3.2.1. cmd¶
Execute remote commands on the NETCONF server.
cmd banner¶
vsr> cmd banner pre-login [message <string>] [reset]
vsr> cmd banner post-login [message <string>] [reset]
Manage login banner.
Input Parameters¶
pre-loginManage banner before a user logs in.
message <string>Message to display.
resetReset message to factory defaults.
post-loginManage banner after a user logs in.
message <string>Message to display.
resetReset message to factory defaults.
cmd reboot¶
vsr> cmd reboot [delay <uint32>] [cancel] [force]
Schedule a system reboot after a grace period.
Input Parameters¶
delay <uint32>The number of seconds to wait before reboot. During that time, it is possible to cancel the reboot.
cancelIf defined, cancel a pending reboot.
forceIf defined, force reboot even if startup configuration is different than running configuration.
cmd poweroff¶
vsr> cmd poweroff [delay <uint32>] [cancel] [force]
Schedule a system poweroff after a grace period.
Input Parameters¶
delay <uint32>The number of seconds to wait before poweroff. During that time, it is possible to cancel the poweroff.
cancelIf defined, cancel a pending poweroff.
forceIf defined, force poweroff even if startup configuration is different than running configuration.
cmd ping¶
vsr> cmd ping [vrf <string>] [l3vrf <string>] [count <uint16>] [packetsize <uint16>] \
... [nodns] [ipv6] [source <string>] [rate <1-1000>] [dont-fragment] \
... <destination>
Send ICMP ECHO_REQUEST messages to network hosts and print their responses.
Input Parameters¶
vrf <string>The VRF in which to send the ICMP ECHO_REQUESTs. By default, they are sent in the ‘main’ vrf.
l3vrf <string>Specify the l3vrf.
count <uint16>Stop after sending count ECHO_REQUEST packets.
packetsize <uint16>Specifies the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data.
nodnsNumeric output only. No attempt will be made to lookup symbolic names for host addresses.
ipv6Force IPv6 operation only. By default, it is detected from the destination. If destination is a host name, ipv4 is used by default unless this flag is set.
source <string>Either an address, or an interface name. If interface is an address, it sets source address to specified interface address. If interface in an interface name, it sets source interface to specified interface. For IPv6, when doing ping to a link-local scope address, link specification (by the ‘%’-notation in destination, or by this option) is required.
rate <1-1000>The number of packets to send per second. By default, 1 packet is sent every second.
dont-fragmentProhibit fragmentation, even local one.
<destination>(mandatory)The destination host (name or IP address).
cmd traceroute¶
vsr> cmd traceroute [vrf <string>] [l3vrf <string>] [nodns] [ipv6] [source SOURCE] \
... [source-interface <string>] <host>
Display the route (path) that was used to connect to a certain IP address or hostname. It also measures the transit delays among hops.
Input Parameters¶
vrf <string>The VRF in which the packets are sent by traceroute. By default, they are sent in the ‘main’ vrf.
l3vrf <string>Specify the l3vrf.
nodnsDo not try to map IP addresses to host names when displaying them.
ipv6Force IPv6 operation only. By default, it is detected from the destination. If destination is a host name, ipv4 is used by default unless this flag is set.
source SOURCEChooses an alternative source address. Note that an address of one of the interfaces must be selected. By default, the address of the outgoing interface is used.
SOURCEvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
source-interface <string>Specifies the interface through which traceroute should send packets. By default, the interface is selected according to the routing table.
<host>(mandatory)The destination host (name or IP address).
cmd traffic-capture¶
vsr> cmd traffic-capture [vrf <string>] [count <1-1000>] [filter <pcap-expr>] <ifname> \
... [details]
Print traffic flowing on a network interface.
Input Parameters¶
vrf <string>The VRF in which to capture traffic. This must be the VRF the interface belongs to. By default, the interface is assumed to be in the ‘main’ vrf.
count <1-1000>Stop after capturing count packets.
filter <pcap-expr>Optional filter expression. This must be a valid PCAP filter. See https://www.tcpdump.org/manpages/pcap-filter.7.html for more details.
