respectively.
<Sysname> system-view
[Sysname] memory-threshold minor 64 severe 48 critical 32 normal 96
Related commands
· display memory-threshold
· memory-threshold usage
memory-threshold usage
Use memory-threshold usage to set the memory usage threshold.
Use undo memory-threshold usage to restore the default.
Syntax
In standalone mode:
memory-threshold [ slot slot-number [ cpu cpu-number ] ] usage memory-threshold
undo memory-threshold [ slot slot-number [ cpu cpu-number ] ] usage
In IRF mode:
memory-threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] usage memory-threshold
undo memory-threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ] usage
Default
The memory usage threshold is 100%.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
memory-threshold: Specifies the memory usage threshold in percentage. The value range is 0 to 100.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command sets the memory usage threshold for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command sets the memory usage threshold for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument is fixed at 0.
Usage guidelines
The device samples memory usage at an interval of 1 minute. If the sample is greater than the memory usage threshold, the device sends a trap.
Examples
# Set the memory usage threshold to 80%.
<Sysname> system-view
[Sysname] memory-threshold chassis 1 slot 2 cpu 1 usage 80
Related commands
· display memory-threshold
· memory-threshold
monitor cpu-usage enable
Use monitor cpu-usage enable to enable CPU usage monitoring.
Use undo monitor cpu-usage enable to disable CPU usage monitoring.
Syntax
In standalone mode:
monitor cpu-usage enable [ slot slot-number [ cpu cpu-number ] ]
undo monitor cpu-usage enable [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
monitor cpu-usage enable [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
undo monitor cpu-usage enable [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Default
CPU usage monitoring is enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command enables CPU usage monitoring on the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command enables CPU usage monitoring for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument must be 0.
Examples
# Enable CPU usage monitoring.
<Sysname> system-view
[Sysname] monitor cpu-usage enable
Related commands
· display cpu-usage
· display cpu-usage configuration
· display cpu-usage history
· monitor cpu-usage interval
· monitor cpu-usage threshold
monitor cpu-usage interval
Use monitor cpu-usage interval to configure the interval at which the device samples CPU usage statistics.
Syntax
In standalone mode:
monitor cpu-usage interval interval-value [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
monitor cpu-usage interval interval-value [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Default
The sampling interval is 1 minute.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
interval-value: Specifies the CPU usage statistics sampling interval. It can take the value of 5Sec, 1Min, or 5Min. Enter a value in its complete form. Otherwise, the system prompts parameter error.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command sets the interval for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command sets the interval for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument must be 0.
Examples
# Configure the interval at which the device samples CPU usage statistics as 5 seconds.
<Sysname> system-view
[Sysname] monitor cpu-usage interval 5Sec
Related commands
· display cpu-usage
· display cpu-usage configuration
· display cpu-usage history
· monitor cpu-usage enable
monitor cpu-usage threshold
Use monitor cpu-usage threshold to set the CPU usage threshold.
Use undo monitor cpu-usage threshold to restore the default.
Syntax
In standalone mode:
monitor cpu-usage threshold cpu-threshold [ slot slot-number [ cpu cpu-number ] ]
undo monitor cpu-usage threshold [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
undo monitor cpu-usage threshold [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Default
The CPU usage threshold is 99%
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
cpu-threshold: Specifies the CPU usage threshold in percentage. The value range is 0 to 100.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command sets the CPU usage threshold for the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device by its slot number and the member ID. If you do not specify this option, the command sets the CPU usage threshold for the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. The cpu-number argument is fixed at 0.
Usage guidelines
The device samples CPU usage at an interval of 1 minute. If the sample is greater than the CPU usage threshold, the device sends a trap.
Examples
# Set the CPU usage threshold to 80%.
<Sysname> system-view
[Sysname] monitor cpu-usage threshold 80
Related commands
· display cpu-usage
· display cpu-usage configuration
· display cpu-usage history
· monitor cpu-usage enable
· monitor cpu-usage interval
password-recovery enable
Use password-recovery enable to enable password recovery capability.
Use undo password-recovery enable to disable password recovery capability.
Syntax
password-recovery enable
undo password-recovery enable
Default
Password recovery capability is enabled.
Views
System view
Predefined user roles
network-admin
mdc-admin
Usage guidelines
Password recovery capability controls console user access to the device configuration and SDRAM from BootWare menus.
If password recovery capability is enabled, a console user can access the device configuration without authentication to configure new passwords.
If password recovery capability is disabled, console users must restore the factory-default configuration before they can configure new passwords. Restoring the factory-default configuration deletes the next-startup configuration files.
To enhance system security, disable password recovery capability.
Availability of BootWare menu options varies with the password recovery capability setting. For more information, see the release notes.
Examples
# Disable password recovery capability.
<Sysname> system-view
[Sysname] undo password-recovery enable
process core
Use process core to enable or disable the system to generate core files for exceptions of a process and set the maximum number of core files.
Syntax
In standalone mode:
process core { maxcore value | off } { job job-id | name process-name } [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
process core { maxcore value | off } { job job-id | name process-name } [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
User view
Default
The system generates a core file for the first exception of a process and does not generate any core files for subsequent exceptions of the process.
Predefined user roles
network-admin
mdc-admin
Parameters
off: Disables core file generation.
maxcore value: Enables core file generation and sets the maximum number of core files. The value range of the value argument is 1 to 10. The default is 1.
name process-name: Specifies a process by its name, a case-insensitive string of 1 to 15 characters.
job job-id: Specifies a process by its job ID. The value range is 1 to 2147483647. The job ID of a process does not change after the process restarts.
slot slot-number: Specifies a card by its slot number. If you do not specify this option, the command is applied to the active MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. If you do not specify a card, this command is applied to the global active MPU. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number.
Usage guidelines
After you enable core file generation for a process, the system generates a core file each time the process crashes until the maximum number of core files is reached. A core file records the exception information.
Core files consume system storage resources. To save storage resources, disable core file generation for processes for which you do not need to review exception information.
This command applies to all instances of a process.
Examples
# Disable core file generation for the process routed.
<Sysname> process core off name routed
# Enable core file generation for the process dbmd and set the maximum number of core files to 5.
<Sysname> process core maxcore 5 name dbmd
Related commands
exception filepath
reboot
Use reboot to reboot a card or the entire system. (In standalone mode.)
Use reboot to reboot an IRF member device or all IRF member devices. (In IRF mode.)
Syntax
In standalone mode:
reboot [ slot slot-number ] [ force ]
In IRF mode:
reboot [ chassis chassis-number [ slot slot-number ] ] [ force ]
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number: Specifies a card by its slot number.
force: Reboots the device immediately without performing any software check. If this keyword is not specified, the system checks, for example, whether the main system software image file exists and whether the hard disk is not being written. If any circumstance might affect data protection, the system does not reboot the device.
Usage guidelines
CAUTION: · Device reboot interrupts network services. · Using the force keyword might cause file system corruption. As a best practice, use this keyword only when the system fails or cannot start up. |
If the main startup software images are corrupted or missing, you must re-specify a set of main startup software images before using the reboot command to reboot the device. Otherwise, the device cannot start up.
For data security, the device does not reboot if you reboot the device while the device is performing file operations.
· In standalone mode:
¡ To reboot a card, specify the slot number.
¡ To reboot the entire device, do not specify the slot number option.
¡ To reboot the active MPU, perform the following tasks:
- Identify whether the standby MPU is installed and operating correctly.
- Use the display system stable state command to display system stability and status information.
If the standby MPU is not installed, the entire device will be rebooted. If the standby MPU is installed and is operating correctly, a switchover will occur.
IMPORTANT: To ensure correct operation of the system and cards, do not trigger a switchover by rebooting the active MPU if the status of a card is not Stable. |
· In IRF mode:
¡ To reboot a card, specify both the IRF member ID and the slot number.
¡ To reboot an IRF member device, specify only the IRF member ID.
¡ To reboot all IRF member devices, do not specify the member ID or slot number option.
¡ To reboot the global active MPU, perform the following tasks:
- Identify whether the IRF fabric has global standby MPUs and whether the global standby MPUs are operating correctly.
- Use the display system stable state command to display system stability and status information.
If the IRF fabric has only one MPU, the IRF fabric will be rebooted. If the IRF fabric has a global standby MPU and the MPU is operating correctly, a switchover will occur.
|
NOTE: To ensure correct operation of the IRF fabric and MPUs, do not trigger a switchover by rebooting the global active MPU if the status of a card is not Stable. |
Examples
# Reboot the device when no configuration change has occurred since the last time you saved the running configuration.
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
This command will reboot the device. Continue? [Y/N]:y
Now rebooting, please wait...
# If any configuration has changed, reboot the device and save the configuration.
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
Current configuration may be lost after the reboot, save current configuration? [Y/N]:y
Please input the file name(*.cfg)[flash:/startup.cfg]
(To leave the existing filename unchanged, press the enter key):
flash:/startup.cfg exists, overwrite? [Y/N]:y
Validating file. Please wait...
Saved the current configuration to mainboard device successfully.
This command will reboot the device. Continue? [Y/N]:y
Now rebooting, please wait...
