HP A-MSR Router Series Fundamentals. Command Reference. Abstract

HP A-MSR Router Series Fundamentals Command Reference Abstract This document describes the commands and command syntax options available for the HP A Series products. This document is intended for network planners, field technical support and servicing engineers, and network administrators who work with HP A Series products. Part number: 5998-2036 Software version: CMW520-R2207P02 Document version: 6PW100-20110810

Legal and notice information Copyright 2011 Hewlett-Packard Development Company, L.P. No part of this documentation may be reproduced or transmitted in any form or by any means without prior written consent of Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HEWLETT-PACKARD COMPANY MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS MATERIAL, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing, performance, or use of this material. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.

Contents CLI configuration commands 1 command-alias enable 1 command-alias mapping 1 command-privilege level 2 display clipboard 3 display command-alias 4 display history-command 4 display hotkey 5 hotkey 6 quit 7 return 8 screen-length disable 8 super 9 super authentication-mode 9 super password 10 system-view 11 Login management commands 13 acl (user interface view) 13 activation-key 14 auto-execute command 16 authentication-mode 17 command accounting 18 command authorization 19 databits 19 display ip http 20 display ip https 21 display telnet client configuration 22 display user-interface 23 display users 25 escape-key 26 flow-control 28 free user-interface 29 history-command max-size 30 idle-timeout 30 ip http acl 31 ip http enable 32 ip http port 33 ip https acl 34 ip https certificate access-control-policy 35 ip https enable 35 ip https port 36 ip https ssl-server-policy 37 lock 37 parity 38 protocol inbound 39 redirect disconnect 39 redirect enable 40 redirect listen-port 41 redirect refuse-negotiation 41 redirect refuse-teltransfer 42 iii

redirect return-deal from-telnet 43 redirect return-deal from-terminal 43 redirect timeout 44 screen-length 45 send 45 set authentication password 47 shell 48 speed (user interface view) 49 stopbit-error intolerance 49 stopbits 50 telnet 51 telnet client source 52 telnet ipv6 52 telnet server enable 53 terminal type 53 user privilege level 54 user-interface 55 Device management commands 57 card-mode 57 clock datetime 58 clock summer-time one-off 59 clock summer-time repeating 59 clock timezone 61 configure-user count 61 copyright-info enable 62 display clock 63 display configure-user 64 display cpu-usage 65 display cpu-usage history 67 display device 69 display device manuinfo 71 display diagnostic-information 72 display environment 73 display fan 74 display job 75 display memory 76 display power 77 display reboot-type 77 display rps 78 display schedule job 79 display schedule reboot 80 display system-failure 80 display transceiver 81 display transceiver alarm 82 display transceiver diagnosis 86 display transceiver manuinfo 87 display version 88 header 88 job 90 nms monitor-interface 91 reboot 92 reset unused porttag 92 schedule job 93 schedule reboot at 94 schedule reboot delay 95 iv

shutdown-interval 96 sysname 97 system-failure 98 temperature-limit 98 time at 99 time delay 101 view 102 Configuration file management commands 104 archive configuration 104 archive configuration interval 104 archive configuration location 105 archive configuration max 106 backup startup-configuration 107 configuration encrypt 107 configuration replace file 108 display archive configuration 109 display current-configuration 110 display saved-configuration 112 display startup 114 display this 114 reset saved-configuration 116 restore startup-configuration 116 save 117 startup saved-configuration 119 File management commands 120 cd 120 copy 121 delete 121 dir 122 display nandflash file-location 124 display nandflash badblock-location 125 display nandflash page-data 126 execute 127 file prompt 128 fixdisk 128 format 129 mkdir 129 more 130 mount 131 move 132 pwd 132 rename 133 reset recycle-bin 133 rmdir 135 umount 136 undelete 136 FTP configuration commands 138 FTP server configuration commands 138 display ftp-server 138 display ftp-user 139 free ftp user 140 ftp server acl 140 ftp server enable 141 ftp timeout 141 v

ftp update 142 FTP client configuration commands 143 ascii 143 binary 143 bye 144 cd 145 cdup 145 close 146 debugging 147 delete 148 dir 149 disconnect 150 display ftp client configuration 150 ftp 151 ftp client source 152 ftp ipv6 153 get 154 lcd 155 ls 155 mkdir 156 open 157 open ipv6 158 passive 159 put 159 pwd 160 quit 160 remotehelp 161 rmdir 163 user 163 verbose 164 TFTP configuration commands 166 TFTP client configuration commands 166 display tftp client configuration 166 tftp-server acl 166 tftp 167 tftp client source 168 tftp ipv6 169 License management commands 171 display license 171 license register 172 Software upgrade commands 173 boot-loader 173 bootrom 173 display boot-loader 176 display patch 177 display patch information 177 patch active 178 patch deactive 179 patch delete 180 patch install 180 patch load 182 patch location 182 patch run 183 vi

Support and other resources 185 Contacting HP 185 Subscription service 185 Related information 185 Documents 185 Websites 185 Conventions 186 Index 188 vii

CLI configuration commands command-alias enable Use command-alias enable to enable the command keyword alias function. Use undo command-alias enable to disable the command keyword alias function. By default, the command keyword alias function is disabled. Disabling the command keyword alias function does not delete the configured aliases, but the aliases do not take effect anymore. command-alias enable undo command-alias enable System view 2: System level None # Enable the command keyword alias function. [Sysname] command-alias enable # Disable the command keyword alias function. [Sysname] undo command-alias enable command-alias mapping Use command-alias mapping to configure a command keyword alias. Use undo command-alias mapping to delete a command keyword alias. By default, a command keyword has no alias. Command keyword aliases take effect only after enabling the command keyword alias function. command-alias mapping cmdkey alias undo command-alias mapping cmdkey 1

System view 2: System level cmdkey: Complete form of the first keyword of a command. alias: Alias for the keyword, which must be different from the first keyword of any command. # Define show as the alias of the display keyword. [Sysname] command-alias mapping display show After you configure the alias, you can enter show instead of display to execute a display command. For example, you can enter show clock to execute the display clock command to view the system time and date. # Delete the alias show. [Sysname] undo command-alias mapping display command-privilege level Use command-privilege to assign a level for the specified command in the specified view. Use undo command-privilege view to restore the default. By default, each command in a view has a specified level. Command levels include four privileges: visit (0), monitor (1), system (2), and manage (3). You can assign a privilege level according to the user s need. When logging in to the switch, the user can access the assigned level and all levels below it. Level changes can cause maintenance, operation, and security problems. HP recommends using the default command level or modifying the command level under the guidance of professional staff. The command specified in the command-privilege command must be complete, and has valid arguments. For example, the default level of the tftp server-address { get put sget } sourcefilename [ destination-filename ] [ source { interface interface-type interface-number ip source-ipaddress } ] command is 3. After the command-privilege level 0 view shell tftp 1.1.1.1 put a.cfg command is executed, when users with the user privilege level of 0 log in to the switch, they can execute the tftp server-address put source-filename command (such as the tftp 192.168.1.26 put syslog.txt command), but cannot execute the command with the get, sget or source keyword, and cannot specify the destination-filename argument. The command specified in the undo command-privilege view command can be incomplete. For example, after the undo command-privilege view system ftp command is executed, all commands starting with the keyword ftp (such as ftp server acl, ftp server enable, and ftp timeout) are restored to their default level. If you modified the level of commands ftp server enable and ftp timeout, and you want to restore only ftp server enable to its default level, use undo command-privilege view system ftp server. 2

If you modify the command level of a command in a specified view from the default command level to a lower level, you must modify the command levels of quit and the corresponding command used to enter this view. For example, the default command level of commands interface and system-view is 2 (system level). If you want to make the interface command available to the level 1 users, you must execute the following three commands: command-privilege level 1 view shell system-view, command-privilege level 1 view system interface GigabitEthernet 3/0/1, and command-privilege level 1 view system quit. Then, the level 1 users can enter system view, execute the interface ethernet command, and return to user view. command-privilege level level view view command undo command-privilege view view command System view level level: Command level, which ranges from 0 to 3. view view: Specifies a view. command: Command to be set in the specified view. # Set the command level of the interface command to 0 in system view. [Sysname] command-privilege level 0 view system interface display clipboard Use display clipboard to view the contents of the clipboard. To copy the specified content to the clipboard: Move the cursor to the starting position of the content and press the <Esc+Shift+,> combination. Move the cursor to the ending position of the content and press the <Esc+Shift+.> combination. display clipboard [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. 3

exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # the content of the clipboard. <Sysname> display clipboard ---------------- CLIPBOARD----------------- display current-configuration display command-alias Use display command-alias to display defined command keyword aliases and the corresponding keywords. display command-alias [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the defined command keyword aliases and the keywords. <Sysname> display command-alias Command alias is enabled index alias command key 1 show display display history-command Use display history-command to display commands saved in the history command buffer. By default, the system saves the last 10 executed commands in the history command buffer. To set the size of the history command buffer, use history-command max-size. 4

display history-command [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display history commands in current user view. <Sysname> display history-command display history-command system-view vlan 2 quit display hotkey Use display hotkey to display hotkey information. display hotkey [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display hotkey information. 5

<Sysname> display hotkey ----------------- HOTKEY ----------------- =Defined hotkeys= Hotkeys Command CTRL_G display current-configuration CTRL_L display ip routing-table CTRL_O undo debug all =Undefined hotkeys= Hotkeys Command CTRL_T NULL CTRL_U NULL hotkey =System hotkeys= Hotkeys Function CTRL_A Move the cursor to the beginning of the current line. CTRL_B Move the cursor one character left. CTRL_C Stop current command function. CTRL_D Erase current character. CTRL_E Move the cursor to the end of the current line. CTRL_F Move the cursor one character right. CTRL_H Erase the character left of the cursor. CTRL_K Kill outgoing connection. CTRL_N Display the next command from the history buffer. CTRL_P Display the previous command from the history buffer. CTRL_R Redisplay the current line. CTRL_V Paste text from the clipboard. CTRL_W Delete the word left of the cursor. CTRL_X Delete all characters up to the cursor. CTRL_Y Delete all characters after the cursor. CTRL_Z Return to the User. CTRL_] Kill incoming connection or redirect connection. ESC_B Move the cursor one word back. ESC_D Delete remainder of word. ESC_F Move the cursor forward one word. ESC_N Move the cursor down a line. ESC_P Move the cursor up a line. ESC_< Specify the beginning of clipboard. ESC_> Specify the end of clipboard. Use hotkey to associate a hot key to a command. Use undo hotkey to restore the default. By default, Ctrl+G, Ctrl+L, and Ctrl+O have these corresponding commands: Ctrl+G corresponds to display current-configuration. 6

Ctrl+L corresponds to display ip routing-table. Ctrl+O corresponds to undo debugging all. You can modify the associations as needed. hotkey { CTRL_G CTRL_L CTRL_O CTRL_T CTRL_U } command undo hotkey { CTRL_G CTRL_L CTRL_O CTRL_T CTRL_U } System view 2: System level CTRL_G: Associates hot key Ctrl+G to the specified command. CTRL_L: Associates hot key Ctrl+L to the specified command. CTRL_O: Associates hot key Ctrl+O to the specified command. CTRL_T: Associates hot key Ctrl+T to the specified command. CTRL_U: Associates hot key Ctrl+U to the specified command. command: The command line associated with the hot key. # Associate the hot key Ctrl+T to the display tcp status command. [Sysname] hotkey ctrl_t display tcp status quit Use quit command to return to a lower-level view. In user view, quit terminates the connection and reconnects to the switch. quit Any view 0: Visit level (in user view) 2: System level (in other views) None # Switch from GigabitEthernet 3/0/18 interface view to system view, and then to user view. [Sysname-GigabitEthernet3/0/18] quit 7

return [Sysname] quit <Sysname> Use return to return to user view from any other view in one operation, instead of using quit repeatedly. Pressing Ctrl+Z has the same effect. Related commands: quit. return Any view except user view 2: System level None # Return to user view from GigabitEthernet 3/0/18 interface view. [Sysname-GigabitEthernet3/0/18] return <Sysname> screen-length disable Use screen-length disable to disable pausing between screens of output for the current session. Use undo screen-length disable to enable pausing between screens of output for the current session. By default, a login user uses the settings of screen-length. The default settings of screen-length are: pausing between screens of output is enabled and 24 lines are displayed on a screen. When you log out, the settings restore to their default values. screen-length disable undo screen-length disable User view 1: Monitor level None 8

super # Disable pausing between screens of output for the current session. <Sysname> screen-length disable Use super to switch from the current user privilege level to a specified user privilege level. If a level is not specified, the command switches the user privilege level to 3. Command levels include four privileges: visit (0), monitor (1), system (2), and manage (3). You can assign a privilege level according to the user s need. When logging in to the switch, the user can access the assigned level and all levels below it. Related commands: super password. super [ level ] User view 0: Visit level level: User level, which ranges from 0 to 3 and defaults to 3. # Switch to user privilege level 2 (The current user privilege level is 3.). <Sysname> super 2 User privilege level is 2, and only those commands can be used whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE # Switch the user privilege level back to 3 (switching password 123 has been set. If no password is set, the user privilege level cannot be switched to 3.). <Sysname> super 3 Password: User privilege level is 3, and only those commands can be used whose level is equal or less than this. Privilege note: 0-VISIT, 1-MONITOR, 2-SYSTEM, 3-MANAGE super authentication-mode Use super authentication-mode to set the authentication mode for user privilege level switching. Use undo super authentication-mode to restore the default. By default, the authentication mode for the user privilege level switching is local. Related commands: super password. 9

super authentication-mode { local scheme } * undo super authentication-mode System view 2: System level local: Authenticates a user by using the local password set with the super password command. When no password is set with the super password command, two results can occur: The privilege level switching succeeds if the user is logged in through the console port, or the AUX port used as the console port. The switch fails if the user logs in through any of the AUX, TTY, or VTY user interfaces or enters an incorrect switch password. scheme: AAA authentication. For more information about AAA, see Security Configuration Guide. local scheme: First local and then scheme, which means to authenticate a user by using the local password first. If no password is set for the user logged in through the console port, the privilege level switching succeeds. If no password is set for the user logged in through any of the AUX, TTY, or VTY user interfaces, the AAA authentication is performed. scheme local: First scheme and then local, which means AAA authentication is performed first. If the AAA configuration is invalid (the domain parameters or authentication scheme are not configured) or the server does not respond, the local password authentication is performed. # Set the authentication mode for the user privilege level switching to local. [Sysname] super authentication-mode local # Set the authentication mode for the user privilege level switching to scheme local. [Sysname] super authentication-mode scheme local super password Use super password to set the password used to switch from the current user privilege level to a higher one. Use undo super password to restore the default. By default, no password is set for switching to a higher privilege level. Use the simple keyword to set a simple-text password. Use the cipher keyword to set a cipher-text password. HP recommends a cipher-text password, because a simple-text password easily gets cracked. During authentication, you must enter a simple-text password regardless of the password type you set. 10

super password [ level user-level ] { simple cipher } password undo super password [ level user-level ] System view 2: System level level user-level: User privilege level, which ranges from 1 to 3 and defaults to 3. simple: Plain text password. cipher: Cipher text password. password: Password, a case-sensitive string of characters. A simple password is a string of 1 to 16 characters. A cipher password is a string of 1 to 16 characters in plain text or 24 characters in cipher text. For example, the simple text 1234567 corresponds to the cipher text (TT8F]Y\5SQ=^Q`MAF4<1!!. # Set simple-text password abc for switching to user privilege level 3. [Sysname] super password level 3 simple abc Display the configured password for level switching. [Sysname] display current-configuration # super password level 3 simple abc # Set cipher-text password abc for switching to user privilege level 3. [Sysname] super password level 3 cipher abc Display the configured password for level switching. [Sysname] display current-configuration include super # system-view super password level 3 cipher ;)<01%^&;YGQ=^Q`MAF4<1!! Use system-view to enter system view from the current user view. Related commands: quit, return. system-view User view 11

2: System level None # Enter system view from the current user view. System : return to User with Ctrl+Z. [Sysname] 12

Login management commands acl (user interface view) Use acl to reference ACLs to control access to the VTY user interface. Use undo acl to cancel the ACL application. For more information about ACL, see ACL and QoS Command Reference. By default, access to the VTY user interface is not restricted. If no ACL is referenced in VTY user interface view, the VTY user interface has no access control over establishing a Telnet or SSH connection. If an ACL is referenced in VTY user interface view, the connection is permitted to be established only when packets for establishing a Telnet or SSH connection match a permit statement in the ACL. The system regards the basic/advanced ACL with the inbound keyword, the basic/advanced ACL with the outbound keyword, WLAN ACL, and Ethernet frame header ACL as four different types of ACLs, which can coexist in one VTY user interface. The match order is WLAN ACL, basic/advanced ACL, Ethernet frame header ACL. At most, one ACL of each type can be referenced in the same VTY user interface, and the last configured one takes effect. The MPU-G2 on the A-MSR50 does not support WLAN ACL. To use a basic or advanced ACL: acl [ ipv6 ] acl-number { inbound outbound } undo acl [ ipv6 ] acl-number { inbound outbound } To use a WLAN or Ethernet frame header ACL: acl acl-number inbound undo acl acl-number inbound VTY user interface view 2: System level ipv6: When this keyword is present, the command supports IPv6; otherwise, it supports IPv4. acl-number: Number of the ACL, which takes the following values: WLAN ACL: 100 to 199 Basic ACL: 2000 to 2999 Advanced ACL: 3000 to 3999 Ethernet frame header ACL: 4000 to 4999 13

inbound: Restricts Telnet or SSH connections established in the inbound direction through the VTY user interface. If the received packets for establishing a Telnet or SSH connection are permitted by an ACL rule, the connection is allowed to be established. When the device functions as a Telnet server or SSH server, this keyword is used to control access of Telnet clients or SSH clients. outbound: Restricts Telnet connections established in the outbound direction through the VTY user interface. If the packets sent for establishing a Telnet connection are permitted by an ACL rule, the connection is allowed to be established. When the device functions as a Telnet client, this keyword is used to define Telnet servers accessible to the client. # Allow only the user with the IP address of 192.168.1.26 to access the device through Telnet or SSH. [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 192.168.1.26 0 [Sysname-acl-basic-2001] quit [Sysname] user-interface vty 0 [Sysname-ui-vty0] acl 2001 inbound After your configuration, user A (with IP address 192.168.1.26) can telnet to the device while user B (with IP address 192.168.1.60) cannot telnet to the device. Upon a connection failure, a message appears, saying "%connection closed by remote host!" # Allow the device to only telnet to the Telnet server with IP address 192.168.1.41. [Sysname] acl number 3001 [Sysname-acl-adv-3001] rule permit tcp destination 192.168.1.41 0 [Sysname-acl-adv-3001] quit [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] acl 3001 outbound [Sysname-ui-vty0-4] return <Sysname> After your configuration, if you telnet to 192.168.1.46, your operation fails. <Sysname> telnet 192.168.1.46 %Can't access the host from this terminal! But you can telnet to 192.168.1.41. <Sysname> telnet 192.168.1.41 Trying 192.168.1.41... Press CTRL+K to abort Connected to 192.168.1.41... # Allow only the WLAN client with the SSID of Admin to access the device through VTY 0. [Sysname] acl number 100 [Sysname-acl-wlan-100] rule permit ssid Admin [Sysname-acl-wlan-100] quit [Sysname] user-interface vty 0 [Sysname-ui-vty0] acl 100 inbound activation-key 14

Use activation-key to define a shortcut key for starting a terminal session. Use undo activation-key to restore the default. By default, pressing the Enter key starts a terminal session. However, if a new shortcut key is defined with the activation-key command, the Enter key no longer functions. To display the shortcut key you have defined, use display current-configuration. The activation-key command is not supported by the VTY user interface. activation-key character undo activation-key User interface view character: Shortcut key for starting a terminal session, a single character (or its corresponding ASCII code value that ranges from 0 to 127) or a string of 1 to 3 characters. However, only the first character functions as the shortcut key. For example, if you enter an ASCII code value of 97, the system uses its corresponding character a as the shortcut key. If you enter string b@c, the system uses the first character b as the shortcut key. # Configure character s as the shortcut key for starting a terminal session on the console port. [Sysname] user-interface console 0 [Sysname-ui-console0] activation-key s # Verify the configuration. 1. Exit the terminal session on the console port. [Sysname-ui-console0] return <Sysname> quit 2. Log in to the console port again. The following message appears: ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** User interface con0 is available. Please press ENTER. 15

3. Press Enter. Pressing Enter does not start a session. 4. Enter s. A terminal session is started. <Sysname> %Mar 2 18:40:27:981 2005 Sysname SHELL/5/LOGIN: Console login from con0 auto-execute command CAUTION: The auto-execute command command may disable you from configuring the system through the user interface to which the command is applied. Before configuring the command and saving the configuration (by using the save command), ensure you can access the device through VTY, TTY, console, or AUX interfaces to remove the configuration when a problem occurs. Use auto-execute command to specify a command to be automatically executed when a user logs in to the current user interface. Use undo auto-execute command to remove the configuration. By default, command auto-execution is disabled. The auto-execute command command is not supported by the console port, or the AUX port when the device has only one AUX port and no console port. The system automatically executes the specified command when a user logs in to the user interface, and tears down the user connection after the command is executed. If the command triggers another task, the system does not tear down the user connection until the task is completed. Typically, you can use auto-execute command telnet in user interface view to enable a user to automatically telnet to the specified host when the user logs in to the device. After the user terminates the connection with the host, the user s connection with the device is automatically terminated. auto-execute command command undo auto-execute command User interface view command: Specifies a command to be automatically executed. # Configure the device to automatically telnet to 192.168.1.41 after a user logs in to interface VTY 0. 16

[Sysname] user-interface vty 0 [Sysname -ui-vty0] auto-execute command telnet 192.168.1.41 % This action will lead to configuration failure through ui-vty0. Are you sure? [Y/N]:y [Sysname-ui-vty0] To verify the configuration: Telnet to 192.168.1.40. The device automatically telnets to 192.168.1.41. The following output is displayed: C:\> telnet 192.168.1.40 ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** <Sysname> Trying 192.168.1.41... Press CTRL+K to abort Connected to 192.168.1.41... ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** <Sysname.41> This operation is the same as directly logging in to the device at 192.168.1.41. If the telnet connection to 192.168.1.41 is broken down, the telnet connection to 192.168.1.40 breaks down at the same time. authentication-mode Use authentication-mode to set the authentication mode for the user interface. Use undo authentication-mode to restore the default. By default, the authentication mode for VTY and AUX user interfaces is password, and for console and TTY user interfaces is none. Related commands: set authentication password. authentication-mode { none password scheme } undo authentication-mode User interface view 17

none: Performs no authentication. password: Performs local password authentication. scheme: Performs AAA authentication. For more information about AAA, see Security Configuration Guide. # Specify that no authentication is needed for VTY 0. (This mode is insecure.) [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode none # Use password authentication when users log in to the device through VTY 0, and set the authentication password to 321. [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode password [Sysname-ui-vty0] set authentication password cipher 321 # Authenticate users by username and password for VTY 0. Set the username to 123 and the password to 321. [Sysname] user-interface vty 0 [Sysname-ui-vty0] authentication-mode scheme [Sysname-ui-vty0] quit [Sysname] local-user 123 [Sysname-luser-123] password cipher 321 [Sysname-luser-123] service-type telnet [Sysname-luser-123] authorization-attribute level 3 command accounting Use command accounting to enable command accounting. Use undo command accounting to restore the default. By default, command accounting is disabled. The accounting server does not record the commands that users have executed. When command accounting is enabled and command authorization is not, every executed command is recorded on the HWTACACS server. When both command accounting and command authorization are enabled, only the authorized and executed commands are recorded on the HWTACACS server. command accounting undo command accounting User interface view 18

None # Enable command accounting on VTY 0. Then the HWTACACS server records the commands executed by users logged in through VTY 0. [Sysname] user-interface vty 0 [Sysname-ui-vty0] command accounting command authorization Use command authorization to enable command authorization. Use undo command authorization to restore the default. By default, command authorization is disabled. Logged-in users can execute commands without authorization. With command authorization enabled, users can perform only commands authorized by the server. command authorization undo command authorization User interface view None databits # Enable command accounting for VTY 0 so users logging in from VTY 0 can perform only the commands authorized by the HWTACACS server. [Sysname] user-interface vty 0 [Sysname-ui-vty0] command authorization Use databits to set data bits for each character. Use undo databits to restore the default. By default, 8 data bits are set for each character. 19

This command is only applicable to asynchronous serial interfaces (including AUX and console ports). The data bits setting must be the same for the user interfaces of the connecting ports on the device and the terminal device for communication. databits { 5 6 7 8 } undo databits User interface view 2: System level 5: Sets 5 data bits for each character. 6: Sets 6 data bits for each character. 7: Sets 7 data bits for each character. 8: Sets 8 data bits for each character. # Specify 5 data bits for each character. [Sysname] user-interface aux 0 [Sysname-ui-aux0] databits 5 display ip http Use display ip http to display HTTP information. display ip http [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. 20

# Display information about HTTP. <Sysname> display ip http HTTP port: 80 WLAN ACL: 100 Basic ACL: 2222 Current connection: 0 Operation status: Running Table 1 Command output Field HTTP port WLAN ACL Basic ACL Current connection Operation status Port number used by the HTTP service WLAN ACL associated with the HTTP service Basic ACL number associated with the HTTP service Number of current connections Operation status, which takes the following values: Running the HTTP service is enabled Stopped the HTTP service is disabled display ip https Use display ip https to display information about HTTPS. display ip https [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display information about HTTPS. <Sysname> display ip https 21