<ifname>(mandatory)The name of the network interface on which to monitor traffic.
detailsShow verbose packets.
cmd traffic-capture new¶
vsr> cmd traffic-capture new [name <name>] [vrf <string>] [count <1-1000>] [filter <pcap-expr>] \
... <ifname>
Capture traffic flowing on a network interface.
Input Parameters¶
name <name>The name of the capture file. If not set a unique name will be automatically chosen (in format YYYY-MM-DD_HH-MM-SS.<ifname>.pcap). otherwise, if the file already exists it will be overwritten.
vrf <string>The VRF in which to capture traffic. This must be the VRF the interface belongs to. By default, the interface is assumed to be in the ‘main’ vrf.
count <1-1000>Stop after capturing count packets.
filter <pcap-expr>Optional filter expression. This must be a valid PCAP filter. See https://www.tcpdump.org/manpages/pcap-filter.7.html for more details.
<ifname>(mandatory)The name of the network interface on which to monitor traffic.
cmd traffic-capture read¶
vsr> cmd traffic-capture read <name>
Read a captured traffic flow.
Input Parameters¶
<name>(mandatory)The name of the capture to read.
cmd traffic-capture export¶
vsr> cmd traffic-capture export [vrf <string>] url URL [user <string>] [password <string>] <name>
Export a captured traffic flow.
Input Parameters¶
vrf <string>The VRF in which remote access is done. By default, they are sent in the ‘main’ vrf.
url URL(mandatory)The destination URL.
URLvaluesDescription
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<smtp-url>An SMTP(S) email URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
<name>(mandatory)The name of the capture to export.
cmd traffic-capture delete¶
vsr> cmd traffic-capture delete <name>
Delete a captured traffic flow.
Input Parameters¶
<name>(mandatory)The name of the capture to delete.
cmd identify-port¶
vsr> cmd identify-port NAME [duration <uint16>]
Initiate adapter-specific action intended to enable an operator to easily identify a physical network interface by sight. Typically this involves blinking one or more LEDs on the specific network port. For this command to work effectively, ports must not be managed by the fast path.
Input Parameters¶
NAME(mandatory)The port name.
NAMEPCI port name.
duration <uint16>Length of time to perform the identification, in seconds.
cmd certificate cmp enroll¶
vsr> cmd certificate cmp enroll name NAME ca-profile CA-PROFILE secret <string>{1,128} subject SUBJECT \
... [san SAN]
Enroll a certificate using CMP protocol.
Input Parameters¶
name NAME(mandatory)The Name of the certificate to be enrolled.
NAMECertificate name.
ca-profile CA-PROFILE(mandatory)The name of the CA profile.
CA-PROFILECertificate name.
secret <string>{1,128}(mandatory)The passphrase used to protect the outgoing messages and for validating the incoming messages.
subject SUBJECT(mandatory)The distinguished name (DN) of the subject to use in the requested certificate, example: /CN=6WIND/O=IT.
SUBJECTX500 Distinguished Name.
san SANList of Subject Alternative Names.
SANvaluesDescription
dns:<domain-name>X509v3 Subject Alternative Name.
ip:<ipv4-address>X509v3 Subject Alternative Name.
ip:<ipv6-address>X509v3 Subject Alternative Name.
email:<email-address>X509v3 Subject Alternative Name.
uri:<uri>X509v3 Subject Alternative Name.
cmd certificate cmp update¶
vsr> cmd certificate cmp update [ca-profile CA-PROFILE] name NAME
Update a certificate using CMP protocol.
Input Parameters¶
ca-profile CA-PROFILEThe name of the CA profile.
CA-PROFILECertificate name.
name NAME(mandatory)The name of the certificate to be updated.
NAMECertificate name.
cmd certificate cmp scheduled-update¶
vsr> cmd certificate cmp scheduled-update [ca-profile CA-PROFILE] name NAME
Schedule updates of a certificate using CMP protocol.
Input Parameters¶
ca-profile CA-PROFILEThe name of the CA profile.
CA-PROFILECertificate name.
name NAME(mandatory)The name of the certificate to be updated.