# If any configuration has changed, reboot the device but do not save the configuration.
<Sysname> reboot
Start to check configuration with next startup configuration file, please wait.........DONE!
Current configuration may be lost after the reboot, save current configuration? [Y/N]:n
This command will reboot the device. Continue? [Y/N]:y
Now rebooting, please wait...
# Reboot the device immediately without performing any software check.
<Sysname> reboot force
A forced reboot might cause the storage medium to be corrupted. Continue? [Y/N]:y
Now rebooting, please wait...
# In standalone mode, reboot the LPU in slot 2.
<Sysname> reboot slot 2
This command will reboot the specified slot, Continue? [Y/N]:y
Now rebooting, please wait...
# In standalone mode, reboot the LPU in slot 2 by force.
<Sysname> reboot slot 2 force
A forced reboot might cause the storage medium to be corrupted. Continue? [Y/N]:y
Now rebooting, please wait...
# In IRF mode, reboot IRF member device 2.
<Sysname> reboot chassis 2
This command will reboot the specified chassis, Continue? [Y/N]:y
Now rebooting, please wait...
# In IRF mode, reboot IRF member device 2 by force.
<Sysname> reboot chassis 2 force
A forced reboot might cause the storage medium to be corrupted. Continue? [Y/N]:y
Now rebooting, please wait...
# In IRF mode, reboot the LPU in slot 2 on IRF member device 2.
<Sysname> reboot chassis 2 slot 2
This command will reboot the specified slot, Continue? [Y/N]:y
Now rebooting, please wait...
# In IRF mode, reboot the LPU in slot 2 on IRF member device 2 by force.
<Sysname> reboot chassis 2 slot 2 force
A forced reboot might cause the storage medium to be corrupted. Continue? [Y/N]:y
Now rebooting, please wait...
display system stable state
reset scheduler logfile
Use reset scheduler logfile to clear job execution log information.
reset scheduler logfile
Default
None
Views
User view
Predefined user roles
network-admin
mdc-admin
Examples
# Clear job execution log information.
<Sysname> reset scheduler logfile
Related commands
display scheduler logfile
reset version-update-record
Use reset version-update-record to clear the startup software image upgrade history records of the active MPU. (In standalone mode.)
Use reset version-update-record to clear the startup software image upgrade history records of the global active MPU. (In IRF mode.)
Syntax
reset version-update-record
Views
System view
Predefined user roles
network-admin
mdc-admin
Examples
# Clear the startup software image upgrade history records.
<Sysname> system-view
[Sysname] reset version-update-record
Related commands
display version-update-record
scheduler job
Use scheduler job to create a job and enter job view. If the job already exists, you enter job view directly.
Use undo scheduler job to delete a job.
Syntax
scheduler job job-name
undo scheduler job job-name
Default
No job exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
job-name: Specifies the job name, a case-sensitive string of 1 to 47 characters.
Usage guidelines
A job can be referenced by multiple schedules. In job view, you can assign commands to the job.
Examples
# Create a job named backupconfig and enter job view.
<Sysname> system-view
[Sysname] scheduler job backupconfig
[Sysname-job-backupconfig]
Related commands
· command
· scheduler schedule
scheduler logfile size
Use scheduler logfile size to set the size of the job execution log file.
Syntax
scheduler logfile size value
Default
The size of the job execution log file is 16 KB.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
value: Sets the size of the job execution log file, in KB. The value range is 16 to 1024.
Usage guidelines
The job execution log file saves the execution information of jobs. If the file is full, old records will be replaced by new records. If the size of the log information to be written to the file is larger than the size of the file, the excessive part is not written to the file.
Examples
# Set the size of the job execution log file to 32 KB.
<Sysname> system-view
[Sysname] scheduler logfile size 32
Related commands
display scheduler logfile
scheduler reboot at
Use scheduler reboot at to specify the reboot date and time.
Use undo scheduler reboot to delete the reboot schedule configuration.
Syntax
scheduler reboot at time [ date ]
undo scheduler reboot
Default
No reboot date or time is specified.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the reboot time in the hh:mm format, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59.
date: Specifies the reboot date in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range for DD depends on the month value.
Usage guidelines
CAUTION: Device reboot interrupts network services. |
When the date argument is not specified:
· If the reboot time is later than the current time, a reboot occurs at the reboot time of the current day.
· If the reboot time is earlier than the current time, a reboot occurs at the reboot time the next day.
For data security, if you are performing file operations at the reboot time, the system does not reboot.
The device supports only one device reboot schedule. If you configure both the schedule reboot delay and schedule reboot delay commands or configure one of the commands multiple times, the most recent configuration takes effect.
Examples
# Configure the device to reboot at 12:00 p.m. This example assumes that the current time is 11:43 a.m. on June 6, 2013.
<Sysname> scheduler reboot at 12:00
Reboot system at 12:00:00 06/06/2013 (in 0 hours and 16 minutes). Confirm? [Y/N]:
Related commands
scheduler reboot delay
scheduler reboot delay
Use scheduler reboot delay to specify the reboot delay time.
Use undo scheduler reboot to delete the reboot schedule configuration.
Syntax
scheduler reboot delay time
undo scheduler reboot
Default
No reboot delay time is specified.
Views
User view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the reboot delay time in the hh:mm or mm format. This argument can contain up to six characters. When in the hh:mm format, mm must be in the range of 0 to 59.
Usage guidelines
CAUTION: Device reboot interrupts network services. |
For data security, if you are performing file operations at the reboot time, the system does not reboot.
The device supports only one device reboot schedule. If you configure both the schedule reboot delay and schedule reboot delay commands or configure one of the commands multiple times, the most recent configuration takes effect.
Examples
# Configure the device to reboot after 88 minutes. This example assumes that the current time is 11:48 a.m. on June 6, 2011.
<Sysname> scheduler reboot delay 88
Reboot system at 13:16 06/06/2011(in 1 hours and 28 minutes). Confirm? [Y/N]:
scheduler schedule
Use scheduler schedule to create a schedule and enter schedule view. If the schedule already exists, you enter schedule view directly.
Use undo scheduler schedule to delete a schedule.
Syntax
scheduler schedule schedule-name
undo scheduler schedule schedule-name
Default
No schedule exists.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
schedule-name: Specifies the schedule name, a case-sensitive string of 1 to 47 characters.
Usage guidelines
You can schedule a job to have the device automatically run a command or a set of commands without administrative interference.
To configure a schedule:
1. Use the scheduler job command to create a job.
2. In job view, use the command command to assign commands to the job.
3. Use the scheduler schedule command to create a schedule.
4. In schedule view, use the job command to assign the job to the schedule. You can assign multiple jobs to a schedule. The jobs must already exist.
5. Use the user-role command to assign user roles to the schedule. You can assign up to 64 user roles to a schedule.
6. In schedule view, use the time at, time once, or time repeating command to specify an execution time for the schedule. You can specify only one execution time per schedule.
Examples
# Create a schedule named saveconfig.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
Related commands
· job
· time at
shutdown-interval
Use shutdown-interval to set the port status detection timer.
Use undo shutdown-interval to restore the default.
Syntax
shutdown-interval time
undo shutdown-interval
Default
The detection interval is 30 seconds.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies a detection timer (in seconds) in the range of 0 to 300. Setting the timer to 0 disables port status detection.
Usage guidelines
The device starts a detection timer when a port is shut down by a protocol. If the port is still down when the detection timer expires, the device automatically brings up the port so the port status reflects the port's actual physical status.
If you change the detection timer to T1 during port detection, the interval from when you change the timer to the time when the protocol module shuts down the port is T. If T<T1, the down port will be recovered after T1-T time. If T>=T1, the down port is recovered immediately. For example, if the detection timer is set to 30 seconds and you change it to 10 seconds (T1=10) two seconds after the port is shut down (T=2), this port will be recovered 8 seconds later. If the detection timer is set to 30 seconds and you change it to 2 seconds ten seconds after the port is shut down, this port is recovered immediately.
Examples
# Set the detection timer to 100 seconds.
<Sysname> system-view
[Sysname] shutdown-interval 100
switch-fabric isolate
Use switch-fabric isolate to isolate a switching fabric module or channel.
Use undo switch-fabric isolate to restore the default.
Syntax
In standalone mode:
switch-fabric isolate slot slot-number [ channel channel-number ]
undo switch-fabric isolate slot slot-number [ channel channel-number ]
In IRF mode:
switch-fabric isolate chassis chassis-number slot slot-number [ channel channel-number ]
undo switch-fabric isolate chassis chassis-number slot slot-number [ channel channel-number ]
Default
A switching fabric module is not isolated from the forwarding plane and forwards traffic.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies a switching fabric module by its slot number.
chassis chassis-number slot slot-number: Specifies a switching fabric module on an IRF member device by its slot number and the member ID.
channel channel-number: Specifies a switching fabric channel. If you do not specify this option, the command isolates the entire switching fabric module.
Usage guidelines
You can isolate a switching fabric module or a channel from the forwarding plane. An isolated switching fabric module or channel does not receive any traffic.