HTTPS port: 443 SSL server policy: test Certificate access-control-policy: WLAN ACL: 100 Basic ACL: 2222 Current connection: 0 Operation status: Running Table 2 Command output Field HTTPS port SSL server policy Certificate access-control-policy WLAN ACL Basic ACL Current connection Operation status Port number used by the HTTPS service The SSL server policy associated with the HTTPS service The certificate attribute access control policy associated with the HTTPS service WLAN ACL number associated with the HTTPS service The basic ACL number associated with the HTTPS service Number of current connections Operation status, which takes the following values: Running the HTTPS service is enabled Stopped the HTTPS service is disabled display telnet client configuration Use display telnet client configuration to display the configuration of the device when it serves as a telnet client. display telnet client configuration [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. 22

include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the configuration of the device when it serves as a telnet client. <Sysname> display telnet client configuration The source IP address is 1.1.1.1. The output shows that when the device serves as a client, the source IPv4 address for sending telnet packets is 1.1.1.1. display user-interface Use display user-interface to display information about the specified or all user interfaces. If the summary keyword is not included, the command displays the type of the user interface, the absolute or relative number, the transmission rate, the user privilege level, the authentication mode, and the access port. If the summary keyword is included, the command displays all user interface numbers and types. display user-interface [ num1 { aux console tty vty } num2 ] [ summary ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level num1: Absolute number of a user interface, which typically starts from 0. aux: Specifies the AUX user interface. console: Specifies the console user interface. tty: Specifies the TTY user interface. vty: Specifies the VTY user interfaces. num2: Relative number of a user interface. summary: Displays summary about user interfaces. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. 23

# Display information about user interface 0. <Sysname> display user-interface 0 Idx Type Tx/Rx Modem Privi Auth Int + 0 CON 0 9600-3 N - + : Current user-interface is active. F : Current user-interface is active and work in async mode. Idx : Absolute index of user-interface. Type : Type and relative index of user-interface. Privi: The privilege of user-interface. Auth : The authentication mode of user-interface. Int : The physical location of UIs. A : Authentication use AAA. L : Authentication use local database. N : Current UI need not authentication. P : Authentication use current UI's password. Table 3 Command output Field + The current user interface is active. F Idx Type Tx/Rx Modem Privi The current user interface is active and works in asynchronous mode. Absolute number of the user interface. Type and relative number of the user interface. Transmission/receive rate of the user interface. Whether the modem is allowed to dial in (in), dial out (out), or both (inout). By default, the character - is displayed to indicate that this function is disabled. Indicates the command level of a user under that user interface. Auth Authentication mode for the users, such as A, P, L, and N. Int A L N P The physical port that corresponds to the user interface. (The detailed port information is available for TTY user interfaces. For user interfaces of console ports, AUX ports, and VTY interfaces, - is displayed.) AAA authentication. Local authentication (not supported). No authentication. Password authentication. # Display summary about all user interfaces. <Sysname> display user-interface summary User interface type : [CON] 0:X User interface type : [TTY] 1:XXXX XXXX XXXX XXXX 17:XXXX XXXX XXXX XXXX 24

33:XXXX XXXX XXXX XXXX 49:XXXX XXXX XXXX XXXX 65:XXXX XXXX XXXX XXXX User interface type : [AUX] 81:X User interface type : [VTY] 82:XUXU U 3 character mode users. (U) 83 UI never used. (X) 3 total UI in use Table 4 Command output Field User interface type 0:X Type of user interface (CON/TTY/AUX/VTY). 0 represents the absolute number of the user interface. X means this user interface is not used; U means this user interface is in use. For example, 9:UXXX X shows the absolute number of the first user interface is 9, and the user interface is in use. User interfaces 10, 11, 12, and 13 are not in use. character mode users. (U) Number of users, or, the total number of character U. UI never used. total UI in use (X) Number of user interfaces not used, or the total number of character X. Total number of user interfaces in use. display users Use display users to display information about the user interfaces being used. Use display users all to display information about all user interfaces supported by the device. display users [ all ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level all: Displays information about all user interfaces the device supports. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. 25

include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display information about the user interfaces being used. <Sysname> display users The user application information of the user interface(s): Idx UI Delay Type Userlevel + 178 VTY 0 00:00:00 TEL 3 179 VTY 1 00:02:34 TEL 3 Following are more details. VTY 0 : VTY 1 : Location: 192.168.1.54 Location: 192.168.1.58 + : Current operation user. F : Current operation user work in async mode. The output shows two users have logged in to the device. The one with IP address 192.168.1.54 uses VTY 0, and the other with IP address 192.168.1.58 uses VTY 1. Table 5 Command output Field Idx UI Delay Type Userlevel Absolute number of the user interface. Relative number of the user interface. For example, with VTY, the first column represents user interface type, and the second column represents the relative number of the user interface. Time elapsed since the user's last input, in the format of hh:mm:ss. User type, such as Telnet, SSH, or PAD. User level: 0 for visit, 1 for monitor, 2 for system, and 3 for manage. + Current user. Location F IP address of the user. The current user works in asynchronous mode. escape-key Use escape-key to define a shortcut key for terminating a task. Use undo escape-key to disable the shortcut key for terminating tasks. By default, a task is terminated by pressing Ctrl+C. After defining a new shortcut key by using the escape-key command, the new shortcut key is used to terminate a task. To display the shortcut key you have defined, use display current-configuration. 26

If you set the character argument in a user interface of a device, when you use the user interface to log in to the device and then telnet to another device, the character argument can be used as a control character to terminate a task rather than used as a common character. For example, if you specify character e in VTY 0 user interface of Device A, when you log in to Device A by using VTY 0 from a PC (Hyper Terminal), you can enter e as a common character on the PC, and you can also use e to terminate the task running on Device A. If you telnet to Device B from Device A, you can only use e to terminate the task running on Device B, rather than use e as a common character, so specify character as a key combination. escape-key { default character } undo escape-key User interface view character: Specifies the shortcut key for terminating a task, a single character (or its corresponding ASCII code value in the range of 0 to 127) or a string of 1 to 3 characters. Only the first character of a string functions as the shortcut key. For example, if you enter an ASCII code value of 113, the system uses its corresponding character q as the shortcut key. If you enter the string q@c, the system uses the first character q as the shortcut key. default: Restores the default escape key combination of Ctrl+C. # Define key a as the shortcut key for terminating a task. [Sysname] user-interface console 0 [Sysname-ui-console0] escape-key a To verify the configuration: # Ping the IP address of 192.168.1.49 and use the -c keyword to specify the number of ICMP echo packets to be sent as 20. <Sysname> ping -c 20 192.168.1.49 PING 192.168.1.49: 56 data bytes, press a to break Reply from 192.168.1.49: bytes=56 Sequence=1 ttl=255 time=3 ms Reply from 192.168.1.49: bytes=56 Sequence=2 ttl=255 time=3 ms # Enter a. The task terminates immediately and the system returns to system view. --- 192.168.1.49 ping statistics --- 2 packet(s) transmitted 2 packet(s) received 0.00% packet loss round-trip min/avg/max = 3/3/3 ms <Sysname> 27

flow-control Use flow-control to configure the flow control mode. Use undo flow-control to restore the default. By default, an independent AUX port performs hardware flow control, and an AUX/console port or independent console port does not perform any flow control. A flow control mode takes effect on both inbound and outbound directions. In inbound flow control, the local device listens to the remote device for flow control information, while in the outbound flow control, the local device sends flow control information to the remote device. Two ends must be configured with the same flow control mode. To set the same flow control mode for the inbound and outbound directions, use flow-control { hardware software none }. To set different flow control modes for the inbound and outbound directions, use flow-control hardware flow-control-type1 [ software flow-control-type2 ] or flow-control software flow-controltype1 [ hardware flow-control-type2 ]. If a direction is not specified, flow control is disabled in that direction. For example, flow-control hardware in automatically disables flow control in the outbound direction. The flow control mode setting on one end in the inbound/outbound direction must be the same as in the outbound/inbound direction on the other end. The command is only applicable to asynchronous serial interfaces (including AUX and console ports). flow-control { hardware none software } flow-control hardware flow-control-type1 [ software flow-control-type2 ] flow-control software flow-control-type1 [ hardware flow-control-type2 ] undo flow-control User interface view 2: System level hardware: Performs hardware flow control. none: Disables flow control. software: Performs software flow control. flow-control-type1, flow-control-type2: Sets the direction of flow control, in or out. If in is specified, the local device receives flow information from the remote device. If out is specified, the local device sends flow control information to the remote device. # Configure software flow control in the inbound and outbound directions for port console 0. 28

[Sysname] user-interface console 0 [Sysname-ui-console0] flow-control software # Configure hardware flow control in the inbound direction and disable flow control in the outbound direction for port console 0. [Sysname] user-interface console 0 [Sysname-ui-console0] flow-control hardware in # Configure hardware flow control in the inbound direction and software flow control in the outbound direction for port console 0. [Sysname] user-interface console 0 [Sysname-ui-console0] flow-control hardware in software out free user-interface Use free user-interface to release the connections established on the specified user interface. This command cannot release the connection you are using. free user-interface { num1 { aux console tty vty } num2 } User view num1: Absolute number of a user interface. The value range varies with devices and typically starts from 0. aux: Specifies the AUX user interface. console: Specifies the console user interface. tty: Specifies the TTY user interface. vty: Specifies the VTY user interfaces. num2: Relative number of a user interface. # Display the connection established on user interface VTY 1. <Sysname> display users The user application information of the user interface(s): Idx UI Delay Type Userlevel + 82 VTY 0 00:00:00 TEL 3 83 VTY 1 00:00:03 TEL 3 Following are more details. VTY 0 : Location: 192.168.1.26 29

VTY 1 : Location: 192.168.1.20 + : Current operation user. F : Current operation user work in async mode. // You can display information about the users using the device. <Sysname> free user-interface vty 1 Are you sure to free user-interface vty1? [Y/N]:y // To make configurations without interruption from the user using VTY 1, you can release the connection established on VTY 1. history-command max-size Use history-command max-size to set the size of the history command buffer of the current user interface. Use undo history-command max-size to restore the default. By default, the buffer saves 10 history commands. The history command buffer saves executed history commands per user interface and buffers for different user interfaces do not affect each other. To display the commands stored in the history buffer, use display history-command. To view the recently executed commands, press the upper arrow or lower arrow key. For more information about display history-command, see Fundamentals Command Reference. After terminating the current session, the system automatically removes the commands saved in the corresponding history buffer. history-command max-size size-value undo history-command max-size User interface view 2: System level size-value: Specifies the maximum number of history commands the buffer can store. The value ranges from 0 to 256. # Set the buffer to store 20 history commands at most. [Sysname] user-interface console 0 [Sysname-ui-console0] history-command max-size 20 idle-timeout Use idle-timeout to set the idle-timeout timer. 30

Use undo idle-timeout to restore the default. The default idle-timeout is 10 minutes. The system automatically terminates the user s connections if there is no information interaction between the device and the users within the idle timeout time. Setting idle-timeout to zero disables the timer. In this case, connections are maintained unless you terminate them. idle-timeout minutes [ seconds ] undo idle-timeout User interface view 2: System level ip http acl minutes: Specifies the timeout time in minutes, which ranges from 0 to 35791, and defaults to 10 minutes. seconds: Specifies timeout time in seconds, which ranges from 0 to 59, and defaults to 0 seconds. # Set the idle-timeout timer to 1 minute and 30 seconds. [Sysname] user-interface console 0 [Sysname-ui-console0] idle-timeout 1 30 Use ip http acl to associate the HTTP service with an ACL. Use undo ip http acl to remove the association. By default, the HTTP service is not associated with any ACL. After the HTTP service is associated with an ACL, only the clients permitted by the ACL can access the device through HTTP. The HTTP service can be associated with a WLAN ACL and a basic ACL, and the two types of ACLs will not overwrite each other; however, ACLs of the same type will overwrite each other. So, if you execute ip http acl multiple times to associate the HTTP service with the same type of ACLs, the HTTP service is only associated with the last specified ACL. When the HTTP service is associated with a WLAN ACL, the HTTP service uses this ACL to filter wireless clients only, and does not filter wired clients with this ACL. The MPU-G2 on the A-MSR50 does not support WLAN ACL. Related commands: display ip http; acl number (ACL and QoS Command Reference). For devices supporting both WLAN ACL and basic ACL: 31

ip http acl acl-number undo ip http acl acl-number For devices supporting basic ACL only: ip http acl acl-number undo ip http acl acl-number System view 2: System level acl-number: ACL number. A WLAN ACL ranges from 100 to 199, and a basic IPv4 ACL ranges from 2000 to 2999. # Associate the HTTP service with ACL 100 to allow only the wireless client with the SSID user-ssid-name to access the device through HTTP. [Sysname] acl number 100 [Sysname-acl-wlan-100] rule permit ssid user-ssid-name [Sysname-acl-wlan-100] quit [Sysname] ip http acl 100 # Associate the HTTP service with ACL 2001 to only allow the clients within the 10.10.0.0/16 network to access the device through HTTP. [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255 [Sysname-acl-basic-2001] quit [Sysname] ip http acl 2001 ip http enable Use ip http enable to enable the HTTP service. Use undo ip http enable to disable the HTTP service. The device can act as the HTTP server being accessed only after the HTTP service is enabled. By default, the HTTP service is enabled. Related commands: display ip http. ip http enable undo ip http enable 32

System view 2: System level None ip http port # Enable the HTTP service. [Sysname] ip http enable # Disable the HTTP service. [Sysname] undo ip http enable Use ip http port to configure the port number of the HTTP service. Use undo ip http port to restore the default. By default, the port number of the HTTP service is 80. Verify the port number is not used by another service, because this command does not check for conflicts with configured port numbers. Related commands: display ip http. ip http port port-number undo ip http port System view port-number: Port number of the HTTP service, which ranges from 1 to 65535. # Configure the port number of the HTTP service as 8080. [Sysname] ip http port 8080 33

ip https acl Use ip https acl to associate the HTTPS service with an ACL. Use undo ip https acl to remove the association. By default, the HTTPS service is not associated with any ACL. After the HTTPS service is associated with an ACL, only the clients permitted by the ACL can access the device. The HTTPS service can be associated with a WLAN ACL and basic ACL, and the two types of ACLs will not overwrite each other; however, ACLs of the same type will overwrite each other. If you execute ip https acl multiple times to associate the HTTPS service with the same type of ACLs, the HTTPS service is only associated with the last specified ACL. When the HTTPS service is associated with a WLAN ACL, the HTTPS service uses this ACL to filter wireless clients only, and does not filter wired clients with this ACL. The MPU-G2 on the A-MSR50 does not support WLAN ACL. Related commands: display ip https; acl number (ACL and QoS Command Reference). For devices supporting both WLAN ACL and basic ACL: ip https acl acl-number undo ip https acl acl-number For devices supporting basic ACL only: ip https acl acl-number undo ip https acl acl-number System view acl-number: ACL number. A WLAN ACL ranges from 100 to 199, and a basic IPv4 ACL ranges from 2000 to 2999. # Associate the HTTPS service with ACL 100 to only allow the wireless client with the SSID user-ssid-name to access the device through HTTP. [Sysname] acl number 100 [Sysname-acl-wlan-100] rule permit ssid user-ssid-name [Sysname-acl-wlan-100] quit [Sysname] ip https acl 100 # Associate the HTTPS service with ACL 2001 to only allow the clients within the 10.10.0.0/16 network segment to access the HTTPS server through HTTP. 34

[Sysname] acl number 2001 [Sysname-acl-basic-2001] rule permit source 10.10.0.0 0.0.255.255 [Sysname-acl-basic-2001] quit [Sysname] ip https acl 2001 ip https certificate access-control-policy Use ip https certificate access-control-policy to associate the HTTPS service with a certificate attribute access control policy. Use undo ip https certificate access-control-policy to remove the association. By default, the HTTPS service is not associated with any certificate attribute access control policy. Association of the HTTPS service with a certificate attribute access control policy can control the access rights of clients. Related commands: display ip https; pki certificate access-control-policy (Security Command Reference). ip https certificate access-control-policy policy-name undo ip https certificate access-control-policy System view policy-name: Name of the certificate attribute access control policy, a string of 1 to 16 characters. # Associate the HTTPS server to certificate attribute access control policy myacl. [Sysname] ip https certificate access-control-policy myacl ip https enable Use ip https enable to enable the HTTPS service. Use undo ip https enable to disable the HTTPS service. By default, the HTTPS service is disabled. The device can act as the HTTP server being accessed only after the HTTP service is enabled. Enabling the HTTPS service triggers an SSL handshake negotiation process. If the local certificate of the device exists, the SSL negotiation succeeds, and the HTTPS service can be started. 35

If no local certificate exists, the SSL negotiation triggers a certificate application process that often fails because it times out. If that happens, execute ip https enable multiple times to start the HTTPS service. Related commands: display ip https. ip https enable undo ip https enable System view None # Enable the HTTPS service. [Sysname] ip https enable ip https port Use ip https port to configure the port number of the HTTPS service. Use undo ip https port to restore the default. By default, the port number of the HTTPS service is 443. Verify the port number is not used by another service, because this command does not check for conflicts with configured port numbers. Related commands: display ip https. ip https port port-number undo ip https port System view port-number: Port number of the HTTPS service, which ranges from 1 to 65535. # Configure the port number of the HTTPS service as 6000. 36

[Sysname] ip https port 6000 ip https ssl-server-policy lock Use ip https ssl-server-policy to associate the HTTPS service with an SSL server-end policy. Use undo ip https ssl-server-policy to remove the association. By default, the HTTPS service is not associated with any SSL server-end policy. The HTTPS service can be enabled only after this command is configured successfully. With the HTTPS service enabled, you cannot modify the associated SSL server-end policy or remove the association between the HTTPS service and the SSL server-end policy after the HTTPS service is enabled. Related commands: display ip https; ssl server-policy (Security Command Reference). ip https ssl-server-policy policy-name undo ip https ssl-server-policy System view policy-name: Name of an SSL server policy, which is a string of 1 to 16 characters. # Associate the HTTPS service with SSL server-end policy myssl. [Sysname] ip https ssl-server-policy myssl Use lock to lock the user interface. This method prevents unauthorized users from using the user interface. When entering lock, you are asked to enter a password (up to 16 characters) and then confirm it by inputting the password again. After locking the user interface, you must press Enter and enter the correct password the next time you enter this user interface. By default, this function is disabled. lock User view 37

None # Lock the current user interface. <Sysname> lock Please input password<1 to 16> to lock current user terminal interface: Password: Again: locked! parity Password: <Sysname> Use parity to set a parity check method. Use undo parity to restore the default. By default, no parity check is performed. This command is only applicable to asynchronous serial interfaces (including AUX and console ports). The parity check setting must be the same for the user interfaces of the connecting ports on the device and the target terminal device for communication. parity { even mark none odd space } undo parity User interface view 2: System level even: Performs an even parity check. mark: Performs a mark parity check. 38

none: Performs no parity check. odd: Performs an odd parity check. space: Performs a space parity check. # Configure the AUX port to perform odd parity check. [Sysname] user-interface aux 0 [Sysname-ui-aux0] parity odd protocol inbound Use protocol inbound to enable the current user interface to support either Telnet, PAD, SSH, or all of them. The configuration takes effect next time you log in. Use undo protocol inbound to restore the default. By default, all the three protocols are supported. Before configuring a user interface to support SSH, set the authentication mode to scheme for the user interface; otherwise, protocol inbound ssh fails. For more information, see authentication-mode. By default, the authentication mode of the Telnet protocol is password. protocol inbound { all pad ssh telnet } undo protocol inbound VTY interface view all: Supports all the three protocols: Telnet, SSH, and PAD. pad: Supports PAD only. ssh: Supports SSH only. telnet: Supports Telnet only. # Enable the VTYs 0 through 4 to support SSH only. [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] authentication-mode scheme [Sysname-ui-vty0-4] protocol inbound ssh redirect disconnect 39

Use redirect disconnect to manually terminate redirected telnet connections. The redirect disconnect command is supported by the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect disconnect User interface view 2: System level None # Manually terminate redirected Telnet connections. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect disconnect redirect enable Use redirect enable to enable redirection on an asynchronous serial interface. Use undo redirect enable to disable this function. By default, the redirection function is disabled. The redirect enable commands are supported by the AUX and TTY user interfaces only. Before using the redirection function or configuring redirection service-related parameters, use this command to enable redirection. The stop bit setting must be the same for the user interfaces of the connecting ports on the device and the target terminal device for communication. Before enabling redirection, use stopbit-error intolerance to check their settings. Related commands: telnet and display tcp status. redirect enable undo redirect enable User interface view 2: System level 40

None # Enable redirection on user interface TTY 7. [Sysname] user-interface tty 7 [Sysname-ui-tty7] redirect enable redirect listen-port Use redirect listen-port to specify a listening port for redirected Telnet connections. Use undo redirect listen-port to restore the default listening port. The default number of the listening port for redirected Telnet connections equals the absolute user interface number plus 2000. The redirect listen-port command is supported by the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect listen-port port-number undo redirect listen-port User interface view 2: System level port-number: Number of the listening port, in the range of 2000 to 50000. # Configure port 3000 as the listening port for the redirected Telnet connections. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect listen-port 3000 redirect refuse-negotiation Use redirect refuse-negotiation to disable Telnet option negotiation when the device is establishing a redirected Telnet connection. Use undo redirect refuse-negotiation to enable Telnet option negotiation when the device is establishing a redirected Telnet connection. By default, Telnet option negotiation is enabled. 41

The redirect refuse-negotiation command is supported by the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect refuse-negotiation undo redirect refuse-negotiation User interface view 2: System level None # Disable Telnet option negotiation when the device is establishing a redirected Telnet connection. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect refuse-negotiation redirect refuse-teltransfer Use redirect refuse-teltransfer to configure not to convert the ASCII characters of 0xff to 0xff 0xff when the user interface is establishing a redirected Telnet connection. Use undo redirect refuse-teltransfer to restore the default. By default, the ASCII characters of 0xff are converted to 0xff 0xff when the user interface is establishing a redirected Telnet connection. The device filters the characters of 0xff sent by the Telnet client when establishing a redirected Telnet connection. To make these characters forwarded to the Telnet server, 0xff needs to be converted to 0xff 0xff so the device filters one string of 0xff and forwards the other string to be forwarded. If the Telnet client does not send the characters of 0xff, execute the command to configure the user interface not to perform the conversion. The redirect refuse-teltransfer command is supported on AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect refuse-teltransfer undo redirect refuse-teltransfer User interface view 42

2: System level None # Configure the user interface not to convert the ASCII characters of 0xff to 0xff 0xff when establishing a redirected Telnet connection. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect refuse-teltransfer redirect return-deal from-telnet Use redirect return-deal from-telnet to enable the device to process the carriage returns sent by Telnet clients. In other words, the device substitutes 0x0d for 0x0d 0x0a and 0x0d 0x00. Use undo redirect return-deal from-telnet to restore the default. By default, carriage returns sent by Telnet clients are not processed. The redirect return-deal from-telnet command is supported on the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect return-deal from-telnet undo redirect return-deal from-telnet User interface view 2: System level None # Enable the device to process carriage returns sent by Telnet clients. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect return-deal from-telnet redirect return-deal from-terminal Use redirect return-deal from-telnet to enable the user interface to process the carriage returns sent by terminals (a PC connected to the console port, for example) when the user interface is redirecting a telnet connection. In other words, the device substitutes 0x0d for 0x0d 0x0a and 0x0d 0x00. 43

Use undo redirect return-deal from-terminal to restore the default. By default, the carriage returns sent by terminals are not processed, but forwarded by the user interface redirecting a telnet connection. The redirect return-deal from-telnet command is supported on the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect return-deal from-terminal undo redirect return-deal from-terminal User interface view 2: System level None # Enable user interface tty 1 to process the carriage returns sent from terminals when redirecting a telnet connection. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect return-deal from-terminal redirect timeout Use redirect timeout to set the idle timeout for redirected telnet connections. When the timer of a connection expires, the connection is terminated. Use undo redirect timeout to allow the system to maintain a redirected telnet connection until you tears down the connection. By default, the idle timeout is 360 seconds. The redirect timeout commands are supported on the AUX and TTY user interfaces only. This command is applicable to user interfaces on which redirection is enabled. To enable redirection on a user interface, use redirect enable. redirect timeout time undo redirect timeout User interface view 2: System level 44

time: Idle timeout, which ranges from 30 to 86400 seconds. # Set the idle timeout for redirected telnet connections to 200 seconds. [Sysname] user-interface tty 1 [Sysname-ui-tty1] redirect timeout 200 screen-length send Use screen-length to set the number of lines on the next screen. Use undo screen-length to restore the default. By default, the next screen displays 24 lines. When screen output pauses, press the Space key to display the next screen. Not all terminals support this command setting. For example, assume that you set screen-length to 40, but the terminal can display 24 lines in one screen at most. When you press Space, the device sends 40 lines to the terminal, but the next screen displays only lines 18 through 40. To view the first 17 lines, you must press the page up or page down key. To disable multiple-screen output of the current user interface, use screen-length disable. For more information about screen-length disable, see CLI configuration commands. screen-length screen-length undo screen-length User interface view 2: System level screen-length: Number of lines on the next screen, which ranges from 0 to 512. The value of 0 disables pausing between screens of output. # Set the next screen of the user interface of console port 0 to display 30 lines. [Sysname] user-interface console 0 [Sysname-ui-console0] screen-length 30 Use send to send messages to the specified user interfaces. 45