NAMECertificate name.
cmd system-image¶
vsr> cmd system-image install-on-disk [backup-url BACKUP-URL] [user <string>] [password <string>] \
... <device>
vsr> cmd system-image import [name <name>] [vrf <string>] [user <string>] [password <string>] \
... URL [md5 MD5] [sha256 SHA256] [force] [timeout <uint32>]
vsr> cmd system-image delete <name>
vsr> cmd system-image list
vsr> cmd system-image rename <name> new-name <string>
vsr> cmd system-image set-default [<name>]
vsr> cmd system-image set-next [<name>]
Manage system images.
Input Parameters¶
install-on-diskInstall the system on a specific device.
backup-url BACKUP-URLThe URL where the backup files are stored.
BACKUP-URLvaluesDescription
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
<device>(mandatory)The device on which to install the currently booted image (example: sda).
importImport a new system .update image from a remote URL.
name <name>The custom name to assign of the .update image.
vrf <string>The VRF in which remote access is done. By default, they are sent in the ‘main’ vrf.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
URL(mandatory)The URL from which to download the .update image.
URLvaluesDescription
<http[s]://[user[:passwd]@]host[:port]/path/to/file.update>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp://[user[:passwd]@]host[:port]/path/to/file.update>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp://[user[:passwd]@]host[:port]/path/to/file.update>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp://[user[:passwd]@]host[:port]/path/to/file.update>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp://host[:port]/path/to/file.update>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
md5 MD5The md5 hexadecimal digest or its URL.
MD5valuesDescription
<http[s]://[user[:passwd]@]host[:port]/path/to/file.update>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp://[user[:passwd]@]host[:port]/path/to/file.update>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp://[user[:passwd]@]host[:port]/path/to/file.update>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp://[user[:passwd]@]host[:port]/path/to/file.update>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp://host[:port]/path/to/file.update>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<md5-hex-digest>{32}No description.
sha256 SHA256The sha256 hexadecimal digest or its URL.
SHA256valuesDescription
<http[s]://[user[:passwd]@]host[:port]/path/to/update.sha256>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp://[user[:passwd]@]host[:port]/path/to/update.sha256>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp://[user[:passwd]@]host[:port]/path/to/update.sha256>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp://[user[:passwd]@]host[:port]/path/to/update.sha256>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp://host[:port]/path/to/update.sha256>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<sha256-hex-digest>{64}No description.
forceIf defined, force system-import even if startup configuration is different than running configuration.
timeout <uint32>At the end of this timeout period, the system will reboot to the default image, unless the user sets the default image with ‘cmd system-image set-default <image>’. 0 means no timeout.
deleteDelete an imported image.
<name>(mandatory)The name of the image to delete.
listDisplay a list of imported images.
renameRename an image.
<name>(mandatory)The current name of the image.
new-name <string>(mandatory)The new name of the image.
set-defaultSet a system image as default boot image.
<name>The name of the image to set as default.
set-nextSet a system image as next boot image. If it does not boot, the system will reboot to the default image. This option is not available for LVM disks.
<name>The name of the image to set as next.
cmd backup¶
vsr> cmd backup import [vrf <string>] url URL [user <string>] [password <string>]
vsr> cmd backup export [vrf <string>] url URL [user <string>] [password <string>]
Import/export backup archives containing configurations, keys, certificates, licenses.
Input Parameters¶
importImport backup archive from a remote server. WARNING: it will overwrite current configurations.
vrf <string>The VRF in which remote access is done. By default, they are sent in the ‘main’ vrf.
url URL(mandatory)The source URL.
URLvaluesDescription
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
exportExport backup archive to a remote server.
vrf <string>The VRF in which remote access is done. By default, they are sent in the ‘main’ vrf.
url URL(mandatory)The destination URL.
URLvaluesDescription
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<smtp-url>An SMTP(S) email URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
cmd set-next-boot-params¶
vsr> cmd set-next-boot-params [intel-iommu true|false] [iommu-allow-unsafe-interrupts true|false] \
... [ixgbe-allow-unsupported-sfp true|false] [isolate-cpus ISOLATE-CPUS]
Set boot parameters, taking effect at next reboot. Image must be installed on disk.