Isolating the only switching fabric module of the switch disables the forwarding feature. If the switch has multiple switching fabric modules, isolating a switching fabric module decreases the forwarding bandwidth and reduces the forwarding performance. To minimize impact on forwarding performance, isolate only the failed channels.
Isolating a switching fabric module or channel does not affect operations on the control panel, such as protocol packet resolution and protocol calculation. The switching fabric module or channel can forward traffic immediately after you cancel the isolation.
Examples
# In standalone mode, isolate the switching fabric module in slot 10.
<Sysname> system-view
[Sysname] switch-fabric isolate slot 10
The command will isolate the switch fabric or a channel from the system. Continue? [Y/N]
# In IRF mode, isolate channel 1 on the switching fabric module in slot 10 of member device 1.
<Sysname> system-view
[Sysname] switch-fabric isolate chassis 1 slot 10 channel 1
The command will isolate the switch fabric or a channel from the system. Continue? [Y/N]
sysname
Use sysname to set the device name.
Use undo sysname to restore the default.
Syntax
sysname sysname
undo sysname
Default
The default name is H3C.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
sysname: Specifies a name for the device, a string of 1 to 64 characters.
Usage guidelines
A device name identifies a device in a network and is used as the user view prompt at the CLI. For example, if the device name is Sysname, the user view prompt is <Sysname>.
Examples
# Set the name of the device to R2000.
<Sysname> system-view
[Sysname] sysname R2000
[R2000]
system-working-mode
Use system-working-mode to set the system operating mode.
Use undo system-working-mode to restore the default.
Syntax
system-working-mode { advance | bridgee | standard }
undo system-working-mode
Default
The device operates in standard mode.
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
advance: Sets the system operating mode to advanced.
bridgee: Sets the system operating mode to enhanced Layer 2. This keyword is available in Release 1138P01 and later versions.
standard: Sets the system operating mode to standard.
Usage guidelines
CAUTION: Perform this command with caution. Changing the system operating mode might cause configuration loss. |
In different operating modes, the device supports different features. For example:
· The device supports EVI and FCoE only when it operates in advanced mode. For more information about EVI, see EVI Configuration Guide. For more information about FCoE, see FCoE Configuration Guide.
· The device supports SPBM only when it operates in enhanced Layer 2 mode. For more information about SPBM, see SPB Configuration Guide.
· The device supports VXLAN only when it operates in standard mode. For more information about VXLAN, see VXLAN Configuration Guide.
For an operating mode change to take effect, you must perform the following tasks:
· Save the running configuration to the next-startup configuration file.
· Delete the.mdb file for the next-startup configuration file.
· Reboot the device.
Examples
# Set the system operating mode to advanced.
<Sysname> system-view
[Sysname] system-working-mode advance
Do you want to change the system working mode? [Y/N]:y
The system working mode is changed, please save the configuration and reboot the system to make it effective.
temperature-limit
Use temperature-limit to set the temperature alarm thresholds for the device.
Use undo temperature-limit to restore the default.
Syntax
In standalone mode:
temperature-limit slot slot-number { hotspot | inflow } sensor-number lowlimit warninglimit [ alarmlimit ]
undo temperature-limit slot slot-number { hotspot | inflow } sensor-number
In IRF mode:
temperature-limit chassis chassis-number { slot slot-number } { hotspot | inflow } sensor-number lowlimit warninglimit [ alarmlimit ]
undo temperature-limit chassis chassis-number { slot slot-number } { hotspot | inflow } sensor-number
Default
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
chassis chassis-number: Specifies an IRF member device by its member ID. (In IRF mode.)
slot slot-number: Specifies a card by its slot number.
hotspot: Configures temperature alarm thresholds for hotspot sensors. A hotspot sensor is typically near the chip that generates a great amount of heat and used to monitor the chip.
inflow: Configures temperature alarm thresholds for inlet sensors. An inlet sensor is near the air inlet and is used to monitor the ambient temperature.
sensor-number: Specifies a sensor by its number, an integer starting from 1. Each number represents a temperature sensor on the device or card.
lowlimit: Specifies the low-temperature threshold in Celsius degrees.
warninglimit: Specifies the high-temperature warning threshold in Celsius degrees. This threshold must be greater than the low-temperature threshold.
alarmlimit: Specifies the high-temperature alarming threshold in Celsius degrees. This threshold must be greater than the high-temperature warning threshold.
Usage guidelines
Different cards support different types of temperature sensors. To view supported temperature sensor types, use the display environment command.
The sensor number value ranges and threshold value ranges vary by card model. Use the CLI online help system to view the value ranges.
When the device temperature drops below the low-temperature threshold or reaches the high-temperature warning threshold, the device sends a log message and a trap.
When the device temperature reaches the high-temperature alarming threshold, the device sends log messages and traps repeatedly, and sets LEDs on the device panel.
When the temperature of an LPU or switching fabric module reaches the high-temperature shutdown threshold, the device sends a log message and shuts down the LPU.
The shutdown temperature thresholds are not configurable.
Examples
# In standalone mode, set the low-temperature threshold for hotspot sensor 1 on the card in slot 1 to –10°C (14°F), the warning threshold to 70°C (158°F), and the alarming threshold to 90°C (194°F).
<Sysname> system-view
[sysname] temperature-limit slot 1 hotspot 1 -10 70 90
# In IRF mode, set the low-temperature threshold for hotspot sensor 1 on the card in slot 1 on IRF member device 1 to –10°C (14°F), the warning threshold to 70°C (158°F), and the alarming threshold to 90°C (194°F).
<Sysname> system-view
[sysname] temperature-limit chassis 1 slot 1 hotspot 1 -10 70 90
time at
Use time at to specify an execution date and time for a non-periodic schedule.
Use undo time to delete the execution date and time configuration for a non-periodic schedule.
Syntax
time at time date
undo time
Default
No execution time or date is specified for a non-periodic schedule.
Views
Schedule view
Predefined user roles
network-admin
mdc-admin
Parameters
time: Specifies the schedule execution time in the hh:mm format, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59.
date: Specifies the schedule execution date in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range for DD depends on the month value.
Usage guidelines
The specified time (date plus time) must be later than the current system time.
The time at command, the time once command, and the time repeating command overwrite one another. The most recently configured command takes effect.
Examples
# Configure the device to execute schedule saveconfig at 01:01 a.m. on May 11, 2011.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time at 1:1 2011/05/11
Related commands
scheduler schedule
time once
Use time once to specify one or more execution days and the execution time for a non-periodic schedule.
Use undo time to delete the execution day and time configuration for a non-periodic schedule.
Syntax
time once at time [ month-date month-day | week-day week-day&<1-7> ]
time once delay time
undo time
Default
No execution time or day is specified for a non-periodic schedule.
Views
Schedule view
Predefined user roles
network-admin
mdc-admin
Parameters
at time: Specifies the execution time in the hh:mm format, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59.
month-date month-day: Specifies a day in the current month, in the range of 1 to 31. If you specify a day that does not exist in the current month, the configuration takes effect on that day in the next month.
week-day week-day&<1-7>: Specifies one or more week days for the schedule. Valid values include Mon, Tue, Wed, Thu, Fri, Sat, and Sun. <1-7> means that you can specify 1 to 7 week days. To specify multiple week days, separate the values with spaces.
delay time: Specifies the delay time for executing the schedule, in the hh:mm or mm format. This argument can contain up to six characters. When in the hh:mm format, mm must be in the range of 0 to 59.
Usage guidelines
After you specify an execution day and time for a schedule, the schedule will be executed once at the specified time point or each specified time point. If the specified time, the specified day in the month, or the specified day in a week is already past, the schedule will be executed at the specified time next day, the specified day in the next month, or the specified day in the next week.
The time at command, the time once command, and the time repeating command overwrite one another, whichever is configured most recently takes effect.
Examples
# Configure the device to execute schedule saveconfig once at 15:00.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time once at 15:00
Schedule starts at 15:00 5/11/2011.
# Configure the device to execute schedule saveconfig once at 15:00 on the coming 15th day in a month.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time once at 15:00 month-date 15
# Configure the device to execute schedule saveconfig at 12:00 p.m. on the coming Monday and Friday.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time once at 12:00 week-day mon fri
# Configure the device to execute schedule saveconfig after 10 minutes.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time once delay 10
Related commands
scheduler schedule
time repeating
Use time repeating to specify an execution time table for a periodic schedule.
Use undo time to delete the execution time table configuration for a periodic schedule.
Syntax
time repeating [ at time [ date ] ] interval interval-time
time repeating at time [ month-date [ month-day | last ] | week-day week-day&<1-7> ]
undo time
Default
No execution time table is specified for a periodic schedule.