To end message input, press Ctrl+Z. To cancel message input and return to user view, press Ctrl+C. send { all num1 { aux console tty vty } num2 } User view 1: Monitor level all: Sends messages to all user interfaces. num1: Absolute number of a user interface, which typically starts from 0. aux: Specifies the AUX user interface. console: Specifies the console user interface. tty: Specifies the TTY user interface. vty: Specifies the VTY user interfaces. num2: Relative number of a user interface. # Send message hello abc to the user interface of console port 0. <Sysname> send console 0 Enter message, end with CTRL+Z or Enter; abort with CTRL+C: hello abc^z Send message? [Y/N]:y <Sysname> *** *** ***Message from con0 to con0 *** hello abc <Sysname> # Assume you are using VTY 0. Before you restart the device, to inform users accessing the device through other user interfaces, perform the following steps. Display information about all users <Sysname> display users The user application information of the user interface(s): Idx UI Delay Type Userlevel + 82 VTY 0 00:00:00 TEL 3 83 VTY 1 00:00:03 TEL 3 Following are more details. 46

VTY 0 : VTY 1 : Location: 192.168.1.26 Location: 192.168.1.20 + : Current operation user. F : Current operation user work in async mode. // The output shows that a user is using VTY 0. <Sysname> send vty 1 Enter message, end with CTRL+Z or Enter; abort with CTRL+C: Note please, I will reboot the system in 3 minutes!^z Send message? [Y/N]:y // A message is sent to VTY 1, telling the system will reboot in 3 minutes. If a user is trying to log in through VTY 1, the message appears. (VTY 1 receives the message from VTY 0 when the interface ethernet command is entered.) [Sysname] interface eth *** *** ***Message from vty0 to vty1 *** Note please, I will reboot the system in 3 minutes! set authentication password Use set authentication password to set an authentication password. Use undo set authentication password to remove the local authentication password. By default, no local authentication password is set. No matter whether the password format is plain text or cipher text, you must enter the password in plain text during authentication. A plain text password easily gets cracked; therefore, HP recommends a cipher text password. Related commands: authentication-mode. set authentication password { cipher simple } password undo set authentication password User interface view cipher: Cipher text password. simple: Plain text password. 47

shell password: A case-sensitive string. If the password format is simple, the password argument must be in plain text, and the configuration file saves the password in plain text. If the format is cipher, password can be either in cipher text or in plain text, and the configuration file always saves the password in cipher text. A plain text password can be a string of no more than 16 characters, 1234567, for example. A cipher text password or the encrypted version of the plain text password comprises 24 characters, such as _(TT8F]Y\5SQ=^Q`MAF4<1!!. # Set the local authentication password for the user interface of console port 0 to hello. [Sysname] user-interface console 0 [Sysname-ui-console0] authentication-mode password [Sysname-ui-console0] set authentication password cipher hello Next time you enter the system, the password is required. Use shell to enable terminal services on the current user interface. Use undo shell to disable terminal services on the current user interface. The console user interface does not support undo shell. The AUX user interface does not support undo shell when the device has only one AUX port and no console port. You cannot disable the terminal services on the user interface where you are logged in. By default, terminal services are enabled on all user interfaces. shell undo shell User interface view None # Disable terminal services on VTYs 0 through 4, which means you cannot log in to the device through VTYs 0 through 4. [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] undo shell % Disable ui-vty0-4, are you sure? [Y/N]:y [Sysname-ui-vty0-4] The following message appears when a terminal tries to telnet to the device: 48

The connection was closed by the remote host! speed (user interface view) Use speed to set the transmission rate on the user interface. Use undo speed to restore the default transmission rate. By default, the transmission rate is 9600 bps. The command is only applicable to asynchronous serial interfaces (including AUX and console ports). The transmission rate setting must be identical for the user interfaces of the connecting ports on the device and the target terminal device for communication. speed speed-value undo speed User interface view 2: System level speed-value: Transmission rate in bps. The transmission rates available with asynchronous serial interfaces include: 300 bps 600 bps 1200 bps 2400 bps 4800 bps 9600 bps 19200 bps 38400 bps 57600 bps 115200 bps The transmission rate varies with devices and configuration environment. # Set the transmission rate on the user interface AUX 0 to 19200 bps. [Sysname] user-interface aux 0 [Sysname-ui-aux0] speed 19200 stopbit-error intolerance 49

Use stopbit-error intolerance to enable the interface to detect the stop bits. Use undo stopbit-error intolerance to restore the default. By default, the stop bits are not detected. The command is only applicable to asynchronous serial interfaces (including AUX and console ports). stopbit-error intolerance undo stopbit-error intolerance User interface view 2: System level None stopbits # Configure user interface AUX 0 to detect the stop bits. [Sysname] user-interface aux 0 [Sysname-ui-aux0] stopbit-error intolerance Use stopbits to set the number of stop bits transmitted per byte. Use undo stopbits to restore the default. By default, the stop bit is one. The command is only applicable to asynchronous serial interfaces (including AUX and console ports). The stop bits setting must be the identical for the user interfaces of the connecting ports on the device and the target device for communication. stopbits { 1 1.5 2 } undo stopbits User interface view 2: System level 1: One stop bit. 50

telnet 1.5: One and a half stop bits. 2: Two stop bits. # Set the stop bits on the user interface AUX 0 to 1.5. [Sysname] user-interface aux 0 [Sysname-ui-aux0] stopbits 1.5 Use telnet to telnet to a remote host. To terminate the current Telnet connection, press Ctrl+K or use quit. The source IPv4 address or source interface specified by this command is applicable to the current Telnet connection only. telnet remote-host [ service-port ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number ip ip-address } ] User view 0: Visit level remote-host: IPv4 address or host name of a remote host, a case-insensitive string of 1 to 20 characters. service-port: TCP port number of the Telnet service on the remote host. It ranges from 0 to 65535 and defaults to 23. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN the remote system belongs to, where vpninstance-name is a case-sensitive string of 1 to 31 characters. If the remote system is on the public network, do not specify this option. source: Specifies the source interface or source IPv4 address of Telnet packets. interface interface-type interface-number: Specifies the source interface. The source IPv4 address of the Telnet packets sent is the IPv4 address of the specified interface. interface-type interface-number represents the interface type and number. ip ip-address: Specifies the source IPv4 address of Telnet packets. # Telnet to the remote host 1.1.1.2, specifying the source IP address of Telnet packets as 1.1.1.1. <Sysname> telnet 1.1.1.2 source ip 1.1.1.1 51

telnet client source Use telnet client source to specify the source IPv4 address or source interface for sending telnet packets when the device serves as a telnet client. Use undo telnet client source to remove the source IPv4 address or source interface for sending telnet packets. By default, no source IPv4 address or source interface for sending telnet packets is specified. The source IPv4 address is selected by routing. The source IPv4 address or source interface specified by this command is applicable to all Telnet connections. If you use both this command and the telnet command to specify the source IPv4 address or source interface, the source IPv4 address or interface specified by the telnet command takes effect. Related commands: display telnet client configuration. telnet client source { interface interface-type interface-number ip ip-address } undo telnet client source System view 2: System level telnet ipv6 interface interface-type interface-number: Specifies the source interface. The source IPv4 address of the Telnet packets sent is the IPv4 address of the specified interface. interface-type interface-number represents the interface type and number. ip ip-address: Specifies the source IPv4 address of Telnet packets. # Specify the source IPv4 address for sending telnet packets when the device serves as a telnet client as 1.1.1.1. [Sysname] telnet client source ip 1.1.1.1 Use telnet ipv6 to telnet to a remote host in an IPv6 network. To terminate the current Telnet connection, press Ctrl+K or use quit. telnet ipv6 remote-host [ -i interface-type interface-number ] [ port-number ] [ vpn-instance vpn-instancename ] 52

User view 0: Visit level remote-host: IP address or host name of a remote host, a case-insensitive string of 1 to 46 characters. -i interface-type interface-number: Specifies the outbound interface for sending Telnet packets, where interface-type interface-number represents the interface type and number. If the destination address is a link-local address, provide the i interface-type interface-number argument. port-number: TCP port number for the remote host to provide the Telnet service. It ranges from 0 to 65535 and defaults to 23. vpn-instance vpn-instance-name: Specifies the MPLS L3VPN the remote system belongs to, where vpninstance-name is a case-sensitive string of 1 to 31 characters. If the remote system is on the public network, do not specify this option. # Telnet to the remote host with the IPv6 address 5000::1. <Sysname> telnet ipv6 5000::1 telnet server enable Use telnet server enable to enable the Telnet server. Use undo telnet server enable to disable the Telnet server. The Telnet server is disabled by default. telnet server enable undo telnet server enable System view None # Enable the Telnet server. [Sysname] telnet server enable terminal type 53

Use terminal type to configure the type of terminal display of the current user interface. Use undo terminal type to restore the default. By default, the terminal display type is ANSI. The device supports two types of terminal display: ANSI and VT100. HP recommends setting the display type of both the device and the client to VT100. If the device and the client use different display types (for example, hyper terminal or Telnet terminal) or both are set to ANSI, when the total number of characters of the currently edited command line exceeds 80, an anomaly, such as cursor corruption or abnormal display of the terminal display, may occur on the client. terminal type { ansi vt100 } undo terminal type User interface view 2: System level ansi: Specifies the terminal display type as ANSI. vt100: Specifies the terminal display type as VT100. # Set the terminal display type to VT100. [Sysname] user-interface vty 0 [Sysname-ui-vty0] terminal type vt100 user privilege level Use user privilege level to configure the user privilege level. Users logging into the user interface are assigned a user privilege level. Use undo user privilege level to restore the default. By default, the default command level is 3 for the console user interface and 0 for other user interfaces. user privilege level level undo user privilege level User interface view 54

level: Specifies a user privilege level, which ranges from 0 to 3. User privilege levels include visit, monitor, system, and manage; and represented by the number 0, 1, 2, and 3, respectively. The administrator can change the user privilege level when necessary. # Set the command level for users logging in through VTY 0 to 0. [Sysname] user-interface vty 0 [Sysname-ui-vty0] user privilege level 0 After you telnet to the device through VTY 0, the terminal only displays commands of level 0 in the help information: <Sysname>? User view commands: cluster Run cluster command display Display current system information ping quit rsh ssh2 super telnet user-interface Ping function Exit from current command view Establish one RSH connection Establish a secure shell client connection Set the current user priority level Establish one TELNET connection tracert Trace route function Use user-interface to enter a single or multiple user interface views. In a single user interface view, the configuration takes effect in the user view only. In multiple user interface views, the configuration takes effect in these user views. user-interface { first-num1 [ last-num1 ] { aux console tty vty } first-num2 [ last-num2 ] } System view 2: System level first-num1: Absolute number of the first user interface, which typically starts from 0. last-num1: Absolute number of the last user interface. It typically starts from 0, and cannot be smaller than the first-num1. aux: Specifies the AUX user interface. console: Specifies the console user interface. 55

tty: Specifies the TTY user interface. vty: Specifies the VTY user interfaces. first-num2: Relative number of the first user interface. last-num2: Relative number of the last user interface. It cannot be smaller than first-num 2. # Enter the console user interface view. [Sysname] user-interface console 0 [Sysname-ui-console0] # Enter the user interface views of VTYs 0 to 4. [Sysname] user-interface vty 0 4 [Sysname-ui-vty0-4] 56

Device management commands The following matrix shows the feature and router compatibility: Feature A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 Supported storage medium Flash memory USB disk Flash memory USB disk CF card USB disk Flash memory (supported by the A-MSR30-10, A- MSR30-11E, and A- MSR30-11F) CF card (supported by the A-MSR30-16, A- MSR30-20, A-MSR30-40, and A- MSR30-60) Flash memory (not supported by the MPUF) CF card USB disk USB disk card-mode Flash memory is exemplified in this document. Use card-mode to set the working mode of an interface card. The following matrix shows the command and router compatibility: Command Parameter A- MSR900 A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 card-mode slot No No Yes Yes Yes To make the configured working mode take effect, restart the device or hot swap the interface card (if the interface card supports hot swapping) after you change the working mode. card-mode slot slot-number mode-name System view 2: System level 57

slot slot-number: Specifies slot number of an interface card. mode-name: Working mode of the specified interface card. This argument might take the following values: e1: Sets the working mode of the CPOS interface card to E1. t1: Sets the working mode of the CPOS interface card to T1. ipsec: Sets the working mode of the ESM interface card to IPsec. ssl: Sets the working mode of the ESM interface card to SSL. atm: Sets the working mode of the G.SHDSL.BIS interface card to ATM. auto: Sets the working mode of the G.SHDSL.BIS interface card to Auto. efm: Sets the working mode of the G.SHDSL.BIS interface card to EFM. # Set the working mode of the G.SHDSL.BIS interface card in slot 5 to EFM. [Sysname] card-mode slot 5 efm clock datetime Use clock datetime to set the current time and date of the device. You can leave the ss field blank when you specify the time parameters. Related commands: clock summer-time one-off, clock summer-time repeating, clock timezone, and display clock. clock datetime time date User view time: Configured time, in the hh:mm:ss format. The hh value ranges from 00 to 23; the mm value ranges from 00 to 59; and the ss value ranges from 00 to 59. Zeros can be omitted, unless you specify 00:00:00. date: Configured date, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value ranges from 2000 to 2035; the MM value ranges from 1 to 12; and the DD value ranges from 1 to 31. # Set the current system time to 14:10:20 08/01/2005. <Sysname> clock datetime 14:10:20 8/1/2005 # Set the current system time to 00:06:00 01/01/2007. <Sysname> clock datetime 0:6 2007/1/1 58

clock summer-time one-off Use clock summer-time one-off to adopt daylight saving time from the start-time of the start-date to the end-time of the end-date. Daylight saving time adds the add-time to the standard time of the device. Use undo clock summer-time to cancel the configuration of the daylight saving time. By default, daylight saving time is configured on the device, and the universal time coordinated (UTC) time zone is applied. To view your configuration after it takes effect, use display clock. The time displayed in the log or debug information is the adjusted local time. The time range from start-time in start-date to end-time in end-date must be longer than one day and shorter than one year. Otherwise, the argument is considered as invalid and the configuration fails. If the standard time of the device is in the time range specified with this command, the system time automatically adds add-time after the execution of this command. Related commands: clock datetime, clock summer-time repeating, clock timezone, and display clock. clock summer-time zone-name one-off start-time start-date end-time end-date add-time undo clock summer-time System view zone-name: Specifies a daylight saving time by its zone name, a case-sensitive string of 1 to 32 characters. start-time: Start time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. start-date: Start date, in the MM/DD/YYYY or YYYY/MM/DD format. end-time: End time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. end-date: End date, in the MM/DD/YYYY or YYYY/MM/DD format. add-time: Time added to the standard time of the device, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. # For daylight saving time in abc1 between 06:00:00 on 08/01/2006 and 06:00:00 on 09/01/2006, set the system clock ahead one hour. [Sysname] clock summer-time abc1 one-off 6 08/01/2006 6 09/01/2006 1 clock summer-time repeating Use clock summer-time repeating to adopt the daylight saving time repeatedly. 59

Use undo clock summer-time to cancel the configuration of the daylight saving time. By default, daylight saving time is configured on the device, and the UTC time zone is applied. For example, if you specify start-date and start-time as 2008/6/6 and 00:00:00, end-date and end-time to 2008/10/01 and 00:00:00, and add-time to 01:00:00, the daylight saving time range is from 00:00:00 of June 6 to 00:00:00 of October 1 each year from 2008 (2008 inclusive). The daylight saving time adds one hour to the standard time of the device. To view the result after the configuration takes effect, use display clock. The time displayed in the log or debug information is the adjusted local time. The time range from start-time in start-date to end-time in end-date must be longer than one day and shorter than one year. Otherwise, the argument is considered as invalid and the configuration fails. If the standard time of the device is in the time range specified with this command, the system time automatically adds add-time after the execution of this command. Related commands: clock datetime, clock summer-time one-off, clock timezone, and display clock. clock summer-time zone-name repeating start-time start-date end-time end-date add-time undo clock summer-time System view zone-name: Name of the daylight saving time, which is a string of 1 to 32 characters. start-time: Start time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. start-date: Start date, set in the following ways: Enter the year, month, and date at one time, in the MM/DD/YYYY or YYYY/MM/DD format. Enter the year, month, and date one by one, separated by spaces. The year ranges from 2000 to 2035; the month can be January, February, March, April, May, June, July, August, September, October, November, or December; the start week can be the first, second, third, fourth, fifth, or last week of the month; the start date is Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday. end-time: End time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. end-date: End date, set in the following ways: Enter the year, month and date at one time, in the MM/DD/YYYY or YYYY/MM/DD format. Enter the year, month and date one by one, separated by spaces. The year ranges from 2000 to 2035; the month can be January, February, March, April, May, June, July, August, September, October, November, or December; the end week can be the first, second, third, fourth, fifth, or last week of the month; the end date is Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, or Saturday. add-time: Time added to the standard time of the device, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. 60

# For the daylight saving time in abc2 between 06:00:00 on 08/01/2007 and 06:00:00 on 09/01/2007 and from 06:00:00 08/01 to 06:00:00 on 09/01 each year after 2007, set the system clock ahead one hour. [Sysname] clock summer-time abc2 repeating 06:00:00 08/01/2007 06:00:00 09/01/2007 01:00:00 clock timezone Use clock timezone to set the local time zone. Use undo clock timezone to restore the local time zone to the default UTC time zone. By default, the local time zone is UTC zone. To view the result after the configuration takes effect, use display clock. The time displayed in the log or debug information is the specified local time zone. Related commands: clock datetime, clock summer-time one-off, clock summer-time repeating, and display clock. clock timezone zone-name { add minus } zone-offset undo clock timezone System view zone-name: Specifies a time zone by its name, a case-sensitive string of 1 to 32 characters. add: Adds a specified offset to UTC time. minus: Subtracts a specified offset to UTC time. zone-offset: Specifies an offset to the UTC time, in the hh:mm:ss format. Zeros can be omitted, unless you specify 00:00:00. # Set the name of the local time zone to Z5, five hours ahead of UTC time. [Sysname] clock timezone z5 add 5 configure-user count Use configure-user count to configure the number of users allowed to enter system view at the same time. Use undo configure-user count to restore the default. 61

Two users are allowed to configure in system view by default. When multiple users enter system view to configure certain attribute, only the last configuration applies. When the number of users has already reached the limit, other users cannot enter system view. Related commands: display configure-user. The following matrix shows the command and router compatibility: Command Parameter A-MSR900 configure-user count number Value range: 1 to 86 A-MSR20-1X Value range: 1 to 86 A-MSR20 A-MSR30 A-MSR50 Value range: 1 to 87 Value range: 1 to 183 Value range: 1 to 535 configure-user count number undo configure-user count System view 2: System level number: Number of users. # Configure the limit of users as 4. [Sysname] configure-user count 4 copyright-info enable Use copyright-info enable to enable displaying the copyright statement. Use undo copyright-info enable to disable displaying the copyright statement. By default, this feature is enabled. copyright-info enable undo copyright-info enable System view 62

None # Enable displaying the copyright statement. [Sysname] copyright-info enable If a user logs in to the device through Telnet, the following statement is displayed: ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** <Sysname> If a user has already logged in through the console port, and then quits user view, the following statement is displayed: ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** User interface con0 is available. Please press ENTER. # Disable displaying the copyright statement. [Sysname] undo copyright-info enable If a user logs in to the device through Telnet, the following information is displayed: <Sysname> If a user has already logged in through the console port, and then quits user view, the following information is displayed: User interface con0 is available. Please press ENTER. display clock Use display clock to view the system time and date. 63

The system time and date are decided by the clock datetime, clock summer-time one-off (or clock summer-time repeating), and clock timezone commands. For more information about how the system time and date are decided, see Device management in the Fundamentals Configuration Guide. Related commands: clock datetime, clock summer-time one-off, clock summer-time repeating, and clock timezone. display clock [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the system time and date. <Sysname> display clock 09:41:23 UTC Thu 12/15/2005 display configure-user Use display configure-user to display the users logged in to the device and are not in user view. Related commands: configure-user count. display configure-user [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. 64

include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the users entering system view at the same time. <Sysname> display configure-user The information of current configuration user(s): Idx UI Delay Type Userlevel + 178 VTY 0 01:10:16 TEL 3 + 179 VTY 1 00:00:00 TEL 3 Following are more details. VTY 0 : VTY 1 : Location: 192.168.1.59 Location: 192.168.1.54 + : User-interface is active. F display cpu-usage : User-interface is active and work in async mode. Use display cpu-usage to display CPU usage statistics. The system collects the CPU usage statistics every 60 seconds and saves the statistics in the history record area. The maximum number of records being saved depends on the device model. display cpu-usage entry-number displays entry-number records starting with the newest (last) record. display cpu-usage entrynumber offset indicates the system displays number records from the last but offset record. display cpu-usage [ number [ offset ] [ verbose ] [ from-device ] ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level number: Number of entries to be displayed, which ranges from 1 to 60. offset: Offset between the serial number of the first CPU usage rate record to be displayed and that of the last CPU usage rate record to be displayed. It ranges from 0 to 59. For example, the idx of the latest statistics record is 12. If the offset is set to 3, the system will display the statistics records from the one with the idx of 9, where idx represents the serial number of the period for the statistics, and its value ranges from 0 to 60 cyclically. The system collects CPU usage rates periodically, and the system records the average CPU usage rate during this period, and the idx value is added by 1 automatically. 65

verbose: Displays detailed information of CPU usage rates. If this keyword is provided, the system displays the average CPU usage rate for each task in the specified period. If this keyword is not provided, the system displays the brief information of the CPU usage rates. from-device: Displays the external storage medium, such as a Flash or hard disk. The device currently does not support the from-device keyword. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display CPU usage statistics. <Sysname> display cpu-usage Unit CPU usage: 1% in last 5 seconds 1% in last 1 minute 1% in last 5 minutes # Display the last fifth and sixth records in the CPU usage statistics. <Sysname> display cpu-usage 2 4 ===== CPU usage info (no: 0 idx: 58) ===== CPU Usage Stat. Cycle: 60 (Second) CPU Usage : 3% CPU Usage Stat. Time : 2006-07-10 10:56:55 CPU Usage Stat. Tick : 0x1d9d(CPU Tick High) 0x3a659a70(CPU Tick Low) Actual Stat. Cycle : 0x0(CPU Tick High) 0x95030517(CPU Tick Low) ===== CPU usage info (no: 1 idx: 57) ===== CPU Usage Stat. Cycle: 60 (Second) CPU Usage : 3% CPU Usage Stat. Time : 2006-07-10 10:55:55 CPU Usage Stat. Tick : 0x1d9c(CPU Tick High) 0xa50e5351(CPU Tick Low) Actual Stat. Cycle : 0x0(CPU Tick High) 0x950906af(CPU Tick Low) Table 6 Command output Field Unit CPU usage 1% in last 5 seconds 1% in last 1 minute CPU usage rates After the device boots, the system calculates and records the average CPU usage rate every five seconds. This field displays the average CPU usage rate in the last five seconds. After the device boots, the system calculates and records the average CPU usage rate every one minute. This field displays the average CPU usage rate in the last minute. 66

Field 1% in last 5 minutes CPU usage info (no: idx:) CPU Usage Stat. Cycle CPU Usage CPU Usage Stat. Time CPU Usage Stat. Tick Actual Stat. Cycle After the device boots, the system calculates and records the average CPU usage rate every five minutes. This field displays the average CPU usage rate in the last five minutes. Information of CPU usage rate records (no: The (no+1)th record is currently displayed. no numbers from 0, a smaller number equals a newer record. idx: index of the current record in the history record table). If only the information of the current record is displayed, no and idx are not displayed. CPU usage rate measurement interval, in seconds. For example, if the value is 41, it indicates the average CPU usage rate during the last 41 seconds is calculated. The value range of this field is 1 to 60. Average CPU usage rate in a measurement interval, in percentage. CPU usage rate statistics time in seconds, that is, the system time when the command is executed. System runtime in ticks, represented by a 64-bit hexadecimal. CPU Tick High represents the most significant 32 bits and the CPU Tick Low the least significant 32 bits. Actual CPU usage rate measurement interval in ticks, represented by a 64- bit hexadecimal. CPU Tick High represents the most significant 32 bits and the CPU Tick Low the least significant 32 bits. Owing to the precision of less than one second, the actual measurement periods of different CPU usage rate records might differ slightly. display cpu-usage history Use display cpu-usage history to display the historical CPU usage statistics in a chart. If no argument is provided, the system displays the historical CPU usage statistics of the whole system. The system collects the historical CPU usage statistics at a certain interval and saves the statistics in the history record area. You can use display cpu-usage history to display the history CPU usage rates in the last 60 minutes. The historical CPU usage statistics is displayed through x and y coordinates. Any CPU utilization statistics value takes the closest y-coordinate value. For example, a statistics value of 53% is displayed as 55%, and a statistics value of 52% is displayed as 50%. A number sign (#) shows the CPU usage rate at a time point. If more than one number sign exists at a time point, the highest one represents the CPU usage rate of the time point. display cpu-usage history [ task task-id ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level 67

task task-id: Displays the historical CPU usage statistics for the specified task, where task-id represents the task number. If the task-id argument is not provided, the system displays the history CPU usage rates of the entire system (the CPU usage rates of the entire system is the sum of CPU usage rates of all tasks). : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display historical CPU usage statistics. <Sysname> display cpu-usage history 100% 95% 90% 85% 80% 75% 70% 65% 60% 55% 50% 45% 40% 35% 30% 25% 20% 15% # 10% ### # 5% ######## ------------------------------------------------------------ 10 20 30 40 50 60 (minutes) cpu-usage last 60 minutes(system) The output shows the historical CPU usage statistics of the whole system (with the task name SYSTEM) in the last 60 minutes: 5%: 12 minutes ago 10%: 13 minutes ago 15%: 14 minutes ago 10%: 15 minutes ago 5%: 16 and 17 minutes ago 10%: 18 minutes ago 68