Input Parameters¶
intel-iommu true|falseEnable intel iommu driver. Control intel_iommu=on|off kernel option.
iommu-allow-unsafe-interrupts true|falseEnable PCI passthrough on hardware that does not support interrupt remapping, when VM are trusted. Control vfio_iommu_type1.allow_unsafe_interrupts=0|1 kernel option.
ixgbe-allow-unsupported-sfp true|falseBypass SFPs types restrictions on Intel ixgbe NICs. Control ixgbe.allow_unsupported_sfp=0|1 kernel option.
isolate-cpus ISOLATE-CPUSIsolate cpus from kernel threads, rcu callbacks, and reduce the scheduler ticks. A good value for this parameter is the fast path coremask.
ISOLATE-CPUSvaluesDescription
<coremask>A comma-separated list of cores or core ranges. Example: ‘1,4-7,10-12’.
noneUnset the coremask.
cmd license certificate¶
vsr> cmd license certificate import [url URL] [user <string>] [password <string>] [content <string>] \
... serial <string>
vsr> cmd license certificate list
vsr> cmd license certificate delete <string>
vsr> cmd license certificate request-activation serial <string>
vsr> cmd license certificate request-deactivation serial <string>
vsr> cmd license certificate cancel-request
Manage license certificate requests for offline activation through an activation webpage.
Input Parameters¶
importImport a license certificate. It will be used to activate the license on the device. The certificate will be deleted when the first configuration using it is committed.
url URLThe URL from which to download the license certificate.
URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
content <string>The raw contents of the license certificate.
serial <string>(mandatory)The serial number associated with the license certificate.
listList downloaded license certificates that not are consumed yet.
deleteDelete a license certificate.
<string>(mandatory)The name of license certificate to delete.
request-activationRequest an activation certificate for a serial number. The resulting certificate must then be entered on the Licensing User Portal, in the Offline Activation tab. The resulting certificate must be imported using the cmd license certificate import command. The licensing has to be disabled in configuration to use this rpc.
serial <string>(mandatory)The serial number associated to this activation request.
request-deactivationRequest an deactivation certificate for a serial number. The resulting certificate must then be entered on the Licensing User Portal, in the Offline Activation tab. Requesting the certificate will disable the license on this device. The licensing has to be disabled in configuration to use this rpc.
serial <string>(mandatory)The serial number associated to this deactivation request.
cancel-requestCancel any request in progress.
cmd license file¶
vsr> cmd license file import [url URL] [user <string>] [password <string>] [content <string>] \
... serial <string>
vsr> cmd license file list
vsr> cmd license file delete <string>
Manage license files.
Input Parameters¶
importImport a license file.
url URLThe URL from which to download the license file.
URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
content <string>The raw contents of the license file.
serial <string>(mandatory)The serial number associated with the license file. It will be used as reference in the configuration.
listList downloaded license files.
deleteDelete a license file.
<string>(mandatory)The name of license file to delete.
cmd troubleshooting-report¶
vsr> cmd troubleshooting-report list
vsr> cmd troubleshooting-report delete <name>
vsr> cmd troubleshooting-report flush
vsr> cmd troubleshooting-report new
vsr> cmd troubleshooting-report export [vrf <string>] url URL [user <string>] [password <string>] \
... <name>
Manage troubleshooting reports.
Input Parameters¶
listList existing troubleshooting reports.
deleteDelete an existing troubleshooting report.
<name>(mandatory)The name of the report to delete.
flushDelete all existing troubleshooting reports.
newGenerate a new troubleshooting report.
exportExport an existing troubleshooting report to a remote server via SFTP.
vrf <string>The VRF in which remote access is done. By default, they are sent in the ‘main’ vrf.
url URL(mandatory)The destination URL.
URLvaluesDescription
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<smtp-url>An SMTP(S) email URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
<name>(mandatory)The name of the report to export.
cmd dns proxy clear-cache¶
vsr> cmd dns proxy clear-cache [vrf <string>]
Clear DNS proxy cache.
Input Parameters¶
vrf <string>Specify the VRF.
cmd dns resolve¶
vsr> cmd dns resolve [vrf <string>] [l3vrf <string>] domain DOMAIN
Resolve a DNS.
Input Parameters¶
vrf <string>Specify the VRF.
l3vrf <string>Specify the L3VRF.
domain DOMAIN(mandatory)Specify the domain name.
DOMAINThe domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492.
Output Data¶
address ADDRESSAddresses of the domain name.
ADDRESSvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
cmd dhcp-client renew-lease¶
vsr> cmd dhcp-client renew-lease [vrf <string>] [l3vrf <string>] IFNAME
Renew DHCP client lease period.
Input Parameters¶
vrf <string>Specify the VRF.
l3vrf <string>Specify the l3vrf.
IFNAME(mandatory)The interface name.
IFNAMEAn interface name.
cmd bgp rpki ssh-key create¶
Note
requires a Product License.
vsr> cmd bgp rpki ssh-key create type TYPE name <string>
Create SSH keys.
Input Parameters¶
type TYPE(mandatory)SSH key type.
TYPEvaluesDescription
rsa-1024RSA in 1024 bits.
rsa-2048RSA in 2048 bits.
rsa-4096RSA in 4096 bits.
ecdsa-256ECDSA in 256 bits.
ecdsa-384ECDSA in 384 bits.
ecdsa-521ECDSA in 521 bits.
ed25519EDDSA in 25519 bits.
name <string>(mandatory)Name of the new key pair.
cmd bgp rpki ssh-key list¶
Note
requires a Product License.
vsr> cmd bgp rpki ssh-key list [detail]
List SSH keys.
Input Parameters¶
detailShow public key.
cmd bgp rpki ssh-key delete¶
Note
requires a Product License.
vsr> cmd bgp rpki ssh-key delete <string>
Delete SSH keys.
Input Parameters¶
<string>(mandatory)Delete an existing key pair.
cmd bgp rpki ssh-host add¶
Note
requires a Product License.
vsr> cmd bgp rpki ssh-host add HOST [port PORT] [vrf VRF]
Add host to routing known hosts.
Input Parameters¶
HOST(mandatory)Host name to add to known hosts.
HOSTThe domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492.
port PORTUse a specific port to join the remote host.
PORTA 16-bit port number used by a transport protocol such as TCP or UDP.
vrf VRFSpecify the VRF.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
cmd bgp rpki ssh-host delete¶
Note
requires a Product License.
vsr> cmd bgp rpki ssh-host delete HOST-NAME
Delete host from routing known hosts.
Input Parameters¶
HOST-NAME(mandatory)Host name to remove from known hosts.
HOST-NAMEThe domain-name type represents a DNS domain name. Fully quallified left to the models which utilize this type. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be encoded in punycode as described in RFC 3492.
cmd certificate import¶
Note
requires a Product License.
vsr> cmd certificate import [vrf VRF] [name NAME] [url URL] [private-key-url PRIVATE-KEY-URL] \
... [private-key-password <string>{1,128}] [user <string>] [password <string>] \
... [force]
Import an X509 certificate from network, in PEM format.
Input Parameters¶
vrf VRFThe vrf in which the import is performed.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
name NAMEThe name to assign of the certificate.
NAMECertificate name.
url URLThe URL from which to download the certificate in PEM format.
URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
private-key-url PRIVATE-KEY-URLThe URL from which to download the certificate private key in PEM format.
PRIVATE-KEY-URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
private-key-password <string>{1,128}Optional password to decrypt the private key.
user <string>Both the url and private-key-url user name (NOT URL-encoded). If specified, the user name must NOT be included in the URLs.
password <string>Both the url and private-key-url password (NOT URL-encoded). If specified, the password must NOT be included in the URLs.
forceDelete the certificate if it exists, this will allow update behavior for the import command.
cmd certificate export¶
Note
requires a Product License.
vsr> cmd certificate export [vrf VRF] [name NAME] url URL [user <string>] [password <string>]
Export an X509 certificate in PEM format.
Input Parameters¶
vrf VRFThe vrf in which the export is performed.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
name NAMEThe name of the certificate.
NAMECertificate name.
url URL(mandatory)The URL where the certificate is uploaded.
URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
cmd certificate add¶
Note
requires a Product License.
vsr> cmd certificate add [name NAME] [data <string>] [private-key <string>] [private-key-password <string>{1,128}] \
... [force]
Add an X509 certificate in PEM format.
Input Parameters¶
name NAMEThe name to assign to the certificate.