Views
Schedule view
Predefined user roles
network-admin
mdc-admin
Parameters
at time: Specifies the execution time in the hh:mm format, where hh is in the range of 0 to 23, and mm is in the range of 0 to 59. If you do not specify this option, the current system time is used as the execution time.
date: Specifies the start date for the periodic schedule, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value is in the range of 2000 to 2035, the MM value is in the range of 1 to 12, and the value range for DD depends on the month value. If you do not specify this argument, the execution start date is the first day when the specified time arrives.
interval interval-time: Specifies the execution time interval in the hh:mm or mm format. This argument can contain up to six characters. When in the hh:mm format, mm must be in the range of 0 to 59. When in the mm format, this argument must be a minimum of 1 minute.
month-date [ month-day | last ]: Specifies a day in a month, in the range 1 to 31. The last keyword indicates the last day of a month. If you specify a day that does not exist in a month, the configuration takes effect on that day in the next month.
week-day week-day&<1-7>: Specifies one or more week days. Valid values include Mon, Tue, Wed, Thu, Fri, Sat, and Sun. <1-7> means that you can specify 1 to 7 week days. To specify multiple week days, separate the values with spaces.
Usage guidelines
The time repeating [ at time [ date ] ] interval interval-time command configures the device to execute a schedule at an interval from the specified time on.
The time repeating at time [ month-date [ month-day | last ] | week-day week-day&<1-7> ] command configures the device to execute a schedule at the specified time on every specified day in a month or week.
The time at command, the time once command, and the time repeating command overwrite one another, whichever is configured most recently takes effect.
Examples
# Configure the device to execute schedule saveconfig once an hour from 8:00 a.m. on.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time repeating at 8:00 interval 60
# Configure the device to execute schedule saveconfig at 12:00 p.m. every day.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time repeating at 12:00
# Configure the device to execute schedule saveconfig at 8:00 a.m. on the 5th of every month.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time repeating at 8:00 month-date 5
# Configure the device to execute schedule saveconfig at 8:00 a.m. on the last day of every month.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time repeating at 8:00 month-date last
# Configure the device to execute schedule saveconfig at 8:00 a.m. every Friday and Saturday.
<Sysname> system-view
[Sysname] scheduler schedule saveconfig
[Sysname-schedule-saveconfig] time repeating at 8:00 week-day fri sat
Related commands
scheduler schedule
user-role
Use user-role to assign user roles to a schedule.
Use undo user-role to remove user roles from a schedule.
Syntax
user-role role-name
undo user-role role-name
Default
A schedule has the user roles of the schedule creator.
Views
Schedule view
Predefined user roles
network-admin
mdc-admin
Parameters
role-name: Specifies a user role name, a case-sensitive string of 1 to 63 characters. The user role can be user-defined or predefined. Predefined user roles include network-admin, network-operator, mdc-admin, mdc-operator, level-0 to level-15, and security-audit).
By assigning user roles to and removing user roles from a schedule, you can control the commands to be executed in the schedule.
A schedule must have a minimum of one user role, and can have up to 64 user roles. A command in a schedule can be executed if it is permitted by one or more user roles of the schedule.
You must have the network-admin user role to assign user roles to or remove user roles from a schedule. You can assign only user roles lower than your own user role.
For more information about user roles, see the RBAC configuration in Fundamentals Configuration Guide.
Examples
# Assign user role rolename to schedule test.
<Sysname> system-view
[Sysname] scheduler schedule test
[Sysname-schedule-test] user-role rolename
[Sysname-schedule-test] display this
#
scheduler schedule test
user-role network-admin
user-role network-operator
user-role rolename
#
return
Related commands
MDC commands
The MDC feature is available in Release 1138P01 and later versions.
MDC requires a license to run on the device. If no license is installed or the license expires, you cannot create, start, or use non-default MDCs. For more information about licenses, see Fundamentals Configuration Guide.
MDC commands for the default MDC
This section describes the MDC commands that you can use after logging in to the default MDC (the physical device).
Unless otherwise stated, the term "MDC" in this section refers to a non-default MDC.
allocate interface
Use allocate interface to assign a physical interface to an MDC.
Use undo allocate interface to reclaim a physical interface assigned to an MDC.
Syntax
allocate interface interface-list
undo allocate interface interface-list
Default
All physical interfaces on the device belong to the default MDC. A non-default MDC cannot use any physical interfaces.
Views
MDC view
Predefined user roles
network-admin
mdc-admin
Parameters
interface-list: Specifies a space-separated list of up to 24 interface items. Each item specifies an interface by its type and number, or a range of interfaces in the form of interface-type start-interface-number to interface-type end-interface-number. The two interface-type arguments must have the same value. All interfaces in the range must be on the same LPU.
Usage guidelines
You can assign multiple physical interfaces to a non-default MDC. A physical interface must meet the following requirements to be assigned to a non-default MDC:
· The interface is not the console port. The console port belongs to the default MDC. You cannot assign a console port to a non-default MDC.
· The interface is not the management Ethernet interface. The physical management Ethernet interface of the device belongs to the default MDC and cannot be assigned to a non-default MDC. When a non-default MDC is created, the system automatically creates virtual management Ethernet interfaces for the MDC, one virtual management Ethernet interface for each physical management Ethernet interface. Each virtual management Ethernet interface uses the same interface number, physical port, and link as the corresponding physical management Ethernet interface. You can assign IP addresses to the virtual management Ethernet interfaces for MDCs so MDC administrators can access and manage their respective MDCs. The IP addresses for virtual management Ethernet interfaces do not need to belong to the same network segment.
· The interface belongs to the default MDC. To assign a physical interface that belongs to one non-default MDC to another non-default MDC, you must remove the existing assignment by using the undo allocate interface command.
· The LPU where the interface resides is not assigned to any MDC.
When you assign physical interfaces and LPUs to MDCs, follow these guidelines:
· For an MDC to use a physical interface, you must perform the following tasks:
a. Assign the physical interface to the MDC.
b. Authorize the MDC to use the LPU where the physical interface resides.
· Interfaces on LPUs are grouped. The interfaces in a group must be assigned to or removed from the same MDC at the same time. Different groups of interfaces on an LPU can be assigned to different MDCs. Table 44 shows the interface grouping information.
Table 44 Interface grouping on LPUs
LPU type |
Interface grouping |
FC and FX cards |
Interfaces are grouped by interface number in ascending order, starting from 1. · 1G SFP, 10G SFP+, 10/100/1000Base-T, and 10GBase-T card—Each group has 24 interfaces. · 40G QSFP+ card—Each group has six interfaces. · 100G CXP and 100G CFP2 card—Each group has two interfaces. |
FD and FE cards |
Each card has one interface group. All interfaces on the card belong to the group. |
· A physical interface can be assigned to only one MDC.
· Assigning or reclaiming a physical interface restores the settings of the interface to the defaults. If the MDC administrator configures the interface during the assigning or reclaiming operation, settings made before the operation is completed are lost.
· To configure parameters for a physical interface that has been assigned to an MDC, you must log in to the MDC.
· To use the shutdown command to shut down the management Ethernet interface, you must be on the default MDC.
When you assign physical interfaces and LPUs to MDCs on an IRF fabric, also follow these guidelines:
· To remove an LPU that holds the IRF physical interface of a non-default MDC, first complete the following tasks:
a. Remove the IRF physical interface configuration for the LPU.
b. Use the save command to save the running configuration.
· IRF links can belong to the default MDC or non-default MDCs. As a best practice for link availability, establish a minimum of two IRF links by using different LPUs. An IRF link can belong to one or more MDCs. The two IRF physical interfaces of an IRF link can belong to the same MDC or different MDCs.
· To assign an IRF physical interface to an MDC or reclaim an IRF physical interface from an MDC, complete the following tasks:
c. Use the shutdown command to shut down the interface.
d. Use the undo port group interface command to remove the binding of the physical interface to the IRF port. For more information about the undo port group interface command, see Virtual Technologies Command Reference.
e. Assign or reclaim the IRF physical interface.
f. Use the save command to save the running configuration.
· Assigning an IRF physical interface to or reclaiming an IRF physical interface from an MDC causes the following problems:
¡ The IRF configuration on the interface is lost.
¡ The IRF link is closed.
To avoid IRF fabric split, make sure each member device always has a minimum of one IRF link in up state.
Examples
# Assign interfaces Ten-GigabitEthernet 6/0/1 through Ten-GigabitEthernet 6/0/24 to MDC sub1.
<Sysname> system-view
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] allocate interface ten-gigabitethernet 6/0/1 to ten-gigabitethernet 6/0/24
Configuration of the interfaces will be lost. Continue? [Y/N]:y
Execute the location slot command in this view to make the configuration take effect.
display mdc
Use display mdc to display MDCs and their status.
Syntax
display mdc [ name mdc-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name mdc-name: Specifies an MDC by its name, a case-sensitive string of 1 to 15 characters. If you do not specify this option, the command displays all MDCs.
Examples
# Display all MDCs.
<Sysname> display mdc
ID Name Status
1 Admin active
2 sub1 inactive
Field |
Description |
Status |
Status of the MDC: · inactive—The MDC is stopped or not started yet. · starting—The device is executing the mdc start command to start the MDC. · active—The MDC is operating correctly. · updating—The device is executing the location command to authorize the MDC to use an LPU. · stopping—The device is executing the undo mdc start command to stop the MDC. |
Related commands
mdc
display mdc interface
Use display mdc interface to display the interfaces of MDCs.