5%: 19 minutes ago 2% or lower than 2%: other time # Display the historical CPU usage statistics for task 6. <Sysname> display cpu-usage history task 6 100% 95% 90% 85% 80% 75% 70% 65% 60% 55% 50% 45% 40% 35% 30% 25% 20% 15% 10% 5% # ------------------------------------------------------------ 10 20 30 40 50 60 (minutes) cpu-usage last 60 minutes(t03m) The output shows the historical CPU usage statistics for task 6 (with the task name T03M) in the last 60 minutes: 5%: 20 minutes ago display device 2% or lower than 2%: other time Use display device to display hardware information. If the cf-card and usb keywords are not provided, the system displays information of all cards on the device. The following matrix shows the command and router compatibility: 69

Command Parameter A-MSR900 A-MSR20-1X display device cf-card No No Yes A-MSR20 A-MSR30 A-MSR50 Yes (except the A-MSR30-10, A- MSR30-11E, and A-MSR30-11F) display device usb Yes Yes Yes Yes Yes Yes display device [ cf-card usb ] [ slot slot-number verbose ] [ { begin exclude include } regularexpression ] Any view 2: System level cf-card: Displays information about CF cards. usb: Displays information about the device connected with the USB interface. slot slot-number: Displays information about the specified interface card. The slot-number argument represents the slot number of an interface card. verbose: Displays detailed information. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display device information. <Sysname> display device Slot No. Board Type Status Max Ports 0 AR19-62 RPU Board Normal 12 1 SIC-1FEA Normal 1 Table 7 Command output Field Slot No. Slot number of a card. 70

Field Brd Type Status Max Ports Hardware type of a card. Card status: Fault: Error occurred and the card cannot start normally. Normal: The card functions normally. Maximum number of physical ports a card supports. display device manuinfo Use display device manuinfo to display the electronic label data for the device. Electrical label data is also called permanent configuration data or archive information, which is written to the storage medium of the device during debugging or test. The information includes name of the card, device serial number, and vendor name. This command displays part of the electronic label data for the device. display device manuinfo [ slot slot-number ] [ { begin exclude include } regular-expression ] Any view slot slot-number: Displays the electronic label data for the specified interface card. The slot-number argument represents the slot number of an interface card. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the electronic label data. <Sysname> display device manuinfo slot 0 DEVICE_NAME : NONE DEVICE_SERIAL_NUMBER : NONE MAC_ADDRESS MANUFACTURING_DATE VENDOR_NAME slot 1 : NONE : NONE : NONE The card does not support manufacture information. 71

Table 8 Command output Field DEVICE_NAME DEVICE_SERIAL_NUMBER MAC_ADDRESS MANUFACTURING_DATE VENDOR_NAME Device name Device serial number MAC address of the device Manufacturing date of the device Vendor name display diagnostic-information Use display diagnostic-information to display or save operating statistics for multiple feature modules in the system. For diagnosis or troubleshooting, you can use separate display commands to collect running status data module by module, or use display diagnostic-information to bulk collect running data for multiple modules. The display diagnostic-information command equals this set of commands: display clock, display version, display device, and display current-configuration. display diagnostic-information [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Save the operating statistics for multiple feature modules in the system. <Sysname> display diagnostic-information Save or display diagnostic information (Y=save, N=display)?[Y/N]y Please input the file name(*.diag)[flash:/default.diag]:aa.diag Diagnostic information is outputting to flash:/aa.diag. Please wait... Save succeeded. To view the content of file aa.diag, execute the more.aa.diag command in user view, in combination of the Page Up and Page Down keys. 72

# Display the operating statistics for multiple feature modules in the system. <Sysname> display diagnostic-information Save or display diagnostic information (Y=save, N=display)? [Y/N]:n ================================================= ===============display clock=============== ================================================= 08:54:16 UTC Fri 11/15/2008 =================================================== ===============display version=============== =================================================== Omitted display environment Use display environment to display the temperature information, including the current temperature and temperature thresholds of cards. Use display environment cpu to display the temperature information of all CPUs on the device. The following matrix shows the command and router compatibility: Command Parameter A-MSR900 display environment cpu No No A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 Yes (The cpu keyword is not supported) Yes (The cpu keyword is not supported) Yes display environment [ cpu ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level cpu: Displays temperature information of the CPUs on the device. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. 73

# Display the temperature information of the device. <Sysname> display environment System Temperature information (degree centigrade): ---------------------------------------------------- SlotNo Temperature Lower limit Upper limit 0 41 5 60 # Display temperature information of all the CPUs on the device. <Sysname> display environment cpu CPU Temperature information (degree centigrade): ------------------------------------------------- SlotNO Temperature Lower limit Upper limit 0 29 12 63 Table 9 Command output Field System Temperature information (degree centigrade) CPU Temperature information (degree centigrade) SlotNO Temperature Lower limit Upper limit Temperature information of system cards Temperature information of cards of the system (degree centigrade) Number of the slot in which the card resides Current temperature Lower limit of temperature Upper limit of temperature display fan Use display fan to display the operating state of built-in fans. The following matrix shows the command and router compatibility: Command Parameter A-MSR900 display fan fan-id No No A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 Yes Yes Yes Value: 1 Value: 1 Value: 1 display fan [ fan-id ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level 74

fan-id: Displays the operating state of the specified fan, where fan-id represents the built-in fan number. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. display job begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the operating state of all fans in a device. <Sysname> display fan Fan 1 State: Normal Use display job to display the configuration of jobs configured by using job. If no argument is specified, this command displays information about all scheduled jobs. Related commands: job, time, and view. display job [ job-name ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level job-name: Specifies the task name, which is a string of 1 to 32 characters. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display detailed information about the scheduled job saveconfig. <Sysname> display job saveconfig Job name: saveconfig Specified view: monitor Time 1: Execute command save 1.cfg after 40 minutes 75

The output shows the current configuration will be automatically saved to the configuration file 1.cfg in 40 minutes. Table 10 Command output Field Job name Specified view Time timeid Execute command Name of the scheduled job containing the commands in the job Execution time of each command in the job Command string display memory Use display memory to display memory usage statistics. display memory [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display memory usage statistics. <Sysname> display memory System Total Memory(bytes): 431869088 Total Used Memory(bytes): 71963156 Used Rate: 16% Table 11 Command output Field System Total Memory(bytes) Total Used Memory(bytes) Used Rate Total size of the system memory (in bytes) Size of the memory used (in bytes) Percentage of the memory used to the total memory 76

display power Use display power to display PSU information of a device. display power [ power-id ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level power-id: Displays the information of the specified PSU, where power-id represents the PSU number. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display PSU information of the device. <Sysname> display power Power 0 State: Normal display reboot-type Use display reboot-type to display the reboot mode of the device. If no keyword is provided, the system displays the reboot mode of the device. display reboot-type [ slot slot-number ] [ { begin exclude include } regular-expression ] Any view 2: System level slot slot-number: Displays reboot mode of the specified interface card. The slot-number argument represents the slot number of an interface card. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. 77

begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the reboot mode of the device. <Sysname> display reboot-type The rebooting type this time is: Cold The output shows the last reboot mode of the device is Cold boot (cold boot will restart a device by powering it on; the display of Warm represents a warm boot, which means to restart a device by using the commands like reboot.). display rps Use display rps to display status of the RPS. The following matrix shows the command and router compatibility: Command A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 display rps No No No Yes (except the A-MSR30-1X routers) No display rps [ rps-id ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level rps-id: Displays the status of the specified RPS, where rps-id represents the RPS number. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display RPS status of the device. <Sysname> display rps 78

RPS 1 State: Normal The output shows that RPS 1 works normally. display schedule job Use display schedule job to display the configuration of the job configured by using schedule job. Related commands: schedule job. display schedule job [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the configuration of the job configured by using the schedule job command. <Sysname> display schedule job Specified command: execute 1.bat Specified view: system view Executed time: at 12:00 10/31/2007 (in 0 hours and 16 minutes) If you change the system time within 16 minutes after you execute schedule job, the scheduled task becomes invalid. Then, if you execute display schedule job again, the system displays nothing. Table 12 Command output Field Specified command Specified view Executed time Command to be executed for the command to be executed Execution time of the command and the difference between the current time and scheduled time 79

display schedule reboot Use display schedule reboot to display the device reboot setting. Related commands: schedule reboot at and schedule reboot delay. display schedule reboot [ { begin exclude include } regular-expression ] Any view : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the device reboot setting. <Sysname> display schedule reboot System will reboot at 16:00:00 03/10/2006 (in 2 hours and 5 minutes). The output shows the system will reboot at 16:00:00 on March 10, 2006 (in two hours and five minutes). display system-failure Use display system-failure to display the exception handling method. Related commands: system-failure. display system-failure [ { begin exclude include } regular-expression ] Any view : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. 80

exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the exception handling method. <Sysname> display system-failure System failure handling method: reboot display transceiver Use display transceiver to display key parameters of transceiver modules. display transceiver { controller [ controller-type controller-number ] interface [ interface-type interfacenumber ] } [ { begin exclude include } regular-expression ] Any view 2: System level controller [ controller-type controller-number ]: Displays the key parameters of the transceiver module in the specified controller interface. controller-type controller-number represents controller interface type and controller interface number. If it is not specified, the command displays the key parameters of the transceiver modules in all controller interfaces. interface [ interface-type interface-number ]: Displays the key parameters of the transceiver module in the specified interface. interface-type interface-number represents interface type and interface number. If it is not specified, the command displays the key parameters of the transceiver modules in all interfaces. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the key parameters of the transceiver module in interface GigabitEthernet 2/3. <Sysname> display transceiver interface gigabitethernet 2/3 GigabitEthernet2/3 transceiver information: Transceiver Type Connector Type : 1000_BASE_SX_SFP : LC Wavelength(nm) : 850 Transfer Distance(m) : 550(50um),270(62.5um) 81

Digital Diagnostic Monitoring : YES Vendor Name : HP Ordering Name : SFP-GE-SX-MM850 Table 13 Command output Field transceiver information Transceiver Type Connector Type Wavelength(nm) Transfer Distance(xx) Digital Diagnostic Monitoring Vendor Name Ordering Name Transceiver module information. Transceiver module type. Type of the connectors of the transceiver: Optical connectors, including SC (SC connector, developed by NTT) and LC (LC connector, 1.25 mm/rj-45 optical connector developed by Lucent). Other connectors, including RJ-45 and CX 4. Optical transceiver: central wavelength of the laser sent, in nm. If the transceiver supports multiple wavelengths, every two wavelength values are separated by a comma. Electrical transceiver: displayed as N/A. Transfer distance, with xx representing km for single-mode transceivers and m for other transceivers. If the transceiver supports multiple transfer medium, every two values of the transfer distance are separated by a comma. The corresponding transfer medium is included in the bracket following the transfer distance value. The following are the transfer media: 9 um: 9/125 um single-mode fiber. 50 um: 50/125 um multi-mode fiber. 62.5 um: 62.5/125 um multi-mode fiber. TP: Twisted pair. CX4: CX4 cable. Whether the digital diagnosis function is supported, where: YES: supported. NO: not supported. Vendor name or name of the vendor who customizes the transceiver: HP customized antispoofing transceiver: HP is displayed. Other transceivers: The vendor name is displayed. Transceiver module model. display transceiver alarm Use display transceiver alarm to display alarms present on transceiver modules. If no error occurs, None is displayed. Table 14 shows the alarms that might occur to the commonly used transceiver modules. Support for the transceiver modules and the transceiver module type depends on the device model. 82

Table 14 Command output Field GBIC/SFP RX loss of signal RX power high RX power low TX fault TX bias high TX bias low TX power high TX power low Temp high Temp low Voltage high Voltage low Transceiver info I/O error Transceiver info checksum error Transceiver type and port configuration mismatch Transceiver type not supported by port hardware Remarks Incoming (RX) signal is lost. Incoming (RX) power level is high. Incoming (RX) power level is low. Transmit (TX) fault. TX bias current is high. TX bias current is low. TX power is high. TX power is low. Temperature is high. Temperature is low. Voltage is high. Voltage is low. Transceiver information read and write error. Transceiver information checksum error. Transceiver type does not match port configuration. Transceiver type is not supported on the port. XFP RX loss of signal RX not ready RX CDR loss of lock RX power high RX power low TX not ready TX fault TX CDR loss of lock TX bias high TX bias low TX power high TX power low Module not ready APD supply fault TEC fault Incoming (RX) signal is lost. RX is not ready. RX clock cannot be recovered. RX power is high. RX power is low. TX is not ready. TX fault. TX clock cannot be recovered. TX bias current is high. TX bias current is low. TX power is high. TX power is low. Module is not ready. APD supply fault. TEC fault. 83

Field Wavelength unlocked Temp high Temp low Voltage high Voltage low Transceiver info I/O error Transceiver info checksum error Transceiver type and port configuration mismatch Transceiver type not supported by port hardware Remarks Wavelength of optical signal exceeds the manufacturer s tolerance. Temperature is high. Temperature is low. Voltage is high. Voltage is low. Transceiver information read and write error. Transceiver information checksum error. Transceiver type does not match port configuration. Transceiver type is not supported on the port. XENPAK WIS local fault Receive optical power fault PMA/PMD receiver local fault PCS receive local fault PHY XS receive local fault RX power high RX power low Laser bias current fault Laser temperature fault Laser output power fault TX fault PMA/PMD receiver local fault PCS receive local fault PHY XS receive local fault TX bias high TX bias low TX power high TX power low Temp high Temp low Transceiver info I/O error Transceiver info checksum error Transceiver type and port configuration mismatch WIS local fault. Receive optical power fault. PMA/PMD receiver local fault. PCS receiver local fault. PHY XS receive local fault. RX power is high. RX power is low. Laser bias current fault. Laser temperature fault. Laser output power fault. TX fault. PMA/PMD receiver local fault. PCS receive local fault. PHY XS receive local fault. TX bias current is high. TX bias current is low. TX power is high. TX power is low. Temperature is high. Temperature is low. Transceiver information read and write error. Transceiver information checksum error. Transceiver type does not match port configuration. 84

Field Transceiver type not supported by port hardware Remarks Transceiver type is not supported on the port. display transceiver alarm { controller [ controller-type controller-number ] interface [ interface-type interface-number ] } [ { begin exclude include } regular-expression ] Any view 2: System level controller [ controller-type controller-number ]: Displays the alarms present on the transceiver module in the specified controller interface. controller-type controller-number represents controller interface type and controller interface number. If it is not specified, the command displays the alarms present on the transceiver module in all the controller interfaces. interface [ interface-type interface-number ]: Displays the alarms present on the transceiver module in the specified interface. interface-type interface-number represents interface type and interface number. If it is not specified, the command displays the alarms present on the transceiver module all interfaces. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the alarms present on the transceiver module in interface GigabitEthernet 2/1. <Sysname> display transceiver alarm interface gigabitethernet 2/1 GigabitEthernet2/1 transceiver current alarm information: RX loss of signal RX power low Table 15 Command output Field transceiver current alarm information RX loss of signal RX power low Current alarm information of the transceiver. Incoming (RX) signal is lost. Incoming (RX) power level is low. 85

display transceiver diagnosis Use display transceiver diagnosis to display the present measured values of the digital diagnosis parameters for transceiver modules. display transceiver diagnosis { controller [ controller-type controller-number ] interface [ interface-type interface-number ] } [ { begin exclude include } regular-expression ] Any view 2: System level controller [ controller-type controller-number ]: Displays the present measured values of the digital diagnosis parameters for the transceiver module in the specified controller interface. controller-type controller-number represents controller interface type and controller interface number. If it is not specified, the command displays the present measured values of the digital diagnosis parameters for the transceiver module in all controller interfaces. interface [ interface-type interface-number ]: Displays the present measured values of the digital diagnosis parameters for the transceiver module in the specified interface. interface-type interface-number represents interface type and interface number. If it is not specified, the command displays the present measured values of the digital diagnosis parameters for the transceiver module in all interfaces. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the present measured values of the digital diagnosis parameters for the transceiver module in interface GigabitEthernet 2/2. <Sysname> display transceiver diagnosis interface gigabitethernet 2/2 GigabitEthernet2/2 transceiver diagnostic information: Current diagnostic parameters: Temp( C) Voltage(V) Bias(mA) RX power(dbm) TX power(dbm) 36 3.31 6.13-35.64-5.19 Table 16 Command output Field transceiver diagnostic information Current diagnostic parameters Digital diagnosis parameters of the transceiver module in the interface. Current diagnostic parameters. 86

Field Temp.( C) Voltage(V) Bias(mA) RX power(dbm) TX power(dbm) Digital diagnosis parameter-temperature, in C, with the precision to 1 C. Digital diagnosis parameter-voltage, in V, with the precision to 0.01 V. Digital diagnosis parameter-bias current, in ma, with the precision to 0.01 ma. Digital diagnosis parameter-rx power, in dbm, with the precision to 0.01 dbm. Digital diagnosis parameter-tx power, in dbm, with the precision to 0.01 dbm. display transceiver manuinfo Use display transceiver manuinfo to display the electronic label data for transceiver modules. display transceiver manuinfo { controller [ controller-type controller-number ] interface [ interface-type interface-number ] } [ { begin exclude include } regular-expression ] Any view 2: System level controller [ controller-type controller-number ]: Displays the electronic label data for the transceiver module in the specified controller interface. controller-type controller-number represents controller interface type and controller interface number. If it is not specified, the command displays the electronic label data for the transceiver module in all controller interfaces. interface [ interface-type interface-number ]: Displays the electronic label data for the transceiver module in the specified interface. interface-type interface-number represents interface type and interface number. If it is not specified, the command displays the electronic label data for the transceiver module in all the interfaces. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the electronic label data for the transceiver module in interface GigabitEthernet 2/4. <Sysname> display transceiver manuinfo interface gigabitethernet 2/4 87

GigabitEthernet2/4 transceiver manufacture information: Manu. Serial Number : 213410A0000054000251 Manufacturing Date : 2011-09-01 Vendor Name : HP Table 17 Command output Field Manu. Serial Number Manufacturing Date Vendor Name Serial number generated during debugging and testing of the customized transceivers. Debugging and testing date. The date takes the value of the system clock of the computer that performs debugging and testing. Name of the vendor who customizes the transceiver, that is, HP. display version header Use display version to view system version information. By viewing system version information, you can learn about the current software version, rack type, and the information related to the main board and interface boards. display version [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display system version information (The system version information varies with devices.). <Sysname> display version Use header to create a banner. 88

Use undo header to clear a banner. header { incoming legal login motd shell } text undo header { incoming legal login motd shell } System view 2: System level incoming: Sets the banner displayed when a user interface is activated by a Modem user. If authentication is needed, the incoming banner is displayed after the authentication is passed. legal: Sets the license information banner before a user logs onto the terminal interface. The legal banner is displayed before the user inputs the username and password. login: Sets the login banner at authentication. motd: Sets the banner displayed before login. If authentication is required, the banner is displayed before authentication. shell: Sets the banner displayed when a nonmodem login user enters user view. text: Banner message, input in two formats. For more information, see Fundamentals Configuration Guide. # Configure banners. [Sysname] header incoming % Please input banner content, and quit with the character '%'. Welcome to incoming(header incoming)% [Sysname] header legal % Please input banner content, and quit with the character '%'. Welcome to incoming(header incoming)% [Sysname] header legal % Please input banner content, and quit with the character '%'. Welcome to legal (header legal)% [Sysname] header login % Please input banner content, and quit with the character '%'. Welcome to login(header login)% [Sysname] header motd % Please input banner content, and quit with the character '%'. Welcome to motd(header motd)% [Sysname] header shell % Please input banner content, and quit with the character '%'. Welcome to shell(header shell)% 89

job NOTE: Character % is the starting/ending character of text in this example. Entering % after the displayed text quits the header command. As the starting and ending character, % is not a part of a banner. # Test the configuration remotely using Telnet. (Only when login authentication is configured can the login banner be displayed). ****************************************************************************** * Copyright (c) 2010-2011 Hewlett-Packard Development Company, L.P. * * Without the owner's prior written consent, * * no decompiling or reverse-engineering shall be allowed. * ****************************************************************************** Welcome to legal (header legal) Press Y or ENTER to continue, N to exit. Welcome to motd(header motd) Welcome to login(header login) Login authentication Password: Welcome to shell(header shell) Use job to create a job and enter job view, or enter this view directly if the job has been created. Use undo job to remove the job. By default, no job is scheduled. After creating a job, you can configure the job in job view. For example, you can specify the execution time for the commands in the job. This command can be repeatedly executed to create multiple independent jobs. Related commands: time and view. job job-name undo job job-name System view job-name: Specifies name of the scheduled job, a string of 1 to 32 characters. # Create a job saveconfiguration or enter its job view. 90

[Sysname] job saveconfiguration [Sysname-job-saveconfiguration] nms monitor-interface Use nms primary monitor-interface to configure the primary monitored interface for an NMS. Use nms secondary monitor-interface to configure the secondary monitored interface for an NMS. Use undo nms monitor-interface to remove the configurations. By default, an NMS does not monitor any interface on the device. If you configure only the primary monitored interface or the secondary monitored interface, the device monitors the IP address of the configured interface. If the interface gets or changes its IP address when the interface status is up, the device sends traps to the NMS to inform it of the available IP address. If you configure both the primary and secondary monitored interfaces, the device monitors the primary one first. The following matrix shows the command and router compatibility: Command A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 nms monitorinterface Yes Yes No No No nms { primary secondary } monitor-interface interface-type interface-number undo nms { primary secondary } monitor-interface System view primary: Specifies the primary monitored interface for a NMS. secondary: Specifies the secondary monitored interface for the NMS. interface-type interface-number: Type and number of the interface to be monitored. # Configure Ethernet 1/1 as the primary monitored interface for an NMS. [Sysname] nms primary monitor-interface ethernet 1/1 91

reboot CAUTION: A reboot can interrupt network services. If the main system software image file has been corrupted or does not exist, the device cannot reboot. You must re-specify a main system software image file, or power off the device and then power it on so the system can reboot with the backup system software image file. For data security, if you are performing file operations at the reboot time, the system does not reboot. Use reboot to reboot the device or the specified interface card. reboot [ slot slot-number ] User view slot slot-number: Specifies the slot number of an interface card. It you do not specify this option, this command reboots all interface cards. # Reboot the device (The output information is omitted here). <Sysname> reboot reset unused porttag Use reset unused porttag to clear unused 16-bit indexes. A confirmation is required when you execute this command. The command will not run if you fail to make a confirmation within 30 seconds or enter N to cancel the operation. reset unused porttag User view 1: Monitor level None # Clear unused 16-bit indexes. 92

<Sysname> reset unused porttag Current operation will delete all unused port tag(s). Continue? [Y/N]:y <Sysname> schedule job Use schedule job to schedule a job. Use undo schedule job to remove the scheduled job. If you provide both the time1 and date arguments, the execution time must be a future time. If you only provide the time1 argument, when time1 is earlier than the current system time, the specified command is executed at time1 of the next day; when time1 is later than the current system time, the specified command is executed at time1 of the current day. No matter whether you use the at or delay keyword, the difference between the execution time of the command and the current system time cannot exceed 720 hours (namely, 30 days). To have a job successfully run a command, check the specified view and command are valid. The system does not verify their validity. If a confirmation is required while the command is running, the system automatically inputs Y or Yes. If characters are required, the system automatically inputs a default character string, or inputs an empty character string when there is no default character string. The configuration interface, view, and user status that you have before job execution restores even if the job has run a command that changes the user interface (for example, telnet, ftp, and ssh2), the view (for example, system-view and quit), or the user status (for example, super). If you change the system time after the scheduled job is configured, the job becomes invalid. Only the latest configuration takes effect if you execute schedule job repeatedly. schedule job { at time1 [ date ] delay time2 } view view-name command undo schedule job User view at time1 [ date ]: Specifies the execution time of a specified command. time1: Execution time of the command, in the hh:mm format. The hh value ranges from 0 to 23, and the mm value ranges from 0 to 59. date: Execution date of the command, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value ranges from 2000 to 2035, the MM value ranges from 1 to 12, and the DD value ranges from 1 to 31. delay time2: Specifies the execution waiting time of a specified command. time2 represents the waiting time in the following format: 93

hh:mm format The hh value ranges from 0 to 720, and the mm value ranges from 0 to 59. When the hh value is 720, the mm value cannot be more than 0. mm format It ranges from 0 to 432000 minutes, with 0 indicating the command is executed immediately. view view: Specifies the view in which the command is executed. The view argument represents the view name, and it takes either of the following values at present: shell Represents user view. system Represents system view. command: Command to be executed. # Schedule a job to execute the batch file 1.bat in system view in 60 minutes (assuming the current time is 11:43). <Sysname> schedule job delay 60 view system execute 1.bat Info: Command execute 1.bat in system view will be executed at 12:43 10/31/2007 (in 1 hours and 0 minutes). # Schedule a job to execute the batch file 1.bat in system view at 12:00 (assuming the current time is 11:43). <Sysname> schedule job at 12:00 view system execute 1.bat Info: Command execute 1.bat in system view will be executed at 12:00 10/31/2007 (in 0 hours and 16 minutes). schedule reboot at CAUTION: This command reboots the device in a future time, resulting in service interruption. Use it with caution. Use schedule reboot at to enable the scheduled reboot function and specify a specific reboot time and date. Use undo schedule reboot to disable the scheduled reboot function. By default, the scheduled reboot function is disabled. If no specific reboot date is specified: When the specified reboot time is later than the current time, the device will be rebooted at the reboot time of the current day. When the specified reboot time is earlier than the current time, the device will be rebooted at the reboot time the next day. If you are performing file operations when the device will be rebooted, the system does not execute the command for the sake of security. The precision of the device timer is 1 minute. One minute before the reboot time, the device will prompt REBOOT IN ONE MINUTE and will be rebooted in one minute. The difference between the reboot date and the current date cannot exceed 30 x 24 hours (namely, 30 days). 94