NAMECertificate name.
data <string>PEM-encoded X509 certificate.
private-key <string>PEM-encoded X509 private key.
private-key-password <string>{1,128}Optional password to decrypt the private key.
forceOverwrite the certificate or private-key if it exists.
cmd certificate delete¶
Note
requires a Product License.
vsr> cmd certificate delete name NAME
Delete an X509 certificate.
Input Parameters¶
name NAME(mandatory)The name of the certificate.
NAMECertificate name.
cmd certificate-request delete¶
Note
requires a Product License.
vsr> cmd certificate-request delete name NAME
Delete an X509 certificate signing request (PKCS #10).
Input Parameters¶
name NAME(mandatory)The name of the certificate.
NAMECertificate name.
cmd certificate-request generate¶
Note
requires a Product License.
vsr> cmd certificate-request generate name NAME subject SUBJECT [private-key-algorithm PRIVATE-KEY-ALGORITHM] \
... [san SAN] [force]
Generate an X509 certificate signing request (PKCS #10).
Input Parameters¶
name NAME(mandatory)The name to assign to the certificate.
NAMECertificate name.
subject SUBJECT(mandatory)The distinguished name (DN) of the subject to use in the requested certificate, example: /CN=6WIND/O=IT.
SUBJECTX500 Distinguished Name.
private-key-algorithm PRIVATE-KEY-ALGORITHMThe private key algorithm.
PRIVATE-KEY-ALGORITHMvaluesDescription
rsa-512RSA with 512 bit key.
rsa-1024RSA with 1024 bit key.
rsa-2048RSA with 2048 bit key.
rsa-4096RSA with 4096 bit key.
rsa-8192RSA with 8192 bit key.
rsa-pss-512RSA Probabilistic Signature Scheme with 512 bit key (a.k.a. RSASSA-PSS, defined in RFC3447).
rsa-pss-1024RSA Probabilistic Signature Scheme with 1024 bit key (a.k.a. RSASSA-PSS, defined in RFC3447).
rsa-pss-2048RSA Probabilistic Signature Scheme with 2048 bit key (a.k.a. RSASSA-PSS, defined in RFC3447).
rsa-pss-4096RSA Probabilistic Signature Scheme with 4096 bit key (a.k.a. RSASSA-PSS, defined in RFC3447).
rsa-pss-8192RSA Probabilistic Signature Scheme with 8192 bit key (a.k.a. RSASSA-PSS, defined in RFC3447).
ecdsa-nistp256ECDSA with 256-bit prime field Weierstrass curve (a.k.a. NIST P-256, secp256r1, prime256v1).
ecdsa-nistp384ECDSA with 384-bit prime field Weierstrass curve (a.k.a. NIST P-384, secp384r1, ansip384r1).
ecdsa-nistp521ECDSA with 521-bit prime field Weierstrass curve (a.k.a. NIST P-521, secp521r1, ansip521r1).
ecdsa-brainpoolp256r1ECDSA with 256-bit prime field Brainpool curve (a.k.a. brainpoolP256r1, defined in RFC5639).
ecdsa-brainpoolp384r1ECDSA with 384-bit prime field Brainpool curve (a.k.a. brainpoolP384r1, defined in RFC5639).
ecdsa-brainpoolp512r1ECDSA with 512-bit prime field Brainpool curve (a.k.a. brainpoolP512r1, defined in RFC5639).
ed25519EdDSA using SHA512 and Curve25519 (a.k.a. Ed25519, defined in RFC8032).
ed448EdDSA using SHAKE256 and Curve448 (a.k.a. Ed448, defined in RFC8032).
san SANList of Subject Alternative Names.
SANvaluesDescription
dns:<domain-name>X509v3 Subject Alternative Name.
ip:<ipv4-address>X509v3 Subject Alternative Name.
ip:<ipv6-address>X509v3 Subject Alternative Name.
email:<email-address>X509v3 Subject Alternative Name.
uri:<uri>X509v3 Subject Alternative Name.
forceOverwrite the certificate-request if it exists.
cmd certificate-request export¶
Note
requires a Product License.
vsr> cmd certificate-request export [vrf VRF] [name NAME] url URL [user <string>] [password <string>]
Export an X509 certificate signing request (PKCS #10).