Syntax
display mdc [ name mdc-name ] interface
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name mdc-name: Specifies an MDC by its name, a case-sensitive string of 1 to 15 characters. If you do not specify this option, the command displays the interfaces of all MDCs.
Examples
# Display the interfaces of all MDCs.
<Sysname> display mdc interface
MDC Admin's interface(s):
M-GigabitEthernet0/0/0
MDC MDCA's interface(s):
M-GigabitEthernet0/0/0 Ten-GigabitEthernet6/0/1
Ten-GigabitEthernet6/0/2 Ten-GigabitEthernet6/0/3
Ten-GigabitEthernet6/0/4 Ten-GigabitEthernet6/0/5
Ten-GigabitEthernet6/0/6 Ten-GigabitEthernet6/0/7
Ten-GigabitEthernet6/0/8 Ten-GigabitEthernet6/0/9
Ten-GigabitEthernet6/0/10 Ten-GigabitEthernet6/0/11
Ten-GigabitEthernet6/0/12 Ten-GigabitEthernet6/0/13
Ten-GigabitEthernet6/0/14 Ten-GigabitEthernet6/0/15
Ten-GigabitEthernet6/0/16 Ten-GigabitEthernet6/0/17
Ten-GigabitEthernet6/0/18 Ten-GigabitEthernet6/0/19
Ten-GigabitEthernet6/0/20 Ten-GigabitEthernet6/0/21
Ten-GigabitEthernet6/0/22 Ten-GigabitEthernet6/0/23
Ten-GigabitEthernet6/0/24
MDC MDCB's interface(s):
M-GigabitEthernet0/0/0 Ten-GigabitEthernet6/0/25
Ten-GigabitEthernet6/0/26 Ten-GigabitEthernet6/0/27
Ten-GigabitEthernet6/0/28 Ten-GigabitEthernet6/0/29
Ten-GigabitEthernet6/0/30 Ten-GigabitEthernet6/0/31
Ten-GigabitEthernet6/0/32 Ten-GigabitEthernet6/0/33
Ten-GigabitEthernet6/0/34 Ten-GigabitEthernet6/0/35
Ten-GigabitEthernet6/0/36 Ten-GigabitEthernet6/0/37
Ten-GigabitEthernet6/0/38 Ten-GigabitEthernet6/0/39
Ten-GigabitEthernet6/0/40 Ten-GigabitEthernet6/0/41
Ten-GigabitEthernet6/0/42 Ten-GigabitEthernet6/0/43
Ten-GigabitEthernet6/0/44 Ten-GigabitEthernet6/0/45
Ten-GigabitEthernet6/0/46 Ten-GigabitEthernet6/0/47
Ten-GigabitEthernet6/0/48
Related commands
allocate interface
display mdc resource
Use display mdc resource to display the CPU and memory usage of MDCs.
Syntax
In standalone mode:
display mdc [ name mdc-name ] resource [ cpu | memory ] [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display mdc [ name mdc-name ] resource [ cpu | memory ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
name mdc-name: Specifies an MDC by its name, a case-sensitive string of 1 to 15 characters. If you do not specify this option, the command displays the usage of all MDCs.
cpu: Displays the CPU usage.
memory: Displays the memory space usage.
slot slot-number: Specifies a card. If you do not specify this option, the command displays the usage on all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. If you do not specify this option, the command displays the usage on all cards in the IRF fabric. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. If you do not specify this option, the command displays the usage on CPU 0.
Examples
# In standalone mode, display the CPU and memory usage of all MDCs on all cards.
<Sysname> display mdc resource
Memory usage:
Slot 6 CPU 0:
Used 26.1MB, Free 3301.2MB, Total 3327.3MB
ID Name Quota(MB) Used(MB) Available(MB)
1 Admin 3327.3 19.6 3301.2
2 MDCA 3327.3 6.5 3301.2
Slot 16 CPU 0:
Used 438.2MB, Free 3496.2MB, Total 3934.5MB
ID Name Quota(MB) Used(MB) Available(MB)
1 Admin 3934.5 346.6 3496.2
2 MDCA 3934.5 46.4 3496.2
3 MDCB 3934.5 45.2 3496.2
CPU usage:
Slot 6 CPU 0:
ID Name Weight Usage(%)
1 Admin 10 0
2 MDCA 10 0
Slot 16 CPU 0:
ID Name Weight Usage(%)
1 Admin 10 0
2 MDCA 10 0
3 MDCB 10 0
# In IRF mode, display the CPU and memory space usage of all MDCs on all cards in the IRF fabric.
<Sysname> display mdc resource
Memory usage:
Chassis 1 slot 6 CPU 0:
Used 32.5MB, Free 3294.8MB, Total 3327.3MB
ID Name Quota(MB) Used(MB) Available(MB)
1 Admin 3327.3 19.6 3294.8
2 MDCA 3327.3 6.5 3294.8
3 MDCB 3327.3 6.5 3294.8
Chassis 1 slot 16 CPU 0:
Used 433.6MB, Free 3500.8MB, Total 3934.5MB
ID Name Quota(MB) Used(MB) Available(MB)
1 Admin 3934.5 341.6 3500.8
2 MDCA 3934.5 45.3 3500.8
3 MDCB 3934.5 46.7 3500.8
CPU usage:
Chassis 1 slot 6 CPU 0:
ID Name Weight Usage(%)
1 Admin 10 5
2 MDCA 10 0
3 MDCB 10 0
Chassis 1 slot 16 CPU 0:
ID Name Weight Usage(%)
1 Admin 10 3
2 MDCA 10 0
3 MDCB 10 0
Field |
Description |
Slot x CPU y |
Usage on the specified CPU of the specified card. (In standalone mode.) |
Chassis x Slot y CPU z |
Usage on the specified CPU of the specified card in the specified IRF member device. (In IRF mode.) |
Weight |
CPU weight. |
Quota (MB) |
Maximum amount of memory space for the MDC, in MB. |
Available(MB) |
Available amount of memory space for the MDC, in MB. |
limit-resource cpu
Use limit-resource cpu to specify a CPU weight for an MDC.
Use undo limit-resource cpu to restore the default.
Syntax
limit-resource cpu weight weight-value
undo limit-resource cpu
Default
Each MDC has a CPU weight of 10.
Views
MDC view
Predefined user roles
network-admin
mdc-admin
Parameters
weight weight-value: Specifies a CPU weight value in the range of 1 to 10.
Usage guidelines
The CPU weight setting for an MDC applies to all MPUs and all LPUs that the MDC is authorized to use.
All MDCs share the CPU resources on the MPUs in the system. All MDCs that are authorized to use the same LPU share and compete for the CPU resources on the LPU.
The amount of CPU resources an MDC can use depends on the percentage of its CPU weight among the CPU weights of all MDCs that share the same CPU. For example, if three MDCs share the same CPU, setting their weights to 10, 10, and 5 is equivalent to setting their weights to 2, 2, and 1.
· The two MDCs with the same weight can use the CPU for approximately the same period of time.
· The third MDC can use the CPU for about half of the time for each of the other two MDCs.
You can use this command to change the CPU weight for a non-default MDC. The CPU weight for the default MDC cannot be changed.
Examples
# Set the CPU weight of MDC sub1 to 2.
<Sysname> system-view
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] limit-resource cpu weight 2
limit-resource memory
Use limit-resource memory to specify an MPU memory space percentage for an MDC.
Use undo limit-resource memory to restore the default.
Syntax
In standalone mode:
limit-resource memory slot slot-number [ cpu cpu-number ] ratio limit-ratio
undo limit-resource memory slot slot-number [ cpu cpu-number ]
In IRF mode:
limit-resource memory chassis chassis-number slot slot-number [ cpu cpu-number ] ratio limit-ratio
undo limit-resource memory chassis chassis-number slot slot-number [ cpu cpu-number ]
Default
All MDCs share the memory space of the MPUs in the system, and an MDC can use all the free memory space.
Views
MDC view
Predefined user roles
network-admin
Parameters
slot slot-number: Specifies an MPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies an MPU on an IRF member device. (In IRF mode.)
ratio limit-ratio: Specifies the ratio of the memory space that an MDC can use on the specified MPU to the total memory space of the MPU. The value range is 1 to 100.
cpu cpu-number: Specifies a CPU by its number. If you do not specify this option, the command specifies a memory space percentage for CPU 0.
Usage guidelines
This command sets the maximum amount of memory space that an MDC can use. Make sure this amount is sufficient for the MDC to operate correctly.
Examples
# In standalone mode, allow MDC sub1 to use up to 30 percent of the memory space on the MPU in slot 16.
<Sysname> system-view
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] limit-resource memory slot 16 ratio 30
# In IRF mode, allow MDC sub1 to use up to 30 percent of the memory space on the MPU in slot 16 on IRF member device 2.
<Sysname> system-view
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] limit-resource memory chassis 2 slot 16 ratio 30
location
Use location to authorize an MDC to use an LPU.
Use undo location to reclaim the authorization.
Syntax
In standalone mode:
location slot slot-number
undo location slot slot-number
In IRF mode:
location chassis chassis-number slot slot-number
undo location chassis chassis-number slot slot-number
Default
All LPUs of the device belong to the default MDC. A non-default MDC cannot use any LPUs.