After you execute this command, the device will prompt you to confirm the configuration. You must enter Y or y to make the configuration take effect. The original configuration will be overwritten at the same time. If a date (month/day/year or year/month/day) later than the current date is specified for the schedule reboot at command, the device will be rebooted at the reboot time. If you use clock after schedule reboot at to adjust the system time, the reboot time set by schedule reboot at will become invalid. schedule reboot at hh:mm [ date ] undo schedule reboot User view hh:mm: Reboot time for the device, in the hh:mm format. The hh value ranges from 0 to 23, and the mm value ranges from 0 to 59. date: Reboot date for the device, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value ranges from 2000 to 2035, the MM value ranges from 1 to 12, and the DD value ranges from 1 to 31. # Configure the device to reboot at 12:00 AM (supposing the current time is 11:43 on June 6, 2006). <Sysname> schedule reboot at 12:00 Reboot system at 12:00 06/06/2006(in 0 hour(s) and 16 minute(s)) confirm? [Y/N]: If you have used the terminal logging command to enable the log display function on the terminal before setting a reboot time, the system will automatically display related log information after you enter <y>. By default, the log display function is enabled. <Sysname> %Jun 6 11:43:11:629 2006 Sysname CMD/4/REBOOT: vty0(192.168.1.54): Set schedule reboot parameters at 11:43:11 06/06/2006, and system will reboot at 12:00 06/06/2006. schedule reboot delay CAUTION: This command reboots the device after the specified delay time, resulting in service interruption. Use it with caution. Use schedule reboot delay to enable the scheduled reboot function and set a reboot wait time. Use undo schedule reboot to disable the scheduled reboot function. By default, the scheduled reboot function is disabled. 95

The reboot wait time can be in the hh:mm format or mm format absolute minutes. The absolute minutes cannot exceed 30 x 24 x 60 minutes, namely, 30 days. The precision of the device timer is 1 minute. One minute before the reboot time, the device will prompt REBOOT IN ONE MINUTE and will be rebooted in one minute. After you execute this command, the device will prompt you to confirm the configuration. You must enter <Y> or <y> to make the configuration take effect. The original configuration will be overwritten at the same time. If you use clock after schedule reboot delay to adjust the system time, the reboot wait time set by schedule reboot delay will become invalid. If you are performing file operations when the device will be rebooted, the system does not execute the command for the sake of security. schedule reboot delay { hh:mm mm } undo schedule reboot User view hh:mm: Device reboot wait time, in the hh:mm format. The hh value ranges from 0 to 720, and the mm value ranges from 0 to 59. When the hh value is 720, the mm value cannot be more than 0. mm: Device reboot wait time in minutes, which ranges from 0 to 43,200. # Configure the device to reboot in 88 minutes (supposing the current time is 11:48 on June 6, 2006). <Sysname> schedule reboot delay 88 Reboot system at 13:16 06/06/2006(in 1 hour(s) and 28 minute(s)). confirm? [Y/N]: # If you have used the terminal logging command to enable the log display function on the terminal before setting a reboot time, the system will automatically display related log information after you enter y. By default, the log display function is enabled on the terminal. <Sysname> %Jun 6 11:48:44:860 2006 Sysname CMD/4/REBOOT: vty0(192.168.1.54): Set schedule reboot parameters at 11:48:44 06/06/2006, and system will reboot at 13:16 06/06/2006. shutdown-interval Use shutdown-interval to set a detection interval. Use undo shutdown-interval to restore the default. By default, the detection interval is 30 seconds. 96

Some protocol modules might shut down ports under specific circumstances. For example, an MSTP module will automatically shut down a port that receives configuration messages after the BPDU guard function is enabled on the port. Then, the MSTP module enables a detection timer and detects the status of the port. If the port is still down when the detection timer times out, the MSTP module will automatically bring up the port. sysname If you change the detection interval to T1 during port detection, the interval from when you change the interval to the time when the protocol module shuts down the port is T. If T<T1, the port which is down will be brought up after T1-T time. If T>=T1, the port which is down will be brought up immediately. For example, if the detection interval is set to 30 seconds and you change it to 10 seconds (T1=10) two seconds after the port is shut down (T=2), this port will be brought up 8 seconds later. If the detection interval is set to 30 seconds and you change it to 2 seconds ten seconds after the port is shut down, this port will be brought up immediately. If the detection interval is set to 0, the protocol module will never automatically recover the port. You must manually bring up the port by using undo shutdown or change the detection interval to a nonzero value. shutdown-interval time undo shutdown-interval System view 2: System level time: Detection interval in seconds, which ranges from 0 to 300. # Set the detection interval to 100 seconds. [Sysname] shutdown-interval 100 Use sysname to set the name of the device. Use undo sysname to restore the device name to the default. The default name is H3C. Changing device name affects the prompt of the CLI. For example, if the device name is Sysname, the prompt of user view is <Sysname>. sysname sysname undo sysname System view 97

2: System level sysname: Name of the device, which is a string of 1 to 30 characters. # Set the name of the device to R2000. [Sysname] sysname R2000 [R2000] system-failure Use system-failure to configure the exception handling method. By default, the system adopts the reboot method to handle exceptions. system-failure { maintain reboot } undo system-failure { maintain reboot } System view maintain: Specifies that when the system detects any software abnormality, it maintains the current situation, and does not take any measure to recover itself. reboot: Specifies that when the system detects any software abnormality, it recovers itself through automatic reboot. # Set the exception handling method to reboot. [Sysname] system-failure reboot temperature-limit Use temperature-limit to set the temperature threshold on a card. Use undo temperature-limit to restore the temperature threshold to the default. By default, the temperature alarm threshold depends on device models. The following matrix shows the command and router compatibility: 98

Command A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 A-MSR50 Yes Yes Yes temperature-limit No No Value range for lowervalue: 0 to 14 Value range for lowervalue: 0 to 14 Value range for lowervalue: 0 to 30 Yes Yes Yes temperature-limit No No Value range for uppervalue: 50 to 90 Value range for uppervalue: 40 to 90 Value range for uppervalue: 40 to 90 time at temperature-limit slot-number lower-value upper-value undo temperature-limit slot-number System view 2: System level slot-number: This argument is invalid. lower-value: Lower temperature threshold in Celsius degrees. upper-value: Upper temperature limit in Celsius degrees. The upper-value argument must be larger than the lower-value argument. # Set the lower temperature limit on card 1 to 10 C (50 F) and the upper temperature limit to 75 C (167 F). [Sysname] temperature-limit 1 10 75 Setting temperature limit succeeded. Use time at to configure a command to run at a specific time and date or at a specific time in a job. Use undo time to remove the configured command. Use time timeid at time date command command to specify the execution time to the exact minute for the command. The time must be ahead of the current time of the system. Use time timeid one-off at time command command to specify the time on the current day for executing the command. If the specified time has passed, this command will be executed on the second day. This command will be executed only once. Use time timeid one-off at time month-date month-day command command to specify the time on the specified day in the current month for executing the command. If the specified time has passed, 99

this command will be executed at the specified time on the specified day in the next month. This command will be executed only once. Use time timeid one-off at time week-day week-daylist command command to specify the time on the specified day or days in the current week for executing the command. If the time has passed, this command will be executed at the specified time on the specified day or days in the next week. This command will be executed only once. Use time timeid repeating at time command command to specify the time for repeating the command every day. Use time timeid repeating at time month-date month-day command command to specify the time on a specific day for repeating the command every month. Use time timeid repeating at time week-day week-daylist command command to specify the time on a specified day or days for repeating the command every week. Every job can have only one view and up to 10 commands. The time ID (time-id) must be unique in a job. If two time and command bindings have the same time ID, the one configured last takes effect. Related commands: job and view. time time-id at time date command command time time-id { one-off repeating } at time [ month-date month-day week-day week-daylist ] command command undo time time-id Job view time timeid: Time setting entry, an integer that ranges from 1 to 10. at time: Specifies the execution time, in the hh:mm format, where the hh value ranges from 0 to 23 and the mm value ranges from 0 to 59. one-off: Specifies the specified command is executed for once. repeating: Specifies a recurring time schedule. date: Specifies the execution date, in the MM/DD/YYYY or YYYY/MM/DD format. The YYYY value ranges from 2000 to 2035, the MM value ranges from 1 to 12, and the DD value ranges from 1 to 31. The specified execution date must be ahead of the current date. month-date month-day: Specifies the date for executing the command. month-day specifies the date, and ranges from 1 to 31. week-day week-daylist: Specifies the day or days for executing the command. week-daylist specifies one day or up to seven days, and can be any combination of Sun, Mon, Tue, Wed, Thu, Fri, and Sat. For example, to have a command executed on Monday, you can enter week-day Mon; to have a command executed on Friday and Saturday, enter week-day Fri Sat. Use a space between every two days for separation. 100

time delay command command: Specifies the command to be automatically executed, in the text format. The command must be executable in the view specified by the view command; otherwise, this command cannot be automatically executed. Therefore, ensure the correctness of the configuration. # Schedule a job to save the configuration file a.cfg at 3:00 on May 18, 2009. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 at 3:00 2009/05/18 command save a.cfg # Schedule a job to save the configuration file at 12:00 every day. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 repeating at 12:00 command save a.cfg # Schedule a job to save the configuration file at 8:00 AM on 5 th in the current month, which might be executed in the second month if the time has passed. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 one-off at 8:00 month-date 5 command save a.cfg # Schedule a job to save the configuration file at 8:00 AM on 5 th every month. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 repeating at 8:00 month-date 5 command save a.cfg # Schedule a job to save the configuration file at 8:00 AM on Friday and Saturday in the current week, which might be delayed to the next week if the time has passed. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 one-off at 8:00 week-day fri sat command save a.cfg # Schedule a job to save the configuration file at 8:00 on Fridays and Saturdays. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 repeating at 8:00 week-day fri sat command save a.cfg Use time delay to configure a command to be executed after a specified delay time. Use undo time to cancel the configuration. Use time timeid one-off delay time command command to specify the time delay for executing the command. This command will be executed only once. 101

view Use time timeid repeating delay time command command to specify the time interval for executing the command periodically. Every job can have only one view and up to 10 commands. The time ID (time-id) must be unique in a job. If two time and command bindings have the same time ID, the one configured last takes effect. Related commands: job and view. time time-id { one-off repeating } delay time command command undo time time-id Job view time timeid: Time setting entry, an integer that ranges from 1 to 10. one-off: Specifies the specified command is executed for once. repeating: Specifies a recurring time schedule. delay time: Specifies the delay time for executing the command, in the hh:mm format or mm format. When the time argument is in the hh:mm format, the hh value ranges from 0 to 720, and the mm value ranges from 0 to 59. When the hh value is 720, the mm value can be only 00. When the time argument is in the mm format, the mm value ranges from 1 to 43,200. That is, the maximum value of the delay timer is 30 days. command command: Specifies the command to be automatically executed, in the text format. The specified command must be a complete command without interactive input. # Configure the device to save the configuration file five minutes later. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 one-off delay 5 command save a.cfg # Configure the device to save the configuration file every five minutes. [Sysname] job saveconfig [Sysname-job-saveconfig] view monitor [Sysname-job-saveconfig] time 1 repeating delay 5 command save a.cfg Use view to specify the view in which the commands contained in the scheduled task are automatically executed. 102

Use undo view to remove the configuration. By default, no view is specified for the scheduled task. Every job can have only one view. If you specify multiple views, the one specified the last takes effect. Enter a view name in its complete form. Most commonly used view names include monitor for user view, system for system view, Etherentx/x for Ethernet interface view, and Vlan-interfacex for VLAN interface view. Related commands: job and time. view view-name undo view Job view view-name: specifies name of the view in which commands in the scheduled task are executed. A view name is a string of 1 to 90 characters. # Specify the view in which the commands in the job run. [Sysname] job creatvlan [Sysname-job-creatvlan] view system 103

Configuration file management commands archive configuration Use archive configuration to save the running configuration manually. With this command executed, the system saves the running configuration with the specified filename filename prefix + serial number to the specified path. Before executing archive configuration, you must configure the filename prefix and path for saving configuration files by using archive configuration location. archive configuration User view None # Save the running configuration manually. <Sysname> archive configuration Warning: Save the running configuration to an archive file. Continue? [Y/N]: Y Please wait... Info: The archive configuration file myarchive_1.cfg is saved. archive configuration interval Use archive configuration interval to enable the automatic saving of the running configuration and set the interval. Use undo archive configuration interval to restore the default. By default, the system does not automatically save the running configuration. With this command executed, the system saves the running configuration with the specified filename to the specified path at a specified interval (the value of the minutes argument). Configure an automatic saving interval according to the storage media performance and the frequency of configuration modification: If the configuration of the device does not change frequently, HP recommends saving the running configuration manually as needed. 104

If you use a low-speed storage media, such as a flash, HP recommends saving the running configuration manually, or configuring automatic saving with an interval longer than 1,440 minutes (24 hours). If you use a high-speed storage media such as a CF card and the configuration of the device changes frequently, HP recommends setting a shorter saving interval. Before executing archive configuration interval, you must configure the filename prefix and path for saving configuration files by using archive configuration location. archive configuration interval minutes undo archive configuration interval System view minutes: Specifies the interval for automatically saving the running configuration, in minutes. The value ranges from 10 to 525,600 (365 days). # Configure the system to save the running configuration every 60 minutes. [Sysname] archive configuration interval 60 Info: Archive files will be saved every 60 minutes. archive configuration location Use archive configuration location to configure the path and filename prefix for saving configuration files. Use undo archive configuration location to restore the default. By default, the path and filename prefix for saving configuration files are not configured, and the system does not save the configuration file periodically. Before the running configuration is saved either manually or automatically, the file path and filename prefix must be configured. If undo archive configuration location is executed, the running configuration cannot be saved manually or automatically. The configuration done by executing archive configuration interval and archive configuration max will restore to the default, and clear the saved configuration files. archive configuration location directory filename-prefix filename-prefix undo archive configuration location System view 105

directory: The path of the folder for saving configuration files, a case-insensitive string of 1 to 63 characters, in the format of storage media name:/[folder name]/subfolder name. The folder must be created before the configuration. filename-prefix: The filename prefix for saving configuration files, a case-insensitive string of 1 to 30 characters (can include letters, numbers, _, and - only). # Configure the path and the filename prefix for saving configuration files as flash:/archive/ and my_archive, respectively. <Sysname> mkdir archive. %Created dir flash:/archive. [Sysname] archive configuration location flash:/archive filename-prefix my_archive archive configuration max Use archive configuration max to set the maximum number of configuration files being saved. Use undo archive configuration max to restore the default. By default, a maximum of 5 configuration files can be saved. Because excessive configuration files occupy large memory space, you can use this command to control the number of the files. After the maximum number of configuration files is saved, the system deletes the oldest files when the next file is saved (either automatically or manually). When you change the maximum number of configuration files being saved, the exceeded files are not deleted. If the number of the existing configuration files is larger than or equal to the newly configured upper limit, the system deletes the oldest n files when the next file is saved, where n = the current number - the newly configured number + 1, for example: if the number of configuration files saved is 7, and the newly configured upper limit is 4, when there is a new configuration file to be saved, the system deletes 4 oldest files, where 4 = 7-4+1. Before executing this command, configure the path and filename prefix for saving configuration files by using archive configuration location; otherwise, the execution of this command fails. If undo archive configuration location is executed, the maximum number of configuration files being saved also restores to the default. archive configuration max file-number undo archive configuration max System view 106

file-number: The maximum number of configuration files being saved, which ranges from 1 to 10. The value of the file-number argument is determined by the memory space. HP recommends setting a comparatively small value for this argument if the available memory space is small. # Set the maximum number of configuration files being saved to 10. [Sysname] archive configuration max 10 backup startup-configuration Use backup startup-configuration to back up the startup configuration file (used at the next system startup) to a specified TFTP server. If you do not specify this filename, the original filename is used. This command only backs up the main startup configuration file. The device uses TFTP to back up configuration files. backup startup-configuration to dest-addr [ dest-filename ] User view 2: System level dest-addr: IPv4 address or name of a TFTP server. It is a string of 1 to 20 characters. dest-filename: Target filename used to save the startup configuration file for the next system startup on the server. # Back up the startup configuration file of the device to the TFTP server with IP address 2.2.2.2, using filename 192-168-1-26.cfg. <Sysname> display startup Current startup saved-configuration file: Next startup saved-configuration file: flash:/config.cfg flash:/test.cfg <Sysname> backup startup-configuration to 2.2.2.2 192-168-1-26.cfg Backup next startup-configuration file to 2.2.2.2, please wait finished! <Sysname> After the above operation, the device backs up file test.cfg to TFTP server 2.2.2.2, where the file is saved as 192-168-1-26.cfg. configuration encrypt Use configuration encrypt to enable configuration file encryption. 107

Use undo configuration encrypt to restore the default. By default, configuration file encryption is disabled, that is, the current configurations are directly saved to the configuration file. With this feature enabled, a configuration file is encrypted every time before it is saved (by the save command). configuration encrypt { private-key public-key } undo configuration encrypt System view private-key: Encrypts a configuration file with a private key. The encrypted configuration file can only be decrypted and recognized by the local device. public-key: Encrypts a configuration file with a public key. The encrypted configuration file can be decrypted and recognized by all devices supported the configuration file encryption function. # Encrypt the configuration file with a public key before saving it. [Sysname] configuration encrypt public-key configuration replace file Use configuration replace file to set configuration rollback. When this command is executed, the running configuration rolls back to the configuration state based on the specified configuration file (filename). The configuration file specified with the configuration replace file filename command can only be a configuration file in simple text. Otherwise, errors may occur in configuration rollback. configuration replace file filename System view filename: Specifies the name of the replacement configuration file for configuration rollback. 108

# Roll back from the running configuration to a previous configuration state based on a saved configuration file my_archive_1.cfg. [Sysname] configuration replace file my_archive_1.cfg Current configuration will be lost, save current configuration? [Y/N]:n Info: Now replacing the current configuration. Please wait... Info: Succeeded in replacing current configuration with the file my_archive_1.cfg. display archive configuration Use display archive configuration to display information about configuration rollback. display archive configuration [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display information about configuration rollback. <Sysname> display archive configuration Location: flash:/archive Filename prefix: my_archive Archive interval in minutes: 120 Maximum number of archive files: 10 Saved archive files: No. TimeStamp FileName 1 Aug 05 2007 20:24:54 my_archive_1.cfg 2 Aug 05 2007 20:34:54 my_archive_2.cfg # 3 Aug 05 2007 20:44:54 my_archive_3.cfg # indicates the most recent archive file. Next archive file to be saved: my_archive_4.cfg 109

Table 18 Command output Field Location Filename prefix Archive interval in minutes Filename Absolute path of the saved configuration files. Filename prefix of the saved configuration files. Configuration file saving interval, in minutes. If the automatic saving is disabled, this field is not displayed. Filename of the saved configuration files, with path excluded. display current-configuration Use display current-configuration to display the current configuration of the device. A parameter is not displayed if it adopts the default setting. If the validated parameter is changed, although you have configured it, the validated parameter is displayed. For example, IP address 11.11.11.11 24 has been configured on a Loopback interface. If you execute display current-configuration, IP address 11.11.11.11 255.255.255.255 is displayed, meaning the validated subnet mask is 32 bits. Related commands: display saved-configuration, reset saved-configuration, and save. display current-configuration [ [ configuration [ configuration ] controller interface [ interface-type ] [ interface-number ] exclude modules ] [ by-linenum ] [ { begin exclude include } regular-expression ] ] Any view 2: System level configuration [ configuration ]: Displays non-interface configuration. If the argument is not provided, all the non-interface configuration is displayed; if parameters are used, display the specified information. For example: isis: Displays the ISIS configuration. isp: Displays the ISP configuration. post-system: Displays the post-system configuration. radius-template: Displays the RADIUS scheme configuration. system: Displays the system configuration. user-interface: Displays the user interface configuration. controller: Displays the controller configuration (For example, CE1/PRI interface. For more information, see Interface Configuration Guide). interface [ interface-type ] [ interface-number ]: Displays the interface configuration, where interface-type represents the interface type and interface-number represents the interface number. 110

exclude modules: Excludes the configuration of the specified modules. The modules argument can be acl, acl6, or both separated by a space. acl: Excludes the IPv4 ACL configuration. acl6: Excludes the IPv6 ACL configuration. by-linenum: Displays the number of each line. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the configuration of all controllers on the device. <Sysname> display current-configuration controller # controller E1 6/0 # controller E1 6/1 # pri-set controller E1 6/2 # pri-set controller E1 6/3 # using e1 return # Display the configuration from the line containing user-interface to the last line in the current configuration. <Sysname> display current-configuration begin user-interface user-interface con 0 user-interface aux 0 user-interface vty 0 4 # authentication-mode none user privilege level 3 return # Display the current SNMP configuration on the device (the output information depends on the current configuration). <Sysname> display current-configuration include snmp snmp-agent snmp-agent local-engineid 800063A203000FE240A1A6 snmp-agent community read public snmp-agent community write private 111

snmp-agent sys-info version all undo snmp-agent trap enable ospf 100 display saved-configuration Use display saved-configuration to display the contents of the configuration file saved for the next startup of the device. During device management and maintenance, you can use this command to check whether important configurations are saved to the configuration file to be used at the next startup of the device. This command displays the main configuration file to be used at the next system startup. If the system is not specified with a configuration file to the used at the next startup or the specified configuration file does not exist, display saved-configuration displays the default configuration file of the device. If the default configuration file does not exist, the system prompts The config file does not exist!. Related commands: display current-configuration, reset saved-configuration, and save. display saved-configuration [ by-linenum ] [ { begin exclude include } regular-expression ] Any view 2: System level by-linenum: Identifies each line of displayed information with a line number. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the configuration file saved for the next startup of the device. <Sysname> display saved-configuration # # # # # version 5.20, Test 5310 sysname Sysname domain default enable system telnet server enable multicast routing-enable 112

# vlan 1 # vlan 999 # domain system # access-limit disable state active idle-cut disable self-service-url disable interface NULL0 # ---- More ---- The configurations are displayed in the order of global, port, and user interface. The More prompt indicates there are more lines the screen can display. Pressing Enter displays the next line; pressing Space displays the next screen; pressing Ctrl+C or any other key exits the display. # Display the contents of the configuration file saved for the next startup of the device with a number identifying each line. <Sysname> display saved-configuration by-linenum 1: # 2: version 5.20, Test 5310 3: # 4: sysname Sysname 5: # 6: domain default enable system 7: # 8: telnet server enable 9: # 10: multicast routing-enable 11: # 12: vlan 1 13: # 14: vlan 999 15: # 16: domain system 17: access-limit disable 18: state active 19: idle-cut disable 20: self-service-url disable 21: # 22: interface NULL0 23: # ---- More ---- The More prompt indicates there are more lines the screen can display. Pressing Enter displays the next line; pressing Space displays the next screen; pressing Ctrl+C or any other key exits the display. 113

display startup Use display startup to display the configuration files for the system startup and the configuration files for the next system startup. Related commands: startup saved-configuration. display startup [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the configuration file used at the current system startup and the one to be used at the next system startup. <Sysname> display startup Current startup saved-configuration file: Next main startup saved-configuration file: Next backup startup saved-configuration file: Table 19 Command output flash:/config.cfg flash:/config.cfg flash:/config2.cfg Field Current startup saved-configuration file Next main startup saved-configuration file Next backup startup saved-configuration file (This file does not exist.) The configuration file used at the current startup. Main configuration file to be used at the next startup. Backup configuration file to be used at the next startup. Indicates the configuration file does not exist. If the user deletes the configuration file for the next startup after configuring it, this output information will be displayed after the filename. display this Use display this to display the valid configuration information under the current view. 114

