CLI concepts

Definitions

Context
A context is an environment in which parameters can be configured. CLI commands are relevant to a context.
Configuration
A configuration describes a coherent programming of Turbo IPsec. A configuration can be edited. A configuration includes all the statements and commands that have to be executed to configure Turbo IPsec.
Running Configuration
The running configuration is the one currently active on Turbo IPsec. This configuration is unique.
Start Configuration
The start configuration is the one that will be executed at the next Turbo IPsec reboot. This configuration is unique.
Non Active Configuration
A non active configuration is any existing configuration but the running or start configuration. Several non active configurations may exist at a same time.
Configuration File
A configuration file is used to transfer a configuration to or from a remote machine for editing or backup purposes (export and import commands).
Command File
A command file includes a list of commands that are executed in sequence, as if they were typed by a user. It may be used to automate configuration.
Delta Mode
The delta mode is used for dynamic parameter configuration. It makes it possible to modify the running configuration without stopping and restarting services, whose configuration remains unchanged. As an example, adding an IP address to an interface does not stop services and does not flush interfaces configuration.
Import/Export
Files can be imported from/exported to a remote server. Configuration files, command files, traffic capture files, or public key files can be imported and exported. Log files can only be exported. Files can be imported/exported using the TFTP, FTP or SCP protocols.

Contexts

A context is an environment in which commands are entered. The contexts are organized hierarchically.

root context

The root context takes place at the top of the hierarchy. At this level the following actions can be done:

  • Configuration and command files manipulation (edit, copy, import/export, display, apply, etc.)
  • System level configuration (date, log sessions, SSH keys, IKE ids, etc.)
  • Network monitoring and troubleshooting (show, ping, traceroute, etc.)

system context

Your enter the system context using the edit system command. The system context is used to configure users, as described in Managing System Users.

configuration context

Editing a configuration using the edit conf command enters the configuration context.

Inside the configuration context, features are configured inside feature contexts, as listed below:

gen
General system parameters
enpXsY
Physical interfaces
bridgeX
Ethernet bridge interfaces
vlanX
VLAN interfaces
greX
GRE interfaces
loopbackX
loopback interface
vxlanX
VXLAN interfaces
lagX
LAG interfaces
rtg
IPv4/v6 routing
vrfX
VRF instances
fil
IPv4/v6 packet filtering
nat
NAT
sec
IPv4/v6 IPsec
certificates
X509 certificates
svtiX
SVTI
mig
IPv4 / IPv6 tunneling techniques
vrrp*
VRRP
dhcp
IPv4 DHCP client
dhcpv4server
IPv4 DHCP server
dhcprelay
IPv4 DHCP relay
dns
DNS proxy
log
Log information
snmp
SNMP
ntp
NTP
lldp
LLDP

Commands are interpreted according to the current context. For instance, a display command will not return the same result whether you are in the rtg or the enp1s0 context.

Prompts

The current context is indicated in the command prompt.

The root level prompt is:

router{}

The configuration level prompt is:

router{conf:config}

The feature level prompt is:

router{conf:config-feature}

The system level prompt is:

router{system:system-feature}

All the command examples in this document are given with the corresponding prompt.

Example

router{}                       # root context

router{conf:running}           # context for running configuration

router{conf:myconfig}          # context for non active configuration named myconfig

router{conf:myconfig-fil}      # filtering context for myconfig configuration

router{system:users}           # context for managing system users