Views
MDC view
Predefined user roles
network-admin
mdc-admin
Parameters
slot slot-number: Specifies an LPU. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies an LPU on an IRF member device. (In IRF mode.)
Usage guidelines
You can authorize multiple MDCs to use the same LPU.
After you configure this command for an LPU, performing the following operations removes all authorization configurations for the LPU:
· Remove the LPU.
· Save the running configuration.
· Reboot the device.
If you want to retain the LPU authorization configurations, reconfigure LPU authorization.
Examples
# In standalone mode, authorize the MDC sub1 to use the LPU in slot 3.
<Sysname> system-view
[Sysname] mdc Admin
[Sysname-mdc-1-Admin] undo location slot 3
The configuration associated with the specified slot of MDC will be lost. Continue? [Y/N]:y
[Sysname-mdc-1-Admin] quit
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] location slot 3
# In IRF mode, authorize the MDC sub1 to use the LPU in slot 3 on IRF member device 2.
<Sysname> system-view
[Sysname] mdc Admin
[Sysname-mdc-1-Admin] undo location chassis 2 slot 3
The configuration associated with the specified slot of MDC will be lost. Continue? [Y/N]:y
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] location chassis 2 slot 3
switchto mdc
Use switchto mdc to log in to a non-default MDC from the system view of the default MDC and enter MDC user view.
Syntax
switchto mdc mdc-name
Views
System view
Predefined user roles
network-admin
network-operator
Parameters
mdc-name: Specifies the MDC name, a case-sensitive string of 1 to 15 characters. The MDC must have already been started.
Usage guidelines
You use this command to log in only to an MDC that is in active state.
Examples
# Log in to MDC sub1 from the system view of the default MDC.
<Sysname> system-view
[Sysname] switchto mdc sub1
******************************************************************************
* Copyright (c) 2004-2015 Hangzhou H3C Tech. Co., Ltd. All rights reserved. *
* Without the owner's prior written consent, *
* no decompiling or reverse-engineering shall be allowed. *
******************************************************************************
Automatic configuration is running, press CTRL_D to break or press CTRL_B to
switch back to the default MDC.
<Sysname>
<Sysname> display mdc
ID Name Status
2 sub1 active
Related commands
switchback
mdc
Use mdc to create an MDC and enter MDC view. If the MDC already exists, you enter the MDC view directly.
Use undo mdc to delete an MDC.
Syntax
mdc mdc-name [ id mdc-id ]
undo mdc mdc-name
Default
There is a default MDC with the name Admin and the ID 1.
Views
System view
Predefined user roles
network-admin
Parameters
mdc-name: Specifies the MDC name, a case-sensitive string of 1 to 15 characters.
id mdc-id: Specifies the MDC ID in the range of 1 to 9. If you do not specify this option, the system assigns the lowest ID number among the available IDs to the MDC.
Usage guidelines
The default MDC is system predefined. You cannot delete it.
You can create up to eight MDCs.
To enter the view of an existing MDC, you can specify the MDC name, or specify both the MDC name and the MDC ID. If you specify both the MDC name and the MDC ID, make sure the two arguments identify the same MDC.
Delete an MDC with caution. Deleting an MDC removes all configurations and hard disk files of the MDC, and the configurations and files cannot be restored.
Examples
# Create an MDC named sub1.
<Sysname> system-view
[Sysname] mdc sub1
It will take some time to create MDC...
MDC created successfully.
Related commands
display mdc
mdc start
Use mdc start to start an MDC.
Use undo mdc start to stop an MDC.
Syntax
mdc start
undo mdc start
Views
MDC view
Predefined user roles
network-admin
Usage guidelines
After an MDC is started, administrators of the MDC can log in to the MDC for MDC configuration and maintenance.
Stop an MDC with caution. Stopping an MDC interrupts all services on the MDC and logs out all login users on the MDC.
To avoid configuration loss, save the running configuration of an MDC before stopping the MDC.
Examples
# Start MDC sub1.
<Sysname> system-view
[Sysname] mdc sub1
[Sysname-mdc-2-sub1] mdc start
It will take some time to start MDC...
MDC started successfully.
MDC commands for non-default MDCs
This section describes the MDC commands that you can use after logging in to a non-default MDC.
display mdc
Use display mdc to display the ID, name, and status of the current MDC.
Syntax
display mdc
Views
Any view
Predefined user roles
mdc-admin
mdc-operator
Examples
# Display the ID, name, and status of the current MDC.
<sub1> display mdc
ID Name Status
2 sub1 active
For information about the command output, see Table 45.
display mdc interface
Use display mdc interface to display the interfaces of the current MDC.
Syntax
display mdc interface
Views
Any view
Predefined user roles
mdc-admin
mdc-operator
Examples
# Display the interfaces of the current MDC.
<sub1> display mdc interface
MDC MDCA's interface(s):
M-GigabitEthernet0/0/0 Ten-GigabitEthernet6/0/1
Ten-GigabitEthernet6/0/2 Ten-GigabitEthernet6/0/3
Ten-GigabitEthernet6/0/4 Ten-GigabitEthernet6/0/5
Ten-GigabitEthernet6/0/6 Ten-GigabitEthernet6/0/7
Ten-GigabitEthernet6/0/8 Ten-GigabitEthernet6/0/9
Ten-GigabitEthernet6/0/10 Ten-GigabitEthernet6/0/11
Ten-GigabitEthernet6/0/12 Ten-GigabitEthernet6/0/13
Ten-GigabitEthernet6/0/14 Ten-GigabitEthernet6/0/15
Ten-GigabitEthernet6/0/16 Ten-GigabitEthernet6/0/17
Ten-GigabitEthernet6/0/18 Ten-GigabitEthernet6/0/19
Ten-GigabitEthernet6/0/20 Ten-GigabitEthernet6/0/21
Ten-GigabitEthernet6/0/22 Ten-GigabitEthernet6/0/23
Ten-GigabitEthernet6/0/24
display mdc resource
Use display mdc resource to display the CPU and memory usage of the current MDC.
Syntax
In standalone mode:
display mdc resource [ cpu | memory ] [ slot slot-number [ cpu cpu-number ] ]
In IRF mode:
display mdc resource [ cpu | memory ] [ chassis chassis-number slot slot-number [ cpu cpu-number ] ]
Views
Any view
Predefined user roles
mdc-admin
mdc-operator
Parameters
cpu: Displays the CPU usage.
memory: Displays the memory space usage.
slot slot-number: Specifies a card. If you do not specify this option, the command displays the usage on all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. If you do not specify this option, the command displays the usage on all cards in the IRF fabric. (In IRF mode.)
cpu cpu-number: Specifies a CPU by its number. If you do not specify this option, the command displays the usage on CPU 0.
Examples
# In standalone mode, display the CPU and memory space usage of the MDC on all cards.
<sub1> display mdc resource
Memory usage:
Slot 6 CPU 0:
Used 26.1MB, Free 3301.2MB, Total 3327.3MB
ID Name Quota(MB) Used(MB) Available(MB)
2 MDCA 3327.3 6.5 3301.2
Slot 16 CPU 0:
Used 439.9MB, Free 3494.5MB, Total 3934.5MB
ID Name Quota(MB) Used(MB) Available(MB)
2 MDCA 3934.5 48.1 3494.5
CPU usage:
Slot 6 CPU 0:
ID Name Weight Usage(%)
2 MDCA 10 0
Slot 16 CPU 0:
ID Name Weight Usage(%)
2 MDCA 10 0
# In IRF mode, display the CPU and memory space usage of the MDC on all cards in the IRF fabric.
<sub1> display mdc resource
Memory usage:
Chassis 1 slot 6 CPU 0:
Used 32.5MB, Free 3294.8MB, Total 3327.3MB
ID Name Quota(MB) Used(MB) Available(MB)
2 MDCA 3327.3 6.5 3294.8
Chassis 1 slot 16 CPU 0:
Used 435.3MB, Free 3499.1MB, Total 3934.5MB
ID Name Quota(MB) Used(MB) Available(MB)
2 MDCA 3934.5 47.0 3499.1
CPU usage:
Chassis 1 slot 6 CPU 0:
ID Name Weight Usage(%)
2 MDCA 10 0
Chassis 1 slot 16 CPU 0:
ID Name Weight Usage(%)
2 MDCA 10 0
For information about the command output, see Table 46.
switchback
Use switchback to return from a non-default MDC to the default MDC. This command will bring you from the user view of the non-default MDC to the system view of the default MDC.
Syntax
switchback
Views
User view
Predefined user roles
mdc-admin
mdc-operator
Usage guidelines
You can use this command to return to the default MDC only after you use the switchto command to log in to a non-default MDC. If you log in to a non-default MDC by using any other method (such as Telnet), you cannot use this command to access the default MDC.
Examples
# Return from the current MDC to the default MDC.
<sub1> switchback
[Sysname]
Related commands
switchto mdc
Python commands
exit()
Use exit() to exit the Python shell.