To check whether your configuration takes effect, use display this. The valid configuration that is the same as the default is not displayed. The invalid configuration is not displayed. Execution of this command in any user interface view displays the valid configuration in all the user interfaces. Execution of this command in any VLAN view displays the configurations of all the created VLANs. display this [ by-linenum ] [ { begin exclude include } regular-expression ] Any view 1: Monitor level by-linenum: Displays the number of each line. : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the valid configuration information on interface Ethernet 1/1 (the output information depends on the current configuration of the device). [Sysname] interface ethernet 1/1 [Sysname-Ethernet1/1] display this # interface Ethernet1/1 # port link-mode bridge port link-type hybrid undo port hybrid vlan 1 port hybrid vlan 2 to 4 untagged port hybrid pvid vlan 2 return # Display the valid configuration information of all user interfaces (the output information depends on the current configuration of the device). [Sysname] user-interface vty 0 [Sysname-ui-vty0] display this # 115

user-interface con 0 user-interface vty 0 history-command max-size 256 user-interface vty 1 4 # return reset saved-configuration Use reset saved-configuration to delete the startup configuration files saved on the storage media of the device. This command permanently deletes the startup configuration file from the device. Use it with caution. If the main and backup startup configuration files are the same, when you perform the delete operation for once, the system will not delete the configuration file but only set the corresponding startup configuration file (main or backup, according to which one you specified in the command) to NULL. Both reset saved-configuration and reset saved-configuration main delete the main startup configuration file. Related commands: display saved-configuration and save. reset saved-configuration [ backup main ] User view backup: Deletes the backup startup configuration file. main: Deletes the main startup configuration file. # Delete the startup configuration file to be used at the next startup from the storage media of the device. <Sysname> reset saved-configuration The saved configuration file will be erased. Are you sure? [Y/N]:y Configuration file in flash is being cleared. Please wait... Configuration file is cleared. restore startup-configuration Use restore startup-configuration to download a configuration file from the specified TFTP server to the device and specify it as the startup configuration file for the next system startup. The file downloaded is set as the main startup configuration file to be used at the next system startup. 116

save restore startup-configuration from src-addr src-filename User view src-addr: IP address or name of a TFTP server. The address cannot be an IPv6 address. src-filename: Filename of the configuration file to be downloaded from the specified server. # Download configuration file test.cfg from the TFTP server whose IP address is 2.2.2.2, and the configuration file is to be used at the next startup of the device. <Sysname> restore startup-configuration from 2.2.2.2 test.cfg Restore next startup-configuration file from 2.2.2.2. Please wait... finished! Use save file-url to save the current configuration to the specified configuration file, but the system does not specify the file as the startup configuration file to be used at the next system startup. If the file specified by file-url does not exist, the system creates the file and then saves the configuration to the file. Use save [ safely ] [ backup main ] [ force ] to save the current configuration to the root directory of the storage media, and specify the file as the startup configuration file to be used at the next system startup. Related commands: display current-configuration, display saved-configuration, and reset savedconfiguration. save file-url save [ safely ] [ backup main ] [ force ] Any view 2: System level file-url: File path, where the extension of the file name must be.cfg. safely: Sets the configuration saving mode to safe. If this argument is not specified, the configuration file is saved in fast mode. backup: Saves the current configuration to the startup configuration file specified in the interactive mode, and specifies the file as the backup startup configuration file to be used at the next startup of the device. 117

main: Saves the current configuration to the main startup configuration file specified in the interactive mode, and specifies the file as the main startup configuration file to be used at the next startup of the device. force: Saves the current configuration to the configuration file for the next startup of the device, and the system does not output any interaction information. By default, when you execute the save command, the system asks you to enter Y or N to confirm your operation. If you do not confirm your operation within 30 seconds, the system automatically quits the operation. If you provide the force keyword when executing the save command, the system directly saves the current configuration, not requiring any confirmation. # Save the current configuration file to the specified directory, but do not specify the configuration file as the startup configuration file to be used at the next startup. <Sysname> save test.cfg The current configuration will be saved to flash:/test.cfg. Continue? [Y/N]:y Now saving current configuration to the device. Saving configuration flash:/test.cfg. Please wait...... Configuration is saved to flash successfully. # Save the current configuration file to the root directory of the storage media, and specify the configuration file as the startup configuration file to be used at the next startup. <Sysname> display startup Current startup saved-configuration file: flash:/hmr.cfg Next main startup saved-configuration file: flash:/aa.cfg Next backup startup saved-configuration file: NULL // The above information indicates the main startup configuration file to be used at the next system startup is aa.cfg. <Sysname> save The current configuration will be written to the device. Are you sure? [Y/N]:y Please input the file name(*.cfg)[flash:/aa.cfg] (To leave the existing filename unchanged, press the enter key):startup.cfg Validating file. Please wait... Configuration is saved to device successfully. <Sysname> display startup Current startup saved-configuration file: flash:/hmr.cfg Next main startup saved-configuration file: flash:/startup.cfg Next backup startup saved-configuration file: NULL // The above information indicates the main startup configuration file to be used at the next system startup is changed to startup.cfg. # Save the current configuration to the main configuration file to be used at the next startup of the device, without any confirmation required. <Sysname> save force Validating file. Please wait... Configuration is saved to device successfully. 118

startup saved-configuration Use startup saved-configuration to specify a startup configuration file to be used at the next system startup. Use undo startup saved-configuration to configure the system to start up with the null configuration, that is, the factory configuration. The startup saved-configuration and startup saved-configuration main commands have the same effect: Both of them are used to specify the main startup configuration file. The main and backup startup configuration files can be specified as the same file. However, HP recommends using different files, or save the same configuration as two files using different file names, one specified as the main startup configuration file, and the other specified as the backup. Related commands: display startup. startup saved-configuration cfgfile [ backup main ] undo startup saved-configuration User view cfgfile: Configuration file name. The file must be a file with an extension.cfg stored in the root directory of the storage media. backup: Sets the configuration file as the backup startup configuration file to be used at the next startup of the device. main: Sets the configuration file as the main startup configuration file to be used at the next startup of the device. # Specify a startup configuration file to be used at the next system startup. <Sysname> startup saved-configuration testcfg.cfg Please wait...... Done! 119

File management commands The following matrix shows the feature and router compatibility: Feature A- MSR900 A-MSR20-1X A- MSR20 A-MSR30 A-MSR50 Storage media Flash USB disk Flash USB disk CF card USB disk Flash (supported on A- MSR30-10, A-MSR30-11E, and A-MSR30-11F) CF card (supported on A- MSR30-16, A-MSR30-20, A- MSR30-40, and A-MSR30-60) Flash (not supported on MPUF) CF card USB disk USB disk cd In the following examples, the current working directory is the root directory of the storage medium on the device. For the qualified filename formats, see Fundamentals Configuration Guide. Use cd to change the current working directory. cd { directory.. / } User view directory: Name of the target directory, in the format of [drive:/]path. For the detailed introduction to the drive and path arguments, see Fundamentals Configuration Guide. If no drive information is provided, the argument represents a folder or subfolder in the current directory...: Returns to an upper directory. If the current working directory is the root directory, or if no upper directory exists, the current working directory does not change when cd.. is executed. This argument does not support command online help. /: Returns to the root directory of the storage medium. This keyword does not support command line online help. # Enter the test folder after logging in to the device. <Sysname> cd test 120

copy # Return to the upper directory (Remember to enter a space after the keyword cd). <Sysname> cd.. # Return to the root directory. <Sysname> cd / After changing the current directory using the cd command, you can use pwd to view the path of the current working directory. Use copy to copy a file. If you specify a target folder, the system will copy the file to the specified folder and use the name of the source file as the file name. copy fileurl-source fileurl-dest User view fileurl-source: Name of the source file. fileurl-dest: Name of the target file or folder. # Copy file testcfg.cfg in the current folder and save it as testbackup.cfg. <Sysname> copy testcfg.cfg testbackup.cfg Copy flash:/test.cfg to flash:/testbackup.cfg?[y/n]:y... %Copy file flash:/test.cfg to flash:/testbackup.cfg...done. # Copy file 1.cfg in the test folder on the flash to the testbackup folder of the CF card and save it as 1backup.cfg. <Sysname> copy flash:/test/1.cfg cfa0:/testbackup/1backup.cfg Copy flash:/test/1.cfg to cfa0:/testbackup/1backup.cfg?[y/n]:y delete %Copy file flash:/test/1.cfg to cfa0:/testbackup/1backup.cfg...done. CAUTION: If you delete two files with the same filename in different directories, only the last one is retained in the recycle bin. 121

dir Use delete file-url to temporarily delete a file. The deleted file is saved in the recycle bin. To restore it, use undelete. The dir /all command displays the files deleted from the current directory and moved to the recycle bin. These files are enclosed in pairs of square brackets [ ]. To remove the files from the recycle bin, use reset recycle-bin. The delete /unreserved file-url command permanently deletes a file, and the deleted file cannot be restored. Use it with caution. delete [ /unreserved ] file-url User view /unreserved: Permanently deletes the specified file, and the deleted file can never be restored. file-url: Name of the file to be deleted. Asterisks (*) are acceptable as wildcards. For example, to remove files with the extension of.txt in the current directory, you may use delete *.txt. # Remove file tt.cfg from the current directory. <Sysname> delete tt.cfg Delete flash:/tt.cfg? [Y/N]:y. %Delete file flash:/tt.cfg...done. Use dir to display files or folders. If no parameter is specified, the command displays all visible files and folders in the current directory. dir [ /all ] [ file-url /all-filesystems ] User view /all: Displays all files and folders in the current directory, including hidden files, hidden folders, and files moved from the current directory to the recycle bin. Files in the recycle bin are enclosed in square brackets [ ]. 122

file-url: Displays the specified file. Asterisks (*) are acceptable as wildcards. For example, to display files with the.txt extension in the current directory, you may use dir *.txt. /all-filesystems: Displays files and folders in the root directory of all storage media on the device. # Display information about all files and folders. <Sysname> dir /all Directory of flash:/ 0 drw- 6985954 Apr 26 2007 21:06:29 logfile 1 -rw- 1842 Apr 27 2007 04:37:17 mainup.bin 2 -rw- 1518 Apr 26 2007 12:05:38 config.cfg 3 -rw- 2045 May 04 2007 15:50:01 backcfg.cfg 4 -rwh 428 Apr 27 2007 16:41:21 hostkey 5 -rwh 572 Apr 27 2007 16:41:31 serverkey 6 -rw- 2737556 Oct 12 2007 01:31:44 [old.bin] 14605 KB total (5096 KB free) [ ] indicates this file is in the recycle bin. # Display files and folders in the root directory of all storage media on the device. <Sysname> dir /all-filesystems Directory of flash:/ 0 -rw- 1520300 Dec 01 2010 11:37:47 cmdtree.txt 1 drw- - Dec 01 2010 11:37:41 logfile 2 drw- - Dec 01 2010 15:07:15 diaglog 3 drw- - Dec 01 2010 15:07:15 seclog 4 drw- - Dec 03 2010 09:48:05 secl 5 -rw- 909 Dec 03 2010 09:48:38 secl.log 6 -rw- 302515 Dec 09 2010 15:18:09 default.diag 2540 KB total (447 KB free) Directory of flasha:/ 0 -rw- 909 Dec 15 2010 15:09:46 secl.log 3712 KB total (2556 KB free) Table 20 Command output Field Directory of d r w The current working directory. Indicates a directory. If this field does not exist, it indicates a file. Indicates the file or directory is readable. Indicates the file or directory is writable. 123

Field h Indicates the file or directory is hidden. [ ] Indicates the file is in the recycle bin. display nandflash file-location Use display nandflash file-location to display the location of the specified file in the NAND flash memory. The displayed information includes all the physical pages corresponding to the logical pages of the specified file. The following matrix shows the command and router compatibility: Command display nandflash file-location A- MSR900 A-MSR20-1X No No No A- MSR20 A-MSR30 Yes Only supported on A-MSR30-10, A-MSR30-11E, and A-MSR30-11F display nandflash file-location filename [ { begin exclude include } regular-expression ] Any view 2: System level filename: File name. A- MSR50 : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the location of the file test.cfg in the NAND flash memory. <Sysname> display nandflash file-location test.cfg Logical Chunk Physical Page --------------------------- chunk(0) 1234 chunk(1) 1236 chunk(2) 1235 filename: test.cfg No 124

Table 21 Command output Field Logic Chunk Physical Page chunk(0) 1234 Serial number of the logical pages Serial number of the physical pages The first logical page of this file corresponds to the 1234th physical page on the device. display nandflash badblock-location Use display nandflash badblock-location to display the number and location of bad blocks in the NAND flash memory. The following matrix shows the command and router compatibility: Command display nandflash badblock-location A- MSR900 A-MSR20-1X No No No A- MSR20 A-MSR30 Yes Only supported on A-MSR30-10, A-MSR30-11E, and A-MSR30-11F display nandflash badblock-location [ { begin exclude include } regular-expression ] Any view 2: System level A- MSR50 : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the number and location of bad blocks in the NAND flash memory. <Sysname> display nandflash badblock-location No Physical block ------------------------------ badblock(0) 1234 badblock(1) 1235 badblock(2) 1236 No 125

3200 block(s) total, 3 block(s) bad. Table 22 Command output Field No Physical block Serial number of the bad blocks Serial number of the physical pages with bad blocks 3200 blocks total, 3 blocks bad Total number of blocks and bad blocks in the NAND flash memory display nandflash page-data Use display nandflash page-data to display the data on the specified physical page in the NAND flash memory. This command is always used in combination with display nandflash file-location to check the correctness of the data in the NAND flash memory. The following matrix shows the command and router compatibility: Command display nandflash page-data A- MSR900 A-MSR20-1X No No No A- MSR20 A-MSR30 Yes Only supported on A-MSR30-10, A-MSR30-11E, and A-MSR30-11F display nandflash page-data page-value [ { begin exclude include } regular-expression ] Any view 1: Monitor level page-value: Serial number of a physical page. A- MSR50 : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the content of the file test.cfg which is saved in the NAND flash memory. <Sysname> display nandflash file-location test.cfg Logical Chunk Physical Page No 126

execute --------------------------- chunk(0) 1234 chunk(1) 1236 chunk(2) 1235 filename: test.cfg <Sysname> display nandflash page-data 1236 0000: 0D 0A 23 0D 0A 20 76 65 72 73 69 6F 6E 20 35 2E..#.. version 5. 0010: 32 30 2C 20 41 6C 70 68 61 20 31 30 31 31 0D 0A 20, Alpha 1011.. 0020: 23 0D 0A 20 73 79 73 6E 61 6D 65 20 48 33 43 0D #.. sysname HP. 0030: 0A 23 0D 0A 20 70 61 73 73 77 6F 72 64 2D 63 6F.#.. password-co...omitted... Use execute to execute the specified batch file. Batch files are command line files. Executing a batch file is to execute a set of command lines in the file. Do not include invisible characters in a batch file. If an invisible character is found during the execution, the batch process will abort and the executed commands cannot be cancelled. Not every command in a batch file will be executed. For example, if a certain command is not correctly configured, the command will fail to be executed, and the system omits this command and goes to the next one. The configuration generated after a batch file is executed will not be backed up to the standby main board automatically. Each configuration command in a batch file must be a standard configuration command, meaning the valid configuration information can be displayed with display current-configuration. execute filename System view 2: System level filename: Name of a batch file with a.bat extension. You can use rename to change the suffix of the configuration file to.bat to use it as a batch file. # Execute the batch file test.bat in the root directory. [Sysname] execute test.bat 127

file prompt fixdisk Use file prompt to set a prompt mode for file operations. By default, the prompt mode is alert, which HP recommends to avoid misoperations. When the prompt mode is set to quiet, the system does not warn for any file operation. file prompt { alert quiet } System view alert: Enables the system to warn you about operations that may bring undesirable results such as file corruption or data loss. quiet: Disables the system from warning you about any operation. # Set the file operation prompt mode to alert. [Sysname] file prompt alert Use fixdisk to restore the space of a storage medium when it becomes unavailable because of some abnormal operation. fixdisk device User view device: Storage medium name. # Restore the space of Flash. <Sysname> fixdisk flash: Fixdisk flash: may take some time to complete... %Fixdisk flash: completed. 128

format mkdir CAUTION: Formatting a storage medium results in a loss of all the files on the storage medium, and these files cannot be restored. Specifically, if a startup configuration file exists on a storage medium, formatting the storage medium results in loss of the startup configuration file. Use format to format a storage medium. format device [ FAT16 FAT32 ] User view device: Name of a storage medium (for example flash or cfa0). FAT16: Formats a storage medium using the FAT16 format. FAT16 does not support Tab matching but needs to be entered completely if used, and is not applicable to Flash. FAT32: Formats a storage medium using the FAT32 format. FAT32 does not support Tab matching but needs to be entered completely if used, and is not applicable to Flash. # Format Flash. <Sysname> format flash: All data on flash: will be lost, proceed with format? [Y/N]:y./ %Format flash: completed. # Format the CF card using the FAT16 format. <Sysname> format cfa0: FAT16 Use mkdir to create a folder under a specified directory on the storage medium. The name of the folder to be created must be unique in the specified directory. Otherwise, you will fail to create the folder in the directory. To use this command to create a folder, the specified directory must exist. For example, to create folder flash:/test/mytest, the test folder must exist. Otherwise, you will fail to create the mytest folder. mkdir directory 129

more User view directory: Name of a folder. # Create a folder named test in the current directory. <Sysname> mkdir test... %Created dir flash:/test # Create folder test/subtest in the current directory. <Sysname> mkdir test/subtest... %Created dir flash:/test/subtest Use more to display the contents of the specified file. It indicates there are more lines the screen can display. Pressing Enter displays the next line. Pressing Space displays the next screen. Pressing Ctrl+C or any other key exits the display. This command is valid only for text files. more file-url User view file-url: File name. # Display the contents of file test.txt. <Sysname> more test.txt Welcome to HP. # Display the contents of file testcfg.cfg. <Sysname> more testcfg.cfg 130

# # # version 5.20, Beta 1201, Standard sysname Sysname vlan 2 # mount return <Sysname> Use mount to mount a hot swappable storage medium, such as a CF card or a USB device (excluding flash). This command is effective only when the device is in unmounted state. By default, a storage medium is automatically mounted and in mounted state after connected to the device, which means you can use it without mounting it. Do not remove the storage medium or swap a card when mounting or unmounting the device, or when you are processing files on the storage medium. Otherwise, the file system could be damaged. When a storage medium is connected to a lower version system, the system may not be able to recognize the device automatically, and you must use mount for the storage medium to function normally. Before removing a mounted storage medium from the system, you should first unmount it to avoid damaging the device. Related commands: umount. The command is not available for the A-MSR30-1X. mount device User view device: Name of a storage medium (for example flash or cfa0). # Mount a CF card. <Sysname> mount cfa0: % Mount cfa0: successfully. %Apr 23 01:50:00:628 2008 Sysname VFS/0/MOUNTED: cfa0: mounted into slot 0. 131

move pwd Use move to move a file. If you specify a target folder, the system will move the source file to the specified folder, with the file name unchanged. You cannot move files between storage media of different types. move fileurl-source fileurl-dest User view fileurl-source: Name of the source file. fileurl-dest: Name of the target file or folder. # Move file flash:/test/sample.txt to flash:/, and save it as 1.txt. <Sysname> move test/sample.txt 1.txt Move flash:/test/sample.txt to flash:/1.txt?[y/n]:y... % Moved file flash:/test/sample.txt to flash:/1.txt # Move file b.cfg to the subfolder test2. <Sysname> move b.cfg test2 Move flash:/b.cfg to flash:/test2/b.cfg?[y/n]:y. %Moved file flash:/b.cfg to flash:/test2/b.cfg. Use pwd to display the current path. pwd User view None 132

# Display the current path. rename <Sysname> pwd flash: Use rename to rename a file or folder. The target file name must be unique in the current path. rename fileurl-source fileurl-dest User view fileurl-source: Name of the source file or folder. fileurl-dest: Name of the target file or folder. # Rename file sample.txt as sample.bat. <Sysname> rename sample.txt sample.bat Rename flash:/sample.txt to flash:/sample.bat? [Y/N]:y % Renamed file flash:/sample.txt to flash:/sample.bat reset recycle-bin Use reset recycle-bin to permanently delete the files in the recycle bin in the current directory. If a file is corrupted, you may not be able to delete the file using the reset recycle-bin command. Use reset recycle-bin /force to delete the corrupted file in the recycle bin forcibly. The delete file-url command only moves a file to the recycle bin. To permanently delete the file in the recycle bin, use reset recycle-bin in the original directory of the file. The reset recycle-bin command deletes files in the current directory and in the recycle bin. If the original path of the file to be deleted is not the current directory, use cd to enter the original directory of the file, and then execute reset recycle-bin. reset recycle-bin [ /force ] User view 133

/force: Deletes all files in the recycle bin, including files that cannot be deleted by the command without the /force keyword. # Delete file b.cfg in the current directory and in the recycle bin. Display all the files in the recycle bin and in the current directory. <Sysname> dir /all Directory of flash:/ 0 -rwh 3080 Apr 26 2008 16:41:43 private-data.txt 1 -rw- 2416 Apr 26 2008 13:45:36 config.cfg 2 -rw- 8036197 May 14 2008 10:13:18 main.bin 3 -rw- 2386 Apr 26 2008 13:30:30 back.cfg 4 drw- - May 08 2008 09:49:25 test 5 -rwh 716 Apr 24 2007 16:17:30 hostkey 6 -rwh 572 Apr 24 2007 16:17:44 serverkey 7 -rw- 2386 May 08 2008 11:14:20 [a.cfg] 8 -rw- 3608 Dec 03 2007 17:29:30 [b.cfg] 14605 KB total (6730 KB free) //The output shows the current directory is flash:, and there are two files a.cfg and b.cfg in the recycle bin. Delete file b.cfg in the current directory and in the recycle bin. <Sysname> reset recycle-bin Clear flash:/~/a.cfg?[y/n]:n Clear flash:/~/b.cfg?[y/n]:y Clearing files from flash may take a long time. Please wait...... %Cleared file flash:/~/b.cfg... In directory flash:, check whether the file b.cfg in the recycle bin is deleted. <Sysname> dir /all Directory of flash:/ 0 -rwh 3080 Apr 26 2008 16:41:43 private-data.txt 1 -rw- 2416 Apr 26 2008 13:45:36 config.cfg 2 -rw- 8036197 May 14 2008 10:13:18 main.bin 3 -rw- 2386 Apr 26 2008 13:30:30 back.cfg 4 drw- - May 08 2008 09:49:25 test 5 -rwh 716 Apr 24 2007 16:17:30 hostkey 6 -rwh 572 Apr 24 2007 16:17:44 serverkey 7 -rw- 2386 May 08 2008 11:14:20 [a.cfg] 14605 KB total (6734 KB free) 134

// The output shows that file flash:/b.cfg is deleted permanently. # Delete file aa.cfg in the subdirectory test and in the recycle bin. Enter the subdirectory <Sysname> cd test/ Check all the files in the subfolder test. <Sysname> dir /all Directory of flash:/test 0 -rw- 2161 Apr 26 2000 21:22:35 [aa.cfg] rmdir 14605 KB total (6734 KB free) // The output shows that only one file exists in the folder, and the file has been moved to the recycle bin. Permanently delete file test/aa.cfg. <Sysname> reset recycle-bin Clear flash:/test/~/aa.cfg?[y/n]:y Clearing files from flash may take a long time. Please wait..... %Cleared file flash:/test/~/aa.cfg... Use rmdir to remove a folder. The folder must be an empty one. If not, you must delete all files and subfolders under it with the delete command. After you execute rmdir successfully, the files in the recycle bin in the folder will be automatically deleted. rmdir directory User view directory: Name of the folder. # Remove folder mydir. <Sysname> rmdir mydir Rmdir flash:/mydir?[y/n]:y %Removed directory flash:/mydir. 135

umount Use umount to unmount a hot swappable storage medium, such as a CF card or a USB device, excluding flash. This command is effective only when the storage medium is in mounted state. By default, a storage medium is automatically mounted and in mounted state. You must unmount it before removing it from the device. When mounting or unmounting a storage medium, or performing file operations on it, do not unplug or switchover the storage medium or the card where the storage medium resides. Otherwise, the file system could be damaged. When a storage medium is connected to a lower version system, the system may not be able to recognize the device automatically, and you must use mount for the storage medium to function normally. Before removing a mounted storage medium from the system, first unmount it to avoid damaging the device. Related commands: mount. The command is not available for the A-MSR30-1X. umount device User view undelete device: Name of a storage medium (for example flash or cfa0). # Unmount a CF card. <Sysname> umount cfa0: % Umount cfa0: successfully. %Apr 23 01:49:20:929 2008 Sysname VFS/5/UNMOUNTED: cfa0: umounted from slot 0. Use undelete to restore a file from the recycle bin. If another file with the same name exists in the same path, the system prompts you whether to overwrite the original file. undelete file-url User view 136

file-url: Name of the file to be restored. # Restore file a.cfg in directory flash: from the recycle bin. <Sysname> undelete a.cfg Undelete flash:/a.cfg?[y/n]:y... %Undeleted file flash:/a.cfg. # Restore file b.cfg in directory flash:/test from the recycle bin. <Sysname> undelete flash:/test/b.cfg Undelete flash:/test/b.cfg?[y/n]:y... %Undeleted file flash:/test/b.cfg. Or, you can use the following steps to restore file flash:/test/b.cfg. <Sysname> cd test <Sysname> undelete b.cfg Undelete flash:/test/b.cfg?[y/n]:y... %Undeleted file flash:/test/b.cfg. 137

FTP configuration commands FTP server configuration commands display ftp-server Use display ftp-server to display the FTP server configuration. After configuring FTP server parameters, verify them with this command. Related commands: ftp server enable, ftp timeout, and ftp update. display ftp-server [ { begin exclude include } regular-expression ] Any view : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the FTP server configuration. <Sysname> display ftp-server FTP server is running Max user number: 1 User count: 1 Timeout value(in minute): 30 Put Method: Table 23 Command output fast Field Max user number User count Maximum number of concurrent login users Number of the current login users. 138

Field Timeout value (in minute) Allowed idle time of an FTP connection. If there is no packet exchange between the FTP server and client during this period, the FTP connection will be disconnected. File update method of the FTP server: Put Method fast normal display ftp-user Use display ftp-user to display the detailed information of current FTP users. display ftp-user [ { begin exclude include } regular-expression ] Any view : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the detailed information of FTP users. <Sysname> display ftp-user UserName HostIP Port Idle HomeDir ftp 192.168.1.54 1190 0 flash: # If the name of the logged-in user exceeds 10 characters, the exceeded characters will be displayed in the next line and right justified, for example, if the logged-in user name is administrator, the information is displayed as follows: <Sysname> display ftp-user UserName HostIP Port Idle HomeDir administra tor 192.168.0.152 1031 0 flash: Table 24 Command output Field UserName Name of the currently logged-in user 139