Input Parameters¶
vrf VRFThe vrf in which the export is performed.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
name NAMEThe name of the certificate request.
NAMECertificate name.
url URL(mandatory)The URL where the certificate request is uploaded.
URLvaluesDescription
<http-url>An HTTP(S) file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<sftp-url>An SFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<scp-url>An SCP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<ftp-url>An FTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2]. The :/?#[]@!$&’()*+,;= characters in the user and password must be percent-encoded (e.g: ‘?’ becomes ‘%3f’). See RFC 3986 section 2.1. For convenience, you should use the separate user and password fields.
<tftp-url>A TFTP file URL. IPv6 addresses must be surrounded by square brackets [1234:bada::2].
user <string>The URL user name (not percent-encoded). If specified, the user name should not be included in the URL.
password <string>The URL password (not percent-encoded). If specified, the user name should not be included in the URL.
cmd compress-alarm¶
vsr> cmd compress-alarm [resource RESOURCE] [alarm-type-id ALARM-TYPE-ID] [alarm-type-qualifier ALARM-TYPE-QUALIFIER]
This operation requests that the server compress entries in the alarm list by removing all but the latest ‘status-change’ entry for all matching alarms. Conditions in the input are logically ANDed. If no input condition is given, all alarms are compressed.
Input Parameters¶
resource RESOURCECompress the alarms matching this resource.
RESOURCEvaluesDescription
<xpath1.0>This type represents an XPATH 1.0 expression. When a schema node is defined that uses this type, the description of the schema node MUST specify the XPath context in which the XPath expression is evaluated.
<object-identifier>The object-identifier type represents administratively assigned names in a registration-hierarchical-name tree. Values of this type are denoted as a sequence of numerical non-negative sub-identifier values. Each sub-identifier value MUST NOT exceed 2^32-1 (4294967295). Sub-identifiers are separated by single dots and without any intermediate whitespace. The ASN.1 standard restricts the value space of the first sub-identifier to 0, 1, or 2. Furthermore, the value space of the second sub-identifier is restricted to the range 0 to 39 if the first sub-identifier is 0 or 1. Finally, the ASN.1 standard requires that an object identifier has always at least two sub-identifiers. The pattern captures these restrictions. Although the number of sub-identifiers is not limited, module designers should realize that there may be implementations that stick with the SMIv2 limit of 128 sub-identifiers. This type is a superset of the SMIv2 OBJECT IDENTIFIER type since it is not restricted to 128 sub-identifiers. Hence, this type SHOULD NOT be used to represent the SMIv2 OBJECT IDENTIFIER type; the object-identifier-128 type SHOULD be used instead.
<string>This type is used to match resources of type ‘resource’. Since the type ‘resource’ is a union of different types, the ‘resource-match’ type is also a union of corresponding types. If the type is given as an XPath 1.0 expression, a resource of type ‘instance-identifier’ matches if the instance is part of the node set that is the result of evaluating the XPath 1.0 expression. For example, the XPath 1.0 expression: /ietf-interfaces:interfaces/ietf-interfaces:interface [ietf-interfaces:type=’ianaift:ethernetCsmacd’] would match the resource instance-identifier: /if:interfaces/if:interface[if:name=’eth1’], assuming that the interface ‘eth1’ is of type ‘ianaift:ethernetCsmacd’. If the type is given as an object identifier, a resource of type ‘object-identifier’ matches if the match object identifier is a prefix of the resource’s object identifier. For example, the value: 1.3.6.1.2.1.2.2 would match the resource object identifier: 1.3.6.1.2.1.2.2.1.1.5 If the type is given as an UUID or a string, it is interpreted as an XML Schema regular expression, which matches a resource of type ‘yang:uuid’ or ‘string’ if the given regular expression matches the resource string. If the type is given as an XPath expression, it is evaluated in the following XPath context: o The set of namespace declarations is the set of prefix and namespace pairs for all YANG modules implemented by the server, where the prefix is the YANG module name and the namespace is as defined by the ‘namespace’ statement in the YANG module. If a leaf of this type is encoded in XML, all namespace declarations in scope on the leaf element are added to the set of namespace declarations. If a prefix found in the XML is already present in the set of namespace declarations, the namespace in the XML is used. o The set of variable bindings is empty. o The function library is the core function library, and the functions are defined in Section 10 of RFC 7950. o The context node is the root node in the data tree.
alarm-type-id ALARM-TYPE-IDCompress alarms with this ‘alarm-type-id’.