Syntax
exit()
Views
Python shell
Predefined user roles
network-admin
mdc-admin
Usage guidelines
To return to user view from the Python shell, you must use this command. You cannot use the quit command for the purpose.
Examples
# Exit the Python shell.
Python 2.7.3 (default, Apr 10 2014, 16:30:23)
[GCC 4.4.1] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
>>> exit()
<Sysname>
python
Use python to enter the Python shell.
Syntax
Views
User view
Predefined user roles
mdc-admin
Usage guidelines
In the Python shell, you can use the following items:
· Python 2.7 commands.
· Python 2.7 standard API.
· Comware V7 extended API.
Examples
Python 2.7.3 (default, Sep 22 2014, 17:10:05)
[GCC 4.4.1] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>>
python filename
Use python filename to execute a Python script.
Syntax
python filename [ param ]
Views
User view
Predefined user roles
mdc-admin
Parameters
Usage guidelines
You cannot perform any operation while a Python script is being executed by your command.
Make sure the statements in the script meet the syntax requirements. The system stops executing a Python script if it finds a statement with syntax errors.
Examples
# Execute Python script test.py.
['/flash:/test.py', '1', '2']
License management commands
All commands in this chapter are supported only on the default MDC. Features licensed to the default MDC are also licensed to non-default MDCs. For information about MDCs, see Fundamentals Configuration Guide.
display license
Use display license to display detailed license information.
Syntax
In standalone mode:
display license [ activation-file ]
In IRF mode:
display license [ activation-file ] [ chassis chassis-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
activation-file: Displays information about activation files. If you do not specify this keyword, the command displays detailed information about all licenses.
chassis chassis-number: Specifies the member ID of an IRF member device. If you do not specify this option, the command displays license information for all IRF member devices.
Examples
# (In standalone mode.) Display detailed information about all licenses.
<Sysname> display license
flash:/license/210231S12500XSUPSUPC2014011718410796570.ak
Feature: LISP EVB evi mdc SPBM TRILL FCoE
Product Description: H3C S12500-X Advanced Data Center License
Registered at: 2015-01-17 18:33:54
License Type: Permanent
Current State: In use
# (In IRF mode.) Display detailed license information for IRF member device 1.
<Sysname> display license chassis 1
Chassis 1:
flash:/license/210231S12500XSUPSUPC2014011718410796570.ak
Feature: LISP EVB evi mdc SPBM TRILL FCoE
Product Description: H3C S12500-X Advanced Data Center License
Registered at: 2015-01-17 18:33:54
License Type: Permanent
Current State: In use
Table 47 Command output
Field |
Description |
Chassis n |
Member ID of the IRF member device. This field is available in IRF mode. |
Feature |
Feature name. Switches of this series do not support the LISP or EVB feature in the current software version. |
Registered at |
Time when the license was installed. |
License Type |
License type by validity period: · NA—The system cannot obtain the license type. · Permanent—Purchased license that never expires and is always valid. · Days restricted—Purchased license that is valid for a period in days, for example, 30 days. · Trial (days restricted)—Free trial license that is valid for a period in days. |
Trial Time Left (days) |
Remaining days of the trial period. This field is available for a trial license. |
Current State |
State of the license: · In use—The license is being used. · Usable—The license is available for use. If multiple days-restricted licenses for one feature are installed, only one license is in In use state and the rest licenses are in Usable state. · Expired—The license has expired. · Uninstalled—The license has been uninstalled. · Unusable—The license cannot be used. · Invalid—The license is invalid and cannot be used. |
display license feature
Use display license feature to display brief license information for features.
Syntax
display license feature
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Usage guidelines
Feature license information includes the following items:
· Total number of licenses that the device supports.
· Number of installed licenses.
· Features that must be licensed to run on the device.
Examples
# (In standalone mode) Display brief feature license information.
<Sysname> display license feature
Total: 5 Usage: 1
Feature Licensed State
LISP Y Formal
EVB Y Formal
evi Y Formal
mdc Y Formal
SPBM Y Formal
TRILL Y Formal
FCoE Y Formal
# (In IRF mode) Display brief feature license information.
<Sysname> display license feature
Chassis 1:
Total: 5 Usage: 1
Feature Licensed State
LISP Y Formal
EVB Y Formal
evi Y Formal
mdc Y Formal
SPBM Y Formal
TRILL Y Formal
FCoE Y Formal
Table 48 Command output
Field |
Description |
Chassis n |
Member ID of the IRF member device. This field is available in IRF mode. |
Total |
Total number of licenses that can be installed. |
Usage |
Number of installed licenses. |
Feature |
Feature that must be licensed before being used. Switches of this series do not support the LISP or EVB feature in the current software version. |
Licensed |
Licensing state of the feature: · N—Not licensed. · Y—Licensed. |
State |
License type by purchasing state: · Formal—Purchased license. · Trial—Trial license. If the feature is not licensed, this field displays a hyphen (-). To use the feature, you must install a valid license file. |
display license device-id
Use display license device-id to display device SN and DID information.
Syntax
In standalone mode:
display license device-id
In IRF mode:
display license device-id chassis chassis-number
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
chassis chassis-number: Specifies the member ID of an IRF member device.
Usage guidelines
Each device has a unique SN and DID. When you register a license for a device, you must provide its SN and DID.
The DID changes each time you use the license compress command to compress the license storage. Use the display license device-id command to identify the up-to-date DID each time you register licenses.
Examples
# (In standalone mode) Display the device SN and DID.
<Sysname> display license device-id
SN: 210231S12500XSUPSUPC
Device ID: jFvq-zRGA-DpJy-VK@d-$Zz+-QjA7-$pLP-xvzR
# (In IRF mode) Display the SN and DID of IRF member device 2.
<Sysname> display license device-id chassis 2
SN: 210231S12500XSUPSUPC
Device ID: jFvq-zRGA-DpJy-VK@d-$Zz+-QjA7-$pLP-xvzR
license activation-file install
Use license activation-file install to install a license activation file.
Syntax
In standalone mode:
license activation-file install file-name
In IRF mode:
license activation-file install file-name chassis chassis-number
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
file-name: Specifies the file path, a case-sensitive string of 1 to 127 characters. The activation file must be valid and stored on the device.
chassis chassis-number: Specifies the member ID of an IRF member device.
Usage guidelines
For a successful license activation file installation, make sure the following requirements are met:
· The SN and DID used for registration match the current SN and DID of the specified device.
· No one else is installing an activation file on the device you are working with.
You can install a maximum of five activation files on each device.
Activation files are device locked. A licensed feature can run on the device where its activation file is installed even after an MPU replacement.
Examples
# (In standalone mode) Install the activation file 20140824.ak.
<Sysname> system-view
[Sysname] license activation-file install flash:\license\20140824.ak
# (In IRF mode) Install the activation file 20140824.ak on IRF member device 2.
<Sysname> system-view
[Sysname] license activation-file install flash:\license\20140824.ak chassis 2
Related commands
· display license activation-file
· display license device-id
· license activation-file uninstall
license activation-file uninstall
Use license activation-file uninstall to uninstall an activation file.
Syntax
In standalone mode:
license activation-file uninstall file-name
In IRF mode:
license activation-file uninstall file-name chassis chassis-number
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
file-name: Specifies the file path, a case-sensitive string of 1 to 127 characters.
chassis chassis-number: Specifies the member ID of an IRF member device.
Usage guidelines
A feature cannot run on the device after you uninstall all its activation files.
Use this command to revoke an unexpired license if you want to transfer the license from one device to another. For a successful uninstall operation, make sure no one else is uninstalling an activation file on the device you are working with.
When an activation file is uninstalled, the system creates an Uninstall file. Use this file together with the SN and DID of the transfer destination to register the license for the transfer destination.
Trial licenses are not transferrable. When you uninstall the activation file of a trial license, no Uninstall file is created.
Examples
# (In standalone mode) Uninstall the activation file flash:\license\20140824.ak.
<Sysname> system-view
[Sysname] license activation-file uninstall flash:\license\20140824.ak
# (In IRF mode.) Uninstall the activation file flash:\license\20140824.ak from IRF member device 2.
<Sysname> system-view
[Sysname] license activation-file uninstall flash:\license\20140824.ak chassis 2
Uninstall file: flash:\license\20140824.uak
· display license activation-file
· license activation-file install
license compress
Use license compress to compress the license storage.
Syntax
In standalone mode:
license compress
In IRF mode:
license compress chassis chassis-number
Views
System view
Predefined user roles
network-admin
mdc-admin
Parameters
chassis chassis-number: Specifies the member ID of an IRF member device.
Usage guidelines
CAUTION: The DID changes each time the license storage is compressed. Before performing a compression, make sure all activation files generated based on the old DID have been installed. They cannot be installed after the compression. |
Use this command if the free license storage (see the display license feature command) is not sufficient.
This command clears invalid licenses (expired licenses and uninstalled licenses) and Uninstall files from the license storage area. Back up the Uninstall files before you compress the license storage.
For a successful compress operation, make sure no one else is compressing the license storage on the device you are working with.