Field HostIP Port Idle HomeDir IP address of the currently logged-in user Port the currently logged-in user is using Duration time of the current FTP connection, in minutes Authorized path of the present logged-in user free ftp user Use free ftp user to manually release the FTP connection established by the specified user. This command releases the FTP connection established by the specified user no matter whether the user is transmitting a file. free ftp user username User view username: Username. You can use display ftp-user to view FTP login user information. # Manually release the FTP connection established with username ftpuser. <Sysname> free ftp user ftpuser Are you sure to free FTP user ftpuser? [Y/N]:y <Sysname> ftp server acl Use ftp server acl to control FTP clients access to the device using an ACL. Use undo ftp server acl to restore the default. By default, no ACL is used to control FTP clients access to the device. Associated with an ACL, the FTP server can deny the FTP requests of some FTP clients and only permit the access of clients allowed by the ACL rules. This configuration only filters the FTP connections to be established, and has no effect on the established FTP connections and operations. If you execute the command multiple times, the last specified ACL takes effect. ftp server acl acl-number undo ftp server acl 140

System view 2: System level acl-number: Basic ACL number, in the range of 2000 to 2999. # Associate the FTP service with ACL 2001 to allow only the client 1.1.1.1 to access the device through FTP. [Sysname] acl number 2001 [Sysname-acl-basic-2001] rule 0 permit source 1.1.1.1 0 [Sysname-acl-basic-2001] rule 1 deny source any [Sysname-acl-basic-2001] quit [Sysname] ftp server acl 2001 ftp server enable Use ftp server enable to enable the FTP server and allow the login of FTP users. Use undo ftp server to disable the FTP server. By default, the FTP server is disabled. ftp server enable undo ftp server System view None # Enable the FTP server. ftp timeout [Sysname] ftp server enable [Sysname] Use ftp timeout to set the idle-timeout timer. Use undo ftp timeout to restore the default. 141

By default, the FTP idle time is 30 minutes. If the idle time of an FTP connection exceeds the FTP timeout value, the FTP server breaks the connection to save resources. ftp timeout minute undo ftp timeout System view minute: Idle-timeout timer in minutes, in the range of 1 to 35791. # Set the idle-timeout timer to 36 minutes. [Sysname] ftp timeout 36 [Sysname] ftp update Use ftp update to set the file update mode the FTP server uses while receiving data. Use undo ftp update to restore the default, namely, the normal mode. ftp update { fast normal } undo ftp update System view fast: Fast update. normal: Normal update. # Set the FTP update mode to normal. [Sysname] ftp update normal [Sysname] 142

FTP client configuration commands ascii You must use ftp to enter FTP client view before making client configurations. For more information, see ftp. Before executing FTP client configuration commands, make sure you have made proper authority configurations for users on the FTP server. Authorized operations include view the files under the current directory, read/download the specified files, create directory/upload files, and rename/remove files). The prompt information in the following examples varies with FTP server types. Use ascii to set the file transfer mode to ASCII. By default, the file transfer mode is ASCII. The carriage return characters vary with operating systems. For example, to indicate the end of a line and transfer to the next line, HP and Windows use characters /r/n, and Linux uses characters /n. The rules of the specified file transfer mode must be followed by the two communicating systems using different carriage return characters so they can correctly resolve received files. FTP transfers files in two modes: Binary mode: for program file or picture transmission ASCII mode: for text file transmission Related commands: binary. ascii FTP client view None # Set the file transfer mode to ASCII. [ftp] ascii 200 Type set to A. binary [ftp] Use binary to set the file transfer mode to binary (flow) mode. 143

By default, the transfer mode is ASCII mode. Related commands: ascii. binary FTP client view None # Set the file transfer mode to binary. [ftp] binary 200 Type set to I. bye [ftp] Use bye to disconnect from the remote FTP server and return to user view. If no connection is established between the device and the remote FTP server, use this command to return to user view directly. Related commands: close, disconnect, and quit. bye FTP client view None # Terminate the connection with the remote FTP server and return to user view. [ftp] bye 221 Server closing. <Sysname> 144

cd Use cd to change the current working directory on the remote FTP server to access another authorized directory. Related commands: pwd. cd { directory.. / } FTP client view directory: Name of the target directory, in the format of [drive:/][/]path, where drive represents the storage medium name, typically flash or cf. If the target directory does not exist, the cd command does not change the current working directory. If no drive information is provided, the argument represents a folder or subfolder in the current directory. For more information about the drive and path arguments, see Fundamentals Configuration Guide...: Returns to an upper directory. The execution of cd.. equals the execution of cdup. If the current working directory is the root directory, the current working directory does not change when cd.. is executed. This argument does not support command line online help. /: Returns to the FTP root directory. The keyword does not support command line online help. # Change the working directory to the subdirectory logfile of the current directory. [ftp] cd logfile 250 CWD command successful. # Change the working directory to the subdirectory folder of the FTP root directory. [ftp] cd /folder 250 CWD command successful. # Change the working directory to the upper directory of the current directory. [ftp] cd.. 250 CWD command successful. # Change the working directory to the FTP root directory. [ftp] cd / 250 CWD command successful. cdup [ftp] Use cdup to exit the current directory and enter the upper directory of the FTP server. 145

This command does not change the working directory if the current directory is the FTP root directory. Related commands: cd and pwd. cdup FTP client view None # Change the current working directory path to the upper directory. [ftp] pwd 257 "/ftp/subdir" is current directory. [ftp] cdup 200 CDUP command successful. [ftp] pwd 257 "/ftp" is current directory. [ftp] close Use close to terminate the connection to the FTP server, but remain in FTP client view. This command is equal to disconnect. close FTP client view None # Terminate the connection to the FTP server and remain in FTP client view. [ftp] close 221 Server closing. [ftp] 146

debugging Use debugging to enable FTP client debugging. Use undo debugging to disable FTP client debugging. By default, FTP client debugging is disabled. debugging undo debugging FTP client view None # The device serves as the FTP client. Enable FTP client debugging and use the active mode to download file sample.file from the current directory of the FTP server. <Sysname> terminal monitor <Sysname> terminal debugging <Sysname> ftp 192.168.1.46 Trying 192.168.1.46... Press CTRL+K to abort Connected to 192.168.1.46. 220 FTP service ready. User(192.168.1.46:(none)):ftp 331 Password required for ftp. Password: 230 User logged in. [ftp]undo passive FTP: passive is off [ftp] debugging FTP: debugging switch is on [ftp] get sample.file ---> PORT 192,168,1,44,4,21 200 Port command okay. The parsed reply is 200 ---> RETR sample.file 150 Opening ASCII mode data connection for /sample.file. 147

The parsed reply is 150 FTPC: File transfer started with the signal light turned on. FTPC: File transfer completed with the signal light turned off..226 Transfer complete. FTP: 3304 byte(s) received in 4.889 second(s), 675.00 byte(s)/sec. [ftp] Table 25 Command output Field ---> PORT 192,168,1,44,4,21 Gives an FTP order. 192,168,1,44 specifies the four bytes of the destination IP address, and 4,21 calculates data port number by using the algorithm 4*256+21. The parsed reply is The received reply code, defined in RFC 959. ---> RETR Download the file. FTPC: File transfer started with the signal light turned on FTPC: File transfer completed with the signal light turned off File transfer starts, and the signal light is turned on. File transfer is completed, and the signal light is turned off. delete Use delete to permanently delete a specified file on the remote FTP server. To perform this operation, you must have delete permissions on the FTP server. delete remotefile FTP client view remotefile: File name. # Delete file temp.c. [ftp] delete temp.c 250 DELE command successful. [ftp] 148

dir Use dir to view the detailed information of the files and subdirectories under the current directory on the remote FTP server. Use dir remotefile to display the detailed information of the specified file or directory on the remote FTP server. Use dir remotefile localfile to display the detailed information of the specified file or directory on the remote FTP server, and save the displayed information into a local file specified by the localfile argument. The Is command can only display the names of files and directories, whereas dir can display other related information of the files and directories, such as the size, and the date they were created. dir [ remotefile [ localfile ] ] FTP client view remotefile: Name of the file or directory on the remote FTP server. localfile: Name of the local file to save the displayed information. # the detailed information of the files and subdirectories under the current directory on the remote FTP server. [ftp] dir 227 Entering Passive Mode (192,168,1,46,5,68). 125 ASCII mode data connection already open, transfer starting for /*. drwxrwxrwx 1 noone nogroup 0 Aug 08 2006 logfile -rwxrwxrwx 1 noone nogroup 20471748 May 11 10:21 test.bin -rwxrwxrwx 1 noone nogroup 4001 Dec 08 2007 config.cfg -rwxrwxrwx 1 noone nogroup 3608 Jun 13 2007 startup.cfg drwxrwxrwx 1 noone nogroup 0 Dec 03 2007 test -rwxrwxrwx 1 noone nogroup 299 Oct 15 2007 key.pub 226 Transfer complete. FTP: 394 byte(s) received in 0.189 second(s), 2.00K byte(s)/sec. [ftp] # the information of the file router.cfg, and save the result to aa.txt. [ftp] dir router.cfg aa.txt 227 Entering Passive Mode (192,168,1,50,17,158). 125 ASCII mode data connection already open, transfer starting for /router.cfg....226 Transfer complete. FTP: 67 byte(s) received in 4.600 second(s), 14.00 byte(s)/sec. 149

disconnect # the content of aa.txt. [ftp] quit <Sysname> more aa.txt -rwxrwxrwx 1 noone nogroup 3077 Jun 20 15:34 router.cfg Use disconnect to disconnect from the remote FTP server, but remain in FTP client view. This command is equal to close. disconnect FTP client view None # Disconnect from the remote FTP server but remain in FTP client view. [ftp] disconnect 221 Server closing. [ftp] display ftp client configuration Use display ftp client configuration to display the source IP address configuration of the FTP client. Related commands: ftp client source. display ftp client configuration [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. 150

ftp exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the source IP address configuration of the FTP client. <Sysname> display ftp client configuration The source IP address is 192.168.0.123 The display ftp client configuration command displays the source IP address configuration of the FTP client. If the specified source IP address is active, this command displays the source IP address. If the specified source interface is active, this command displays the source interface. Use ftp to log in to the remote FTP server and enter FTP client view. This command applies to IPv4 networks only. If you use this command without specifying any parameters, you will simply enter the FTP client view without logging in to the FTP server. If you specify the parameters, you will be prompted to enter the username and password for accessing the FTP server. ftp [ server-address [ service-port ] [ vpn-instance vpn-instance-name ] [ source { interface interface-type interface-number ip source-ip-address } ] ] User view server-address: IP address or host name (a string of 1 to 20 characters) of a remote FTP server. service-port: TCP port number of the remote FTP server, in the range of 0 to 65535. The default value is 21. vpn-instance vpn-instance-name: Specifies the MPLS L3 VPN the FTP server belongs to. The vpn-instancename argument is a case-sensitive string of 1 to 31 characters. If the FTP server is on the public network, do not specify this option. source { interface interface-type interface-number ip source-ip-address }: Specifies the source address used to establish an FTP connection. interface interface-type interface-number: Specifies the source interface by its type and number. The primary IP address configured on this interface is the source address of the transmitted FTP packets. If no primary IP address is configured on the source interface, the connection fails. ip source-ip-address: The source IP address of the transmitted FTP packets. This source address must be the one that has been configured on the device. 151

# Log in the server 192.168.0.211. The source IP address of sent FTP packets is 192.168.0.212. <Sysname1> ftp 192.168.0.211 source ip 192.168.0.212 Trying 192.168.0.211... Press CTRL+K to abort Connected to 192.168.0.211. 220 FTP Server ready. User(192.168.0.211:(none)):abc 331 Password required for abc Password: 230 User logged in. [ftp] ftp client source Use ftp client source to specify the source IP address of packets sent to an FTP server. Use undo ftp client source to restore the default. By default, the source IP address is the IP address of the output interface of the route to the server is used as the source IP address. If you use ftp client source to first configure a source interface and then a source IP address, the source IP address overwrites the source interface, and vice versa. If you first use ftp client source to specify a source IP address and then use ftp to specify another source IP address, the latter is used. The source IP address specified with ftp client source applies to all FTP connections while the one specified with the ftp command applies to the current FTP connection only. Related commands: display ftp client configuration. ftp client source { interface interface-type interface-number ip source-ip-address } undo ftp client source System view 2: System level interface interface-type interface-number: Specifies the source interface for establishing FTP connections. The primary IP address of the source interface is used as the source IP address of packets sent to an FTP server. If the source interface has no primary IP address specified, no FTP connection can be established. ip source-ip-address: Specifies the source IP address of packets sent to an FTP server, which is one of the IP addresses of the device. 152

ftp ipv6 # Specify the source IP address of packets sent to an FTP server as 2.2.2.2. [Sysname] ftp client source ip 2.2.2.2 # Specify the IP address of interface Ethernet 1/1 as the source IP address of packets sent to an FTP server. [Sysname] ftp client source interface ethernet 1/1 [Sysname] Use ftp ipv6 to log in to the FTP server and enter FTP client view. This command applies to IPv6 networks only. If you use this command without specifying any parameters, you will simply enter the FTP client view without logging in to an FTP server. If you specify the parameters, enter the username and password for accessing the FTP server. ftp ipv6 [ server-address [ service-port ] [ vpn-instance vpn-instance-name ] [ source ipv6 source-ipv6- address ] [ -i interface-type interface-number ] ] User view server-address: IP address or host name of the remote FTP server. service-port: TCP port number of the FTP server, in the range of 0 to 65535. The default value is 21. source ipv6 source-ipv6-address: Specifies a source IPv6 address for transmitted FTP packets. This address must be an IPv6 address that has been configured on the device. -i interface-type interface-number: Specifies the type and number of the source interface. This parameter can be used only when the FTP server address is a link local address and the specified egress interface has a link local address. For the configuration of link local addresses, see Layer 3 IP Services Configuration Guide. vpn-instance vpn-instance-name: Specifies the MPLS L3 VPN the FTP server belongs to. The vpn-instancename argument is a case-sensitive string of 1 to 31 characters. If the FTP server is on the public network, do not specify this option. # Log in to the FTP server with IPv6 address 3000::200. <Sysname> ftp ipv6 3000::200 Trying 3000::200... Press CTRL+K to abort 153

get Connected to 3000::200. 220 Welcome! User(3000::200:(none)): MY_NAME 331 Please specify the password. Password: 230 Login successful. [ftp] # Log in to the FTP server with IPv6 address 3000::200 in VPN 1. <Sysname> ftp ipv6 3000::200 vpn-instance vpn1 Trying 3000::200... Press CTRL+K to abort Connected to 3000::200. 220 Welcome! User(3000::200:(none)): MY_NAME 331 Please specify the password. Password: 230 Login successful. [ftp] Use get to download a file from a remote FTP server and save it. get remotefile [ localfile ] FTP client view remotefile: Name of the file to be downloaded. localfile: File name used after a file is downloaded and saved locally. If this argument is not specified, the local file uses the name of the source file on the FTP server by default. # Download file testcfg.cfg and save it as aa.cfg. [ftp] get testcfg.cfg aa.cfg 227 Entering Passive Mode (192,168,1,50,17,163). 125 ASCII mode data connection already open, transfer starting for /testcfg.cfg....226 Transfer complete. FTP: 5190 byte(s) received in 7.754 second(s), 669.00 byte(s)/sec. 154

lcd Use lcd to display the local working directory of the FTP client. lcd ls FTP client view None # Display the local working directory. [ftp] lcd FTP: Local directory now flash:/clienttemp. The output indicates the working directory of the FTP client before execution of ftp is flash:/clienttemp. Use ls to view the information of all the files and subdirectories in the current directory of the remote FTP server. The file names and subdirectory names are displayed. Use ls remotefile to view the information of a specified file or subdirectory. Use ls remotefile localfile to view the information of a specified file or subdirectory, and save the result to a local file specified by the localfile argument. The ls command can only display the names of files and directories on the FTP server, whereas dir can display other related information of the files and directories, such as the size, and the date they were created. ls [ remotefile [ localfile ] ] FTP client view remotefile: Filename or directory on the remote FTP server. localfile: Name of a local file used to save the displayed information. 155

# the information of all files and subdirectories under the current directory of the FTP server. [ftp] ls 227 Entering Passive Mode (192,168,1,50,17,165). 125 ASCII mode data connection already open, transfer starting for /*. router.cfg logfile main.bin basicbtm.bin ftp test bb.cfg testcfg.cfg 226 Transfer complete. FTP: 87 byte(s) received in 0.132 second(s) 659.00 byte(s)/sec. # the information of directory logfile. [ftp] ls logfile 227 Entering Passive Mode (192,168,1,50,10,49). 125 ASCII mode data connection already open, transfer starting for /logfile/*. logfile.log a.cfg 226 Transfer complete. FTP: 20 byte(s) received in 0.075 second(s), 266.00 byte(s)/sec. # Save the result to file aa.txt. [ftp] ls logfile aa.txt 227 Entering Passive Mode (192,168,1,50,4,3). 125 ASCII mode data connection already open, transfer starting for /logfile/*....226 Transfer complete. FTP: 20 byte(s) received in 3.962 second(s), 5.00 byte(s)/sec. # the content of file aa.txt. [ftp] quit 221 Server closing. <Sysname> more aa.txt logfile.log a.cfg mkdir <Sysname> Use mkdir to create a subdirectory in the current directory on the remote FTP server. You can do this only if you have permissions on the FTP server. 156

mkdir directory FTP client view directory: Name of the directory to be created. # Create subdirectory mytest on the current directory of the remote FTP server. [ftp] mkdir mytest 257 "/mytest" new directory created. open [ftp] Use open to log in to the IPv4 FTP server under FTP client view. At login, enter the username and password for accessing the FTP server. If your input is correct, the login succeeds. If you have logged in to the IPv4 FTP server, you cannot use open to log in to another server. To do so, you must disconnect from the current server first. Related commands: close. open server-address [ service-port ] FTP client view server-address: IP address or host name of a remote FTP server. service-port: Port number of the remote FTP server, in the range of 0 to 65535. The default value is 21. # In FTP client view, log in to the FTP server with the IP address of 192.168.1.50. <Sysname> ftp [ftp] open 192.168.1.50 Trying 192.168.1.50... Press CTRL+K to abort Connected to 192.168.1.50. 157

220 FTP service ready. User(192.168.1.50:(none)):aa 331 Password required for aa. Password: 230 User logged in. [ftp] open ipv6 Use open ipv6 to log in to the IPv6 FTP server in FTP client view. At login, enter the username and password for accessing the FTP server. If your input is correct, the login succeeds. Related commands: close. open ipv6 server-address [ service-port ] [ -i interface-type interface-number ] FTP client view server-address: IP address or host name of the remote FTP server. service-port: Port number of the remote FTP server, in the range of 0 to 65535. The default value is 21. -i interface-type interface-number: Specifies the egress interface by its type and number. This parameter can be used only when the FTP server address is a link local address and the specified egress interface has a link local address. For the configuration of link local addresses, see Layer 3 IP Services Configuration Guide. # Log in to the FTP server (with IPv6 address 3000::200) in FTP client view. <Sysname> ftp [ftp] open ipv6 3000::200 Trying 3000::200... Press CTRL+K to abort Connected to 3000::200. 220 Welcome! User(3000::200:(none)): MY_NAME 331 Please specify the password. Password: 230 Login successful. [ftp] 158

passive Use passive to set the data transmission mode to passive. Use undo passive to set the data transmission mode to active. The default transmission mode is passive. Data transmission modes fall into the passive mode and the active mode. The active mode specifies the server to initiate connection requests. The passive mode specifies the client to initiate connection requests. This command is mainly used in conjunction with a firewall to restrict FTP connections between private and public network users. passive undo passive FTP client view None # Set the data transmission mode to passive. [ftp] passive FTP: passive is on put [ftp] Use put to upload a file on the client to the remote FTP server. By default, if no name is assigned to the file to be saved on the FTP server, the name of the source file is used. After a file is uploaded, it will be saved under the user s authorized directory, and can be set by issuing authorization-attribute on the remote server. put localfile [ remotefile ] FTP client view 159

localfile: Name of the local file to be uploaded. remotefile: File name used after a file is uploaded and saved on the FTP server. # Upload source file cc.txt to the remote FTP server and save it as dd.txt. pwd [ftp] put cc.txt dd.txt 227 Entering Passive Mode (192,168,1,50,17,169). 125 ASCII mode data connection already open, transfer starting for /dd.txt. 226 Transfer complete. FTP: 9 byte(s) sent in 0.112 second(s), 80.00 byte(s)/sec. Use pwd to display the currently accessed directory on the remote FTP server. pwd FTP client view None # Display the currently accessed directory on the remote FTP server. quit [ftp] cd servertemp [ftp] pwd 257 "/servertemp" is current directory. The output indicates the servertemp folder under the FTP root directory is being accessed by the user. Use quit to disconnect the FTP client from the remote FTP server and exit to user view. quit FTP client view 160

None # Disconnect from the remote FTP server and exit to user view. [ftp] quit 221 Server closing. <Sysname> remotehelp Use remotehelp to display the help information of FTP-related commands supported by the remote FTP server. If no argument is specified, FTP-related commands supported by the remote FTP server are displayed. remotehelp [ protocol-command ] FTP client view protocol-command: FTP command. # Display FTP commands supported by the remote FTP server. [ftp] remotehelp 214-Here is a list of available ftp commands Those with '*' are not yet implemented. USER PASS ACCT* CWD CDUP SMNT* QUIT REIN* PORT PASV TYPE STRU* MODE* RETR STOR STOU* APPE* ALLO* REST* RNFR* RNTO* ABOR* DELE RMD MKD PWD LIST NLST SITE* SYST STAT* HELP NOOP* XCUP XCWD XMKD XPWD XRMD 214 Direct comments to HP company. # Display the help information for the user command. [ftp] remotehelp user 214 : USER <sp> <username>. [ftp] 161

Table 26 Command output Field USER PASS CWD CDUP SMNT* QUIT REIN* PORT PASV TYPE STRU* MODE* RETR STOR STOU* APPE* ALLO* REST* RNFR* RNTO* ABOR* DELE RMD MKD PWD LIST NLST SITE* SYST STAT* HELP NOOP* XCUP XCWD Username Password Change the current working directory Change to parent directory File structure setting Quit Re-initialization Port number Passive mode Request type File structure Transmission mode Download a file Upload a file Store unique Appended file Allocation space Restart Rename the source Rename the destination Abort the transmission Delete a file Delete a folder Create a folder Print working directory List files List file description Locate a parameter Display system parameters State Help No operation Extension command, the same meaning as CDUP Extension command, the same meaning as CWD 162

Field XMKD XPWD XRMD : USER <sp> <username>. Extension command, the same meaning as MKD Extension command, the same meaning as PWD Extension command, the same meaning as RMD of the user command: user (keyword) + space + username rmdir Use rmdir to remove a specified directory from the FTP server. Only authorized users are allowed to use this command. Delete all files and subdirectories under a directory before you delete the directory. For how to delete files, see delete. When you execute rmdir, the files in the remote recycle bin in the directory will be automatically deleted. rmdir directory FTP client view directory: Directory name on the remote FTP server. # Delete the temp1 directory from the FTP root directory. [ftp] rmdir /temp1 200 RMD command successful. user [ftp] Use user to relog in to the currently accessed FTP server with another username. Before using this command, you must configure the corresponding username and password on the FTP server or the login will fail and the FTP connection will close. user username [ password ] 163

FTP client view username: Login username. password: Login password. You can input this argument a space after the username argument; or you can input this argument when the Password: prompt appears after you input the username and then press Enter. # User ftp1 has logged in to the FTP server. Use username ftp2 to log in to the current FTP server. (Suppose username ftp2 and password 123123123123 have been configured on the FTP server.) Method 1 [ftp] user ftp2 331 Password required for ftp2. Password: 230 User logged in. [ftp] Method 2 [ftp] user ftp2 123123123123 331 Password required for ftp2. 230 User logged in. [ftp] verbose Use verbose to enable display of detailed prompt information received from the server. Use undo verbose to disable display of detailed prompt information. By default, the display of detailed prompt information is enabled. verbose undo verbose FTP client view None 164

# Enable display of detailed prompt information. [ftp] verbose FTP: verbose is on # Disable display of detailed prompt information. and perform a Get operation. [ftp] undo verbose FTP: verbose is off [ftp] get startup.cfg bb.cfg FTP: 3608 byte(s) received in 0.052 second(s), 69.00K byte(s)/sec. [ftp] # Enable display of detailed prompt information. and perform a Get operation. [ftp] verbose FTP: verbose is on [ftp] get startup.cfg aa.cfg 227 Entering Passive Mode (192,168,1,46,5,85). 125 ASCII mode data connection already open, transfer starting for /startup.cfg. 226 Transfer complete. FTP: 3608 byte(s) received in 0.193 second(s), 18.00K byte(s)/sec. 165