ALARM-TYPE-IDIdentifies an alarm type. The description of the alarm type id MUST indicate whether or not the alarm type is abstract. An abstract alarm type is used as a base for other alarm type ids and will not be used as a value for an alarm or be present in the alarm inventory.
alarm-type-qualifier ALARM-TYPE-QUALIFIERCompress the alarms with this ‘alarm-type-qualifier’.
ALARM-TYPE-QUALIFIERIf an alarm type cannot be fully specified at design time by ‘alarm-type-id’, this string qualifier is used in addition to fully define a unique alarm type. The definition of alarm qualifiers is considered to be part of the instrumentation and is out of scope for this module. An empty string is used when this is part of a key.
Output Data¶
compressed-alarms <uint32>Number of compressed alarm entries.
cmd twamp ping¶
Note
requires a Product License.
vsr> cmd twamp ping [vrf VRF] [l3vrf <string>] server SERVER [source SOURCE] sender-udp-port-range SENDER-UDP-PORT-RANGE \
... [reflector-udp-port REFLECTOR-UDP-PORT] [packet-count <10-1000>] \
... [packet-interval <100-10000>] [packet-tos <0-255>]
Start a twamp session.
Input Parameters¶
vrf VRFThe VRF in which to start the TWAMP client.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
l3vrf <string>Specify the l3vrf.
server SERVER(mandatory)The server on which the client will connect to. This is also the IP used for the test session.
SERVERvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
source SOURCEThe source IP used to reach the server and make the test.
SOURCEvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
sender-udp-port-range SENDER-UDP-PORT-RANGE(mandatory)The sender port or port range used for the test.
SENDER-UDP-PORT-RANGEA single port or a range between 1025 and 65535. Examples: 10000-20000.
reflector-udp-port REFLECTOR-UDP-PORTThe UDP port to be used by the reflector for the test.
REFLECTOR-UDP-PORTA 16-bit port number used by a transport protocol such as TCP or UDP.
packet-count <10-1000>Number of packets to send during the session.
packet-interval <100-10000>The delay between each TWAMP-Test packet in milliseconds.
packet-tos <0-255>The type of service to use in test packets (IPv4 only).
cmd aaa query¶
vsr> cmd aaa query radius [source SOURCE] username <string> password <string> address ADDRESS \
... [port <uint16>] secret <string> [details] [vrf VRF] tacacs [source SOURCE] \
... username <string> password <string> address ADDRESS [port <uint16>] \
... secret <string> [details] [vrf VRF]
Query AAA connectivity services.
Input Parameters¶
radiusInput parameters with Radius default port value.
source SOURCEThe source IP address used to reach the server.
SOURCEvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
username <string>(mandatory)Username to test.
password <string>(mandatory)User associated password.
address ADDRESS(mandatory)Network Access Server address.
ADDRESSvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
port <uint16>Network Access Server port.
secret <string>(mandatory)Network Access Server secret.
detailsIf defined, includes AAA output details.
vrf VRFExecute the AAA query on the designated VRF.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
tacacsInput parameters with Tacacs default port value.
source SOURCEThe source IP address used to reach the server.
SOURCEvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
username <string>(mandatory)Username to test.
password <string>(mandatory)User associated password.
address ADDRESS(mandatory)Network Access Server address.
ADDRESSvaluesDescription
<ipv4-address>An IPv4 address.
<ipv6-address>An IPv6 address.
port <uint16>Network Access Server port.
secret <string>(mandatory)Network Access Server secret.
detailsIf defined, includes AAA output details.
vrf VRFExecute the AAA query on the designated VRF.
VRFvaluesDescription
mainThe main vrf.
<string>The vrf name.
Output Data¶
service <string>AAA service name that returned the response.
username <string>Username returned by the AAA service.
password <string>Password returned by the AAA service.
address <string>Network Access Server address returned by the AAA service.
port <uint32>Network Access Server port returned by the AAA service.
success true|false(mandatory)AAA query success state.
details <string>AAA query details.