Examples
# (In standalone mode.) Compress the license storage.
<Sysname> system-view
[Sysname] license compress
This command will delete all data relevant to uninstalled and expired keys/licenses, including Uninstall keys, and create a new device ID for activation keys/files. Make sure you have saved the Uninstall keys so you can apply for a new activation key/file for the unexpired licenses that were covered by the uninstalled activation keys/files.
Are you sure you want to continue? [Y/N]: Y
# (In IRF mode.) Compress the license storage on IRF member device 2.
<Sysname> system-view
[Sysname] license compress chassis 2
This command will delete all data relevant to uninstalled and expired keys/licenses, including Uninstall keys, and create a new device ID for activation keys/files. Make sure you have saved the Uninstall keys so you can apply for a new activation key/file for the unexpired licenses that were covered by the uninstalled activation keys/files.
Are you sure you want to continue? [Y/N]: Y
Preprovisioning commands
The preprovisioning feature is available in Release 1138P01 and later versions.
chassis slot
Use chassis slot to select a slot to provision and enter slot view on an IRF fabric.
chassis chassis-number slot slot-number
Predefined user roles
network-admin
chassis chassis-number slot slot-number: Specifies an interface card slot on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the interface card to be preprovisioned.
Examples
# Enter the slot view of slot 2 in chassis 1.
<Sysname> system-view
[sysname] chassis 1 slot 2
[Sysname-chassis-1-slot-2]
provision
display provision failed-config
Use display provision failed-config to display the preprovisioned commands that were not applied to preprovisioned interface cards that came online.
Syntax
display provision failed-config
network-admin
Commands prerovisioned for a module are applied when the module comes online. A preprovisioned command cannot be applied if it conflicts with the running configuration.
Use this command to verify the application result of preprovisioned commands except for the following commands:
· duplex
This command cannot display the application result of the listed commands correctly. To verify the application result of the listed commands, use the display current-configuration command. If the two commands display different application results, the result displayed by the display current-configuration command is correct.
# Display preprovisioned commands that were not applied.
<Sysname> display provision failed-config
Configuration applied at: Sat Jun 14 06:06:00 2014
Slot information: chassis 1 slot 1
Commands that failed to be applied:
#
interface FortyGigE1/1/0/1
speed 40000
#
provision
provision
Use provision to enable preprovisioning for a slot.
Use undo provision to disable preprovisioning for a slot.
Syntax
provision model model
network-admin
model model: Specifies the card model to be preprovisioned. To obtain available models, enter provision model ?.
Usage guidelines
This command allows you to preconfigure interfaces on an offline module.
The device automatically creates interfaces when you enable preprovisioning for a module. The display interface command does not display these interfaces until the module comes online.
When you disable preprovisioning for a slot, the device removes all preconfigured settings from the slot.
# (In standalone mode.) Enable preprovisioning for the SIM3110 module on slot 2.
<Sysname> system-view
[Sysname] slot 2
[Sysname-slot-2] provision model SIM3110
# (In IRF mode.) Enable preprovisioning for the SIM3110 module on slot 2 of chassis 1.
[Sysname] chassis 1 slot 2
[Sysname-chassis-1-slot-2] provision model SIM3110
· chassis slot
· display provision failed-config
· slot
slot
Use slot to select a slot to provision and enter slot view on a standalone device.
slot slot-number
network-admin
slot-number: Specifies a slot number.
Examples
# Enter the slot view of slot 2.
<Sysname> system-view
[sysname] slot 2
[Sysname-slot-2]
provision
reset provision failed-config
Use reset provision failed-config to clear application failure records for preprovisioned commands.
Syntax
reset provision failed-config
Views
User view
Predefined user roles
network-admin
Usage guidelines
Installing modules in preprovisioned slots might leave a number of application failure records. Use this command to release the space used by the records.
If you install a module in a preprovisioned slot while this command is being executed, the display provision failed-config command might display some newly generated application failure records.
Examples
# Clear application failure records for preprovisioned commands.
<Sysname> display provision failed-config
activation-key,13
alias,1
allocate interface,250
append,77
ascii,77
authentication-mode,14
auto-execute command,15
backup startup-configuration,133
binary,78
boot-loader file,151
boot-loader update,153
bootrom backup,154
bootrom restore,155
bootrom update,156
bootrom-update security-check enable,157
bye,79
cd,109
cd,79
cdup,80
chassis slot,274
clock datetime,179
clock protocol,180
clock summer-time,180
clock timezone,182
close,81
command,183
command accounting,17
command authorization,17
configuration commit,133
configuration commit delay,134
configuration encrypt,135
copy,111
copyright-info enable,184
databits,18
debug,81
delete,112
delete,82
description,47
diagnostic start test,185
dir,82
dir,114
disconnect,83
display | { begin | exclude | include },2
display | by-linenum,3
display >,4
display >>,5
display alarm,185
display alias,6
display boot-loader,157
display clock,187
display copyright,187
display cpu-usage,188
display cpu-usage configuration,190
display cpu-usage history,190
display current-configuration,136
display current-configuration diff,137
display default-configuration,138
display device,193
display device manuinfo,195
display device manuinfo fan,198
display device manuinfo power,199
display diagnostic content,200
display diagnostic-information,202
display diff,139
display environment,203
display exception filepath,204
display fan,205
display ftp client source,84
display ftp-server,72
display ftp-user,72
display hardware-resource,206
display history-command,7
display history-command all,7
display hotkey,8
display install active,161
display install committed,162
display install ipe-info,164
display install package,165
display issu rollback-timer,166
display issu state,166
display license,267
display license device-id,269
display license feature,268
display line,19
display mdc,261
display mdc,252
display mdc interface,253
display mdc interface,261
display mdc resource,262
display mdc resource,254
display memory,207
display memory-threshold,209
display power,211
display provision failed-config,274
display role,47
display role feature,49
display role feature-group,53
display saved-configuration,140
display scheduler job,211
display scheduler logfile,212
display scheduler reboot,213
display scheduler schedule,214
display startup,141
display system stable state,215
display system-working-mode,216
display telnet client,20
display this,143
display transceiver alarm,217
display transceiver diagnosis,218
display transceiver interface,219
display transceiver manuinfo,220
display user-interface,21
display users,22
display version,221
display version comp-matrix,168
display version-update-record,221
escape-key,23
exception filepath,222
exit(),265
fdisk,116
feature,53
file prompt,117
fixdisk,118
flow-control,25
format,119
free ftp user,73
free ftp user-ip,74
free line,25
free user-interface,26
ftp,84
ftp client source,85
ftp server acl,74
ftp server dscp,75
ftp server enable,76
ftp timeout,76
get,86
gunzip,119
gzip,120
hardware-resource tcam,223
header,224
help,87
history-command max-size,27
hotkey,9
idle-timeout,28
install activate,170
install add,171
install commit,172
install deactivate,172
interface policy deny,54
issu accept,173
issu commit,173
issu load,174
issu rollback,176
issu rollback-timer,176
issu run switchover,177
job,225
lcd,88
license activation-file install,270
license activation-file uninstall,271
license compress,272
limit-resource cpu,256
limit-resource memory,257
line,29
line class,30
location,258
lock,31
ls,89
md5sum,121
mdc,260
mdc start,260
memory-threshold,226
memory-threshold usage,227
mkdir,89
mkdir,121
monitor cpu-usage enable,228
monitor cpu-usage interval,229
monitor cpu-usage threshold,230
more,122
mount,123
move,124
newer,90
open,91
parity,32
passive,91
password-recovery enable,231
permit interface,55
permit vlan,57
permit vpn-instance,58
process core,231
protocol inbound,32
provision,275
put,92
pwd,125
pwd,93
python,265
python filename,266
quit,10
quit,94
reboot,232
reget,94
rename,95
rename,125
reset,96
reset provision failed-config,276
reset recycle-bin,126
reset saved-configuration,144
reset scheduler logfile,235
reset version-update-record,236
restart,96
restore startup-configuration,145
return,10
rhelp,97
rmdir,98
rmdir,126
role,59
role default-role enable,60
role feature-group,61
rstatus,99
rule,62
save,146
scheduler job,236
scheduler logfile size,237
scheduler reboot at,237
scheduler reboot delay,238
scheduler schedule,239
screen-length,34
screen-length disable,11
send,34
set authentication password,35
sha256sum,127
shell,36
shutdown-interval,240
slot,276
speed,37
startup saved-configuration,149
status,100
stopbits,38
super,66
super authentication-mode,66
super default role,67
super password,68
switchback,264
switch-fabric isolate,241
switchto mdc,259
sysname,242
system,101
system-view,12
system-working-mode,242
tar create,128
tar extract,128
tar list,129
telnet,38
telnet client source,39
telnet server acl,40
telnet server dscp,41
telnet server enable,42
temperature-limit,243
terminal type,42
tftp,105
tftp client source,106
tftp-server acl,107
time at,245
time once,245
time repeating,247
umount,130
undelete,131
user,102
user-interface,43
user-interface class,44
user-role,45
user-role,248
verbose,102
version auto-update enable,159
version check ignore,159
vlan policy deny,69
vpn-instance policy deny,70