TFTP configuration commands TFTP client configuration commands display tftp client configuration Use display tftp client configuration to display source IP address configuration of the TFTP client. The display tftp client configuration command displays the source IP address configuration of the TFTP client. If the specified source IP address is active, this command displays the source IP address. If the specified source interface is active, this command displays the source interface. Related commands: tftp client source. display tftp client configuration [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the source IP address configuration of the TFTP client. <Sysname> display tftp client configuration The source IP address is 192.168.0.123 tftp-server acl Use tftp-server acl to control the device s access to a specific TFTP server using an ACL. Use undo tftp-server acl to restore the default. By default, no ACL is used to control the device s access to TFTP servers. You can use an ACL to deny or permit the device s access to a specific TFTP server. 166

tftp For more information about ACL, see ACL and QoS Configuration Guide. tftp-server [ ipv6 ] acl acl-number undo tftp-server [ ipv6 ] acl System view ipv6: References an IPv6 ACL. If it is not specified, an IPv4 ACL is referenced. acl-number: Number of a basic ACL, in the range of 2000 to 2999. # Allow the device to access the TFTP server with the IP address of 1.1.1.1 only (in IPv4 networking environment). [Sysname] acl number 2000 [Sysname-acl-basic-2000] rule permit source 1.1.1.1 0 [Sysname-acl-basic-2000] quit [Sysname] tftp-server acl 2000 # Allow the device to access the TFTP server with the IP address of 2001::1 only (in IPv6 networking environment). [Sysname] acl ipv6 number 2001 [Sysname-acl6-basic-2001] rule permit source 2001::1/128 [Sysname-acl6-basic-2001] quit [Sysname] tftp-server ipv6 acl 2001 [Sysname] Use tftp to download a specified file from a TFTP server to the local device or upload a specified local file to the TFTP server in an IPv4 network. tftp server-address { get put sget } source-filename [ destination-filename ] [ vpn-instance vpn-instancename ] [ source { interface interface-type interface-number ip source-ip-address } ] User view 167

server-address: IP address or host name of a TFTP server. get: Downloads a file in normal mode. put: Uploads a file. sget: Downloads a file in secure mode. source-filename: Source file name. destination-filename: Destination file name. If this argument is not specified, the saved file uses the source file name, and the file directory is the current directory of the user. vpn-instance vpn-instance-name: Specifies the MPLS L3 VPN where the TFTP server belongs. The vpninstance-name argument is a case-sensitive string of 1 to 31 characters. If the TFTP server is on the public network, do not specify this option. source: Configures parameters for source address binding. interface interface-type interface-number: Specifies the source interface by its type and number. The primary IP address configured on the source interface is the source IP address of the packets sent by TFTP. If no primary IP address is configured on the source interface, the transmission fails. ip source-ip-address: Specifies the source IP address for the current TFTP client to transmit packets. This source address must be an IP address that has been configured on the device. # Download the config.cfg file from the TFTP server with the IP address of 192.168.0.98 and save it as config.bak. Specify the source IP address to be 192.168.0.92. <Sysname> tftp 192.168.0.98 get config.cfg config.bak source ip 192.168.0.92... File will be transferred in binary mode Downloading file from remote TFTP server, please wait... TFTP: 372800 bytes received in 1 second(s) File downloaded successfully. # Upload the config.cfg file from the local device to the default path of the TFTP server with the IP address of 192.168.0.98 and save it as config.bak. Specify the source IP interface to be Ethernet 1/1. <Sysname> tftp 192.168.0.98 put config.cfg config.bak source interface ethernet 1/1 File will be transferred in binary mode Sending file to remote TFTP server. Please wait... TFTP: 345600 bytes sent in 1 second(s). File uploaded successfully. tftp client source Use tftp client source to specify the source IP address of packets sent to a TFTP server. Use undo tftp client source to restore the default. By default, the source IP address is the IP address of the output interface of the route to the server is used as the source IP address.. 168

tftp ipv6 If you use tftp client source to first configure a source interface and then a source IP address, the source IP address overwrites the source interface, and vice versa. If you first use tftp client source to specify a source IP address and then use tftp to specify another source IP address, the latter is used. The source IP address specified with tftp client source applies to all TFTP connections while the one specified with tftp applies to the current TFTP connection only. Related commands: display tftp client configuration. tftp client source { interface interface-type interface-number ip source-ip-address } undo tftp client source System view 2: System level interface interface-type interface-number: Specifies the source interface for establishing TFTP connections. The primary IP address of the source interface is used as the source IP address of packets sent to a TFTP server. If the source interface has no primary IP address specified, no TFTP connection can be established. ip source-ip-address: Specifies the source IP address of packets sent to a TFTP server, which is one of the IP addresses configured on the device. # Specify the source IP address of packets sent a TFTP server as 2.2.2.2. [Sysname] tftp client source ip 2.2.2.2 # Specify the IP address of interface Ethernet 1/1 as the source IP address of packets sent to a TFTP server. [Sysname] tftp client source interface ethernet 1/1 [Sysname] Use tftp ipv6 to download a specified file from a TFTP server to the local device or upload a specified local file to a TFTP server in an IPv6 network. tftp ipv6 tftp-ipv6-server [ -i interface-type interface-number ] { get put } source-filename [ destinationfilename ] [ vpn-instance vpn-instance-name ] User view 169

tftp-ipv6-server: IPv6 address or host name (a string of 1 to 46 characters) of a TFTP server. -i interface-type interface-number: Specifies the source interface by its type and number. This parameter can be used only when the TFTP server address is a link local address and the specified egress interface has a link local address. For the configuration of a link local address, see IPv6 basics configuration in the Layer 3 IP Services Configuration Guide. get: Downloads a file. put: Uploads a file. source-file: Source filename. destination-file: Destination filename. If not specified, this filename is the same as the source filename. vpn-instance vpn-instance-name: Specifies the MPLS L3 VPN the TFTP server belongs to. The vpn-instancename argument is a case-sensitive string of 1 to 31 characters. If the TFTP server is on the public network, do not specify this option. # Download filetoget.txt from the TFTP server. <Sysname> tftp ipv6 fe80::250:daff:fe91:e058 -i ethernet 1/1 get filetoget.txt... File will be transferred in binary mode Downloading file from remote TFTP server, please wait... TFTP: 411100 bytes received in 2 second(s) File downloaded successfully. 170

License management commands display license Use display license to display the system software registration information. The following matrix shows the command and router compatibility: Command A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 display license No No No No A- MSR50 Yes (Supported only by MPU-G2) display license [ { begin exclude include } regular-expression ] Any view 1: Monitor level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the system software registration information. <Sysname> display license Software license information ---------------------------- Serial Number: VZa47-6AbBh-gtO9c-K47A0-F79D8-dE84O-tg2j0 Register Date: 2006-10-10 15:50:28 Trade Code Table 27 Command output : 121234A757C06A000693 Field Software license information System software license information 171

Field Serial Number Register Date Trade Code Serial number of the license Registration date and time Production serial number license register Use license register to register the system software for a device. Before registering the system software, you must purchase a system software license. You must enter the serial number in the correct format. The following matrix shows the command and router compatibility: Command A-MSR900 A-MSR20-1X A-MSR20 A-MSR30 license register No No No No A- MSR50 Yes (Supported only by MPU-G2) license register serial-number User view serial-number: Serial number of a license, in the format of XXXXX-XXXXX-XXXXX-XXXXX-XXXXX-XXXXX- XXXXX, where X represents a character. Valid characters include letters (case-sensitive), digits, plus signs (+), and forward slashes (/). # Register the system software. The serial number here is only for illustration. You must use a valid system software serial number. <Sysname> license register aaaaa-bbbbb-ccccc-ddddd-eeeee-fffff-ggggg Info: Registered successfully! 172

Software upgrade commands boot-loader Use boot-loader to specify a boot file to be used at the next boot. To execute boot-loader successfully, save the file to be used at the next device boot in the root directory of the storage media. Related commands: display boot-loader. boot-loader file file-url { main backup } User view file file-url: Specifies a file name, a string of 1 to 63 characters. If you enter a relative path here, the system automatically converts it to an absolute path. The absolute path should contain no more than 63 characters; otherwise, the command cannot be successfully executed. The file name is in the format of [drive:/]file-name, where: The items in square brackets [ ] are optional. drive specifies the storage media of the file. The value is the name of the storage media. If a device has only one storage media, you can execute this command without providing this argument. file-name specifies the filename, which is usually suffixed by.bin. main: Specifies a file as a main boot file. A main boot file is used to boot a device. backup: Specifies a file as a backup boot file. A backup boot file is used to boot a device only when a main boot file is unavailable. # Specify the main boot file for the next device boot as test.bin. <Sysname> boot-loader file test.bin main This command will set the boot file. Continue? [Y/N]:y The specified file will be used as the main boot file at the next reboot on slot 0! bootrom Use bootrom to read, restore, back up, or upgrade the Boot ROM program on devices or subcards. 173

To execute bootrom successfully, you must first save the Boot ROM program in the root directory of the storage media. bootrom { backup read restore update file file-url } [ slot slot-number-list ] [ all part ] User view read: Reads Boot ROM, or in other words, copies the Boot ROM program from the normal partition of the Boot ROM memory to the Flash as the backup, which will be used to restore the Boot ROM when the Boot ROM memory is broken. restore: Restores Boot ROM, or in other words, restores the Boot ROM codes from the backup partition to the normal partition of the Boot ROM memory. When the current Boot ROM is broken, and you have backed up the codes, you can restore the Boot ROM by performing the restore operation. backup: Backs up Boot ROM, or in other words, backs up the Boot ROM codes in the normal partition to the backup partition of the Boot ROM memory. When the current Boot ROM is broken, you can restore the Boot ROM program from the backup partition. HP recommends backing up the Boot ROM before upgrading it. update file file-url: Upgrades Boot ROM, where file-url is a string of 1 to 63 characters and represents name of the file to be upgraded. For more information about the file-url argument, see boot-loader. slot slot-number-list: Specifies a list of subslot numbers of subcards, in the format of { slot-number [ to slotnumber ] }&<1-7>. The slot-number argument represents the subslot number of a subcard. &<1-7> indicates that you can specify up to seven lists of subslot numbers. If you do not provide this argument, all subcards are specified. all: Operates all contents of Boot ROM. All contents of the Boot ROM file are operated if the all and part keywords are not specified. part: Operates only the extension part of Boot ROM (Boot ROM includes the basic part and the extension part, the basic part provides the basic operation items and the extension part provides more Boot ROM operation items). All contents of the Boot ROM file are operated if the all and part keywords are not specified. # Read the Boot ROM program. <Sysname> bootrom read all Now reading bootrom, please wait... Read bootrom! Please wait... Start reading basic bootrom! Read basic bootrom completed! Start reading extended bootrom! Read extended bootrom completed! Read bootrom completed! Please check the file! After the Boot ROM program is read, you will find that files extendbtm.bin and basicbtm.bin are generated on the storage media of the device. 174

<Sysname> dir Directory of cfa0:/ 0 drw- - Jul 07 2009 21:09:12 logfile 1 -rw- 15074620 Aug 08 2008 13:03:44 test.bin 2 -rw- 139 Sep 24 2008 06:51:38 system.xml 3 -rw- 524288 Aug 13 2008 17:07:18 extendbtm.bin 4 -rw- 524288 Aug 13 2008 17:07:18 basicbtm.bin 5 -rw- 4232 Sep 24 2008 06:51:40 startup.cfg 250088 KB total (223700 KB free) File system type of cfa0: FAT16 # Back up the Boot ROM program. <Sysname> bootrom backup all Now backuping bootrom, please wait... Backup bootrom! Please wait... Read normal basic bootrom completed!... Backup normal basic bootrom completed! Read normal extended bootrom completed!... Backup normal extended bootrom completed! Backup bootrom completed! # Restore the Boot ROM program. <Sysname> bootrom restore all This command will restore bootrom file, Continue? [Y/N]:y Now restoring bootrom, please wait... Restore bootrom! Please wait... Read backup basic bootrom completed!... Restore basic bootrom completed! Read backup extended bootrom completed!... Restore extended bootrom completed! Restore bootrom completed! # Use the a.btm file to upgrade the Boot ROM program on the device. <Sysname> bootrom update file a.btm This command will update bootrom file, Continue? [Y/N]:y Now updating bootrom, please wait... Updating basic bootrom!... Update basic bootrom success! Updating extended bootrom!... Update extended bootrom success! Update bootrom success! 175

display boot-loader Use display boot-loader to display information of the boot file. Related commands: boot-loader. display boot-loader [ { begin exclude include } regular-expression ] Any view 2: System level : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the file adopted for the current and next boot of the device. <Sysname> display boot-loader The boot file used at this reboot:flash:/test.bin attribute: main The boot file used at the next reboot:flash:/test.bin attribute: main The boot file used at the next reboot:flash:/test.bin attribute: backup Failed to get the secure boot file used at the next reboot! Table 28 Command output Field The boot file used at this reboot File used for the current boot of the system Attributes of a boot file: attribute The boot file used at the next reboot Failed to get the secure boot file used at the next reboot! main backup Boot file used for the next boot of the device If the main boot file and the backup boot file are not available or damaged, the secure boot file will be used for the boot of the device 176

display patch Use display patch to display the installed patch files and the versions of their corresponding patch packages. If a patch is not loaded from a patch package, the version of the patch package is not displayed. display patch [ { begin exclude include } regular-expression ] Any view : Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display the installed patch files and the versions of their corresponding patch packages. <Sysname> display patch flash:/patchmain.bin, B90H01a, loaded on slot(s):0 Table 29 Command output Field flash:/patchmain.bin B90H01a loaded on slots:0 Directory of the installed patch file Version of the patch package Slot number of the card on which the patch loaded display patch information Use display patch information to display the hotfix information. display patch information [ { begin exclude include } regular-expression ] Any view 177

: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide. begin: Displays the first line matching the specified regular expression and all following lines. exclude: Displays all lines not matching the specified regular expression. include: Displays all lines matching the specified regular expression. regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters. # Display hotfix information. <Sysname> display patch information The location of patches: flash: Slot Version Temporary Common Current Active Running Start-Address ---------------------------------------------------------------------- 0 RPE004 0 1 1 0 1 0x310bd74 Table 30 Command output Field The location of patches Slot Version Temporary Common Current Running Active Start-Address Patch file location. To configure the location, use patch location. Meaningless. Patch version. The first three characters represent the suffix of the PATCH- FLAG. For example, if the PATCH-FLAG of a card is PATCH-RPE, "RPE" is displayed. The following three digits, if any, represent the patch number. (The patch number can be read after the patch is loaded.) Number of temporary patches. Number of common patches. Total number of patches. Number of patches in the RUNNING state. Number of patches in the ACTIVE state. Starting address of the memory patch area in the memory. patch active Use patch active to activate patches. The system will temporarily run the loaded patches. If you execute the command with specifying the sequence number of a patch, all the DEACTIVE patches (including the specified patch) before the specified patch will be activated. If you execute the command without specifying the sequence number of a patch, all the DEACTIVE patches will be activated. The command is applicable to only patches in the DEACTIVE state. 178

After a system reboot, the original ACTIVE patches change to DEACTIVE and become invalid. To make them effective, activate them again. patch active [ patch-number ] System view patch-number: Sequence number of a patch. # Activate patch 3 and all the loaded DEACTIVE patches before patch 3. [Sysname] patch active 3 # Activate all the loaded patches. [Sysname] patch active patch deactive Use patch deactive to stop running patches and the system will run at the original software version. If you execute the command with specifying the sequence number of a patch, all the ACTIVE patches (including the specified patch) after the specified patch turn to the DEACTIVE state. If you execute the command without specifying the sequence number of a patch, all the ACTIVE patches turn to the DEACTIVE state. This command is not applicable to the patches in the RUNNING state. patch deactive [ patch-number ] System view patch-number: Sequence number of a patch. # Stop running patch 3 and all the ACTIVE patches after patch 3. [Sysname] patch deactive 3 # Stop running all the ACTIVE patches. 179

[Sysname] patch deactive patch delete Use patch delete to delete patches and all the patches after the specified patch. If you execute the command with specifying the sequence number of a patch, all the patches (including the specified patch) after the specified patch will be deleted. If you execute the command without specifying the sequence number of a patch, all the patches will be deleted. This command only removes the patches from the memory patch area, and it does not delete them from the storage media. The patches are in the IDLE state after this command is executed. patch delete [ patch-number ] System view patch-number: Sequence number of a patch. # Delete patch 3 and all the patches after patch 3. [Sysname] patch delete 3 # Delete all the patches. [Sysname] patch delete patch install Use patch install to install all the patches in one step. Use undo patch install to remove the patches. When you execute the patch install command, message "Do you want to continue running patches after reboot? [Y/N]:" is displayed. Entering y or Y: All the specified patches are installed, and turn to the RUNNING state from IDLE. This equals execution of patch location, patch load, patch active, and patch run. The patches remain RUNNING after system reboot. If a slot is empty, the system will record the information. When a card is plugged into the slot, the system will install the corresponding patch on the card. 180

Entering n or N: All the specified patches are installed and turn to the ACTIVE state from IDLE. This equals execution of patch location, patch load, and patch active. The patches turn to the DEACTIVE state after system reboot. Before executing the command, save patch files to the specified directory. Note the following rules apply: If you install patches from patch packages, save the patch packages to any directory on the device. If you install patches from patch files, save the patch files to the root directory of the storage media. If the storage media is a CF card with partitions, save the patch files to the root directory of the first partition. After patch install is executed, the system changes the patch file location specified with patch location to the directory specified by the patch-location argument of the patch install command. For example, if you execute patch location xxx and then patch install yyy, the patch file location automatically changes from xxx to yyy. If you execute patch install file filename, the system will not change the patch file location. patch install { patch-location file filename } undo patch install System view patch-location: A string consisting of 1 to 64 characters. It specifies the directory where the patch file locates. It can be a root directory of a storage media. file filename: Filename of a patch package. # Install the patches located on the Flash. [Sysname] patch-install flash: Patches will be installed. Continue? [Y/N]:y Do you want to run patches after reboot? [Y/N]:y Installing patches Installation completed, and patches will continue to run after reboot. [Sysname] # Install the specified patch package. [Sysname] patch install file:/patch_packeg.bin Patches will be installed. Continue? [Y/N]:y Do you want to run patches after reboot? [Y/N]:y Installing patches Installation completed, and patches will continue to run after reboot. [Sysname] 181

patch load Use patch load to load the patch file on the storage media (such as the Flash or the CF card) to the memory patch area. If you execute the command with providing the filename of a patch package, the system will load the patch from the patch package. If you execute the command without providing the filename of a patch package, the system will load the patch from a patch file. The system loads the patch file from the Flash by default. If the system cannot find the patch file on the Flash, it will try to read and load the patch file from the CF card. Before executing the command, save the patch files to the specified directory. Note the following rules apply: If you load patches from patch packages, save the patch packages to any directory on the device. If you load patches from patch files, save the patch files to the root directory of the storage media. patch load [ file filename ] System view file filename: Filename of a patch package. # Load the patch file from a patch file. [Sysname] patch load # Load the patch file from a patch package. [Sysname] patch load file flash:/patchpackege.bin patch location Use patch location to configure the patch file location. By default, the patch file location is flash:. If you want to install a patch package, you do not need to configure this command. If you save the patch files to other storage media except the Flash on the device, you must specify the directory where the patch files locate with the patch-location argument. Then the system loads the appropriate patch files in the specified directory. If the device has only one storage media, the patch file is saved to a specific location and you do not need to execute this command. 182

The patch install command changes the patch file location specified with patch location to the directory specified by the patch-location argument of patch install. For example, if you execute patch location xxx and then patch install yyy, the patch file location automatically changes from xxx to yyy. If you execute patch install without providing the filename of a patch package, the system will not change the patch file location. patch location patch-location System view patch run patch-location: Specifies the patch file location. It is a string of 1 to 64 characters. It can be a root directory of a storage media. # Configure the root directory of the CF card as the patch file location. [Sysname] patch location cf: Use patch run to confirm the running of ACTIVE patches. If you execute the command with specifying the sequence number of a patch, the command confirms the running of all the ACTIVE patches (including the specified patch) before the specified patch. If you execute the command without specifying the sequence number of a patch, the command confirms the running of all the ACTIVE patches. This command is applicable to patches in the ACTIVE state only. If the running of a patch is confirmed, after the system reboots, the patch will still be effective. patch run [ patch-number ] System view patch-number: Sequence number of a patch. # Confirm the running of patch 3 and all the ACTIVE patches before patch 3. 183

[Sysname] patch run # Confirm the running of all the ACTIVE patches. [Sysname] patch run 184

Support and other resources Contacting HP For worldwide technical support information, see the HP support website: http://www.hp.com/support Before contacting HP, collect the following information: Product model names and numbers Technical support registration number (if applicable) Product serial numbers Error messages Operating system type and revision level Detailed questions Subscription service HP recommends that you register your product at the Subscriber's Choice for Business website: http://www.hp.com/go/wwalerts After registering, you will receive email notification of product enhancements, new driver versions, firmware updates, and other product resources. Related information Documents To find related documents, browse to the Manuals page of the HP Business Support Center website: http://www.hp.com/support/manuals Websites For related documentation, navigate to the Networking section, and select a networking category. For a complete list of acronyms and their definitions, see HP A-Series Acronyms. HP.com http://www.hp.com HP Networking http://www.hp.com/go/networking HP manuals http://www.hp.com/support/manuals HP download drivers and software http://www.hp.com/support/downloads HP software depot http://www.software.hp.com 185

Conventions This section describes the conventions used in this documentation set. Command conventions Convention Boldface Italic Bold text represents commands and keywords that you enter literally as shown. Italic text represents arguments that you replace with actual values. [ ] Square brackets enclose syntax choices (keywords or arguments) that are optional. { x y... } [ x y... ] { x y... } * [ x y... ] * &<1-n> Braces enclose a set of required syntax choices separated by vertical bars, from which you select one. Square brackets enclose a set of optional syntax choices separated by vertical bars, from which you select one or none. Asterisk-marked braces enclose a set of required syntax choices separated by vertical bars, from which you select at least one. Asterisk-marked square brackets enclose optional syntax choices separated by vertical bars, from which you select one choice, multiple choices, or none. The argument or keyword and argument combination before the ampersand (&) sign can be entered 1 to n times. # A line that starts with a pound (#) sign is comments. GUI conventions Convention Boldface > Window names, button names, field names, and menu items are in bold text. For example, the New User window appears; click OK. Multi-level menus are separated by angle brackets. For example, File > Create > Folder. Symbols Convention WARNING CAUTION IMPORTANT NOTE TIP An alert that calls attention to important information that if not understood or followed can result in personal injury. An alert that calls attention to important information that if not understood or followed can result in data loss, data corruption, or damage to hardware or software. An alert that calls attention to essential information. An alert that contains additional or supplementary information. An alert that provides helpful information. 186

Network topology icons Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features. Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your device. 187

Index A B C D E F G H I J L M N O P Q R S T U V A acl (user interface view),13 activation-key,14 archive configuration,104 archive configuration interval,104 archive configuration location,105 archive configuration max,106 ascii,143 authentication-mode,17 auto-execute command,16 B backup startup-configuration,107 binary,143 boot-loader,173 bootrom,173 bye,144 C card-mode,57 cd,120 cd,145 cdup,145 clock datetime,58 clock summer-time one-off,59 clock summer-time repeating,59 clock timezone,61 close,146 command accounting,18 command authorization,19 command-alias enable,1 command-alias mapping,1 command-privilege level,2 configuration encrypt,107 configuration replace file,108 configure-user count,61 copy,121 copyright-info enable,62 188 D databits,19 debugging,147 delete,121 delete,148 dir,149 dir,122 disconnect,150 display archive configuration,109 display boot-loader,176 display clipboard,3 display clock,63 display command-alias,4 display configure-user,64 display cpu-usage,65 display cpu-usage history,67 display current-configuration,110 display device,69 display device manuinfo,71 display diagnostic-information,72 display environment,73 display fan,74 display ftp client configuration,150 display ftp-server,138 display ftp-user,139 display history-command,4 display hotkey,5 display ip http,20 display ip https,21 display job,75 display license,171 display memory,76 display nandflash badblock-location,125 display nandflash file-location,124 display nandflash page-data,126 display patch,177 display patch information,177 display power,77

display reboot-type,77 display rps,78 display saved-configuration,112 display schedule job,79 display schedule reboot,80 display startup,114 display system-failure,80 display telnet client configuration,22 display tftp client configuration,166 display this,114 display transceiver,81 display transceiver alarm,82 display transceiver diagnosis,86 display transceiver manuinfo,87 display user-interface,23 display users,25 display version,88 E escape-key,26 execute,127 F file prompt,128 fixdisk,128 flow-control,28 format,129 free ftp user,140 free user-interface,29 ftp,151 FTP client configuration commands,143 ftp client source,152 ftp ipv6,153 ftp server acl,140 FTP server configuration commands,138 ftp server enable,141 ftp timeout,141 ftp update,142 G get,154 H header,88 history-command max-size,30 hotkey,6 I idle-timeout,30 ip http acl,31 ip http enable,32 ip http port,33 ip https acl,34 ip https certificate access-control-policy,35 ip https enable,35 ip https port,36 ip https ssl-server-policy,37 J job,90 L lcd,155 license register,172 lock,37 ls,155 M mkdir,156 mkdir,129 more,130 mount,131 move,132 N nms monitor-interface,91 O open,157 open ipv6,158 P parity,38 passive,159 patch active,178 patch deactive,179 patch delete,180 patch install,180 patch load,182 patch location,182 patch run,183 protocol inbound,39 put,159 pwd,132 189

pwd,160 Q quit,7 quit,160 R reboot,92 redirect disconnect,39 redirect enable,40 redirect listen-port,41 redirect refuse-negotiation,41 redirect refuse-teltransfer,42 redirect return-deal from-telnet,43 redirect return-deal from-terminal,43 redirect timeout,44 remotehelp,161 rename,133 reset recycle-bin,133 reset saved-configuration,116 reset unused porttag,92 restore startup-configuration,116 return,8 rmdir,163 rmdir,135 S save,117 schedule job,93 schedule reboot at,94 schedule reboot delay,95 screen-length,45 screen-length disable,8 send,45 set authentication password,47 shell,48 shutdown-interval,96 speed (user interface view),49 startup saved-configuration,119 stopbit-error intolerance,49 stopbits,50 super,9 super authentication-mode,9 super password,10 sysname,97 system-failure,98 system-view,11 T telnet,51 telnet client source,52 telnet ipv6,52 telnet server enable,53 temperature-limit,98 terminal type,53 tftp,167 TFTP client configuration commands,166 tftp client source,168 tftp ipv6,169 tftp-server acl,166 time at,99 time delay,101 U umount,136 undelete,136 user,163 user privilege level,54 user-interface,55 V verbose,164 view,102 190